Inventor's Paradox

Background We have a three-server landscape that serves our internal applications. All of them were running nginx on RHEL linux. The nginx were installed from EPEL repository packages. Two days ago I updated the nginx in one server (lets say server A) in order to repackage it after enhancing it with HttpSubsModule, during the compilation process it complains about missing kernel functionality. For the compile to be success, I updated kernel-devel and kernel packages (in server A) to the latest one. After the compilation succeeded, I copied the resulting rpm to server B and installed it. The problem After reinstalling the rpm package in server B, I didn't remember to restart the nginx server. After installing new kernel in server A, I havent restarted it either. But the next day, because of one thing and another, server A got restarted, and the application on server A no longer works. Server B's nginx server also got restarted, and afterwards unable to serve any web pages

The case Dalam pembuatan aplikasi enterprise, banyak aktivitas yang perlu dibuat form elektroniknya. Umumnya form ini perlu menggunakan persetujuan sebelum diakui oleh perusahaan. Aplikasi jenis ini ialah aplikasi berbasis workflow, akan lebih terstruktur dan maintenable jika dibuat memanfaatkan workflow engine yang sudah ada. Salah satu workflow engine yang open source adalah Joget Workflow. Artikel ini mencoba menjelaskan tahap awal pembuatan aplikasi workflow yaitu pembuatan diagram workflow. Skenario yang didukung Dokumen request dibuat oleh aktor pembuat, kemudian disubmit ke aktor approver (umumnya atasan). Tiap aktor diperbolehkan melakukan reject dokumen. Approver dapat melakukan pengembalian dokumen (return) atau persetujuan (approve). Basic Workflow Pada workflow ini, Pembuat dapat melakukan aktivitas 'BuatDokumen'. Tombol aktivitas yang dipilih (submit , reject/cancel, atau return) diisikan ke variabel 'Keputusan'. Variabel ini menjadi dasar

The case I recently involved in a reverse proxy project using nginx as reverse proxy server. Turns out that nginx has a built in HttpSubModule that allow us to replace urls in http stream, which is a very important requirements for us.  But the problem is that the HttpSubModule only allow one replacement per location.  After a few searches, found that an additional HttpSubsModule (notice the additional s)  will do the task, allowing multiple replacement per location.The nginx wiki is kind enough to provide installation instructions for HttpSubsModule , but provides no rpm package. DISCLAIMER: This blog post shows step by step tutorial to produce a RPM package file. If you only interested in installing nginx with HttpSubsModule, please jump to the last heading 'Installation'. But if you're not on Centos 6 x86_64, maybe you really should follow all the steps anyway. Repository Hunt I prefer repository packages other than compiling manually. We found that EPEL repo

Recently I stumbled upon this SQL where clause : status <> 2  OR status <> 0 or in equivalent form for you PHP developers : (status != 2 )  || (status != 0) To analyze why such combination are useless, Lets define two variables to simplify things : A = (status <> 0) B = (status <> 2) And draw it on one table :  Then I wonder, what good does that do ? It always evaluates to true.. It only make sense if we combine the status comparisons with the and operator :

Background Rational AppScan is an automated web testing tool that can be used to produce reports of web application vulnerabilities. So we usually use it to ensure our apps well protected before releasing them to the wild internet. The problem The problem with detection tools is that it sometimes raises a false alarm - such as when it declared that session identifier not updated : [1 of 2]  Session Identifier Not Updated Severity: High Test Type:  Application Vulnerable URL:  https://myinternalapp.com/application name/   Remediation Tasks: Do not accept externally created session identifiers Variant 1 of 1  [ID=26] The following may require user attention:  My normal reaction, because the app is a Yii framework-based PHP application, is that I should add Yii::()-app->session->regenerateID() call during login action. Imagine my surprise that upon retesting using Rational AppScan, it spits errors like these : Stopping scan due to out of session detection I vag

Hari ini hari kedua pelatihan SAP Business Warehouse. Dulu sudah pernah dapat pelatihan serupa dari SAP, kini yang membuat materi dan menjadi instruktur ialah dari salah satu vendor SAP. Bagi yang belum pernah mencoba, silakan ketik tcode RSA1 di sistem SAP BW anda. Jika bener-bener terpasang BW, maka akan muncul Data Warehousing Workbench. Meskipun ini sudah kedua kalinya, saya temukan SAP BW itu sebenernya cukup rumit. Memang dia  flexibel. Kerumitan pertama ialah bahwa dia punya banyak istilah-istilah yang tidak umum, bahkan bagi orang yang biasa kustomisasi SAP dan develop aplikasi. Memang typical SAP ialah membuat istilah dan memaksa orang untuk memahaminya.. Tabel padanan berikut ini mungkin membantu : -> InfoObject karakteristik = Tabel. Di SAP BW kita bisa seenaknya membuat tabel dengan istilah 'InfoObject'. Ini adalah tabel tabel yang bisa dijadikan Dimension. Tabel tabel InfoObject bisa dijadikan sasaran foreign key dari tabel fact. -> PSA = Penampungan Sem

This post is dedicated to accidents that every so often resulting in deleted rows of data. Of course everyone should have backups. But things do happen when the backups nowhere to be found, or not being done often enough, or we're storing data in a forgotten database server. In the event of such incident.. deactivate your apps. Prevent unnecessary writes to db that could make your data overwritten. In case of oracle database, you could try flashback query that assume the transaction is still fresh in the redo log. In case of mysql database, copy the whole data directory into a safe location, where we would try to dump deleted rows using Percona Innodb recovery tool. But such methods failed miserably when we found out about the accident much too late. I think every person should be responsible for their actions, even if the action is about deleting data. But the consequence of mass-delete actions is very different from single-row deletes. That is why mass delete function must be

Have you ever deployed an application, and  find out that its real world performance is less than what you expect? Maybe you haven't got time to do proper load testing, or maybe the production environment have different performance characteristic. Fear not because for some common issues we could still improve performance even when time running out. In this blog post I will try to create conceptual framework for troubleshooting enterprise application performance. Enterprise application in this context is actually synonymous to information system (as Martin Fowler has said in his Patterns in Enterprise Application Architecture). I will use three application that I have engineered as examples. The first, application P, is primarily used for viewing the result of complex business logic calculation, have transactional features but the transactional function usage is 1 : 10 to the view/report function. The second, application C, is primarily used in transactions. The third, applicatio

One of the cost saving techniques being used by Google is that they used commodity SATA drives in their GFS Clusters, as opposed to a specialized storage cluster. That makes me wonder just how much saving that could be realized by using SATA drives. For our comparison case, lets build a highly availably MySQL server. This MySQL is not clustered, but will be failover onto the second host upon first host's failure. Our core solution primarily depends on two servers, one server runs mysqld and the other will run mysqld upon failure. Both mysqld is configured to save data to the same storage, so there only can be one mysqld server allowed to run at a time. The storage solution being used is NetApp storage solution described in http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1001783 , that will supply storage redundancy and availability zone redundancy. NetApp's MetroCluster will do synchronous mirroring between two separate Ne

Murphy's Law said that if anything could go wrong, then it will. (ref: Captain Edward A. Murphy  http://www.murphys-laws.com/murphy/murphy-true.html ). In our world of computing this includes : our network  switches and wirings, they could be disabled, or worse : bit flipping data that were sent through the network TCP checksum, instead of checksum errors (that will get transmitted), double bit flip will corrupt the packet but TCP layer not knowing that it is corrupted HDD wiring, install wrong cable or wrongly install a correct cable. Switching a good ultra DMA ATA cable with a bad one (so it will still be detected as ultra DMA) and we get a large ultra DMA CRC error rate. And we have also  CRC-undetectable  error rates of something like 5x10^-13 (illogically taken from  http://doc.utwente.nl/64267/1/schiphorst.pdf  ),  this corrupt data (average is one bit for two terabytes of data) will get stored to our disks. HDD failure, that commodity disks will fail in 2 -3 years, an

VMware player shows us that virtualization has many benefits even on a dual processor laptop. Amazon Elastic Compute Cloud (EC2) sets the cloud computing standard, shows us that cloud computing is feasible and could be cheap (after all, they only make us pay for hourly usage). So here in 2012 we found that there are so many open source cloud computing solutions out there.. Core Service Virtualization is provided by several commonly known hypervisors : VMWare vSphere . This one is not open source at all. Xen . Xen was a mature hypervisor that were fully open-sourced by Citrix in 2009. There are open source version (Xen Cloud Platform), free version (XenServer Free), and paid version. Kernel-based Virtual Machine ( KVM ). KVM is  an open source virtualization software that tightly integrated with the Linux kernel as the host OS.  On top of these core hypervisors is built more GUI and Management layer, resulting in cloud computing platforms. Cloud computing platform Lets

Dashboard CloudStack Pada April 2012 Apache menerima CloudStack dari Citrix sebagai salah satu project open source di Apache Incubator. CloudStack merupakan platform software yang mengumpulkan sumberdaya-sumberdaya komputasi menjadi sebuah Cloud IaaS (infrastructure as a service). Bayangkanlah Amazon EC2 yang dapat diinstall di data center pribadi kita. Service Offering - mirip Amazon EC2 Dengan CloudStack, kita bisa memberikan layanan cloud ke user kita.. Mereka dapat melaunch Server sesuai keinginan asalkan masih di batas kuota dan kapasitas sistem. Pilihan Template VM Sebenarnya komponen utama CloudStack adalah aplikasi web berbasis Java yang melakukan provisioning ke software hypervisor berupa XenServer, VMWare, ataupun KVM. Sebuah Cluster dalam terminologi CloudStack adalah sekumpulan host yang dikendalikan oleh hypervisor yang seragam.   Apa yang didapat dari CloudStack antara lain : Manajemen sentral berbasis web berfitur Ajax untuk VM-VM berbasi

The internet has pampered our users by giving them 99.9% uptime. Now every corporation needs to have similar availability to 99.9%. One part of high availability solution is the storage. In the good old proven corner we have SAN and NAS storage solutions. They are not always highly available (you must ensure the system has more than one controller, in case one controller is broken, and RAID 5 is nowhere enough these days, choose RAID 6, and dont forget network rendundancy), but they are almost always expensive. In the era where IT Directors forced to think 'cost transformation', we always welcome cost-saving alternatives. New hardware developments influenced our infrastructure options, lets write the factors down: abundance of cheap gigabit ethernet card & router -> this allow us to forget expensive fiber connetivity, and allow us to leverage newly developed distributed systems. cheap large SATA drives -> large commodity storage for the masses Development o

In times where we have too small screen estate (primarily because too much information in the screen), we settled using popup window containing textarea to input comments.  Just implemented such simple popup textarea functionality using jquery-popbox - A small wonder.  OSS and sharing and all.

Did you ever find out that your app didn't do what it was expected to do ? But no clue whatsoever about the cause. You might stumbled upon 'Ignored Exceptions' antipattern. Or worse.. a special case of this antipattern is 'whatever passed the acceptance test' mindset that causing the programmer to code in such way. The most primitive example of this antipattern is :    ON ERROR RESUME NEXT [this one-liner is an example from Visual Basic] In Java programming language, an example for Ignored Exceptions antipattern :    try {   ... some code ..   --- more code ---    }   catch (Exception ex) {   } Note  that the exception is blank. It silently ignores any errors. Yes, there are cases where this sort of code would be hard to avoid, but in most cases better alternatives exist. Such as : - using Log4j to log the error - converting the exception to a message that could be understand by the user At the minimum , the error should be written to the console,

On some occassions we need to move joget 3 workflow service from one server to another. We need to migrate two part : the server application files, and the database. Our aim is to migrate joget server with data intact. Identify running instance First we need to determine where joget is installed. In an ideal situation this information is stored in CMDB. But since we have yet to see Joget - Cloud foundry package, and we haven't deploy CMDB enterprisewide, this step is necessary. Look  for java processes in the source machine : ps auxw | grep java In my machine we got these output : 501      26733  0.0 22.2 759176 457552 ?       Sl   Apr26  18:20 /home/admin-dev/p/jdk1.6.0_21/bin/java -XX:MaxPermSize=128m -Xmx512M -Dwflow.home=./wflow/ -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/home/admin-dev/p/joget-linux-3.0.0/apache-tomcat-6.0.18/conf/logging.properties -Djava.endorsed.dirs=/home/admin-dev/p/joget-linux-3.0.