BCUG#3: Game of Life on a test drive
Our small community seems to be growing nicely: on our first meetup, hardly any drinks were consumed, and we nicely fit into the lecture room at BalaBit. On the second meetup, popcorn disappeared before I could blink. On our third meetup, we barely fit into the room. For the fourth, we’ll have to move the meetup to a bigger room (the Auditorium). I’m very happy with the meetups so far, although the last one became a little bit more experimental than originally planned. I found it fun, nevertheless, and also learned quite a bit about how future meetups shall be organised. Also, for the first time in the history of the Budapest Clojure User Group, we have not only pictures, but we have a video recording too (soon to be available on a youtube near you)! While we still had to fight various non-clojurian technologies to get this far, and the quality of the recording ain’t stellar either, it is progress nevertheless. We’re slowly improving in this area too, and I’m confident than sooner rather than later, we’ll have not only solved the problem of producing high quality recording, but that of streaming it live too.
Regarding the last event itself, it was experimental in at least two ways: first, this was the first ever live coding I ever did, and I used LightTable instead of my trusty old Emacs. Turns out that these two didn’t mix all that well, and perhaps I should’ve experimented with one thing at a time.
While LightTable is a very promising IDE, it’s nowhere near yet, it does not have all the features I would expect from an environment ready for live-coding. I had trouble copy & pasting blocks, even within the same tab, let alone between them. The only kind of copy-paste that worked is from outside applications into LightTable.. this was kind of embarassing and unexpected. But I should’ve tried it at home while preparing. On the other hand, the insta-repl was great, except when the error messages kept popping up at silly places, and my editor jumped about too… but thankfully that happened only once or twice. A bigger problem than LightTable was that I was fighting with the flu the past weekend, and still have not recovered fully, and that sadly had an ill effect on both how much I could prepare, and how well I could get it accross. Not to mention that I ended up sounding like Darth Vader on a gramophone by the time I got home.
But despite all this, I liked this last event too, there were amazing questions asked during the session, very good feedback given – thank you all! I’m looking forward to the next event, which will be held on the 16th of April, keep an eye on the meetup page!
[.] MoreAdventures in Brno
A couple of days ago, I started on an adventure, which turned out to be not unlike the one a certain Hobbit went on to. While this adventure has long been in the making (unlike his), it was not without suprises, nor without wonders. I had the good fortune of meeting with people I did not expect to see, to see and experience such wonderful events that I couldn’t have dreamt of.
Follow now, dear reader, and relive the adventure with me!
It was a dark and gloomy afternoon, raindrops slowly knocking on my hat as I walked towards the train station, with my soul held hostage by a particularly foul mood. I don’t like travelling alone. It is boring, and uncomfortable, and undesirable for many a reasons, but alas, this is what fate decided. “A systemd hackfest, there shall be held, two days ‘fore the DevConf“ – it said. And so I went, all by myself, without a guide, only a rough map and route to my hotel in Brno downloaded to my phone. Alas, the journey was uneventful, I was woken only three or four times to show my tickets, but other than that, haven’t seen or heard a soul.
Upon arrival, the adventures began: first of all, my map proved to be useless, because even though it had very detailed directions, like: walk 300 meters on this-and-this street, then turn left to street something, then after a kilometer, turn right to street whatever, there was one huge obstacle that prevented me from using the map right: Brno had no street names. Well, that was a bit of an exaggeration, I admit. Nevertheless, streets were not properly labled on the corners, so sometimes I had to walk quite a while to come upon a doorway which had the street name spelled out. But even that did not help at times, for I found one particular street, where the first doorway had one street name (and not the one I expected to be on), the second had another, and the third a third – all within 200m! Oh, and the fourth had all three. It was a bit of a mess, but in the end, I got to the hotel within fourty minutes or so, which was not much longer than what the route planner predicted.
The first (pleasant!) suprise came when I arrived at the hotel, greeted the recepcionist, and without as much as a second thought, she asked back if I was staying here last year too. I was. I spent maybe a night or two there, tops. I’ve no idea how she remembered me, but I was pleased nevertheless.
Next morning, I woke up early, as I had to visit the RedHat office to attend the first day of the systemd hackfest. Now, this was easier said than done, for if my map wasn’t particularly useful to get from the train station to the hotel, it was completely useless when trying to get to the office building. Needless to say, I got lost. I tried to ask locals, but either my english is too poor, or theirs was, or they just didn’t want to get bothered by me asking for directions. I got lost around three times during the trip, observed not only the peculiar traffic in Brno, but the local young university folk too. They didn’t speak english, either. Oh well! That one hour walk I planned took about three, and my feet hurt even now, days later, but I eventually got there.
As far as the adventure goes, the first day wasn’t amazing. I did meet with an old collegue, and we talked briefly, and that was both educational and enlightening (him trying to explain how public transport works, and what magical incantations I have to chant at the news stand to get a ticket failed: after minutes of explaining, it was still way above me, so I decided to keep walking for the rest of my time in the city), but the rest of the day – nah, not too interesting.
When I got back to the hotel – that only took an hour, and I even spent a good ten minutes shopping, buying myself some dinner -, I spent the rest of the night hacking on a few pet projects, one of them a logic program, which I rewrote to make it able to run backwards. That had an ill side-effect on my subconscious, as that night, even my dream ran backwards, and that was a little scary. So scary, that it will make a nice story too, one I will bake into the Pilgrim stories.
On the next day, a collegue arrived, and on the third, we left for the main event: DevConf. I will not go into detail about the conference itself, that is not the topic of this story. But the first day was rather quiet, I spent the afternoon hacking.
The next event of our adventure starts at night. I did not eat lunch (though the breakfast was delicious and plenty), so by dinner time, I was terribly hungry. No worries, I’ll order pizza! Or so I thought. If only it would be that easy… You see, there were a couple of complicating factors, among them my complete lack of knowledge of the local language, and me not having any money on be but euros and a bank card. Thankfully, at the reception, they recommended me a pizza place where I can order from, I can pay with a bank card, and they have an english website too! What could possibly go wrong?
Everything, of course. First of all, I was unable to access my bank from my hotel room, I still have no idea why. Second, the website, while it was available in english, always switched back to the native language. And when it switched, it changed domains, thus, lost my cookies, and therefore my order. But no problem, I thought. I’ll recognise what I want from the price and the pictures! So I assembled my basked on the main site, tried to order, entered my name, e-mail address, telephone number, and where I want it delivered. Sadly, though, the site was asserting that I need to place an order that’s more than 149 CKZ. I found that odd, as I had 221 CKZ worth of stuff in my basket.
For a short while, I gave up on that site, and tried to find another. This second one also allowed credit cards, and had a very good english version of their website, that never switched languages unless I asked it to. But when it came to ordering, I had to register, and it did not allow neither my own cellphone number, nor the hotel’s (I tried every format I could think of). So this was out, too.
But in the end, hunger overwhelmed me, and I walked down to the reception to ask for help. It turned out, that on the first site, the reason 221CKZ was not enough, is because dessert is not counted towards the minimum order. But somehow they forgot to mention that on the english version of the site. They also offered me to pay in euros, once the pizza arrives, and even better, they phoned the pizza place! I did try to ask them to order from a different place, because that place had pizza with stuffed crust (oh boy, how I love stuffed crust!), but I did not manage to make myself clear. And alas, a simple pizza is better than no pizza at all.
And that concludes the third day. The fourth… well, the fourth was the best of it all, but to explain that, I would need to switch the topic to a technical one. I will do that, but at a later time.
Budapest Cloure User Group Meetup, continued
We had our first and second meetup of the Budapest Clojure User Group, and I enjoyed them both, even though I spent an awful lot of time preparing for my talk for the second meetup. Quite a lot of people showed up, more than on the first, and that’s a good sign! The feedback was better than I anticipated too, so the journey will continue!
I don’t usually get much feedback after a talk, but after the last meetup, there was a common theme in what I heard back: interactivity is good! That’s the theme I’ll be trying to take further on our next event, held at the same place, on March 19 at 19:00. The topic will be Conway’s Game of Life, and I plan to have a fairly interactive session, where we first implement the game in an imperative language (python), then translate it to Clojure, along with tests, and then step by step, slowly refactor it into something that looks, feels and behaves functionally. The goal is to involve the participants, to make them think in Clojure, and see the beauty of the language.
I plan to use some interesting libraries to spark further interest, in the shape of Quil, for example. If time allows – and if I manage to prepare in time -, I will also translate the result to ClojureScript, and use something like midi.js to make not only a visible representation of the game, but an audible one too.
I’m not sure how that will work out, but at least the plan sounds interesting! And even if I don’t manage to get the audio part done, at least there will be an idea for the fourth meetup!
As always, I will try to engineer the talk in a way that those who never saw the language before will still get something out of it. So even if you’ve never heard of Clojure before, or never programmed in a functional language, come, and join us on the 19th of March!
syslog-ng OSE 3.4.1 released
I’m proud to announce that culminating a year’s worth of development, syslog-ng 3.4.1 has been released! This is the first stable release from the 3.4 branch, the successor of 3.3, which was originally released in October, 2011. This is the first time I have the privilege to maintain a branch of syslog-ng from even before its first stable release (I took over 3.3 in last May; 3.4 with RC1). It sports a fair amount of new major features compared to previous stable releases, and is a worthy successor of the 3.3 branch (which will continue to be maintained and supported for a good while too).
Highlights of the year
It is hard to keep the list of highlights reasonably short, there are so many great improvements and features that it really is a hard job selecting only a few.
Junctions & channels
One of the first big changes to land in 3.4 was junctions, which improve the flexibility of the syslog-ng configuration language. This allows combining sources with their closely tied processing functionality (like parser, rewrite and filter statements), among other things.
value-pairs() key rewriting support
The value-pairs() feature that was introduced in 3.3 now supports renaming keys in bulk, by applying various transformations onto them. This makes it very easy to rearrange keys into different structures, thereby increasing the flexibility syslog-ng provides, and making it even easier to integrate it with pretty much anything out there.
AMQP destination
The AMQP destinatin plugin is important in many ways: not only is it a useful plugin, to which none similar existed before in syslog-ng, it is also the first complete plugin that was contributed by a third party.
The destination allows one to publish log messages to an AMQP-capable messaging server, such as rabbitmq, in a very elegant and smart way, that allows for very fine-grained message processing on both sides.
Improved JSON support
In the world of HTML5 and the web, JSON is one of the most used serialization formats. Former versions of syslog-ng already supported emitting messages in JSON format, but those were flat structures only, and syslog-ng was not able to parse JSON serialized messages, either.
With the release of 3.4, this all changed: the $(format-json) template function emits structured JSON, treating the internal representation of key names as if they were in dot-notation.
Furthermore, we have a json-parser too, which makes syslog-ng able to receive JSON formatted data, and do a lot of interesting things with it.
Contributors!
Compared to the first commit on the 3.4 branch, a total of 727 patches have been committed, producing the following diffstat:
395 files changed, 28908 insertions(+), 13491 deletions(-)
That is a huge amount of work, work that would not have been possible without the tremendous amount of help the community contributed, in form of bug reports, requests, patches and even whole plugins!
I would hereby like to thank all the people who contributed to syslog-ng’s development in one form or another. In no particular order: Balazs Scheidler, Evan Rempel, Chris Johnson, Ben Lentz, Jose Pedro Oliveira, Peter Czanik, Balint Kovacs, Brian Kroth, Jan Schaumann, Tamas Pal, Viktor Juhasz, Attila Nagy, Conrad Hoffman, Csaba Major, Cy Schubert, Eun Kyung, Marvin Nipper, Michael Hocke, Peter Gyongyosi, Sandor Geller, “Sergey”, shih dane, Alexander Komyagin, “EgonB”, Imre Lazar, Mark Ulmer, Patrick Hemmer, Attila Magyar, Peter Gyorko, Martin Grauel, Hendrik Völker, Heiko Gerstung, Andreas Piesk, Matthias Runge, Jakub Jankowski, Russ Milne, Daniel Neubacher, “Dit”, Lennert Buytenhek, Jan Schaumann, Anton Koldaev, Dave Reisner, Alex Zimnitsky, Alexander Komyagin, “Mads”, Mark Wooding, Cary Taylor, Eric Lindvall, Zoltan Fried, Robert Fekete, Traiano Welcome, “whille”, Yuri Arabadji and everyone else I may have forgotten (sorry!).
Clojure, BalaBit, Budapest. We invite you to see history being made!
We here at BalaBit – being an innovative tech company – are always on the lookout for emerging technologies, and we believe that when an opportunity presents itself to help one of these gain foothold in our very own country, we do our best to support that. For these reasons, and more, we’re glad to host the first Budapest Clojure User Group Meetup in our office, on the 29th of January!
But what is Clojure? It is a modern dialect of the LISP family of programming languages, originally built on top of the Java Virtual Machine, a functional language, with strong focus on concurrencty, and being practical.
Due to these properties and more – including but not limited to being ported to other platforms, such as JavaScript (ClojureScript)-, the language is being adopted quickly by many organisations around the world.
Who’s using Clojure in production? 
It’s used at Twitter (see Storm, a distributed and fault tolerant realtime computation system, for example); and Prismatic, who built their whole stack, backend and fronted alike on Clojure and ClojureScript; and a whole lot of others.
It made it to the “Adopt” section of the ThoughtWorks Tech Radar in October 2012; and Robert C. Martin of Clean Coder fame also wrote a series of posts about functional programming and Clojure in particular.
Why we started using Clojure?
At BalaBit, we have a project or two written in Clojure as well, with more to come for sure. I, for one, am writing pretty much every new software of my own design in this language. The wide range of Java libraries is astounding, and thanks to Clojure’s interoperability with the host platform, I can use all of them, without having to write a single line of Java code. I can hide the uglyness behind thin macros or libraries, I can make my code look not only readable, but easily understandable!
Functional programming opened up a whole new world for me, made me realize that data is one of the most important part of my program. That code just happens to be smarter data, is a huge boon too. With immutability, I can feel safe when writing highly concurrent programs, but being a practical language as Clojure is, I still have access to mutability, if the task at hand demands that.
The ideas I learned while watching talks about Clojure and related fields, while I wrote code in the language also made me able to write much better code in other languages aswell. No wonder I jumped onto the user group ship as soon as it came up.
The Meetup
There are already a number of existing user groups worldwide too, so when Balint Erdi started one in Budapest, we found the idea great, and thus, will host the first meetup in our office. Anyone interested in the language is welcome, the more the merrier! Feel free to sign up either at meetup.com, or contact Balint or myself directly.
On this first meetup, the plan is to figure out how future meetups will be organised – how often, where, what topics to include, and so on and so forth. Needless to say, we all want this to be a periodic, and interesting event for a wide range of people, whether they’re interested in Clojure itself, or just about emerging technologies.
A rough plan of the meetup is as follows, all times being rough estimates only:
- 19:00 – 19:10: Everyone arrives, and sits down comfortably.
- 19:10 – 19:20: Short introductions.
- 19:20 – 20:00: Intro to Clojure (slides & presentation in English).
- 20:00 – : Discussing future plans, and the next meetup.
While we won’t have live coverage (except for tweets, perhaps), I’ll definitely post my summary after the event on this blog.
Dontcare-driven development
There are a number of development processes, test-driven, hammock-driven and a whole lot of others. I practiced, and continue to practice some of them, whichever I feel is most appropriate for the task at hand. However, I also found a model that works extremely well for me, and this is what I will present you today: dontcare-driven development.
[.] MoreAwakening & Crimson Dawn
A few months from now, the 18th of February will be an important day in my life: sixteen years before that day, I wrote the first worthwhile poem of my life – there’s been a few before that, but none that I’m proud of. Not until this one. On the 18th, I will have spent half my life writing poems (hundreds of them, by now) – and the other half, writing code. There is, of course, some overlap, and some of that, I will share today.
In recent weeks, as a way to figure out how to help my own studies, and to satisfy a geeky need, I started to write a little tool using core.logic that writes poems for me. Not because I’m suffering from burnout – I do not -, but because it helps me improve my command of the language, both spoken and written.
I taught the tool words, and how to pronounce them, their length and a few other properties. I told it which words are nouns, which are verbs, taught it usual combinations, so that it can use adjectives correctly. To my suprise, it worked! Mostly, that is. There still is a lot of cheating involved, because I have had a rough idea of what I want to see it do, and I steered the logic so that I get those results, I implemented a few shortcuts to make it deterministic.
Nevertheless, it did end up writing things that I liked, and only had to change just a little to suit my purpose. Below, I’d like to present two poems co-written by myself and a program:
Awakening
I saw a dream, a vivid tale of a world yet to come. A world without my kind.
I saw a dream, of flying colours. A dream that had no place for grey beards like mine.
I saw a dream of minds flowing free, no walls to bind them.
I saw a dream of happy thoughts, and no veil to hide them.
I saw a dream of unending rave,
but in the corner of my eye,
I saw a black statue of furious rage.
I saw a dream that sparked unquenchable fire.
I saw a dream, where that fire ignited the flame.
I saw as rage poisoned it all.
I saw pillars of hate standing tall.
I saw a dream, where for all this, I was to blame.
I saw a dream, a red dream. I saw them burning all.
Crimson Dawn
Wings spread far apart,
lungs ignited by a spark,
I paint the sky bloody red
no mortal shall be spared.In silent solitude I pray,
that my shadow never sees the light of day.Behind my back, dark mist open it flings
like giant dragon wings.Rise, anger, rise, and burn!
Let anguish sweep through the world,
the voice of barren lands must be heard.
Rise, angel rise, and burn!In silent solitude I pray,
that my shadow never sees the light of day.When all was said and done,
when all was lost and gone,
from high above, the prophet has come,
to bring justice on this crimson dawn.
The Pilgrim story
Of course, this is all connected to the Pilgrim stories, and happens not long after the Dream Wars, they start the end of the world I created on this very day, seventeen years ago.
Seventeen years! I’ve worked on and off on this world for the better part of my life. I probably spent more time on these than writing code, truth be told. But as I get older, and the way I code changes, so do my writings, and as I leave old code behind, so shall I leave the Pilgrim too.
I know how it will end, the beginning is already out there, with much of the events inbetween written too. All that is left is connecting the dots, and the year of 2013 will see that done.
[.] MoreEnlightenment (Interpretation)
Enlightenment has many levels, and so has our story: on one hand, it is a spectacular example of a particular way of teaching, one where the disciple can observe, but he’s constantly forced to make discoveries on his own. Why that matters? It does, because it emphasizes thinking and self-improvement, things a young mind desperately needs. We oft forget this, and fill brilliant, free minds with needless rigor; we lock them up in the cage of Well Known, and they suffocate. Instead, Master wall leads by example, but at the same time, he lets himself be led, or even more: demands a helping hand to guide his fragile steps.
Then, there is another level to it: the master on his own has limits, and by mere copying, the student would have them too. But working together, those limits all but disappear.
Finally on the level of the – the product -, copying does not matter. But observing its history – and the way it is made – will allow us to do better, to improve upon the original design!
Of course all of these can be applied to our field: software development.
Thousands – if not millions – of young minds are enslaved yearly by methods, patterns and broken old principles. By the time universities are done with them, only a few remain that escaped the curse of tunnel vision, but even their imagination began to wane.
And once they join the rat race, they’re either on their own to drown in a task or solve it in one single way they were taught. Or they get assigned to a team, and like trained monkeys, do as they are told. Shallow, unfulfilling way of life.
And the software? Locked in a black, proprietary box, it slowly dies, and that is all its legacy: a black void of unknown, waiting to be reinvented over and over again.
But there is always hope that we will eventually do things right, that instead of forcing paradigms down each others throat, we will teach and educate. That we’ll work with, and not against one another. And we’ll share our knowledge, the information this modern world is built upon. We will write code in our own image: free.
[.] Moresyslog-ng, amqp and disk buffers
A few months ago, I wrote a piece about syslog-ng and disk buffers, wherein I mentioned RabbitMQ, and sounded a gentle call for help. I do not know whether it was that, or something else, but help arrived.
A week or so ago, a new destination driver was submitted for review: one that allows syslog-ng to publish messages to AMQP, in a very straighforward and flexible way. While this is very different to what I imagined and outlined in my earlier post, it achieves almost the same thing.
I will not explain what and how the driver does in detail here, that is for another post. Instead, I’ll take a look at the differences between the disk buffering the AMQP driver provides, and the disk buffering available in the commercial edition of syslog-ng.
Let’s have a quick overview of some of the most important properties first!
| syslog-ng PE | OSE + AMQP | |
|---|---|---|
| Supported units | Supports all network destinations | Supports only the AMQP destination |
| Configurability | ||
| Configurable from within syslog-ng.conf | Separate, AMQP-side configuration | |
| Size | Maximum size configurable on a per-destination basis | Configuration only on the AMQP-side |
| Memory / disk ratio | Can be configured via mem-buf-size() and disk-buf-size() | log-fifo-size() and AMQP-side settings all affect it |
| Reliability & storage | ||
| When? | Stored on disk by syslog-ng, before it leaves through the network. | Stored by the AMQP server, after it leaves through the network. |
| Where? | Stored on the system running syslog-ng | Stored on the system running AMQP |
| How? | Care is taken to prevent message loss (especially with reliable(yes) set) | Entirely up to the AMQP server implementation |
| Performance | ||
| Bottlenecks | Writing to a local disk is as fast as the disk itself | Messages have to go through a network socket, and then get written to disk |
| Numbers! | I don’t have solid numbers for PE’s disk buffer speed, unfortunately. | About 7000 messages / sec on my workstation, with the AMQP server being the biggest bottleneck |
As one can clearly see, while the AMQP driver does provide some kind of disk buffering, that is not its strongest point – nor should it be. For the purpose of disk buffering, syslog-ng PE wins in pretty much every possible way: it’s easier to configure, one has more control over it, it performs much better.
In summary, the AMQP driver provides a much needed way to publish structured messages, and allow very flexible consumer-side configurations, where consumers can come and go, subscribe to parts of the published stream, without having to change a single bit on the publishing side. That is the big advantage of AMQP. The fact that it can persist its queues to disk is a useful thing, but does not in any way compete against syslog-ng PE’s disk buffering solution, which was built to provide stable, reliable performance, and cater to the specific needs of disk buffering.
[.] MoreEnlightenment
A disciple approached Master Wall, and asked: “Master, we have been taught to learn from our peers, and I have strived to do so, yet, have not received Enlightenment. What should I do?” Master Wall, who was tending to his garden at the time, took a good look at the Disciple and said: “You can learn mastering the art of Tea from me. Come!” – and with that, he turned away, towards his harvest.
From that day onward, the disciple woke before Master Wall, and went to sleep after him, watching him with utmost attention, writing down every detail he observed, and reviewing and learning the steps of the harvest each night. This went on for some time, until the disciple’s notes started to weigh a book, and it became heavy to carry, so he started to leave older pages home when he came to visit Master Wall.
At one point, the Master told the Disciple: “You’ve been taking many notes, you’ve observed throughly the way I work. You’ve seen my mistakes, how I corrected them, how I started again and when. You’ve seen my triumphs, tasted my tea. It is now time to show me what you’ve learned!”
The disciple then turned to his notes, and tried to follow in the very footsteps of Master Wall. But when the master saw this, he slapped the disciple on the neck: “I’ve told you to show me what you have learned, not what you have written down. I see you are not ready yet.” With that, he pushed the disciple away and finished his work for the day.
The disciple went home, saddened, disappointed, but filled with enthusiasm to do better and not let down Master Wall again. He studied harder, practised the techniques he saw, and eventually, he became confident that he learned his lesson, that he can make excellent tea. So he approached Master Wall, with a cup of tea in his hand, and said: “Master, I have learnt much, practised the art, followed your lead and prepared this cup of tea, just as I saw you do it.”
Master Wall took the cup, tasted it: “Good.” – and slapped the disciple on the neck again. “You make fine tea, but you were a master at it the first time too. Yet, neither then, nor now did you show me what you have learnt.”
Puzzled, the disciple retired to his home, thought long and hard about what the Master said, and went back to his garden the next day. He helped the master with the harvest, and at noon, after finishing their meal, Master Wall went to prepare some tea, and the disciple followed him.
This is when the Disciple saw that Master Wall was about to make a mistake, so he stopped the master’s hand, and said: “Master Wall, blending that additive into the Tea will not result in such a good taste!”
Master Wall smiled, and the student was enlightened.
[.] MoreAnother month rushed away
As usual, in recent weeks, I’ve been too busy to write, but I’m making up for it now. Over the past months, there have been a few very significant changes, some were already announced, some were not, but this is a great opportunity to celebrate all of them again. The most important thing, from my perspective is that from the 15th of September this year, my role within BalaBit shifts slightly, and I will only work half-time at support (as opposed to the current ~80%), in the other half, I’ll be a syslog-ng OSE developer, working on reducing the gap between the current syslog-ng PE core and OSE, among other things. I’m already hyped up beyond imagination, even though I realize that this only means my TODO list will expand into infinity within two hours. Nevertheless, great things are ahead!
Again, on the syslog-ng front, I released syslog-ng 3.3.6, started working on a feature that makes it possible to emit structured JSON, and allow us to move from upserts to inserts in the MongoDB destination. This was originally planned to be a GSoC project, but sadly it fell to me in the end. However, I promised to deliver the feature by the end of GSoC no matter what, and I prefer to keep my promises, and so I did.
Elsewhere, I’ve spent a lot of time exploring various technologies that I wish to use in the near future, built proof of concept demos for about a dozen ideas I’ve had – some of these will likely be showcased sometime soon.
On the other hand, it has not all been joy and happiness: after much consideration, I decided that the interest I had in CEE and lumberjack is no more, the reasons I became interested in are now void, therefore I will stop following and promoting both, because neither will fulfill my needs in the future. As such, maintainance of the libumberlog library I wrote earlier this year will be handed over to a collegue of mine in the next coming days.
In September, I will start university again, and this time, I made sure I go somewhere that I will not only be able to finish while maintaining my sanity (what little is left of it, anyway), but attend courses that will benefit me greatly in the long run, much more than previous attempts had. This, combined with being allowed to work half-time on syslog-ng OSE rearmed my fading enthusiasm, and that instantly swept away a lot of worries that troubled me in the past months.
As for what surprises September holds, I’ll keep you posted! I promise there will be a couple of very interesting demos presented!
[.] Moresyslog-ng and disk buffers
The commercial version of syslog-ng, called the Premium Edition offered support for disk buffers for a long long time now. This is something that the Open Source Edition is lacking even now, while there is a clear demand for it, and competitors support something very similar aswell.
While I won’t go into the whys, let me explain a few ideas people came up with to implement disk buffers, their shortcomings, and plans currently in motion that will ease the task in the not too distant future.
The Goal
The goal we want to accomplish, is to have a reliable way of storing messages that are still in flight, being processed by syslog-ng, on disk. There are two reasons we’d like to do this:
- To ensure that messages do not get lost, not even when syslog-ng unexpectedly stops
- To have a larger buffer for peaks, when storing all pending messages in memory would be unfeasible.
The problem
The main issue at hand is not only that syslog-ng OSE does not have a disk buffer, but that it’s very far from trivial to add this feature to it. And that is because the message queue system in OSE is not as extensible as it is in PE: you can’t just hook in a disk buffering system and live happily ever after.
Would that be the case, OSE would already have a disk buffer solution, as coding up a simple one is about a day’s worth of work.
The workarounds
Use a buffer file!
One of the first things people think of is: “What if I write to a file, and use that as the source for another destination?“. This could be as simple as:
source s_network { tcp(flags(no-parse)); udp(flags(no-parse)); };
destination d_buffer { file("/var/cache/syslog-ng/buffer.log"
template("$MESSAGE\n")); };
log { source(s_network); destination(d_buffer); };
source s_buffer { file("/var/cache/syslog-ng/buffer.log"
follow-freq(0.1)); };
destination d_net { tcp("1.2.3.4"); };
log { source(s_buffer); destination(d_net); };This has a few drawbacks, however.
- The buffer will grow indefinitely.
- The buffer will need to be frequently polled to keep latency low.
- The configuration is far longer than one would want it to be.
Use a buffer file, with rotation!
To solve the issue of the file growing forever and ever, we could, of course, rotate it away from time to time. But what would we gain from that? Two new problems!
We still can’t expire old files, not easily, not reliably anyway, as we do not know which files have been fully consumed by the s_buffer source.
And, we added extra complexity to the config, because we now have a large number of buffer files, and we need to figure out when to start polling new ones. If we use an external rotation mechanism, we could SIGHUP syslog-ng after tweaking the config to use the new file, but then we have a window where messages in the old buffer haven’t been processed yet.
Or we could use wildcard sources (once they’re ported from PE to OSE), which makes the following of buffer files easy:
destination d_buffer {
file("/var/cache/syslog-ng/buffer-${HOUR}.log"
template("$MESSAGE\n"));
};
source s_buffer { file("/var/cache/syslog-ng/buffer-*.log"
follow-freq(0.1)); };However, we still can’t expire old files reliably, as we have no way of knowing when a buffer was wholly consumed.
Lets parse syslog-ng.persist!
Thankfully for us, syslog-ng stores what position it is standing at for all files it is using as a source. We just need a way to get that out of the persist file. Sadly, no tool exists yet that would allow us to do so.
Technically, if we could figure out the file position from the persist file, and we’d have wildcard sources, implementing disk-buffers would only take a couple of lines, and a cron job to clean up old stuff: find all files that are read fully and are older than a set limit, like, if it’s twice as old as the rotation interval, then it is a candidate for deletion.
Can we do better?
While the above solution will work nicely, that too, has a few drawbacks: it’s hacky, it needs longer configuration than one would ideally want, and it needs an external tool to clean up old buffer files. We can surely do better than that!
To do better, we need a way to extend – or replace – the queue mechanism used within syslog-ng. Doing this properly is a hard task, but most of it has been done already, it just needs to migrate from PE to OSE – a question of time and energy, really. I won’t go into more details about this right now, as it will happen, and as far as the disk queues are concerned, it’s not important to know how the queue extending/replacing system works under the hood.
So, for a moment, lets imagine that we already have a pluggable queue system, ok? We can completely replace the queues syslog-ng uses internally.
Now, take a step back, and think about what we use the queue system for: to pass messages around. Does that sound familiar? Of course it does. Let’s use a message queue then! Preferably one that already supports disk buffering, like RabbitMQ.
If we’d replace syslog-ng’s queue mechanism with such a queue system, we wouldn’t only gain disk buffers, but a host of other interesting things too, but that is for a different post. For now, lets see how a rabbitmq-based config would look like:
options {
queue(rabbitmq);
rabbitmq(durable(yes)
delivery(persistent));
};
source s_net { tcp(); udp(); };
destination d_net { tcp(); };
log { source(s_net); destination(d_net); };And that’s about it. “Where’s the disk queue size?” – you may ask, and rightfully so! Well, we replaced syslog-ng’s internal queue mechanism with rabbitmq, so log_fifo_size() is now the number of messages a particular queue will hold. There’s no separate disk buffer size setting in this case, as that’s entirely handled by RabbitMQ.
When will we have all this?
Wildcard source is already written, although it needs to be ported (and potentially rewritten in the process) from PE to OSE, it’s entirely possible to get this done for syslog-ng 3.4.
A tool to inspect persist files has been requested multiple times, but currently, there is no active effort on writing such a tool – help is, of course, welcome in this area. Nevertheless, implementing as much of this as we’d need for buffer file rotation is likely a very easy task, and as such, can be done in syslog-ng 3.4 too.
Extending the queue mechanism is available in PE, but I’d want something more: to replace the whole queuing system. That’s a huge task, and it won’t be coming soon. It is very unlikely that I’ll start working on this before 3.5 opens up for development.
To put it otherwise, the slightly hackish, not so nice solution is entirely possible to do within the scope of syslog-ng 3.4. The most powerful solution, that also buys us a whole host of neat things along with disk buffering, is something that will have to wait.
Can we help?
Of course! If you have some experience writing C code, then a persist file inspection tool likely won’t be a huge challenge for you – and I am always happy to help and give hints.
But even if you’re not a coder-type, or simply lack the time, expressing your interest, and showing support for our efforts of making syslog-ng better and better is also greatly appreciated!
[.] Moresyslog-ng on Solaris
I have played with Solaris a few times in the past, but it always ended up in disappointment, after long and cruel battles with trying to get things into shape. Compiling and running syslog-ng on this platform proved to be quite a challenge.
Today I gave it another try, and found the OpenCSW project, and figured I’ll try getting things up and running with the help of these packages.
Setting up the environment
First, I had to install an environment I’m comfortable with, all the packages syslog-ng needs to build and run, and all the tools I need to debug it.
We’ll need a compiler, header files, git, and a whole lot of other stuff syslog-ng depends on. With much further ado:
# pkgadd -d http://get.opencsw.org/now
# export PATH=/opt/csw/bin:$PATH
# pkg install system/header
# pkgutil -y -i vim git autoconf automake libtool gmake libglib2_dev \
eventlog_dev docbook libxslt docbookxsl libwrap_dev \
bison flex_new gcc4core pkgconfig libnet_dev gdbThis will install a reasonably modern environment, with most everything I needed for the time being.
Getting & compiling syslog-ng
Armed with modern tools, it turns out, that compiling syslog-ng is not such a big deal afterall!
$ git clone git://github.com/balabit/syslog-ng-3.3.git
$ cd syslog-ng-3.3
$ ./autogen.sh
$ ./configure --prefix=/opt/syslog-ng \
LEX=/opt/csw/bin/flex-2.5.35
$ XSLS=/opt/csw/share/sgml/docbook/xsl-stylesheets
$ gmake XSL_STYLESHEET=$XSLS/manpages/docbook.xsl
$ sudo gmake installTa-da! Up and running in no time whatsoever, not any more painful than on any contemporary GNU/Linux distribution. No more hunting dependencies and old packages on sunfreeware, no more compiling lots of stuff by hand.
I was very pleasantly suprised that once adding the OpenCSW repository, everything went smoothly.
Of course, there is still work to do, to make syslog-ng act as the syslogd on Solaris, but that’s for another day.
[.] MoreHats and sticks, and logs of history
As announced a couple of hours earlier, syslog-ng OSE 3.3 has a new maintainer, yours truly. With this new hat on, I posted a roadmap to the mailing list, which I will not repeat here, not in detail anyway.
Being a stable series, there aren’t many things I’ll change, the major thing is that I will provide a separate patch along the source tarball that makes it possible to use upstream ivykis with syslog-ng, instead of the patched work it currently includes. This should make it easier for distributions that dislike (or even forbid) embedded copies, while still maintaining the current patched version as a default for everyone else. Eventually, the remaining patches will be sent upstream too, but that’s out of the scope of the 3.3 series.
Apart from that, the rest of the roadmap items are various fixes that turned up after the last 3.3.5 release. If all goes well, we’ll have a 3.3.6 release in a couple of weeks, targeting mid-June. At that point, it would even be possible to get a syslog-ng into Debian which uses the upstream ivykis library, and that would make me very happy.
I’d like to grab this opportunity to ask interested parties to test syslog-ng 3.3, and report any issues either to the mailing list, or to our BugZilla, so that 3.3.6 becomes a rock solid release, and so that I won’t have to do a 3.3.7. While I’m flattered by Bazsi’s trust in me, and I enjoy working on syslog-ng, my goal in this case is to have a single rock solid release, as that benefits everyone best. I hope I will be able to achieve that goal.
[.] MoreIn the land of open source, the free reigns king
There are a thousand and more reasons I believe in Free Software, but the most important part for me is that free software allows me to tinker, to play and have fun. Even better, it allows everyone to do the same, and presents opportunities to play together and make a piece of software even better than it already is, for everyone’s benefit. Free software makes things like Goggle Summer of Code possible, where students can work on a piece of software, be part of the larger community, and get a gentle introduction to this beautiful world.
It is a very satisfying feeling when one sees his own work being developed further by others. For me, this means that my work was useful for not only me, but others aswell, and even better: it was found interesting enough to improve upon! For this reason, I’m looking forward to the summer, to see what comes out of it, and I’m eternally thankful for the good folk at OpenSuSE, who gave us this opportunity to participate in this year’s GSoC, and allowed us a slot for this project.
And what this project is about, one might wonder? It’s about one of the most often requested functionality of the MongoDB destination driver: make it faster, better and more scalable! Right now, the driver uses something called an upsert, which is a kind of insert-or-update functionality. The reason it does so, is because syslog-ng stores its internal name-value pairs as a flat list, not as a tree, and using upsert allows the driver to use the keys as-is, as a flat structure (thanks to upsert being able to deconstruct a flat JSON dotted-notation into proper structures). The major advantage of this is that syslog-ng doesn’t need to do any expensive transformation. The downside is that upserts are inherently slow, and cannot be done in bulk, and place a higher load on the server than one would wish to.
The GSoC project is about fixing this situation: its goal is to teach syslog-ng to construct a tree out of flat name-value pairs, and provide an API not only for MongoDB, but for other drivers that need this (the JSON formatter comes to mind). Once this is done, the driver can be switched to use inserts, and reap all the benefits: higher speed, less load on the server, and an opportunity to do bulk inserts, which reduce the load even further.
This is a hard task, yet, a very useful one, not only for the MongoDB destination driver, but any other that may wish to deal with structured data in the future. But not only that! It is – I believe – also a great opportunity to become part of the syslog-ng community, to learn a lot about an important piece of a system’s infrastructure: the syslog daemon (and the best one of its kind at that). Even more, Eun Kyung will also have to work with MongoDB, to make sure the driver performs as well as we expect it to. There’s a lot to learn and explore, a lot to improve upon – this is the beauty of free software.
And this is why I’m looking forward to see the results, and hear how Eun found the summer to be. I sincerely hope – nay, know – it will be a fun and rewarding experience for all of us.
[.] MoreThe past month or two
I’ve been very silent for the past few months – sorry about that! -, there’s just so much going on that it is hard to find time to sit down and write. It’s hard enough even to keep up with everything going on as it is. Nevertheless, since my last summary back in December, there have been a number of interesting developments.
Apart from continuing my work on syslog-ng, about which I don’t want to speak this time: my git repository and mailing list postings are a great way to keep track of this part of my work, I believe. And there’s nothing extraordinarily interesting on that front just yet, just a lot of grunt work to pave way for great things to come. However, one thing closely related to syslog-ng is the Lumberjack project, which started after a logging conference held in Brno earlier this year. As part of this project, I released libumberlog, a small library you can LD_PRELOAD and turn legacy syslog messages to CEE-enhanced structured logs with a few extra bits of info, such as a high-precision timestamp. I’m quite proud of how this project turned out: not only does it get great stuff done within a few hundred lines of code, it also has a great logo, and a funny name to boot!
More interesting is my Debian work, I believe: as every year, Debian is participating in Google Summer of Code, and I’m one of the admins this year for Debian. I also helped the effort to get BalaBit to participate, and while we weren’t accepted, the awesome folk at openSUSE offered to be our umbrella organisation this year, many thanks to them!
But back to Debian! I continued down the path of eliminating free time and sleep from my life, and am running for DPL this year. Unlike my previous nomination, this one’s serious, and even if I don’t win (and winning over Stefano would be quite a feat in itself), I do hope this year’s election will be tighter than in years past.
And finally, the highlight of the past months were definitely my brother’s TV appearance. Both the the website and the interview is in hungarian only, sorry. However, we tried to make the website accessible even to those who don’t speak hungarian: just click around, and see the photos!
[.] MoreState
Dear state, thy holiness Who in every code doth dwellst, Bless us with your mutations, Until we scream in frustration As a NULL pointer is reached And the last barrier of sanity is breached, When just a frame before the code, Where the compiler removed a little bloat The missing stack glares at me in vain, But no sanity's left, just pain, I see you, dear state, thy holiness, Who in every code doth dwellst[.] More
CEE handling with syslog-ng
Structured logging is awesome, it’s something I’ve been doing and pushing for ever since I wrote the MongoDB destination driver for syslog-ng back in late 2010. It’s what our $(format-json) template function helps one do, also available in syslog-ng for quite a while now. More
[.] MoreRevisiting the Temple of Zorp
Forgive me, dear readers, for I have been lazy. I haven’t worked on anything noteworthy during the past month, except some internal stuff, which I have high hopes for, but can’t go into more details just yet. Nevertheless, it wasn’t all that bad, since I spent a lot of time going over my various todo items, refining them, thinking about the best way to get them done. That was actually useful, as it turned out that there’s far more use in some of these ideas than I anticipated. But, that’s not what I want to talk about today.
Today marks my return to the Temple of Zorp, at least, partly. There are two things I want to do with Zorp in the near future: one is to provide Debian and Ubuntu packages of the latest and greatest Zorp GPL, the same way I provide packages for syslog-ng (of which, I will soon start providing experimental 3.4 debs, too).
The next thing is a new proxy, and a series of blog posts explaining how the proxy is implemented, and various stages of its implementation. This post happens to be the first in the series, and I will try to summarize and explain what kind of proxy I wish to write, and why.
It all started with me attempting to play some weird games with my MongoDB cluster, and it fell apart. But that’s no big deal, I break it every day in, for fun. The problem is when it comes to debugging problems: I hate the mongodb logs, can’t make heads and tails out of them, so I ended up trying to sniff the communication between my clients, my nodes and the rest with Wireshark. Sadly, wireshark’s mongodb/bson dissector isn’t all that useful, either.
So there I stood, wishing I had an easy way to debug the wire protocol, only the parts I’m interested in, when it dawned on me: if I had a Zorp proxy, I could just configure that appropriately, and voila! It would also have some other benefits, like restricting access based on things not available to the mongodb server.
And from these ideas, the plan was born: I will write a MongoDB proxy for Zorp, and document the process on this very blog! Let us begin!
I plan to implement the proxy in three stages: the first will be a fairly bare-bones thing, one that’s able to validate and forward the wire protocol, and log some interesting stuff, depending on the configured log level.
The second stage will introduce hooks, so one can change what happens from python, on both sides. This will allow me to trigger artificial errors, and setup situations that I want to test easier.
The third stage will introduce convenience helpers, to make some common tasks easier and more straightforward. In the end, I want to be able to do things like, allowing inserts only on specific collections, and return a custom getLastError message for others, and at the same time, have sane logging features.
All of these stages will be throughly documented, and appropriately tagged in a git repository I’m about to set up. With a bit of luck, this will end up being an experiment useful to not just myself, but others aswell.
[.] MoreOne step forward, two steps back
[.] More“Un pas en avant, deux pas en arrière
La danse sur la corde
La recherche du bonheur
Un pas en avant, pas en arrière
Insensé, sans but
La recherche du bonheur”
