SQL Tuning

SQL Tuning As a DBA I find that people think I know about how to tune SQL. They present me with a query that looks simple, but on inspection has views on views on complex views, and has an explain plan of over 100 lines! It is difficult to know where to start, particularly when you don’t know what the SQL is supposed to be doing, or understand the structure of the data within the database.

Ansible Tricks

Some Useful Ansible tricks Including a playbook I am working on extending my automation to do some new things. We refresh test environments from production. Previously we used to copy all the code from production back to development. Now we build the VMs from scratch, so we don’t need to do this any more, but it would be convenient to call the VM build in the middle of the refresh.

Hiding Passwords In Ansible

Often configuring a system involves running scripts and passing passwords as a parameter. If all goes well, this is fine, Ansible just reports the task has changed. If not, the password is logged, which is bad if the output is being sent to people who shouldn’t know it. Here are some thoughts on how to get round that. Setup Start with the following playbook for demonstration purposes: 1 2 3 4 5 6 7 8 9 ---- hosts:127.

Moving

Moving My hosting at the University of Cambridge: people.ds.cam.ac.uk/psh35 is being discontinued. I am therefore moving this blog to Netlify: Please update your bookmarks or feed reader to: https://curiousdba.netlify.com/ Netlify This wasn’t as hard as it might have been. I took the opportunity to upgrade the theme, because GitHub complained about the security of some of the components. This caused the site not to build. The new version of the theme requires Hugo pipeline, which means it needs a recent version of Hugo extended.

Git On Windows

Here is a possible way to use git on Windows to work on a git repository in GitLab. The nice thing about GitLab is it uses git, so any Windows git client can be used. I prefer command line myself, but there are GUI options including the git supplied one which I will be using. Installing software I suggest using chocolatey to manage software. Follow the installation instructions on the chocolatey website to do this.

Enroling A New Admin

The Idea Sometimes you see a private shared lane which has a gate to stop people using it, but the people who are allowed have padlocks in a chain. Anyone who has a padlock in the chain can open it with the key in their keyring. Image from pixabay. This is very much like how the secure keys work. If someone else wants to be able to use the gate, they have to get one of the three key holders to go to the gate with them, open their padlock, and insert their padlock into the chain.

Secrets, Ansible and Regpg

I like Ansible, but I find one omission in the way it works is the lack of a way to manage secrets, i.e. things like private keys, passwords, and access tokens. I stored passwords in the inventory file. This means the inventory file is large, and can’t be checked into version control, which makes it difficult to manage. My first test is to create another git repository to check out onto the VM.

Installing Open SSH on Windows (Automatically)

Our PeopleSoft system has a couple of maintenance tasks which are kicked off from the database server. I am converting it to use Ansible and a management server, but in the meantime I need this to work. We had been using Bitvise SSH server on Windows, but experienced problems with it locking up occasionally. Also we needed to create some new Windows VMs and wondered if there was a way to do the work without paying for more licenses.