Running Isso on NixOS in a Docker container
This short article documents how I run Isso, the commenting system used by this blog, inside a Docker container on NixOS, a Linux distribution built on top of Nix. Nix is a declarative package manager for Linux and other Unix systems.
While NixOS 20.09 includes a derivation for Isso, it is unfortunately broken and relies on Python 2. As I am also using a fork of Isso, I have built my own derivation, heavily inspired by the one in master:1
issoPackage = with pkgs.python3Packages; buildPythonPackage rec { pname = "isso"; version = "custom"; src = pkgs.fetchFromGitHub { # Use my fork owner = "vincentbernat"; repo = pname; rev = "vbe/master"; sha256 = "0vkkvjcvcjcdzdj73qig32hqgjly8n3ln2djzmhshc04i6g9z07j"; }; propagatedBuildInputs = [ itsdangerous jinja2 misaka html5lib werkzeug bleach flask-caching ]; buildInputs = [ cffi ]; checkInputs = [ nose ]; checkPhase = '' ${python.interpreter} setup.py nosetests ''; };
I want to run Isso through Gunicorn. To this effect, I build an
environment combining Isso and Gunicorn. Then, I can invoke the latter
with "${issoEnv}/bin/gunicorn".
issoEnv = pkgs.python3.buildEnv.override { extraLibs = [ issoPackage pkgs.python3Packages. Continue reading
Zero Trust Access Policies for IoT Must be Granular
As IoT devices become more diverse, with varying access requirements, EMA believes granular IoT access policies tailored to the role and function of individual devices will grow more important over time.Python Pieces: Decorators
As some of you know – Im a big believer that we all learn differently. You may read something the first time and immediately grasp the topic whereas I may read it and miss the point entirely. For me, decorators have been one of those things that I felt like I was always close to understanding but still not quite getting it. Sure – some of the examples I read made sense but then I’d find another one that didn’t. In my quest to understand them, I spent a lot of time reviewing a lot of examples and asking a lot of very patient friends for help. At this point, I feel like I know enough to try and explain the topic in a manner that might hopefully help someone else who was having a hard time with the concept. With my learning philosophy out of the way, let’s jump right in….
I want to jump right into a real (albeit not super useful) example of decorators using the full decorator (or shorthand) syntax. Let’s start with this…
def a_decorator(a_function):
print("You've been decorated!")
return a_function
@a_decorator
def print_name_string(your_name):
name_string = "Your name is: " + your_name
return name_string
print(print_your_name("Jon"))
DNS XL
This is a technical report on a detailed exploration of the way the Internet’s Domain Name System (DNS) interacts with the network when the size of the application transactions exceeds the underlying packet size limitations of hosts and networks.The Serverlist: Serverless Wasm AI, Building Automatic Platform Optimizations, and more!
Check out our twenty-first edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend.
Sign up below to have The Serverlist sent directly to your mailbox.
Simplify the Modern Network with VMware NSX-T 3.1
Continuing our commitment to helping organizations around the world deliver a public cloud experience in the data center through VMware’s Virtual Cloud Network, we’re excited to announce the general availability of VMware NSX-TTM 3.1. This latest release of our full stack Layer 2 – 7 networking and security platform delivers capabilities that allow you to build modern networks at cloud scale while simplifying operations and strengthening security for east-west traffic inside the data center.
As we continue to adapt to new realities, organizations need to build modern networks that can deliver any application, to any user, anywhere at any time, over any infrastructure — all while ensuring performance and connectivity objectives are met. And they need to do this at public cloud scale. NSX-T 3.1 gives organizations a way to simplify modern networks and replace legacy appliances that congest data center traffic. The Virtual Cloud Network powered by NSX-T enables you to achieve a stronger security posture and run virtual and containerized workloads anywhere.
Continue reading
Networking and Infrastructure News Roundup: October 30 Edition
IBM offers greater flexibility when deploying workloads on-premises or to hybrid clouds, AWS supports secure processing of highly sensitive data, and more.Heavy Networking 547: Building And Monitoring A User-Centric Digital Experience With Catchpoint (Sponsored)
Today’s Heavy Networking show dives into Digital Experience Monitoring (DEM) with sponsor Catchpoint. Catchpoint combines synthetic testing with end user device monitoring to provide greater visibility into the end user experience while helping network engineers and IT admins support and troubleshoot a distributed workforce. Our guests from Catchpoint are Nik Koutsoukos, CMO; and Tony Ferelli, VP Operations.Heavy Networking 547: Building And Monitoring A User-Centric Digital Experience With Catchpoint (Sponsored)
Today’s Heavy Networking show dives into Digital Experience Monitoring (DEM) with sponsor Catchpoint. Catchpoint combines synthetic testing with end user device monitoring to provide greater visibility into the end user experience while helping network engineers and IT admins support and troubleshoot a distributed workforce. Our guests from Catchpoint are Nik Koutsoukos, CMO; and Tony Ferelli, VP Operations.
The post Heavy Networking 547: Building And Monitoring A User-Centric Digital Experience With Catchpoint (Sponsored) appeared first on Packet Pushers.
Learning To Listen For Learning
Can you hear me? Are you listening to me? Those two statements are used frequently to see if someone is paying attention to what you’re saying. Their connotation is very different though. One asks a question about whether you can tell if there are words coming out of someone’s mouth. Is the language something you can process? The other question is all about understanding.
Taking Turns Speaking
“Seek first to understand,then to be understood.” – Stephen Covey
Listening is hard. Like super hard. How often do you find yourself on a conference call with your mind wandering to other things you need to take care of? How many times have we seen someone shopping online for shoes or camping gear instead of taking notes on the call they should be paying attention to? They answer is more often than we should.
Attention spans are hard for everyone, whether you’re affected by attention disorders or have normal brain chemistry. Our minds hate being bored. They’re always looking for a way to escape to something more exciting and stimulating. You know you can feel it when there’s a topic that seriously interests you and pulls you in versus the same old Continue reading
Unwrap the SERVFAIL
We recently released a new version of Cloudflare Resolver which adds a piece of information called “Extended DNS Errors” (EDE) along with the response code under certain circumstances. This will be helpful in tracing DNS resolution errors and figuring out what went wrong behind the scenes.
A tight-lipped agent
The DNS protocol was designed to map domain names to IP addresses. To inform the client about the result of the lookup, the protocol has a 4 bit field, called response code/RCODE. The logic to serve a response might look something like this:
function lookup(domain) {
...
switch result {
case "No error condition":
return NOERROR with client expected answer
case "No record for the request type":
return NOERROR
case "The request domain does not exist":
return NXDOMAIN
case "Refuse to perform the specified operation for policy reasons":
return REFUSE
default("Server failure: unable to process this query due to a problem with the name server"):
return SERVFAIL
}
}
try {
lookup(domain)
} catch {
return SERVFAIL
}
Although the context hasn't changed much, protocol extensions such as DNSSEC have been added, which makes the RCODE run out of space to express the server's internal Continue reading
Video: Cisco SD-WAN Onboarding Process
After describing Cisco SD-WAN architecture and routing capabilities, David Penaloza focused on the onboarding process and tasks performed by the Cisco SD-WAN solution (encryption, tunnel establishment, and device onboarding) in it’s so-called Orchestration Plane.
You need Free ipSpace.net Subscription to watch the video.