So, I’ve used kuberenetes (k8s from now on), for around a year now, and have gotten fairly comfortable with the open source dashboard (OS Dashboard from now on). It’s more or less included with a clean install of k8s. Recently, however, when I was creating a cluster using k8s v1.7.0 for the new Akshon Esports website, I no longer knew my way around.
When I tried to access the web ui through kubectl proxy, I would get this 403 error complaining about permissions.
Now, I knew about the new RBAC system in k8s from v1.6.x (which I also had problems with since I was accessing it insecurely using HTTP basic auth before that), but I could still use the proxy which had always been the recommended way to access it according to the GKE documentation. But this time not only did they deprecate and break the the OS Dashboard, their replacement, on their own GCP console, is read only and doesn’t have much to see.
I honestly don’t mind using kubectl to control everything. The only problem now is that my boss is not going to understand the terminal full of undecipherable (to a layman) text when he comes around.
Admittedly, I haven’t looked into the RBAC system very much. I don’t really feel the necessity to do so. Surely, the GCP console will get better but they really should’ve kept the OS Dashboard via kubectl proxy working.
WordPress is honestly a really nice platform. It’s one the oldest, most loved, most despised yet ultra common piece of software out there. Supposedly, it is used by a near 60% of all websites that use a CMS. It’s so common that you may not even notice that a website is even using it.
It has a beautiful and (somewhat) intuitive interface. It has a great supporting community, always ready to help. I would even go as far as to say that many people who don’t already use wordpress want to switch to wordpress at some point (as evident by my recent projects).
However, once you dive deep, you’ll find that it’s riddled with issues. I believe that most of these issues stem from one crucial problem: WordPress’s unextinguishable desire to keep backwards compatability.
WordPress uses a versioning system of X.X.Y instead of the standard X.Y.Z. Which isn’t a big problem, except for the fact that they want to call every sort-of “feature release” a major version. Sure, it might be something major in terms of the wow factor or it might improve the user experience, but by no means is it a “major release”.
To the rest of the industry, a major release is an API breaking release. This, however frustrating, is supposed to be somewhat reminiscent of spring cleaning for a piece of software. The fact that they still have snippets of code dating back to the earliest versions of wordpress means that with every new “major version”, WordPress will become a little bit slower.
Although I will continue to hate on WordPress, I will continue to take on projects involving wordpress and I’ll continue to recommend WordPress to my clients because it is honestly a really nice platform.
PS I really wonder, worldwide, how many terabytes of ram can be save from a little spring cleaning of WordPress.
Recently, I spent quite a bit of time with the reflect package. It’s a wonderful alternative to the generic classes of other languages.
Everything worked almost exactly like as I imagined. However, there was one thing (more like a half) that totally stumped me: the Value interface and it’s “addressability”.
The Type Interface
To briefly explain this to non-go programmers, it’s a lot like reading the metadata for any type of object.
I can get the type (class) of any object and then get the name and type of any field or method of each type.
The Value Interface
This represents an instance of an object or literal, wrapping it in a “generic” object.
Like the Type interface, I can get the value of any object and then get the value of any field or method of each value. Even further, I can set a value with another value or object.
My Predicament
The documentation says that for me to be able to use the Value interface to modify data, the object must be addressable. However obvious it may be to me now, the documentation doesn’t actually explain what this means. The ignorant me, just assumed that since it’s the “value of” my object, it directly takes the address of my address. Several hours of head scratching later, I finally realize that I have to pass the pointer of my object to the Value interface for it to be “addressable”.
Why is this expected?
When passing your object into the function, it actually acts like any other function; passing by value, will duplicate the value. This elementary fact would have save me hours.
Lesson Learned
Always stay true to your basic knowledge. And also, as many friends have said to me: “When you assume, you make an ‘ass’ out of 'u’ and 'me’”.
I hope this post saves a few people’s hours from their own ignorance.
For my first post, I will show everyone the poorly designed, premium anime streaming website: funimation.com
Background
I’m an avid anime viewer and a subscriber to crunchyroll.com. I dislike, nay hate, watching anime on sketchy and illegal anime websites. However, there are a handful of series on my to-watch list that are not available on crunchyroll (i.e. Steins Gate, Railgun, etc.). I’ve known about funimation’s own anime streaming site, however I’ve been dreading to subscribe to another anime streaming service. But, I finally decided to sign up for the 2 week free trial.
TLDR;
I use crunchyroll, but it’s missing some animes that I want to watch, so I tried funimation.
The Process
The first video I watched, I had chrome dev tools open on that tab. I notice it just uses Apple’s HLS streaming format.
Looking at the source code, I can see that the url to the playlist is pretty much just appended to the end of the body in var playersData
I immediately open an incognito window, and of course, it’s only there when you’re signed in.
On to the next video, I notice that the hls url have the same format as before! Something like:
{series_code}{language}{episode_number}-480-{bitrate}.mp4.m3u8?{auth_code}
Update: I’ve been notified that I can actually give a mobile user agent and the urls will be an mp4 file instead of an HLS
{series_code}{language}{episode_number}
The this part was fairly easy to find. In the source, it’s known as the FUNImationID. It’s literally on every page with a video, regardless of whether or not you are signed in.
{auth_code}
Just like the FUNImationID, this code, known as the authToken, is on every page with a video regardless of whether or not you are signed in.
{bitrate}
This was not as easy as the other two, but still pretty damn easy. For each video, they have a param for sdUrl, hdUrl, hd1080Url. Anyone can see that the bitrates for them are [750K and 1500K], [2000K and 2500K], and 4000K respectively. If a video wasn’t available in one of those qualities, it’d just be left blank.
Worst of all, the HLS url isn’t protected, besides the authToken in any logical way! I can just open an incognito tab and download it and it wouldn’t even ask for any credtials!
The videos are hosted on edgecastcdn which I think is a verizon service?
The Program
Fast forward a day or so, I was able to lookup series and episodes, and I even wrote a cli program to to easily download videos in full quality.
You can download it here and view the source here!
The version currently released (v1.1.1) will not allow you to download videos you can’t access normally, however it’s not too difficult to edit the code to allow it.