chef Archives

The Best OS Installation Is Minimal

December 4, 2013 by Bob Plankers

This is post #4 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” In this day & age of virtualization and clouds the best choice for an OS installation, be it a virtual machine template or a physical machine, is a minimal install. From there you can use a configuration management tool like Chef or Puppet to add exactly the packages you need for the host to perform its functions. Doing a minimal install has several advantages: A minimal installation doesn’t install a lot of content that will just sit there and consume disk space. As a result your template VMs will be really small, which leads to fast provisioning …

Minimal Kickstart File for Red Hat Enterprise Linux 6, CentOS 6, Oracle Linux 6 Virtual Machines

December 4, 2013 by Bob Plankers

This is a helper post in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” Here’s a minimal kickstart file for a virtual machine installation of RHEL 6, CentOS 6, or Oracle Linux 6. I use this in conjunction with tools like Puppet and Chef to do the rest of my system configuration. I provision 30 GB thin-provisioned disks to each VM, leaving the rest of it unallocated until needed. While this leads to a disk overcommitment situation that’s manageable, and a tradeoff to ensure more standardization and ease of administration & automation. I remove a number of packages that we don’t necessarily need on a virtual machine, either …

Performance Tuning and Configuration Management Go Hand In Hand

December 3, 2013 by Bob Plankers

This is post #3 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” I’ve really become a fan of configuration management tools like Chef and Puppet. Those types of tools help keep my systems in sync, help enforce standards I set for my systems, and help me rapidly deploy new systems that look exactly like my existing systems. When I’m doing performance testing & tuning these aspects are helpful. It’s easy to deploy a new virtual machine that looks exactly like the production VMs you have. Tuning is all about making a lot of little changes and seeing what they do, so by building test systems from the …

SELinux & Return On Time Invested

May 7, 2013 by Bob Plankers

I’m a little behind on my reading, but I wanted to address Major Hayden’s blog posts about disabling Security-Enhanced Linux, or SELinux, which brings mandatory access control to Linux. Mandatory access control is a completely different permission model for UNIX-based hosts, and Mr. Hayden feels it is underutilized: After many discussions with fellow Linux users, I’ve come to realize that most seem to disable SELinux rather than understand why it’s denying access. In an effort to turn the tide, I’ve created a new site as a public service to SELinux cowards everywhere: stopdisablingselinux.com. It’s pretty rare for me to argue against a security technology but in my eyes SELinux isn’t a solution to very many problems. I know how SELinux works, what …

System Administration/DevOps/Cloud and Developer Positions Open @ UW – Madison

February 26, 2013 by Bob Plankers

If you’ve ever thought about working with the people & organization who basically eliminated rickets by discovering how to boost and synthesize vitamin D, who took a bunch of spoiled sweet clover hay and turned it into the most popular blood thinner ever (and the most popular rat poison ever, ha!), or who isolated human embryonic stem cells so that research could happen without destroying embryos in the process, here’s your chance. The Morgridge Institute for Research on the University of Wisconsin – Madison campus is looking to hire: two build & test workflow system developers, one database developer, one software security specialist, and two system administrators, among some other positions, as part of the Software Assurance Marketplace, or SWAMP. …

Should You Install Development Tools on Production Hosts?

August 1, 2012 by Bob Plankers

Every once in a while I get sucked back into the age-old system administrator religious argument: should you install development tools on a production host? There are basically two schools of thought: Yes, if you need them. Despite the production nature of the host there are times where you might want to build software, perhaps something like the VMware Tools kernel modules on a Linux server, and having them helps a lot. They don’t take up much space and it’s nice to keep all your hosts identical. No, absolutely not. “Development” tools should only be on hosts that are for “development.” Build a software lifecycle management system to move everything from development to test to production. The presence of compilers …