Skip to main content


Showing posts from 2018

Docker: Putting things together and pulling them apart

Why microservices is a good idea My favourite fictional scenes involve groups of people eating around a table, behaving badly. I think of Margaret Atwood's Edible Woman, or the movie "August: Osage County". Or the tea party in Alice in Wonderland. What works well in narrative is often the opposite of what works for computers - the worst computer mess-ups often involve a collection of badly behaving pieces that manage to make a mess much larger than any of the badly behaving pieces could do on their own. As a timely example, a client of mine that ill-advisedly used a generic host for their WordPress site recently had the site go down a few times. The host first told them they were a victim of a Denial of Service attack, but now thinks it was due to an incompatibility between their server and some backup software that was generating an unexpectedly high load. At the same time, the contact at the service provider was trying to fly down to Brazil for a family emergency

My Journey into Containers

This is a short story about how I've ended up learning more about Docker and it's associated technologies than I had planned. I'm not calling it "my docker journey" because, while Docker has done a great job of making Linux containers useable, there's no need to conflate container technology with the company. I'm a late-bloomer kind of person, not an early adopter, so it's a bit surprising to find myself in this position. I manage Drupal and CiviCRM hosting for a collection of non-profits in Canada. I started doing this 11 years ago, in spite of planning to avoid it, and after finding out that I could do a reasonable job of it, I kind of enjoy it. I'm a mathematician by training, and a (lapsed) Quaker by religion, so by nature I have a minimalist aesthetic. Add to that, my goal with hosting is to be as invisible as possible by keeping sites fast and reliable, so I really have minimal interest in experimental technologies. I generally do a strateg

Beware the PCI compliance salesperson!

I've been having a conversation with a client about PCI compliance and realised that there's a basic fact that really should be made very clear. Any provider that tells you that they're going to solve all your PCI compliance issues only by switching payment providers is lying. PCI compliance cannot be solved purely by switching providers. PCI compliance involves how you handle credit card credentials everywhere, not just on your website. If you are inputting credit cards numbers that someone has sent you by email, phone, or letter, then you have a compliance issue. Anyone who is selling you a service to solve your PCI compliance issues and doesn't explain that to you is not trustworthy. In this case, it was a Braintree salesperson that I'm calling out. Braintree is a division of Paypal, and I would expect better of them. To be fair, some aspects of PCI compliance may be easier with some providers compared to others. But you're not off the hook, you can't

Ontario PCs, get your email domain straight!

I've been working with SCI Ontario on a campaign to engage the candidates in the upcoming Ontario election on issues related to spinal cord injuries. Take a look at the main campaign page . Part of the campaign is to provide a form that allows the public to send emails to the candidates of their riding. I've been using OpenNorth to get the candidate data, and it's great. Except for the Ontario PCs, because almost none of their email addresses work. So this morning we noticed that Doug Ford is advertising his address, presumably touting his business-friendly attitude and assuming a ".com" is more business-like that ".ca". So we retried the candidate addresses, this time using, and none of the candidates are setup at that domain. What does this tell you about Doug Ford's potential administration? Leaving it as an exercise for the reader ...