I was hacking on a personal project over the weekend that I’m deploying using
Google’s Container-Optimized OS. Container-Optimized OS is quite convenient
for hosting small services that don’t quite fit a web request/response workload:
it is (mostly) stateless, it auto-updates, it has systemd, and (as the name
implies) it runs Docker containers. It is a nice fit for one-process programming.
For debugging, I want to SSH directly into the VM instance. Especially after
recently learning from a coworker how easy it is for blackhats to search the
public internet for known vulnerabilities, I don’t want to leave an SSH port
open continuously. Even with regular security updates, I’d rather avoid the
attack surface. In the past, I would modify my Google Cloud project’s firewall
temporarily to allow SSH traffic while debugging and then (hopefully) remove the
SSH traffic rule after I finished. This has been cumbersome, but there hasn’t
been another solution that’s quite as simple.
Enter Tailscale! Tailscale creates a peer-to-peer Virtual Private Network
(VPN) with very little fuss. While Container-Optimized OS is mostly designed
for running containers, I found I can run the Tailscale static binary
with a little kludging.
In April, I relaunched moviegolf.com, a website I’ve operated since 2009.
Since this is one of the flashier programs I’ve written and certainly one of
the longest-lasting, I wanted to recount its history. My style of programming
has definitely shifted in the intervening years.
It’s long overdue, but… moviegolf.com is back and better than ever! Give it a try!
A quick recap of this saga: moviegolf.com is a website I created in high school to find the optimal path between two movies based on shared actors. However, in the years since, it has bit-rotted significantly. At the time, I used Freebase, which Google acquired for use in the Knowledge Graph, but shut down in 2015. Since then, the site has limped on, forever stuck with an outdated set of movies. moviegolf.com was in a deep coma with an uncertain future.
My goal in doing a rewrite was twofold: I wanted to have a Go service running in production that I understood intimately and I wanted to make the service more self-sustaining. I made an unsuccessful attempt to do this about five years ago. At the time, I was discouraged by App Engine limitations and the difficulty of acquiring data. Luckily, the data from Freebase lives on in Wikidata with a much better data crawling story, but the file formats and API are totally different. Getting the data automatically required a total rewrite of my lousy ~10 year old data ingestion pipeline. I took the opportunity to rewrite the search algorithm, storage backend, and UI while I was in there. I did scrap some features for the sake of time, but nothing that I felt was critical for the experience. I wanted to focus on the core “golf” experience. From start to finish, this took a little over a month of weekends and evenings. I’m planning on doing a write-up of the salient technical details soon, but in short: GCP rocks and simple components make for robust services.