System Administration Archives

One Workload Per Virtual Machine

December 2, 2013 by Bob Plankers

This is post #2 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” Back when the computing world was built on bare metal we often tried to squeeze more than one workload on a physical machine. We did this to save money. Servers are expensive so we wanted to make the most of each one. What we didn’t account for was how complicated things could get. Applications fought with each other over system libraries and DLLs. Security was complicated. And, most relevant to this series, performance tuning became this multivariate dance involving resource limits and other arcane system witchcraft. In the end we saved a little money on …

For The Best Performance Use a Recent Operating System and a Recent Hypervisor

December 1, 2013 by Bob Plankers

This is post #1 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” Just like in construction, performance tuning is most effective when you have a good foundation. If the underpinnings of your efforts are weak you won’t be able to build a skyscraper, just a small office building. While that’s still better than nothing, there is often a lot to be gained by using the newest versions of your OS & hypervisor of choice. Some quick examples: Windows Server 2012 R2 added Virtual Receive-side Scaling, which allows the load from network traffic to be processed by multiple virtual CPUs. VMware vSphere 5.5 added support for latency-sensitive VMs, …

Linux VM Performance Tuning, Take 3

December 1, 2013 by Bob Plankers

A couple years ago I started rewriting my venerable Linux VM Tuning Guide, as a series of posts throughout the month of December inspired by Sysadvent (which is running again, and always has good stuff). I called it “Tuningmas” like Christmas. Yeah, corny, I know, but hey. I got about three posts out, then some life stuff happened, and the rest of my draft posts never made it out. 2011 was a year of tremendous highs and tremendous lows. 2012 was a blur, and 2013 has been, uh, sporty, too, but things are settling down. So I’m trying again. I’m not much of a revisionist blogger but the new series will deprecate all my old work, so I’ll likely go …

Troubleshooting Puppet PostgreSQL Locale Mismatches

September 25, 2013 by Bob Plankers

I’ve been doing some work lately with VMware Hyperic Server and Puppet, and I’ve been having issues where the Puppet Labs PostgreSQL module refuses to create a PostgreSQL database for me. I try to call it with: class { ‘postgresql’: charset => ‘UTF8’, }-> class { ‘postgresql::server’: config_hash => { ‘listen_addresses’ => ‘127.0.0.1’, ‘manage_redhat_firewall’ => true, ‘postgres_password’ => ‘goatsaresupercool’, }, require => Mount[‘/var/lib/pgsql’], } postgresql::db { ‘HQ’: user => ‘hyperic’, password => ‘sheeparecooltoo’, require => Class[‘postgresql::server’], } …and it throws this error into Puppet’s output: Error: /usr/bin/initdb –encoding ‘UTF8’ –pgdata ‘/var/lib/pgsql/data’ returned 1 instead of one of [0] “No problem,” I said. Since Puppet is kind enough to give me the command it’s trying I switched to the postgres user …

SELinux & Return On Time Invested

May 7, 2013 by Bob Plankers

I’m a little behind on my reading, but I wanted to address Major Hayden’s blog posts about disabling Security-Enhanced Linux, or SELinux, which brings mandatory access control to Linux. Mandatory access control is a completely different permission model for UNIX-based hosts, and Mr. Hayden feels it is underutilized: After many discussions with fellow Linux users, I’ve come to realize that most seem to disable SELinux rather than understand why it’s denying access. In an effort to turn the tide, I’ve created a new site as a public service to SELinux cowards everywhere: stopdisablingselinux.com. It’s pretty rare for me to argue against a security technology but in my eyes SELinux isn’t a solution to very many problems. I know how SELinux works, what …

VMware vCenter Server Appliance & NTP

April 2, 2013 by Bob Plankers

If you’re trying to configure NTP on the VMware vCenter Server Appliance (vCSA) 5.1 builds 799730, 880472, or 947940 according to the official documentation you might be seeing what I’m seeing: vcenter:~ # yast2 ntp-client add server=0.us.pool.ntp.org Error: Cannot update the dynamic configuration policy. vcenter:~ # yast2 ntp-client enable Error: Cannot update the dynamic configuration policy. This appears to be a SuSE bug. Seems serious but it isn’t, the commands actually do complete correctly. If you want to check the work just use the command: cat /etc/ntp.conf to check for lines starting with “server” near the bottom. /sbin/chkconfig ntp on will enable the service at boot, and /etc/rc.d/ntp start will start it immediately if it isn’t started. /usr/sbin/ntpq -p will …

Preparing Linux Template VMs

March 26, 2013 by Bob Plankers

Dan over at Bashing Linux has a good post on what he does to prep his template VMs for use with Puppet. He’s inspired me to share how I prepare my Linux VMs to become a template. He’s got a few steps I don’t have, mainly to prep for Puppet, and I have a few steps he doesn’t have. One big difference is that I don’t prepare my template images for a particular configuration management system, but instead bootstrap them once they’re deployed. Why? I use my templates for a variety of things, and sometimes the people who end up with the VMs don’t want my management systems on them. It also means I have to handle some of what …

Uptime Is Not Something To Be Revered

March 14, 2013 by Bob Plankers

Slashdot has a link to a tribute video to a Sun that was up continuously for 3737 days. That’s 10.23 years. It’s like a sequoia tree seeing the passage of civilization around it: My thoughts on this: The data center and infrastructure powering this machine was built in such a way as to keep this thing powered continuously for 10 years. Whoever built and ran that infrastructure was doing a good job. It’s a generalization but I bet there are very few cloud providers that can boast anything like that. That version of Sun Solaris is reliable enough to keep operating for years without disruption. Most OSes are, by the way, even Microsoft Windows. That particular hardware is reliable enough …

Last Chance: 2013 Top VMware & Virtualization Blog Voting

March 1, 2013 by Bob Plankers

It’s getting to be the end of the week, and voting closes on the 2013 Top VMware & Virtualization Blogs tonight at midnight. Why don’t you take a moment to go over there and vote? I’d be honored if you’d vote for me, but happy if you just went and showed appreciation for all the hard work the virtualization blogger community does to provide lots of free information to the IT world. You can spend a minute saying thank you, right? 🙂

Make Your Blog Easy To Subscribe To

February 28, 2013 by Bob Plankers

A quick hint: if you want people to read your writings on a regular basis make the link to your RSS or Atom feed dead simple to find. Somewhere that doesn’t require the user to scroll to see, uses the well known, industry-standard RSS icon that is freely available, and has the word “feed” in the link. I run into this problem often, especially with blogs hosted on Blogger or Blogspot and overly fancy WordPress themes that emphasize good looks (and mouseover events) instead of usability. For example, I just was reading a post from a blogger who has a really nice personal website, with a blog integrated into it. There’s absolutely no link to the feed anywhere. I searched the page …

+ More Posts +