Metauser

Programming

June 15, 2010 Posted by mitch | programming, thoughts, web-development, work | 0 Comments

I've been stressed lately... about work and such... mostly because I'm a sysadmin/network admin as my day job atleast.... but... because I understand programming... and that I enjoy it on a very small scale... and I have my opinions on whats good and what isn't... I've somehow been given responsibilities of being a programmer? I'm supposed to write code to make the pieces of things I'm in charge of work... which... when its just me or even a few other guys that will be using said code... i'm ok with... but lately... Its been about me writing a web app for FTP.... managing FTP users in a database... which that part is done... and its fine... but really there needs to be a decent non standard SFTP server that can pull from the same database... and also needs the ability to do random one off transfers... so we don't need to fill the database up with thousands of user accounts that are used once and never touched again. Which again... all that... in and of itself isn't that big of a deal... only I really suck at front end work... I mean... look at this site? most of what is here... has been ripped from something else... I kinda picked the colors.... but even that was with some help... they layout... just search for CSS Layouts and find a three column blog style... and you'll probably find what I'm using... I'm not that good at front end work... so... I guess thats where my big hangup is... if I could get someone to write the frontends to my apps... and it wasn't costing me anything... i'd be all for it... need a yin to my yang so to speak... backend stuff I'm good at figuring out... making that look good.... HORRIBLE

NetXen Incorporated NX3031 Multifunction 1/10-Gigabit Server Adapter

November 18, 2009 Posted by mitch | work | 0 Comments

So, I installed my first 10GigE card the other week... for a high throughput NAS head for a digital printing company I contract for. For the last couple months I've been planning and preparing to swap out their entire network core with new Juniper equipment... I've installed a couple stacks of the Juniper EX4200 switches, and we even purchased a 10GigE module for a 300 meter fiber link on both ends of the building. As part of this... we thought we could improve their through put to the NAS server (CentOS 5.4 x86_64 with Samba and SAN disk, and RedHat Cluster Server) by trunking ports. As soon as I had two 1Gbit copper links trunked to these... the speed seemed to be cut in half with samba... SSH seemed to be very fast... some googling and I'm seeing reports that in a bonded nic senario, samba drops to half speed... but NFS and other protocols seem to be able to take advantage of it... Now... I'm sure an upgrade to samba would fix this... but I don't want to introduce new variables going into their busy season... So, we purchased a 10GbE card for the server so we wouldn't need to trunk it. Moved over to this server with the NetXen 10GbE card... pluged it into the Juniper Switch... the link works fine... we move the digital presses over to it and it works fine for a while... after a couple hours running, I start getting errors in the log: Nov 17 20:34:54 gondor kernel: NETDEV WATCHDOG: eth4: transmit timed out Nov 17 20:34:54 gondor kernel: netxen_nic eth4: transmit timeout, resetting. Nov 17 20:34:58 gondor kernel: NETDEV WATCHDOG: eth4: transmit timed out Nov 17 20:34:58 gondor kernel: netxen_nic eth4: transmit timeout, resetting. Did some googling, and I've found an article to turn off the tcp segmentation offload so I run: ethtool -K eth4 tso off and you can check it with: ethtool -k eth4 I will update this post if it makes any difference ---- UPDATE ---- Nov 30, 2009 3:55 PM MST ---- After looking around... HP wants to use a nx_nic driver instead of the netxen_nic driver that comes with CentOS/RedHat Enterprise by default. So, I've compiled the SRPM with my build box, and Installed it on the new server. Version 4.0.516. I then upgraded the firmware on the NIC to the same. I will do some more testing to see if this is the fix I require....

Juniper J-Series and EX Switches - LAG

August 23, 2009 Posted by mitch | juniper, work | 0 Comments

So, I ran into an issue that didn't seem to be really documented anywhere that I could find anyway.. and it has to deal with a LAG (Link Aggregation Group) between a J6350 (any J-Series would be similar) and a stack of EX4200T switches in the DMZ for a company I'm doing some consulting for. The J6350 has an additional uPIM of 8x1gige ports on it, and I had taken two of them and connected them to two interfaces on the EX switch. I had created three zones on the J6350, one for the Internet drop or Untrust, a second for the Core network or Trust zone, and the third being the DMZ zone. I setup policies permiting the Trust and DMZ zones to access the Untrust zone, and the trust zone is allowed to access the DMZ zone. The DMZ zone is routed on the J6350 for ease of managing access between the different VLANS. This is where the point of confusion came. Zones need the connecting interface added to their zone, and I had been thinking that adding the LAG interface (ae0.0) to the zone would work... It wasn't. Once I added the virtual vlan interfaces (vlan.100, vlan.101, vlan.103 and vlan.190) everything worked as it should.

Samba fileserver and Mac OS X Clients

February 19, 2009 Posted by mitch | open-source, work | 0 Comments

I ran into a slight issue today with OS X (Leopard), where it would ignore the file permissions forced by my samba file server... In order to maintain users and groups with the correct permissions, I have shares setup like: [share] comment = share Volume path = /srv/SHARE browseable = yes writeable = yes Valid Users =@DOMAIN+"Domain Users" create mask = 0660 force create mode = 0660 directory mask = 0770 force directory mode = 0770 force group =@DOMAIN+Domain Users hide files = /__TMP__/.DS_Store/lost+found/ so, I should get files that look like: -rw-rw---- 1 root root 0 Feb 19 15:07 test1 But the default umask on OS X is 022, so I would get files showing up like: -rw-r--r-- 1 root root 0 Feb 19 15:07 test2 On the above share... This would prevent other users from changing the files.... Turns out, Apple started pushing for more POSIX compliance and as a result their files would turn up with the permissions assigned to the file on the local system or with their default umask as its created. In a shared world... not always ideal, but I don't want to have to change the umask on all of the OSX clients.... found an option in samba that I added under the [global] section as follows: [global] ..... # Make OS X Leopard play nice with others unix extensions = off This fixed my problem.

Bacula with a Sony Storstation LIB-162

January 17, 2009 Posted by mitch | open-source, work | 0 Comments

I'm a computer systems consultant by profession... and I've come across the need to setup a backup system. I've used Bacula before, and I rather like it. I've used various different libraries with it, an MSL from HP and a StorVault from Dell, but this is my first time using a Storstation from Sony. I started setting it up, and I almost had it setup and a tried to start labeling the media... and I got this:

Sending label command for Volume "A0BJ3B" Slot 1 ... 3307 Issuing autochanger "unload slot 7, drive 0" command. 3304 Issuing autochanger "load slot 1, drive 0" command. 3992 Bad autochanger "load slot 1, drive 0": ERR=Child died from signal 15: Termination.

I was setting this up on an Ubuntu 8.04 LTS server and it all had gone well until this. Turns out the library is to slow and I had to make some modifications with the config. In the bacula-sd.conf and make the drive config look like this: (its counter intuitive I would think it should have been in the AutoChanger config... but its part of the Drive config. Device { Name = Drive-1 Drive Index = 0 Media Type = AIT-4 Archive Device = /dev/nst0 AutomaticMount = yes; AlwaysOpen = yes; RemovableMedia = yes; RandomAccess = no; AutoChanger = yes Maximum Changer Wait = 600 } The key is the Maximum Changer Wait. Default is 120 seconds... I tried 300 and that didn't work... but 600 is working for me. I thought I'd post it tho, because I didn't find anyone talking(in english) about this library with bacula...

loosing my drive

July 18, 2008 Posted by mitch | life, work | 0 Comments

I'm not sure what it is over the last couple months... but lately I don't really feel into my job. Not sure if its a result of them constantly ignoring what I say or what... All I know is that I normally would have been able to digest something I really wanted to learn, but I find myself unable to concentrate on django, and well anything else I want to learn. I'm not really sure if its because of work or school... and to be honest... either could be doing it. As I feel that both are ridiculous and neither really feel like they would reward creativity. Why is it that school (especially IT related) is worthless? Yet everyone requires it? If theres one thing I'm going to learn about me attending school... is that I will not make it a requirement for the people I hire to attend. As just showing an aptitude for learning on your own is self sufficient in my mind.

Gigabit Ethernet

April 3, 2008 Posted by mitch | technology, work | 0 Comments

I don't talk about work much on my blog, mostly because I don't feel like it is appropriate. However, there are things that I learn while at work that would be appropriate to write about. The purpose of this post is just such a situation. I currently work as a network system consultant and I've been doing work onsite for a company for the last 8 months or so. They move large files around, (they're a printing company) and have also put in a huge investment into gigabit ethernet equipment everywhere. However, most of their buildings are fairly old, and the last time they were cabled was around 1998. Most things are run with your standard Category 5 cable (not even Cat5e). Now the sharp person will know immediately that Cat5 is not supposed to run gigabit. Someone forgot to tell everyone else here, because they put the swithes in place and put gigabit ethernet on the desktops as well... and they negotiated at 1 gigabit.... so it should work right? Wrong! Gigabit ethernet is *very* sensitive to the type of cable being run over it, so much so, that technically you can run it over Cat5e, but if your really shooting for gigabit to the desktop, I wouldn't go less than Cat6 and making sure you do not run the cable closer than 3 feet from florescent light blasts, and keep it the same distance from all power runs as well. We had a situation in one of the buildings, that they've been fighting speed issues for months/years, and in no way did they think it was possible to get faster speeds out of Cat5 cable if I were to drop their speeds to 100Mbit full duplex. Instead of the 1Gbit it was currently negotiating at. Finally we got the ok to force everyone in the building down to 100 Full (actually the switches are HP Procurves, and they have an option to set ports to auto-100 which allows the port to negotiate between full and half duplex and speeds of 10 or 100Mbit, essentially leaving out the option for gigabit). And sure enough speed times increased 3 fold. Imagine that.

Cacti graphing for 1Gbit network interfaces

November 19, 2007 Posted by mitch | work | 0 Comments

At my current place of employement, gigabit is deployed everywhere. I'd rather not get into the details as to why it is, but it goes without saying that its not really needed *everywhere*. None the less, I had cacti up and graphing for a couple months, before I thought I'd really like to see cacti graph a fully utilized gigabit port. Well, it turns out that the default configuration of the ucd/net snmp network interface ports on cacti will not graph a gigabit port. It will appear to work, but seems to wrap around at about 120Mbit. The reason is, cacti by default uses 32bit counters for this setting. It has a drop down under the network interfaces when creating graphs on a device, to use 64-bit counters. This is required for gigabit ports (if you want to get a true representation for the graph). I will see if I can grab some screen shots of this when I get back to work. But overall, I love cacti and even after looking at similar tools, I much prefer cacti over anything else.

good time tracking/billing software?

April 9, 2007 Posted by mitch | projects, work | 0 Comments

Is it me or aren't there any decent open source time tacking/billing/invoicing? I'm looking for something with a client side GUI, don't think I'd really care about what kind of database back-end it has.... I'd just like a desktop app that can track projects and time spent on it. With an option for reporting and invoicing. I've been using GnoTime and I find it lacking. Its interface is unintuitive, and reporting features are somewhat lacking for what I want to do. I've been trying to figure out how to customize some reports for it. What I want is to be able to select a main project, and show total of whats been billed, whats paid, whats waiting to be paid ect... But be able to make that go narrower, down to a specific task if needed and still show the same things. GnoTime can do this, except for the reporting doesn't seem to work right. And as I said, the reporting is lacking. If I could find an easy way to create the GUI, I'd start working on all the backend stuff to create such a thing, but I find the free GTK+ Design tools kind of odd... I'm not a GUI designer in any sense of the word, so it could most definitely be me. But I've had to design some fairly ugly VB apps in the past and those were easy enough to create.... Wondering why there isn't something comporable for GTK+? I don't really want to do it in QT mostly because I use Gnome as my desktop and I want it to follow whatever theme I happen to be running at the time. Anyway, I my just happen to write one(in python), one of these days if I can find a suitable GUI builder.

Career Path

April 18, 2006 Posted by mitch | life, thoughts, work | 0 Comments

For the last couple years I've been wanting to move my career towards network and systems architecture, which I think of it as "Infrastructure Architecture", and I'm just starting to figure out what type of a background do I need to beable to carry such a title. I get fairly bored when studing routers and switches to be honest, which is why I really haven't wanted to learn or study them very closely before. However, now that I have a much better understanding of my likes and dislikes, and even some (alteast perceived) understanding of the direction of the computer industry in general. Instead of learning more of the unix's I'm focusing more on network related technologies and sticking with Linux as the network OS. So my next move will be Cisco certifications. First up will be the CCNA which I've studied alot already and having some experience with cisco routers and switches so far its alot easier to remember than when I was studying originally... not sure if its because back then I really wanted my RHCE more than anything else or if I was more into becomming a Sys Admin than a Network Admin/Engineer. Either way, its making this time around alot easier ;) Next up after that will be what I'm really interested in which would be the CCDA, or the Cisco Certified Design Associate. Since, like I already said, actually administering routers and switches is somewhat of a bore to me, but networks in general I find very interesting. Designing them is definately intriguing. Hopefully that gets me off on the track I really want, and maybe I'll even go for the CCDP after that. And somewhere in the middle of all of this will be some VoIP.  Anyway, thats the current plan thought I'd lay it all out for myself just because I can.

Changing Jobs

January 21, 2006 Posted by mitch | life, work | 0 Comments

I normally don't write much about work because of the legal issues that may arise from it. However, this I do believe atleast deserves mention. As I said, I don't talk about where I work at all so, knowing which company I'm leaving and which I'm going to is not going to be part of this entry. I will say however, that I've worked for the last 5 and a half years at my previous employer, and my final day will be Monday, January 23rd. I've learned alot over that time, and I've gained alot of real world experience doing stuff that I've always tinkered with on my own. I have left for another Linux Systems Administration job, which some of the duties will be the same, others will be entirely new. Hopefully I'll be able to write about a few of them here and there as long as they won't really conflick with the interests of the company. I am leaving alot of what I knew, people mostly. And while I am sad to depart, I feel it is for the best. I fell into the mantra of "over worked and underpaid" category, which finalized my descision to leave as a company reorg along with buget cutbacks were in the works. I hope that will be all, as there was also rumor of layoffs down the road. I mean you can only cut back so much right? That was a bit of a joke on my part... and while I can't get into specifics, I do hope that those that possibly will get layed off are able to find work again as this whole process has really made me think about such things, and its a horrible (but in some cases a necessity) thing. Anyway, just to log this for future reference and posterity, there you have it.

System Trending with Cacti

October 30, 2005 Posted by mitch | technology, work | 0 Comments

I've been back and forth between creating my own System Trending app using RRDtool, and using some other prepackaged ones like Orca and Cacti. I love the look of cacti, however it wasn't exactly intuitive the first time I tried to use it. So I gave orca a try, and I really didn't like the idea of having to scp off the log files, to a collecting host. I would much rather have the collecting host poll hosts its configured to watch. With that in mind... I don't like SNMP either for a system. For appliances and network devices its great, quick and easy. Because the vendors usually have specific MIB's that can be used. There are generic ones for systems, but I would like to extend this to track applications on the system as well, this will require custom scripts, and with SNMP, custom MIB's as well. Which I really don't want to mess with. Keeping the monitoring system as basic as possible, using one monitoring system to grab all of this is what I had in mind. After spending a week or so creating some custom python scrypts to perform both functions of gathering data and pulling it to a central location, and creating graphs was quite extensive, and I really would like to atleast somewhat finnish this project within the next couple weeks. Creating my own solution proved to be a bit more complicated than I would have hoped. So, going back to using an existing project I took another look at cacti. This time around it proved to be much easier to understand. Not sure if its because I took the time to learn more about rrdtool specifically or what. However, this time I was able to create some data gathering scrips for cacti to execute and an xmlrpc server that answered the requests on the other end. They seem to be working currently and I've only really been working on them for a couple hours over the last day or two. I *hope* to have working client scripts and gathering server written by the end of the week for most of the basic functionality. Just need to do a little more reading and playing with python and the parseconfig module(?). Should hopefully have something by this time next week. I'll keep you updated.

So you wanna be a SysAdmin?

November 3, 2004 Posted by mitch | technology, work | 0 Comments

Linux.com has their weekly editorial of SysAdmin to SysAdmin. Today they published one titled "So you wanna be a SysAdmin". I liked the article so I thought I'd share it. Couple things I liked the mose are quoted below:

You can't get a certificate in administration, get a job, and stay put until retirement. You won't last three years. The job demands that you stay on top of new technologies.

The goal of the administrator is to automate oneself out of a job. This involves not only knowing tools, networking, systems, and services, but the scripting languages to make the tools, networking, systems and services take care of themselves.

However, the important thing to remember is that system administration is more than just a job. It's a lifelong craft. Technology is such that no one person ever knows everything about it. It forces you to keep learning and evolving along with it or be left behind.

Anyhow, I worked my way into system administration through a specialized fasion... From being helpdesk's web admin, and then promoted to the corporate DNS and DHCP admin with some inter-department web administration still. All and all its been fun, just need to keep on pushing to get where I really want to be...

Work drain

October 15, 2004 Posted by mitch | life, work | 0 Comments

What is it about work sometimes that makes IT people loose all interest for doing IT stuff. I'm speaking mostly from my own experience. Its not that I'm loosing my passion for computers and IT stuff. Its just a (emotional?) drain that by the time the day is done, and I get home, I just don't feel like working on this site much lately. I just want to kick back and watch movies. (however my wife doesn't like that to much.. :) ) I just wonder if this is a sign I need a change at work or just a vacation from work. Anyway, I hope to keep this updated as time moves on.

DHCP 2 mysql script

July 13, 2004 Posted by mitch | projects, work | 0 Comments

I've almost finished a script to dump the data from dhcp leases to mysql at work. I just have the database part to finish which I should be able to get to tomarrow hopefully. Anyway, I will post it when I finish it. I'm not promising anything pretty... infact its actually REALLY ugly. Anyway, I will post it none the less. Guess its time I get a projects page up eh?

DNS managment webapp

June 5, 2004 Posted by mitch | projects, work | 0 Comments

At work we use a program called "QuickDNS" for managing our domains for both testing, development and production environments. The problem is it is costly, and to do what we need it to, will cost even more. So, over the last couple of days, I've been contemplating how to write my own, something that just does DNS, because thats all we need. The basics would really be pretty simple, the only thing that makes me think it will be difficult is "checking" to make sure the user of the web app is aware of what they are doing. So they don't screw things up. But I guess that would be possible with the program we are using currently. It doesn't do that many checks, so it is possible to screw up a server if the user doesn't know what they are doing. I'm hoping that after I get all my servers upgraded to RHEL3, I will have a bit more time to play with such an idea, but really I think it would take me about a week to get something working and only minor bugs needing to be worked out. But maybe I'm just being over zealous about it. But then again, its just another project for me to work on. Along with the System Information database... As soon as I get a basic framework for either of them, they both will be able to be plugged into it however. Which will be nice.

DHCP Scripts needed!

May 28, 2004 Posted by mitch | projects, work | 0 Comments

Ok, I don't get it... is dhcp the red headed step child of all IT services? I mean the lack of managment tools for it is rediculous. After reading tons of docs, and the DHCP Handbook(2nd edt.) and even more forum postings... it seems that its annoying enough that it would be nice to get it fixed... but no one seems to have any kind of solution. A little more about what I'm refering too... I would like a script that parses through the dhcpd.leases file and either out puts totals of various lease information based on criteria I specify. OR does a straight dump to a database, and then can be queried in anyway needed. I would think this isn't an uncommon request, just no one has done anything about it, because it will be a HUGE pain. Honestly... I don't think it would be THAT hard to accomplish this. However, I understand that the dhcpd.leases file isn't kept in the best format for such a thing. Anyway, this is what I'm thinking. Two scripts, First(1) would be an initialization script of such. Basically it would be to initialize the database and update IP's. Anytime the you added a pool or changed a range of IP's, this script would to be run. Its purpose would be to look at all the ranges in the dhcpd.conf file, and create the rows in a table for EACH ip in those ranges(creating a defacto list of ALL ips the DHCP server is going to be serving). Then the Second(2) script would be cron'd to run every 5 min or however often you wanted it to run. It would then parse through the dhcpd.leases file, and for every IP, it would update that lease information into that IP's row in the database(that is why the IP would be the defacto... as there should only be one listing of it). I am uncertain at this moment, if an IP will be listed more than once in the dhcpd.leases file. As I don't know if the DHCP server always creates a new entry everytime it does something with a particular lease, and how often it removes them if that is the case. (hope that makes sence... for me in the future...), anyway, if all it has to do is do a update on that IP's row in the DB, creating a web app to parse through that information is trivial. Anyway... just another project I've come up with that would make my job easier...

System Information Application

May 28, 2004 Posted by mitch | projects, work | 0 Comments

K, at work it would be very usefull if I had a system information/management web app for all the servers I'm over at work. While I'm thinking about it, I need to write down some of the things it should do. (I'm writing my own because I don't like the current ones out there) - Store System Info (Name, DNS host names, IP, Subnet, Rack, Maker/model, serial num, service num, Purpose, apps installed, maintenance info, and anything else that might come up) Should have a page that allows for a scripted update of the hosts file (ie: out put localhost, and all the other systems(or group of systems) in the DB with the IP boxname dns host name.) What would be nice, is enough information, that the box could be duplicated without even needing access to it. (creating a kickstart based off installed apps and such) Thats all I'm thinking about right now... and I hope thats enough detail that when I revisit this idea(when I actually have time to revist, in the process of redoing DHCP, DNS and Upgrading systems to RHEL3 right now...) that I can remember all that I'm thinking about right now.