How to programming in GoLang on Windows

Recently I started programming in GoLang, for one project that I want to contribute to, terraform. For me, it was natural to get working GoLang on Windows.

So I downloaded GoLang, and terraform then I tried to compile and it happened…

Basically, my execution path got too, which is known issue on Windows.

That’s why it’s impossible to having working bigger projects in GoLang on Windows because you can’t even compile it. GoLang requires directory structure so you can very easily reach max limit of chars in your execution path.

Conclusion, it is impossible to even to compile bigger project….go with Linux or OSX

https://twitter.com/marcinnowacki/status/759509412310609921

A history of DDoS attack – How my server died

This blog post is postmortem of my infrastructure that was attacked on Sunday by Argentinian attacker and died because of DDoS. I will share with you all actions that I took in order to bring back stability of services.

Summary

Attack has started : 19 June 2016 at 3:20PM UTC

Attack has ended : 19 June 2016 at 4:10PM UTC

Users affected : 30-40 users

Extra cost due to attack : less than 2$

Existing Infrastructure

Let me give you a brief overview of existing infrastructure of Helbreath Poland.

cloudcraft - Helbreath Poland

On the image above you can see two components that create my infrastructure, it is Route53 and one small t2 EC2 instance.

Let’s agree on something, it is not difficult and “big” infrastructure, but for this purpose it works perfectly, right now the server has 30-40 people playing every second, possibly with this VM we can go up with 100 ? 150 more people ? But for a now it is fine!

DDoS what is that !?

In the simplest terms, DDoS is a type of attack that sends a lot of data from lots of places (computers), often you can say that it is distributed attack because you can use computers from a different part of the world to attack somebody infrastructure.

Aggressors send a lot of data so that your infrastructure can’t handle so many incoming packages, and eventually will stop working or access will be very limited. This type of attack doesn’t require really big knowledge, everyone who has access to the internet can prepare that kind of attack. Deeper explanation you can find at Wikipedia.

In our case, they were attacking two ports: 321, 1 and 3007 over TCP.

Full story

The calm before the storm

I knew that something will happen because there was a player that log in to our server and threat to us that he is going to destroy the server. Well in after 5 minutes, people start getting lag, and more lags, then a lot of them got disconnected from the server.

So it begins, my actions

The server was basically killed, VM don’t respond.

As a said earlier, people got lags, disconnected. I started doing some investigation and I tried to log into my VM but…yeah, I couldn’t even do that. RDP wasn’t responding.

Decided to switch off all incoming traffic, and allow only to my IP.

I decided to switch off all incoming traffic, which means that VM is taken out from public availability. That way I cut off all incoming good and “dirty” connections.

I have done that by changing a rule in a security group, as on the image below. First rule, All TCP, Anywhere has been removed.

security-group-changed

While all traffic is disallowed except my computer. I can log in and maintain a VM. Which means do backups check logs what happened, look for attacker IP address.

Gradually open traffic but it seems that there is still an issue.

Next decision that I have taken was to start gradually allowing incoming external traffic to my infrastructure.

But as you can see below there was second hit even greater. Between 1530 and 1600 was quite calm, but then when I allowed around 16:00 was a big bang.

network-in-attack

 

Again, repeat first step switched off everything and let’s wait…

Check IPAddress of attackers

In a meantime, I was looking for IP address/es of attackers, and I found that attacker was from Argentina.

Add entry to ACL with IPAddress, decided to block attacker their entire subnet

To prevent and block any dirty connection, I have updated ACL that manage and filter out any incoming and outcoming traffic. I decided that the safest option is to block their whole subnet.

acl-blocked-entire-subnet

Again start letting incoming traffic to infrastructure.

At the end around 16:05 I started once again to letting people into the server.

You can see on the image below incoming network. From about 16:05-16:10 send data is on a fairly OK level if you compare with what was 20 minutes before.

People can log in and they don’t have any problems with the game.

healthly-situation

Problem solved, what next ?

That was my quick story what happened to me on Sunday afternoon. Problem solved but what about further actions to prevent, or maybe create a failover plan, that can at least allow people to play ?

Introduce Load Balancer

First of all, what I have to do is to introduce a load balancer (ELB), even for this one VM. In the future if I will notice that attack is incoming I can immediately spin up fresh VM and redirect every player to this box. In a meantime, I have some extra time to deal with attackers.

cloudcraft - Helbreath Poland V2

 

Let’s imagine that attack is incoming, and a middle box is affected, so I immediately spin up two VM and fire up services on this boxes.

Because players connect by DNS, and it will be a stream for ELB, they will be automatically redirected to healthy instances. Of course, this way won’t help if an attack will be really, really serious and they will attack directly DNS

Monitor incoming connection to get a better overview.

This is very important! My infrastructure didn’t have this at the point of attack. If this attacker didn’t log into the game and threat to us. I wouldn’t know explicit his IP Address. Which could complicate things and probably it would take me much more time to solve this issue.

With help comes Flow Logs in AWS for your VPC. This monitor and log all IP addresses that are connected to your infrastructure. That way if they will attack again, from different subnet I can get their IP addresses from logs, then block traffic of this subnet to my infrastructure.

flow-logs-vpc

Set alarms on the usage of VM resources.

This part is also very important and it is going to play nicely with previous steps, so on AWS you can set up alarms if a specific resource is going to beyond of a certain threshold.

ddos-detector-alarm

In my case, I have created an alarm for data send to my VM by the external world. The alarm will go off when there will be a spike to of incoming data greater than 1GB a minute then it will send me a notification to an email. That way I can be aware of the possible attack or big popularity of my server 😀 and jump into action

Closing words

To sum up, that was a really amazing experience even if some players were affected and I was really pissed off, but I treat this as a lesson because I have learnt a lot of additional functionalities on AWS, and general ops approach this problem.

Refactoring legacy GUI application to CLI

If you ever wonder how it is to work with 15-year-old legacy C++ code, and how to make refactoring, this blog is perfect for you 🙂 

As ou may remember, I promised you to show you work that I do for Helbreath. When I decided to work on that, the first decision I made was to try to get rid of this horrible GUI, that was aperitif before I do more serious work.

Before we dive into C++ code, let have a discussion why GUI is evil in your backend server applications, shall we ?

If backend service, CLI only!

Be clean

The first argument is that your code is much cleaner because a program doesn’t have an unnecessary code, which is responsible for drawing and behaviour of your GUI, additionally you don’t mix context of GUI and context of your service. Which means that you don’t have noise in your code.

Fewer resources and dependencies

Another very important argument, your server will need fewer resources to run your application. Even you can run your OS without GUI in headless mode.

But, wait what with fewer dependencies ? If you don’t have GUI your code immediately has fewer dependencies to external libraries, pure profit! That way you don’t have to manage additional packages and worry that something won’t work on “very special” environment or OS settings. Moreover, developers who want to work on that project are less likely to get problems with the project set up.

Automatisation and ops work

The ultimate argument that you have to read and it applies to any software in production for more than 1 people.

Having you service as a CLI will help a lot with ops work, with CLI service you can automate everything from deployment, templating, to a startup of your application. Whereas with GUI application you can’t do that very easily, due to involved manual steps.

Next important argument – remote access.

Ideally, you don’t have to have access to the whole server/VM/machine to maintain your application, instead, you can easily connect to this application remotely and manage from your computer. This approach is more secure, we are avoiding direct access to a server and we also can whitelist IP address with specific port.

Refactoring time

Old Way

Let’s move on to our services that make Helbreath server running.

old_way_hb_services

Above you can see how two services looked like before refactorization, it was horrible GUI, lot of manual steps, such as providing username/password to the database. Each time you restart application you have to manually put credentials to the database. Imagine now that I do 20-30+ releases a day, it means that I would need to waste my keystrokes each time.

New Way

new_way_hb_services

In the other hand, this image above shows the current state of both services. It is much more beautiful, isn’t it ?!

Pure console, with some output information and nothing else!

No dialogue boxes, no fucking buttons, no weird messages. Just pure console.
But HOLA! wait! How can you see what is going on with your services ?

Easy answer!

Logs, Luke log everything!

In this case, I log everything to file and then use nxlog to send to papertrail.

papertrail_log

Now let’s check some code!

At the beginning I created a story on Github, just to have some place where I can track my work, and then pull request.

This is very important, every refactorization in legacy code (this is almost 15 yo) is big and difficult. At this example, I will try to share some of the mine strategies.

Make a research!

Spend a good time to analyse code and dependencies. For this specific problem, it took me like 1-2 days to understand a problem and come up with a solution. This is very important for young junior developers! You are a problem solver, not a code monkey, research is part of your job, don’t worry if you send one or two days on researching something.

Since I wanted to get rid of GUI, I had to check which part of code has the dependency to GUI the code or libs. So as you can see here and here I listed out all main places where GUI sits.

Cheat, Wrap, Hide!

My next advice is, cheat if you can, don’t refactor everything at once!

Do small bits until your old code will be so granular that you can understand the domain, and rewrite it. In this commit, I wrapped all the things into a new class.

I cheated because it still has GUI dependency (to the HWND class) but it’s hidden. But at least it doesn’t have code for dialog boxes, buttons etc.

Remove, Remove, Remove!

Most enjoyable part is, removing unused code and here, as you can see I removed a lot of graphics drawing specific stuff, which is not in use anymore.

At the end of this refactoring, I still have some dependencies to GUI, mostly to HWND class, but it is necessary to run a service because old windows messaging use this library to create async calls via TCP/UDP. Yeah, you read that correctly messaging require GUI dependency, total madness. It ended up with fairly ok refactored code, I don’t need any manual step apriori to run a server, everything is automated. I am ok with that for a now.

Helbreath Poland project

hb_blogpost

What is Helbreath ?

Helbreath is MMO games created back in 1999 by a korean studio – Siementech, seems that they are dead 🙁

At the same time there was a group of people who created open source code for this game, both server and client side.

This is very important, to understand that those sources were developed in 1999 / 2000 so some approaches were really good at that time. Now some of these approaches can be obsoleted.

What am I doing ?

I took sources developed ages ago by the community, and I put them on Github, and start fixing issues, refactoring some code and adjusting to standards. You can expect series of blog post on this topic.

Why am I doing this ?

Well, it is quite personal, because I have started my programming journey from this game, back when I was 13 or 14, that was my first MMO game and then I decided that I want to make my own server (this is an archived website of the server back 2006).

Well, at that time I didn’t know that I have to learn programming to even start my own server. I downloaded sources and yeah…I had to learn C++.

I read few C++ tutorials and it was a painful journey, like really painful as far I can remember most painful part was to understand classes, objects, reference, pointers.

It took me like two weeks to setup Visual C++ 6.0 (yeah something like that exists), and then I immerse into C++, even to that point that I haven’t been learning at my school (almost didn’t pass to next class) because every second I was thinking about programming and my “server”.

What is my goal ?

First of all, I want to clean up and refactor current sources, fix all critical and major issues/bugs.

This series of blog posts can be somehow a guide for juniors developers because I will show you few things that you shouldn’t do when you are writing your applications.
Then, I want to run a server for people to play, and check performance, and give back something to community of HB, and of course I am big fan of this game so I will play 🙂

My very, very end goal it to have at least one component of the server, rewritten in any language so that it can be run on Linux. Moreover, the domain of whole game is not clear and I want to write down documentation and get more readable code.

Conclusion

Stay tuned because a lot of content is coming! I spent last month to make it happen, I did few snap-storms on my snapchat about that. It’s ging to be amazing to see this transition.

Terraform in game development – Don’t Starve Together

dont_starve_together_blogpost

A while ago you could read about Vagrant for Don’t Starve Together (aka DST), this time let’s discuss about similar tool named Terraform.

As in vagrant blogpost I am playing Terraform with DST, because it’s quite good aspect and problem were you can check out tools like Terraform.

You may wondering what do you have with those all games ? Games for me were *THIS* thing that I started programming, it all has begun from Helbreath, were as a 13 years old I wanted to create my own server so I had to compile C++ source code, it was challenging for somebody with zero knowledge of C++, so that’s why I still love doing private server and giving back to gamers community.

Terraform is a tool that allows you to describe your infrastructure as a code, it means that you can write json-like description and it tells to terraform what it has to do to spin up required parts of infrastructure to achieve fully working environment. This tool is ideal for any kind of cloud provider it supports, Amazon, AWS, DigitalOcean

I have created terraform configuration for DST. Main place where my infrastructure described is vm-dontstarve.tf

This block describes that we going to use AWS provider, with access_key, secret_key and specific region.  ${var.aws_access_key}  and ${var.aws_secret_key} this is how you define variables.

In this part, we can see block that has information about AWS instance,  what AMI to use (image of OS), what type of instance, ssh key name, your custom security group and additionally how to connect with our VM during provisioning step.

Here we describe provisioning step, we can copy file, execute remote command, or execute command locally.

Next one aws_security_group block, which describe your topology of ports and connections between your machines. DST requires port 10999 UDP protocol as incoming traffic so we have to add ingrees rule, in “egress” we specify that we allow to any outside traffic on any port and protocol.

Last security rule (ingress) open SSH connection over 22 port, require to connect with our machine and to do provisioning.

For a long time I was wondering if tools like Vagrant, Terraform could be helpful in game development especially to maintain server infrastructure, and in my opinion they are! Soon I will blog more about hashicorp products and their usage in game development.

Don’t Starve Together and Vagrant

219740_screenshots_2013-03-13_00004

I had few approaches into Vagrant but every time I was recreating what somebody have done already which was quite frustrating because I couldn’t share what I have done and achieved. This time I came across with one problem that can be solved by using Vagrant and it’s a field where it wasn’t used before so it was also good time for me to do everything by my own.

First thing first, what is Vagrant and why I used it with Azure for Don’t Starve Together Server (aka DST). Vagrant is quite old tool, first time I’ve heard about this, it was at Paul’s session probably BuildStuff 2013. Basically this tool allows you to create configuration of your VM as a code, so it can be replicable on every VM provider or even at Cloud providers such as azure, aws. I chose vagrant and azure because I wanted to do easy and one command way to spin up don’t starve together server on cloud.

Vagrant-dontstarve, repository with complete tutorial how to get started, most difficult part is certification, yea a know…MS screwed it up totally…I hope so that one day it will be simplified.

Basically repository contain two main files, Vagrantfile and script.sh.

Vagrantfile is a file where it keeps whole configuration about your : VM image, provider, provisioner, network and more. Here is a configuration for azure, additionally provisioning is global and can be applied to others providers.

 

In the other hand script.sh is a simple bash script that contain instruction for a provisioning step, at this step you are trying to get your machine to certain state, it can set up privileges for users, install applications, configure them. At fallowing piece of code it tries to add architecture, then install all requires libs for SteamCMD.

 

Right now it’s configured only for one provider – Azure, but in few next days I would like to cover VirtualBox and AWS. There one issue that cannot be automated yet, DST requires to open 10999 UDP port, which now unfortunately vagrant-azure doesn’t support, but I hope so that I will make PR soon, I do have to find some time and get ruby environment to work 😉

Happy playing!

Pawel

Battlehack 2015 Demo

JustGiving API Demo

  1. Make a donation with reference code
  2. Retrieve donations for given reference code
  3. Retrieve donation for given ID

Those three calls are complete flow to make a donation and then get aggregated donations for specific reference, and then get details for specific donation. Additionally when you succeed make a donation you will get in response donationId as a URL parameter.

Check out our chat at JabbR, where you can ask question and discuss about API.

At our Github repository you can find complete collection for Postman. Feel free to import and play with it.

P.S Payment process, and queries above are set up against sandbox.

References :

What about formal education?

Recently I got BSc degree at Wroclaw University of Technology (aka PWr) in field of Electronic and Telecommunication, today in my blogpost I would like to talk about formal education, how I precept it,  and what it gives us. We will try to answer to following question, is formal education required to be a programmer?

Legacy

Before I went to Uni. I had some experience in field of programming, mostly basic knowledge about c++, c#, php, even my first *real* job was programming, during summer break at high school. In meantime when I was in high school I did few minor projects as freelancer. I am very glad that, I didn’t waste my time during summer break and instead of this I have been gaining knowledge.

During that time my ego was very huge, probably because I was very young and my thinking was that I can do anything, beside that was the time when I thought that I know *everything* and I can do the same job as colleagues with 5+ years experience. I was so wrong…

I was almost ready to drop out of university, because I thought that programming is just about writing the code, and math ? who cares about math…and other skills.

Expectations

My expectation about university wasn’t clear enough, but for sure I wanted to continuously improving my programming skills (yea right now I know that it doesn’t matter) and I was hoping to get more knowledge about algorithms and data structures.

As I said before, I thought that knowledge I had before my Uni, was everything that I need, and University won’t give me neither skills nor knowledge that I would use later in my career.

I think that most of us had same expectations and point of view about university, especially people who had previous experience with programming or they started their journey very young.

Reality

Reality, was huh…very different that my expectations, basically because I went into Electronic department and my field of study was Electronic and Telecommunication, so in a first look it couldn’t have so much common with programmer job, and its skills.

Of course I was wrong (again n-th time), I got great classes with programming on all levels of abstraction, ASM, C, C++, C#, Matlab, I was programming DSP, distributed systems,  optimizations algorithms, data structures, sorting algorithm. Many interesting things, that’s why now I am a little bit disappointed, because I didn’t make my best to focus on my study properly.

Even during one of the laboratory I propose to do pair programming with piece of TDD, and she has agreed on that. Always remember, if you want to do something in different way, then just ask your professor (99% depend on you, how you do it!).

Studies gave me very strong background about computers, and computer science theory, a lots of math…but hey! functional programming is all about math, physics, electric circuits theory (this is one of the legendary subject, due to hardness to pass)

Beside, at my third year of studies I had classes about image processing, optimization, numerical algorithms, pure joy! That time I realized that web development is boring as hell, that why I chose to my BSc project a Optimization Algoritm as a subject. I will write more about my BSc project later, but it was amazing to learn new language within 2-3 weeks.

Post-graduate feelings

I think that lots of students they forget that university isn’t profession school where you are learning to be a just a worker, Uni is beyond of this, it is a school where you are learning to be a inventor, creator that know all about what is hidden behind of specific platform, or some level of abstraction, you know math, algorithms, how something is built.

What I feel right now, that I didn’t use my time properly during my university, at least first two year of my studies, I think that studies are the best time to learn as much you can and discover things that normally you won’t discover.

Why you might ask me, because during your university you are still young, you have loads of power, free time, you don’t have any real commitment, mortgages. That’s why you should use your time wisely! Don’t worry, time for settle down will come! and don’t worry about money it should be just a side effect of your work, something not really relevant at the begging. Time for real money will come as well.

During this three years you can get know a lot of interesting people, maybe even your future partners in your business, at PWr, we do have a lot of group of interests. Get involve yourself, even if you are really beginner, it doesn’t really matter, because at those groups you will meet a lot of people that will help you to kick off with your knowledge. As Jakub wrote at his blog, you can be good code writer without university and computer science, but you are going to miss a lot of fun and knowledge.

Ending word, in my opinion if you want to be just a programmer (aka coder), you don’t have to know all about computer science, you can learn coding via video courses but some of the knowledge is still difficult to get from internet. For me discussion with professors was really relevant in terms of getting knowledge, they walked through all this knowledge, problems years ago and it can be really nice to see different point of view. I am sure that formal education is not required if you want to be a programmer, but it helps a lot in terms of learning new things, getting know variety of abstraction and what is hidden beyond of them. I want to really encourage you to get a degree at least BSc because it’s pure fun!

University degree is not required to be a programmer, but it’s useful and helpful.

Please let me know what you are thinking about this, and if you have any questions feel free to ask me here or via email pawel@sawicz.eu

Resources:

http://jj09.net/10-things-learn-university/

http://www.daedtech.com/how-developers-stop-learning-rise-of-the-expert-beginner

@Edit : Thanks for Michal Franc for review, and kind word.

Stochastic Approximation – Beginning

example-of-function

Hi everyone, this time I would like to present you something more ambitious than previous blog posts.

Since it is my last semester at Wroclaw University of Technology, the time of BSc project has come. I will write down a mini-series about my preparation, sometimes it can be more technical or just theory. This write is a introduction what is about my project.

Ideas

In the middle of may 2014 I have realized that it’s time to choose a subject for my final project, I had plenty of ideas my like : own interpreter, nosql database, some new tools, implement continuous delivery  but I wanted also to do something not ordinary so after few talks with my supervisor we have agreed to parallel implementation of some optimization algorithm, then we chose Global Stochastic Optimization algorithm described by Sid Yakowitz.

Optimization ?!

Yes, you may wonder that it’s something boring but it’s not!

Especially, this field of studies is getting more popular or at least should be, because we can use those high specialized algorithms on our big data sets to optimize or find solution of our problems.

Where it’s useful ?

We might use it in problems where we want to optimize our problem. I would say that the problem of optimization is everywhere from signal processing to production in some sort of industry. Almost everything can be represented, described as a mathematical model and then optimize.

As you already know that this algorithm can solve some optimization problems you may ask so how many different information (variables) Can I provide ? Basically this algorithm is powerful and quick up to 9th dimensional functions

 What’s my plan

My plan for the next couple of weeks is to create fully working algorithm for 3D problems, so far I have read one article SIAM and one section of the book, it took quite long time to understood what is written (a lot of math!).

First prototype written in R is almost done (but about this I will type separate blog post)

Resources

First of all chapter of this book (Random search under additive noise) is a basic knowledge then you can read this SIAM which is less difficult than this book.

Repositories :

https://github.com/pawelsawicz/Thesis

and

https://github.com/pawelsawicz/Thesis.Documentation

#dotnetconfPL – 2014

dotnetconf logo

 

Hey!

Hey all I would like to invite you to second edition of dotnetconfPL. If you hear about it first time then check out last edition. As you may guess this conference is in Polish, we were inspired by global edition, so we decided to do it in Polish.

At this year we have few more licences to raffle during our event, six resharper and three ncrunch. Thank for all sponsors!

This edition has seven technical oriented talks and one soft oriented talk, we tried, and we want to experiment this approach.

When?

18 October 2014, we are going to start at 3:00 PM GMT+2

Where?

Internet, so you can join to us whenever you can.

Resources :

http://dotnetconf.pl/