System Administration

Critical Dell BMC Firmware Update

by

If you’re running a Dell PowerEdge 1900, 1950, 2900, 2950, 2970, 6950, R300, T300, R605, R805, or R905 there are urgent & critical security updates that have been released by Dell on October 15, 2012. Similarly, there’s an urgent update to the Dell-supplied ESXi 4.0 U4 software. Dell describes the fixes as “Critical Security Update –Urgent BMC Release.” To me that says Dell fixed something that’s remotely exploitable and doesn’t want to say what it was out of fear of tipping off troublemakers. I always like to know what the problem is, figuring that the bad guys probably already know, and it helps me determine my priority for the fix. Moral of the story is that if your older Dell server …

Read More

I Heart Wikis

by

Raymond Chen, of Microsoft fame, has a great blog post entitled “If there’s a problem with a wiki, then you can fix it; that’s why it’s a wiki.” One paragraph stood out to me: “In other words, if you see something wrong, fix it yourself. Don’t just stand around saying somebody should do something. Be someone. Because on a wiki, there is no default value for somebody.” We’ve been using Atlassian’s Confluence as a wiki at work for ages, and love it[0]. They have a starter program where most of their software is $10 for 10 users. If your team is small and you’re not already using a wiki this is a great way to go. For $30 you get …

Read More

On Using Alternate Ports for SSH

by

There’s a post I read the other day that’s really been stuck in my craw (link is below). It was about the effects of moving SSH to an alternate port. The post starts out like this: Best practices state that you should run ssh on an non-standard port. Unfortunately some programs use port 22 by default and it isn’t obvious what the switch is to change this port. First, whose best practices say this? Some self-appointed security expert on the web? I ask because this sort of activity is known as “security through obscurity” and isn’t regarded well as a security tactic. The Wikipedia article on security through obscurity has a section called “Arguments For” which reads more like an …

Read More

Statseeker

by

I was fortunate have been invited to Gestalt IT’s Network Field Day 4. I’m a systems guy so it seems odd that I’d go to a networking event, but as silos in IT fall and virtualization wants to do everything in software there’s quite a lot for a guy like me to contribute. Even if it’s just to add a different point of view to some of the network-centric discussions with vendors. Anyhow, one of the vendors we spoke with was Statseeker. They make statistics gathering software for network equipment. You might be inclined to think that network performance monitoring is a pretty dull topic, and you may have noticed that I usually don’t write specifically about products here. The …

Read More

Statistics Rollups Are Evil

by

It’s pretty common for statistics-gathering software, like MRTG, Cacti, VMware vCenter, etc. to roll statistics up over time by averaging them. This helps save space, as well as cut down on the processing needed to look at & graph the data. The problem is that the process is lossy. These systems save disk, memory, and CPU by averaging the data over longer and longer time periods. Those averages remove spikes and make the data less and less representative of what actually happened on your system or network. It also makes it damn near useless for planning and troubleshooting. Let’s start with an example I drew up in Excel to simulate something like vCenter recording an application server’s CPU load every …

Read More

Should You Install Development Tools on Production Hosts?

by

Every once in a while I get sucked back into the age-old system administrator religious argument: should you install development tools on a production host? There are basically two schools of thought: Yes, if you need them. Despite the production nature of the host there are times where you might want to build software, perhaps something like the VMware Tools kernel modules on a Linux server, and having them helps a lot. They don’t take up much space and it’s nice to keep all your hosts identical. No, absolutely not. “Development” tools should only be on hosts that are for “development.” Build a software lifecycle management system to move everything from development to test to production. The presence of compilers …

Read More

How I Stopped Worrying And Learned To Automate

by

My wife and I had a daughter, almost two months ago now. Going into it, I completely underestimated how single-tasking kids are. My grand plans of blogging (at all) and writing and doing all sorts of big cool things while I had time off were suborned by a lot of seemingly simple tasks. Feed her. Feed myself. Change her diaper. Rock her. Clean up the house. Try to get some sleep. As a result, the only big thing I’ve been able to do is read a couple of novels, a few pages at a time. Well, that and keep a kid and a wife healthy and relatively happy. I see a lot of parallels between my last two months and …

Read More

Upcoming Virtualization & Sysadmin Events in Wisconsin

by

There are a number of virtualization & sysadmin events coming up in Wisconsin in the next two months. Here are the ones that I know of, if you know of more please comment and I’ll add them. Madison’s first ever #vBeers is Thursday, April 26, 2012 at the UW-Madison Memorial Union. I’m putting it together, if you’re in the area please stop by. It’s supposed to be in the upper 50° F range outside so we’ll probably be inside in the Rathskeller. No signup needed. Please come and keep me company. Stephen Foskett is setting up Milwaukee’s first #vBeers for May 1, 2012, at the Miller Time Pub, 7 to 10 PM. You can sign up via Eventbrite. So far …

Read More

Technical Debt

by

This week I’m paying off technical debt. If you’re not familiar with the term it’s from the world of software developers, and Martin Fowler describes it better than I would: Technical Debt is a wonderful metaphor developed by Ward Cunningham to help us think about this problem. In this metaphor, doing things the quick and dirty way sets us up with a technical debt, which is similar to a financial debt. Like a financial debt, the technical debt incurs interest payments, which come in the form of the extra effort that we have to do in future development because of the quick and dirty design choice. We can choose to continue paying the interest, or we can pay down the …

Read More

Backing Myself Up Using CrashPlan, TrueCrypt, and Hamachi

by

For a long while now I’ve been looking for a decent & automatic way to protect the data on the multitude of computers I support in my personal life. I’ve been using a hodgepodge of external disks and synchronization software to keep a spare copy of my data, photos, and media, but with the impending birth of my daughter I figure I’m not going to have time or the willingness to mess around with kludgy solutions anymore. I also don’t want to run the risk of data loss when it comes to things my relatives would judge me on. “What do you mean you don’t have the video of her <doing some activity>?” I stumbled upon CrashPlan a few weeks …

Read More

+ More Posts +