I’ve moved this site off WordPress and onto Jekyll. WordPress is nice, but I’m tired of having to update everything all the time, and already had this site compromised due to the awfulness of PHP. Jekyll’s just static HTML files, which is more than sufficient for this crappy site (especially since I rarely update it these days), and I handed off commenting to Disqus so I don’t have to deal with spam comments at all any more. Only real drawback is inbound links that will stop working, but eh, oh well. Google will either recrawl and find them, or it won’t.

Looking in the nginx log, here’s a great reason to leave WordPress:

 1 62.210.200.6 - - [04/Feb/2015:21:06:02 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.075
 2 62.210.200.6 - - [04/Feb/2015:21:06:02 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.101
 3 62.210.200.6 - - [04/Feb/2015:21:06:02 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.102
 4 62.210.200.6 - - [04/Feb/2015:21:06:02 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.087
 5 62.210.200.6 - - [04/Feb/2015:21:06:02 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.074
 6 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.088
 7 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.074
 8 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.088
 9 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.074
10 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.088
11 62.210.200.6 - - [04/Feb/2015:21:06:03 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.101
12 62.210.200.6 - - [04/Feb/2015:21:06:04 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.088
13 62.210.200.6 - - [04/Feb/2015:21:06:04 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.073
14 62.210.200.6 - - [04/Feb/2015:21:06:04 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.087
15 62.210.200.6 - - [04/Feb/2015:21:06:04 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.087
16 62.210.200.6 - - [04/Feb/2015:21:06:04 +0000] "POST /wp-login.php HTTP/1.0" 404 295 "-" "-" "-" "-" "text/html; charset=iso-8859-1" "-" 0.086

This took me way longer than I would’ve thought, mostly due to horrible documentation. Here’s my TL;DR version:

  1. Sign up for Splunk Cloud
  2. Download and install the forwarder binary from here.
    • Log in here and note the URL of your Splunk instance: splunk_cloud
      In the above picture, assume the URL is https://prd-p-jxxxxxxxx.splunk6.splunktrial.com. </li>

      • Make sure your instances can connect to port tcp/9997 on your input host. Your input host is the hostname from above with “input-” prepended to it. So in our example, the input host is input-prd-p-jxxxxxxxx.splunk6.splunktrial.com. To ensure you can connect, try telnet input-prd-p-jxxxxxxxx.splunk6.splunktrial.com 9997. If it can’t connect you may need to adjust your firewall rules / Security groups to allow outbound tcp/9997</ol>

      Below are the actual commands I used to get data into our Splunk Cloud trial instance:

      $ curl -O http://download.splunk.com/products/splunk/releases/6.2.0/universalforwarder/linux/splunkforwarder-6.2.0-237341-linux-2.6-amd64.deb
      $ sudo dpkg -i splunkforwarder-6.2.0-237341-linux-2.6-amd64.deb
      $ sudo /opt/splunkforwarder/bin/splunk add forward-server input-prd-p-jxxxxxxxx.splunk6.splunktrial.com:9997
      This appears to be your first time running this version of Splunk.
      Added forwarding to: input-prd-p-jxxxxxxxx.splunk6.splunktrial.com:9997.
      $ sudo /opt/splunkforwarder/bin/splunk add monitor '/var/log/postgresql/*.log'
      Added monitor of '/var/log/postgresql/*.log'.
      $ sudo /opt/splunkforwarder/bin/splunk list forward-server
      Splunk username: admin
      Password:
      Active forwards:
       input-prd-p-jxxxxxxxx.splunk6.splunktrial.com:9997
      Configured but inactive forwards:
       None
      $ sudo /opt/splunkforwarder/bin/splunk list monitor
      Monitored Directories:
      [No directories monitored.]
      Monitored Files:
       /var/log/postgresql/*.log
      $ sudo /opt/splunkforwarder/bin/splunk restart

For future me:

  1. Create the key and CSR: <div class="wp_syntax">
    $ openssl req -out wildcard.site.com.csr -new -newkey rsa:2048 -nodes -keyout wildcard.site.com.key
    </div>
    
  2. Upload the CSR to your SSL vendor (in this case, DigiCert) and obtain the signed SSL certificate.
  3. Create a PEM-encoded version of the signing key. This is required for AWS/IAM certs. To check if your key is already PEM-encoded, just “head -1 site.key”. If the first line says “—–BEGIN PRIVATE KEY—–” then it’s NOT PEM-encoded. The first line should be “—–BEGIN RSA PRIVATE KEY—–“. <div class="wp_syntax">
    $ openssl rsa -in wildcard.site.com.key -outform PEM -out wildcard.site.com.pem.key
    writing RSA key
    </div>
    
  4. Upload the certificate to the IAM keystore: <div class="wp_syntax">
    $ aws iam upload-server-certificate --server-certificate-name star_site_20141014 --certificate-body file:///Users/evan/certs_20141014/site/certs/star_site_com.crt --private-key file:///Users/evan/certs_20141014/wildcard.site.com.pem.key --certificate-chain file:///Users/evan/certs_20141014/site/certs/DigiCertCA.crt
    {
        "ServerCertificateMetadata": {
       "ServerCertificateId": "XXXXXXXXXXXXXXX",
       "ServerCertificateName": "star_site_20141014",
       "Expiration": "2017-12-18T12:00:00Z",
       "Path": "/",
       "Arn": "arn:aws:iam::9999999999:server-certificate/star_site_20141014",
       "UploadDate": "2014-10-14T15:29:28.164Z"
        }
    }
    </div>
    

Once the above steps are complete, you can go into the web console (EC2 -> Load Balancers), select the ELB whose cert you want to change, click the “Listeners” tab, click the SSL port (443) and select the new cert from the dropdown.

No.

Here’s what happens if you try:

mysql> grant replication slave on *.* to 'ec2-slave'@'%';
ERROR 1045 (28000): Access denied for user 'rds_root'@'%' (using password: YES)
mysql> update mysql.user set Repl_slave_priv='Y' WHERE user='rds_root' AND host='%';
ERROR 1054 (42S22): Unknown column 'ERROR (RDS): REPLICA SLAVE PRIVILEGE CANNOT BE GRANTED OR MAINTAINED' in 'field list'
mysql>

Note: this is for MySQL 5.5, which is unfortunately what I’m currently stuck with.

I stopped playing WoW in 2008, and since I didn’t need Windows for gaming, I ended up putting Fedora (and ultimately Ubuntu) on my old Core 2 Duo desktop. After years of fighting with slow computers, I recently bit the bullet and bought the 13″ Retina Macbook Pro (MGX82LL/A). Even though I hadn’t played WoW in years – or any other PC games, for that matter – the gamer in me was still reluctant to go with a computer with no dedicated video card. I’d read up extensively on the Intel Iris 5100 chipset in the Macbook but I couldn’t find anything about its performance in WoW, which was the least-taxing game I could think of.

Well, as fate would have it, Blizzard recently announced they’d be purging the names of characters who hadn’t logged in for 5+ years. Since I had a new computer and I didn’t want to lose my beloved Undead Rogue it seemed like a good time to rejoin. After a couple days of playing, I figured I’d write this post as a service to any other would-be Macbook Pro purchasers curious about its performance in WoW.

This isn’t a detailed benchmarking post – I’m not Anandtech. The short version is that the performance of WoW on the MGX82LL/A is very good. I get 30-60 frames per second basically everywhere, though with settings only set to “fair.” The main thing I wanted to report here is heat. The laptop gets HOT when playing WoW. I installed iStat Menus to get the sensor data – see below.

WoW Settings<figcaption class="wp-caption-text">WoW Settings</figcaption></figure>

MGX82LL/A CPU temperature - Baseline<figcaption class="wp-caption-text">MGX82LL/A CPU temperature – Baseline</figcaption>
MGX82LL/A temperature in WoW<figcaption class="wp-caption-text">MGX82LL/A temperature in WoW</figcaption>

The CPU sensors show temperature increases of over 100ºF. That’s pretty darn hot. I’ll play with the settings to see if I can get the temperature to something more reasonable.