Fully moved over to WordPress.com

Yesterday I pointed my DNS to WordPress’s, paid the $13 to map my domain, and formally moved evanhoffman.com to WordPress’s hosting.  I ran my own WordPress for several years but at this point the annoyance of getting rooted due to exploits in WordPress or the various plugins got to be too obnoxious.  For a while I tried using Jekyll to host the site with static Markdown/HTML pages and Disqus for comments, but there wasn’t really a good way to export WP to Markdown reliably.

Anyway, hopefully this move makes for faster page loads for anyone who happens onto the site.


A thing I’d like to buy

After another season of TV hunting, I still haven’t found the product I really want.  Essentially, I want a huge TV designed for home theater use.  What would be the difference between this “home theater display” and a standard HDTV?  A HTD would be closer to a computer monitor than a TV, as it wouldn’t have speakers or a TV tuner at all.  Most people watching on a flat screen aren’t using the built-in tuner, they’re using the settop box provided by their cable/satellite provider.

It wouldn’t have any “smart” features – no “apps” or potentially even network connectivity.  The remote would be super simple, like the Roku remote, with just a D-pad, enter key, and power button.  The included remote would use Bluetooth but the TV would also accept infrared for compatibility with existing set-top box remotes.  The remote would be used primarily for calibrating the display itself.

The TV would have a single HDMI 2.0/HDCP 2.2 input and, a USB 3.0 port for firmware updates and maybe a SPDIF out.  Inputs and audio would be handled by the receiver or soundbar.

It would be available in all common sizes – 24, 32, 40, 49, 55, 60, 65, 70, 75, 80 inch – with sensible stand and standard mounting brackets.  All models would support 3D, and maybe there would be some curved models if desired.

By omitting coax, component, extra HDMI inputs, speakers, network, “smart” OS and other unnecessary features, it should be possible to make the TV significantly thinner, cheaper and lighter.  Samsung, Vizio, LG, are you listening? Someone want to start a Kickstarter?

My two-week review of Optimum Online (October 2015)

So, I went back to Optimum.  My FiOS bill from Verizon had been slowly but steadily increasing over the past couple of years, with new fees and random price increases bringing my last bill up to $192.  This was with FiOS Extreme (a single DVR set-top box), 50/50 Mbps internet, and a home landline.

Moving to Optimum, i got their 50/25 internet, Optimum Silver TV (a single set-top box with their cloud DVR), and home phone for ~$140/month, guaranteed for 12 months.  There were some upfront costs associated with porting the home phone number and the install itself but it seemed like it was worth it for a $50/month savings.

After two weeks I can safely say that Optimum in 2015 is still inferior to FiOS and while I don’t regret leaving, I’m definitely ready to go back. What’s wrong?

The set-top box is still slow.

For years, before FiOS, I dealt with Cablevision’s horrifically slow boxes. The most obvious example of this slowness was changing channels: the time between when you pressed the “channel-up” or “channel-down” buttons and when the channel actually changed on screen was nearly 1 second. All menus were slow as well. While the Samsung box I got from Cablevision is definitely faster than that, there’s still a 100ms-200ms lag when changing channels. With the Verizon Motorola box I returned, the latency wasn’t noticeable – maybe 20 milliseconds?

The cloud DVR is terrible

We watch 100% of our TV content over DVR, so I was pretty excited about Cablevision’s cloud DVR and not having to worry about storage or recording conflicts. In practice, the DVR has a terrible UI – the episode name and number aren’t shown. Verizon’s DVR shows lots of info about the recorded episode (original air date, for example)

The real killer problemw ith the DVR though is that the signal just totally craps out when playing it back. Last night we watched this week’s episode of Homeland from DVR and there were lots of visual artifacts (green blobs and such) and a couple of periods where the DVR thought the video was playing but the picture on the screen was stopped. There was also a 10-15 second period during which the entire screen went black with no sound, as if there was just a hole in the stream recorded. When I backed it up it was still there on replay, so we missed a 10-15 second chunk of the show. These things NEVER happened with FiOS.

Home phone has to plug into the cablemodem.

This isn’t a huge problem but it’s annoying. We wanted the cablemodem down in the basement, but since there’s no phone jack down there, there’s no way to get a signal into the phone lines upstairs. We use cordless phones mostly, so it’s not a big deal, but we did have a fax machine (still a necessity sometimes!).

Internet isn’t nearly as fast.

All Verizon’s plans offer the same speeds up and down. Cablevision doesn’t. Even on Cablevision’s best plan, Ultra 101, you get 101 Mbit down but only 35 up. Verizon has speeds up to 150/150 reasonably priced now. The download speed seems to be on par with what we were getting with Verizon’s 50/50.

Phone calls require dialing “1”

This is really just aggravating. We’ve gotten used to dialing area codes, but Cablevision requires also dialing “1” in front of every number. Why?

Regional sports fee

This isn’t really a Cablevision thing since Verizon also added this bullshit $4.99 onto our bill, but as someone who doesn’t watch any sports, having to shell out $60/year for it explicitly is infuriating.

Going back to Verizon?

Yesterday I priced out Verizon and their pricing structure has really changed a lot, but for ~$171 I can now get their Ultimate HD package, 150/150 Internet, home phone and a DVR STB. That’s a big upgrade from what I had previously with them, and certainly better service. I’ll probably give Cablevision some more time to get used to it, but everybody in my house hates that we changed, so probably just a matter of time before we go back. I’m really surprised and disappointed that Cablevision hasn’t gotten very far in the 3+ years since I last tried them.

Moved to WordPress.com

Back in February I moved this site from WordPress to Jekyll. I had gotten tired of WordPress’s endless security updates and running a MySQL db just for a blog (I have a longstanding hatred of MySQL). Jekyll solved those problems, but I essentially lost most of my older posts because the wp->Jekyll converter is kind of … special. But most of all it made posting so tedious that I gave up on it entirely. So I fired the old MySQL back up and exported the content and imported it here. If it works out I’ll move my DNS over to point here (just doing a 301 for now). 

How (the hell) do you set up Splunk Cloud on Linux?

This took me way longer than I would’ve thought, mostly due to horrible documentation. Here’s my TL;DR version:

  1. Sign up for Splunk Cloud
  2. Download and install the forwarder binary from here.
  3. Log in here and note the URL of your Splunk instance:

    In the above picture, assume the URL is https://prd-p-jxxxxxxxx.splunk6.splunktrial.com.

  4. Make sure your instances can connect to port tcp/9997 on your input host. Your input host is the hostname from above with “input-” prepended to it. So in our example, the input host is input-prd-p-jxxxxxxxx.splunk6.splunktrial.com. To ensure you can connect, try telnet input-prd-p-jxxxxxxxx.splunk6.splunktrial.com 9997. If it can’t connect you may need to adjust your firewall rules / Security groups to allow outbound tcp/9997

Below are the actual commands I used to get data into our Splunk Cloud trial instance:

$ curl -O http://download.splunk.com/products/splunk/releases/6.2.0/universalforwarder/linux/splunkforwarder-6.2.0-237341-linux-2.6-amd64.deb
$ sudo dpkg -i splunkforwarder-6.2.0-237341-linux-2.6-amd64.deb
$ sudo /opt/splunkforwarder/bin/splunk add forward-server input-prd-p-jxxxxxxxx.splunk6.splunktrial.com:9997
This appears to be your first time running this version of Splunk.
Added forwarding to: input-prd-p-jxxxxxxxx.splunk6.splunktrial.com:9997.
$ sudo /opt/splunkforwarder/bin/splunk add monitor '/var/log/postgresql/*.log'
Added monitor of '/var/log/postgresql/*.log'.
$ sudo /opt/splunkforwarder/bin/splunk list forward-server
Splunk username: admin
Active forwards:
Configured but inactive forwards:
$ sudo /opt/splunkforwarder/bin/splunk list monitor
Monitored Directories:
		[No directories monitored.]
Monitored Files:
$ sudo /opt/splunkforwarder/bin/splunk restart

Installing a new SSL certificate in your ELB via CLI

For future me:

  1. Create the key and CSR:
    $ openssl req -out wildcard.site.com.csr -new -newkey rsa:2048 -nodes -keyout wildcard.site.com.key
  2. Upload the CSR to your SSL vendor (in this case, DigiCert) and obtain the signed SSL certificate.
  3. Create a PEM-encoded version of the signing key. This is required for AWS/IAM certs. To check if your key is already PEM-encoded, just “head -1 site.key”. If the first line says “—–BEGIN PRIVATE KEY—–” then it’s NOT PEM-encoded. The first line should be “—–BEGIN RSA PRIVATE KEY—–“.
    $ openssl rsa -in wildcard.site.com.key -outform PEM -out wildcard.site.com.pem.key
    writing RSA key
  4. Upload the certificate to the IAM keystore:
    $ aws iam upload-server-certificate --server-certificate-name star_site_20141014 --certificate-body file:///Users/evan/certs_20141014/site/certs/star_site_com.crt --private-key file:///Users/evan/certs_20141014/wildcard.site.com.pem.key --certificate-chain file:///Users/evan/certs_20141014/site/certs/DigiCertCA.crt
        "ServerCertificateMetadata": {
            "ServerCertificateId": "XXXXXXXXXXXXXXX",
            "ServerCertificateName": "star_site_20141014",
            "Expiration": "2017-12-18T12:00:00Z",
            "Path": "/",
            "Arn": "arn:aws:iam::9999999999:server-certificate/star_site_20141014",
            "UploadDate": "2014-10-14T15:29:28.164Z"

Once the above steps are complete, you can go into the web console (EC2 -> Load Balancers), select the ELB whose cert you want to change, click the “Listeners” tab, click the SSL port (443) and select the new cert from the dropdown.

Can I create an EC2 MySQL slave to an RDS master?


Here’s what happens if you try:

mysql> grant replication slave on *.* to 'ec2-slave'@'%';
ERROR 1045 (28000): Access denied for user 'rds_root'@'%' (using password: YES)
mysql> update mysql.user set Repl_slave_priv='Y' WHERE user='rds_root' AND host='%';

Note: this is for MySQL 5.5, which is unfortunately what I’m currently stuck with.