The advantage of serverless computing for CIOs & CFOs

Back in the days, a company had to buy expensive physical servers, set those up somewhere in rooms that were outfitted with peripheral subsystems for cooling, ventilation, fire suppression, etc., and then configure each server in order to run their applications. They also had to hire engineers to maintain these bare-metal servers and troubleshoot any issues that could occur along the way.

This entire process of deploying servers, or any other devices, could take days to complete, and required properly allocating capacity since you can’t dynamically add and remove CPUs, RAM, disks, etc. For those living on the bleeding edge the server-based model often proved to be quite inconvenient, very labor-intensive, and entailing high costs (CAPEX vs OPEX).

Starting 2016, cloud computing ushered the era of on-demand virtual machines that you can use to launch online solutions in a matter of minutes instead days or weeks. A bare-metal server runs the host OS and a virtualization layer which produces tens or hundreds of virtual machines. This pool of virtual machines is sharing the CPU cores, RAM, network bandwidth, and disks that are attached to the host computer.

Since a VM has its own OS, it also has its own kernel which provides for a secure boundary over other VMs running in our host computer. It takes time to launch all of these instances due to the different components that the hypervisor must virtualize and allocate. Moreover, you will have to pay the costs of running your VMs, including idling time when a resource isn’t used at all. And let’s not forget that virtual machines are running a guest operating system that needs updates.

Next step was a smaller virtualized entity called container (Docker, Kubernetes pods). Containers share the physical server’s OS system kernel but do not run a guest OS with its own kernel, unlike a VM. They are primarily used to virtualize and run application libraries and dependencies.

Although a container provides a significantly reduced startup time over a VM, it still has operating costs that you have to cover. The burden of paying active and idle time remains, even if no one is using your containerized application at all.

This is where serverless kicks in. Serverless is in essence a combo of a VM and a container, but in contrast to containerization, serverless uses a small optimized kernel virtualized on top of a kernel-based virtual machine (MicroVM).

Serverless let’s you run code, manage data, even integrate business applications without managing any servers because the CSP will handle these tasks for you.

Speaking about fees, in contrast with VMs and/or containers, serverless services don’t run continuously. A serverless setup will only start when it is invoked, and will afterwards release all computing capacity. This is the reason why serverless architectures are the most cost-effective since you don’t pay for idle time.

Why I decided to -limit- my social presence on the internet, and why I think this will be good for the both of us

A few years ago something totally unexpected happened. It was at the end of the day and I was fully prepared to move behind my laptop at the home office. Instead I decided to do something else, not waste my evening on what became a daily routine; tweeting, liking posts on my LinkedIn, uploading fresh pictures on Instagram, answering Slack messages, scouring internet for anything interesting to read and learn.

Being away from my computer felt like something special. I started living regular life, spending my free time as any other guy would do, watching movies together with J. (girlfriend), playing with our dogs on the beach, going out with friends.

I could have spent time behind this blog as well, but I chose not to. I was able to get a clear head, think about how I used my computer, and phone, how I perhaps consumed and processed more information than I really wanted to, and what the long term effects of that do to a person.

In periods I can burn a lot of time tinkering with all kinds of hardware, Linux and open source software! I’m that introvert perfectionist with a slight touch of OCD who gets a bit too obsessed about particular things and who can’t let anything go before he’s really done with it > In the past this behavior actually led to a few years of unhealthy multiplayer gaming (CS:GO), so it’s not something I take lightly.

In the back of my head I already knew I had to take counter-measures to prevent falling back in the same trap, and letting my mind go on the loose again.

So, first task, I started with disposing old hard-disks, floppy’s, zipdrives, network cables, a Pentium Pro desktop, even an old SPARCstation. All that awesome stuff you usually gather when working years in IT. Sometimes it was a painful activity because you feel bonded with objects that link to good memories from the past.

Anyways, this was a big step in de-cluttering my life and it has made some huge positive improvements on my productivity and what I call my hyper-focus.

I also realized that while my workflow had improved, I did things the younger me would never ever have approved.

As an example, one of those things was leaving an application open and letting it run in the background, even when I was not there. I know this sounds rather silly but closing an application when I don’t use it does help focus on what I’m doing. For that reason, I replaced the OS on two of my Lenovo workstations with vanilla Debian & I3 WM. (See honey? Told you this post is not exclusively about scoring points amongst those other nerds on LinuxPorn!)

Now … when it comes to social media, can’t leave them unread. I must to relax. The third step. I became picky about what channels to subscribe to, and made an agreement that at a certain time in the evening I’d stop, no matter how much my desire to keep hanging on (if I don’t I have to take her out to a fancy diner). After some time I found the everlasting craving for more was gone, and I truly enjoyed the nothingness, loved all that time I now had on my hands more than anything.

I eventually launched Newsboat, and closed it after a quick glance. Then fired up Vim and removed about 80% of the feeds. Most were other we(b)logs, a variety of tech and/or open source related projects and some news sites. The first was CNN International that posts —multiple times per day— about everything from movie trailers, science and tech, to politics. While this was pretty good at giving me the latest highlights it took more time than what it was worth to keep up with.

We both don’t like TV channels because of the irritating commercials filled with products we are never going to buy. Thus Netflix was the only agreeable option.

Last week I took the last step and told my customer(s) I would take 5 days off for studies, no matter what outcome. Yes, every unproductive day is money lost, but at the end those certifications are a long-term investment that will pay for itself.

Update d.d. 15/11/21: Bought a Garmin Fenix 6 Smartwatch and Aeku M5 phone after reading this blog post. Let’s see if they can replace my BlackBerry Android.

Something to think about. Since we have a limited quota of time in this world, why not rather spend that on things and people we find fun, that bring joy in our life and that keep us productive?

So. I hope you will understand and don’t feel offended if I don’t follow on social media; it’s nothing personal. It’s for the good of me, and you.

To-do's when (re-)installing Ubuntu 20.x on a Lenovo ThinkPad X1 Carbon Gen 8

BIOS functions

Firmware updates

Lenovo sends out capsules which when running Ubuntu Update-Manager will be available for installation. Ref: Lenovo Knowledge Base.

Sleep states

The BIOS has 2 Sleep State options, which you can find in Config > Power > Sleep State.

The Linux option is a traditional S3 power state where all hardware components are turned off except for the RAM, and it should work normally.

The Windows option is a newer software-based “modern standby” which works on Linux (despite the name). One benefit to the Windows sleep state is a faster wake up time, a possible drawback is increased power usage.

Tested the Windows option > did not notice any major loss on battery time.

Software packages

My bash & zsh history output

$ sudo apt install ubuntu-restricted-extras
$ sudo apt install tmux
$ sudo apt install neofetch
$ sudo apt install curl
$ sudo apt install youtube-dl
$ sudo apt install gimp
$ sudo apt install vim
$ sudo apt install python
$ sudo apt install git
$ sudo apt install htop
$ sudo apt install iotop
$ sudo apt install iftop
$ sudo apt install ttyload
$ sudo apt install ranger
$ sudo apt install unrar zip unzip p7zip-full p7zip-rar rar
$ sudo apt install virtualbox virtualbox-ext-pack -y
 <> $ sudo sh sign-vboxmodules.sh
$ sudo apt install steam
$ sudo add-apt-repository ppa:yann1ck/onedrive
 <> $ sudo apt install onedrive
 <> $ onedrive --synchronize --verbose --dry-run
 <> $ systemctl --user enable onedrive
 <> $ systemctl --user start onedrive
 <> $ systemctl status --user onedrive
$ curl -fLo ~/.vim/autoload/plug.vim --create-dirs https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
$ git clone https://github.com/powerline/fonts.git --depth=1
 <> $ cd fonts
 <> $ ./install.sh
 <> $ cd..
 <> $ rm -rf fonts
$ sudo apt update && sudo apt install ecryptfs-utils cryptsetup
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
 <> $ unzip awscliv2.zip
 <> $ sudo ./aws/install -i /usr/local/aws-cli -b /usr/local/bin
 <> $ aws configure --profile **my username**
$ sudo add-apt-repository -y ppa:teejee2008/ppa
 <> $ sudo apt-get update
 <> $ sudo apt-get install timeshift
$ sudo apt install zsh
 <> $ zsh --version
 <> $ echo $SHELL
 <> $ chsh -s $(which zsh)
$ git clone https://github.com/zsh-users/zsh-autosuggestions.git $ZSH_CUSTOM/plugins/zsh-autosuggestions
$ git clone https://github.com/zsh-users/zsh-syntax-highlighting.git $ZSH_CUSTOM/plugins/zsh-syntax-highlighting
$ sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
$ gsettings set org.gnome.desktop.privacy remember-recent-files false
$ sudo apt install gufw
$ sudo apt -y install net-tools
$ sudo apt install smartmontools
$ cd ~/Downloads
 <> $ git clone https://gitlab.gnome.org/GNOME/sushi.git
 <> $ cd sushi-3.38.0 (could be a newer version)
 <> $ sudo apt install meson libevince-dev gir1.2-gstreamer-1.0 librust-gstreamer-audio-sys-dev librust-gstreamer-audio-sys-dev libgtksourceview-4-dev libmusicbrainz5-dev libwebkit2gtk-4.0-dev libgirepository1.0-dev ninja-build
 <> $ meson builddir && cd builddir
 <> $ sudo meson install
$ sudo apt-get update
$ sudo apt install mupdf
$ sudo apt-get remove --purge totem
$ sudo apt update && sudo apt upgrade
$ sudo apt install mpv
$ sudo apt install ffmpeg
$ sudo apt install ffmpegthumbnailer
$ sudo apt install protonvpn
$ sudo apt install gnome-shell-extension-appindicator gir1.2-appindicator3-0.1
$ sudo add-apt-repository -y ppa:libreoffice/ppa
 <> $ sudo apt update && sudo apt install libreoffice
$ sudo snap install hexchat
$ sudo snap install slack --classic
$ sudo snap install powershell --classic
$ sudo snap install spotify
$ sudo wget https://github.com/shiftkey/desktop/releases/download/release-2.6.3-linux1/GitHubDesktop-linux-2.6.3-linux1.deb
 <> $ sudo apt-get install gdebi-core 
 <> $ sudo gdebi GitHubDesktop-linux-2.6.3-linux1.deb
$ sudo snap install helm --classic
$ sudo snap install atom --classic
$ apm install pigments
$ apm install file-icons
$ apm install teletype
$ apm install atom-beautify
$ apm install todo-show
$ apm install expose
$ apm install emmet
$ apm install color-picker
$ apm install markdown-writer
$ apm install language-markdown
$ apm install language-powershell
$ apm install autocomplete-python
$ apm install language-batchfile
$ apm install language-vbscript
$ apm install language-reg
$ apm install minimap
$ apm install minimap-autohider
$ apm install autoclose-html-plus
$ apm install text-align
$ cd "My Documents"
 <> $ find . -type f -print0 | xargs -0 chmod -x

Resources:

Note: dotfiles are available in this private repo.

Browser extensions

Add DuckDuckGo, Privacy Badger, HTTPS Everywhere, and Facebook Container. Do not use other sources!

System specifics

Hibernation modus aka deep sleep

Simply closing the lid will probably trigger deep sleep. Check that it works using the command line:

$ systemctl suspend -i

If not, upgrade to a newer kernel.

Low cTDP and trip temperature in Linux

This problem is related to ‘thermal throttling’ on Linux, which is set much below Windows values. It will cause your laptop to run slower than it could when under heavy stress.

Before attempting to apply this solution, make sure that the problem still exists. To do so, open a Linux terminal and run following commands:

$ sudo apt-get install msr-tools
$ sudo rdmsr -f 29:24 -d 0x1a2

If you see 3 as a result value (15 when running on the battery), you don’t have to do anything. Otherwise:

  1. Disable Secure Boot in the BIOS (won’t work otherwise);
  2. Run this command:
    $ sudo apt install git virtualenv build-essential python3-dev \
      libdbus-glib-1-dev libgirepository1.0-dev libcairo2-dev
    
  3. Install the lenovo-throttling-fix:
    $ cd lenovo-throttling-fix/
    $ sudo ./install.sh
    
  4. Check again that the result from running the rdmsr command is 3.

I use lower temperature levels to preserve battery life at the cost of performance. To change default values, edit the /etc/lenovo_fix.conf file, and set Trip_Temp_C for both battery and AC the way you want:

[BATTERY]
# Other options here...
PL2_Tdp_W: 40
Trip_Temp_C: 75

[AC]
# Other options here...
PL1_Tdp_W: 34
PL2_Tdp_W: 40
Trip_Temp_C: 90

CPU undervolting

The Lenovo Throttling fix script also supports undervolting. To enable, re-open /etc/lenovo_fix.conf and update the [UNDERVOLT] section.

In my case, these settings are stable:

[UNDERVOLT]
# CPU core voltage offset (mV)
CORE: -110
# Integrated GPU voltage offset (mV)
GPU: -90
# CPU cache voltage offset (mV)
CACHE: -110
# System Agent voltage offset (mV)
UNCORE: -90
# Analog I/O voltage offset (mV)
ANALOGIO: 0

Battery charging thresholds

There are a lot of theories and advisories about ThinkPad charging thresholds. Some say thresholds are needed to keep the battery healthy, some think they are useless and the battery will work the same just as it is.

I always stick with the following settings for my laptops (because they are mostly on AC):

Start threshold: 60% - Stop threshold: 65%

This means that charging will start only if the battery level goes down below 60% and will stop at 65%. This prevents my battery from being charged too often, and from being charged beyond a recommended level.

To achieve this for Linux based machines:

  1. Install this list of packages:
    $ sudo apt-get install tlp tlp-rdw acpi-call-dkms tp-smapi-dkms acpi-call-dkms
    
  2. After that edit the /etc/default/tlp file and change below values:
    # Uncomment both of them if commented out
    START_CHARGE_THRESH_BAT0=60
    STOP_CHARGE_THRESH_BAT0=65
    
  3. Reboot, run:
    $ sudo tlp-stat | grep tpacpi-bat
    
  4. Verify that the values are as you expected:
    tpacpi-bat.BAT0.startThreshold          = 60 [%]
    tpacpi-bat.BAT0.stopThreshold           = 65 [%]
    
  5. You can change these thresholds anytime, and apply changes typing:
    $ sudo tlp start
    

Note: if you need your laptop fully charged, you can achieve that by running the following command while connected to AC:

$ tlp fullcharge

Docs-as-Code, when (not) to use it

Hey, what do you mean with “Docs-as-Code”?

The concept “Docs-as-Code” is basically similar to the way software engineers:

  • Write code,
  • Build an executable,
  • Test it, and then publish the deliverable.

In technical writing terms, it can look something like:

  • Store your content source in a version control system like GitHub (typically in a format like Markdown),
  • Using static site generators like Middleman, Gatsby, Hugo, Jekyll, VuePress, MKDocs etc.,
  • Produce a documentation site, running some validation checks (like broken links) and then publish it to your hosting provider.

Should I treat documentation the same as my source files?

Source code and documentation files (even if written in MD) are not the same.

A source code file is in plain text. A compiler reads the file and converts it into a machine-readable format (like an executable file).

A documentation file on the other hand will require extra elements, such as:

  • A link to an image (where will it be hosted),
  • Who is going to upload what,
  • Different rich styles like Tables, Tabs, Source code viewer, etc.

In terms of source code files, compilers are pretty mature and stable. If there are syntax errors (not functional errors) the compiler will catch them immediately.

Converting Markdown (using a static code generator parser) to HTML is prone to errors. There is no defined syntax for formats like MD, merely various flavours.

Challenges encountered when using this approach:

  • Simple fixes are complex,
  • Editorial workflow and review processes,
  • Image management and preview,
  • Category management,
  • Search implementation,
  • When devs need to write technical docs, things can go frantic.

Is it worth the trouble?

Docs differ significantly when compared to source code. In theory, it might look fascinating to go down the “Docs-as-Code” path.

In practice it can get quite rough, especially when you’re this single guy creating software documentation in a few GitHub repos, or writing some technical posts. If that’s the case, I suggest skipping or you should like self-punishment.

Big companies with dedicated teams should look at tools like docToolChain. The philosophy of docToolchain is that software documentation should be treated in the same way as code together with the arc42 template for software architecture.

Further reading (English books)

DevOps, what's the fuss?

Notes on dual-booting Linux/Windows 10 with BitLocker and Secure Boot

Boot menul

These notes are meant to help you setup a dual-booting system on a computer running Windows 10 Professional using BitLocker Device Encryption, Modern Standby (a.k.a. Fast Boot), and Secure Boot.

Linux installation is covered briefly as we will focus on preserving the Windows pre-boot UEFI environment in such a setup.

MAKING PREPARATIONS

Before proceeding you should backup all important data to an external disk or your preferred online backup provider. Remember… there is a not insignificant risk of permanently breaking the Windows 10 installation in a non-recoverable fashion as you’ll be making changes to the UEFI partition in your computer.

You should also print a copy of your BitLocker recovery key as it may be needed during this process. This is not your BitLocker PIN or password, but a separate numeric key. Print this key from Control Panel: System and Security: BitLocker Drive Encryption.

Please note that the recovery key will change every time you disable - re-enable BitLocker Device Encryption. Be sure you have several copies of the most recent recovery key or you may loose access to all your encrypted data! I’d recommend creating a script that backups your key to a secure place on the cloud.

Download and prepare Windows 10 Installation Media (a 16 GB+ USB stick) for recovery purposes. And do not forget your Linux installation media.

To mop it up, double-check that you have the latest firmware updates installed, especially your Trusted Platform Module (TPM) firmware. Vendors might not auto-update the TPM using their regular driver and firmware update utilities.

FREEING UP SPACE ON THE DRIVE

To install a second operating system you obviously need space on your system drive. You could also use a second drive, but this is probably not a good option for laptop users and small-form-factor devices.

Try to free up at least 20 GB for a Linux installation. Some distros (like Ubuntu and Fedora) install themselves semi-automatically next to Windows with fully guided installation options if you prepare your disk in this way.

Optionally, if your partition layout allows for it you should also grow your UEFI System Partition to circa 1 GB. Multiple operating systems will be storing their UEFI blobs (and possibly multiple versions during system upgrades), and it can be beneficial in the near future to have more space available on this partition.

You can resize and manage your partitions with the built-in Disk Management utility in Windows (search for “Create and manage hard disk partitions” in your Windows Search box or Cortana).

If this is a new device that you’ve never stored personal data on, I recommend that when activated you first disable BitLocker Device Encryption temporarily before making changes to the drive partitions. After disabling BitLocker Device Encryption from Windows Settings, you must wait some time for decryption to complete. Then you can proceed to shrink the main drive. Both operations can take hours, depending on the size. When you shrunk the partition and freed up space, you can re-enable BitLocker Device Encryption. Reboot the system and wait for the process to complete before moving on – this to avoid running into issues later.

If you already stored some data on the drive, you should first create a backup, leave BitLocker Device Encryption enabled, and then just resize the encrypted drive and hope for the best. Don’t format or partition the freed up space, leave this to the Linux installer.

INSTALLING THE SCEONDARY OS

Linux installers vary a lot, so I’ll only give general pointers on the installation process. You shouldn’t need to disable Secure Boot to install a modern Linux. Refer to the wiki for your distribution for specifics. Depending on your device, you may have to boot into your installation media from the Windows Settings app: “System and Updates: Recovery: Advanced Startup”.

You shouldn’t select to use the whole drive. The graphical installers for Fedora and Ubuntu will automatically suggest using the freed up space on the system drive. Always verify that the installers aren’t going to format your Windows or UEFI partitions before accepting their suggestions!

Windows 10 and Linux share the same partition for their UEFI blobs. However, you can’t install multiple versions of Windows or the same Linux distro on the same UEFI system partition. Each OS will install into its own named folder e.g. “Microsoft”, “Fedora”, or “Ubuntu”, and this naming scheme does not allow for more than one unique version at the time. If you really need to install multiple versions of lets say Ubuntu, then you also have to create separate UEFI system partitions for each one. This requires disabling BitLocker Device Encryption as changing the boot partition will upset the TPM.

Older versions of Windows and some Linux installers will sometimes overwrite the entire UEFI partition. To prevent this type of often fatal errors, always use shared UEFI partitions, even when installing to a secondary drive as this will give you an easier time dealing with Secure Boot, BitLocker, and GRUB2.

The OS-prober should auto-detect Windows and create a boot menu item for it alongside Linux in GRUB2. Because Windows Update requires multiple reboots, you must configure GRUB bootloader to remember the most recent boot menu: (GRUB_DEFAULT=saved; GRUB_SAVEDEFAULT=true). This allows an operating system to trigger multiple reboots when performing updates and boot back into the correct base.

You might be prompted for a BitLocker recovery key after completing the installation.

PS. Need more technical info? Check this link @XDA Developers.