What is ArchiMate?​

I recently completed my Enterprise Architecture certification from UofT, and one of the topics that fascinated me was modeling business, application, and technology architectures. Large enterprises use a modeling language called ArchiMate to describe their operations in a unified way.

To me, ArchiMate's most exciting feature is its ability to provide a common language and semantics for representing an organization's architecture. This standardization allows

Why Build a Family Tree?​

Recently, I had the rare opportunity to spend extended time with my parents—something I hadn't done in over

But first, what does the S stand for?​

The S stands for Secure in HTTPS. The full acronym decoded is a mouthful (though nothing like SHIELD 🤣). HTTPS stands for Hyper Text Transfer Protocol Secure.

Why do we need SSL Certificates?​

An SSL certificate, from here on referred to as TLS certificates, allow us to provide the following.

Confidentiality​

All communications are encrypted between the website and the user's browser.

Authentication​

The certificate assures users that they are connecting to the intended server and not an imposter.

Integrity​

It ensures that the data exchanged has not been altered during transmission.

Okay, but how does this work in practice?​

Now that we know what the S provides to an HTTP connection let's discuss a few concepts around how trust is established (the website IS indeed who they say they are).

Certificate validation​

Note: Most of the images are clickable to activate animations.

When you visit aqueeb.com, the first thing your browser does, is check to see if the certificate that aqueeb.com is presenting to your browser, is valid or not. One of the ways that this validation happens is by checking:

I recently went on a 3 day adventure canoe camping and portaging through West Algonquin. It was an experience unlike any other. Just documenting it here for lessons learnt (and to answer all the questions I've been getting about it from friends and family).

Full disclosure: MOST of the planning and research was done by Nik, a buddy of mine. I'm taking credit for A LOT here. But documenting it here nevertheless since it is helpful for future me and others.

A lot of planning went into this. I'm a complete novice (this is my first time canoe camping and second time backpacking) so take everything I put down

If you're just interested in the solution, scroll down to the TLDR.

I was recently helping out a friend do some networking labs (something I did on a regular basis almost 15 years ago using Dynamips and a whole bunch of text files). So I started delving into current solutions and man oh man, have things evolved.

We now have access to a product called EVE-NG. According to their website, it is "...The Emulated Virtual Environment For Network, Security and DevOps Professionals"

What EVE-NG allows us to do is to have a full framework for managing emulated (think running Cisco IOS images) and virtual (think running Check Point in a VM) devices.

I've only just started to scratch the surface but already I can see that, at the very least, this is Dynamips on steroids 🔥

But rarely do things go smoothly. After following some instructions on how to get the Check Point image going in EVE-NG, I managed to get it up and running.

But no matter what I did, I could not connect to the Check Point Gateway's (CPGW) web interface from my Windows 11 browser nor could I ping the IP address (see Fig. 1).

Oddly, though, I could ping the ip from the EVE-NG virtual machine (see Fig. 2).

The problem​

As an enterprise architect, I see a lot of solution architectures. A common theme is that application teams have been told to modernize their applications with, sometimes, clear direction as to what modernizing means (use microservices!).

And this leads to all sorts of unwanted behaviours and wrong architectural decisions (we'll just take our app, shove it in a container but still use persistent storage mount points in the container as an example of a wrong architectural decision. There are exceptions of course, but generally, your containers should not be coupled tightly to a particular node pool just because of how the SAN storage is configured).

What I've been harping on about, is that, there is no one architecture pattern that fits all. And there are credible folks online saying the same. In fact, I'm going to quote Werner Vogels (AWS's CTO) from this article.

"However, I want to reiterate, that there is not one architectural pattern to rule them all. How you choose to develop, deploy, and manage services will always be driven by the product you’re designing, the skillset of the team building it, and the experience you want to deliver to customers (and of course things like cost, speed, and resiliency). For example, a startup with five engineers may choose a monolithic architecture because it is easier to deploy and doesn’t require their small team to learn multiple programming languages. Their needs are fundamentally different than an enterprise with dozens of engineering teams, each managing an individual subservice. And that’s okay. It’s about choosing the right tools for the job."

Why​

I've done a fair amount of work using Infrastructure as Code (IaC) tools (not to be confused with Chef/Puppet which are Config Management tools) using AWS's Cloudformation, Terraform, and GCP's Deployment Manager. Azure's implementation of IaC using Azure Resource Manager (ARM) wasn't very popular and I never had the need for it (used Terraform for Azure's resources).

But what is apparent as you work through deploying infrastructure is that you need a workflow orchestration tool for managing complex scenarios. I've used Jenkins, I've used CircleCI, I've used GitHub Actions, and they all get the job done. But what really caught my interest with Temporal is that I no longer have to worry about protecting my workflow orchestration tools from transient failures (at least that's the Temporal claim).

Another advantage that I foresee of integrating Pulumi and Temporal is that both platforms provide a

In search of a better shell experience in PowerShell. Something akin to the Oh My Zsh and Powerlevel10k zsh theme goodness

I've worn many hats throughout my career. Starting from fixing desktops and laptops,

• to running and managing a computer store,
• to running my own IT consulting firm that specialized in managing small call centers and providing VOIP services,
• being a networking engineer, managing Cisco switches, routers, and firewalls,
• being a service desk lead, making sure the service desk ran as efficiently as possible,
• being a DevOps engineer at Oracle, working on reducing the massive build times for one of their popular products,
• being a public cloud consultant for financial services, building out landing zone architectures, creating platform/application IaC pipelines and doing application migrations
• and my current job being an enterprise architect for a bank, I've had broad exposure to different tech.

I've always been a tinkerer, from being on #MP3Cafe on Undernet (early IRC days) to having a small k3s cluster at home to run