June of 2023

Coding⚑

Languages⚑

asyncio⚑

• New: Basic concepts of concurrency.

  Concurrency is best explained by an example stolen from Miguel Grinberg.

  Chess master Judit Polgár hosts a chess exhibition in which she plays multiple amateur players. She has two ways of conducting the exhibition: synchronously and asynchronously.

  Assumptions:

  • 24 opponents
  • Judit makes each chess move in 5 seconds
  • Opponents each take 55 seconds to make a move
  • Games average 30 pair-moves (60 moves total)

  Synchronous version: Judit plays one game at a time, never two at the same time, until the game is complete. Each game takes (55 + 5) * 30 == 1800 seconds, or 30 minutes. The entire exhibition takes 24 * 30 == 720 minutes, or 12 hours.

  Asynchronous version: Judit moves from table to table, making one move at each table. She leaves the table and lets the opponent make their next move during the wait time. One move on all 24 games takes Judit 24 * 5 == 120 seconds, or 2 minutes. The entire exhibition is now cut down to 120 * 30 == 3600 seconds, or just 1 hour.

  Async IO takes long waiting periods in which functions would otherwise be blocking and allows other functions to run during that downtime. (A function that blocks effectively forbids others from running from the time that it starts until the time that it returns.)

• New: Basic concepts.

  • AsyncIO is not easy
  • The async/await Syntax and Native Coroutines
  • The Rules of Async IO
  • Async IO Design Patterns
  • Chaining Coroutines
  • Using a Queue
  • async for and list comprehensions
  • Creating and gathering tasks
  • When and Why Is Async IO the Right Choice?
  • Async IO It Is, but Which One?
  • Testing

aiohttp⚑

• New: Introduce aiohttp.

  aiohttp is an asynchronous HTTP Client/Server for asyncio and Python. Think of it as the requests for asyncio.

  • Installation
  • How to make a request
  • Passing parameters in urls
  • Setting custom headers
  • Set custom cookies
  • Proxy support
  • How to use the ClientSession
  • An aiohttp adapter

Configure Docker to host the application⚑

• New: Remove the apt cache after installing a package.

  RUN apt-get update && apt-get install -y \
    python3 \
    python3-pip \
    && rm -rf /var/lib/apt/lists/*
  

• New: Add the contents of a directory to the docker.

  ADD ./path/to/directory /path/to/destination
  

DevOps⚑

Infrastructure as Code⚑

Ansible Snippets⚑

• New: Authorize an SSH key.

  - name: Authorize the sender ssh key
    authorized_key:
      user: syncoid
      state: present
      key: "{{ syncoid_receive_ssh_key }}"
  

• New: Create a user.

  The following snippet creates a user with password login disabled.

  - name: Create the syncoid user
    ansible.builtin.user:
      name: syncoid
      state: present
      password: !
      shell: /usr/sbin/nologin
  

  If you don't set a password any user can do su your_user to set a random password use the next snippet:

  - name: Create the syncoid user
    ansible.builtin.user:
      name: syncoid
      state: present
      password: "{{ lookup('password', '/dev/null', length=50, encrypt='sha512_crypt') }}"
      shell: /bin/bash
  

  This won't pass the idempotence tests as it doesn't save the password anywhere (/dev/null) in the controler machine.

• New: Create an ssh key.

  - name: Create .ssh directory
    become: true
    file:
      path: /root/.ssh
      state: directory
      mode: 700
  
  - name: Create the SSH key to directory
    become: true
    openssh_keypair:
      path: /root/.ssh/id_ed25519
      type: ed25519
    register: ssh
  
  - name: Show public key
    debug:
      var: ssh.public_key
  

• New: Skip ansible-lint for some tasks.

  - name: Modify permissions
    command: >
      chmod -R g-w /home/user
    tags:
      - skip_ansible_lint
    sudo: yes
  

Chezmoi⚑

• Correction: Give some tip to deal with big diffs.

  Sometimes the diff is too big and you need to work with it chuck by chunk. For each change you can either:

  • chezmoi add <target> if you want to keep the changes you've manually made to the files that match the <target>.
  • chezmoi apply <target> if you want to apply the changes that chezmoi proposes for the <target>.

  Here <target> is any directory or file listed in the diff.

• New: Add systemd service for the actions runner.

  [Unit]
  Description=Gitea Actions Runner
  After=network.target
  
  [Service]
  WorkingDirectory=/var/gitea/gitea/act_runner/main
  ExecStart=/var/gitea/gitea/act_runner/main/act_runner-main-linux-amd64 daemon
  
  [Install]
  WantedBy=default.target
  

• New: Tweak the runner image.

  The gitea runner uses the node:16-bullseye image by default, in that image the setup-python action doesn't work. You can tweak the docker image that the runner runs by editing the .runner file that is in the directory where you registered the runner (probably close to the act_runner executable).

  If you open that up, you’ll see that there is a section called labels, and it (most likely) looks like this:

  "labels": [
    "ubuntu-latest:docker://node:16-bullseye",
    "ubuntu-22.04:docker://node:16-bullseye",
    "ubuntu-20.04:docker://node:16-bullseye",
    "ubuntu-18.04:docker://node:16-buster"
  ]
  

  You can specify any other docker image. Adding new labels doesn't work yet.

• New: Introduce molecule.

  Molecule is a testing tool for ansible roles.

  • Source
  • Docs

• New: CI configuration.

  Since gitea supports github actions you can use the setup-molecule and setup-lint actions. For example:

  ---
  name: Molecule
  
  "on":
    pull_request:
  
  env:
    PY_COLORS: "1"
    ANSIBLE_FORCE_COLOR: "1"
  jobs:
    lint:
      name: Lint
      runs-on: ubuntu-latest
      steps:
        - name: Checkout the codebase
          uses: actions/checkout@v3
  
        - name: Setup Lint
          uses: bec-galaxy/setup-lint@{Version}
  
        - name: Run Lint tests
          run: ansible-lint
  
    molecule:
      name: Molecule
      runs-on: ubuntu-latest
      needs: lint
      steps:
        - name: Checkout the codebase
          uses: actions/checkout@v3
  
        - name: Setup Molecule
          uses: bec-galaxy/setup-molecule@{Version}
  
        - name: Run Molecule tests
          run: molecule test
  

  That action installs the latest version of the packages, if you need to check a specific version of the packages you may want to create your own step or your own action.

• New: Upgrade to v5.0.0.

  They've removed the lint command, the reason behind is that there are two different testing methods which are expected to be run in very different ways. Linting should be run per entire repository. Molecule executions are per scenario and one project can have even >100 scenarios. Running lint on each of them would not only slowdown but also increase the maintenance burden on linter configuration and the way is called.

  They recommend users to run ansible-lint using pre-commit with or without `tox. That gives much better control over how/when it is updated.

  You can see an example on how to do this in the CI configuration section.

Infrastructure Solutions⚑

AWS Snippets⚑

• New: Get EC2 metadata from within the instance.

  The quickest way to fetch or retrieve EC2 instance metadata from within a running EC2 instance is to log in and run the command:

  Fetch metadata from IPv4:

  curl -s http://169.254.169.254/latest/dynamic/instance-identity/document
  

  You can also download the ec2-metadata tool to get the info:

  wget http://s3.amazonaws.com/ec2metadata/ec2-metadata
  
  chmod +x ec2-metadata
  
  ./ec2-metadata --all
  

Storage⚑

Sanoid⚑

• Correction: Use the recursive flag.

  recursive is not set by default, so the dataset's children won't be backed up unless you set this option.

   [main/backup]
     use_template = daily
     recursive = yes
  

Monitoring⚑

AlertManager⚑

• New: Alertmanager routes.

  A route block defines a node in a routing tree and its children. Its optional configuration parameters are inherited from its parent node if not set.

  Every alert enters the routing tree at the configured top-level route, which must match all alerts (i.e. not have any configured matchers). It then traverses the child nodes. If continue is set to false, it stops after the first matching child. If continue is true on a matching node, the alert will continue matching against subsequent siblings. If an alert does not match any children of a node (no matching child nodes, or none exist), the alert is handled based on the configuration parameters of the current node.

  A basic configuration would be:

  route:
    group_by: [job, alertname, severity]
    group_wait: 30s
    group_interval: 5m
    repeat_interval: 12h
    receiver: 'email'
    routes:
      - match:
          alertname: Watchdog
        receiver: 'null'
  

Operating Systems⚑

Linux⚑

Gancio⚑

• New: Introduce Gancio.

  Gancio is a shared agenda for local communities.

  • Docs
  • Source
  • Home
  • Telegram bridge

Other⚑

• New: UPGRADE FAILED: another operation (install/upgrade/rollback) is in progress.

  This error can happen for few reasons, but it most commonly occurs when there is an interruption during the upgrade/install process as you already mentioned.

  To fix this one may need to, first rollback to another version, then reinstall or helm upgrade again.

  Try below command to list the available charts:

  helm ls --namespace <namespace>
  

  You may note that when running that command ,it may not show any columns with information. If that's the case try to check the history of the previous deployment

  helm history <release> --namespace <namespace>
  

  This provides with information mostly like the original installation was never completed successfully and is pending state something like STATUS: pending-upgrade state.

  To escape from this state, use the rollback command:

  helm rollback <release> <revision> --namespace <namespace>
  

  revision is optional, but you should try to provide it.

  You may then try to issue your original command again to upgrade or reinstall.