Doing random things over at http://musteat.org
207 stories
·
4 followers

The next chapter of Flyway

1 Share

In early 2010 I was doing some work around deployment automation. As part of this effort, I decided to tackle the problem of rolling out database changes along with the application consistently across environments, I wanted a tool that could be tightly integrated with application deployment, worked with plain SQL, and was simple to use. I was very surprised that my search did not come up with any solution that met my needs. This was very early days for continuous delivery and the tooling landscape wasn’t nearly as mature as it is today. So I decided to roll up my sleeves and build my own. On the 20th of April 2010, Flyway 0.0.1 was released on Google Code (yes, that used to be a thing!) under the Apache 2.0 license.

Not in my wildest dreams could I have imagined that over the 9 years that followed it would grow as incredibly as it did. Flyway is now downloaded millions of times each month. It has established itself as the industry defacto standard for database migrations with plain SQL. It now supports 18 different types of databases. It is available for Java, Android, Windows, macOS, Linux and Docker. There are integrations available for Maven, Gradle, ANT, SBT, Spring Boot, Play, Jenkins, XL Deploy, NPM, and much more. The community has written hundreds of blog articles about it in dozens of languages. People have been doing conference talks about it on every continent.

This vast and ongoing growth has enabled us to launch both a Pro and an Enterprise Edition in December 2017, effectively securing the long term economic viability of the project.

I am very proud of what we have accomplished so far and I am truly humbled by how positively all our hard work has been received.

Flyway and Redgate

Today I am honored to announce that I am passing the baton to a dynamic company with a solid track record in the database tooling space: Redgate Software. Please join me in welcoming them as new stewards of Flyway. They will be combining their vast industry expertise with everything you know and love about Flyway to take the project forward and make it even better than it is today.

As far as I am concerned, I’ll be around to support the transition but then gradually stepping down and taking some long overdue rest. It has been both a pleasure and honor to work with you all on Flyway through the years. I ride deeply satisfied into the sunset, knowing that Flyway’s future has never looked brighter.

From the deepest of my heart, thank you.

Axel Fontaine

Read the whole story
smarkwell
28 days ago
reply
Share this story
Delete

Your nines are not my nines

2 Shares

I've had some occasions of late to peer through the looking glass into a world that I hadn't seen much of previously. Specifically, I'm talking about the world of so-called "cloud" stuff, where you basically pay someone else to build and run stuff for you, instead of doing it yourself.

I'll skip the analysis of build vs. buy and just jump straight to the point where you've chosen "buy". Then you've had a whole bunch of fun outages caused by something going wrong with their services. Finally, you reach the point of a sit-down talk with the vendor to figure things out. Maybe they send some sales people too, or perhaps it's just engineers. You talk for a while, and before long, you realize what happened.

They are huge. They are like a giant which lumbers around while you are a gnat. You are nothing to them.

This becomes obvious when talking about some problem you experienced at the hands of their system. The whole time, their dashboard stayed green because from their point of view, they had tremendous availability. We're talking 99.999% here! Totally legit!

Meanwhile, you were having a really bad day. Nothing was working. Your business was in shambles. Your customers were at your throat yelling for action, and all you could do is point at the vendor. What happened?

Well, this is the point where you find out that their "99.999%" availablity is for their entire system. They see that, and they're good. It's not a problem! Everything is fine.

This also completely misses the fact that for you, everything was failing. It doesn't matter though, since your worst day still won't move the needle on their fail-o-meter. They won't see you. They won't have any idea anything even happened until you complain weeks later.

You are the bug on the windscreen of the locomotive. The train has no idea you were ever there.

The problem is that they weren't monitoring from the customer's perspective. Had they done that, it would have been clear that oodles of requests from some subset of customers were failing. They would have also realized that certain customers had all of their requests failing.

For those customers, there were no nines to be had that day.

Seriously, if you have a multi-tenant system, you owe it to your customers to monitor it from their point of view. Otherwise, how can you possibly know when you've done something that'll leave them in the cold?

Read the whole story
denubis
32 days ago
reply
Sydney, Australia
smarkwell
35 days ago
reply
Share this story
Delete

Stack

3 Comments and 13 Shares
Gotta feel kind of bad for nation-state hackers who spend years implanting and cultivating some hardware exploit, only to discover the entire target database is already exposed to anyone with a web browser.
Read the whole story
smarkwell
60 days ago
reply
Share this story
Delete
3 public comments
tante
60 days ago
reply
The modern tech stack
Berlin/Germany
jepler
60 days ago
reply
#toomuchtruth
Earth, Sol system, Western spiral arm
alt_text_bot
61 days ago
reply
Gotta feel kind of bad for nation-state hackers who spend years implanting and cultivating some hardware exploit, only to discover the entire target database is already exposed to anyone with a web browser.

Comments

3 Comments and 10 Shares
NPR encourages you to add comments to their stories using the page inspector in your browser's developer tools. Note: Your comments are visible only to you, and will be lost when you refresh the page.
Read the whole story
smarkwell
77 days ago
reply
Share this story
Delete
3 public comments
srsly
77 days ago
reply
here you go have fun: https://xkcd.com/1019/
Atlanta, Georgia
mcarson
77 days ago
reply
I really hope Randall let's us know how many hits 1019 gets over the next little while.
alt_text_bot
77 days ago
reply
NPR encourages you to add comments to their stories using the page inspector in your browser's developer tools. Note: Your comments are visible only to you, and will be lost when you refresh the page.

Tarn Adams

1 Share

Tarn Adams

Who are you, and what do you do?

I'm Tarn Adams, and I make computer games with my brother. Bay 12 Games is our website, and the game we are most known for is Dwarf Fortress.

What hardware do you use?

The computer I do everything on is my Toshiba Satellite P55T-C5114 laptop, and I also have a Mac Mini which I use for porting Dwarf Fortress. I have an Insignia mouse I can attach to the laptop when I get tired of using the little finger mousepad.. so it's always plugged in!

When I need to talk to somebody online or record something, I have a Turtle Beach headset. My most recent cellphone is a iPhone 8, which I got after dipping my Samsung in the Pacific Ocean by accident.

I have a PS4 and a Switch.

And what software?

My main operating system is Windows 10, and I use Mac OS X and Ubuntu for porting. All of my game programming is done in C++ using Microsoft Visual Studio Community, though I have some helpful utilities that use Python 2.5. I gather there are very newer Pythons, but 2.5 is the most recent compatible one with the scripts. I use OpenGL and SDL for graphics -- the upside is their portability. I use an older free version of FMOD for sound, though that'll change now that Dwarf Fortress is going to Steam and itch.

I do all of my text editing in WordPad and Notepad, depending on how ugly the line breaks look when I open up the file. I use Paint to crop screenshots and whatever else I need to do.

I mostly do interviews and things over Skype, though they have other sites they use sometimes now. I use Audacity and Open Broadcaster when I need to work with audio or video, though that hardly ever comes up for work these days.

For the website, I use the pad programs to do all the HTML. The website has a Simple Machines Forum as well as a Mantis bug tracker to track all of the issues with the game. I move things to and from the website with FileZilla. I currently host Bay 12 Games with Linode and Lunar Pages. I use PuTTY to log in to and mess with my servers.

I listen to music pretty much non-stop, and it'll either be on Spotify or using Winamp.

I use Gmail and the 7-Zip compression utility.

What would be your dream setup?

I always end up getting fairly inexpensive replacement computers and not really missing anything, so I don't think I have a dream hardware setup. The only thing I find myself thinking about at times is a really good music sequencer. For a brief time some years ago, I had Ableton and was super happy with it, but I never ended up using my tracks for anything and didn't renew my license when that old computer died.

Read the whole story
smarkwell
85 days ago
reply
Share this story
Delete

Avalanche Noise Generator Notes

1 Comment and 2 Shares

Good sources of entropy (noise) are an essential part of modern cryptographic systems. I designed a mobile-friendly avalanche noise generator as part of the background work I’ve been doing for the betrusted project (more on that project later). I had to do a new design because the existing open-source ones I could find were too large and power hungry to integrate into a mobile device. I also found it hard to find solid theory pieces on avalanche noise generators, so in the process of researching this I wrote up all my notes in case someone needs to do a ground-up redesign of the system again in the future.

Here’s an excerpt from the notes:

Avalanche breakdown is essentially a miniature particle accelerator, where electrons that enter a PN junction’s depletion region (through mechanisms that include thermal noise) are accelerated across an electrical field, to the point where new electron-hole pairs are generated when these high-energy electrons collide with atoms in the depletion region, creating an amplification cascade with low reproducibility.

An approximate analogy is an inflatable pool filled with water. The height of the pool is the potential barrier of the reverse-biased PN junction. A hose feeding water into the pool represents a constant current of electrons. The volume of the pool can be thought of as the depletion capacitance, that is, the capacitor created by the region of the junction that is void of carriers due to natural drift and diffusion effects. As water trickles into the pool, the water level rises and eventually forms a meniscus. Random disturbances, such as ripples on the surface due to wind, eventually cause the meniscus to crest over the edge of the pool. The water flowing over the edge pushes down on the inflatable pool’s side, causing more water to flow, until the level has reduced to a point where the inflatable pool’s side can snap back into its original shape, thus restarting the cycle of filling, cresting, and breakdown. The unpredictability of when and where the breakdown might happen, and how much water flows out during the event, is analogous to the entropy generated by the avalanche effect in a PN junction.

The electrical characteristic of avalanche noise biased by a constant current source is a “sawtooth” waveform: a linear ramp up in voltage as the capacitance of the depletion region charges to the point where the electric field becomes large enough to initiate the cascade, and then a sharp drop off in voltage as the cascade rapidly discharges the junction capacitance. The cascade then abruptly halts once the field is no longer strong enough to sustain the cascade effect, leading to a subsequent cycle of charging and breakdown.

The site also includes detailed schematics and measurement results, such as this one.

The final optimized design takes <1cm^2 area and draws 520uA at 3.3V when active and 12uA in standby (mostly 1.8V LDO leakage for the output stage, included in the measurement but normally provided by the system), and it passes preliminary functional tests from 2.8-4.4V and 0-80C. The output levels target a 0-1V swing, meant to be sampled using an on-chip ADC from a companion MCU, but one could add a comparator and turn it into a digital-compatible bitstream I suppose. I opted to use an actual diode instead of a NPN B-E junction, because the noise quality is empirically better and anecdotes on the Internet claim the NPN B-E junctions fail over time when operated as noise sources. I’ll probably go through another iteration of tweaking before final integration, but afaik this is the smallest, lowest power open-source avalanche noise generator to date (slightly smaller than this one).

Read the whole story
smarkwell
121 days ago
reply
Share this story
Delete
1 public comment
jepler
124 days ago
reply
I made an avalanche noise RNG way back in the day, so this is fascinating for me.
Earth, Sol system, Western spiral arm
Next Page of Stories