Planet Apache

Syndicate content
Updated: 18 hours 26 sec ago

Justin Mason: Links for 2014-09-10

Wed, 2014-09-10 18:58
  • Apple: Untrustable

    Today, Apple announced their “Most Personal Device Ever”. They also announced Apple Pay (the only mentions of “security” and “privacy” in today’s event), and are rolling out health tracking and home automation in iOS 8. Given their feckless track record [with cloud-service security], would you really trust Apple with (even more of) your digital life?

    (tags: icloud apple fail security hacks privacy)

  • Not Safe For Not Working On

    Excellent post from Dan Kaminsky on concrete actions that cloud service providers like Apple and Google need to start taking.

    *It’s time to ban Password1*: [...] Defenders are using simple rules like “doesn’t have an uppercase letter” and “not enough punctuation” to block passwords while attackers are just straight up analyzing password dumps and figuring out the most likely passwords to attempt in any scenario.  Attackers are just way ahead.  That has to change.  Defenders have password dumps too now.  It’s time we start outright blocking passwords common enough that they can be online brute forced, and it’s time we admit we know what they are. [...] *People use communication technologies for sexy times. Deal with it*: Just like browsers have porn mode for the personal consumption of private imagery, cell phones have applications that are significantly less likely to lead to anyone else but your special friends seeing your special bits. I personally advise Wickr, an instant messaging firm that develops secure software for iPhone and Android. What’s important about Wickr here isn’t just the deep crypto they’ve implemented, though it’s useful too. What’s important in this context is that with this code there’s just a lot fewer places to steal your data from. Photos and other content sent in Wickr don’t get backed up to your desktop, don’t get saved in any cloud, and by default get removed from your friend’s phone after an amount of time you control. Wickr is of course not the only company supporting what’s called “ephemeral messaging”; SnapChat also dramatically reduces the exposure of your private imagery. [...] via Leonard.

    (tags: icloud apple privacy security via:lhl snapchat wickr dan-kaminsky cloud-services backup)

  • Inside Apple’s Live Event Stream Failure, And Why It Happened: It Wasn’t A Capacity Issue

    The bottom line with this event is that the encoding, translation, JavaScript code, the video player, the call to S3 single storage location and the millisecond refreshes all didn’t work properly together and was the root cause of Apple’s failed attempt to make the live stream work without any problems. So while it would be easy to say it was a CDN capacity issue, which was my initial thought considering how many events are taking place today and this week, it does not appear that a lack of capacity played any part in the event not working properly. Apple simply didn’t provision and plan for the event properly.

    (tags: cdn streaming apple fail scaling s3 akamai caching)

Categories: FLOSS Project Planets

James Duncan: How Matt’s machine works

Wed, 2014-09-10 17:00

I may not like using or hacking on WordPress—I’m a DIY kind of guy and am currently using Jekyll and hosting a static build of this site via Amazon S3 and CloudFront—but I respect what Matt and his company have done. I’m kind of in awe, really. I’m also in awe of how Matt manages to keep it all going. Well worth reading for those of us into the how flat, globally-distributed organizations can work.

via NextDraft via permalink
Categories: FLOSS Project Planets

Bryan Pendleton: A slimy subject

Wed, 2014-09-10 13:35

One of the things we noticed on our trip to Ireland was that, every time we explored the actual coastline (beaches, rocky cliffs, fishing piers, etc.), there were a surprising number of jellyfish.

I mean, a really surprising number.

Somebody mentioned that maybe this was actually a known and studied phenomenon, so I went searching.

Anyway, once you start reading this article in The New York Review Of Books you won't stop thinking about it: They’re Taking Over! .

Our changing climate is also having many impacts on jellyfish. As the oceans warm, the tropical box jellyfish and the Irukandjis are likely to extend their ranges, while other species will benefit from the lowered oxygen levels that warmer waters contain. Remarkably, jellyfish may have the capacity to accelerate climate change. This can happen in two ways. Jellyfish release carbon-rich feces and mucus (poo and goo) that bacteria prefer to use for respiration. As Gershwin puts it, “jellyfish blooms turn these bacteria into carbon dioxide factories.” But jellyfish also consume vast numbers of copepods and other plankton. These creatures migrate vertically through the water column, taking in carbon-rich food at the surface and releasing it as fecal pellets, which fall to the sea floor and are buried. The plankton are thus a major means of taking carbon dioxide out of the atmosphere and oceans. If their loss occurs on a large enough scale, it will hasten climate change.

Perhaps we will soon be seeing bumper stickers: "Save the plankton, eat a jellyfish!"

Categories: FLOSS Project Planets

Claus Ibsen: More metrics in Apache Camel 2.14

Wed, 2014-09-10 12:43
Apache Camel 2.14 is being released later this month. There is a slight holdup due some Apache infrastructure issue which is being worked on.

This blog post is to talk about one of the new functions we have added to this release. Thanks to Lauri Kimmel who donated a camel-metrics component, we integrated with the excellent codehale metrics library.

So I took this component one step further and integrated it with the Camel routes so we have additional metrics about the route performances using codehale metrics. This allows end users to seamless feed Camel routing information together with existing data they are gathering using codehale metrics.

Also take note we have a lot of existing metrics from camel-core which of course is still around.

What codehale brings to the table is that they have additional statistical data which we do not have in camel-core.

To use the codehale metics all you need to do is:

  1. add camel-metrics component
  2. enable route metrics in XML or Java code

To enable in XML you declare a as shown below:

  &;t;bean id="metricsRoutePolicyFactory"

And doing so in Java code is easy as well by calling this method on your CamelContext

  context.addRoutePolicyFactory(new MetricsRoutePolicyFactory());

Now performance metrics is only useable if you have a way of displaying them, and for that you can use hawtio. Notice you can use any kind of monitoring tooling which can integrate with JMX, as the metrics is available over JMX. The actual data is 100% codehale json format, where a piece of the data is shown in the figure below.

Sample of the route metrics JSON dataThe next release of hawtio supports Camel 2.14 and automatic detects if you have enabled route metrics and if so, then shows a sub, where the information can be seen in real time in a graphical charts.
hawtio have detected that we have route metrics enabled, and shows a sub tab where we can see the data in real time
The screenshot above is from the new camel-example-servlet-rest-tomcat which we ship out of the box. This example demonstrates another new functionality in Camel 2.14 which is the Rest DSL (I will do a blog about that later). This example enables the route metrics out of the box, so what I did was to deploy this example together with hawtio (the hawtio-default WAR) in Apache Tomcat 8.

With hawtio you can also build custom dashboards, so here at the end I have put together a dashboard with various screens from hawtio to have a custom view of a Camel application.

hawtio dashboard with Camel route and metrics as well control panel to control the route(s), and the logs in the bottom.

Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-09

Tue, 2014-09-09 18:58
Categories: FLOSS Project Planets

Nick Kew: Carry On up the Union

Tue, 2014-09-09 18:42

Today the Scottish referendum debate has turned to pure comedy, as the preserve-the-status-quo political and media Establishment turn to blind panic and run about like headless chickens. All the Westminster leaders are belatedly running off to campaign, and stressing that You can vote No, because No will mean Yes in all but name. Though each party still seems to have its own flavour of NoMeansYes, so that’ll be another confused and horrible compromise agreement to thrash out, or alternatively no agreement and kick the issue into the long grass (and try to blame the Scots Nats).  They’ve even dragged the Royal Family in, with a well-crafted Denial that the Queen might plead for the Union, and a big Feelgood announcement from her grandson and his missus.

As I’ve said before, our constitution since Blair is hopelessly broken.  Disappointingly, none of his successors at Westminster show any inclination to fix it, so the only proposal on the table is Scottish independence.  That will leave both parties with some interesting problems, but I think much more political will to deal with them than has hitherto been in evidence.

There are of course some glaring problems in the Scots Nats programme.  I don’t think that’s actually a problem: a Yes vote is just the start of a process of negotiation in which everyone can drop their sillier and more outlandish ideas in pursuit of a mutually-acceptable agreement.  Unlike a No vote, which just gives the headless chickens a mandate to sink straight back into complacency.

Now it’s Jocks’ Choice.  Say Yes to independence, force the issue, end the bad marriage, and let’s be good friends, just as we are with other neighbours such as the Dutch or the Irish.  Endure short-term pain – for there will surely be quite a hiatus and disruption on both sides – for long-term gain.  Or say No, succumb to the bullying of the political class, and condemn us all to another generation of brokenness.

Categories: FLOSS Project Planets

James Duncan: Speculation on Apple’s event stream failure

Tue, 2014-09-09 17:00

Dan Rayburn attempts to dig into why the live stream of Apple’s event yesterday failed so miserably. Lots of people are saying that this speculation is off—read the comments for other thoughts on the matter. The bottom line is that the way things were put together looks to have made the whole setup un-cachable by the CDN.

via Daring Fireball via permalink
Categories: FLOSS Project Planets

Bryan Pendleton: What if? A very short review

Tue, 2014-09-09 08:53

As everyone knows, I am one of the biggest Randall Munroe superfans on the planet.

Thus my expectations for What If?: Serious Scientific Answers to Absurd Hypothetical Questions were sky-high.

I am not disappointed!

Categories: FLOSS Project Planets

Rich Bowen: Indoctrinating the youth

Tue, 2014-09-09 08:08

I think, this morning, my son finally began to understand the awesomeness that is Open Source. He asked, as he has done a number of times before, what it would cost to set up a website, and didn't seem to believe my answer, which was, of course, $0.

So, after he wolfed down his breakfast, we sat down and installed Wordpress, got it configured shiny, and he kept asking, how much does this cost? How can it be this good if it doesn't cost anything? This looks really professional. Are you sure this is free?

I told him, as I've probably mentioned before, that the Apache Web Server runs a huge percentage of the websites he looks at, and that I had a part in creating that. And that I also had a *very* small part in creating Wordpress, too. (I believe I have two patches in there somewhere, although I don't remember what they were.)

At one point, while we were tweaking the theme, he said, in a very roundabout "I'm sure this is way too hard" kind of way, that some day, in the distant future, he'd like to have forums on the site, where people could discuss things. I installed BBPress in under a minute, and said, you mean kinda like this?

He also asked whether it was possible to have his own hostname, and so I taught him a little bit about how DNS works, and showed him how to register a name, and then how to configure DNS to point a name at an IP address.

So, about 30 minutes later, he's got his own website, where he'll be posting his youtube videos, animations, and random comments about the world. No, I don't really know what the name means, so ask him, not me.

Categories: FLOSS Project Planets

Bryan Pendleton: California's climate casualties

Mon, 2014-09-08 22:22

Yowza, it's getting ugly:

When I was up high, high, high in the Sierra Nevada mountains at the end of July, one thing was clear: there is no water in the mountains.

Something's gotta give, and it's gotta start happening soon.

Where are our politicians? Our civic leaders? Our community/religious/commercial leaders?

Hello? Shouldn't we all be talking about this?

Categories: FLOSS Project Planets

Bryan Pendleton: Donald MacKenzie on High Frequency Trading

Mon, 2014-09-08 21:48

A bit of my weekend reading was this nice short piece by Donald MacKenzie in the London Review of Books: Be grateful for drizzle.

MacKenzie takes a level-headed and clear-eyed look at the phenomenon of High Frequency Trading as it stands in the summer of 2014.

One interesting topic that he covers involves the difference between programs which play the role of market-makers, and programs which play the role of traders.

Market-makers are beasts of burden in the market: their job is to match up interested buyers with interested sellers, charging a price for this service made up of the spread between the purchase price and the sale price and the rebate awarded them by the host exchange:

If a market-making program is trading Apple shares, for example, it will continually post competitively priced bids to buy Apple shares and offers to sell them at a marginally higher price. The goal of market-making is to earn ‘the spread’, in other words the difference between those two prices – in Apple’s case, a few cents; in many other cases, a single cent – together with the small payments (around 0.3 cents per share traded) known as ‘rebates’ that exchanges make to those who post orders that other traders execute against.

Adam Smith's "invisible hand" works well here: if the market-maker's spread is too large, others will offer a lower spread and will take business away from the weaker program; this competition drives the market-making programs to be efficient and to offer the smallest possible spread, which benefits all participants in the market.

Traders, on the other hand, are opportunists, attempting either to buy low and sell high, or to sell high and buy low; in either case, the trading program attempts to identify the direction that a stock price is moving and front-run it. These traders don't really care whether the stock prices is moving up or down; they just care whether they can reliably detect that movement before any other trader can, thus being able to profit from it:

you have to pay the exchange a fee, rather than earning a rebate, and, if prices don’t move, your program can end up simply ‘paying the spread’ to market-making programs, because it will have to sell more cheaply than it buys. However, if an HFT program can identify a trading opportunity larger than the ‘spread’ (a high probability that, for example, the price of the shares being traded is going to rise or fall by several cents), then it may well need to act immediately and aggressively, before other programs do.

Trading programs don't benefit any market participants other than themselves, which is why they've earned considerable ire.

However, it's not clear that they are intrinsically evil; they are just feeding off of inefficiencies elsewhere in the system. MacKenzie discusses, in detail, one such inefficiency, told in Michael Lewes's Flash Boys, involving the way in which a large bank decides to execute an extremely large order for one of its pension fund customers; the bank's poor handling of the order results in a tidy opportunity for these aggressive trading programs.

And as MacKenzie notes, behind all these high-tech maneuvers are the hard-earned savings of ordinary people like you and me:

Behind orders from banks’ institutional investor customers are people’s savings and pension funds. Flash Boys has been widely read as a morality play, a story of evil-doing high-frequency traders. But it can just as easily be read as an account of banks that either wouldn’t, or didn’t know how to, take best care of their own or their customers’ orders. To their credit, the Royal Bank of Canada team took action once they saw the disadvantage they were labouring under. I am assured by a source that other banks have done things to reduce the problem, for example moving their smart order routers from Manhattan into the data centres in New Jersey. All things considered, I suspect that what drains most money from pension funds and other savings are the high fees charged by those who manage them, and the excessive trading they often engage in, not high-frequency trading or even the incompetent handling of orders.

Over the years, as I've learned, in bits and pieces and dribs and drabs, about the activity of High Frequency Trading, I've come to roughly the same conclusion as MacKenzie appears to have arrived at:

  • Automated market-making is not only not evil, it's actually been quite beneficial. Spreads have dropped, liquidity is generally quite high, individual investors like myself have access to very open and fair markets, and computers are actually very good, and very very efficient, at doing the automated market-making and book-keeping necessary for all this to occur.
  • Aggressive traders, who think they can predict market movements, or at least detect and respond to them faster than others do, can be quite annoying, but there's really no evidence that they are a problem worth wasting much energy over.
  • Poor oversight, transparency, and regulation of retirement funds, on the other hand, is the source of much waste if not outright corruption.

When a bank's inefficient trading desk causes a large order submitted by a state government's public employee retirement fund to be mis-handled, resulting in a bad execution, no money is strictly speaking 'lost'; however, a certain amount of money is effectively transferred from the retirement fund to those trading programs which took advantage of that poor execution.

And that means that those trading firms took money from you and I, since in the end that public employee retirement fund is funded by the taxes that we pay that are used to pay the salaries of those policemen and firefighters and teachers and contribute to their retirement savings.

My personal bug-a-boo in this area involves 401K fund selection. Individual employees like myself are at the mercy of what is provided by my company's retirement plan, which in turn is at the mercy of what the "financial services" industry is willing to provide. And, naturally, most of that industry wants to provide high-fee, poorly-run funds which take my hard-earned savings and send a depressingly large amount of it to the plan servicing company's executives.

But as MacKenzie points out, it's important to keep your eye on the overall picture here:

The right question to ask about high-frequency trading is not just whether high-frequency traders are good or bad, or whether they add liquidity to the markets or increase volatility in them, but whether the entire financial system of which they are part is doing what we want it to do. Of course, we want it to do several things, but I’d say that high on the list should be putting people’s savings to the socially most productive uses, while preventing too much of those savings being wasted along the way.

Speaking a couple of years ago to Bloomberg Businessweek about the new, faster cables, such as those planned by Hibernia, Manoj Narang, founder of the HFT firm Tradeworx, commented: ‘Nobody’s making extra money because of them: they’re a net expense … All they’ve done is impose a gigantic tax on the industry and catalyse a new arms race.’ The chief economic characteristic of an arms race is that all the participants have to spend more money, and none of them ends up any better off because of it.

The world financial system is capable of great wonders, but also capable of great devastation (witness 2008, after all).

Somewhere in there is the possibility of a system whose power is harnessed, but whose threat is contained.

And the road to that hopeful future lies in the work of clear-thinking writers like MacKenzie, who take the time to study the details and understand them and explain them to people like me so we can think about them.

So if this is a topic that interests you, I recommend you read MacKenzie's article in full.

Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-08

Mon, 2014-09-08 18:58
Categories: FLOSS Project Planets

James Duncan: First thoughts on the Apple watch event

Mon, 2014-09-08 17:00

I can’t help to join everyone who says this: The new WATCH is about time about as much as the iPhone is about making phone calls. Sure, it does so nicely and in a way that’s in truly in the spirit of the first watches which miniaturized technology to put it as close to you as possible, not just be a vehicle for being something pretty you wear. But, as a really natural progression in wearable computing, it’s so much more than that. Sure, Apple’s not first. They rarely are for any particular point technology. Google, Samsung, LG, and Motorola really worked hard to get their entries out there before now. But, if it truly lives up to its promise, Apple’s new watch brings a level of competence to the wearable space that’s unprecedented and very welcome.

The UI is really impressive. In particular, I was not expecting the use of the crown as a UI navigation element. I also love the way you can move around the universe of your apps. I want Springboard on iOS to be more like that.

Like Brent, I want one. I want Katerina to have one. I can’t wait to tap out little haptic messages to people close to me. I want to build software for it. I want to explore this space. I’m currently working on a Android project and having a lot of fun with it, but… Maybe soon.

As to the new iPhone, big or medium. I could go either way. The big might be too big. Then again, might not. I really want to hold ’em in hand to know. My gut feel is that if I were to buy a new iPhone right now, it’d be the regular iPhone 6.

And finally, on the topic of the presentation itself: I love that Apple put a lot of effort into their website for streaming the presentation and information around it in real time. It sucks that the live streaming was so messed up. It also sucks that the Apple website itself seemed to fall over a few times. Some number of people had a really bad day at work today. On the other hand, the new flatter website look and feel is really nice. So there’s that.

via permalink
Categories: FLOSS Project Planets

James Duncan: Prelude to the big Apple event

Mon, 2014-09-08 17:00

Is it a watch because it’s pretty and displays the time? Is it a watch because it’s on your wrist? Or does it have as much to do with a watch as the iPhone has with being a phone? It’s almost time to find out, and John Gruber weighs in with his thoughts.

via permalink
Categories: FLOSS Project Planets

Ben Laurie: Smoked Duck Breasts

Mon, 2014-09-08 13:55

I’ve recently started experimenting with smoking. First experiment was lamb bacon, but that’s going to take some refining – it was good, but I’m sure it could be better. Recipe once refined.

Todays’ was smoked duck breasts.

Marinade the duck breasts for 2 days in red wine, sugar, salt, pepper and chinese five spice. Smoke (I use a ProQ Frontier) with apple wood (half a smoking box full) and lapsang souchong tea (contents of four teabags) at 125C for 3-4 hours.

Categories: FLOSS Project Planets

Ben Laurie: Smoked Duck Breasts

Mon, 2014-09-08 13:55

I’ve recently started experimenting with smoking. First experiment was lamb bacon, but that’s going to take some refining – it was good, but I’m sure it could be better. Recipe once refined.

Todays’ was smoked duck breasts.

Marinade the duck breasts for 2 days in red wine, sugar, salt, pepper and chinese five spice. Smoke (I use a ProQ Frontier) with apple wood (half a smoking box full) and lapsang souchong tea (contents of four teabags) at 125C for 3-4 hours.

Categories: FLOSS Project Planets

Matt Raible: Getting Started with JHipster on OS X

Mon, 2014-09-08 12:36

Last week I was tasked with developing a quick prototype that used AngularJS for its client and Spring MVC for its server. A colleague developed the same application using Backbone.js and Spring MVC. At first, I considered using my boot-ionic project as a starting point. Then I realized I didn't need to develop a native mobile app, but rather a responsive web app.

My colleague mentioned he was going to use RESThub as his starting point, so I figured I'd use JHipster as mine. We allocated a day to get our environments setup with the tools we needed, then timeboxed our first feature spike to four hours.

My first experience with JHipster failed the 10-minute test. I spent a lot of time flailing about with various "npm" and "yo" commands, getting permissions issues along the way. After getting thinks to work with some sudo action, I figured I'd try its Docker development environment. This experience was no better.

JHipster seems like a nice project, so I figured I'd try to find the causes of my issues. This article is designed to save you the pain I had. If you'd rather just see the steps to get up and running quickly, skip to the summary.

The "npm" and "yo" issues I had seemed to be caused by a bad node/npm installation. To fix this, I removed node and installed nvm. Here's the commands I needed to remove node and npm:

sudo rm -rf /usr/local/lib/node_modules sudo rm -rf /usr/local/include/node sudo rm /usr/local/bin/node sudo rm -rf /usr/local/bin/npm sudo rm /usr/local/share/man/man1/node.1 sudo rm -rf /usr/local/lib/dtrace/node.d sudo rm -rf ~/.npm

Next, I ran "brew doctor" to make sure Homebrew was still happy. It told me some things were broken:

$ brew doctor Warning: Broken symlinks were found. Remove them with `brew prune`: /usr/local/bin/yo /usr/local/bin/ionic /usr/local/bin/grunt /usr/local/bin/bower

I ran brew update && brew prune, followed by brew install nvm. Next, I added the following to my ~/.profile:

source $(brew --prefix nvm)/

To install the latest version of node, I ran the commands below and set the latest version as the default:

nvm ls-remote nvm install v0.11.13 nvm alias default v0.11.13

Once I had a fresh version of Node.js, I was able to run JHipster's local installation instructions.

npm install -g yo npm install -g generator-jhipster

Then I created my project:

yo jhipster

I was disappointed to find this created all the project files in my current directory, rather than in a subdirectory. I'd recommend you do the following instead:

mkdir ~/projectname && cd ~/projectname && yo jhipster

Before creating your project, JHipster asks you a number of questions. To see what they are, see its documentation on creating an application. Two things to be aware of:

In other words, I'd recommend using Java 7 + (cookie-based authentication with websockets) or (oauth2 authentication w/o websockets).

After creating my project, I was able to run it using "mvn spring-boot:run" and view it at http://localhost:8080. To get hot-reloading for the client, I ran "grunt server" and opened my browser to http://localhost:9000.

JHipster + Docker on OS X

I had no luck getting the Docker instructions to work initially. I spent a couple hours on it, then gave up. A couple of days ago, I decided to give it another good ol' college-try. To make sure I figured out everything from scratch, I started by removing Docker.

I re-installed Docker and pulled the JHipster image using the following:

sudo docker pull jdubois/jhipster-docker

The error I got from this was the following:

2014/09/05 19:43:38 Post http:///var/run/docker.sock/images/create?fromImage=jdubois%2Fjhipster-docker&tag=: dial unix /var/run/docker.sock: no such file or directory

After doing some research, I learned I needed to run boot2docker init first. Next I ran boot2docker up to start the Docker daemon. Then I copied/pasted "export DOCKER_HOST=tcp://" into my console and tried to run docker pull again.

It failed with the same error. The solution was simpler than you might think: don't use sudo.

$ docker pull jdubois/jhipster-docker Pulling repository jdubois/jhipster-docker 01bdc74025db: Pulling dependent layers 511136ea3c5a: Download complete ...

The next command that JHipster's documentation recommends is to run the Docker image, forward ports and share folders. When you run it, the terminal seems to hang and trying to ssh into it doesn't work. Others have recently reported a similar issue. I discovered the hanging is caused by a missing "-d" parameter and ssh doesn't work because you need to add a portmap to the VM to expose the port to your host. You can fix this by running the following:

boot2docker down VBoxManage modifyvm "boot2docker-vm" --natpf1 "containerssh,tcp,,4022,,4022" VBoxManage modifyvm "boot2docker-vm" --natpf1 "containertomcat,tcp,,8080,,8080" VBoxManage modifyvm "boot2docker-vm" --natpf1 "containergruntserver,tcp,,9000,,9000" VBoxManage modifyvm "boot2docker-vm" --natpf1 "containergruntreload,tcp,,35729,,35729" boot2docker start

After making these changes, I was able to start the image and ssh into it.

docker run -d -v ~/jhipster:/jhipster -p 8080:8080 -p 9000:9000 -p 35729:35729 -p 4022:22 -t jdubois/jhipster-docker ssh -p 4022 jhipster@localhost

I tried creating a new project within the VM (cd /jhipster && yo jhipster), but it failed with the following error:

/usr/lib/node_modules/generator-jhipster/node_modules/yeoman-generator/node_modules/mkdirp/index.js:89 throw err0; ^ Error: EACCES, permission denied '/jhipster/src'

The fix was giving the "jhipster" user ownership of the directory.

sudo chown jhipster /jhipster

After doing this, I was able to generate an app and run it using "mvn spring-boot:run" and access it from my Mac at http://localhost:8080. I was also able to run "grunt server" and see it at http://localhost:9000

However, I was puzzled to see that there was nothing in my ~/jhipster directory. After doing some searching, I found that the docker run -v /host/path:/container/path doesn't work on OS X.

David Gageot's A Better Boot2Docker on OSX led me to svendowideit/samba, which solved this problem. The specifics are documented in boot2docker's folder sharing section.

I shutdown my docker container by running "docker ps", grabbing the first two characters of the id and then running:

docker stop [2chars]

I started the JHipster container without the -v parameter, used "docker ps" to find its name (backstabbing_galileo in this case), then used that to add samba support.

docker run -d -p 8080:8080 -p 9000:9000 -p 35729:35729 -p 4022:22 -t jdubois/jhipster-docker docker run --rm -v /usr/local/bin/docker:/docker -v /var/run/docker.sock:/docker.sock svendowideit/samba backstabbing_galileo

Then I was able to connect using Finder > Go > Connect to Server, using the following for the server address:


To make this volume appear in my regular development area, I created a symlink:

ln -s /Volumes/jhipster ~/dev/jhipster

After doing this, all the files were marked as read-only. To fix, I ran "chmod -R 777 ." in the directory on the server. I noticed that this also worked if I ran it from my Mac's terminal, but it took quite a while to traverse all the files. I noticed a similar delay when loading the project into IntelliJ.


Phew! That's a lot of information that can be condensed down into four JHipster + Docker on OS X tips.

  1. Make sure your npm installation doesn't require sudo rights. If it does, reinstall using nvm.
  2. Add portmaps to your VM to expose ports 4022, 8080, 9000 and 35729 to your host.
  3. Change ownership on the /jhipster in the Docker image: sudo chown jhipster /jhipster.
  4. Use svendowideit/samba to share your VM's directories with OS X.
Categories: FLOSS Project Planets

Matthias Wessendorf: Apache Mesos and Marathon for UnifiedPush Server and WildFly

Mon, 2014-09-08 11:55

After reading a bit about Apache Mesos I wanted to play a bit with it. If you don’t know what Mesos is, it’s a cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks.

During reading up on Apache Mesos I ran into the Marathon framework, developed by the folks atMesosphere. Marathon is a nice tool to manage tasks on Apache Mesos. The Github repo says:

Marathon is an Apache Mesos framework for long-running applications. Given that you have Mesos running as the kernel for your datacenter, Marathon is the init or upstart daemon.

Installation of Apache Mesos

The folks at Mesosphere did a great job writing up different installation guides. As a Mac user, I did follow this installation. The guide helps on installing the required components of the setup:

  • Apache Zookeeper
  • Apache Mesos
  • Mesosphere’s Marathon
Running WildFly and the AeroGear UnifiedPush Server on Apache Mesos

Once the above setup is done and your Apache Mesos system is running, it’s pretty simple to launch a WildFly server and deploy the UnifiedPush Server to it.

Download the following bundles and place them somewhere into your hosted infrastructure:

Now you need to save this JSON:

to a file and submit it to the Marathon server, using curl:

curl -i -H 'Content-Type: application/json' -d @unifiedpush-server.json localhost:8080/v2/apps

After Apache Mesos is done with downloading the artifacts from the uris section, it performs the steps chained in the cmd section. This is basically a set of shell commands that copy the UnfiedPush Server and its database file to a WildFly, which uses a PORT provided by the custer manager, instead of the default 8080 http port.

You are done – that’s all you need. On the Marathon UI you now see the URL and the PORT of the WildFly, containing the UnifiedPush Server:


Have fun with WildFly and the UnifiedPushServer on Apache Mesos!

Categories: FLOSS Project Planets

Bryan Pendleton: Fabiano Caruana at Sinquefield 2014

Sun, 2014-09-07 12:04

The chess world is abuzz with the extraordinary performance of Fabiano Caruana at this year's Sinquefield Cup:

  • On Chess: St. Louis Witnessing Chess History-As-It-Happens At Sinquefield CupThe 2014 Sinquefield Cup, the global super-tournament now in progress in the Central West End, had already been prepared to leave its mark in time. Headlined by reigning World Chess Champion GM Magnus Carlsen, along with five other of the world’s top-10 International Grandmasters, the event was set to become a part of chess lore even before its first move: The six-player field is the strongest-rated ever, averaging a 2802 strength never seen in the game’s 1,500-year history.
  • Caruana Demolishes Topalov, Increases Lead AgainCaruana began his second time around the field, but so far it's looking the same as the first. A mere 31 moves and barely three hours was all it took to take out GM Veselin Topalov in round six.
  • Grande! Mostruoso! Fabiano Caruana is at 7,0/7 at Sinquefield CupDay after day the Italian-American superstar Fabiano Caruana is making history. Fabulos Fabiano aka Fabi is now at 7,0/7 in the strongest ever chess tournament, the Sinquefield Cup, breaking every expectation, shattering even the bravest predictions.

    With his victory in round 6 he surpassed the 5,0/5 start of Ivanchuk at Mtel Masters 08, with the victory today another achievement remains behind – the 6,0/6 of Karpov in Linares 1994. The modern times of chess have a new king, king Fabiano Caruana. One has to look back to 1968 where in Wijk Aan Zee the legendary Korchnoi started with 8,0/8. The times now are so different and the competition so fierce that already Fabiano’s success can be proclaimed as the most memorable streak in the history of chess.

  • Sinquefield Cup Round 8: The Streak Ends, But Caruana Clinches Tournament Victory With Two Rounds To SpareIn today's game he was close to a win against Carlsen, but 26. 0-0 let the foot off the gas and Carlsen scraped his way to a drawish ending, one which Caruana didn't seem too intent to try to win. From the perspective of tournament victory, a draw was sufficient, and for all his strength and ambition even Carlsen cannot hope to make up a three point deficit in the two remaining rounds.
  • Undefeated Caruana Wins Sinquefield Cup by Three PointsFabiano Caruana finished the 2014 Sinquefield Cup with a solid draw against Levon Aronian to end the highest-rated tournament in history with a magnificent 8.5/10 -- three points ahead of his nearest follower, the World Champion GM Magnus Carlsen.
  • Fabiano Caruana wins Sinquefield Cup with stunning performanceThere are only two historic precedents for such a runaway start in an elite event. Long ago at Avro 1938 Reuben Fine began with 5.5/6 against a sextet who included four world champions – José Capablanca, Alexander Alekhine, Max Euwe and Mikhail Botvinnik. And at Linares 1994 Anatoly Karpov began 6-0 before drawing in round seven with Garry Kasparov. Karpov finished with 11/13 in what was widely considered the best tournament performance of all time.
Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-06

Sat, 2014-09-06 18:58
  • ‘The very first release of Gmail simply used spamassassin on the backend’

    Excellent. Confirming what I’d heard from a few other sources, too ;) This is a well-written history of the anti-spam war so far, from Mike Hearn, writing with the Google/Gmail point of view:

    Brief note about my background, to establish credentials: I worked at Google for about 7.5 years. For about 4.5 of those I worked on the Gmail abuse team, which is very tightly linked with the spam team (they use the same software, share the same on-call rotations etc). Reading this kind of stuff is awesome for me, since it’s a nice picture of a fun problem to work on — the Gmail team took the right ideas about how to fight spam, and scaled them up to the 10s-of-millions DAU mark. Nicely done. The second half is some interesting musings on end-to-end encrypted communications and how it would deal with spam. Worth a read…

    (tags: gmail google spam anti-spam filtering spamassassin history)

  • The FBI Finally Says How It ‘Legally’ Pinpointed Silk Road’s Server

    The answer, according to a new filing by the case’s prosecution, is far more mundane: The FBI claims to have found the server’s location without the NSA’s help, simply by fiddling with the Silk Road’s login page until it leaked its true location.

    (tags: fbi nsa silk-road tor opsec dread-pirate-roberts wired)

Categories: FLOSS Project Planets