Python – Jython

10Mar11

As we all know, Python has various implementation, there’s the mother of all C implementation CPython or just Python, there’s the Java version Jython, and there’s the .NET version IronPython. I have never worked with any other implementation other than C, until today that is.

Due to some existing environment, I have to convert my CPython codes to into Jython. I was thinking… both are still python, how hard can it be? Well… not that difficult, but do expect the unexpected. They may have same syntax, and look the same from the outside, but do note that they can be truly different in the implementation, which can lead to different behavior. The annoying thing is… these differences are not always mentioned, leaving you scratching your head figuring out why your Python code does not run on Jython.

Jython is certainly nothing new, so the following thoughts might came a little too late. But you know what they say, better be late than never.
The Good:

  • Allows you to use many wonderful Java classes and packages

The Bad:

  • CPython has tons of extensions that are written in C, including one of my favorites, Numpy. Well… Jython can’t use that, not now at least. Who knows if in the future somehow compiled C code can be transformed to java byte-codes.
  • Every time you fire up your py with Jython, a JVM is also fired up to run your pycode. Starting JVM is slooooww… even on my i7.
  • emacs does not support jython interpreter out of the box. You have to do some configuration that until now, I have yet to figure it out.
  • Jython implementation is *usually* 2 version lagging behind Python’s. As I’m writing this, the production version for 2.x is 2.7 for CPython, and 2.5 for Jython

It seems like there’s more baddies than goodies when things are viewed from my glasses. But I must say, the single good thing could easily trump all the baddies I listed here.

Here’s some problem I encountered when converting my code. Hopefully those on a similar path as me does not have to suffer that much because of it.

  • httplib.HTTPSConnection doesn’t work for self-signed websites.
    In CPython, calling this method does not involve checking the validity of the certificate, and it is clearly stated in the manual. Jython displays the same manual, and saying it is also ignored. But the truth is, it’s not ignored. The certificate will be checked against it’s keystore located at JAVA_HOME/jre/lib/security/cacerts 

    Unfortunately, there is no option for you to ignore it. So you have two option: 1. Ditch httplib and go with another library, or 2. add the self-signed certificate to your keystore manualy. I went with the first option, by using java package called htmlunit. I’ts just not practical to manually dozens of certificate into every machine I want to work with.

  • xml.sax.handler.ContentHandler
    This class behaves differently in CPython and Jython. If you have:

    def startElement(self, name, attrs):
    self.result.append(attrs)

    you might need to modify the code to:

    def startElement(self, name, attrs):
    self.result.append(dict(attrs.items()))

    This would make sure that you break any object reference that are still tied to attrs.

Anyway, those are just some examples. Moral of the story is: do watch out for these hidden ‘features’. While they are similar, they are not the same.


Filed under: Uncategorized   |  Leave a Comment
Tags: , , , ,

SVN on Apache2 over SSL using Shadow Authentication

18Jun09

Generally, you want to avoid sharing same account for web and system, because if the web account is compromised, the door to the system will be wide open. Not only that, basic authentication by Apache sends password in clear text, any packet sniffer can easily decipher the login credentials.

However, there are cases where authenticating against system users do make sense, like when you have SVN repository on the same server as your fileserver. You, or at least me, don’t want to maintain two separate user database for your SVN and fileserver. It’s bad enough that the samba account is using it’s own user database. Back to shadow authentication, fortunately there are ways to minimize the security risk in doing that. One, you can deploy SSL connection to the client. Two, you can leave the server unexposed to the rest of the world, keeping  it safe behind the firewall. If a remote connection is needed, use VPN.

Now that we got that out of the way, lets deploy some kick-ass SVN system:

To make your life easier, do the installation in steps, making sure that each installation works before proceeding to the next step. One minute of checking will save you hours of troubleshooting if something were to go wrong. Here’s the order that I got my system up:

  1. Install Apache2
  2. Enable SSL mod
  3. Install SVN
  4. Enable DAV mod
  5. Configure SVN over Apache
    For steps 1 to 5, I somewhat follow this guide
  6. Enable auth_shadow mod
    apt-get install libapache2-mod-auth-shadow
    a2enmod mod_auth
  7. Re-configure the SVN using shadow authentication
    #... omitted
    <Location /svn>
    DAV svn
    SVNParentPath /var/svn/repository
    AuthType Basic
    AuthShadow on
    AuthName "Subversion Repository"
    AuthBasicAuthoritative off
    AuthUserFile /etc/apache2/htpasswd
    Order allow,deny
    Allow from all
    <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
    </LimitExcept>
    </Location>
    #... omitted

For steps 6 and 7, I will give credits to http://www.howtoforge.com/apache_mod_auth_shadow_debian_ubuntu and http://adam.shand.net/iki/2008/apache_tips_and_tricks/ for giving me pointers.


Filed under: work   |  Comments
Tags: , , , , ,

Resizing LVM Partition of ESXi guest

10Jun09

I have a Ubuntu Server running as one of the virtual machine, as my standard practice, I only allocated 8GB for a vanilla installation. Today, one instance of the server requires far more than that, hence requires me to provision more. The thing is, if I had partitioned the virtual disk normally (without LVM), things would be simpler:

  1. Resize virtual disk from VI Client
  2. Boot the vm with gparted ISO and resize the partition. Gparted will recognize the simple non-LVM partition and will be able to resize it easily.
  3. Boot the os vm and resize the filesystem using resize2fs.

Things are a bit more complicated with LVM, but still pretty straightforward, especially once u understand more how LVM works.

  1. Resize virtual disk from VI Client
  2. Depending on the current partition layout, you might have to this part differently. Boot with Gparted, and resize the extended partition only. The Logical partition that contains the LVM would not be recognized by gparted hence it can’t resize it for you.
  3. Boot the VM and proceed with the following
    • Resize the physical volume pvresize or create new physical volume pvcreate (after creating LVM partition using fdisk)
      pvcreate /dev/sda6
    • if you create new physical volume, add it to the current group using vgextend
      vgextend VG /dev/sda6
    • Resize the logical volume using lvresize .
      lvresize -l +100%FREE /dev/VG/root
    • Resize the filesystem
      resize2fs /dev/VG/root

    For some reason pvresize won’t work for me, so I had to create new partition every time.


Filed under: Uncategorized   |  Leave a Comment

Migrating Xen to ESXi

27May09

After almost 6 months evaluating two virtualization solutions: Opensource Xen and VMware ESXi, it’s  time to do some consolidation. It’s actually partially triggered by the need to put a RAID system in place. The Xen server will become the new ESXi server, and the ESXi server will be used as the SAN server

The target system is running on AMD Phenom X4 9550 and Asus M3A-EM with 4GB DDR2. This particular box is not that ESXi friendly. Both the storage and network controller are not recognizable without going through some modification on the oem.tgz file. But it doesn’t matter, as I’ll be using usb stick to boot the ESXi and adding Intel NIC to the board.

As I’ve done it a couple of times, installation was no longer an issue. Moving the VMs from Xen to ESXi however, seems to be a challange. The P2V tool that vmware provided doesn’t seem to work with linux system, or maybe paravirtualized linux system. Either way, it doesn’t work. A couple of sources did show a couple of hard ways, but somehow none of them convinced me. As I don’t have time for research, I went on with the good old manual way of rebuilding the server and copying the files and configuration file from one VM to another. One *nix tool that really helped me on this: scp.

The Xen server was running OK and stable actually, but what had to be done, had to be done. This is taken before the shutdown:

budi@localhost.localdomain:~$ uptime
20:40:20 up 138 days, 10:15,  2 users,  load average: 4.07, 3.91, 3.46


Filed under: Uncategorized   |  Comments

Whitebox SAN Server

27May09

Over the weekend I was busy re-assigning the role of one of the desktops into a SAN server. This machine runs on AMD Athlon 64 1.8Ghz and Gigabyte K8-NF9 with 2GB DDR and 80GB IDE disk. No special casing nor rack system were used, just the good old desktop tower casing and some 400watts power supply.

To beef the system up here’s what I’ve added:

  • Areca Raid Controller 1220 – $860
    8 channel SATA, PCIe, RAID 0 1 10  5 6 JBOD
  • 6 x 750GB Western Digital Green Power – $119 x 6
  • Some old PCI graphic card – $0

Before all the RAID disk comes in, I instaled Openfiler 2.3 and make sure everything runs smoothly. It wasn’t such a clear cut at the begining, and the fact that you need to pay US$30 for the documentation doesn’t help much. But, yeah, googling around will definitely get you somewhere.

Once that’s done, the controller is installed along with all the 6 harddisks. Thanks to its simple yet comprehensive RAID management software, I was able to set it up pretty quicky. Before I knew it, I have 6 disks running as RAID 6, just by clicking here and there from the browser.

What I wasn’t sure was whether I should allocate all space to a single LUN or just allocate enough as that would leave the options open for me to expand or create new LUNs in the future. Being the newbie I am,  I went with the former option.

What again confuses me is that in openfiler, you can again have more logical volumes in each LUN. This time, I leave some space behind just in case. I allocate 500GB iSCSI for ESXi, another 2x10GB for me to test around with native OS, and lastly I have 20GB formatted as ext3 and shared via samba.

Next thing to do I guess is to benchmark the performance and tune it up a little. Adding server class NICs can also be considered, let’s see if I can get hold of those intel cards.


Filed under: Gadgets, work   |  Leave a Comment

Quickly Erase Data for Nokia Phones

22Sep08

http://technogra.ph/20080121/sections/tips-and-tricks/nokia-code-quickly-delete-everything-on-your-phone/

Want to immediately remove those scandalous photos and videos before selling your Nokia phone? Type in *#7370* on the main screen. The phone will ask if you want to proceed. It’ll then ask for your phone’s security code (if you haven’t set one, it’s 12345) to proceed. This will clear any information stored on the unit and reset all settings to factory fresh, so be careful!


Filed under: Gadgets   |  Leave a Comment

Agent based simulation

22Sep08

These 3 should be a good starting point:

http://repast.sourceforge.net/

http://gillesdaniel.com/natlab/

http://ccl.northwestern.edu/netlogo/


Filed under: work   |  Leave a Comment
Tags:

Passed Traffic Police test

12May08

6am, i was already awake and getting myself ready for the biggest day on “the road to class 2B license”. 7.50 we started to the warm up session, continued with the briefing at 8.45. It lasted for 45 minutes, after which the real test takes place. I was given tag number 21, I won’t be forgetting that number for a while now.

Long story short, I passed with 14 demerit points: 2×2 wobble while stopping + 4×1 fail to check blindspot + 2×1 delay moving off + 2×1 improper checking of blind spot + 2×1 wide turning

Overall, it took me 23 practical class, 7 theory lessons and practice, 1 theory test and 1 practical test. Total dollars: $615.59. Hours on bike: ~30

Time to look for a bike…


Filed under: life   |  Leave a Comment

Sage – Octave

22Apr08

What the the heck are those. Well, that’s what I need to find out. You see, there will be a couple of new staff that will be coming and supposedly actively using those 2. So there has to be someone who go out there and explore as much as possible, and come back to teach them everything about it. That’s right, that someone is me.

For starters, i mange to find the respective websites.

  • Sage: http://sagemath.org/
  • Octave: http://www.gnu.org/software/octave/

Let’s get started.


Filed under: work   |  Leave a Comment
Tags: ,

Setting up SVN in Apache over SSL

22Apr08

I find this particular page is very helpful: http://wiki.freaks-unidos.net/Apache2%20SSL%20and%20Subversion%20in%20Debian

Basically you need to:

  1. Install Apache and openSSL if you have not done so.
  2. Create RSA key and secure it
  3. Create or copy a new site configuration file and enable it
  4. Enable SSL module
  5. Install subversion, subversion-tools and libapache2-svn
  6. Create the new repo and change owner to www-data or just change owner if you already have a repo previously.
  7. Configure site definition file to include the new repo
  8. Create password file
  9. Restart Apache and test.

Visit the site for full detail.


Filed under: work   |  Leave a Comment
« Older posts
Follow

Get every new post delivered to your Inbox.