Grammar Nazi PSA

“Checkout” is a noun. “Check out” is a verb (specifically a “phrasal verb”).

“Setup” is a noun. “Set up” is a verb.

Bad:

“How to setup X”
“First, setup X”
“Checkout the git repo.”
“For more info, checkout the documentation on the wiki.”

Good:

“How to set up X”
“First, set up X”
“Check out the git repo.”
“For more info, check out the documentation on the wiki.”

Bad:

“That’s a great set up.” (You have a great set which is up?)
“Maybe the check out failed.”

Good:

“That’s a great setup.”
“Maybe the checkout failed.”

Ciphers supported by AWS (classic) ELBs

I recently had some trouble deploying an app to AWS after enabling HTTPS/TLS on the application because the health check was failing. It turned out that because I had also restricted the list of ciphers my app could use (per my organization’s security recommendations), the ELB was unable to connect to the app because it did not support any of my app’s ciphers. Unfortunately, the AWS docs do not explain what ciphers are supported between a classic ELB and the app. So, here’s the current list:

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)
TLS_RSA_WITH_RC4_128_SHA (0x0005)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00a3)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088)
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087)
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045)
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044)
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

A. A. Klaf Calculus Refresher errata

In going through A. Albert Klaf’s Calculus Refresher, republished by Dover, I came across a mistake in Appendix A. The answer to question 7 on page 88 is incorrect. The question is:

7. What are the most economical dimensions of a right circular cylindrical tank made of steel of uniform thickness and of fixed volume = 6,000 cu. ft.?

And the answer given in Appendix A, p377 is:

7. r = h = 12.41 ft

However, that would give:

V = 6004.3392
dA/dr = 78.0307

I believe the correct answer is:

r = 9.8475
h = 19.6949
giving
A = 1827.8966

If you notice any other errors in this book, let me know in the comments.

PMD XPathRule

Getting this exception when creating a custom XPathRule in a PMD ruleset file?

Oct 11, 2016 12:37:05 PM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: OldHadoopPackageImport cause: Missing xPath expression

Make sure your rule definition includes the property element and the value element inside it. For example:

    <rule name="OldHadoopPackageImport"
          message="Avoid importing old Hadoop mapred package, use mapreduce package instead"
          language="java"
          class="net.sourceforge.pmd.lang.rule.XPathRule">
        <properties>
            <property name="xpath" description="XPath expression">
                <value>
                    //ImportDeclaration[Name[contains(@Image, 'org.apache.hadoop.mapred')]]
                </value>
            </property>
        </properties>
    </rule>

Docker unable to pull images from Docker Hub registry

In AWS, my Docker-based ElasticBeanstalk apps were repeatedly removing & adding instances. This resulted in many “Adding instance ‘i-465f6382’ to your environment.” type messages. In the docker-events.log the message “Could not reach any registry endpoint” was repeated. I got the same message when running a “sudo docker pull ubuntu” manually on the EC2, even though network connectivity seemed ok.

As it turns out, Docker Hub has deprecated pulls from Docker clients on 1.5 and earlier. See https://blog.docker.com/2015/10/docker-hub-deprecation-1-5/ for more information.

Also, due to a bug in the ElasticBeanstalk console UI, I had to use the EB CLI command “eb config” to trigger an update of the platform.