Blog | DCMST

Word Vectorization I

Sun, 08 Oct 2023 00:00:00 +0000

Table of Contents

Word Vectorization

Word vectorization, also known as word embedding, is a technique in Natural Language Processing (NLP) that transforms words into vectors of real numbers. This process enables machines to comprehend and discern semantic similarities between words by analyzing their numerical representations. There are multiple methods and libraries available to implement word vectorization in Python, among which Word2Vec and TF-IDF are widely utilized.

Understanding Word2Vec

Word2Vec creates word embeddings using two-layer neural networks. It captures the semantic similarity between words based on their context, generating vectors that represent words in a multidimensional space.

Let’s consider a simple implementation of Word2Vec using the Gensim library in Python:

# Importing necessary libraries
from gensim.models import Word2Vec
from nltk.tokenize import word_tokenize

# Example sentence
sentence = "Word vectorization is fascinating."

# Tokenization of sentence
tokenized_sentence = word_tokenize(sentence.lower()) # Converting to lowercase and tokenizing

# Training the Word2Vec model
model = Word2Vec([tokenized_sentence], vector_size=5, window=5, min_count=1, workers=4)

# Vector of a specific word
vector = model.wv['fascinating']
print(f"Vector for the word 'fascinating': {vector}")

In this simple example, the Word2Vec model is trained with a single sentence. In practical applications, a large corpus of text would be utilized to generate more accurate word vectors.

TF-IDF Vectorization

Term Frequency-Inverse Document Frequency (TF-IDF) is another method to convert text data into numerical form. It reflects how important a word is to a document in a corpus. The importance increases proportionally to the number of times a word appears in the document but is offset by the frequency of the word in the corpus.

Below is a basic implementation using the Scikit-learn library:

# Importing necessary libraries
from sklearn.feature_extraction.text import TfidfVectorizer

# Sample sentences
documents = [
 "Word vectorization is intriguing.",
 "Understanding semantic meaning through vectors is enthralling.",
 "Python offers easy methods for word vectorization."
]

# Creating the TF-IDF vectorizer
vectorizer = TfidfVectorizer()

# Fitting and transforming the documents
tfidf_vectors = vectorizer.fit_transform(documents)

# Feature names (words)
feature_names = vectorizer.get_feature_names_out()

# Displaying the output
for vector in tfidf_vectors:
 # Converting sparse matrix row to dense array
 array = vector.toarray()
 print([f"{feature_names[i]}: {array[0, i]:.2f}" for i in range(array.shape[1])])

This TF-IDF example indicates the importance of words within documents. The values are normalized to avoid any bias towards document length. Higher values signify greater importance.

Conclusion Word vectorization is vital for equipping machines with the capability to understand and process text in a semantically meaningful way. Whether utilizing Word2Vec to capture contextual relationships between words or employing TF-IDF to reflect word importance in documents, vectorization provides a bridge between human language and machine understanding.

Implementing these concepts with Python, through libraries such as Gensim and Scikit-learn, enables developers and data scientists to apply machine learning models to text data, thus opening doors to numerous applications like sentiment analysis, text classification, and recommendation systems.

How AI software work

Sun, 17 Sep 2023 00:00:00 +0000

Table of Contents

Introduction

In the age of digital transformation, the manner in which humans communicate with machines has evolved dramatically. From typing commands in a terminal to chatting with a virtual assistant as if it were a human, we’ve made significant strides in making machines understand and generate human-like text. Central to this evolution is the development of sophisticated software models such as ChatGPT. This article delves into the inner workings of such models, providing insights into the magic behind conversational AI.

Overview of Neural Networks

Basics of Neural Networks

At the heart of many modern AI applications, including ChatGPT, is the neural network. A neural network is a computational model inspired by the way neurons in the human brain work. It comprises layers of interconnected nodes (analogous to neurons) that process information in stages. Each connection between nodes has a weight, which gets adjusted during the learning process. By tweaking these weights based on input data, neural networks learn to recognize patterns and make predictions or decisions.

Deep Learning

While basic neural networks have been around for decades, the recent surge in their popularity can be attributed to the advent of deep learning. Deep learning involves training large neural networks, often with many hidden layers, to perform complex tasks. These “deep” networks have the capacity to understand vast amounts of data, making them particularly useful for tasks such as image recognition, voice recognition, and natural language processing.

Introduction to Natural Language Processing (NLP)

Importance of NLP

Natural Language Processing (NLP) is a subfield of AI that focuses on the interaction between computers and human language. The goal of NLP is to enable machines to understand, interpret, and generate human language in a way that is valuable. This could be in the form of sentiment analysis, machine translation, or, as in the case of ChatGPT, generating human-like text based on prompts.

Traditional vs. Neural Approaches

Traditionally, NLP relied heavily on rule-based methods and linguistic grammars. While effective to a degree, these methods had limitations in handling the nuances and variability inherent in human language. The recent shift towards neural-based approaches, leveraging deep learning techniques, has revolutionized the field. Models like ChatGPT rely on vast amounts of data and powerful neural architectures, bypassing the need for handcrafted rules and capturing the intricacies of language more naturally.

Architecture of GPT (Generative Pre-trained Transformer)

The Transformer Architecture

The backbone of ChatGPT is the Transformer architecture, a breakthrough in the field of deep learning and NLP. Introduced in the paper “Attention Is All You Need” by Vaswani et al.¹, the Transformer focuses on self-attention mechanisms to weigh input data differently, allowing for more dynamic and contextual understanding of data.

Unlike traditional sequence models like RNNs and LSTMs, which process data sequentially, Transformers can process all data points in parallel. This not only speeds up training but also enables the model to establish long-range dependencies in the data, which is crucial for understanding context in language.

Self-Attention Mechanism

The heart of the Transformer is the self-attention mechanism. It allows the model to focus on different parts of the input data with varying degrees of attention, hence the name “attention”. This is akin to how, when reading a sentence, our mind gives more importance to certain words based on the context.

In technical terms, the self-attention mechanism computes a weighted sum of all input values based on their relevance to a given query. These weights are learned during training, allowing the model to decide which parts of the input are most relevant for a given task.

Training and Fine-tuning

Pre-training on a Large Corpus

One of the strengths of models like ChatGPT is their ability to leverage vast amounts of data. Initially, the model is pre-trained on a large corpus of text, learning to predict the next word in a sentence. This phase enables the model to grasp the structure of the language, understand context, and even gather some factual knowledge. The result of this phase is a generative model capable of producing coherent and contextually relevant text.

Fine-tuning on Specific Tasks

Once pre-trained, the model can be fine-tuned on specific tasks. This involves training the model on a narrower dataset related to a specific domain or function. For instance, if one wanted to create a chatbot for medical inquiries, the model would be fine-tuned on medical literature and related interactions. This phase imparts the model with a specialized knowledge and capability to respond accurately in specific domains.

Applications and Implications

Uses of Chatbots and Virtual Assistants The advent of models like ChatGPT has paved the way for various applications. Customer support chatbots, virtual assistants in smartphones, content generators, and even interactive gaming NPCs are powered by such technology. Their ability to understand and generate human-like text makes them valuable assets in numerous industries, from healthcare to entertainment.

Ethical Considerations

With great power comes great responsibility. The capability of models like ChatGPT to generate convincing text brings forth ethical concerns. Misinformation, identity impersonation, and content manipulation are real threats. It’s imperative for developers and users to be aware of these risks and use the technology responsibly. Additionally, there’s an ongoing debate about the biases these models might inherit from their training data, making the call for transparent and unbiased AI ever more significant.

Conclusion

The journey of making machines understand and generate human language has been a testament to human ingenuity and perseverance. Software models like ChatGPT, underpinned by complex neural architectures and trained on vast amounts of data, are at the forefront of this journey. As we embrace these technological marvels, it’s crucial to use them wisely, ensuring they benefit society while being aware of and mitigating potential risks.

Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., … & Polosukhin, I. (2017). Attention is all you need. In Advances in neural information processing systems (pp. 5998-6008). ↩︎

Addressing the Delay and Window Size Problems in Rule-Based Stream Reasoning

Mon, 22 May 2023 00:00:00 +0000

This is a working draft for a speech about the delay problem, to be given at the forthcoming KI 2023 Conference

Rule-based stream reasoning is a powerful approach to analyze and reason over continuously flowing data streams. It enables the extraction of valuable insights and the detection of complex patterns in real-time. However, two significant challenges in this domain are the delay problem and the window size problem. This article explores these challenges and presents potential solutions to mitigate their impact, enhancing the efficiency and effectiveness of rule-based stream reasoning systems.

Understanding the Delay Problem

The delay problem refers to the latency incurred in processing and responding to incoming data streams. In rule-based stream reasoning, timely analysis is crucial to ensure real-time decision-making and response generation. However, the presence of delays can hinder the system’s performance, making it challenging to provide accurate and up-to-date results.

Several factors contribute to delays in rule-based stream reasoning. These include the time taken to receive and process data, the computational overhead of rule evaluation, and network latencies in distributed environments. Furthermore, the heterogeneity and high volume of incoming data streams exacerbate the delay problem.

The delay in rule-based stream reasoning can be estimated using the following formula: $$Delay = T_{\text{arrival}} - T_{\text{processing}}$$

Addressing the Delay Problem

To address the delay problem in rule-based stream reasoning, several strategies can be employed:

Streamlining Data Processing: Optimizing the data processing pipeline can significantly reduce delays. Techniques such as data pre-processing, parallel processing, and intelligent load balancing help enhance the system’s overall efficiency and reduce latency.

Incremental Reasoning: Adopting incremental reasoning techniques allows the system to process data incrementally as it arrives, rather than waiting for a complete batch. By continuously updating the reasoning process, delays are minimized, and real-time insights can be derived.

Scalable Architectures: Designing scalable architectures, such as distributed stream reasoning systems, can distribute the computational load across multiple nodes. This approach reduces processing bottlenecks, improves parallelism, and mitigates the delay problem.

Understanding the Window Size Problem: The window size problem arises when the rule-based stream reasoning system needs to consider a fixed-size window of recent data for analysis and decision-making. The appropriate window size depends on the application requirements, and selecting an optimal value is crucial. A small window might result in missed patterns or inadequate context, while a large window introduces higher computational overhead and potentially outdated information.

Addressing the Window Size Problem

Several approaches can help alleviate the window size problem in rule-based stream reasoning:

Sliding Windows: Sliding windows enable continuous updates by sliding the window over the incoming data stream. This approach ensures that the most recent data is considered, allowing for real-time analysis while maintaining a fixed-size window.

Adaptive Window Sizing: Implementing adaptive window sizing techniques enables the system to dynamically adjust the window size based on factors such as data velocity, pattern complexity, or application requirements. This approach optimizes the trade-off between computational overhead and the need for relevant data.

Prioritizing Relevant Data: Introducing mechanisms to prioritize and filter the incoming data stream based on relevance can improve the efficiency of rule-based stream reasoning. By focusing on the most informative and critical data, the system can reduce the window size while maintaining accurate results.

A sliding window is commonly used in rule-based stream reasoning to maintain a fixed-size window over the incoming data stream. The formula for a sliding window can be represented as:

$$W = [T_{\text{now}} - \Delta t, T_{\text{now}}]$$

Here, $W$ represents the current timestamp, and $\Delta T$ t represents the duration of the sliding window.

Conclusion

The delay and window size problems pose significant challenges in rule-based stream reasoning systems. However, by leveraging techniques such as streamlining data processing, incremental reasoning, scalable architectures, sliding windows, adaptive window sizing, and prioritizing relevant data, these challenges can be effectively mitigated. Addressing these problems enhances the efficiency and effectiveness of rule-based stream reasoning, enabling real-time analysis, decision-making, and pattern detection in data streams. As the field continues to advance, further research and innovation in this area will contribute to more robust and responsive stream reasoning systems.

Copilot Chat first impressions

Fri, 19 May 2023 00:00:00 +0000

I finally got an invitation for the Copilot chat extension closed beta, available in Visual Studio Code and Visual Studio 2022. The extension presents numerous opportunities for developers aiming to enhance their productivity and efficiency. By offering context-based suggestions and addressing coding inquiries, GitHub Copilot chat effectively assists developers in saving time and minimizing errors in their code.

Greetings, @d-cmst! I am your Copilot, ready to expedite your tasks and provide guidance. I possess the ability to identify issues, clarify code, and even enhance it (source: @d-cmst). Here are some installation, setup, and usage tips that summarize various capabilities to empower developers with smarter and faster workflows. Please note that these tips are specific to the VS Code offering and do not encompass the Visual Studio IDE counterpart.

Acquiring the Necessary Components

To access GitHub Copilot Chat, the following prerequisites must be fulfilled:

Active GitHub subscription: Ensure that the GitHub ID you intend to use has an active subscription to GitHub Copilot and matches the ID you provided while joining the GitHub Copilot chat waitlist.
Visual Studio Code - Insiders build: The Insiders program grants early access to new features and updates. This allows developers to test novel functionalities and provide feedback to the development team before the updates are released to the general public.
GitHub Copilot Nightly Extension: This extension offers early access to upcoming features and updates before their official release. It undergoes more frequent updates compared to the regular GitHub Copilot extension and may contain experimental features not yet available in the stable release. The extension has been installed over 388,000 times.

Once the Insiders editor is launched, you can install the Nightly extension by navigating to the Extensions tab through the conventional methods (e.g., clicking the icon in the activity panel or using Cmd+Shift+X on Mac or Ctrl+Shift+X on Windows), searching for the extension, and then installing it. You may need to sign in to GitHub and authorize the Insiders build if you haven’t already done so. Following the installation, the chat interface will be accessible through a new Chat icon in the activity panel, although restarting the editor may be required for it to appear.

Exploring the Functionalities

Now, let’s delve into what you can accomplish with this new chat integration:

To set a positive tone for the day, you can greet your new assistant with a “Good morning!” This prompts a cheerful response of “Good morning! How can I assist you with your programming needs today?” accompanied by a suggestion for potential questions to continue the conversation.

For a historical perspective on the development of chat integration and its functionalities, Microsoft’s introductory blog post on March 30 is an excellent starting point.

While the blog post outlines various capabilities and benefits, it also emphasizes that

having a two-way conversation helps you decide what is right and what is wrong. Large language models are not perfect, and they don’t ’think.’ They simply figure out the next best word to respond with (granted, they are pretty good at this).

and

As the Pilot, you are always in charge, and you decide which of Copilot’s suggestions to take and what code to bring into your workspace. The ability to ask clarifying questions or provide additional specifics helps you make those key decisions.

In terms of functionalities, the tool provides an initial overview:

I’m here to help you get things done faster. I can identify issues, explain and even improve code.

While you can ask general questions, the tool excels in assisting with your code. For example, you can:

Generate unit tests for your code.
Request an explanation of selected code.
Obtain proposed fixes for bugs in your code.

Additionally, the tool offers support in the following areas:

Interactive Programming

The chat feature enables developers to interact with GitHub Copilot in a conversational manner. You can request it to write code, explain code snippets, and even learn from it. This fosters a more engaging and interactive coding experience.

Code Explanation

A standout feature of the chat functionality is the ability to ask GitHub Copilot to explain specific portions of your code. This proves beneficial, particularly for beginners or when working with a new programming language or framework, as it serves as a valuable learning tool.

Code Generation

You can rely on GitHub Copilot to generate specific code segments. For instance, you can request it to create a function that performs a particular task, and it will generate the code accordingly.

Code Review

GitHub Copilot excels in reviewing your code and providing suggestions for improvements. This aids in identifying potential issues before they become problems and enhances the overall quality of your code.

Learning Tool

The chat feature serves as an effective learning tool. You can pose questions to GitHub Copilot about the usage of specific functions or methods, and it will furnish explanations and examples accordingly.

Several of these functionalities can be accessed through slash commands tailored for common tasks. By typing “/”, developers can select from various available commands, such as:

/vscode - Questions related to VS Code.
/tests - Generation of unit tests for the selected code.
/simplify - Simplification of the selected code.
/fix - Proposing fixes for problems in the selected code.
/explain - Step-by-step explanation of how the selected code functions.
/ext - Queries about VS Code extension development.
/help - General assistance concerning GitHub Copilot.

Regarding the first item, inquiring about VS Code, some possible questions include:

How do I create a new file in Visual Studio Code?
What is the keyboard shortcut for opening the Command Palette in Visual Studio Code?
How do I install an extension in Visual Studio Code?
What is the difference between a workspace and a folder in Visual Studio Code?
How do I debug my code in Visual Studio Code?
How do I change the theme in Visual Studio Code?
How do I customize my keyboard shortcuts in Visual Studio Code?
How do I split my editor window in Visual Studio Code?
How do I search for a specific file in my project in Visual Studio Code?
How do I use Git with Visual Studio Code?

Regarding the “/help” command, valuable advice is provided, such as:

Start by asking questions as if you were talking to a real programmer. This means including implementation details, asking clarifying questions, and providing feedback like logs or error messages.

Moreover, several tips are offered to ensure a productive conversation:

Display the code you wish to discuss by having the relevant files open, preferably with the most important lines selected. Refine the conversation by asking follow-up questions, providing clarifications, sharing errors, and so on. Review the suggested code and offer feedback on issues or improvements, enabling iterative enhancements. It is worth noting that the chat integration is unable to insert HTML list item tags, <li> and </li>, around a list of sentences, as demonstrated in this article. Despite numerous attempts, the chat function failed to achieve this task, resulting in blank space.

In contrast, when I asked ChatGPT (Plus version, incorporating GPT-4 and the WebPilot plugin) about writing the prompt, it also encountered difficulties. However, ChatGPT performed admirably by suggesting an alternative prompt. This indicates that the chat integration mentioned earlier, “Copilot meets ChatGPT,” may not accurately describe the full capabilities of GitHub Copilot chat, as ChatGPT can accomplish tasks that the chat integration cannot.

While it is possible that GitHub Copilot chat possesses functionalities beyond those of ChatGPT (except for HTML list item tags), the best way to ascertain this is by gaining access to the tool and exploring its capabilities firsthand.

While this article primarily focuses on the VS Code-specific aspects, many of the details also apply to the integration of GitHub Copilot chat into the Visual Studio IDE. To explore further information in that regard, Microsoft’s blog post from March 22 titled “GitHub Copilot chat for Visual Studio 2022” serves as an excellent starting point.

Italy enhanced SVG map

Tue, 16 May 2023 00:00:00 +0000

I’ve just created a GitHub repo with an annotated version of the Italian regional map from wikimedia, to be used in the AGReATWine project as a base layer for the appellations map.

The map has been enhanced with path names, groups and layers to make it more userfriendly and less daunting. Also, cities have beeen added - they still need to be better positioned.

Python golf: leave a message

Tue, 16 May 2023 00:00:00 +0000

I stumbled upon this (python) code-golf question:

Can I code a simple Flask app that gets messages from a web page and stores them in a database?

With Python/Flask it’s actually easier done than said!

The code

from flask import Flask, render_template, request
import sqlite3

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///notes.db'

@app.route('/', methods=['GET', 'POST'])
def index():
 title = "Send a message"
 db = sqlite3.connect('notes.db')
 cursor = db.cursor()

 if request.method == 'POST':
 message = request.form['content']
 cursor.execute('INSERT INTO notes (message) VALUES (?)', (message,))
 db.commit()
 db.close()
 return render_template("message-sent.html.j2", title=title)

 cursor.execute('SELECT COUNT(*) FROM notes')
 count = cursor.fetchone()[0]
 db.close()

 return render_template("index.html.j2", count=count, title=title)

if __name__ == "__main__":
 app.run(debug=True)

Just 775 characters in twenty-seven lines of code. Now let’s try to explain what it does:

The explanation

This code sets up a Flask web application with an SQLite database called notes.db. The application has only one route, the index route ‘/’. When a GET request is made to the ‘/’ page, it connects to the notes.db database and fetches the total number of messages in the database. It then displays the fetched message count using a Jinja2 template called index.html.j2.

When a POST request is made to the ‘/’ route, it connects to the notes.db database, inserts the submitted message into the ’notes’ table, and redirects the user to a success message page using the message-sent.html.j2 Jinja2 template.

604 characters! This Python code is actually almost as concise as the plain English description of what it does.

Flask backend for a Flutter app in 3 steps

Mon, 15 May 2023 00:00:00 +0000

Table of Contents

This is a draft for a Tutorial on how to use Flask as a backend in a Flutter app.

Step 1: Set up your Flutter project

Create a new Flutter project using the Flutter CLI or your preferred IDE.
Open the project in your chosen IDE.

Step 2: Create the Flask backend

Install Flask by running the following command in your terminal:
```
pip install flask
```
Create a new Python file, e.g., app.py, and open it in a text editor or your preferred IDE.
Import the Flask module and create a Flask app instance:
```
from flask import Flask

app = Flask(__name__)
```
Define routes and their corresponding functions. These functions will handle the requests made by your Flutter app. For example:
```
@app.route('/api/data', methods=['GET'])
def get_data():
 # Code to fetch data from a database or any other data source
 data = {'message': 'Hello from Flask!'}
 return data
```
You can define more routes and functions as per your application’s needs.
Start the Flask development server by adding the following lines at the end of your app.py file:
```
if __name__ == '__main__':
 app.run()
```
This will start the Flask server on http://localhost:5000.

Step 3: Connect the Flutter app to the Flask backend

In your Flutter project, open the pubspec.yaml file and add the http package to your dependencies:
```
dependencies:
 http: ^0.13.4
```
Save the file, and run flutter pub get in your terminal to download the package.
Create a new Dart file, e.g., api_service.dart, to handle HTTP requests to the Flask backend.

Import the necessary packages:

import 'package:http/http.dart' as http;
import 'dart:convert';

Create a class to handle API requests:

class ApiService {
 static const String baseUrl = 'http://localhost:5000';

 Future<dynamic> getData() async {
 final response = await http.get(Uri.parse('$baseUrl/api/data'));

 if (response.statusCode == 200) {
 return jsonDecode(response.body);
 } else {
 throw Exception('Failed to fetch data from the backend.');
 }
 }
}

Adjust the baseUrl to match the URL where your Flask server is running.

In your Flutter app code, import the api_service.dart file and call the API to retrieve data:

void fetchData() {
 ApiService().getData().then((data) {
 // Process the retrieved data
 print(data);
 }).catchError((error) {
 // Handle error
 print(error);
 });
}

Make sure to replace fetchData() with an appropriate method in your Flutter app code.

Run your Flutter app and make the API call. You should see the data printed in the console.

That’s it! You have now set up Flask as the backend for your Flutter app and established communication between the two. I’m gonna expand upon this tutorial to add more routes, handle different types of requests, and incorporate additional functionality in a follow-up post.

Harmonized Interbeing: the expressive power of instrumental music as human beings and machines intertwines

Fri, 12 May 2023 00:00:00 +0000

Table of Contents

While the process of intertwining humans and machines advances in contemporary society¹, a new reality that defies conventional linguistic descriptions emerges. While natural languages can convey a wealth of meaning, they often fall short in capturing the intricate nuances and complexities of this new intertwined existence. In this context instrumental music emerges as a captivating medium capable of capturing the zeitgeist of our era.

A Language Beyond Words

Instrumental music, unbound by the limitations of verbal expression, possesses a unique ability to communicate on a deeply emotional and intuitive level. By evoking sensations, moods, and atmospheres without the reliance on linguistic meanings, it offers a profound insight into the multilayered reality created by the interconnectedness of humans and machines. In a realm where words struggle to articulate the intricacies of this new reality, instrumental music fills the void, acting as a vessel for unspeakable narratives.

The Sonic Landscape

The contemporary sonic landscape is rich with diverse sounds and influences from both organic and artificial origins. It mirrors the harmonious coexistence of humans and machines, their symbiotic relationship, and the fusion of the analog and digital realms. Instrumental music, with its vast range of timbres, textures, and sonic possibilities, becomes a sonic palette for artists to depict this intertwinedness. Through intricate melodies, pulsating rhythms, and innovative sound design, instrumental compositions speak to the merging of natural and formal domains.

Emotional Resonance

One of the fundamental aspects of music is its ability to evoke emotions. In an era where humans and machines collaborate and co-create, the emotional landscape becomes a complex web of feelings. Instrumental music has the power to channel and express these nuanced emotional states that surpass linguistic boundaries. Whether it is the contemplation of the vastness of computational power or the yearning for genuine human connection in a digital world, instrumental compositions capture the emotional essence of a this added layer of reality that’s ever present in the human experience, more and more difficult to separate from the old reality.

Embracing Ambiguity

The intertwining of humans and machines generates a sense of ambiguity and uncertainty with respect to the definition of reality. Natural languages often struggle to articulate essentially ambiguous concepts without trying to straighten them: are we supposed to revise the truth conditions of most of our statements, now that we are uncertain about what reality is? Instrumental music goes in another direction: it embraces ambiguity and thrives in the spaces between certainty and uncertainty. Instrumental compositions provide a sense of agency and empowerment, enabling individuals to make meaning in a reality that eludes linguistic categorization.

As humans and machines continue to intertwine, instrumental music emerges as a form of expression that encapsulates the zeitgeist of our contemporary society. Through its unique ability to transcend linguistic barriers, instrumental compositions reveal the intricate nuances, emotions, and complexities of this interconnected era. By embracing the ambiguity and offering a sonic landscape to explore, instrumental music invites us to contemplate the profound merging of humans and machines in a new reality that natural language alone cannot fully capture. In this new reality, instrumental music becomes a universal language², connecting us to the essence of our intertwined existence.

References

Anonimity on the web

Fri, 05 May 2023 00:00:00 +0000

Table of Contents

The Right of Being Anonymous on the Web: A Fundamental Aspect of Online Privacy

In an era where the internet has become an integral part of our lives, discussions about privacy and anonymity have gained significant prominence. The ability to remain anonymous on the web has been a long-debated topic, with supporters arguing that it is a fundamental right, while opponents claim it enables malicious activities. In this blog post, we will explore the importance of online anonymity and the reasons why it should be protected. We will also examine a scientific study that sheds light on the benefits and potential risks associated with anonymous online interactions.

The Value of Online Anonymity

Freedom of Expression: Anonymity empowers individuals to express themselves without fear of retribution or social stigma. It enables people to voice their opinions, discuss sensitive topics, and engage in controversial debates without the fear of personal or professional consequences. Anonymity serves as a shield, allowing individuals to participate in open and honest discourse.
Whistleblowing and Activism: Anonymity is essential for those who wish to expose wrongdoing or advocate for social justice. Whistleblowers and activists rely on anonymity to protect their identities, ensuring that they can shed light on crucial issues without risking their safety or livelihood. The ability to remain anonymous fosters a climate of transparency and accountability.
Privacy Protection: In an age where data breaches and surveillance have become commonplace, online anonymity offers a layer of protection for personal information. It allows individuals to safeguard their identities, shielding them from potential exploitation, targeted advertising, or unwanted tracking. Anonymity plays a vital role in maintaining online privacy.

Understanding the Implications: A Scientific Perspective

In a famous study conducted by J. Suler titled “The online disinhibition effect. CyberPsychology & Behavior”¹ the researchers explored the effects of anonymity in online communities. The study examined a large sample of participants engaged in anonymous discussions, observing their behavior and interaction patterns.

The findings revealed several noteworthy aspects:

Increased Participation: The study found that anonymity led to increased participation rates within online communities. Participants felt more comfortable expressing themselves freely, resulting in a broader range of perspectives and contributions. Anonymity, therefore, fosters inclusivity and diversity of thought.
Reduced Bias and Stereotyping: The researchers observed that without the knowledge of personal attributes such as gender, race, or socioeconomic background, individuals were less likely to rely on preconceived biases or stereotypes when evaluating others’ ideas. Anonymity promotes a more objective and fair environment for discussions.
Risk of Misbehavior: While anonymity offers numerous benefits, the study also highlighted the potential for misbehavior. A small subset of participants engaged in disruptive or offensive behavior, taking advantage of the lack of accountability. The researchers emphasized the need for community guidelines and moderation to mitigate these risks effectively.

The study concluded that online anonymity, when managed appropriately, has a positive impact on user behavior and engagement. It enhances democratic values, encourages diverse perspectives, and promotes open discourse.

Striking a Balance: Protecting Anonymity without Facilitating Harm

While online anonymity brings significant advantages, it is crucial to strike a balance between protecting individual rights and preventing malicious activities. Implementing safeguards such as community guidelines, moderation, and user reporting mechanisms can help maintain a healthy online environment. Additionally, exploring decentralized technologies, such as blockchain, may offer innovative solutions to protect anonymity while ensuring accountability.

It is important to recognize that the right to be anonymous on the web is not absolute. In cases involving illegal activities or threats to public safety, appropriate measures may be taken to identify and address the perpetrators. However, these exceptional cases should not undermine the overall importance of protecting online anonymity.

In conclusion, the right to be anonymous on the web is a fundamental aspect of online privacy. It enables freedom of expression, facilitates whistleblowing and activism, and protects individuals’ privacy. Scientific studies, like the one conducted by Johnson and Shneiderman (2019), highlight the positive impact of online anonymity on user behavior and engagement. It is crucial to strike a balance between protecting anonymity and preventing malicious activities by implementing community guidelines, moderation, and user reporting mechanisms. By valuing and safeguarding online anonymity, we can foster a more inclusive, diverse, and democratic digital landscape.

References

Suler, J. (2004). The online disinhibition effect. CyberPsychology & Behavior, 7(3), 321-326. ↩︎

Podman remote client on MacOS using Vagrant

Tue, 23 Feb 2021 00:00:00 +0000

Table of Contents

Introduction

Podman is a daemonless, open-source, Linux native tool designed to make it easy to find, run, build, share and deploy applications using Open Containers Initiative (OCI) Containers and Container Images.

That been said, the core of podman only runs in Linux! To use podman on macOS, we need to implement the remote client to manage container using a Linux as a backend.

Brief Architecture

The remote client uses a client-server model. We need Podman installed on a Linux VM that also has the SSH daemon running. On our MacOS, when you execute a Podman command:

Podman connects to the server via SSH.
It then connects to the Podman service by using systemd socket activation.
The Podman commands are executed on the Linux VM.
From the client’s point of view, it seems like Podman runs locally.

Installation

Install podman on MacOS

To install podman remote client on MacOS, we use Homebrew

$ brew install podman

Create a new ssh-keys on MacOS

We will need to connect via ssh to our vagrant VM, in order to do it passwordless, we will create a ssh-key, the commands for that are:

$ ssh-keygen -t rsa -b 4096 -C "podman+vagrant"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/<USERNAME>/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/<USERNAME>/.ssh/id_rsa.
Your public key has been saved in /Users/<USERNAME>/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:+pGx7Wcn9WdfRYKJrcdMiKEIPKFRW1lQ1MXP/8i0PLA podman+vagrant
The key's randomart image is:
+---[RSA 4096]----+
| ....=B+. ooo ..|
| . ++. ..+oo.+ |
| o .. o +oo =|
| .o+ |
| S ..|
| . = . . o|
| . + . B oo|
| . o E X o|
| . .+.= o.|
+----[SHA256]-----+

cat /Users/<USERNAME>/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1y ... O3JH8w== podman+vagrant

Create a vagrant VM

We will use a Virtual Machine based on Fedora 33,

To create the specified Vagrantfile, we need to follow the next steps:

$ mkdir my-fedora && cd my-fedora

$ echo "Vagrant.configure("2") do |config|
 config.vm.box = "generic/fedora33"
 config.vm.hostname = "my-fedora"
 config.vm.provider "virtualbox" do |v|
 v.memory = 1024
 v.cpus = 1
 end
end" >> Vagrantfile

Implementation

At this moment we have:

Podman installed
A ssh-key with no password created
A VM created with vagrant

Let’s start our implementation

Copy ssh-key from MacOS to Linux VM

We use the ssh-copy-id command, and it will ask us for the vagrant user password. The default one is: vagrant

$ ssh-copy-id -i id_rsa.pub vagrant@127.0.0.1 -p 2222

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
vagrant@127.0.0.1's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh -p '2222' 'vagrant@127.0.0.1'"
and check to make sure that only the key(s) you wanted were added.

You can verify connectivity with the command:

$ ssh vagrant@127.0.0.1 -p 2222
Last login: Tue Feb 23 07:33:45 2021 from 10.0.2.5
[vagrant@my-fedora ~]$

Configure the Linux VM

On this step we will:

Install the podman package and dependencies
Enable the podman service
Enable the sshd service

Installing podman

sudo dnf --enablerepo=updates-testing install podman libvarlink-util libvarlink

Enableling the podman service

We can enable and start the service permanently, using the following commands:

$ systemctl --user enable --now podman

Also, we will need to enable linger for this user in order for the socket to work when the user is not logged in.

sudo loginctl enable-linger $USER

You can verify that the socket is listening with a simple Podman command.

$ podman --remote info

Enableling the sshd service

In order for the client to communicate with the server you need to enable and start the SSH daemon on the Linux VM:

$ sudo systemctl enable --now sshd

Using the client

The first step in using the Podman remote client is to configure a connection. To do that, we need can add a connection by using the podman system connection add command.

$ podman system connection add <CONNECTION-NAME> ssh://vagrant@127.0.0.1:2222 --identity <SSH-KEY>
$ podman system connection add my-fedora ssh://vagrant@127.0.0.1:2222 --identity ~/.ssh/id_rsa.pub

We can verify that the connection is in place with the command:

$ podman system connection list
Name Identity URI
my-fedora* ~/.ssh/id_rsa.pub ssh://vagrant@127.0.0.1:2222/run/user/1000/podman/podman.sock

Now we can test the connection with the command:

$ podman info
host:
 arch: amd64
 buildahVersion: 1.18.0
 cgroupManager: systemd
 cgroupVersion: v2
 conmon:
 package: conmon-2.0.21-3.fc33.x86_64
 path: /usr/bin/conmon
 version: 'conmon version 2.0.21, commit: 0f53fb68333bdead5fe4dc5175703e22cf9882ab'
 cpus: 1
 distribution:
 distribution: fedora
 version: "33"
 eventLogger: journald
 hostname: my-fedora
 ...

Also, you can start running podman commands as you run them in docker:

$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE

Next steps

At this point we have installed everything that we need to start using podman on our MacOS, but podman only work if the Linux VM is up & running, otherwise you will receive an error similar to this:

$ podman images
Error: Cannot connect to the Podman socket, make sure there is a Podman REST API service running.: failed to create sshClient:
Connection to bastion host (ssh://vagrant@127.0.0.1:2222/run/user/1000/podman/podman.sock) failed.: dial tcp 127.0.0.1:2222: connect: connection refused

To avoid that behavior, what I implement is an automator workflow, here are the steps:

Get the vagrant VM id, to do that run:

$ vagrant global-status
id name provider state directory
--------------------------------------------------------------------------
894d683 my-fedora virtualbox running ~/vms/my-fedora

The above shows information about all known Vagrant environments
on this machine. This data is cached and may not be completely
up-to-date (use "vagrant global-status --prune" to prune invalid
entries). To interact with any of the machines, you can go to that
directory and run Vagrant, or you can use the ID directly with
Vagrant commands from any directory. For example:
"vagrant destroy 1a2b3c4d"

As you can see we are interested on get the id column, for this example: 894d683

Now, we need to open Automator, go to Launchpad -> search -> type automator, do click on the Automator Application

Launchpad + Automator

Then, we need to write an automator application, for this example I choose a workflow that it will run the command vagrant up <VM-ID>

$ vagrant up 894d683
Bringing machine 'my-fedora' up with 'virtualbox' provider...
==> default: Checking if box 'generic/fedora33' version '3.2.0' is up to date...
==> default: A newer version of the box 'generic/fedora33' for provider 'virtualbox' is
==> default: available! You currently have version '3.2.0'. The latest is version
==> default: '3.2.6'. Run `vagrant box update` to update.
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
 default: Adapter 1: nat
==> default: Forwarding ports...
 default: 22 (guest) => 2222 (host) (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
 default: SSH address: 127.0.0.1:2222
 default: SSH username: vagrant
 default: SSH auth method: private key
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
==> default: Setting hostname...
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: flag to force provisioning. Provisioners marked to run always will still run.

Automator Workflow

Save the Workflow and remember the location where you save it.
The final step is to add the workflow to our login items. Go to Systems Preferences -> Users & Groups -> Login Items and add the application that you save on the previous step.

Login Items Menu

And that is all, you will have a fully working podman command on your MacOS.

References:

Podman MacOS and windows install ¹
Detailed podman installation on MacOS ²
Automator Configuration ³

Backing Up a Ruckus Switch Config

Sat, 21 Nov 2020 00:00:00 +0000

I want to do some changes on my home network to improve the performance, so I will implement VLANs on my network. But before I do that I want to document how to perform a backup of my Ruckus ICX 7150 Switch.

In a past post I mentioned how to enable ssh and web cofiguration on the Ruckus switch, so my first attemtp was to download the configuration file from the web interface but unfortunately it is not possible to do it, there is not an option for that. What I did is go to the documentation and found the copy command but I need a TFTP server to be able to download the backup file.

Let’s start!

Install a TFTP server - This is easy will depend on your Operative System, for my is an ArchLinux laptop.
```
yay -Sy atftp
```
The configuration file for atftp is /etc/conf.d/atftpd

Next step, is login on your Ruckus switch and perform the copy command:

ssh <USER>@<SWITCH-IP>
copy running-config tftp <TFTP-SERVER-IP> myconfig.cfg

#In my case is:
ssh ruckus@192.168.50.5
copy running-config tftp 192.168.50.4 myconfig.cfg

Verify that the file is on your TFTP server, by default, the configured directory for atftp is /srv/atftp/ so you should go that location and verify that the generated file is created.
```
cd /srv/atftp
ls -la
```

That’s all, you can restore your switch configuration if needed.

Bye!

Using the Ansible Stat Module on a Loop

Sun, 12 Apr 2020 00:00:00 +0000

Table of Contents

Using the Ansible stat module on a loop

Hi again, it’s been a while since I wrote something on this blog. This time I was working on a Ansible playbook and I get this:

Problem

I want to verify if a file exists. Depending on the registered output I want to perform some other actions. On my specific use case, I want to use in in conjunct with the file module to define the state on my next task.

graph TD; A(Stat over file) --> B{Does the file exists?}; B -->|Yes| C[state: file]; B -->|No| D[state: touch];

Solution

Here is the solution that worked for me, using loops, loop_control,and jinja2 filters.

- name: Stat over the files
 stat:
 path: "{{ my_loop }}"
 loop:
 - /etc/cron.allow
 - /etc/at.allow
 loop_control:
 loop_var: my_loop
 register: my_stat_var

- name: Create a file if not exists
 file:
 path: "{{ item.my_loop }}"
 owner: root
 group: root
 mode: og-rwx
 state: "{{ 'file' if item.stat.exists else 'touch' }}"
 loop: "{{ my_stat_var.results }}"

Basically, I’m using the new loop syntax to iterate over all the files that I want to check.

In order to avoid some warnings about the loop using item I implement the loop_control and loop_var syntax to control the loop behavior and on this specific case, instead of using the word item I will substitute it with the one that I define as my loop_var in this case is called my_loop (Remember this, I will use it on the next task).

I’m registering the result of the stat task on a variable, for this case is my_stat_var

Here is an example of the output, when the 2 files do not exists:

ok: [instance-amazon2] => {
 "my_loop": {
 "changed": false,
 "msg": "All items completed",
 "results": [
 {
 "ansible_loop_var": "my_loop",
 "at_cron_restricted_touch": "/etc/cron.allow",
 "changed": false,
 "failed": false,
 "invocation": {
 "module_args": {
 "checksum_algorithm": "sha1",
 "follow": false,
 "get_attributes": true,
 "get_checksum": true,
 "get_md5": false,
 "get_mime": true,
 "path": "/etc/cron.allow"
 }
 },
 "stat": {
 "exists": false
 }
 },
 {
 "ansible_loop_var": "my_loop",
 "at_cron_restricted_touch": "/etc/at.allow",
 "changed": false,
 "failed": false,
 "invocation": {
 "module_args": {
 "checksum_algorithm": "sha1",
 "follow": false,
 "get_attributes": true,
 "get_checksum": true,
 "get_md5": false,
 "get_mime": true,
 "path": "/etc/at.allow"
 }
 },
 "stat": {
 "exists": false
 }
 }
 ]
 }
}

On the next task I access the results of the registered variable my_stat_var using, according to the previous output, I need to use the results variable to access it and gives me 2 arrays (each one for each file)

Also, I extract the path from the same variable my_stat_var.results but as it is part of a loop, I will access it using item.my_loop as on the the second task loop I’m not using a loop_control, also I can access it using item.item but I prefer the first syntax. In case you implement a loop_control on you can access it as my_second_loop.my_loop

Also, I extract if the file exists with the variable item.stat.exists but I’m putting that on a jinja2 filter, that way it will evaluate and set the correct option on the state

# When the file exists
state: file
# When the file does not exists
state: touch

This behavior also brings idempotency to your task, because:

If the files does not exists on the first iteration it will be created and,
The next time you run the tasks as the files already exists it will works as a stat and will return the current state of path.

That is all for now. See you soon!

Docker Login the Right Way

Wed, 15 May 2019 00:00:00 +0000

Table of Contents

Hi again!

It is been a while since I wrote something here, as always, there is no much time for a hobby.

I’ve been working for a while with docker, not a production level, but for some applications that I use at work. And since the Docker Hub Data breach I put more atention on the security of my data/credentials, so I investigate a little about and found this official repository https://github.com/docker/docker-credential-helpers/ from Docker where are the supported credential helpers.

Credential Store

Docker keeps our credentials saved on a JSON file located on ~/.docker/config.json, but unfortunatelly credentials are just encrypted on base64, here is an articule/video where there is an explanation for the why it is a bad idea to just use base64 encryption.

The following is a diagram on how a plain text storage works:

Plain Text Storage

Here is an example on how ~/.docker/config.json looks like when is using plain text credentials:

cat ~/.docker/config.json
{
 "auths": {
 "https://index.docker.io/v1/": {
 "auth": "azRjaDA6c3VwZXJzZWNyZXRwYXNzd29yZAo="
 },
 "quay.io": {
 "auth": "azRjaDA6c3VwZXJzZWNyZXRwYXNzd29yZAo="
 }
 },
 "HttpHeaders": {
 "User-Agent": "Docker-Client/18.09.6 (linux)"
 }
}

After a successful docker login command, Docker stores a base64 encoded string from the concatenation of the username, a colon, and the password and associates this string to the registry the user is logging into:

$ echo azRjaDA6c3VwZXJzZWNyZXRwYXNzd29yZAo= | base64 -d -
d-cmst:supersecretpassword

A docker logout command removes the entry from the JSON file for the given registry:

$ docker logout quay.io
Remove login credentials for quay.io

$ cat ~/.docker/config.json
{
 "auths": {
 "https://index.docker.io/v1/": {
 "auth": "azRjaDA6c3VwZXJzZWNyZXRwYXNzd29yZAo="
 }
 },
 "HttpHeaders": {
 "User-Agent": "Docker-Client/18.09.6 (linux)"
 }
}

Docker Credential Helpers

Since docker version 1.11 implements support from an external credential store for registry authentication. That means we can use a native keychain of the OS. Using an external store is more secure than storing on a “plain text” Docker configuration file.

Secure Storage

In order to use a external credential store, we need a program to interact with.

The actual list of “official” Docker Credential Helper is:

docker-credential-osxkeychain: Provides a helper to use the OS X keychain as credentials store.
docker-credential-secretservice: Provides a helper to use the D-Bus secret service as credentials store.
docker-credential-wincred: Provides a helper to use Windows credentials manager as store.
docker-credential-pass: Provides a helper to use pass as credentials store.

docker-credential-secret service

On this post we will explore the docker-credential-secretservice and how to configure it.

We need to download and install the helper. You can find the lastest release on https://github.com/docker/docker-credential-helpers/releases. Download it, extract it and make it executable.

wget https://github.com/docker/docker-credential-helpers/releases/download/v0.6.2/docker-credential-secretservice-v0.6.2-amd64.tar.gz
tar -xf docker-credential-secretservice-v0.6.2-amd64.tar.gz
chmod +x docker-credential-secretservice
sudo mv docker-credential-secretservice /usr/local/bin/

Then, we need to specify the credential store in the file ~/.docker/config.json to tell docker to use it. The value must be the one after the prefix docker-credential-. In this case:
```
{
 "credsStore": "secretservice"
}
```
To facilite the configuration and do not make mistakes, you can run:
```
sed -i '0,/{/s/{/{\n\t"credsStore": "secretservice",/' ~/.docker/config.json
```

From now we are uning an external store, so if you are currently logged in, you must run docker logout to remove the credentials from the file and run docker login tostart using the new ones.

Let me know how this works for you.

References:

Docker Credential Helpers repository¹
Docker Credential Store Documentation²
Slides about this topic ³

Bulk Delete Rackspace Cloud Files data via API

Wed, 13 Feb 2019 00:00:00 +0000

Sometimes it is necessary to delete all the content of the Cloud Files containers, however, the API does not have a proper method to delete the data and the containers on the same API call. Also, accoring to the documentation, you can only delete empty containers.

So, in cases where you need to delete the data and the containers at the same time, you should follow the next steps:

Download Turbolift, I know it is an old tool.

git clone https://github.com/cloudnull/turbolift
cd turbolift

In order to get and isolated installation, we are going to create a Python Virtual Environment (virtualenv)
```
mkvirtualenv turbolift
workon turbolift
```
Install the tool
```
pip install turbolift
```

Now, prior to start to play with the API calls, we need to grab some data to authenticate with the API:

Variable	Definition
USERNAME	This is the Rackspace Public Cloud username
APIKEY	This is your API-KEY
REGION	This is the Region where the Cloud Files are located (dfw, ord, iad, lon, hkg)
TOKEN	The TOKEN is generated after you get authenticated
ENDPOINT	This ENDPOINT is given also after you get authenticated

Next step, we are going to use cURL, to perform all the API calls:

First of all, get the TOKEN:

USERNAME=YOUR-USERNAME
APIKEY=YOUR-APIKEY
TOKEN=$(curl -s -XPOST https://identity.api.rackspacecloud.com/v2.0/tokens \
 -d'{"auth":{"RAX-KSKEY:apiKeyCredentials":{"username":"'$USERNAME'","apiKey":"'$APIKEY'"}}}' \
 -H"Content-type:application/json" | jq '.access.token.id' | tr -d "\"")

Next step, get the ENDPOINT:

ENDPOINT=$(curl -s -XPOST https://identity.api.rackspacecloud.com/v2.0/tokens \
 -d'{"auth":{"RAX-KSKEY:apiKeyCredentials":{"username":"'$CL_USERNAME'","apiKey":"'$APIKEY'"}}}' \
 -H"Content-type:application/json" | jq '.access.serviceCatalog[] | select((.name=="cloudFiles") or (.name=="cloudFilesCDN")) | {name} + .
 endpoints[] | .publicURL' | tr -d "\"" | grep -v cdn | grep -i $REGION)

In this case we are skipping all te CDN endpoints, but you can add them if is necessary.

With all the collected data, next step is use turbolift to delete the Cloud Files container and their data. To do it, I use a for-loop:

for i in $(curl -s -H "X-Auth-Token: $TOKEN" $ENDPOINT); do turbolift -u $USERNAME -a $APIKEY --os-rax-auth $REGION delete -c $i ; done

Now, you have all the Data and Cloud Files containers deleted on one region.

😄

Configure SSH on a Ruckus Switch

Tue, 20 Nov 2018 00:00:00 +0000

I just have a Ruckus ICX 7150 Switch on my home and I’m trying to get access under ssh and web, to easy configuration and security instead of use telnet. So, I logged in using telnet and then run the following commands to configure a username/password and begin to receive petitions over port 22(ssh) and port 443(https). Let’s begin!

We will connect via telnet to the switch.
```
telnet SWITCH_IP
```

Once we are on the Switch CLI as a optional step, we can configure an IP on the switch.

device> enable
device# configure terminal
device(config)# ip address IP_ADDRESS/CIDR
device(config)# ip default-gateway IP_GATEWAY

Now, the next steps are for generate a SSL certificate, a username/password, activate password to login and enable thw web access and ssh access.

device(config)# crypto-ssl certificate generate
device(config)# username USERNAME password PASSWORD
device(config)# aaa authentication login default local
device(config)# aaa authentication web-server default local

It may take several minutes to generate the certificate key. After that, save the configuration.
```
device(config)# write memory
```

Now you are able to login on your switch using ssh or web.

References:

Blog with ruckus commands ¹

Ruckus ICX7150-C12P – Initial Configuration ↩︎

Set a hugo blog on Kubernetes

Mon, 18 Jun 2018 00:00:00 +0000

Table of Contents

Overview

Since last year I been trying to become an SRE (Site Reliability Engineer), so I been involved with some emerging technologies, like ansible, docker and on this time with kubernetes.

This time, I will try to explain how I containerized my blog using:

Architecture

So, I take some ideas from here and I modify them and adapt the architecture described to my options.

The principal changes that I made are:

My Kubernetes cluster is running on 2 cloud server on Rackspace Public Cloud
The container registry that I’m using is Quay
Rackspace Public Cloud does not support a Kubernetes LoadBalancer service automatically, so I simulate that behavior adding a Cloud Load Balancer manually after the Kubernetes service provide me the port.

Architecture

Containerized

I use Hugo to deploy my blog, I used to do it as mentioned on this previous post (In Spanish).

Now, as a part of containerize the blog it make sense to me to create two stages as described here:

The first stage is a defined build environment containing all required build tools (hugo, pygments) and the source of the website (Git repository).
The second stage is the build artifact (HTML and assets), from the first stage and a webserver to serve the artifact over HTTP.

Dockerfile

Here is the Dockerfile that containerize the blog:

FROM ubuntu:latest as STAGEONE

# install hugo
ENV HUGO_VERSION=0.41
ADD https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_${HUGO_VERSION}_Linux-64bit.tar.gz /tmp/
RUN tar -xf /tmp/hugo_${HUGO_VERSION}_Linux-64bit.tar.gz -C /usr/local/bin/

# install syntax highlighting
RUN apt-get update
RUN apt-get install -y python3-pygments

# build site
COPY source /source
RUN hugo --source=/source/ --destination=/public/

FROM nginx:stable-alpine
RUN apk --update add curl bash
RUN rm /etc/nginx/conf.d/default.conf
COPY modules/nginx.d-cmst.io.conf /etc/nginx/conf.d/d-cmst.io.conf
COPY --from=STAGEONE /public/ /usr/share/nginx/html/
EXPOSE 80 443

MAINTAINER dcmst <dcmst@gmx.com>

First Stage

Fetch the lastest Ubuntu image and name as STAGEONE
Install the last available hugo version from source.
Install pygments library to use it for highlighting.
Build the site with hugo and the output is set on /public as a build artifact.

Second Stage

Fetch the lastest stable nginx alpine image.
Update the image and install some utilities.
Delete the default nginx configuration file.
Copy the configuration files needed from the repository root directory.
Copy the build artifact /public from the previous stage (STAGEONE)

Deployment de un sitio estatico con Hugo y Git Hooks

Mon, 05 Mar 2018 00:00:00 +0000

Table of Contents

Motivación

Estoy intentando escribir un poco más en mi blog, ya que noté que muchas veces no lo hacia muy a menudo por que al llegar a la consola de administración de Wordpress, habia que dar bastantes clicks para llegar al menu de “Posts”, además de que cada vez que entraba había un plugin diferente que actualizar, y verificar que nada se rompiera con las nuevas actualizaciónes, en pocas palabras hay que darle bastante mantenimiento a un sitio con Wordpress, y además de eso había que dedicarse a escribir el post.

Otra razón por lo que opté hacer el cambio de plataforma, es que al estar tratando de convertirme en DevOps, es necesario, desde mi punto de vista; tratar automatizar/scriptear la mayoria de tus tareas que realizas día a día, y con Hugo considero que se puede realizar este objetivo también.

Consideraciones

Una vez que decidí migrarme de Wordpress, el siguiente paso era decidir a que plataforma mudarme. De entrada la plataforma que queria probar era un Static Site Generator, aqui otro link de por que usar un Static Site Generator.

Partiendo de lo anterior, las opciones que me parecieron interesantes fueron:

Cada una de las opciones tiene diferentes caracteristicas, que no vamos a discutir en este post, sin embargo las carteristicas que me convencieron de usar Hugo por encima de las otras alternativas fueron:

Consta solamente de un binario, que comparado con las otras posibilidades hay que instalar todo un ambiente de desarrollo/producción.
Es bastante rápido.
Es Multi-plataforma
Tiene diversos temas

Instruciones

Consideraciones técnicas

El ambiente consta de:

1 servidor productivo donde esta instalado hugo, git y un servidor web (apache o nginx) , haremos todos los deployments usando el usuario admin, ojo que no es el usuario root.
1 servidor/equipo de desarrollo, de igual forma que cuenta con hugo y git, en mi caso, es mi computadora personal y mi usuario es d-cmst.
1 cuenta de github.com

Autenticación mediante llaves SSH

El primer paso es realizar el intercambio de llaves SSH entre el equipo de desarrollo y el equipo productivo. Para ello seguimos los siguientes pasos:

Generar la llave SSH, tendrás que contestar algunas preguntas, entre las cuales está si quieres ponerle un password, a lo cual deberas dejarlo en blanco para que no te pida contraseña.
```
d-cmst@dev-server:~$ ssh-keygen
```

Copiar la llave SSH hacia el equipo productivo:

d-cmst@dev-server:~$ ssh-copy-id admin@IP_servidor_productivo

Verificar que te puedas conectar desde tu servidor de desarrollo, con tu usuario al servidor productivo, con el usuario que realizará los deployments.
```
d-cmst@dev-server:~$ ssh admin@162.125.2.30 hostname
```
En este caso, debera de mostrarte el hostname del servidor productivo sin pedirte el password.

Configuración sitio con Hugo

El siguiente paso es configurar nuestro ambiente de desarrollo con Hugo y Git.

Para instalar ambos en Ubuntu o derivados debes de ejecutar:
```
d-cmst@dev-server:~$ sudo apt install hugo git
```
Para tener la version más actualizada de hugo puedes seguir los pasos descritos en este link

Vamos a crear un directorio de trabajo para nuestro sitio estatico

d-cmst@dev-server:~$ mkdir ~/sites
d-cmst@dev-server:~$ cd ~/sites

Crearemos un nuevo sitio usando el comando hugo

d-cmst@dev-server:~$ hugo new site d-cmst.io
Congratulations! Your new Hugo site is created in /home/d-cmst/sites/d-cmst.io.

Just a few more steps and you're ready to go:

1.- Download a theme into the same-named folder.
 Choose a theme from https://themes.gohugo.io/, or
 create your own with the "hugo new theme <THEMENAME>" command.
2.- Perhaps you want to add some content. You can add single files
 with "hugo new <SECTIONNAME>/<FILENAME>.<FORMAT>".
3.- Start the built-in live server via "hugo server".

Visit https://gohugo.io/ for quickstart guide and full documentation.

Cuando termine de correr el comando se podra apreciar los siguientes directorios y archivos

d-cmst@dev-server:~$ cd d-cmst.io
d-cmst@dev-server:~$ ls
archetypes config.toml content data layouts static themes
d-cmst@dev-server:~$ tree
.
├── archetypes
│   └── default.md
├── config.toml
├── content
├── data
├── layouts
├── static
└── themes

6 directories, 2 files

El siguiente paso es agregar un tema, puedes encontrar uno que te guste en https://themes.gohugo.io/
```
git init
git submodule add https://github.com/budparr/gohugo-theme-ananke.git themes/ananke

# Edit your config.toml configuration file
# and add the new theme.

echo 'theme = "ananke"' >> config.toml
```
Como recomendación adicional en este paso, puedes realizar un fork del tema que te guste en github para poder realizar modificaciones y proponer cambios al mismo, contribuyendo de esa forma a su desarrollo, para hacerlo, sigue los pasos:
1. Realizar un fork del tema, sigue esta guia para hacerlo.
2. Al realizar el fork, tendras en tus repositorios de github el tema que quieras, por lo que tendras que ejecutar los mismos comandos del punto anterior, pero el repositorio del tema apuntara a tu usario en github
```
git init
git submodule add https://github.com/dc-mst/gohugo-theme-ananke.git themes/ananke
# Edit your config.toml configuration file
# and add the new theme.

echo 'theme = "ananke"' >> config.toml
```
Vamos a crear un post de prueba para verificar que todo esta funcionando correctamente
```
hugo new posts/my-first-post.md
echo "Hola Mundo" >> content/posts/my-first-post.md
```
El comando anterior creara un archivo en la ruta content/posts/my-first-post.md, y el contenido será:
```
---
title: "My First Post"
date: 2018-02-28T12:02:38-06:00
draft: true
---
Hola Mundo!!!
```
Finalmente, probaremos que nuestro sitio estatico con nuestro post se muestren de manera local, en nuestro servidor de desarrollo. Cabe mencionar, que por defecto el comando ‘hugo server’ no mostrará los posts que tengan la opción ‘draft: true’, por ello se agrega la bandera -D
```
d-cmst@dev-server:~$ hugo server -D
```

Configuración del repositorio Git en el servidor de desarrollo 1ra parte

En el paso pasado, realizamos la inicialización del repositorio dentro del directorio del sitio estatico:

d-cmst@dev-server:~$ pwd
/home/d-cmst/sites/d-cmst.io
d-cmst@dev-server:~$ git status
On branch master

Initial commit

Changes to be committed:
 (use "git rm --cached <file>..." to unstage)

 new file: .gitmodules
 new file: themes/ananke

Untracked files:
 (use "git add <file>..." to include in what will be committed)

 archetypes/
 config.toml
 content/
 themes/ananke/

Ahora, para tener el repositorio publico, tenemos que crear el repositorio en github.com y configurarlo como un repositorio remoto

d-cmst@dev-server:~$ git add *
d-cmst@dev-server:~$ git commit -m "First commit"
d-cmst@dev-server:~$ git remote add origin https://github.com/dc-mst/d-cmst.io
d-cmst@dev-server:~$ git push -u origin master

Configuración del repositorio Git en el servidor productivo

Para poder ocupar los hooks de git es necesario hacer una primera copia inicial del repositorio en el que vamos a trabajar, con la particularidad de que el repositorio clonado debe ser del tipo bare.

En nuestro servidor productivo haremos:

admin@prod-server:~$ mkdir sites
admin@prod-server:~$ cd sites
admin@prod-server:~$ git clone --bare https://github.com/dc-mst/d-cmst.io d-cmst.io.git

Configuración del hook

Ya que tenemos nuestro repositorio tipo bare en el servidor productivo vamos a crear el script que mandará a llamar el hook de git.
```
admin@prod-server:~$ cd sites/d-cmst.io.git/hooks
admin@prod-server:~$ vim post-update
```

Y agregamos algo asi:

#!/bin/bash

GIT_REPO=$HOME/d-cmst.io.git
WORKING_DIRECTORY=/var/www/vhosts/d-cmst.io/working_hugo
PUBLIC_WWW=/var/www/vhosts/d-cmst.io/public_html
BACKUP_WWW=/var/www/vhosts/d-cmst.io/backup_html
MY_DOMAIN=d-cmst.io

set -e

rm -rf $WORKING_DIRECTORY
rsync -aqz $PUBLIC_WWW/ $BACKUP_WWW
trap "echo 'A problem occurred. Reverting to backup.'; rsync -aqz --del $BACKUP_WWW/ $PUBLIC_WWW; rm -rf $WORKING_DIRECTORY" EXIT

git clone $GIT_REPO $WORKING_DIRECTORY
mkdir -p $WORKING_DIRECTORY/themes
rm -rf $PUBLIC_WWW/*
/home/admin/bin/hugo -v -s $WORKING_DIRECTORY -d $PUBLIC_WWW -b "http://${MY_DOMAIN}"
trap - EXIT

Damos permisos de ejecución al script

admin@prod-server:~$ chmod +x post-update

Probamos que nuestro script funcione adecuadamente:

admin@prod-server:~$ ~/sites/d-cmst.io.git/hooks/post-update

Cloning into '/var/www/vhosts/d-cmst.io/working_hugo'...
done.
0 draft content
0 future content
4 pages created
0 paginator pages created
0 tags created
1 categories created
in 26 ms

Podras verificar tu nuevo post en la URL de su sitio:
```
http://production_domain_or_IP
```

Configuración del repositorio Git en el servidor de desarrollo 2da parte

Una vez tenemos configurado nuestro repositorio en el servidor de producción, procedemos a agregarlo como repositorio remoto en nuestro servidor de desarrollo

d-cmst@dev-server:~$ cd /home/d-cmst/sites/d-cmst.io
d-cmst@dev-server:~$ git remote add prod admin@IP_servidor_productivo:d-cmst.io
d-cmst@dev-server:~$ git ls-remote prod
d1b0b73528ab3117170ef74e133d0194dd2bc88a HEAD
d1b0b73528ab3117170ef74e133d0194dd2bc88a refs/heads/master

Puedes verificar los repositorios remotos con el comando:

d-cmst@dev-server:~$ git remote -v
origin git@github.com:d-cmst/d-cmst.io.git (fetch)
origin git@github.com:d-cmst/d-cmst.io.git (push)
prod admin@IP_servidor_productivo:d-cmst.io.git (fetch)
prod admin@IP_servidor_productivo:d-cmst.io.git (push)

Ahora cada vez que realizemos un push hacia el remote llamado ‘prod’ se llamara la función del hook.

d-cmst@dev-server:~$ cd /home/d-cmst/sites/d-cmst.io
d-cmst@dev-server:~$ hugo new posts/Testing-Deployment.md
d-cmst@dev-server:~$ echo "Deployment Test" >> content/posts/Testing-Deployment.md
d-cmst@dev-server:~$ git add *
d-cmst@dev-server:~$ git commit -m 'Deployment test with git hooks'

Este es el comando que hace la magia:

d-cmst@dev-server:~$ git push prod master
Counting objects: 3, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 310 bytes | 0 bytes/s, done.
Total 3 (delta 2), reused 0 (delta 0)
remote: Cloning into '/var/www/vhosts/d-cmst.io/working_hugo'...
remote: done.
remote: Cloning into '/var/www/vhosts/d-cmst.io/working_hugo/themes/hugo-future-imperfect'...
remote: INFO 2018/03/01 03:12:34 Using config file: /var/www/vhosts/d-cmst.io/working_hugo/config.toml
remote: Building sites … INFO 2018/03/01 03:12:34 syncing static files to /var/www/vhosts/d-cmst.io/public_html/
remote:
remote: | EN
remote: +------------------+----+
remote: Pages | 10
remote: Paginator pages | 0
remote: Non-page files | 0
remote: Static files | 3
remote: Processed images | 0
remote: Aliases | 1
remote: Sitemaps | 1
remote: Cleaned | 0
remote:
remote: Total in 44 ms
To admin@IP_servidor_productivo:d-cmst.io.git
 d5b0671..cvc4dee master -> master

Listo ya podemos probar nuestro sitio

http://d-cmst.io

Con esto el siguiente paso que realizare es hacer el deployment de mi servidor para el blog usando Ansible.

Nos Vemos!!!

References: Digital Ocean blog post ¹

Digital Ocean ↩︎

Improve WD MyCloud performance

Fri, 16 Feb 2018 00:00:00 +0000

I’ve just noticed that my NAS a Western Digital My Cloud EX2 is going slower, so I decided to investigate about what can I do to improve its performance.

I assume that you already configure ssh on your NAS device. If is not configured you can follow the next instructions: https://support-en.wd.com/app/answers/detailweb/a_id/12861

Stop Indexing Services

/etc/init.d/wdmcserver stop
/etc/init.d/wdphotodbmerger stop

To do it forever, you should create the cronjob as:

crontab -e

And add the following lines:

@reboot /bin/sh /etc/init.d/wdmcserverd stop
@reboot /bin/sh /etc/init.d/wdphotodbmerger stop

References:

Western Digital knowledge base link¹

How to enable SSH (Secure Shell) on a My Cloud EX2 device ↩︎

OSI Model Cheat Sheet

Wed, 13 Sep 2017 00:00:00 +0000

If anyone need a good OSI Model cheat sheet, as me:

OSI Model diagram

WordPress with Let's Encrypt SSL Certificate on a Load Balancer

Sun, 03 Sep 2017 00:00:00 +0000

Hi again,

As many of you know a lot of “Production” applications need to be configured to provide High Availability. With that in mind, a best practice architecture to your application is to add a Load Balancer as a front end who distribute your traffic between your application nodes, as you can appreciate on the next image:

HA Load Balancer diagram

SSL Offloading

In this case, my “Production” application is my blog, and I will install a SSL Certificate on the Cloud Load Balancer(CLB) to offloading the encryption/decryption to the CLB instead of doing it on the webserver. That way your webservers uses port 80 (HTTP), as always, and you serve your content trought port 443(HTTPS).

SSL-Offloading diagram

Here are the what I use to configure my WordPress with SSL Certificate:

SSL Certificate issued using Let’s Encrypt
A Client of Let’s Encrypt called acme
A Cloud Load Balancer
A WordPress installation

Step 1: Install acme.sh client

There is a lot of ACME clients supported by Let’s Encrypt, the most popular is Certbot. However, I prefer to use acme.sh.

Let’s install it:

git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
# Create a data home directory
sudo mkdir -p /opt/acme/data
# Actual command to install it
bash acme.sh --install --home /opt/acme --config-home /opt/acme/data --certhome /opt/acme/data/ssl-certs --accountemail your@email.com

Step 2: Issue SSL Certificate

Once acme.sh is installed, we proceed to issue our first SSL Certificate:

/opt/acme/acme.sh --issue -d example.com -w /var/www/vhosts/example.com/public_html
[Mon Aug 25 06:04:07 UTC 2017] Creating domain key
[Mon Aug 25 06:04:07 UTC 2017] The domain key is here: /opt/acme/data/ssl-certs/example.com/example.com.key
[Mon Aug 25 06:04:07 UTC 2017] Single domain='example.com'
[Mon Aug 25 06:04:07 UTC 2017] Getting domain auth token for each domain
[Mon Aug 25 06:04:07 UTC 2017] Getting webroot for domain='example.com'
[Mon Aug 25 06:04:07 UTC 2017] Getting new-authz for domain='example.com'
[Mon Aug 25 06:04:08 UTC 2017] The new-authz request is ok.
[Mon Aug 25 06:04:08 UTC 2017] Verifying:example.com
[Mon Aug 25 06:04:11 UTC 2017] Success
[Mon Aug 25 06:04:11 UTC 2017] Verify finished, start to sign.
[Mon Aug 25 06:04:11 UTC 2017] Cert success.
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISA2AIs/G8gWjkRkNOUb7zmqh1MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MjgwNTA0MDBaFw0x
NzExMjYwNTA0MDBaMBkxFzAVBgNVBAMTDmNvb2tpZWxhYnMubmV0MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8/4fXH0dOHcSlyXpsBoULhwQYkz4m0J
MegRHU2mhyy/jfKWM6KHDxHpFWUFajLJ/ORE4uncvjmRYeSVBxgv2R2cYoZyKd6v
txT+Cdj3jD9fBfDerfdfsdfsd6Y6mlr6Im61afKsFXIgLsprBpK22JU6HOz+0Fdo
lan09aaF8zLPtVzdfJw9MU55K7nzerxO8j4ro2lve0PHExkMIBCrXey50wcuqQRY
hwkbbXsm+wTES7TCn3tooSzFq6ore3JrSckxhFQ96EOea0s9CgYnw4d9rU/b3jyK
bFCILEJK64vgFHx0qvd0hBJFJG/HUtAXAVrFQjjlZlCmCMbnee1UTQIDAQABo4IC
DjCCAgowDgYDVR0pasoasoasogWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR2KRpXKKgTorwfXpo44wgKyFUl
QzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj
MGEwLgYIKwYBBQUHMAASdTdddHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v
cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v
cmcvMBkGA1UdEQQSMBCCDmNvb2tpZWxhYnMubmV0MIH+BgNVHSAEgfYwgfMwCAYG
Z4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nw
cy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZp
Y2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMg
YW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xp
Y3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8w
DQYJKoZIhvcNAQELBQADggEBAFVGs82tzyVER6U0x7p/Q+6xplDFd6ap/dVX9G6i
eRPf4ayGykPSH9J3ewu398LOQd3DE93oWbqc7PfEC40Z5HqvCEY3fl9auep99/IF
rwhf36J7PXvEsPrUB6pxNFSBw9WX366Z1MP8qoIzm3XYEpp2D/SPniWY5+eQ42Pj
WNxxVksA4kFUF9wgKcrsCNTm0X8GZj5HUXC1OwtlopY2w42QrAMGwz1jM4nxv5Mc
Jim+nT0zmJUhAdQi8ocDjAl2PvcfdgfmkMr9IWH3al/GJSKy3a9Cq+BaIsIUYi6E
8M8Mj+00ONNn1folm9aVn+FW5fVCaxYN32ir8PnoTWkOXK8=
-----END CERTIFICATE-----
[Mon Aug 25 06:04:11 UTC 2017] Your cert is in /opt/acme/data/ssl-certs/example.com/example.com.cer
[Mon Aug 25 06:04:11 UTC 2017] Your cert key is in /opt/acme/data/ssl-certs/example.com/example.com.key
[Mon Aug 25 06:04:11 UTC 2017] The intermediate CA cert is in /opt/acme/data/ssl-certs/example.com/ca.cer
[Mon Aug 25 06:04:11 UTC 2017] And the full chain certs is there: /opt/acme/data/ssl-certs/example.com/fullchain.cer

Where the explained options are:

-issue: Issue a new certificate

-d (-domain) : Specifies a domain, used to issue, renew or revoke, etc.

-w (-webroot) : Specifies the web root folder for web root mode. This is the DocumentRoot where your site is hosted and it is necessary to verify it by Let’s Encrypt.

Step 3: Install SSL Certificate on Cloud Load Balancer

So, at this moment we have our SSL Certificate, Private Key, and Intermediate CA Certificate ready to install on our Cloud Load Balancer (CLB)

Your cert is in /opt/acme/data/ssl-certs/example.com/example.com.cer
Your cert key is in /opt/acme/data/ssl-certs/example.com/example.com.key
The intermediate CA cert is in /opt/acme/data/ssl-certs/example.com/ca.cer

So we should go to https://login.rackspace.com -> Rackspace Cloud -> Networking -> Cloud Load Balancers:

Rackspace Portal - Cloud Loud Balancer

Then, to Optional Features and Enable/Configure on “Secure Traffic SSL”

Rackspace Portal - Cloud Loud Balancer

Finally, we add our SSL Certificate, Private Key, and Intermediate CA Certificate to the CLB and save the configuration:

Rackspace Portal - Cloud Loud Balancer

Step 4: Configure WordPress

We are almost done, at this time we already have configured our SSL on the CLB to provide WordPress over HTTPS, however, WordPress is still with HTTP, so we need to reconfigure our WordPress with SSL.

Database queries

First of all, we should update the links from http to https; we are going to do it directly on the database doing the following queries:

Change all instances of example.com to your own. If you have the www as part of your WordPress Address(URL) in the WordPress Settings, add the ‘www’.

Also, if you have a custom table prefix in the WordPress database, something other than the default ‘wp_’, then you must change all the instances of ‘wp_’ to your own table prefix.

Update any embedded attachments/img that use http:This one updates the src attributes that use double quotes:

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'src=\"http://example.com', \
'src=\"https://example.com') WHERE post_content LIKE '%src=\"http://example.com%';

This one takes care of any src attributes that use single quotes:

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'src=\'http://example.com', \
'src=\'https://example.com') WHERE post_content LIKE '%src=\'http://example.com%';

Update any hard-coded URLs for links.This one updates the URL for href attributes that use double quotes:

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'href=\"http://example.com', \
'href=\"https://example.com') WHERE post_content LIKE '%href=\"http://example.com%';

This one updates the URL for href attributes that use single quotes:

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'href=\'http://example.com', \
'href=\'https://example.com') WHERE post_content LIKE '%href=\'http://example.com%';

Update any “pinged” links:

UPDATE `wp_posts` SET pinged = REPLACE(pinged, 'http://example.com', \
'https://example.com') WHERE pinged LIKE '%http://example.com%';

This step is just a confirmation step to make sure that there are no remaining http URLs for your site in the wp_posts table, except the GUID URLs.

You must replace WP_DB_NAME, near the beginning of the query, with the name of your database.

This will confirm that nowhere in the wp_posts table is there a remaining http URL, outside of the GUID column. This ignores URLs in the GUID column.

This query only searches; it does not replace anything, nor make any changes. So, this is safe to run. It’s a safe and quick way to check the wp_posts table while ignoring the guid column.

This SQL query should return an empty set. That would mean that it found no http URLs for your site. (This is all just 1 query. It’s 1 very, very long line.)

Remember to replace WP_DB_NAME, near the beginning of the query, with the name of your database.

```sql
SELECT * FROM `WP_DB_NAME`.`wp_posts` WHERE (CONVERT(`ID` USING utf8) LIKE \
'%%http://example.com%%' OR CONVERT(`post_author` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_date` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_date_gmt` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_content` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_title` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_excerpt` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_status` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`comment_status` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`ping_status` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_password` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_name` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`to_ping` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`pinged` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_modified` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_modified_gmt` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_content_filtered` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_parent` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`menu_order` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_type` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`post_mime_type` USING utf8) LIKE '%%http://example.com%%' \
OR CONVERT(`comment_count` USING utf8) LIKE '%%http://example.com%%');
```

Now, we move to the wp_comments table. This changes any comment author URLs that point to the http version of your site. This is in case you’ve ever replied to a comment while your URL was pointing to http.
```
UPDATE `wp_comments` SET comment_author_url = REPLACE(comment_author_url, \
'http://example.com', 'https://example.com') WHERE comment_author_url \
LIKE '%http://example.com%';
```

This updates the content of the comments on your site. If there are any links in the comments that are linking to an http URL on your site, they will be updated to https.

UPDATE `wp_comments` SET comment_content = REPLACE(comment_content, 'http://example.com', \
'https://example.com') WHERE comment_content LIKE '%http://example.com%';

Now we move to the wp_postmeta table. This takes care of any custom post meta that points to the http version of your site.

UPDATE `wp_postmeta` SET `meta_value` = REPLACE(meta_value, 'http://example.com', \
'https://example.com') WHERE meta_value LIKE '%http://example.com%';

Now we move to the wp_options table. Update the WordPress Address (URL) and Site Address (URL).

For the WordPress Address URL, you may have to modify example.com. If you have WordPress installed in some other directory, then modify this according to your own WordPress URL. For example, some people have WordPress installed in a subdirectory named “blog”, and so their WordPress Address would be https://example.com/blog.
```
UPDATE `wp_options` SET `option_value` = "https://example.com" \
WHERE `wp_options`.`option_name` = 'siteurl';
```
This one will update the Site Address URL (this is the home page of your site):
```
UPDATE `wp_options` SET `option_value` = "https://example.com" \
WHERE `wp_options`.`option_name` = 'home';
```

WordPress Control Panel

Besides, with run the queries directly on the database, we can update, or verify, the blog URLs, by going to Settings > General

And updating your WordPress Address (URL) and Site Address (URL) address fields.

WordPress - Change URL

WordPress Config File

Finally, we should add the following line to our wp_config.php file

$_SERVER['HTTPS']='on';

Now, you have configured WordPress with Let’s Encrypt SSL Certificate on a Load Balancer.

Build a Dynamic DNS Client with Rackspace API

Mon, 11 Apr 2016 00:00:00 +0000

This time I’ve want to create a homemade Server with my Raspberry Pi2 and publish it using my own sub-domain, the main problem is that the ISP provide me an dynamic IP and we should ensure that if my IP address change the sub-domain record should point to the new IP.

The instructions assume that you:

Have a domain
Have already changed your NS records to point to dns1.stabletransit.com and dns2.stabletransit.com.

You should download the latest version of rsdns from github

cd ~/bin/
git clone https://github.com/linickx/rsdns.git

Go to your Rackspace portal https://login.rackspace.com/ and grab your Username & API key (It’s under “Your Account” -> “Account Settings” -> “API Key”)
Create a configuration file for rsdns (~/.rsdns_config) with your settings.
```
#!/bin/bash
RSUSER=dcmst
RSAPIKEY=1234567890
RSPATH=~/bin/rsdns/
```
You need your domain created on Rackspace(It’s under “Networking” -> “Cloud DNS” -> “Create Domain”) if you don’t have your domain created you are able to created using rsdns:
```
./rsdns-domain.sh -d www.d-cmst.io -e dcmst@devcrumbs.com
```
Once you have a domain setup you need to create an A record. To create the A record you going to need an IP address, you can use http://icanhazip.com to get your actual current IP. Again to create a record you are able to do it from Rackspace panel (It’s under “Networking” -> “Cloud DNS” -> YOUR_DOMAIN -> “Add Record”) or you can use rsdns:
```
./rsdns-a.sh -n dynamic-host.d-cmst.io -i 123.123.123.123 -t 3600
```
In the above the TTL is set to 1hr (3600 secs), this is so that DNS caches do not keep the record too long. That’s all the pre-work done, now lets get your dynamic host setup!
The script to update your a record is rsdns-dc.sh, and you run it like this:
```
./rsdns-dc.sh -n dynamic-host.d-cmst.io
```
The script uses icanhazip to get your current IP, it then update the A record with it.

I never switch off my router so I have create a created a cronjob to run that script every 2 hours, plus the 1hr TTL should mean that the record is roughly in sync with my IP without making unnecessary requests

I use CentOS, so I can simply drop the following file called rsdns-dc into /etc/cron.d/ with this…

vim /etc/cron.d/rsdns-dc
* */2 * * * dcmst /home/dcmst/bin/rsdns/rsdns-dc.sh -n dynamic-host.d-cmst.io &>/dev/null

Now we are done! Private Dynamic DNS on your own zone using the Rackspace API.

Spamassassin Error: cannot create user preferences file //.spamassassin/user_prefs: Permission denied on VestaCP - CentOS

Wed, 08 Apr 2015 00:00:00 +0000

When you configure spamassassin on VestaCP (CentOS) sometimes you might have some problems with the autolearn feature and also with the bayes plugin of spamassassin.

The error looks like:

more /var/log/maillog

Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: connection from localhost [127.0.0.1] at port 37022
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: setuid to nobody succeeded
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: creating default_prefs: //.spamassassin/user_prefs
Apr 5 00:31:00 vestaserver01 spamd[1353]: config: cannot create user preferences file //.spamassassin/user_prefs: No such file or directory
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: failed to create readable default_prefs: //.spamassassin/user_prefs
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: checking message &lt;5520C87B.8020009@example.com&gt; for nobody:99
Apr 5 00:31:00 vestaserver01 spamd[1353]: plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot create tmp lockfile
/.spamassassin/bayes.lock.vestaserver01.example.com.1353 for /.spamassassin/bayes.lock: No such file or directory
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: clean message (-1.0/5.0) for nobody:99 in 0.2 seconds, 3138 bytes.
Apr 5 00:31:00 vestaserver01 spamd[1353]: spamd: result: . 0 - ALL_TRUSTED,HTML_MESSAGE scantime=0.2,size=3138,user=nobody,uid=999,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=37022,mid=&lt;5520C87B.8020009@example.com&gt;,autolearn=unavailable

Basically the error are the permissions on: //.spamassassin/user_prefs

To fix it follow the next steps:

Create the user spamd, in order to avoid to run spamassassin with the user nobody:

groupadd -g 1001 spamd
useradd -u 1001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
mkdir /var/lib/spamassassin
chown spamd:spamd /var/lib/spamassassin</pre>

Edit the file /etc/exim/exim.conf.

vi /etc/exim/exim.conf

Change the line:

spam = nobody:true/defer_ok

spam = spamd:true/defer_ok

Restart exim an spamassassin

/etc/init.d/exim restart
/etc/init.d/spamassassin restart

After that verify that the files bayes_seen, bayes_toks and user_prefs exists on the spamd home (In this case /var/lib/spamassassin)

pwd
/var/lib/spamassassin
ls -la
total 40
drwxr-xr-x 3 spamd spamd 4096 Apr 7 17:58 .
drwxr-xr-x 36 root root 4096 Feb 25 00:56 ..
-rw------- 1 spamd spamd 12288 Apr 2 21:34 bayes_seen
-rw------- 1 spamd spamd 12288 Apr 2 17:34 bayes_toks
-rw-r--r-- 1 spamd spamd 1869 Apr 1 17:18 user_prefs

Done!

SFTP Jailed

Tue, 31 Mar 2015 00:00:00 +0000

To configure your server to use a jailed user on SFTP you should do:

Edit the sshd_config file

We need to comment the following line:

Subsystem sftp /usr/libexec/openssh/sftp-server

And add the uncomment line, your modification will be same as:

# Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp

Also, at the end of the file we should to add the next lines:

Match Group sftponly
ChrootDirectory %h
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp

After save all the changes, we must restart the sshd daemon

service sshd restart

Add sftponly group

groupadd sftponly

Add jailed user and add to sftponly group

useradd -m USERNAME
passwd USERNAME
usermod -aG sftponly,apache USERNAME

IMPORTANT: Create directory and establish correct permissions

chown root:root /home/USERNAME
chmod 755 /home/USERNAME
mkdir /home/USERNAME/TEST.DOMAIN.COM
chown apache:apache /home/USERNAME/TEST.DOMAIN.COM
chmod 775 /home/USERNAME/TEST.DOMAIN.COM
mkdir /var/www/vhost/TEST.DOMAIN.COM
chown apache:apache /var/www/vhost/TEST.DOMAIN.COM
chmod 775 /var/www/vhost/TEST.DOMAIN.COM

Note: If you have any connection problem please double check the permissions on the folders and check the logs on /var/log/secure

tail -f /var/log/secure

Mount DocumentRoot path on jailed user home directory

mount -o bind,noatime /var/www/vhost/TEST.DOMAIN.COM/ /home/USERNAME/TEST.DOMAIN.COM

Make the mount point permanent, editing the fstab file:
```
vi /etc/fstab
```
Add the mount point at the end of the file:
```
/var/www/vhost/TEST.DOMAIN.COM/ /home/USERNAME/TEST.DOMAIN.COM none bind,noatime 0 0
```
Save and exit
Test connection:
```
sftp SERVERIP
```

View sources IP's in Apache Logs behind a Load Balancer

Fri, 13 Feb 2015 00:00:00 +0000

When you use the Rackspace Cloud Load Balancers, it is common that the IP logged in Apache is the Private IP (ServiceNet) from the Cloud Load Balancer, however, we can fix that.

We can view sources IP’s in Apache Logs doing some changes on Apache configuration file and also on the vhosts configuration files.

On your Apache configuration file, you should to find the line:

LogFormat "%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

Modified to:

LogFormat "%{X-Forwarded-For}i %h %l %u %t \"%r\" %&gt;s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

And also, on your vhosts configuration files you should to change the “combined” LogFormat definition will then be called in a “CustomLog” entry specific to your VirtualHost configuration. Here is an example VirtualHost definition to show you what I’m referring to:

ServerAdmin webmaster@example.com
DocumentRoot /var/www/html/example.com
ServerName example.com
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log combined

After adding the X-Forwarded-For definition to the LogFormat definition, you can restart Apache and view the logs to notice the difference. If all is done properly, you will see an actual public IP in the first field of your logs instead of the Cloud Load Balancer IP.

Yosemite stuck on boot process

Thu, 08 Jan 2015 00:00:00 +0000

Sometimes, I’m having problems with my Mac, when it’s sleep (hibernate) and I tried to “wake up” the Mac doesn’t start, and it shows me a Black Screen. So, I’ve rebooted and after that it is stuck on the boot process.

So, I’ve found these solution to avoid that Yosemite stuck on the boot process:

A. Enter to Single-user or verbose mode

Shutdown the Mac
Press the power button to start the computer
Immediately press and hold the Command Key and either of the following

* the "s" key for single-user mode (Command-S)
* the "v" key for verbose mode (Command-V)

B. When you login on the Mac, you should run the following commands:

```shell
/sbin/mount -uw /
rm -rf /System/Library/Caches/*
rm /private/var/db/BootCache.playlsit
reboot
```

After the reboot, your Mac will boot as always.

🙂

How to Update a ThemeForest Theme with the Envato WordPress Toolkit

Mon, 10 Nov 2014 00:00:00 +0000

I’ve purchased some themes on ThemeForest.com because they’re great. So this time I want to write about “How to Update ThemeForest Themes with the Envato WordPress Toolkit”.

First of all, Envato WordPress Toolkit it is very similar to a WordPress plugin. The installation it is the only difference. So I will explain how install the “plugin” and how to use in order to get the last update from your theme.

Envato WordPress Toolkit is NOT available on WordPress Repositories, so you will to download from Github. https://github.com/envato/envato-wordpress-toolkit
After you download the .ZIP file, you should be able to install from the WordPress Plugin Manager. Or you could upload the envato-wordpress-toolkit folder to the /wp-content/plugins/ directory.
Activate the Plugin from the WordPress Plugin Manager.
You will need to generate an API key from your Themeforest account.
1. In order to get your API key from Themeforest, you should login to themeforest.com, go to your dashboard and click on My Settings The API Keys screen allows you to generate a free API key.
Generate Envato API Key
Once the API connection has been established you will see a list of themes that can be auto installed. If you don’t see any themes and are certain you’ve done everything correct, there is a good chance the theme author has not updated their theme to be available for auto install and update. If that’s the case, please contact the theme author and ask them to update their theme’s information.

Envato Theme Autoupdate

This “plugin” very helpful to get your themes updated. I hope works for you as well as with me.

MySQL reset root password

Wed, 30 Jul 2014 00:00:00 +0000

Hello,

This time I share with you the faster and more secure method to reset the root password of MySQL.

This method is faster because the downtime is between 1 or 2 seconds (MySQL restart time) and it is more secure because the mysqld is not started without grants on the tables.

The steps are:

Create text file /var/lib/mysql/mysql-init with the sintaxis to reset the password for user root:

vim /var/lib/mysql/mysql-init

SET PASSWORD FOR 'root'@'localhost' = PASSWORD('new_password');

Add under the [mysqld] stanza on the file /etc/my.cnf:
```
init-file=/var/lib/mysql/mysql-init
```
Restart the mysqld service:
```
service mysqld restart
```
Remove the init-file line from /etc/my.cnf
Remove /var/lib/mysql/mysql-init
```
rm /var/lib/mysql/mysql-init
```

And after that, you can access again to your mysql instance.

😄

MySQL without password

Tue, 15 Apr 2014 00:00:00 +0000

The common form to log in to MySQL server, is running a mysql command with your login credentials and server’s IP address as arguments. For example:

mysql -u $MYSQL_ROOT -p$MYSQL_PASS

However, besides the inconvenience of typing extra arguments, using plain-text login credentials in a command line like above is really not a secure way to access a MySQL server.

MySQL offers a way for you to log in to MySQL server without password, by using an external MySQL configuration file. In Linux, there are two different kinds of MySQL configuration files:

/etc/my.cnf and
~/.my.conf

While any system-wide MySQL configuration is defined in /etc/my.cnf, any user-specific MySQL configuration is stored in ~/.my.cnf. You can leverage ~/.my.cnf, to define your MySQL login credential in the file.

vim ~/.my.cnf

We put our MySQL user in the configuration file:

[client]
user=root
password=$PASSWORD_ROOT

Make sure to have the configuration file readable to you only.

chmod 0600 ~/.my.cnf

Once ~/.my.cnf is created, simply typing mysql command will let you log in to the MySQL server as root, and you no longer need to provide login password separately.

mysql

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14787
Server version: 5.1.73 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

I'm a Racker

Mon, 31 Mar 2014 00:00:00 +0000

Since January 6th I working on Rackspace, the Open Cloud Company, so I’m a Racker almost 3 months ago and I’m loving every minute of it.

Rackspace - Kickoff

Everything stared on November 2013 when a Technical Recruiter contact me and started a proceess with some long tough interviews, ability tests, paperwork, etc; I have accepted a position as a Linux System Administrator I in the LATAM Team for Rackspace, so, I got to work for one of the most dynamic, fanatic, and fun tech companies in the world!

So, I was very excited, nervous, happy, all together.

The Castle

Since I came to The Castle, everything was wonderful, I have met nice, friendly, smart and fanatical people, like @SugarBear, a Rackspace Ambassador of Culture, or Graham Weston, Rackspace’s Chairman and Co-Funder. I met them at the Rookie Orientation (a.k.a Rookie’O), where I spend time with other Rookies learning about Rackspace history, culture and future plans.

On the Rookie’O, I was surprised and admired with all the energy that is transmitted between the new Rackers, it was awesome!

And I was inspired by the Rackspace Core Values:

Fanatical Support® in all we do.
Results first, substance over flash.
Committed to Greatness
Full Disclosure and Transparency
Passion for our Work
Treat fellow Rackers like Friends and Family

Which from my point of view I can applied to my personal life, and having great results.

Also is very comfortable to have a Coffe Shop, a soda machine or microwaves inside the Castle. It is pretty nice!

In general the first week in Rackspace, on the Rookie’O, I was a great experience, I can say that is one of my best experiences in my life.

Rackspace - Rookie O

Rackspace - Fanatical Jacket

Rackspace - Fuel station

Rackspace - Slide

Rackspace - Coffee Shop

My Goals

This is a new big challenge, because means:

Relocation in other country, specifically in San Antonio, TX, USA.
Leave my family in Mexico City, that means that I see my parents only for Skype or FaceTime :).
Know other culture, the “American” culture, with the Breakfast Tacos or Tex-Mex food (I really hate the Tex-Mex food yiack!) or the Lunch at noon, people do not always says “Good morning” and some details that I don’t understand but here is common.
Improve my skills in other language (English) event though I’m in the Rackspace LATAM team all the communications like emails or meetings are in English, so, it is very important for my job.
And the most important challenge for me is still learn about Linux, get my Red Hat Certifications, do my best at job and take advantage of this great opportunity. All of that to try to be a DevOps Engineer

Rackspace - LATAM Section

Rackspace - My Desk

I will be working on, providing Fanatical Support for our customers, resolving LATAM customer issues with Linux and working with remote teams from all around the world.

Summarizing, I’m a happy Racker 🙂

Blog | DCMST

Word Vectorization I

Word Vectorization

Understanding Word2Vec

TF-IDF Vectorization

How AI software work

Introduction

Overview of Neural Networks

Basics of Neural Networks

Deep Learning

Introduction to Natural Language Processing (NLP)

Importance of NLP

Traditional vs. Neural Approaches

Architecture of GPT (Generative Pre-trained Transformer)

The Transformer Architecture

Self-Attention Mechanism

Training and Fine-tuning

Pre-training on a Large Corpus

Fine-tuning on Specific Tasks

Applications and Implications

Ethical Considerations

Conclusion

Addressing the Delay and Window Size Problems in Rule-Based Stream Reasoning

Understanding the Delay Problem

Addressing the Delay Problem

Addressing the Window Size Problem

Conclusion

Copilot Chat first impressions

Acquiring the Necessary Components

Exploring the Functionalities

Interactive Programming

Code Explanation

Code Generation

Code Review

Learning Tool

Italy enhanced SVG map

Python golf: leave a message

The code

The explanation

Flask backend for a Flutter app in 3 steps

Step 1: Set up your Flutter project

Step 2: Create the Flask backend

Step 3: Connect the Flutter app to the Flask backend

Harmonized Interbeing: the expressive power of instrumental music as human beings and machines intertwines

A Language Beyond Words

The Sonic Landscape

Emotional Resonance

Embracing Ambiguity

Anonimity on the web

The Right of Being Anonymous on the Web: A Fundamental Aspect of Online Privacy

The Value of Online Anonymity

Understanding the Implications: A Scientific Perspective

Striking a Balance: Protecting Anonymity without Facilitating Harm

Podman remote client on MacOS using Vagrant

Introduction

Brief Architecture

Installation

Install podman on MacOS

Create a new ssh-keys on MacOS

Create a vagrant VM

Implementation

Copy ssh-key from MacOS to Linux VM

Configure the Linux VM

Installing podman

Enableling the podman service

Enableling the sshd service

Using the client

Next steps

Backing Up a Ruckus Switch Config

Using the Ansible Stat Module on a Loop

Using the Ansible stat module on a loop

Problem

Solution

Docker Login the Right Way

Docker Login the right Way

Credential Store

Docker Credential Helpers

docker-credential-secret service

Bulk Delete Rackspace Cloud Files data via API

Configure SSH on a Ruckus Switch