Lessons & Guidelines Learned

Docker is everywhere and there are many ways to make Dockerfiles, and many examples, all very simple, with few really good ones around. And the good ones are rarely annotated or explained on why they are good or what you should do.

So, this article is about useful standards and guidelines I’ve found useful in creating more complex Dockerfiles and is related to my DockerFile Annotated Example.

General Concepts

First, there are some general guidelines, mostly centered around long-standing good engineering practices that also apply to Dockerfiles. …

Thoughts on how to do it right

Laying off people is never easy, especially in challenging times when others are doing it, too. Having done this a few times over the years in a few countries, perhaps I can offer some thoughts.

First, no matter how to you it, layoffs are painful on everyone involved, obviously especially on those being let go. While there may be a few folks who were wanting to leave, or whom you wanted to leave, in most cases most of the people are valued team members pulling in the harness every day, and for the long haul. …

Summarizing what’s important

This is a reproduction of our internal company values from about 2016 as we were growing our China-based Cloud & Internet Managed Services business. We think these values apply in a practical way for all companies. See our related article on the right way to write company values.

We’ve come a long way since our founding in 2008.

We have built the world’s top Internet operations company, with capabilities far beyond what others can do, in China or around the world. Our years of sometimes painful experience have taught us much and prepared us for an amazing future in helping the Internet world.

More recently, we received a $9M investment…

How search works under the covers

Source: Unsplash


Elasticsearch® is a very powerful and flexible distributed data system, primarily focused on searching and analyzing billions of documents. This article is about how that’s done, focusing on query and data flow through the cluster, from the disk up to all the shards, indices, nodes, analyses, filters and more.

This blog is about how searching works at a fairly deep level, and our goal is to walk through the process from search request to a results reply, including routing queries to shards, analyzers, mapping, aggregations, and coordination. …

My Daily Routine

Men don’t talk about their latest facials, manicures, moisturizers, and so on, but they should. Not only is this stuff good for you, it’s good to share good ideas so other men both see what’s normal, and learn from it.

So, in the spirit of sharing, here is my routine and related products. I hope you find it useful. I’m also including some of the lessons or learnings I’ve found along the way.

By way of background, I’m a 50-something white technology guy, who grew up in the lovely Maine countryside, eventually ending up in Silicon Valley and Shanghai.


Well, yes and no …

Elasticsearch® helps power the on-line world, providing sophisticated and powerful searching and analytics of documents, text, logs, metrics, and more. It’s distributed, scalable, and almost absurdly flexible, yet relatively easy to use.

On the other hand, Elasticsearch® has a reputation for being a bear to manage, and, at least in older versions, unstable or easy to crash. It’s come a long way in recent versions, but remains a challenge to deeply understand, troubleshoot, and tune.

This is due to its inherit power and complexity, but also to the relative lack of management tools. …

Getting real CPU Load Average on Linux

Linux Load Average is as old as the hills, and about as confusing, as few engineers can even tell you what it really is or how it’s calculated.
Fortunately, Brendon Gregg has a great summary including its history, at Linux Load Averages: Solving the Mystery, where you can see the core problem:

Linux Load Average includes I/O

It’s as simple as that. Unlike all other UNIX-like systems (Solaris, AIX, etc.), Linux counts BOTH running/runnable processes AND blocked (uninterruptible) processes, which are usually waiting for I/O. …

How & why we build our OpsStack platform & application

Lots of people are building SaaS systems these days, often starting from scratch, hunting for tools & procedures, and making things up as they go.

So I thought I’d outline how and why we do it our way, based on best-practices and good tools, while keeping it simple and manageable.

First, a bit about OpsStack — it’s a mid-sized SaaS system for IT & Cloud operations, to build, monitor, manage, automation, etc. on-line systems at scale (dozens to thousands of servers).

It consists mainly of a large and fairly complex SaaS web application, with various server agents, APIs, schedulers, and…

Securing & Sharing Thousands of Secrets w/ Hundreds of People

We have lots of passwords, keys, and secrets. Thousands of them, for hundreds of customers, thousands of servers, services, and systems. As a large-scale MSP, this is our life.

Yet we still struggle with managing all these secrets, as there are no good methods, just less bad ways. We’ve been trying for nearly a decade.

This article is about these challenges, possible solutions, and ideas, as we think lots of folks have the same problems and some hopefully have better ways, too.

First, what kind of secrets do we have, or have to deal with?

Everything from Linux/Windows users and…

Steve Mushero

CEO of ChinaNetCloud & Siglos.io — Global Entrepreneur in Shanghai & Silicon Valley

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store