Other writings

This site holds a lot of my blog content, but I also write in other places.

Blog posts for ReactiveOps
  • Kubernetes emptyDir is not the same as Docker's volumes-from
    by Matthias Johnson on June 30, 2017 at 7:34 pm

    My current client has a Rails application that is tightly coupled to Nginx. This sort of coupling is fairly common and used to avoid static files being served by the Rails stack. The files most notable in this respect are the applications assets. The assets are created as part of the application using a command like rake assets:precompile. Those assets are specific to the particular version of the code. […]

  • How to Run Logentries in a Kubernetes Environment
    by Matthias Johnson on May 31, 2017 at 6:03 pm

    Logs are great. They are easy when you’re running on one or two boxes. However, they get harder when you’re running in a modest distributed environment and even more so if you’ve embraced micro-services and containers. I’ve compiled some notes and thoughts on getting Logentries running in a Kubernetes environment. […]

  • Easily encrypted root volumes on AWS with Ansible
    by Matthias Johnson on May 8, 2017 at 8:09 pm

    Whether or not root volumes on AWS need to be encrypted is a subject of debate. The encrypted AMI is all about protecting data at rest.           Encryption at rest protects against three things: The disk with the root volume on it being stolen from an AWS data center The disk not being properly destroyed when Amazon recycles it Some sort of leak in AWS infrastructure code that allows another entity to access your volume All three scenarios are pretty unlikely, but (as with most things in life) there are no guarantees. Some of our clients don’t keep the kind of sensitive information that mandates encryption. However, others who are entrusted with such data and are under regulatory mandates demand encryption. At one point, it was only (easily) possible to encrypt data volumes. Many used these additional volumes to store sensitive information and avoid writing to the root volume. However, late in 2015, AWS announced encrypted EBS boot volumes- a great feature that closed the gap on the encryption front across the instance. For organizations with compliance requirements, encrypted EBS boot volumes aren’t just a feature, but a must have. Creating an encrypted EBS volume is straightforward and simple: Find an AMI you want to use as your base Copy the AMI to your AWS account and check the Encrypted box Use the new encrypted AMI as the boot volume for your instances You can find command line examples of how to create an encrypted EBS volume from this AWS Blog. At ReactiveOps we like to automate even further. Since we use Ansible, we put together a role that creates an encrypted AMI. In addition to handling the copy, the role will also help you find a base AMI to use for your encrypted AMI. (You can find the role on our ReactiveOps GitHub page. If you’re going down the root volume encryption route, we hope this role will prove useful.) In short, encryption is a no-brainer for those with regulatory requirements. Many questions go away if you can check the “all data is encrypted” box. For those on the fence, I’ll offer this rule of thumb: If you encrypt your data volumes, you should also encrypt the root volume. After all, why put three deadbolts on the front door and then leave the back door open? […]

  • 3 Things I’ve Learned about Ansible (The Hard Way)
    by Matthias Johnson on May 1, 2017 at 6:21 pm

    Ansible’s simple requirements make it very easy to get started. Overall, it works extremely well, but once you get a bit deeper some things might end up causing discomfort. Here are 3 things I’ve learned about Ansible (or re-learned) the hard way. […]

  • Another Look at Amazon Elasticsearch Service
    by Matthias Johnson on March 20, 2017 at 9:19 pm

    Amazon Elasticsearch Service is a managed service intended to make it easy to deploy, operate and scale Elasticsearch clusters in the AWS Cloud. When we first looked at Amazon Elasticsearch Service shortly after it was released in October 2015, we weren’t very impressed. Several aspects and features of Amazon Elasticsearch Service didn’t meet our needs or our clients’ needs at the time, chief among them the fairly dated version offered and limited access controls. […]

My passion for remote work and productivity
  • Being accessibile
    by matthias on December 15, 2016 at 3:10 am

    When you work in an office setting your presence alone sends a message: I’m here at work and available. When you’re working remotely, there is no physical indicator. You need to make sure you’re not invisible. The primary way to make sure you’re not invisible is by communicating pro-actively. My favorite way to do this... The post Being accessibile appeared first on Work ... Uncaged.. […]

  • Botanic Gardens
    by matthias on November 23, 2016 at 2:30 am

    The Denver Botanic Gardens are beautiful. It’s one of the places I had in mind when I put the idea of becoming a local digital nomad out there. Shortly after I had finished that post my wife was working from home with me. She was being distracted by some of the things that needed doing... The post Botanic Gardens appeared first on Work ... Uncaged.. […]

  • what your manager needs
    by matthias on November 18, 2016 at 12:59 am

    So you’d like to work from home, but you also want to do it in a successful way. I’m not going to delve into details on how this is becoming easier. This is more about what worked for me. In a nutshell, it’s about incremental change… I work with computers and this allows me to... The post what your manager needs appeared first on Work ... Uncaged.. […]

  • becoming a local digital nomad
    by matthias on November 13, 2016 at 11:05 pm

    I remember when we moved to New Jersey. We were quite excited over the prospect of all the amazing sightseeing and cultural opportunities in close proximity. Best intentions. We lived there for about one and a half years. While we weren’t exactly a hop and skip from New York City, it certainly was pretty close.... The post becoming a local digital nomad appeared first on Work ... Uncaged.. […]

  • Why I don’t embrace a dedicated work environment
    by matthias on October 29, 2016 at 6:48 pm

    There are many guides for telecommuting and working from home: 6 Best Practices for Working From Home 10 Tips For Working From Home 12 Tips to Stay Healthy While Working From Home Get More Done: 18 Tips for Telecommuters Many of them offer similar advice and much of it good. There is one commonly offered... The post Why I don’t embrace a dedicated work environment appeared first on Work ... Uncaged.. […]