Friday, December 14, 2018

kubernetes pod in terminating state forever

kubectl delete pod  --force --grace-period=0

Sunday, October 14, 2018

NodeJS cleanup: clean cache or delete node_modules

From time to time node_modules accumulate changes that either delay execution or even make the program miss behave. It is a good idea from time to time to clean cache:
npm cache clean --force
Or perhaps better
rm -fr node_modules && npm i
Here is one of those cases I found that this procedure helped with. Note that this is not to say the below issue will 100% of the time be related to uncleaned node_modules:
(node:25899) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1) (node:25899) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Friday, September 28, 2018

Sunday, September 02, 2018

If your linux terminal clipboard stops working

Manipulate the X selection with xsel command. In this case "clean clipboard":
alias clear-xsel='xsel -cp && xsel -cs && xsel -cb \
        && echo Primary, secondary and clipboard X selections were cleared'

Wednesday, July 18, 2018

Best practice is the enemy of common sense

I hear this "best practice" term so much that I can't resist to ask "says who?" LOL.

When we look at any great discovery of human kind, the common denominator was actually "common sense" and in fact the so considered "best practice" at the time was actually holding further discoveries from being achieved.

With "best practice" you are guaranteed to become one more, to integrate more. With "common sense" you are guaranteed to become a different one, to differentiate more. And it is precisely there, in differentiation, where you get a competitive edge.

"Common practice" leads to a a perfect competition, stagnant, rigid and dogmatic environment. But "common sense" leads us to constant adaptation and survival that are key to achieve competitive advantage (even though such advantage is really ephemeral, unless of course everybody looks at such advantage as a "common practice" ;-)

Decimus Iunius Iuvenalis (Juvenal) apparently wrote more than 2100 years ago that "Rarus enim ferme sensus communis", meaning "Common sense is generally rare". This is the bad news for business because it is only "common sense" to expect that in the modern world of instant gratification, thinking is a hard thing to do. It is easier to go after "best practices", unfortunately.

I would go forever but I think Albert Einstein puts it in short, beautifully with "common sense": "Don't stop questioning"

Tuesday, June 05, 2018

Calendar can’t save the attachment '' to the Exchange Server - OWA, MAC Calendar and Iphone Calendar could be failing

Delete the calendar entry and start from scratch.

This has happened to me twice and in both instances it was the prelude of a bigger issue, the Exchange/Domain password expires but the error is not shown because Microsoft products cache credentials in a way that some services might still work with old passwords (caching).

In fact I have seen that the Calendar stops working even from the Outlook Web Access (OWA): I was able to interact perfectly fine with emails but my Calendar was unable to show my events.

Unfortunately this time my OWA, iPhone and MAC calendars all failed to me for three days until I realized this. Even though it was the second time it happened to me, the first time I did not realize the root cause of the problem but now I recalled this was exactly the case.

Thursday, May 31, 2018

Monday, May 28, 2018

NodeJS static code security analysis

Use the ESLint security plugin to find out potential vulnerabilities in your nodejs code and the node security package (nsp) to find vulnerabilities in your dependencies. Here is a quickest way to get an idea where you are: Install eslint and the security plugin: Have a minimal eslint-sec.json file somewhere locally. Note that there is an issue I reported with one of the rules: Without messing with your project details use the plugin to get a report of where your code is in terms of common possible vulnerabilities:
eslint --no-eslintrc -c /path/to/eslint-sec.json /path/to/project/source/code/dir/
Here is a quick intro to nsp: Up to you to automate this and include it in your pipeline. No kidding, do it!

Saturday, May 19, 2018

Saturday, May 05, 2018

Run kubernetes on specific cluster or context

First list the context:
kubectl config get-contexts
Then either switch to a context:
kubectl config use-context $CONTEXT_NAME
Or simply run each command using the --context flag. For example to list the pods in a specific cluster run:
kubectl --context $CONTEXT_NAME get pods
To avoid verbosity, create functions in ~/.profile:
kubetest() {
    kubectl --context=$TEST_CONTEXT_NAME "$@"

kubeprod() {
    kubectl --context=$PROD_CONTEXT_NAME "$@"

Friday, April 06, 2018

Removing text blocks containing repetition with Unix or Linux Power Tools

Let us illustrate the issue with an example. In the Translation Industry a TMX file is an XML representation of a translation memory (TM). This format is useful to exchange TMs. It contains translation units (tu node) with properties (prop node) with translation unit variants (tuv node) and segments (seg node) that contain the source language and the target for translation language. Many times the same segment is added again and again by the Computer Aided Translation (CAT) Tool and while useful to get more precise translations it can become a burden if you try to process such a big TMX with an open source CAT Tool like OmegaT. Since OmegaT is client side only, processing big TMX would be problematic. In such case you might want to compromise on more precise translations versus being able to use the free tool. These repetitions are mostly related to the addition of context around the specific segment (x-context-post and x-context-post seg type attribute).

The question is then how to remove the whole "tu" node containing duplicated segments and leaving just one of them (again we are losing precision in the translation output but it might be worth it because of the savings when using a free CAT Tool).

The straightforward answer would be to export the TMX from the original tool using some options provided by such tool that would allow less data to be exported, specifically ignoring context specific translations. If that is not as possibility we are left with building a tool to clean it up.

First we can get an idea of which segments are duplicated and how many times each:
cat input.tmx | grep '<seg>' \
| sort | uniq -c | sort -nr \
| grep -v '^ *1 ' > tmx-repetitions.txt
Then we can replace them by a string like DUPLICATE_NODE_PLEASE_REMOVE
cat input.tmx \
| awk '{if($0 ~ /<eg>/ && !seen[$0]++ || $0 !~ /<seg>/) print $0; \
else print "DUPLICATE_NODE_PLEASE_REMOVE"}' > input-with-marked-duplicates.tmx
Finally we can try removing the whole translation unit (tu) node with perl:
cat input-with-marked-duplicates.tmx \
| perl -0pe 's#<tu(.*?)DUPLICATE(.*?)</tu>##gs'
But if the file is big enough this won't work as expected, probably because of how perl does multiline parsing in this particular commend (in memory). This is the reason why I built open sourced bash-multiline-replace project which contains a simple bash script ( that will eliminate full blocks from start to end patterns if they contain an inner pattern.
cat input-with-marked-duplicates.tmx \
| ./ '<tu ' 'DUPLICATE' '</tu>' 

Saturday, March 24, 2018

Pdf Bash Tools - Ghostscript - Watermarks, password protection, search, split, merge and beyond

So much pdf processing that you can do including searching, splitting, merging, pdf password protection and watermarking. Yup, for free. Check and contribute to my pdf bash tools project.

Friday, March 16, 2018

Manage HP ProCurve Switches programmatically from *nix

Just released ProCurve Commander. Repeating yourself is not fun. This is not only true when it comes to management multiple switches but also to auditing them. This same idea can be used to manage Cisco switches and in general any device accessible via SSH but not friendly to remove command invocation.

Thursday, March 15, 2018

Hardening HP ProCurve HP switches

Enable SSH:
# config
(config)# crypto key generate ssh
(config)# ip ssh
(config)# show ip ssh
(config)# exit
# exit
> exit
Confirm ssh works and disable telnet:
# config
(config)# no telnet
(config)# exit
# exit
> exit
Change default users and set complex passwords:
password operator user-name 
password manager user-name 
Identify the switch:
# config
(config)# hostname "My ProCurve Switch  "

Wednesday, March 14, 2018

Java Applets in MAC OS X

Your only option is Safari, just as your only option is Internet Explorer for Windows. If the applet is insecure it won't run but you can always add exceptions at your own risk. From Apple System Preferences click on Java | Security tab | Edit Site List | Add | Apply | OK | Restart Safari.

Parsing CSV from bash

In one word csvtool.

To install it in Ubuntu:
sudo apt-get install csvtool
To install it in OS X:
brew install opam
opam init
eval `opam config env`
opam install csv
csvtool --help
To extract the second column (index 1) from sample.csv:
cat sample.csv | csvtool col 1 -
Find more from:
csvtool --help

Monday, February 26, 2018

pm2 error: unknown option `--auto-exit'

Kubernetes cluster panic!!! App down!!! Libraries changes cause these specially when you do not make sure you use specific package versions. Our docker had just the below configuration which of course will deploy latest version of pm2:
RUN npm install pm2 -g
RUN pm2 update
CMD ["pm2-docker", "start", "--auto-exit", "process.yml"]
Not only pm2-docker was renamed to pm2-runtime (a symlink still exists) but in addition the --auto-exit flag does not exist any longer. Now you need to specify --no-auto-exit if needed.

Friday, February 23, 2018

Gmail to EML Add-On Terms of Service

I have coded GMail to EML because I wanted to avoid multiple clicks to download a gmail message. While I expect this Gmail add-on to help others I cannot make myself liable for any loses. Therefore: GMAIL TO EML ADD-ON (THE SOFTWARE) IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY.

Monday, January 29, 2018

GCP VM not available via SSH - ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255]

Getting this error after upgrading a VM:
$ gcloud compute ssh myvm -- -vvv
OpenSSH_***, LibreSSL *.*.*
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to *.*.*.* [*.*.*.*] port *.
debug1: connect to address *.*.*.* port *: Connection refused
ssh: connect to host *.*.*.* port *: Connection refused
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
Went ahead and activated the serial port access:
gcloud compute instances add-metadata myvm \
Accessed it from Google Cloud Console "Remote Access / Connect to Serial Console". Without doing anything else I was able to connect to the VM. I should assume that "Connect to Serial Console" restarts ssh.

Not using Selenium but got Error retrieving a new session from the selenium server - ECONNREFUSED

I have seen this issue in the past I believe with Protractor but today it was NightWatch which is configured to use just ChromeDriver without Selenium and yet was spitting out the below:
Error retrieving a new session from the selenium server Connection refused! Is selenium server started? { Error: connect ECONNREFUSED at Object._errnoException (util.js:1024:11) at _exceptionWithHostPort (util.js:1046:20) at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1182:14) code: 'ECONNREFUSED', errno: 'ECONNREFUSED', syscall: 'connect', address: '', port: 9515 }
The issue was an outdated chromedriver version. Check your chrome version and use the correct driver per driver from