Welcome to Dev-Doc-Ops!
It’s a space for Engineering Technologists, focusing on how to work with modular, open-source, & service-oriented architectural building-blocks, to create modern platforms for digital services.
Core interests & practices:
Public Cloud Hosting, Microservices/SOA, DevOps Delivery, Agile/SCRUM, Cyber Security/DevSecOps.
There are likely to be posts on other interesting topics too; the common thread being technology & engineering.
Using Apple Shortcuts.
I am a recent convert to Apple. It started with a personal Macbook Air, but now I am well and truely into the Apple eco-system having a bunch of their hardware.
When I swapped from Samsung/Android over to iPhone, one thing that seemed missing by default (I am willing to be corrected if wrong here) but is really useful is the ability to easily switch between playback devices, such as the iPhone itself, bluetooth headphones, and bluetooth speakers.
A cool way I have found to achieve this from my home app screen is to use the Shortcuts app/feature that you get with iOS to create your own macro-like runbooks.
Here is how I did it…
Create A Shortcut for each Device
- Opent the Shortcuts app
- Click the Plus (+) button at the top right to add a new shortcut
- In the Search for apps and actions box, type “Playback”, then select the Scripting action for Change Playback Destination
- Choose a playback device from the list
- Give your new Shortcut a name at the top of the screen
- Press the Cross (x) button at the top right of the screen to save the new shortcut
- This should take you back to the All Shortcuts screen, where you should see your newly created shortcut
- Repeat for each one of your playback devices
Create A Menu for the device shortcuts, Add to home screen
Next we create a menu linked to an app icon which we can place on our home screen.
- As we did before, in the Shortcuts app, click the Plus (+) button at the top right to add a new shortcut
- This time, search for Choose from menu in the search box and add it
- Give your new menu a promt, something like “Select Device”
- Add a menu item for each of your playback devices and give them an intuative name (so you know which option is for which device)
- Then, for each playback device, search for and add a Run shortcut action, place the action under the respective menu item, and link the action to the relevant device shortcut (created earlier)
- Now you should have a viable menu structure, with options that each set a different playback device
- The final step is to create an icon to run your new menu from the home screen. Do this by pressing the options/preference/sliders button (not sure what its exact name is), located to the immediate left of the Cross (x) at the top of the screen, and select Add to Home Screen
And hey presto! With these steps you should have created a mechanism that enables you to quickly & easily switch between your various playback devices, straight from the home screen, with a minimal number of steps involved.
Towards a working definition of a term often used in our field.
This contemplation focuses on who – or what – does the ‘work‘ in a digital service, and assumes a service provider / service consumer paradigm to said works. It conciders the space where computing meets economics; when machines are the worker and humans the overseers & engineers of said worker.
Generally speaking, an engineer can be thought of as someone – or something – that creates, builds, and makes stuff. Engineering is a re-arrangement of the form reality is taking, making order out of disorder. This applies in many fields/products such as auto-mobiles, civil works like roads and bridges, buildings, electronics, etc.
Engineering is a creative act; it brings something out of the realm of mind, of ideas, and into shared objective reality, for the betterment of life.
In the field of digital service provision, where we are dealing more with formations of electrons than atoms, one possible working definition of the term (or role) engineer is: those who (or that which) design, build, support, and improve the digital machinery that is destined to assume responsibility for completing work on behalf of the service consumer.
It takes intelligence to engineer the world around us, and if there is human engineering intelligence, then surely so too is there a possibility for a non-human engineering intelligence. Theoretically the intelligence could be human-biological-wetwear or artificial-machine-hardware in nature.
It’s worth emphasising the point that, for a digital service, consumers are sending work requests for something (work) to be done on their behalf that they cannot or will not do for themselves. These requests are then serviced by digital machines (not humans) which return a response to the consumer. Whether human or AI, engineers act upon digital machines; they do not provide the final service execution.
It is easy to confuse the human services with the digital ones. When we think of ITIL processes like Incident, Request, Change, these are human services where the digital machines are acted upon. But we should remember these human services are in support of the actual digital ones. To be a true digital service it must be provided by a digital entity, normally manifest in metal and silicon; all other acitivity is in support of the final service.
The machines (e.g. Jenkins) may themselves make other machines (i.e. app env), as in the case of CI/CD pipelines, but ultimately the purpose / mission is to service the final needs of an end consumer, or user, of such a digital service.
And of course, the final consumer of any one particular digital service can itself be human or machine in nature.
Go step-by-step accross the network. Ubuntu 20.
This is some real “bread and butter” for IT professionals.
The job of communication (i.e. payload data transmission) over a network-of-networks is a pretty complex problem. To solve this problem, network communications are broken out/down into protocol stacks; each protocol in the stack incrementally solving a part of the larger problem. The TCP/IP stack has emerged as the winner of the protocol wars, beating out the likes of SPX/IPX, AppleTalk, NetBIOS, etc. The situation is very much like VHS winning over Betamax in the videotape format war, and Blu-ray beating HD DVD in the optical disc war.
Each layer of the TCP/IP protocol stack solves a discrete part, or sub-dividision, of the communication problem, and represents an abstraction layer. Each distinct layer has its own job in getting data payload, from a running source process, one more step closer to the receiving destination process. As a helpful reminder, here are most of the the key ingredients for the internet protocol stack:
Protocol Job Application protocol (http(s), smtp, ssh, etc.) The job of the application protocol is to facilitate the actual payload data from running process on source host, to running process on destination. And thus, finally solving the communication problem. Transmissiont Control Protocol (TCP) / User Datagram Protocol (UDP) The job of TCP/UDP is to get you to the correct running process “post box” or “pigeon hole” inside of the destination host. Internet Protocol (IP) / Internet Control Messaging Protocol (ICMP) The job of IP is to get you from source host, on source network, over to destination host, on destination network. Ethernet / Wi-Fi The job of Ethernet (physical + data-link) is to get you from one side of a single network / broadcast domain to the other side (usually a gateway).
TCP/IP protocols are open, collaborative, and progressive in nature. Individual standards documentation for each protocol are maintained by the Internet Engineering Task Force (IEFT) in the form of RFCs.
Local IP Config / Protocol Stack
Check you have IP address, subnet mask, gateway, and DNS servers.
# Your filename may be different sudo vi /etc/neplan/00-installer-config.yaml ---- # This is the network config written by 'subiquity' network: ethernets: eth0: addresses: - 10.1.2.3/24 gateway4: 10.1.2.1 nameservers: addresses: - 10.2.2.41 - 10.2.3.41 search: - example.com eth1: addresses: - 10.2.3.12/24 version: 2 ---- sudo netplan apply
Check your network interface is “UP” and the IP config running against each interface looks correct.
ip a hostname -I ifconfig ifup <ethx> ifdown <ethx>
Check routing table information.
route -n ip route netstat -rn
Check your own public IP address.
Ubuntu’s Uncomplicated Firewall command is a useful front for manipulating iptables.
sudo systemctl status ufw sudo ufw status sudo ufw status verbose sudo ufw show raw sudo ufw logging on [off] cat /etc/ufw/*.rules
Ubuntu has a community wiki page for ufw.
Ultimately the destination host is reached by its IP address, but if DNS names are used then we should check they resolve to the correct IP address.
Check the DNS client’s configured name resolver servers.
nmcli device show <interfacename> | grep IP4.DNS systemd-resolve --status | grep Current cat /run/systemd/resolve/resolv.conf
Ensure your DNS name resolves to the correct IP address.
nslookup example.com # To check against Google public DNS servers nslookup example.com 22.214.171.124 [126.96.36.199]
ICMP / IP
Check the destination host IP interface is reachable, and also the route taken.
ping -c 3 188.8.131.52 ping -c www.example.com tracert 184.108.40.206 tracert www.example.com
Check connection establishment to the receiving process.
# TCP nc -z -v www.example.com 80 telnet www.example.com 22 # UDP nc -u www.example.com 443
Inspect the state of network connections and related processes.
netstat -a netstat --listening --numeric-ports --programs --tcp netstat --numeric-ports --programs | grep 443 netstat -altp netstat -tupan | grep -i http netstat -ano | findstr "10389" | findstr "["
Check TLS settings and certificate information.
openssl s_client -connect example.com:443
Check service status.
systemctl status <service_name> systemctl is-enabled <service_name> systemctl list-unit-files --state=enabled systemctl list-unit-files --state=disabled systemctl list-units --type=service [--state=running] systemctl list-units --type=service --all
Check running process status.
sudo ps -ef | grep <string>
And there you have it! Hopefully the above steps will help you travel end-to-end on the communication journey to isolate / check many of the problems that you may encounter surrounding TCP/IP networking.
If you have any thoughts or suggestions please feel free to add into the comments below or contact Andrew using details on this site’s About page – we can always update this article to include anything that has been missed.
Keep up-to-date on Tesla. Subscribe, smash the like button, & ring the bell! 🙂
Solving the Money Problem – Steven Mark Ryan
Tesla Daily – Rob Maurer
Dave Lee on Investing – Dave Lee
HyperChange – Gali
Warren Redlich – Warren Redlich
Teslafaninsight – Greg
Oracle Investments – Oracle Tim
Dr. Know-it-all Knows it all – Dr Know-it-all
Farzad Mesbahi – Farzad Mesbahi
Whole Mars Catalog – Omar Qazi
Tesla Owners Silicoln Valley – John et al.
Tesla Fans – Tesla Motors Fans
Infowealth – EV News World
Jeff Roberts – Jeff Roberts
Tobias Lindh – Tobias Lindh
flybrandenburg – tessi-supply.com
My Tesla Weekend – Brian
Munro Live – Sandy Munro et al.
The Limiting Factor – Jordan Giesige
Good Soil Investment Management – Emmet Peppers et al.
Bash on Windows.
Cygwin is an open-source tool which offers a handy way to run Linux commands from a Windows desktop.
Downoad the installer from https://cygwin.com/install.html and run it.
Select the packages you want to install on top of the base installation.
Browsing the Windows Host Filesystem
Adding Common Packages
Run the installer again.
Search for the package you want. Here are some common ones:
Package Command(s) nc nc inetutils telnet curl curl rsync rsync jq jq
Read(ing) it. Recommend it.
The Phoenix Project – Gene Kim et al.
Site Reliability Engineering – Beyer et al.
DevSecOps – Glenn Wilson.
Scrum Master – Joe Justice.
The Singularity Is Near – Ray Kurzweil.
On Ubuntu 20.
Digital certificates are a fundamental part of modern security. They assist in proving athenticity, meaning they help prove something, or someone, is who they claim to be.
File Formats (PFX & PKCS #12)
Certificates are stored and transferred as files.
Wikipedia explains the file types well:
“In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.”
View File Contents
certutil -dump filename.pfx
openssl.exe pkcs12 -info -in c:\temp\cert.pfx
# For help: openssl pkcs12 -help
# -clcerts = only output client certificate
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [drlive.crt]
# -cacerts = only output CA certificates
openssl pkcs12 in [yourfile.pfx] -cacerts -nokeys -out [drlive.bundle]
Extract Private Key
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [drlive.key]
openssl rsa -in [drlive.key] -out [drlive-decrypted.key]
Create Intermediate Certificate Bundle
From PFX file:
# -cacerts = only output CA certificates
openssl pkcs12 in [yourfile.pfx] -cacerts -nokeys -out [drlive.bundle]
From CRT files:
openssl x509 -in certname.crt -text -noout
openssl rsa -in keyname.decrypted.key -check
Check Key Matches Certificate
MD5 output values should be matching:
openssl x509 -noout -modulus -in certname.crt | openssl md5
openssl rsa -noout -modulus -in keyname.decrypted.key | openssl md5
Test a Live Site Certificate
openssl s_client example.com:443