October 18, 2018
A couple of days ago, Eliot Horowitz, CTO & co-founder of MongoDB announced that MongoDB is moving from the AGPL to the SSPL license.
The SSPL is a new license, just created by MongoDB.
In the post, Eliot points out that they created the SSPL starting from the AGPL, and he affirms that the new license guarantees all the freedoms the AGPL does.
I firmly believe that the SSPL is not a FLOSS license since it limits the possibility of the cloud providers to provide an “as a service” version of it.
This case might seem trivial and an edge case, but the complete freedom of usage is one of the FLOSS movement and licenses pillars.
Read More 
September 23, 2018
Golang uses URLs for the dependencies packages resolution.
To unbundle the code repository hosting the package and the import path, Golang supports the idea of Vanity Import Paths.
The way this has been implemented is that, as long as the import path points to a page where Go can find the real package URL, it will follow through.
So, we will need to create a web server that can serve pages in a way that the Go toolchains can understand.
To do so, I use the following code:
Read More 
August 31, 2018
Lately, I found myself to work on an application that was communicating via SOAP with a server.
My goal was to understand how this application worked with the SOAP server to emulate its behavior.
Even if I had access to the source code of the application, I thought it would have been easier, faster and more fun to do the work without actually reading the code.
It’s important to note that actually, the application is fairly small and self-contained. Otherwise, I would have probably taken a different approach.
Read More 
July 13, 2018
If you have ever used Docker or any other Linux OCI container system, you inevitably have incurred in the following error:
x509: failed to load system roots and no roots provided
This message is remembering you that you forgot to provide Root Certificate Authorities to your application.
There are two different ways to solve this:
- mount the /etc/ssl/certs folder from the machine where the container is running
- bundling the root CAs in your image
As you may imagine from the title, I believe that the second option is by far better than the first one.
Read More 
June 27, 2018
Lately, all website are urging their users to enable second-factors.
The push for multi-factor logins is a good thing from my point of view, since the people are putting more and more details of their life online and is a good thing that companies start to understand the security implication of this and are trying to teach their users good security practices.
The real problem is what is defined as second-factor.
The possible factors are three:
Read More 
May 9, 2018
A couple of months ago, I wrote a blog post about why containerization is not always the answer and I’ve received quite a few comments about it.
This article has the goal to analyze an aspect in favor of containerization which I believe to be true but was not mentioned in the previous post: the time aspect of the phenomenon.
In the ICT sector, we are used to new technologies, or at least we should be.
Speaking of architectures, I still remember when I started in the ICT sector that VMWare had just introduced ESX (not ESXi) and there were two ways of looking at it:
Read More 
April 12, 2018
As many other clouds, Google Cloud Platform provides an Object Storage service, Google Cloud Storage.
As many other Object Storage service, Google Cloud Storage provides an HTTP server to deliver your files quickly.
When I started to use Google Cloud Storage and its HTTP server I have not been entirely pleased by how it works and therefore I wanted to re-implement the HTTP server so that I can manage it completely.
Read More 
March 27, 2018
UPDATE: I’ve then written another post to clarify better my point of view on the future of containers.
When I hear people (and usually those people are salespeople) saying that as soon as you put a Container Platform in your company, all your problems go away, I feel bad for the company they are trying to sell it to.
I’ve seen far too many container platforms (as well as many other technologies) fail at customers because they have been sold as this magical problem that makes all your problems go away.
There are many reasons why a container platform could fail in a specific environment. The main reasons in my opinion are:
Read More 
February 4, 2018 - Bruxelles, BE
This year, as it has happened for the last few years, I’ve been at FOSDEM.
As always I’ve enjoyed it a lot, and that’s why I continue to go there, and every time I have to suggest other people which events to attend in Europe, I always mention FOSDEM as the principal event.
This year, differently from previous editions, I tried to stick to a single room during Saturday (the Go one).
Being in the same room for the whole Saturday allowed me to follow more talks (no time wasted moving from a room to another and less sitting problems :D) which was convenient since I wanted to follow all talks in that room anyway.
Read More 
January 5, 2018
I found myself multiple times in situations where people were trying to explain to me how much they are (or would like to be) DevOps and how awesome DevOps is and how productive their teams had become since when they merged the Dev team and the Ops team, and they don’t have any team which is not DevOps and application-centric.
I usually stare at them thinking that they have no idea what they are talking about, or they have just outsourced all the non-application-centric side of their IT and have not realized it.
Read More 
(Fabio Alessandro Locati|Fale)'s blog