16 June 2016

Friday last, while at the office, I patched and rebooted the server this site and others runs on. That’s not totally uncommon: unlike most of the servers I manage for work purposes, I had no remote console access to my server. And since $FIRM kindly gives me power and pipe for this place, that’s just fine. Sadly, upon reboot, I waited … and waited, and finally went into the data center and connected the crash cart to the system. Um, kernel panics and NMI (non-maskable interrupts) all over the screen – it appears I had a hardware problem. Finally the system finished booting, and surprisingly it was working. I didn’t, however, expect it to remain in that state for long.

Come Monday, I went shopping in the recycle stack for a slightly newer retired server, finding a freshly-out-of-warranty R710, not much RAM, but two quad-core Xeons. Permission attained, I then racked the box, cabled it, and started thinking hard about how I was going to get everything migrated. I’ve done it before, but configuration from scratch is hard and prone to errors, since I don’t have this one artisanally crafted host under any sort of configuration management. Yes, yes, the cobbler’s child has no shoes, I understand. I have good backups, but I’d still rather not rebuild the whole system from scratch.

And I shouldn’t have to. I’m using FreeBSD 10.x as my server OS, which brings me a couple of strong advantages: good support for server-grade hardware, and ZFS, the best filesystem on the planet. So I spent a little while poking around the Internet, and formulating a plan, which combined elements from these two sites:

http://daemon-notes.com/articles/system/zfs-maintenance/clonezfs, courtesy of ‘ken’, and

https://forums.freebsd.org/threads/49702/, thanks to Farioko and the FreeBSD forums.

The former helped me get the initial copy over to the new system, and the latter provided guidance in properly configuring the second disk to mirror all that stuff over. Grand total of actual time working on the transfer and getting the mirrors setup: About 45 minutes. Then I had a full copy of the old machine’s system running on the new hardware. Finally, I moved the ethernet  cable over, and wiped the old system’s drives clean with DBAN.

*      *      *

Exercise:

Monday – 80 sit-ups, 40 squats, 32 push-ups, assorted stretches, and 7000 strides on the elliptical in 50 minutes.

Tuesday – Off. I pushed really hard Monday.

Wednesday – 100 sit-ups, 50 squats, 40 push-ups, assorted stretches, and 6400 strides on the elliptical in 46 minutes.

Thursday – I substituted yard work for exercise this evening, getting the lawn mowed before big rains move in tonight.

Ciao!

9 June 2016

The weather has cooled dramatically, after a day of wind and a spot of rain yesterday. This morning it was 47° F during my drive in. Busy week, what with chores and a CALUG (Columbia-Area Linux Users Group) meeting last night.  The speaker was Eddie Roache, on the topic of Docker. That’s something I know very little about, which makes it fun! Now all I have to do is find time and resources to play with it…

Exercise:

Monday – 60 sit-ups, 40 squats, 24 push-ups, assorted stretches, and 6150 strides on the elliptical in 46 minutes.

Tuesday – 48 sit-ups, 30 squats, 21 push-ups, assorted stretches, and 4100 strides on the elliptical in 32 minutes.

Wednesday – 64 sit-ups, 40 squats, 28 push-ups, assorted stretches, and 6100 strides on the elliptical in 45 minutes.

5 June 2016

On the exercise front:

Monday – Holiday.

Tuesday – 75 sit-ups, 50 squats, 30 push-ups, assorted stretches, and 5100 strides on the elliptical in 38 minutes.

Wednesday – 45 sit-ups, 30 squats, 18 push-ups, assorted stretches, and 6060 strides on the elliptical in 45 minutes.

Thursday – 60 sit-ups, 40 squats, 24 push-ups, assorted stretches, and 6130 strides on the elliptical in 45 minutes.

Friday – My back was wonky from a new addition to the “assorted stretches”, so I took the day off. I didn’t even get up to 10K steps (but close-ish at 8900).

Saturday and Today – Yardwork counted by Fitbit as exercise to the tune of 3.5 hours and 30K steps. Good enough.

*      *      *

Yep, the lawns are edged and mowed. The veggie gardens are weeded. And I pulled out enough broccoli to provision three dinners for two. Tonight’s was brown rice cooked with chicken stock, chicken breasts braised in chardonnay and fresh chives, and … broccoli. I also added some chopped fresh chives from the yard to my rice.

I spent some time in the woodshop working on a project for my dad, and that covers the non-working week.

*      *      *

I’m falling behind on my reading, though. There just aren’t enough hours and energy in these summer days.

Ooooh, yeah. There was something else…

I have a large primary UPS here in my home office, to run the always-on home server and assorted network gear, along with backing up a couple of other computers that are running from time to time (but I never like exposing a computer to line power). I’ve had it for several years now, and while the available run time has dropped off a bit, I never got a “replace battery warning”. Instead, at about 10 after 6 (AM) yesterday, it startled me out of sleep with a screeching alarm and an error code that didn’t make sense in context (overloaded). Hmmm. A bit of exploration online, and it seems that there’s something fundamentally off. More than just replacing the battery will fix, I’m sure. So instead I went down to Best Buy and picked up a replacement APC XS 1500 unit. On trying to shut down the old one a last time, I managed to elicit the same error that woke me in the morning. So it’s a good thing I replaced it.

*      *      *

DoD announced no new casualties in the last week.

24 April 2016

Another day, another birthday. And this one accompanied by a wonderful cake made by Marcia, with a decoration assist by Linda Rose:

Occupationally appropriate birthday cake

 Job-appropriate birthday cake

*      *      *

I, of course, witnessed little of this activity, because I spent the weekend absorbing InfoSec goodness at BsidesCharm 2016. An excellent two day conference with interesting keynotes and talks. Because of the setup of Bsides, the sponsors don’t get the attendee lists, there are no scannable badges, and sponsors don’t automatically get speaker slots. Truth be told, in our area, the sponsors weren’t there to sell (mostly), they were there to recruit. As one of our keynotes mentioned, in the DC area, InfoSec is at negative three percent unemployment. There are Bsides events across the country – look for one near you at the SecurityBsides.com site. Highly recommended.

*      *      *

DoD announced no new casualties in the last week. That’s a good thing. Ciao!

17 April 2016

This was a good week. Not a great week – that would have required all seven days to have been above 32° F for the full 24 hours each. That only happened four times. That said, work was good and productive, including the weekend work that ate half of yesterday, as well as patching last night and this morning.

The rest of the weekend was given to yard work of assorted types. I mostly did lawn care, but we did get a couple of new rose bushes for the front porch pots, a couple of herbs for the herb box in back, and I’ve stocked up on mulch (for yard bed dressing) and manure (for garden bed amendments). I’ll probably take a couple of days off this week to get the beds turned over and that manure turned in, so that it can rest for a week before I start planting veggies in the last week of April.

Oooh. Marcia made a couple of superbly yummy apple pies yesterday. We might have completely demolished one of them already. I’m taking the second one to work, tomorrow.

*      *      *

Technology update: I’ve gotten OrbDesigns.com setup with SSL, finally. This long-overdue development is courtesy of letsencrypt.org: “Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG).”

I’d always been a bit of a cheapskate about SSL on the sites, mostly because I don’t do any financial or personal transactional business here. And an SSL certificate for  just orbdesigns.com would have cost me more than the annual domain registration fees. I’d been following the progress of Let’s Encrypt with some interest, and jumped on the bandwagon, totally by chance, the day after the public Beta ended. I’m pleased that the service is available, and that there’s a couple of options for FreeBSD. I took advantage of the directions on Bernard Spil’s blog on the topic at wiki.freebsd.org/BernardSpil/LetsEncrypt.

I’ve still got to setup auto-deploy to accompany the automatic renewals that are already configured. And I’ve got certs for Marcia’s two main sites already: I just have to configure and deploy to those.

*      *      *

Our condolences to the family and friends of Airman First Class Nathaniel H. McDavitt, 22, of Glen Burnie, Maryland. He died on April 15 in Southwest Asia as a result of injuries sustained after extreme winds caused structural damage to the building in which the airman was working.

10 April 2016

A good week, overall. I was on-call for the first half, which is tiring, even when nothing happens. Yep, I sleep a lot more lightly when responsibility requires it. But one week out of every few weeks ain’t bad – and our monitoring and remediation are in a state of continuous improvement, so we get far fewer alerts and calls than in years past. All to the good.

I also executed terminal retirement on a stack of former virtualization hosts. Spin down, uncable from last network connections and from the SAN, spin up again with a DBAN disk in the optical drive: boom. No more data. Some may be repurposed as a lab environment, but the decision hasn’t been taken yet.

*      *      *

It was a fairly relaxing weekend, since the house is fairly clean, and it’s too darn cold to do any yardwork … Hey, did I mention that we had sleet, graupel, and snow on Saturday morning? Did I also mention that four days in the last week started off below freezing? So much for Spring. It had been warming up, and everything started to bloom, then BOOM: be cold and die, little plants! Good thing I’d not planted any veg in the garden yet, eh?

So we had Linda and Mike over to supper last night. Marcia made a wonderful, hearty, chicken stew, complemented by Asiago wheat bread and a green salad. Desert was a shortbread laden with blueberries. A good game of Ticket to Ride followed … good because against all odds, I won.

Both weekend days, I gave a few hours to playtime in the world of The Talos Principle (which I finished), and the Road to Gehenna DLC (which I started). Fun puzzle game: Recommended.

*      *      *

I’m currently reading Cordwainer Smith’s The Rediscovery of Man collection, along with last month’s Strange Horizons. I finished up the April edition of Clarkesworld earlier in the week, too. And I’m continuing to work my way through Learning Ruby the Hard Way, 3E. I’ve been spending years getting just enough knowledge to get the job done, but I want some more depth on something, anything. So, before I work on a substantial project, best to begin at first principles. That’s what I’m doing.

*      *      *

DoD announced no new casualties in the last week, for which we are grateful. Ciao!

20 March 2016

It must be Spring. We’ve been in the 30’s all weekend, and it’s currently dropping what’s quaintly called a “wintery mix” on us from low, leaden skies. Bah!

*      *      *

We’ve lost a lot of the roadside trees in our neighborhood in the last couple of years. The HOA’s landscaping service took out a bunch this winter, and replaced them with … some other kind of tree, I’ll guess. They didn’t get all of the dead trees yet, and from the tracks on the barkless trunk, you can probably see the reason behind the death:

Bug 1, Tree 0

Bugs 1, Tree 0

Yup, some kind of insect really loves the trees we’ve got in the upper part of the neighborhood. The lower is full of bradford pears, which are lovely in the spring, and as fragile as a vase, on a candlestick table, in a windstorm, on a concrete patio, surrounded by disturbed bison. The trees that are dying are less physically prone to splitting in half at the drop of a hat, but they’ve apparently appeared on the menu for some bug.

*      *      *

I got a variety of things done this weekend. After Marcia and I went up to Hobby Works this afternoon, I dug out the Hellcat model I’ve been working on for the last few years. Okay, I haven’t worked on it in a couple of years, but it’s still a fun project. I got the rest of the stringers laid onto the main part of the airframe today.

Hellcat model

Hellcat model in progress

Next up: wings.

*      *      *

I did run into an interesting problem this weekend. Firefox was auto-updated to version 45.mumble, and when that was done, I could no longer browse to any site that wasn’t https. After a while trying to fix things with my existing profile, I threw in the towel and built a clean new profile, and migrated some of the key configurations from the old. All’s right with the world again, at least in Firefox, for the moment.

*      *      *

Our condolences to the family and friends of Staff Sgt. Louis F. Cardin, of Temecula, California, who died on Mar. 19 in northern Iraq, from wounds suffered when the enemy attacked his unit with rocket fire.

9 Feb 2016

Disappointing. Snow fell for about 18 hours, leaving a total accumulation of … nothing. A smattering on the grass, a damp road surface. It was just too darn warm coming into this event – the storm never had a chance. It didn’t even frighten the schools in my county into closing – and they frighten real easy!

*      *      *

A challenging day at work, with Internet issues external to our sphere of control, but massively annoying, taking center stage. That, plus a failed piece of hardware, made the first half of my day disappear. I’ll get caught up, somehow (although there’s a replacement piece of hardware that’s in flight and will need fettling and installation tomorrow).

*      *      *

I also finally figured out how to get the six tracks of AFP’s Strung Out in Heaven onto my iPhone. I’d had iTunes setup to do conversions to Apple’s lossless format, because why not? Well, why not appears to be: iTunes won’t transfer those tracks to the iPhone, being afraid I’ll be angry that they’re so big. So I dumped everything I did the other day, re-imported the WAV masters, then converted them to AAC format, which then synced to the iPhone just fine. I suppose I ought to figure out how many other things I’ve got sitting on this box in a frantically high bitrate. Just not tonight.

*      *      *

New Hampshire? #WTF

21 Dec 2015

A day late, and a vacation dollar short. Yep, vacation. I’m “off work” for the next two weeks, which means that I only keep an eye on email, and respond if SMS messages flow my way. But for the purposes of day-to-day operations, I’m offline. Yay!

*      *      *

In other good news, no vomiting in more than a week, so I’ve got that going for me.

*      *      *

Please note that policy requires the new disclaimer in the footer of this site. So noted.

*      *      *

The weekend flew by with assorted home-maintenance chores. They were mostly plumbing, which is mostly done – I still need a short length of 1-1/2″ pvc pipe, which I thought I had on-hand, but I was mistaken. So I also checked on my PVC cement, which I did have a can of … but it’s not a liquid as such, anymore. So that’s on the home center list, too.

I also managed to take some time to decommission some old data drives. For tin-foil-hat-reasons, I don’t just throw disks away or recycle them. I electronically wipe them, then destroy their ability to be read. Here’s the end result of one such session with 6 disks:

Data destroyed

Data destroyed

*      *      *

Today I got my sump pit monitoring system back online. For a variety of reasons, I broke it a couple of months ago, and neglected for a long while to get it back online. Today, that is remediated. The sump pit monitoring setup is well documented by Al Audet on his Raspi-Sump page, so I would be too redundant to repeat it all here. But his code works, so get it and use it. Yes, you’ll need a Raspberry Pi, and some assorted other stuff along with a bit of soldering or breadboarding skills, but that’s not hard to come by, and none of the stuff is so expensive that you can’t replace the bit you break. Better yet, it’s MASSIVELY less expensive in both time and money than what you’ll go through if your sump pit overflows. There are commercial monitors available. Ones that will also send you text messages are heinously expensive. Try Raspi-Sump, you’ll like it.

Side-note – I was introduced to Raspi-Sump on the pages of Linux Journal.

*      *      *

DoD announced no new casualties in the most recent week. Ciao!

2015 Nov 29

LISA 15 Report

The LISA 2015 conference was held this year at the Washington Marriott Wardman Park, off Connecticut Avenue in north east DC. It’s 15 miles from home, but the best driving time I had was Wednesday (Veteran’s Day) morning, which took half an hour, and the worst was a bit over 1.5 hours, coming home in weeknight traffic, in the rain. It’s a nice venue, though I’ve never stayed there, only attended events.

Saturday, 11/7

Saturday night was badge pickup and opening reception. I attended that mostly to do a handoff of the give-away items for the LOPSA general business meeting. Because I’m local, I volunteered to be a drop ship site for stuff that arrived over the course of the month leading up to LISA. That evening, I made contact with LOPSA’s President, Chris Kacoroski (‘Ski’), and we grabbed a couple of other willing bodies and emptied out my trunk, which was chock-full of Lego kits, books, booth collateral, etc. An hour or two of chatting with early-arriving attendees, then I headed back home to get an early bedtime – I was facing a long week.

Sunday, 11/8

Sunday was the first of three consecutive days of tutorials. In the morning, I attended a half-day session presented by Chris McEniry on the topic of Go for Sysadmins. Go was developed at Google, and released under an open source license in 2009. To my eye, it combines some of the best features of C, Python, and Java (but the FAQ says that Pascal has a strong influence – it’s been a long, long time). With larger data sets to work with each passing year, a faster and better language seems to be a useful tool for the continuously learning system administrator, and Go provides that sort of tool. Chris was an excellent presenter, and his examples and supporting code were pertinent and useful. Effective? Yep, I want to learn more about Go … in my copious spare time.

Sunday afternoon was all about Software Testing for Sysadmin Programs, presented by someone I’ve known for a few years now, Adam Moskowitz. Adam is a pleasant bloke, and like everyone at LISA, smart as all get out. He makes the valid point that all of the tools that we encourage our programmers to use, from version control to testing and deployment automation, belong in our toolbox as well. And for UNIX-ish sysadmins, lots of stuff is written in shell. Adam developed a suite of tools based on Maven, Groovy, and Spock, and gave us a working configuration to test code with. Impressive and useful. Now all I have to do is do it!

In the evening, I hung out for a bit for what’s called the “Hallway Track”, which is all of the non-programmed activities from games to BoF (Birds of a Feather) sessions, to conversations about employers, recruiting, tools, and users. Always fulfilling, the hallway track.

Monday 11/9

On Monday, I over-committed myself. Caskey L. Dickson was putting on a full-day tutorial on Operating System Internals for Administrators (a shortened version of the actual title). I attended the morning session of that, which was awesome. One would suspect that hardware is so fast that it just doesn’t matter so much anymore. But it turns out that such things as memory affinity in multi-socket, multi-core systems can have significant performance impacts if the load isn’t planned well. And while storage is getting faster, so are busses and networks. The bottlenecks keep moving around and we can’t count on knowing what to fix without proper metrics. Caskey presents an excellent tutorial, it’s actually in some senses a pre-requisite for  the Linux Performance Tuning tutorial that Ted Ts’o does (I’ve attended that in years past). I would have stuck around for the second half day of Internals, but…

Instead, I attended a half-day tutorial  called systemd, the Next-Generation Linux System Manager. Presented by Alison Chaiken, I learned a lot about the latest generation of system manager software that’s taken over from the System V init scripts model that’s ruled for the last few decades. While change is always a PITA, and there are definitely people who vehemently dislike systemd, I find that (A) I have to use it in my work, so I should learn more; and (B) there are features that I really quite like. Alison knows a lot about the software and the subject, and helped me understand where I needed to fill in the gaps in my systemd education.

Tuesday 11/10

For me, Tuesday was all about Docker. Until not that long ago, I’d have been managing one service (or suite of services) on a given piece of hardware. Programs ran on the Operating System, which ran on the hardware, which sat in the rack in the data center, mostly idle but with bursts of activity. Always burning electricity, and needing cooling, a growing workload meant adding new racks, more cooling, more electric capacity. In the last decade, virtualization has taken the data center by storm. Where once a rack full of 2U servers (2U stands for the vertical space that the server takes up in the rack – most racks have 42 U {units} of space, and servers most commonly are 1, 2 or 4 U) sat mostly idling, we now have a single more powerful 2U or 4U server that runs software like VMware’s ESXi hypervisor, Microsoft’s Hyper-V, or Xen/KVM running on a Linux host. On “top” of those hypervisors, multiple Operating System installs are running, each providing their service(s) and at much higher density. Today’s high-end 2U server can provision as much compute capacity as a couple of racks worth of servers from 5-10 years ago. It’s awesome.

But that’s so … yesterday. Today, the new hotness is containers, and Docker is the big player in containers right now. The premise is that running a whole copy of the OS just to run a service seems silly. Why not have a “container” that just has the software  and configurations needed to provide the service, and have multiple containers running on a single OS instance, physical or virtualized. The density of services provided can go up by a factor of 10 or more, using containers. It’s the new awesome!

I don’t have to use Docker or containers in my current situation, but that day may come, and for once I’d like to be ahead of the curve. So in the morning, I attended Introduction to Docker and Containers, presented by Jerome Petazzoni, of Docker. Dude seriously knows his stuff. But I’ve never attended a half-day tutorial that had more than 250 slides before, and he got through more than 220 of them in the time at hand, while ALSO showing some quick demos. Amazingly, I wasn’t lost at the time. And I’ve got a copy so that I can go back through at my leisure. Containers launch quickly, just like Jerome’s tutorial. I think I learned a lot. But it’s still due for unpacking in my brain.

In the afternoon, Jerome continued with Advanced Docker Concepts and Container Orchestration. Tools now regarded as stable (such as Swarm, which reached the 1.0 milestone a couple of weeks before the presentation) (grin) and Docker Compose were discussed and demonstrated to show how to manage scaling up and out. Another immense info dump, but I’m grateful I attended these tutorials. I think I learned a lot.

In the evening, I hit up the Storage BoF put on by Cambridge Computers, and dropped into the Red Hat vendor BoF on the topic of Open Storage. A long day.

Wednesday, 11/11

Veteran’s Day dawned bright and sunny. Like each day of this week, I left the house at 0630. I was surprised, rolling into the parking garage at 0700 … until I remembered the holiday, and that no Feds were working (and clogging my drive) as a result. Win!

The morning keynote was given by Mikey Dickerson, head of the USDS. He spoke on the challenges of healthcare.gov (his first Federal engagement), and being called back to head up the new US Digital Service. Mikey is a neat, genuine guy who has assembled a team of technologists who are making a difference in government services. Excellent keynote, fun guy.

I took a hallway track break for the next hour and a half – catching up with folks I hadn’t seen in a couple of years.

After lunch, I attended first a talk by George Wilson on current state of the art for OpenZFS. ZFS is an awesome filesystem that was built by Sun (Yay!), then closed by Oracle (Boo!). OpenZFS took off as a fork of the last OpenSolaris release, some years ago. Since then it’s been at the core of IllumOS and other OpenSolaris-derived operating systems, as well as FreeBSD and other projects. I’m a huge fan of ZFS, and it’s always good to learn more about successes, progress, and pitfalls.

Then I sat in on Nicole Forsgren’s talk: My First Year at Chef: Measuring All the Things. Nicole is a smart, smart person, and left a tenure-track position to join Chef last year. She brought her observational super-powers and statistics-fu to bear on all the previously unmeasured things at Chef, and learned lots. Chef let her tell us (most of) what she learned, which is also awesome. The key take-away: Learn how to measure things, set goals, and measure progress. Excellent!

After dinner up the street at Zoo Bar and Grill with Chas and Peter, I attended the annual LOPSA business meeting. I didn’t stay for the LOPSA BoF in the bar upstairs, since my steam was running out and I was driving, not staying at the hotel.

Thursday, 11/12

Christopher Soghoian provided the frankly depressing Thursday morning keynote: Sysadmins and Their Role in Cyberwar: Why Several Governments Want to Spy on and Hack You, Even If You Have Nothing to Hide. Seriously. Chris is the Chief Technologist for the ACLU, and his “war” stories are hair-raising. We’re all targets, because we run systems that might let the (good|bad|huh?) guys get to other people. All admins are targets, not of opportunity, but of collateral access. Sigh. Sigh. Good talk, wish it wasn’t needed.

The morning talk I attended was about Sysdig, using it to monitor cloud and container environments. Presented by Gianluca Borello, I found that sysdig is a tool I really should learn more about.

In the afternoon, I spent some time in the Vendor Expo area, catching up with people and learning about the products that they think are important to my demographic. I was going to attend a mini-tutorial later in the afternoon called Git, Got, Gotten on using git for sysadmin version control … but by the time I got to the room it was SRO. So I bailed out way early (skipping the in-hotel conference evening reception – I expected a disappointment following last year’s wonderful event at the EMP Museum), unwound, and got a good night’s sleep.

Friday, 11/13

I started the day with Jez Humble of Chef, who talked to the big room about Lean Configuration Management. An excellent talk on, among other things, what tools from the Dev side of the aisle we can use on the Ops side. Jez is an excellent speaker, and he brings up a good point about how the data points to high-performing IT groups as being a driver of innovation AND profit.

My second morning session was Lightweight Change Control Using Git, by George Beech of Stack Overflow. A big hunk of time was given to what’s wrong, before progressing into the organization of managing configs and processes with version control, explicitly git. Good talk.

After lunch, I spent a couple of hours on the hallway track, since there was nothing that really called out my name in the formal program. And for the closing keynote … well, I decided to beat the Friday traffic out of the district instead. But the presentation has been made available already – it’s here: It Was Never Going to Work, So Let’s Have Some Tea, by James Mickens of Harvard. You can watch it with me.

Thanksgiving and stuff

It was a good week, though I did work on Friday. Thanksgiving Day was a nice quiet day at home. Pancakes and espresso in the morning. Turkey, mashed potatoes, gravy, cranberry sauce, apple pie, … other stuff, I think … through the late afternoon and evening. Food coma #FTW, with lots of leftovers. We called and talked to family in lots of places, and that was fun, too. The weekend has been catching up on chores, putting up the Christmas crap, and roasting coffee.

Fallen Warriors

DoD reported no new casualties in the last week.