The Problem:

Got

OSError: [Errno 28] No space left on device

When your home directory where your virtual environment located has more than enough space…

Why?:

The culprit is likely that your /tmp directory do not have enough space for some reason. During the pip installation, pip will use temporarily directory to perform what is necessary to perform installation (e.g. download source etc). Thus if you do not have enough space in /tmp that package installation requires then you will get disk space error.

The Solution:

If you can clean up /tmp to create enough space, that’s good but.. if you are like me and had limited /tmp space, pip allow user to define temp directory location. To do so just set environment variable TMPDIR. e.g.

export TMPDIR=/bigass/space

Problem should be solved.

Secret Management with Vault

The problem:

Where do you store your config/deployment management script? I’ve done 2 ways:

  • Put along with application/repo.
  • Put all the config/deployment script in one repo separately from apps.

Each approach has its own Pros and Cons and I prefer the first approach which IMO is simpler but creates some duplication which is okay…

I have some shared secrets that I encrypt with Ansible Vault but when I had to copy and pasted this secret on a few repos I started to look for better way to do this.

Key Management Service with Vault by HashiCorp

VAULT:

  • handles any type of secret data, including database credentials, API Keys, PKI keys and encryption keys.
  • is an option source tool that can be deployed to any environment and does not require any special hardware.
  • is not tied to any specific configuration management system. You can read secrets from configuration management, but you can also use the API directly to read secrets from applications. This means that configuration management requires fewer secrets, and in many cases doesn’t ever have to persist them to disk.

You can see more details here on official doc

Get Vault up and running

You can download precompiled binary from here

# unarchive
$ unzip vault_<version>_darwin_<arch>.zip

# move binary to desired path
$ mv vault <desired-dir>/
$ cd <desired-dir>
$ ./vault -v

# start server with Dev mode
$ ./vault server -dev

The official doc of Getting Started is very good so you can just follow from here

During the startup of vault server, it print VAULT_ADDR, Unseal Key and Root Token. Let’s set it some variable

$ VAULT_ADDR='http://127.0.0.1:8200'
$ ROOT_TOKEN="93132495-abc0-8eac-4e9e-92cba9f7d0b1"

Normally you don’t want to use Root Token but just for quick and dirty demo purpose…

# Create secret
$ curl -X POST -H "X-Vault-Token:${ROOT_TOKEN}" -d '{"bar":"baz"}' ${VAULT_ADDR}/v1/secret/foo

# Read secret
$ curl -X GET -H "X-Vault-Token:${ROOT_TOKEN}" ${VAULT_ADDR}/v1/secret/foo
{
	"request_id": "e1bedb5e-a288-d066-e336-ee4850ac76a2",
	"lease_id": "",
	"renewable": false,
	"lease_duration": 2764800,
	"data": {
		"bar": "baz"
	},
	"wrap_info": null,
	"warnings": null,
	"auth": null
}
Our Dream Home

We’ve built our dream house.

‘view’ fence backyard to see beautiful sunset over white tank mountain every day

Dreamy Gourmet Kitchen
Multi Sliding Glass Doors
Dining Room
Living Room
Finally Bath Tub
My Office

Milestone

  • Aug 2000: We bought our first home. It was new build but had no money to do any upgrade. Selection of the house is also cheap was one of the most important criteria.
  • Oct 2008: When housing tanked, we bought the foreclosed home built in 2001. It is the model that we wanted to buy back in 2000 but could not afford. Walking distance to elementary school. It was perfect for us at the time.
  • Sep 2017: We did not need or desperately wanted new house. We were living below our means and saved up good chunk of money. We were comfortable but we’ve decided to go outside of comfortable zone for various reasons and decided to build this amazing house.