Startup CEO, Intro., Chapter 1 & 2

The introduction to the “Startup CEO: A Field Guide to Scaling Up Your Business, + Website” by Matt Blumberg reminds me that like any role in an organiation there are skills that need to be developed and like any role you need to accept getting better over time is part of that. “Most talented business people come up the learning curve quickly. And the next time, they don’t make the same mistakes. They move faster. They listen better. They spend less. They hire better. The list goes on and on.” According to Matt Blumberg this book is a success if paying forward 14 years of experience helps others overcome the challenges of being a CEO.

Outline of book

  • Part 1: Communicate your vision: “Storytelling”.
  • Part 2: Build a the company’s human capital.
  • Part 3: Disciplined execution of using funds.
  • Part 4: “Building and Leading a Board of Directors.”
  • Part 5: “Managing Yourself So You Can Manage Others”

Chapter 1…

…is the beginning of the “Storytelling” Part 1. The point that listening to prospective customers isn’t about a specific assumption being tested or specific idea being pursued. Instead if you can illicit an abstract characteristic like “speed”, “strength”, “reliability”, etc. you can better develop an idea with characterisitcs customers need.

Another valuable approach is to vet ideas using the following criteria with a score between 1 and 5 in each category:

  • Customer pain (30%). Does the market need your idea?
  • Market opportunity (10%). How many people need your idea? Today (Size)? Tomorrow (Growth)?
  • Can we win? (20%). Are there already competitors in your chosen space (Competitive Positioning)? If so, will you beat them (Feasibility)?
  • Strategic fit (10%). Is this a problem you can solve? Do you have the right expertise, networks, and so on?
  • Economics (30%). Can you afford to solve this problem?

In Chapter 2…

… Matt “explain[s] how to more crisply define and test your story out before you start telling it to the world.” In it there are a number of noteworthy book recommendations, the “Lean” classics:

The remaining of the chapter explains the template sections in the “Lean Canvas” that Ash Maurya presents in his book, “Running Lean”. Here is slide deck on the Lean Canvas

Slack Architecture and Security

Software Engineering Daily recently broadcast two episodes about Slack:

Slack’s Architecture with Keith Adams

Keight Adams spoke about Slack’s architecture with a focus on the “game” like system. Slack’s architecture has technically designed to work in a highly distributed environment that requires managing the latency, connectivity, cache coherency, and cache capacity. Similar to the concerns in a massively multiplayer online game (MMOG). In fact Slack as a product/company was a pivot from a game company.

Slack Security with Ryan Huber

Ryan Huber works on the small team (~4 SecOps) at Slack and highlighted a few important aspects of managing security. He noted the importance of managing authentication/authorization since it is a broad and often attacked means of creating a breach. He brought attention to the defenders advantage in knowing where the critical infrstructure/data is located and that that knowledge is critical in defense. Additionally, he emphasized the importance of log monitoring and the awesome usefulness of “auditd”, which is built into the Linux kernel and can capture information about syscalls. From Ryan’s twitter feed is this helphful link allowing the searching of syscalls. Building tools and automating their usage so as to contribute to DevSecOps was also focused on.

Recover Files on Ext4 File System on Red Hat

In the cases when you run a command like “rm *” unintentionally and you need to recover the files you just deleted then you can do the following. I’ve done the following on a ext4 file system in AWS. As soon as you realize you unintentionally deleted files do the following:

  1. Take a snapshot of the volume in AWS.
  2. Turn the snapshot into a volume.
  3. Attach the volume to an instance (I used a separate instance).
  4. Run “fsck <disk device>”, for me it was “fsck /dev/xvdh”
  5. Install “extundelete” through yum. Run “sudo yum install extundelete”.
  6. Navigate to a place for restoring files (e.g. /tmp).
  7. Then run “extundelete –restore-directory <path relative to previous mount> <disk device>”, for me it was “extundelete –restore-directory home/name/ /dev/xvdh”
  8. The entire directory of files was restored to a directory under RECOVERED_FILES.

While this worked for me and I hope it works for you, mileage may vary. Reference blog post that helped me do the above in AWS: http://blog.bisect.de/2011/08/how-to-undelete-files-from-ext3ext4.html

Create Windows Vagrant Box(s)

This is the second in a series of articles being written about using automation on a windows workstation. This series of articles will focus on doing automation on Windows because it seems to be the platform with the most need for coverage. The first article introduced vagrant for virtualization.

Goal: Repeatable Generation of Windows Vagrant Box(s)

Entirely command line driven step by step instructions in this article will be used for creating running Windows VM(s) in Virtual Box via Vagrant on a Windows host so that we can build further automation in a safe isolated environment for usage on other windows machines, even the machine that is hosting the VM(s). The VM(s) provide a safe sandbox to try things without making a mess of the host operating system environment. Additionally, it lets you use server OS(s) on your workstation to do your development.

Installing the prerequisite tools

Chocolatey

Chocolatey is the first tool needed. It is a package management solution for windows and will allow the installation of further tooling. The following are the scripts that can be run to install it.

Firewall Note: If you whitelist outbound connections then you'll need to add an outbound rule for powershell. For me that was "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe". Additionally, after installing Chocolatey, you'll need to whitelist it for outbound connections. For me the executable was located at "C:\ProgramData\chocolatey\choco.exe"

Option 1. Command line Option.

Command Prompt: Install Chocolatey from command prompt.
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin

Options 2. Powershell Option. Make sure Execution Policy in Powershell is at least Bypass

Powershell: Install Chocolatey from powershell prompt.
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))

The above instructions came straight from https://chocolatey.org/

Install Chocolatey Packages: Cyg-Get, Cygwin, vagrant, packer, virtualbox

When you install cyg-get you will be asked to install Cygwin first.

Firewall Note: Before isntalling "cyg-get" via choco you will need to pre-whitelist the cygwin setup executable at ""C:\tools\cygwin\cygwinsetup.exe", then it will be able to access the download locations when being run.

Command Prompt: Install Cyg-Get and Cygwin
choco install cyg-get

The latest packer in the chocolatey repository at the time of writing this article was (0.8.1) and it did not support the latest version of Virtual Box (5.0) therefore the specific version that is suppored (4.3.28) needs to be installed.

Command Prompt: Install vagrant, packer, virtualbox
choco install vagrant
choco install packer
choco install virtualbox -version 4.3.28

After installing vagrant, in order to make it usable in cygwin I needed to add the path to vagrant to the PATH in cygwin, this was easily doable by adding the path to my “.bash_profile”. Please note that the following is run in a Cygwin prompt.

Cygwin Prompt
echo "PATH=/cygdrive/c/HashiCorp/vagrant/bin:${PATH}" >> ~/.bash_profile

Install Cygwin Packages: git, make, openssh

Installing these are required for getting the source code and making/using the vagrant boxes.

Command Prompt: Install git, make, openssh
cyg-get git
cyg-get make
cyg-get openssh

Clone code to make the Windows Box via Packer

Setup ssh key

Startup a Cygwin terminal and add code to automatically start ssh-agent when opening cygwin terminal. Then, add your key to access Github to ~/.ssh directory and set to mode 600.

Firewall Note: ssh needs outbound connectivity to the internet for git cloning to operate properly, this was located at "c:\tools\cygwin\bin\ssh.exe"

Clone boxcutter/windows from Github

Boxcutter is a github user with many repositories for different OS templates. Cloning the repo will give you the code to create:

  • win2012r2-datacenter-nocm, VMware 4.3GB/VirtualBox 4.2GB
  • win2012-datacenter-nocm, VMware 3.7GB/VirtualBox 3.5GB
  • win2008r2-datacenter-nocm, VMware 3.0GB/VirtualBox 2.8GB
  • win81x64-enterprise-nocm, VMware 4.0GB/VirtualBox 3.6GB
  • win8x64-enterprise-nocm, VMware 3.6GB/VirtualBox 3.3GB
  • win7x64-enterprise-nocm, VMware 3.5GB/VirtualBox 3.2GB
Clone boxcutter/windows
git clone git@github.com:boxcutter/windows.git

Create Windows Box(s)

Navigate into the cloned repository and create Virtual Boxes as follows:

Firewall Note: Allow packer provisioner for virtualbox outbound to the internet, this was located at "C:\ProgramData\chocolatey\lib\packer\tools\packer-builder-virtualbox-iso.exe"

Make windows server 2012 R2 box
make virtualbox/eval-win2012r2-datacenter-ssh
Make windows 8.1 box
make virtualbox/eval-win81x64-enterprise-ssh

Please be patient it does take a fairly long time to complete the creation of the VMs. You will see the progress on the screen. If you create both you will 2 boxs waiting for you. See Screenshots at beginning of article, they correspond to the two VMs I have created:

  • 4.1G Jul 30 20:15 eval-win2012r2-standard-ssh-nocm-1.0.4.box
  • 5.9G Jul 30 02:11 eval-win81x64-enterprise-ssh-nocm-1.0.4.box

In the next article I will show of a way to use these boxes in a repeatable process for creating VM(s). However, if you know how to use vagrant effectively already, then by all means jump ahead and use these Vagrant box(s).

Compressing WinSxS on Windows

This post is an experimental step through of this excellent post: How to NTFS compress Windows WinSxS folder. I’m happy to report that it worked stunningly as can be seen in the following image:

Here are the steps followed. Start a command prompt as as Administrator and follow the stpes noted as titles below.

1. Query service status. Track its state.
sc query msiserver
sc query TrustedInstaller
2. Stop/disable Windows Installer and Windows Module Installer services
sc stop msiserver
sc stop TrustedInstaller
sc config msiserver start= disabled
sc config TrustedInstaller start= disabled
3. Backup ACLs for WinSxS folder.
icacls "%WINDIR%\WinSxS" /save "%WINDIR%\WinSxS.acl" /t
4. Take ownership of WinSxS folder
takeown /f "%WINDIR%\WinSxS" /r
5. Grant full rights on WinSxS to user
icacls "%WINDIR%\WinSxS" /grant "%USERDOMAIN%\%USERNAME%":(F) /t
6. Compress Folders
compact /s:"%WINDIR%\WinSxS" /c /a /i *
7. Restore ownership
icacls "%WINDIR%\WinSxS" /setowner "NT SERVICE\TrustedInstaller" /t
8. Restore ACLs
icacls "%WINDIR%" /restore "%WINDIR%\WinSxS.acl"
del "%WINDIR%\WinSxS.acl"
9. Restore services, replace "demand" and "start" with the right state
sc config msiserver start= demand
sc config TrustedInstaller start= demand
sc start msiserver
sc start TrustedInstaller