Joe Nicosia

A jack of all stacks

Using EC2 Auto-Scaling Groups With Fabric

| Comments

Trying to deploy fabric recipes to an auto-scaling group on EC2 could prove pretty painful, except if you have this slick code snippet to define your server group in Fabric.

Basically I’m using boto to list all of the instances currently running in a specific security group, and then populate env.hosts.

This solves the problem for pushing to running hosts. In order to pull the latest codebase when a new instance fires up, we just stuck some scripts in /etc/rc.local – more on that later.

Monitoring Your API With Python and SES

| Comments

I needed a quick and simple script to monitor some of the API’s I manage. Since I already build in methods that fully test the webservice and backend database, I just had to wrap a single call and check the results from this method. Also I don’t want to rely on my servers being able to send mail, so I added support for AWS SES.

And the code…

A Few Minutes With DNSCrypt

| Comments

I checked out DNSCrypt today, a new tool to help secure DNS resolution by encrypting the lookups from your machine to the DNS server.

The tool was developed by OpenDNS and is currently a preview release.

I just wanted to see the DNS traffic, so I performed a few lookups while capturing the packets…

Here is an example of a non-encrypted query:

And an encrypted query:

If you enable the lookups to traverse port 443, there will be tons of packets and I didn’t look at them.

One note worth mentioning – The client app creates a bunch of connections back to OpenDNS whenever you modify the settings.

This is some great technology and it is open-sourced. I’m assuming the networks who want total control of their users will just block the OpenDNS IP blocks to prevent users from encrypting their lookups.

You can fetch the source on GitHub – The entire Mac OS app is there!

Securing Mac OS

| Comments

Mac OS is great, but is not 100% secure.. Nothing is.

In addition to using the built-in security features (ie. FileVault), I run 3rd party anti-virus and firewall tools. This helps me trust my machine a little bit more.

Little Snitch is a firewall and network monitor for Mac OS. It allows you to permit or deny any network connection on a temporary or permanent basis. There is also a network monitor window that displays all of your current connections.

Sophos Anti-Virus is an anti-virus tool that actively monitors your machine for malware. This is a free tool and has proved to detect virii not only for Mac OS, but other platforms as well (such as Windows and Linux).

Install Python Modules via GitHub

| Comments

pip is a nice replacement for easy_install. And you can install Python modules from GitHub (or any git repo) with pip.

Here is an example:

Alternative Tornado Logging

| Comments

Tornado uses the standard logging library, by default, and sends logs to STDOUT. Sometimes you may want logs stored in a database or flat-file.



Logging to flat-files

This method is fairly simple. You could pass the ‘log_file_prefix’ parameter via the command-line, or more elegantly add the options in your code:

If you have multiple instances of the same app running, I would keep the logs separate by using the port number:

Storing logs in a MongoDB collection

MongoLog is a really cool open-source centralized logging module for Python and MongoDB. It’s available on Github at https://github.com/andreisavu/mongodb-log.

Follow the installation docs in the README to get MongoLog all setup. After cloning and installing MongoLog, we need to modify our Tornado app.

First, import MongoLog:

Next we will override the ‘Application.log_request’ method to implement MongoLog.

After everything is up and running, you can view the raw logs in the database or use the web ui that ships with MongoLog: