The ins and outs of Yvo’s life.
July 3rd, 2008 Yvo
So 18 months ago I deployed Zabbix at McGraw-Hill. Now I am doing exactly the same, only with a bit more hardware at Classmates.com
The setup.
Run Zabbix 1.5.3 in all 3 environments. Don’t customize so we can upgrade to 1.6 when that’s released in Q4 08.
Web / zabbix_serverd process server
1 for each environment (corp, prod, va). Machines are HL DL385 with an exception in VA where is a DL365. They are Opterons with RAID 1+0 and about 8gb of ram with dual nics connected to 1gbit ports. The work load isn’t here, its just the messenger. Runs RHEL 4.6.
Database server
3x Sun Fire T2000 servers, one for each environment. Running Solaris 10 05/08 and an source compiled optimized coolthreads build of MySQL 5.0.51b. Specs are 16 core Ultrasparc T1 procs with 8GB of ram again. Chuck Goolsbee would love these servers due to the amount of lower power they use but yet are so very functional These make perfect MySQL database servers. With about 200-300 hosts doing about 20-30 checks per host in each environment, they’ll need it too.
All three are in a distributed monitoring environment, where two child/slaves report back to the parent/master node. The big kahuna node will be in my corp environment with the child/slaves reporting back; similar to how our BI dept collects data.
Rolled out zabbix agent installation via cfengine packaged in a RPM for our RHEL4 based installations and added auto discovery rules as such in Zabbix. With 10 minutes I had an entire environment reporting various items back to the server. Unfortunately the configuration of server wasn’t this quick :-).
Things left over to do:
- The T2000s come with two filler trays for two more SAS drives. Plan to get 2x 146gb 10K SAS drives and run a ZFS pool on them for the MySQL db.
- Perform nightly db dumps to each environment’s Sun Fire X4500, Sun’s not so eco friendly 48TB disk drive monster.
Observations
-With corp completely done. The load on the mysql database server is about 7.x-8.x, thus there is still a full 50% left for expansion.
-Database is growing at a rate of 100MB a day, in part because historical data takes up a ton of space. This should slow down to a crawl on day 90 when it takes trending data (about 10% the size of history data) until day 180. The total DB size I am guess will be around 10-12GB.
Posted in tech related, work related | No Comments »
April 14th, 2008 Yvo
So with a certain fruit company announcing Exchange support for their one button phone 5-6 weeks ago, I signed up my department and we got approved even though I sponsored myself on everything (corporate didn’t and they did all the proper sponserships, heheheh. I guess the fruit company still likes the rule breakers :-)).
I can’t talk about it specifically because I can’t talk about it so it. However so far so good but it definitely is *beta* software. Some quirks like it wiping out your existing contacts when you enable the exchange calendar and contact sync (the calendar sync works great… the contact sync it self not so much). However the ability to get your email and acknowledge pages without opening up your laptop is fantastic. Once I disabled contact sync and forced sync my contacts back over I was good to go.
Haven’t tried the Cisco VPN yet, have to find my profile file to load that one.
All we need now is landscape SMS and MMS support :-).
Posted in life, tech related, work related | No Comments »
March 7th, 2008 Yvo
It wasn’t too long ago (2 years) where somehow it was required to be in front of a machine if it were to go down (as in it was no longer accessible via the OS) or needed an OS installed. Thankfully the most of the servers I work with now have remote capability like HP’s ILO which has a ‘virtual serial port’ interface or sun’s console access (ok prompt / ilom). It is how my colleagues and I can administer servers 3000 miles away or when we don’t feel like hanging out in the office we can do it from home. Like me tonight finishing up a kickstart (which also simply rules) and configuration.
Now if only we could remotely replace physical hardware without paying $150 per hour for a tech to do it.
Posted in tech related, work related | No Comments »
October 29th, 2007 Yvo
By default Debian’s netatalk package does not come with encryption support (hence why you get a warning message in OS X 10.3 & 10.4 regarding the sending of cleartext passwords). Leopard deeply cares about encryption and doesn’t even allow non-encrypted password.
There are a lot of guides available on the internet, attached is a i386 binary (sorry x86_64 folks) that has encryption support build in.
A stern warning:
My deb package does NOT include printing support through Appletalk. There seems to be a library problem. Either one must disable encryption support in the binary to allow printing or the other way around. So if you were using Appletalk and using your Debian box as a print server, this will not work with this deb package. Furthermore I have no responsibility and no liability when it comes to what the altered software package does to your computer so use at your own risk!
You need the following libararies installed in order for this to work peachy:
libdb4.2
cracklib2
cracklib-runtime
libssl0.9.8
libpam-modules
libauthen-pam-perl
libpam0g
libslp
libwrap0
Other requirements:
-A good sense of Debian understanding if something does go wrong
-Debian 4.0
-libc6 2.6+ (find out by doing ‘dpkg -l | grep libc6′)
Step 1
paste in (no quotes):
‘aptitude install libdb4.2 cracklib2 cracklib-runtime libssl0.9.8 libpam-modules libauthen-pam-perl libpam0g libslp libwrap0′
Step 2
Download my .deb package on your debian machine:
‘cd /tmp; wget http://www.disgruntled-dutch.com/media/misc/netatalk_2.0.3-4_i386.deb’
(linked here)
Step 3
Install deb package.
‘cd /tmp; dpkg -i netatalk_2.0.3-4_i386.deb’
Step 4
Tell aptitude / apt-get to not upgrade netatalk.
‘aptitude hold netatalk’
Step 5
Your done!
Posted in general, tech tips | 6 Comments »
October 26th, 2007 Yvo
I upgraded to Leopard a day early, but in that day I have already found a new feature that required a change on my Linux server to make everything work peachy.
Leopard’s new Finder now lists computers under the “Shared” section on the left hand panel. This is pretty snazzy. Not only can you manually mount a server via Apple + K (Connect to server), all local servers show up here. However it seems that if your Mac and/or Linux based machine doesn’t have some sort of zeroconf (aka Bonjour) service advertising AFP, then it shows up as a Samba (aka PC Server) under Shared.
Assumption:
I assume you have netatalk configured correctly, as in your rebuild it correctly with dhx support (not by default in Debian). . You can read more about that here.
So under Debian the fix is as follows:
1. sudo su - or su -
2. aptitude install avahi-daemon
3. echo “- -noddp -uamlist uams_randnum.so,uams_dhx.so” > /etc/netatalk/afpd.conf
4. vi /etc/nsswitch
change your hosts line to be like this:
hosts: files dns mdns4
5. paste in (no quotes):
‘cd /etc/avahi/services; wget http://www.disgruntled-dutch.com/media/afpd.service’
6. /etc/init.d/netatalk restart && /etc/init.d/avahi-daemon restart && tail -n70 /var/log/syslog
Check if it started up like for example:
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [last]
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [cdb]
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [dbd]
Oct 26 11:03:42 thenas afpd[26279]: Loading ConfigFile
Oct 26 11:03:42 thenas afpd[26279]: main: atp_open: Cannot assign requested address
Oct 26 11:03:42 thenas afpd[26279]: dsi_tcp: hostname ‘thenas’ resolves to loopback address
Oct 26 11:03:42 thenas afpd[26279]: dsi_tcp: ‘192.168.1.250′ on interface ‘eth1′ will be used instead.
Oct 26 11:03:42 thenas afpd[26279]: ASIP started on 192.168.1.250:548(5) (2.0.3)
Oct 26 11:03:42 thenas afpd[26279]: Sucessfully registered afp://192.168.1.250/?NAME=thenas&ZONE= with SRVLOC
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_dhx.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_dhx.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_guest.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_guest.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_clrtxt.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_clrtxt.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_passwd.so)
Oct 26 11:03:42 thenas afpd[26279]: uam_load(uams_passwd.so): mod_symbol error for symbol uams_passwd
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_passwd.so load failure
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_gss.so)
Oct 26 11:03:42 thenas avahi-daemon[26246]: Got SIGTERM, quitting.
Oct 26 11:03:42 thenas avahi-daemon[26246]: Leaving mDNS multicast group on interface eth1.IPv4 with address 192.168.1.250.
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_gss.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: “Client Krb v2″ available
Oct 26 11:03:42 thenas afpd[26279]: uam: “Cleartxt Passwrd” available
Oct 26 11:03:42 thenas afpd[26279]: uam: “No User Authent” available
Oct 26 11:03:42 thenas afpd[26279]: uam: “DHCAST128″ available
Oct 26 11:03:42 thenas afpd[26279]: main: dsi_init: Address already in use
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_randnum.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_randnum.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_dhx.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_dhx.so loaded
Oct 26 11:03:42 thenas afpd[26279]: Finished parsing Config File
Oct 26 11:03:42 thenas avahi-daemon[26290]: Found user ‘avahi’ (UID 107) and group ‘avahi’ (GID 106).
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully dropped root privileges.
Oct 26 11:03:42 thenas avahi-daemon[26290]: avahi-daemon 0.6.21 starting up.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully called chroot().
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully dropped remaining capabilities.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Loading service file /services/afpd.service.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Joining mDNS multicast group on interface eth1.IPv4 with address 192.168.1.250.
Oct 26 11:03:42 thenas avahi-daemon[26290]: New relevant interface eth1.IPv4 for mDNS.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Network interface enumeration completed.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering new address record for fe80::213:d4ff:fe0a:2da8 on eth1.*.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering new address record for 192.168.1.250 on eth1.IPv4.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering HINFO record with values ‘I686′/’LINUX’.
Oct 26 11:03:43 thenas avahi-daemon[26290]: Server startup complete. Host name is thenas.local. Local service cookie is 962578462.
Oct 26 11:03:44 thenas avahi-daemon[26290]: Service “thenas” (/services/afpd.service) successfully established.
You are good to go!
EDIT: Had to escape the XML code.
EDIT2: added a ‘wget step’ due to mangled XML code on this blog.
Posted in general, tech tips | 7 Comments »
October 1st, 2007 Yvo
Well I did something this weekend that I haven’t done in almost 4 years…. and that is build a computer. It all started last week when a colleague at work offered an incredible deal on 4x 500GB enterprise class hard drives for only $120. It was the kind of don’t ask where they came from type offer. My plan: to use an old computer in my closet and get FreeNAS installed. On Thursday night I bought a PCI based SATA controller at Fry’s with 2 ports on it as the motherboard already had two and this is where my crazyness started. The cheapo card would bring FreeNAS, a FreeBSD based NAS solution, to a screeching halt. At this point I had 3 options:
1. Get SATA to PATA converters so two of my drives are seen as PATA drives ($50)
2. Attempt to find a decent PCI 32bit / 33Mhz card ($180)
3. Use my current PC as NAS and build a new computer as its 4 years old and needs replacing ($500)
You can only imagine what I did. I chose #3. My PC was getting 4 years old and I definitely noticed when I tried to play the first computer game in a year about 3 months ago on it (Command & Conquer 3). Not a good thing for a computer nerd. Plus the idea is that this PC will last me at least another 4 years. I thought the craziness ended there until I went to Costco and saw a Samsung 216BW on display for $259.99. Somehow that ended up in my giant cart.
Thank god Christmas is still 2 months away so I can recover from this :-).
Posted in life, tech related | No Comments »
July 31st, 2007 Yvo
I jumped on the iPhone band wagon thanks to Cam. Apple gave her a free iPhone and she gave it to me with the promise that I’ll cover some of her laptop that she is planning to buy in the next 6 months. I think thats a fair trade.
So now I’m looking forward (sarcasm) to two giant bills, one from Sprint for cancelling and another from Cing… err at&t for joining.
The phone itself is great, yet lacks a few features that I hope they will add over the next few months. I mean if they are trying to combine three devices into one, at least do a job… right? The phone app is remarkably stable, but Safari and the iPod app… they need some tweakin’.
Posted in life, tech related | No Comments »
April 12th, 2007 Yvo
Ok I am being sarcastic. Is it really that much of a surprise. People that have been loading Leopard development releases have said that there is no way Apple was going to get this out of the door in Spring 07. All that was missing was the official word, which is no longer missing. Apple, at one point, released a new OS X almost 12-18 months apart. We are now heading into month 23 and if it is coming out in October, it will be 29 months after Tiger (May 10th, 2005… oh how time flies).
Ref: http://www.apple.com/hotnews/
Posted in tech related | No Comments »
April 3rd, 2007 Yvo
Well what came as a shock to me yesterday, EMI (one of the big record labels) yesterday announced, with Apple’s CEO Steve Jobs, that Apple’s iTunes Store will be the first store in May of this year to sell songs and albums without DRM (thus allowing playback on MP3 player that can play an unsecured AAC file) and at double the quality (256kbps instead of 128kbps). All for 30 cents more. $0.99 for DRM, 128kbit music or $1.29 for DRM-less, 256kbps music. Oh and albums ($9.99) by EMI will remain the same price but will get these features as well. That is far cheaper then a CD purchased in the store. Lets not forget that a future upgrade to iTunes will allow those that have purchased EMI music in the past to upgrade their music for 30 cents a song.
I applaud EMI for taking this step. It definitely is a step in the right direction. Hopefully the consumer market will see this as well and soon another big player will take this step.
Posted in life, tech related | No Comments »
March 31st, 2007 Yvo
“Today we announce that we’re moving some of our servers to the North-Korean Embassy in Stockholm, Sweden.” Wait. What? Those crazy Swedes!
read more | digg story
All I have to say is… wow.
Wow as in… you gotta love April Fools 
It’d be scary if this were true, thats for sure.
Posted in digg.com, tech related | No Comments »
