Make columns same height on Bootstrap 3.x, even for Safari and iOS

When you work in the frontend side it’s rather easy to get things done with Bootstrap in a good and nice way, however sometimes things get more complex.

Today I faced one of those issues. On one of my projects I needed to display custom categories saved in the database by the customers and those categories could have images or icons to be displayed nicely.

categories-nice-design
Categories with good ratio images

 

Continue reading “Make columns same height on Bootstrap 3.x, even for Safari and iOS”

The Zen of Python

In my opinion this must be the Zen of any programming language and of every developer.

The Zen of Python

Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Readability counts.
Special cases aren't special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one-- and preferably only one --obvious way to do it.
Although that way may not be obvious at first unless you're Dutch.
Now is better than never.
Although never is often better than *right* now.
If the implementation is hard to explain, it's a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea -- let's do more of those!

 

docker on MacOS mkmf.rb can’t find header files for ruby

After the latest upgrade on MacOS when I tried to use docker on my mac to build my new images I got this error:

mkmf.rb can't find header files for ruby at /System/Library/Frameworks/Ruby.framework/Versions/2.3/usr/lib/ruby/include/ruby.h

After trying multiple and different solutions the only thing that worked for me to get this fixed was removing the previously installed developer tools for command line and install them again by following these steps:

sudo rm -rf /Library/Developer/CommandLineTools 

xcode-select --install 

sudo xcodebuild -license accept 

open /Library/Developer/CommandLineTools/Packages/macOS_SDK_headers_for_macOS_10.14.pkg

After running those commands and, of course, wait a bit to get everything downloaded and installed, docker commands are now working again.

Starting with Docker

Over the past years, Docker has become an essential technology used in software development. Developers, DevOps, Companies has adopted this new technology quite fast.

Nothing to be surprised about, its containerization concept has made it easy to set up, share and deploy software projects.

In this article we’ll what Docker is, what a container is and how to start playing with it.

Continue reading “Starting with Docker”

BitBucket Pipeline configuration for PHP, MongoDB and Symfony

Recently I’ve been playing around with BitBucket and their Pipelines. Just to let you know BitBucket Pipelines is an integrated CI/CD service built into Bitbucket. It basically means that on every commit you make your tests will be ran and your code will be deployed.

They say in their official website that it has a really basic and simple configuration and as far as I could experiment, it really is.

Continue reading “BitBucket Pipeline configuration for PHP, MongoDB and Symfony”

9 Kubernetes Security Best Practices

Today I was reading an interesting article about the 9 Kubernetes Security Best Practices everyone must follow.

In that article they basically enumerate and briefly describe how to follow and accomplish those 9 security recommendations. I’ve extracted them here for you to simply go quickly through them.

1. Upgrade to the Latest Version

In the article they don’t specify if the order of this list is important, but for me the most obvious things must come first.

Keeping your cluster upgraded is always the first thing you should do.

2. Enable Role-Based Access Control (RBAC)

RBAC is the new access control they introduced in Kubernetes 1.6 and basically allows you to control who can access your API in a more secure and improved way.

Specially after discovering the security issue CVE-2018-1002105

3. Use Namespaces to Establish Security Boundaries

I’ve been using namespaces from my first cluster setup and they’re great to isolate components and even the logic of your different cluster parts.

DevOps guys immediately understand the namespaces and when working with the cluster the can easily focus on the part they want to work with avoiding making mistakes in other namespaces. Deleting a pod for another system part could be a good example of this 😉

Related to security it’s also really handy to be able to apply different security controls based on namespaces.

4. Separate Sensitive Workloads

Sensitive workloads should be ran in dedicated machines, this reduces the risk of an non authorised app accessing that sensitive info.

By using namespaces you can achieve this.

5. Secure Cloud Metadata Access

I thing this recommendation is more focused for GKE environments and any other cloud services, a recent Shopify bug bounty disclosure detailed how a user was able to escalate privileges by confusing a microservice into leaking information from the cloud provider’s metadata service.

They’re still working in a more robust & permanent solution for this.

6. Create and Define Cluster Network Policies

This is something that is purely related with cloud services that allows you to configure network policies for controlling network access into and out of your containerized applications.

However you can always apply same concept in your private cluster, by running them in isolated networks and stablish direct communications only when needed.

7. Run a Cluster-wide Pod Security Policy

A Pod Security Policy sets defaults for how workloads are allowed to run in your cluster. Consider defining a policy and enabling the Pod Security Policy admission controller — instructions vary depending on your cloud provider or deployment model. As a start, you could require that deployments drop the NET_RAW capability to defeat certain classes of network spoofing attacks.

8. Harden Node Security

They put this point at 8th position in their list. In my humble opinion should come at 1st position in this list.

At the end a cluster is a set of nodes orchestrated by Kubernetes, those nodes are just machines and they live in a network environment so hardening your machines should be the most important and the very first thing you must do.

  • Uninstall non required software that is included in the operating system
  • Keep all the software up to date
  • Disable root SSH connections
  • Reduce as much as possible sudo users
  • Install firewall
  • Only expose required ports, close the rest
  • Install tools to track unauthorised login attempts and block them immediately
  • logging, logging, logging ! You need to know what’s happening in your machines, logs all the actions to discover misconfiguration issues, security problems, etc.

Those are some personal recommendations I make for you, of course, depending on your needs, you need to apply more.
Please read this guide to understand server hardening.

9. Turn on Audit Logging

logging, logging, logging !

I told you 😉 the more you know about what’s happening under the hood, the more control you’ll have on your system.

Enable audit log to discover unauthorised API calls or any kind of authorization failures.

JavaScript things to learn for 2019

I was reading for new topics to learn in the JavaScript ecosystem or just things to keep in mind if you consider to start a new project.

I found this article Top JavaScript Frameworks and Topics to Learn in 2019 from Eric Elliot quite interesting.

In summary despite being a lot of articles and people talking about vue.js, is still in adoption phase, Angular and React are clearly dominating the market and jQuery is still also active, probably due legacy code and because is the first thing you start learning if you start in this world.

dec 2018 job board postings per framework

Dec 2018 Job Board Postings Per Framework

Happy coding in this new 2019!

How to create, publish and use private NPM packages

After a long time working with different package systems I decided to migrate all my packages and dependencies to NPM. And the result couldn’t have been better.

When NPM reached the 5.x version they included a lot of things that improved the performance, speed and security of the packages.

There’re two commands that I specially like a lot.

npm outdated
npm audit

Continue reading “How to create, publish and use private NPM packages”

Exploring ES6 – From jQuery to ES6 #1

Recently I started to migrate all my code from ES5+jQuery to ES6 for different projects. I discovered a lot of cool things. Of course, I also faced some issues and I thought would be great to share all the stuff I’m learning and fixing with the rest of the people planning to migrate to ES6 as well.

I’m gonna write a serie of small articles covering all the new ES6 features and how to migrate your code from previous ECMAScript versions or from jQuery code.

Continue reading “Exploring ES6 – From jQuery to ES6 #1”

Kubernetes with Fluent Bit to send logs to Loggly

I’m going to show you how easy is to deploy Fluent Bit into your Kubernetes cluster. I’ll configure Fluent Bit to work together with Loggly, an external logging tool to manage all your cluster logs.

But first, some quick concepts about the tools we’re going to use.

Kubernetes, in short, is a tool that allows you to manage, in a better organized and simpler way, your containerized applications.

Continue reading “Kubernetes with Fluent Bit to send logs to Loggly”

Software libre para predecir la producción energética de sistemas fotovoltaicos

Un equipo de investigadores del Instituto de Energía Solar de la Universidad Politécnica de Madrid ha desarrollado un modelo para predecir la producción de energía de un sistema fotovoltaico partiendo de una mínima información meteorológica.

El modelo permite predecir la producción de energía de un sistema fotovoltaico disponiendo solamente de los doce valores mensuales de la radiación solar, la turbidez de Linke (transparencia de la atmósfera), y la temperatura ambiente.

Continue reading “Software libre para predecir la producción energética de sistemas fotovoltaicos”

Create a website or blog at WordPress.com

Up ↑