Provisioning a Windows box with Vagrant, Chocolatey and Puppet – Part 2

Now that we’ve successfully set up our Windows box, the most pressing question that people ask themselves would be: How do I administer my box without SSH, as we started from a bare box without installing a SSH daemon beforehand?

The answer to that would be WinRS (Windows Remote Shell), the Windows equivalent of SSH. Assuming that you’ve followed the packaging and setup instructions for your Windows box previously, WinRS and it’s dependency, WinRM (Windows Remote Management) should already be setup correctly.

In order to administer our Windows box, all we need to do is to simply  replace our well loved

vagrant ssh


winrs -r:http://localhost:15985 -u:vagrant cmd

which will launch a remote PowerShell terminal and log you in. And there you have it, command line administration of a Windows box!

One current limitation of using WinRS is that due to the way it pipes standard output, we can’t run console based text editors  such as nano, pico, vim, etc if we want to edit files in the box. As a workaround, I’ve placed files inside a shared Vagrant folder and edited them on the host, and also edited code on the host, pushed it to GitHub and pulled it on the guest. None of these solutions are particularly elegant, but command line administration of Windows boxes still has some ways to go before it catches up to the *nix world.

Now, to install Jenkins, instead of running apt-get install jenkins (depending on your preferred version of Linux), you can simply run

cinst jenkins

With a combination of WinRS, Chocolatey and Puppet, the next time someone doubts that you can automatically provision a Windows box and administer it from the command line, you can now show them how it’s done .


Provisioning a Windows box with Vagrant, Chocolatey and Puppet – Part 1

I’ve always thought that Vagrant’s one of the coolest things since sliced bread, and an absolute godsend for provisioning server and database boxes quickly and cleanly in order to avoid cluttering up my main machine with extraneous fluff and to avoid snowflake configurations during development. The only drawback I’ve encountered so far is that it has always seemed to be more suited for *Nix boxes only.

With some Googling, help from people smarter than me and much experimentation, I’ve managed to provision a Windows Server 2008 R2 box and this post will chronicle some of the trials and tribulations I’ve faced on this interesting journey.

First off, you’ll need a licensed copy of the Windows OS, of course (I used Windows Server 2008 R2). Next, install the vagrant-windows plugin. Setup your OS according to the “Creating a Base Box” section and package it using

vagrant package --base  --output 

With that, you’ll be done with the easy part and the more interesting stuff begins. We’ll aim to provision our Windows box by first bootstrapping the installation of Chocolatey, an amazing little piece of software that brings automated command line software installs to Windows. Think of it as brew for OS X or apt-get for *Nix machines. Once Chocolatey has been installed, we’ll use it to get JDK 7 and Puppet to our box. For a more complete example, we’ll then use Puppet to setup ant, Git and Maven before adding Jenkins manually via the command line. You can clone the entire setup needed to replicate this example (minus the box itself) from the repo at Github.

First, let’s take a look at this particular line from the Vagrantfile:

config.vm.provision :shell, :path => "setup_requirements.cmd"

This setup_requirements.cmd will execute remotely execute 2 powershell scripts to install .Net 4 and Chocolatey respectively. Much thanks to ferventcoder, the author of Chocolatey and from whom I got the scripts from. Although the latest version of Chocolatey will install .Net 4 if it doesn’t exist, it doesn’t work for me when installing remotely via powershell, hence the need for a .Net installation script beforehand.

Once that’s complete, we install the JDK and puppet via Chocolatey before we reach this next interesting line:

config.vm.provision :shell, inline: "puppet module install --force rismoney/chocolatey"

There’s 2 things to take note of here. This line installs the Chocolatey package provider for Puppet’s usage, and the –force makes this command idempotent as the provisioning process will fail if you call

vagrant provision

without this flag. The advantage of being able to use Chocolatey’s package provider in Puppet is that you can reuse all of Chocolatey’s package names in Puppet. For example, our Puppet file looks like this:

node 'default' {
  package { "maven" :
        ensure => "3.0.5",
        provider => 'chocolatey'
  package { "apache.ant" :
        ensure => "latest",
        provider => 'chocolatey'
  package { "git" :
        ensure => "latest",
        provider => 'chocolatey'

where the package names correspond to cinst maven apache.ant git. At the point of writing, cinst maven doesn’t work as it’s pointing to the 3.0.4 package, which is currently 404 and will cause your provisioning process to halt (be it Puppet or Chocolatey), so we point it to version 3.0.5, which is available.

With that, we now have a basic Windows box up and running. In the next part, I’ll delve into setting up Jenkins on our box remotely using WinRM and WinRS. No SSH required!


Building Dropwizard with Ant

Dropwizard is an amazing framework for anyone who wishes to build web services, and I heartily recommend it. However, for those sitting behind closed corporate intranets without any proxy Maven repositories, it can prove to be a bit of a hassle to set up.

Firstly, one has to transitively follow the dependencies and download the dependent JARs. This shouldn’t be much of an issue, it’s just tedious. The more interesting issue that I encountered was the exclusion of digital signatures from signed JARs while writing an Ant script.

My initial attempt was to add the file pattern as an exclusion attribute for the zipgroupfileset task. However, it seems that there’s no way to filter files when using zipgroupfileset as the include/excludes applies to the zips to be merged, not the content within them. After some consultation with a developer’s best friend, I came across the following solution:

<jar jarfile="dist/external-libs.jar" filesetmanifest="mergewithoutmain">
  <zipgroupfileset dir="lib/">
    <include name="**/*.jar"/>
<sleep seconds="1"/>
<jar jarfile="${dist}/lib/historadar-${DSTAMP}.jar" filesetmanifest="mergewithoutmain">
    <attribute name="Main-Class" value="com.example.helloworld"/>
    <attribute name="Class-Path" value="."/>
  <fileset dir="classes/"/>
  <zipfileset src="dist/external-libs.jar">
    <exclude name="**/*.SF"/>

Assuming that one has already compiled the classes to the classes/ directory, the first jar task then puts all the jars it finds in lib/ into external-libs.jar. It then waits for one second to avoid getting warnings about the files having modification dates in the future. Next, the second jar task merges my class files from the classes/ directory with the content of external-libs.jar while excluding all digital signatures from the signed JARs.

With this, one should be able to build an executable Dropwizard JAR via Ant.


Microservices with Jetty and Jersey

When it comes to deploying REST web services with an embedded server such as Jetty, one would typically go about accomplishing it by specifying the WAR file in Jetty or running it from its exploded source components.

However, I wanted to avoid even the slightest hint of WAR files and web.xml files and deploy microservices that are as similar to POJOs as possible. After fiddling around with Jetty and Jersey, I’ve managed to come up with a simple way to deploy services that’s almost like plain old Java. In fact, I find that it’s much more pleasant to work with pure Java as I don’t have to worry about specifying pesky classes and configuration files.

Imagine that we have a simple resource:

package org.microservice;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;

public class HelloWorldResource
	public String helloWorld()
		return "Hello World!";

Next, we just need the following main class and we’re done:

package org.microservice.runner;

import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.thread.QueuedThreadPool;

import com.sun.jersey.spi.container.servlet.ServletContainer;

public class HelloWorldService
	public static void main(String[] args) throws Exception
			Server server = new Server(8081);
			ServletHolder servletHolder = new ServletHolder(ServletContainer.class);

            // IMPORTANT: you have to specify the package where your resources are located in order for Jetty to pick them up
			servletHolder.setInitParameter("com.sun.jersey.config.property.packages", "org.microservice");
            // comment out to hide debug information
			servletHolder.setInitParameter("com.sun.jersey.config.feature.Debug", "true");
			servletHolder.setInitParameter("com.sun.jersey.config.feature.Trace", "true");

			ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
			context.addServlet(servletHolder, "/*");


			QueuedThreadPool queuedThreadPool = new QueuedThreadPool(10);

		catch (Exception e)

Once you’ve exported it out as a runnable .jar file, you can start your lightweight microservice with

$ java -jar <your_jar_filename>.jar

HAProxy – Installation and Configuration

I’ve been playing around with deploying REST web services via Jersey with embedded Jetty servers and decided to use HAProxy as a software load balancer in my development environment as there aren’t any spare F5 appliances lying around.

After downloading the tar, issue the following commands to quickly install HAProxy in your current directory:

$ tar xvfz haproxy-1.4.22.tar.gz
$ cd haproxy-1.4.22
$ sudo make install

Before we start on the configuration file, let’s assume that we have the following endpoints:

# load balanced url

Our simple configuration file will then look like this

        log   local0
        log   local1 notice
        #log loghost    local0 info
        maxconn 4096
        chroot /usr/share/haproxy
        uid 99
        gid 99

        log     global
        mode    http
        option  httplog
        option  dontlognull
        retries 3
        maxconn 2000
        contimeout      5000
        clitimeout      50000
        srvtimeout      50000

listen  servicefarm
        mode http
        cookie SERVERID insert
        balance roundrobin
        option httpclose
        option forwardfor
        stats enable
        stats auth myuser:mypassword 
        server server1 cookie SERVER1 check inter 2000 rise 2 fall 5
        server server2 cookie SERVER2 check inter 2000 rise 2 fall 5

“server1” and “server2” are the server names that will appear in the log files, while “SERVER1” and “SERVER2” will be the cookie strings returned by HAProxy.

Here is what actually happens with the simple HTTP load-balancing with cookie insertion specified above:

  • HAProxy will receive clients requests.
  • If a request does not contain a cookie, it will be forwarded to a valid server.
  • In return, a cookie “SERVERID” will be inserted in the response holding the server name (eg: “SERVER1”).
  • When the client comes again with the cookie “SERVERID=SERVER1”, HAProxy will know that it must be forwarded to server1. The cookie will be removed so that the server does not see it.
  • If “server1” dies, the requests will be sent to another valid server (“server2”)and a cookie will be reassigned.

Next, HAProxy can be started with:

$ ./haproxy -f haproxy.cfg

Now, any calls you make to will be load balanced to either “server1” or “server2”. Fiddler is a nice and simple tool that you can use to inspect your HTTP traffic.

HAProxy also provides a nice stats page that can be accessed at

With the configuration above, the username will be “myuser” and the password “mypassword”.

Lastly, if you ever need to do a hot redeploy of HAProxy, such as picking up an updated configuration file, you can run:

$ ./haproxy -f haproxy.cfg -p haproxy.pid -sf $(cat haproxy.pid)

Missing WebLogic classes for FindBugs Ant task

I’ve recently encountered a problem with integrating the FindBugs Ant task into my build script recently for Hudson integration, which puzzled me to no end as my program compiles just fine by itself. Judging by the FindBugs error message, it seems that it needs some auxiliary classes necessary for analysis, but not compilation.

The 4 missing classes were:


This was a problem. I had totally no idea which libraries these classes were in. After some googling,
I downloaded JarScan which solved my problem perfectly. Now all you need to do is to execute

java -jar jarscan.jar -dir C:\bea103\modules -class SecurityServiceManager

and you’ll know which pesky library to add to your classpath. Thanks to JarScan, I realized I had to add


to my classpath for the Findbugs task to run successfully.


QCon 2011 San Francisco Review

Well, it’s been an eventful trip to QCon and after spending some time digesting the whole thing, here’s some of my thoughts:

It tends to be geared more towards the startup crowd rather the traditional, stodgy enterprise. I say this because a lot of the new sexy tech that’s talked about tends to be too new for the traditional, risk adverse enterprise.

That’s not to say, however, that the enterprise can’t learn anything. Some of the enterprises gave talks that really impressed me away with the level and quality of engineering. Visa, ESPN, NetApp were outstanding. Urban Airship, which I guess isn’t really an enterprise, gave an excellent talk on their micro services-esque architecture. The Netflix session was also great, though it wasn’t anything new from what you can already find on the Internet. Of course, you can say that about a lot of sessions at a lot of conferences but the real value is in networking and picking the brains of awesomely smart people behind the software that you love to use. Can you say IT fanboy?

On the other hand, the Facebook talk was really disappointing. I guess I sorta went in with the wrong perspective, hoping for a technical, in-depth view of their architecture stack. As it turns out, it was heavily focused on general management, engineering and release perspectives. It seems that some people really liked it though, judging from the live tweet stream.

There’s also a heavy, heavy emphasis on mobile and HTML5. I wonder would it be the same for QCon 2012?

As for the tutorials, I really wanted to attend the continuous integration session but unfortunately by the time I got moving, it was completely filled. In the end, I attended the Neo4j and REST sessions. No regrets, as I found them to be helluva interesting.

Neo4j seems really cool and I loved their koan approach to exercises. It’s really fun and refreshing, compared to the repetitive and mechanical exercises you find in Oracle courses.

The REST session was extremely helpful and I didn’t really have much working knowledge of REST going into the session. My level was pretty much limited to making requests and parsing the results. 3 levels of REST maturity? Not a clue. Needless to say, I walked out of the session as a much more enlightened developer.

I wish that ALL the slides could be available immediately after the session concludes. I had to wait weeks for some of them to be uploaded. I understand if the videos take a bit longer to show up on InfoQ but come on, slides? This’ll help immensely for folks who have to give a presentation on the sessions right after they get back to work.

More importantly, I didn’t win the ThoughtWorks compendium!


QCon San Francisco 2011

Will be leaving for QCon SF 2011 in 5 days time. It’s gonna be a blast to hear from ppl with real life in-the-trenches experience with dealing with scaling problems at companies like Netflix and Amazon. Will be tweeting and blogging about it if the WiFi is up to par.


Review: ActionScript Developer’s Guide to Robotlegs

I recently purchased ActionScript Developer’s Guide to Robotlegs as I’m currently working on a project at work that uses Robotlegs and I thought it might come in handy. The attractive price point plus the 50% offer from O’Reilly definitely helped as well, of course. Since then, I’ve gone through the book and decided to give my point of view from a developer who’s already familiar with Robotlegs.

Basically, if you have

you will basically skim through 60% to 70% of the book. That doesn’t mean that the book isn’t worth your time. In fact, I found the remaining 30% of the book to be remarkably informative and enlightening.

The 2 projects that were used as examples in the book give a nice overview of how real applications should be structured, which is something I didn’t really get a feel of by just looking at the demo bundle.

Chapter 10, which goes into detail on how to test your models, commands, services and mediators, will prove to be a boon if you write tests. (you should!)

Apart from this, there were design tips sprinkled throughout the book about best coding principles for your mediators, services, etc that I found helpful. The authors also highlight some possible signs of code smells in your Robotlegs classes that made me realize I was doing certain things the wrong way. (eg: monolithic mediators, adding/removing children from the view in the mediator, etc).

All things considered, it was a good read for the price point and I would say that it’s a possible purchase for a developer who has worked with Robotlegs before. If you are new to AS3/Flex frameworks, I would definitely recommend getting this as it collects all the relevant information together in one location and drastically reduces the requisite fumbling around that always occurs when one starts off with a new framework.


Flex 4 Font Size Manager

I’ve uploaded an optimized font size changer based on Maxim Kachurovskiy’s component that one can use to change the font size of Flex applications since the browser’s zoom function doesn’t affect Flex apps.

The changing of sizes through scrolling the mousewheel has been disabled as it results in massive lag for apps with complex layouts.

The font size changer can be found under the Projects menu header or one can jump directly to the example.

For those who are interested, feel free to clone the github repo and contribute.

1 2 3