Terraform

Terraform is a web infrastructure orchestrator. We started using it at Unknown Worlds recently, and it seems like The Way of handling deployment of complex infrastructure.

Here are the basic components of the dev cycle:

  • Infrastructure specification using HashiCorp Configuration Language
  • API calls to the provider (AWS, GCP, Azure etc)
  • Provisioning – managing the software and environment on provided infrastructure
  • Saving the state of the infrastructure. This is what makes the “cycle” possible – you can iterate on your scripts, and Terraform will remember the previous state of the infrastructure in a state file

Documentation URL: https://developer.hashicorp.com/terraform
You can find Terraform CLI install instructions here: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
You might also want to install AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html

Here’s an example of an AWS-hosted infrastructure that could host a website, WordPress or something like it:

Terraform’s the tool to make it work quickly! Each element can be described in a great detail, the dependencies and relations are possible to describe in a clean way, and Terraform should be able to validate it all.

Basic commands:

  • terraform init is used to initialize Terraform and download all dependencies
  • terraform plan is used to verify the access credentials and validate steps
  • terraform apply is used to apply the changes to target environment
  • terraform fmt . is used to format code
  • terraform destroy can be used to easily delete non-production environments. Production environments should be protected about this! See https://developer.hashicorp.com/terraform/cli/commands/destroy

Here are some random notes:


Linux Shell Scripting Cookbook

My book Pile of Shame became my tormentor. Recently I’m catching up with it just to get some closure. Most recent book I’ve read was waiting for over 10 years. Shame! I always had something better to read…

Linux Shell Scripting Cookbook by Sarath Lakshman is exactly what the title says. The book presents quite a few useful recipes to common problems. On top of that we’ll find some bash scripting basics and introduction to other common concepts.

I didn’t find much new stuff in it, but that was to be expected. Sadly, the way the book was written is pretty frustrating. One third of it are useless, repetitive descriptions and introductions. When you get over it, it might be a pretty decent read.

Here are some highlights of commands I’m not using often enough, for my own reference:

  • xargs
  • diff/patch
  • tree
  • grep (xD)
  • got to start using curl instead of wget
  • netstat
  • time
  • watch

Nonviolent communication

Another read recommended in Unknown Worlds Slack. You’ll probably hear that “everyone should read it”. I’m sure that magical solutions do not exist, but it turned out that Marshall Rosenberg’s book is very close to that.

NVC is a process that enables empathic collaboration. It can be used to handle very complex issues, like mediation. I’d call it a special language that requires a lot of practice, time and consciousness. Sadly, I’m not very good at keeping language skills when not using them on a daily basis (sobs in German). I’ll probably have to re-read the book to make some good notes about the most important stuff.

The most important takeaway for me was not the communication with others, but… internal dialogue. I think of myself as a kind person, so I didn’t have to work on the basics. Thanks to NVC I now remember about one thing when talking to others – their point of view. That changes a lot. It’s easier to understand the reasoning and wording of other people.

Back to the internal dialogue thing! The book showed me something that I never considered – I’m too hard on myself. I was raised in a way that makes my life hard sometimes, and the book helped me realize that. I’ve read it a few months back, and now I’m sure I have to revisit it soon…

Think like a game designer

Charlie Cleveland recommended this read to the UW team. I wasn’t ever interested in game design, so I decided to finally change that and check out the book. Justin Gary’s work has a subtitle “the step-by-step guide to unlocking your creative potential”. I never had any great game ideas, so I doubted that.

After reading it I had to admit that I was surprised. Gary’s systematic apporach to design seems like a no-nonsense approach that could produce game ideas that could be easily verified. I wish I had time to verify that, haha.

Contents, for future reference:

Part I Understanding Design 19
Chapter 1 Learning Fundamentals 21
Chapter 2 Getting Started 25
Chapter 3 Overcoming Obstacles 35

Part II Learning the Core Design Loop 39
Chapter 4 The Steps of the Core Design Loop 41
Chapter 5 Inspiring 43
Chapter 6 Framing 53
Chapter 7 Brainstorming 59
Chapter 8 Prototyping 69
Chapter 9 Testing 77
Chapter 10 Iterating 85

Part III Refining Your Designs 91
Chapter 11 The Phases of Design 93
Chapter 12 Engine Design 101
Chapter 13 Engine Development 113
Chapter 14 Component Design 119
Chapter 15 Component Development 125
Chapter 16 Polish 131

Part IV Building Great Games 143
Chapter 17 What Makes Games Great? 145
Chapter 18 Elegance 147
Chapter 19 Excitement 155
Chapter 20 Depth 161
Chapter 21 Motivation 169
Chapter 22 Engagement 177

Part V Making Money 185
Chapter 23 Monetizing Games 187
Chapter 24 How to Be a Professional Game Designer 193
Chapter 25 How Can I Get My Game Published? 197
Chapter 26 Game Business Models 203
Chapter 27 How to Make Games That Last 211
A Final Note: Living the Lessons 217

Ansible in an hour

I stumbled upon a nice server automation course made by an expert I follow. I don’t do many tedious, repeatable tasks in my daily work, but I wanted to prepare for future.

Ansible is useful for bulk server configuration, application deployment, and other automation tasks. The course I finished is very compact, but it explains the most important topics:

  • Prepping Ansible for use (installation, management node, inventories)
  • Ad-hoc modules (running commands on all servers)
  • YAML configs (playbooks)
  • Facts, variables
  • Playbook creation (generating SSH keys, using variables, loops, groups, creating users, conditionals, file operations, tags, templates, firewall config)
  • External roles (using playbooks from Ansible Galaxy, Docker containers)
  • Creating own roles (complete web server setup example)
  • Ansible Lint (config validation)
  • Ansible Dynamic Inventory (useful for large server farms)
  • Ansible Vault (credentials storage)
  • Ansible AWX (free counterpart of Ansible Tower; a web interface for playbook management)

Looks like a quite useful, pretty complex tool. Sadly, most of the Linux servers I use are handled by Laravel ecosystem tools, so I might need to wait a while before putting Ansible to use.

New laptop – ASUS ROG Zephyrus G14

After 8 years with MacBook Air I had to upgrade it. The main reason was the urge to back to Windows ecosystem. I still think that no serious work can be done on MacOS.

Anyway, after some research I wanted to get something with 14″ screen and with Ryzen 9 from 6000 series (great performance when needed + superior energy saving features). I had to place the order in July/August 2022, and my options were… none! I wanted a Lenovo ThinkPad, but they’re just not available. I saw Asus laptops showing up briefly in some shops and I was able to snipe something that had almost everything I wanted.

Some raw specs:

  • Model: GA402RK – L8152W
  • CPU: AMD Ryzen 9 6900HS (8 cores, 16 threads, 3.30–4.90 GHz, 20 MB cache)
  • GPU: AMD Radeon 680M with 8GB GDDR6
  • RAM: 32GB (DDR5, 4800MHz)
  • Storage: 1TB NVMe (upgradeable)
  • Screen: 14″ mat LED IPS, 2560 x 1600, 120Hz
  • Weight: 1720g
  • Two power supply units provided (lighter USB-C for travel + heavier dedicated one for performance)

It arrived in a nice, premium packaging. I had to charge it before first run. The build quality is good, but not nearly what Apple provides. It has 4 speakers, but the sound quality is super bad, compared to a 8 year old MacBook Air.

It comes with Windows 11 Home, so I’ll have to upgrade it to Pro at some point. It took quite a bit of time to set up the very basics, which was annoying. I still can’t get it to properly enter power saving mode when I close it, so it uses 1% battery per hour if I don’t power it off. The on-case bling bling display is just annoying. I’m uses to high-end Razer mechanical keyboards, so I was underwhelmed with the feel of the one I got with the laptop. That pretty much sums up the downsides.

On the good side – the screen is great, camera is decent, and performance is really, really good. With my average use the battery lasts 5 hours. I can get over the small issues I pointed out above, so in the end I’m pretty happy with this laptop.

Raspbian Stretch, WiFi and TP-Link TL-WN725N

Few weeks ago I had to install fresh Raspbian on my old Raspberry Pi 2B. Everything was way smoother than few years ago, when I bought it. The only annoying issue I had was getting the WiFi to work properly. My TP-Link card (TL-WN725N) had it’s diode indicating that it’s operational, but Raspbian couldn’t find any networks.  I saw the OS recognizing the card, and after scanning for SSIDs, I saw my network. It was pretty weird – Raspbian still wouldn’t connect to them. After few hours of googling and trying few solutions, I found two sources with tips that helped me.  Here they are:

Reference #1

Reference #2

Plastic SCM and binlog issues

Plastic server in our company is backed up in several ways. One of them is MySQL replication, simple master -> slave setup. One day the error above (logging format issues) popped up. Thankfully, the fix was pretty simple, but it took some time to find it.

Firstly, you need to stop the MySQL slave. Execute “STOP SLAVE;” command in MySQL console to do it.

Secondly, run the commands below on the master’s MySQL console:

FLUSH TABLES WITH READ LOCK;
FLUSH LOGS;
SET GLOBAL binlog_format = 'MIXED';
FLUSH LOGS;
UNLOCK TABLES;

Remember to set the binlog format in the master’s config file!

The last step is to start the slave replication. That’s it!

Jenkins, SSL, and cPanel

Straight to the point. The basic idea is to hide Jenkins behind an Apache reverse proxy. I’m using cPanel on CentOS – and cPanel doesn’t like fiddling with httpd.conf. You’ll find lines like this in it:

# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2_4/user/domain.com/*.conf"

I created two config files – I want to set up proxy and redirect non-HTTPS requests to HTTPS:

"/usr/local/apache/conf/userdata/ssl/2_4/user/domain.com/ssl.conf":
ProxyRequests     Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode

<Proxy *>
 Order deny,allow
 Allow from all
</Proxy>

ProxyPass         /  http://localhost:8080/ nocanon
ProxyPassReverse  /  http://localhost:8080/

RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
"/usr/local/apache/conf/userdata/std/2_4/user/domain.com/redirect.conf"
RewriteCond %{REQUEST_URI} !^/.well-known
RewriteRule (.*) https://jenkins.domain.com/$1 [R=301,L]

After that, run commands to refresh the configs and restart Apache:

$ /usr/local/cpanel/bin/apache_conf_distiller --update
$ /usr/local/cpanel/bin/build_apache_conf
$ service httpd restart

And we’re done!

UPDATE – iptables rule to block port 8080 traffic outside of localhost:

iptables -A INPUT -p tcp --dport 8080 -s localhost -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP

Hardware update: GTX 1070

Few days ago I got an GFX upgrade: I bought a GeForce GTX 1070 by MSI, thanks to @Obraxis. I’m really happy with it – price was good, I got a free copy of latest Gears of War, performance is awesome, and it does have passive mode. I had few issues with it though!

My previous GPU was a GTX 780 by Asus. It was pretty awesome too, but damn, performance got DOUBLED with the 1070! Check out the benchmark results here. Score on GTX 780 was almost exactly 3000 points.

firefox_2016-10-11_23-34-50

The big issue I had with this piece of hardware was pretty intense. Right since I logged on to my OS, I saw shit ton of artifacts. I was confused – I checked all cables and installed fresh drivers. It was a bit better, but I had to return the card on day 3. The second unit is having this issue too, but I haven’t seen it since a week ago.

After some digging, it turned out I was not going insane. MSI had to recall a whole batch of those cards released on Chineese market! But hey, I’m in Europe, right? Nope, looks like a lot of manufacturers used shitty Micron memory! Thankfully, it can be fixed with an update to card’s BIOS. Again, thanks to @Obraxis for sending me that link. After checking my card with GPU-Z, here’s what I saw:

2016-10-22_03-01-24

All in all, I’m happy with my new GPU!