Istio, Service Mesh, Updates

Hello folks! This blog is so quiet lately… I just wanted to give you an update on what I am doing these days. So…

Istio Logo

Istio project

Since December2017 /January 2018 I’ve switched teams at Red Hat, and started working with Istio. Istio is a tool/platform that helps us to deliver micro-services, in a number of different aspects. I intend to write more posts on that. Meanwhile, you can find out more about Istio on their website. Trust me, it’s a wonderful tool to give a look at, if you’re somehow involved or planning to enter in this micro-service world, be you dev or ops :).

So far our work has been mainly in understanding the benefits of Istio when used on top of Kubernetes and Openshift (Red Hat’s improved and supported version of Kubernetes). This means that we have been mostly involved in downstream tasks, like creating CentOS and RHEL RPM binaries and container images, although we are already contributing with upstream, community effort. The plans are to get much more involved in the community in a soonish timeframe.

Events

Last december I attended Kubecon US in Austin, Texas. It was my first immersion on Istio, given there were a IstioCon, a pre-event of Kubecon with a bunch of talks and workshop. Last May I attended Kubecon EU, in Copenhagen, Denmark. All talks are freely available on CNCF channel on YouTube. Check them out! It is definitively a great material to keep up with latest and greatest stuff that’s happening out there, not only in Istio world, but in the whole Kubernetes ecosystem.

Last April I attended a great Brazilian conference – The Developers Conference (TDC) – in Florianópolis and spoke about Container Ecosystem – alternatives to Docker (CRI-O, Buildah, Podman, etc).

In July I’ll be speaking at TDC again, this time in São Paulo. I’ll give two talks about Istio and one on Containers Ecosystem, mostly the same I gave on previous TDC in Florianópolis. This event is already such a success that organizers had to duplicate some tracks in order to be able to handle so many attendees. Therefore, my talks about Istio on the microservices track (Introduction to Service Mesh with Istio) and devops track (How Istio facilitates A/B deployments on micro-services) will be duplicated and I will give two of each, giving a total of 5 talks! I hope to have enough swags for so many talks!

In August I’ll be traveling to Boston, MA to attend the very first Devconf to be held in the US! I’ll be speaking about Istio there as well.

There is more to come, I’d guess, due to the amount of hype and momentum that Istio/Service Mesh is having everywhere.

Plans

So, my plans are to blog regularly about the cool stuff we are doing around Istio, and how it can be used to improve the micro-services deployments, making admins and developers’ lives easier!

See you soon!

Fedora 26 not connecting to wireless

This is a quick hint in case you suffer from the same issue I had while installing Fedora 26 (alpha).

The installer didn’t manage to connect to my wireless router, a D-Link one. More specifically, it was not getting an IP address from the router. Some problem with DHCP it seems.

If that’s the case, open a terminal (press the Windows key, then type “Terminal” and hit Enter), and type the following command:

sudo sh -c 'echo "send dhcp-client-identifier = hardware;" > /etc/dhcp/dhclient.conf'

Then reconnect to your wireless network. After the first boot – when the system is installed – repeat the command above, just once.

By the way, this is not a new issue. I experienced this on Fedora 25, but curiously at the time the installer (the live system actually) worked fine. Just the installed system suffered from it. Now, with F26, it happened since the beginning. Here’s the bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1154200.

Hope that helps, happy Fedora!

GNOME Release Party – Success! Hands on soon?

Hey guys, last Saturday we had our [first?] GNOME Release Party here in São Paulo, Brazil. It was very, very productive and most importantly, fun!

Georges already blogged about it, check it out!

Also, we had a feeling that another event, with a more hacking focus would be interesting. So, I setup a meetup in order to see if there are enough people interested in such a hands-on event 🙂

Updates on Timezone extension

Hey, this is a quick post to show the improvements the Timezone extension for GNOME Shell has received since it was born a couple of weeks ago.

  • Support avatars from Gravatar.com and Libravatar.
  • Support GitHub profile. We fetch people’s name, city and avatar from there.
  • Ability to specify a location for people.json file. We support even remote files (e.g.: http://example.com/people.json). This way a whole team can share this file and use a single copy of it!

Here’s a simple people.json file showing the new features:

[
  {
    "github": "jwendell",
    "tz": "America/Sao_Paulo"
  },
  {
    "name": "Niel",
    "gravatar": "niel@example.com",
    "city": "Cape Town",
    "tz": "Africa/Johannesburg"
  }
]

Screenshots:

Summary at the bottom. Clicking will open the preferences dialog
Preferences dialog

Timezone extension for GNOME Shell

I’d like to share with you my first GNOME Shell extension, Timezone: It helps people like me, who work in a distributed (global) team and need to know where and when their coworkers are.

screenshot

It reads a JSON file containing all people data and renders them into a nice overview organized by timezone. See all relevant information on its page: https://github.com/jwendell/gnome-shell-extension-timezone.

Please, install, test it and report any issue you find. Hope it’s useful to anyone as it is for me 🙂

New job: Red Hat

Hello!

It’s with great pleasure that I announce that since last December I am working at Red Hat! I’ve already updated my Linkedin profile but forgot to blog about it 🙂 .

It’s not a secret to anyone that I always admired Red Hat and that I think it is one of the best places to work for people like me, who loves Open Source. So, I consider this a big step in my life and career!

First day
First day in São Paulo office

I’m working in the Cloud Enablement team, which is responsible to bring Middleware products (JBoss, etc) to Red Hat’s PaaS, Openshift. That’s called xPaaS. It’s a entire new world to me: Docker, Kubernetes, Openshift, JBoss, etc… and at the same time it’s a very exciting moment.

I’m still living in São Paulo, but working from home now, which gives me some opportunities 🙂 .

Raleigh
Last week in Red Hat Headquarters

In other news, I’m now an Emeritus Member of the GNOME Foundation. This means that I’m quite a few time without substantial contributions to the project. Sad 🙁 . The good news is that working at Red Hat I’m closer than ever to contribute to Open Source projects! I hope to be back to the game soon 🙂

Hey, talking about cloud… Old but gold:

Systemd journal: What does “systemd-journal: Suppressed N messages from /system.slice/…” mean?

Under pressure, my system was generating lots of messages like this:

# systemctl -l status systemd-journald.service
Jun 24 13:47:23 localhost systemd-journal[155]: Suppressed 15460 messages from /system.slice/...

This means the system is generating lots of messages and journal is configured to drop some of them. This is called rate limit, and is useful to not overload the logging system.

Sometimes, however, you just want to get all messages, or perhaps increase these limits. This can be achieved by setting the variables RateLimitInterval and RateLimitBurst inside the config file /etc/systemd/journald.conf.

Quoting the man page for journal: To turn off any kind of rate limiting, set either value to 0.

Linux: Getting rid of “net_ratelimit: N callbacks suppressed” messages

Linux has a mechanism to avoid a DoS attack – with regard to logging – called rate limit. Every message logged by the kernel (including its modules), with printk(), is checked if it’s allowed to be actually printed through this mechanism.

The limits can be configured by tuning the files /proc/sys/kernel/printk_ratelimit and /proc/sys/kernel/printk_ratelimit_burst. In my machine, the values for these files are 5 and 10, respectively, meaning: It’s allowed 10 messages every 5 seconds. Exceeding this will make the kernel discard the message and print something like “ratelimit N: callbacks suppressed”.

However, the networking code in the kernel has its own limit configuration. They obey the same logic above, they use a different path just to allow independence from the generic logging functions. The files are: /proc/sys/net/core/message_cost and /proc/sys/net/core/message_burst. They are similar to their generic “parents” mentioned above.

The message_cost file contains the interval and message_burst contains the maximum number of messages allowed in that interval.

To disable this mechanism and allow every message to be logged, simply set the interval to 0:

# sysctl -w net.core.message_cost=0

Write “net.core.message_cost=0” to /etc/sysctl.d/some-file to make this change persistent to reboots.

This will make the message “net_ratelimit: N callbacks suppressed” go away. It’s up to you do disable this mechanism. Sometimes it’s just necessary, right?