monkinetic weblog

Steve Ivy's weblog, XI Ed.

My brother is a badass

My brother designs and creates graphics for trade show booths and TV backdrops. On a recent project for the US Army, his backdrop mural (all CG) triggered an interesting legal reaction:

the Army's PR department feels they have to disclaimer it in the booth that it's "a depiction, not a real photo."


2 weeks after Markbox went down, this site is now running on Markbox "lite" - boxpub.

Boxpub is a simplified, waaaaay stripped down (it's like 2 files, and could be one), reimplementation of parts of Markbox -- the parts that really solve the problem -- write a post on Dropbox, it gets published. It doesn't have to be harder than that.

Docker, Openstack, testing followup

Last week I wrote about an issue I was having with Docker and running mysql (among other things):

The issue I'm on right now is that mysql-server won't start. I tried starting (and restarting) it manually in my Dockerfile with RUN service mysql start after mysql is installed but always get a policy-rc.d error.

What I finally learned (after some research and some helpful folks in the #docker IRC) is that Docker is really designed to run a single process in a limited jail-like environment. It's not a virtual machine, which is why containers are smaller and way faster to start.

If you need to run an app with access to a variety of processes, it seems that current best practice is to boot multiple docker containers running the various services, and use docker container linking to have the services talk to each other.

As for my particular use case, I decided that I did not need a complete Openstack install in order to run my unit tests. I stripped back my provisioning script to only install the base debian packages and the Openstack Dashboard packages, which installs the dashboard unit testing frameworks and mock data that my tests depend on. I can thenn run my tests and pull out the results for processing.

Docker, Openstack, policy-rc.d, mysqld

I'm working on building a Docker image that I can use with Jenkins to run tests on some code. That code interacts with an Openstack install in the container to run the tests.

I'm using a variation of this cloudgear install script to install Openstack, an approach that seems to work well on Vagrant VMs, but it's failing wildly in a Docker container.

The issue I'm on right now is that mysql-server won't start. I tried starting (and restarting) it manually in my Dockerfile with RUN service mysql start after mysql is installed but always get a policy-rc.d error.

invoke-rc.d: policy-rc.d denied execution of start.

I dug in and found that Docker's ubuntu includes a policy-rc.d file that simply returns 101 (not allowed) for any service that tries to start/restart after installation.

exit 101

So... not sure why this is set up this way but I'll go with it. I changed my Dockerfile to rewrite the policy-rc.d file:

RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d

The 0 return code is basically a heard-coded "yes" for installed services to run. I tried re-building my image with this new file, and while I am no longer getting the "denied execution" errors mysql still is not starting (confirmed with a couple of test operations that run after the install):

RUN apt-get install mysql-server python-mysqldb mysql-client-5.5 -y
RUN ps aux | grep mysql
RUN mysql -uroot -p<pwd> -e "show databases;"

Which return:

Step 10 : RUN ps aux | grep mysql
---> Running in c68790f9b090
root        10  0.0  0.0   4408   320 ?        R    18:56   0:00 /bin/sh -c ps aux | grep mysql
 ---> 884cb443fb98
Removing intermediate container c68790f9b090
Step 11 : RUN mysql -uroot -p<pwd> -e "show databases;"
 ---> Running in 1631e5c2edee
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
2014/07/25 18:56:28 The command [/bin/sh -c mysql -uroot -p<pwd> -e "show databases;"] returned a non-zero code: 1

I'm pretty much out of ideas now. If you've got any, please ping me at or on Twitter @steveivy.

Another View of Privilege

(See the disclaimer)

Leslie Hawthorn's recent keynote at OSCON on privilege is unassuming and powerful.

Please watch it and pay attention to this tidbit: privilege can be viewed as operating in a system where all the default settings work for you. This stuck with me, even more than John Scalzi's (also excellent) gaming metaphor (I'm not a huge gamer).

Watch and think:

A gender/privilege topic disclaimer

For future reference:

Disclaimer: I've never written about gender and privilege topics - I'm a hetero white male who grew up in a suburban, anglo, Christan, two-parent family in the 70s and 80s when such things were (to me) normal. I didn't go through much of a rebellious stage (barring a couple of years of slightly-over-drinking, hair-coloring and ear-piercings that didn't offend, literally, anyone).

As John Scalzi would put it, my life has been basically lived on the lowest difficuly setting and I've been fortunate due to no particular effort on my own part. Please forgive statements made as fact that are obvious to you to be side-effects of this phenomenon, and please feel free to get in touch with any feedback.

Easy way to temporarily kill logging in Python

Ever want to just turn off that logger for a while in Python? Maybe while running tests or debugging? Even the CRITICAL messages?

Notice that the logging level contants (logging.DEBUG etc) actually represent numeric values:

Level       Numeric value
ERROR       40
WARNING     30
INFO        20
DEBUG       10
NOTSET      0

On a whim I tried:


And bam, no logging, even the CRITICAL messages. Yes, most of you python nerds knew this, but I didn't, so I learned something at least!

Day One, Again

I'm really liking Day One. Picked it up for free yesterday and finding it fun and useful.

Neat trick: select a passage in the book I'm reading in iBooks, select "Share" > "Copy" and paste into Day One, complete with link to the book in the iBookstore.

Idea: LinkedIn Disclaimers

Fun little idea: a blog disclaimer generator based on your current LinkedIn profile.

"My opinions on [current industry] are my own and not those of [current employer]"