Photo by Mikhail Nilov
In statistics, A/B testing is “an experiment with two groups to establish which of two treatments, products, procedures, or the like is superior. Often one of the two treatments is the standard existing treatment, or no treatment” (Bruce 2020, 88).
A/B testing is very useful when adapted to e-commerce and marketing for determining the better of two options for a webpage.
Let’s consider a website where we want to analyze the page visits of page A and page B. Page A is the existing page (the control group), and page B is a new design of the web page (the treatment group).
To prepare A/B testing we start with the following steps:
- Define hypotheses: null hypothesis (H0) and alternative hypothesis.
- Prepare control and treatment groups.
Then we’ll apply the A/B test on the dataset.
The new and existing versions of our web page can show different performance in terms of marketing, visitor attention, and “conversion” to a particular goal. By applying A/B tests we can understand which of the two web pages has better performance. We can also find out if any difference in performance is due to chance or due to a design …!-->
ssh-askpass on macOS for SSH agent confirmation
At End Point Dev we mostly use SSH keys for authentication when connecting to remote servers and Git services. The majority of the time, the servers we are trying to visit are barred from direct access and require a middle “jump server” instead.
Enabling SSH agent forwarding makes it easier to reuse SSH private keys. It keeps the private keys on our local machine and uses them to authenticate with each server in the chain without entering a password.
However, this approach comes with an inherent risk of the agent being hijacked if one of the servers is compromised. This means a bad guy could use the SSH keys to compromise downstream servers.
In this post, we’ll cover a simple way to protect against SSH agent hijacking. We will see in detail on macOS how to configure a system-wide agent using ssh-askpass to pop up a graphical window to ask for confirmation before using the agent.
How it works
It is strongly recommended to use the
-c option on the
ssh-add command when adding your SSH keys to the agent in order to protect yourself against SSH agent hijacking.
With this, every time a request is made to utilize the private key stored …
ssh mac security
Introduction to Terraform with AWS
Photo by Jeffry Johar
Terraform is a tool from HashiCorp to enable infrastructure as code (IaC). With it users can define and manage IT infrastructure in source code form.
Terraform is a declarative tool. It will ensure the desired state as defined by the user.
Terraform comes with multiple plugins or providers which enable it to manage a wide variety of cloud providers and technologies such as but not limited to AWS, GCP, Azure, Kubernetes, Docker and others.
This blog will go over how to use Terraform with AWS.
For this tutorial we will need the following:
- An active AWS account.
- An internet connection to download required files.
- A decent editor such as Vim or Notepad++ to edit the configuration files.
Install AWS CLI
We need to set up the AWS CLI (command-line interface) for authentication and authorization to AWS.
Execute the following command to install the AWS CLI on macOS:
$ curl -O https://awscli.amazonaws.com/AWSCLIV2.pkg $ sudo installer -pkg AWSCLIV2.pkg -target /
For other OSes see Amazon’s docs.
Execute the following command and enter the AWS Account and Access Keys:
$ aws configure
We need to install Terraform. It is just a command …!-->
terraform aws linux sysadmin
Building and Hosting a Web App with .NET 6, Postgres and Linux
For well over a decade, working with the .NET framework meant running Windows. With the release of .NET Core in 2016, developers were granted the freedom to choose their OS, including Linux; no longer were we bound to Windows. However, few took the plunge, at least in my experience. Why? Well, we are comfortable with what we know, and afraid of what we don’t.
The truth is that building a .NET application on Linux is not that hard, once you get over a few minor bumps in the road. And there are many advantages to this approach, including flexibility, simplicity, and lower costs.
To demonstrate this, we will create a simple .NET MVC web application that connects to Postgres. Then, we will host the app on Linux with Nginx. Shall we start?
Preparing the database
First, you’ll want to install Postgres locally. If you’re using a Mac, this step is very easy. Simply install Postgres.app and you’ll be ready to go.
If you’re using Windows, check out the Windows Installers page on the Postgres website to download the latest installer.
Creating the projects
To develop .NET 6 apps, you will need to install Visual Studio 2022. Check out the Visual Studio downloads …!-->
dotnet postgres linux
Creating a Messaging App Using Spring for Apache Kafka, Part 5
I guess this is the longest break between posts in this series. But finally I had a chance to prepare a working example to finalize this series. So, up-to-date code is available in the GitHub repository.
Activation and Login
This was already implemented in the previous parts. However, we haven’t shown it in action yet. There are some code fixes and small changes within the workflow of activation and login steps, so you can refer to the GitHub repository for the latest code.
Authentication and activation are managed through the
AuthController class where these activation and login requests are handled. Let’s take a look at the
REST endpoints handling these requests and explain the steps.
Our activation step uses a dummy mobile phone number. You can think of it similarly to activating a messaging application (like WhatsApp) using a phone number. I didn’t introduce any restrictions on the phone number for this application, so the phone number activation is just a pseudo-step and you can supply any number. In real life, the phone number activation would use SMS or other activation services to activate your chat application against the user’s phone …!-->
spring kafka spring-kafka-series java
Kubernetes Volume definition defaults to EmptyDir type with wrong capitalization of hostPath
Photo by Garrett Skinner
Kubernetes Host Path volume mounts allow accessing a host system directory inside of a pod, which is helpful when doing development, for example to access the frequently-changing source code of an application being actively developed. This allows a developer to edit the code with their normal set of tools without having to jump through a bunch of hoops to get the code into a pod.
We use this setup at End Point in development where the host system is running MicroK8s and there is a single pod for an application on a single node. In most other cases, host path volume mounts are not recommended. But here it means the developer can edit code on the host machine and the changes are immediately reflected within the pod without having to deploy a new image. If the application server running within the pod is also running in development mode with dynamic reloading, the changes can be viewed with a refresh of the browser accessing the application.
While working on a test environment to run EpiTrax within Kubernetes, the need arose to set up a Host Path volume mount so that the source code on the host machine would be available within the pod. I used this simple …
Knocking on Kubernetes’s Door (Ingress)
Photo by Alberto Capparelli
According to the Merriam-Webster dictionary, the meaning of ingress is the act of entering or entrance. In the context of Kubernetes, Ingress is a resource that enables clients or users to access the services which reside in a Kubernetes cluster. Thus Ingress is the entrance to a Kubernetes cluster! Let’s get to know more about it and test it out.
We are going to deploy Nginx Ingress at Kubernetes on Docker Desktop. Thus the following are the requirements:
- Docker Desktop with Kubernetes enabled. If you are not sure how to do this, please refer to my previous blog on Docker Desktop and Kubernetes.
- Internet access to download the required YAML and Docker Images.
gitcommand to clone a Git repository.
- A decent editor such as Vim or Notepad++ to view and edit the YAML.
Ingress and friends
To understand why we need Ingress, we need to know 2 other resources and their shortcomings in exposing Kubernetes services. Those 2 resources are NodePort and LoadBalancer. Then we will go over the details of Ingress.
NodePort is a type of Kubernetes service which exposes the Kubernetes application at high-numbered ports. By default the range is …
kubernetes docker containers
University of Denver and VisionPort: The Classroom of the 21st Century
VisionPort’s recent installation at the University of Denver is transforming education and has even found itself featured in Forbes.
Installed in the Marion J. Crean Collaboratory room, VisionPort is doing what it does best: engaging audiences and bringing ideas to life.
The Collaboratory room gets its name from its mission, to be a collaborative laboratory, specifically for DU’s real estate and construction management students.
VisionPort was designed with geographic information systems (GIS) in mind, and the content management system we built from the ground up allows experts and novices alike to explore real estate and construction opportunities. From flying around undeveloped land, to exploring cityscapes in three dimensions, the VisionPort is the best platform for presenting GIS data.
“What [the VisionPort] is going to give us is the opportunity to sit in class, and literally, be able to fly to any property, anywhere in the world, and walk that property, see that property.” —Dr. Barbara Jackson
Seven displays spanning 18 feet, installed in a custom case on top of a beautiful wood stage, the Collaboratory’s design is one of the most unique and intriguing yet.
The world is …!-->