Don’t touch the defaults: The Hippocratic Oath for System Administration

The Hippocratic Oath, taken by doctors, is often paraphrased as “first, do no harm”. I’d like to note the broad applicability of the Hippocratic Oath to system administration. What, for example, is the first thing that you do when receiving a Severity 1 incident in the middle of the night? Correct answer: Look around at your surroundings but don’t change a bloody thing. No good has ever come to a system administrator whose first response is to pound the keyboard furiously and poke around systems, making random changes. This isn’t Hackers, after all. Like a doctor, you need a hypothesis as to what is wrong before operating on your patient.

Beyond just incident handling, though, I’d like to apply the Hippocratic Oath for System Administration using a philosophy that I call, somewhat uncreatively, leaving the defaults the hell alone. Too often I’ve seen people randomly change configuration settings without a true understanding of why. This behavior applies not only to system administrators randomly tuning Linux kernel parameters or PostgreSQL postgresql.conf settings without rhyme or reason. It also applies to the way in which applications are set up in the first place. In this post, I’ll give you some of my guiding principles for leaving things alone and just accepting the defaults even if you know they might not be optimal. In other words, leave the unnecessary tuning for your car, not your job. Continue reading →

Why I love working at Chef

I started my job at Opscode Chef a little over a year ago, on March 4, 2013. I admit that job-wise, I have a short attention span. Usually by this point in a technology job, I’m getting antsy and bored, but not at Chef. I love working here and I routinely describe it as the best job I’ve ever had in IT, which probably shocks anyone who’s ever known me. On my one-year anniversary, I thought I’d take a little bit of time to unpack why I keep saying that. Continue reading →

Using a Raspberry Pi as a cheap AirTunes server

I hate giving Apple more money than I have to. Sure, I own a MacBook Air and it’s wonderful, but I chafe at Apple charging me $99 for an AirPort Express just to stream music wirelessly to my stereo. I don’t need another Wi-Fi base station, anyway. So I decided to build my own AirTunes server with a Raspberry Pi. Here’s how to do it really easily. Continue reading →

Canada’s mobile network: hostile to visitors

Cutting edge phones in Canada. Just kidding. (CC BY-NC 2.0, Flickr user bec.w)

Recently my wife and I returned to Toronto for our Christmas holidays. Though we haven’t lived in Canada for over two years, I remember the cellular plans being outrageously expensive compared to the United States or Europe. Since then, it appears they’ve gotten slightly better, but only for residents who have long-term contracts. Visitors, sadly, are out of luck.

Both of us own unlocked iPhone 4Ses, so I thought we could just waltz right into a carrier’s store, buy a SIM card, plunk down some money and get some data for the week. After all, this is what we did over in the United Kingdom in September. Each of us paid £10 for a SIM and got 1 GB of data. (Actually, they give the SIMs away for free. The £10 was just for usage.)

Astonishingly, there’s no such option in Canada. All the plans, even the so-called “prepaid” ones, are designed for long-term-residents. I was told by Virgin and Fido representatives that I’d need a Canadian billing address (!) and the only way to get service for a month would be to sign up and cancel within 30 days. Furthermore, the data rates are outrageous. Here’s what Fido is charging for Data Add-ons for a month:

$35 for 1 GB for a month? Are you kidding me? That’s almost the price of my entire cellular phone plan in the United States for a month!

As a last resort, I went to talk to a third-party reseller, the ones who represent multiple carriers. I told the rep what I wanted. He laughed, then said, sheepishly, “It’s not possible. Canada’s cellular phone companies don’t have pay-per-use data plans.” Then he told me to call Verizon and get a data roaming plan! “It’ll be easier that way,” he said.

If you want to see how good the pay-as-you-go plans are in the UK — and they really mean pay-as-you-go, as in you don’t need a billing address — go check out T-Mobile UK’s “SIM Card Only” page. Reading it again made me think: if Canada Post is saving all this money by killing off door-to-door mail delivery, why don’t they start a telco that’ll give Canada some real competition in cellular services?

Cultivate Conference Part Two: Culture Hack Tips, Avoiding the “Founder Bomb”, Open Source Businesses

Here are some more quick hits from the Cultivate Conference last week in New York.
Continue reading →

O’Reilly’s Cultivate Conference, Part One: Tim O’Reilly, Elaine Wherry and Kate Matsudaira

Last week I had the opportunity to attend O’Reilly’s inaugural Cultivate Conference in New York City. Organized by two tech industry veterans, Eli Goodman and Kate Matsudaira, the conference was just what I needed: a group of super-intelligent folks getting together and talking about culture and leadership in an industry where such discussions are all-too rare. Instead, our field celebrates the “cult of the engineer“: the singular focus on often-heroic technical achievement to the exclusion of all the other factors, including leadership and organizational development that are needed for companies to truly succeed both as industry leaders and as sane places to work.

The celebration of minimal or no leadership has been subtly reinforced by blog posts from company founders like Ryan Carson of Treehouse, which seem to imply that management (and leadership) only get in the way of product development. These kinds of blog posts sadden me. I’ve certainly worked in enterprises where layers of useless middle management decreased business agility and added to the firm’s impending obsolescence, but I’ve also had managers who truly took the time to consider my career development and served as my mentors. Obviously, I am conflating “management” and “leadership”, and these are two different things. But at the end of the day, good managers do serve a useful function, and to abolish that role entirely leads to stunted growth in an organization.

I’m getting ahead of myself as I preach from the soapbox, so let me summarize some of the interesting lessons I learned from the conference. This will be a series of posts, because there’s no way I can write this all at one sitting. Continue reading →

You have configuration management? Your hosts don’t need hostnames.

I often get asked how to automate host naming and/or DNS records using Chef. In fact, there was an individual in IRC today who asked some variation of the same question I always get:

Currently I set hostnames on my nodes by looking up the ip from ifconfig and doing a reverse DNS lookup on that IP. It turns out this is painful since my upstream never sets the rDNS correctly without nagging. I’m thinking of just building a “nodes” data bag with IP -> hostname mapping. Is there a better way to do this?

Often I’ve answered people by telling them that if they’re using configuration management, the names of their hosts are completely irrelevant. They shouldn’t even bother adding them to DNS or to even care what their names are. I thought I’d explain my rationale behind this and why host names are largely unnecessary if you’re using a configuration management tool like Chef. Continue reading →

Cooking with Opscode Chef on Windows: The Vagrant Edition

A month ago, I presented a webinar entitled “Cooking on Windows with Chef” that demonstrates the power of Opscode Chef on Windows. If you missed the webinar, you can watch that recording here.

One major way in which Windows has lagged Unix/Linux is in the desktop-based virtual machine development model using tools like VirtualBox and Vagrant. Vagrant, if you’re not already familiar with it, allows you to bring up and tear down development environments very quickly, and provision (configure) them using the same Chef cookbooks with which you’d configure your actual production environments. To that end, a bunch of folks have released an updated version of the vagrant-windows plugin, which adds WinRM and native shared folder support between Windows guests and the host operating system. Vagrant-windows has actually been around for a while, but had to be updated to deal with the API changes between Vagrant 1.1 and 1.2. This took a significant amount of work. Continue reading →

Why don’t more people go into tech? (Hint: It’s not an education problem.)

Ryan Holmes, the CEO of Vancouver social media startup HootSuite, wrote a column in today’s Financial Post entitled “Why Canada is failing at tech“. Holmes basically asserts that Canadians are “failing” at technology because the country isn’t graduating enough computer science and engineering talent to fill the available job openings. I don’t think Holmes has gone deep enough in his analysis. Why aren’t many people choosing computer science and engineering as career paths and the “jobs of tomorrow”? The answer to the question, I think, is pretty simple: it’s actually not a very nice job being a software developer. Continue reading →

Reflections on Urban Toronto, Two Years Later

Downtown Toronto looking west from the new West Donlands park

Visiting Toronto after two years away is like waking up from a coma. I’m in a city whose built forms I recognize, but for which 50% or more of the urban landscape is different. I hope the changes are for the better, but I’m not entirely sure yet. Continue reading →