Sysconfig's Blog

There’s no such thing as “The” Cloud

Personally I think “The Cloud” is one of the most abused terms of modern IT language. There are certainly some connotations going along with it, which get business people excited: scalable, flexible, resilient, on-demand pricing, low entry costs. And then the whole Nonsense-as-a-Service terminology (SaaS, IaaS, BaaS and whatnot)! It certainly gets the high-level non-technical business folk’s meetings started! Sadly, they are not likely to ever come to a conclusion which makes sense on a technical level. The image, which many if not most people have in mind is that “The” Cloud is the answer to all IT problems, a no-brainer, and on top of it there’s a (in my opinion false) understanding that you chuck your stuff into “The” Cloud and it will then magically apply all those great features to your application. It couldn’t be further from the truth, unless you are willing to pay a serious amount of money and let someone else manage all that for you. That however removes on-demand, and low entry costs from your equation. Depending on the company you hire to do that, you’ll sometimes sacrifice flexibility, too.

You, as an IT person, certainly have been asked (or asked yourself) this question in the recent past: “Should we move services to ‘The’ Cloud?”
Read the rest of this entry »

Posted in AWS/EC2, BSD, general, Linux, Virtualisation, Xen | No Comments »

GlusterFS on CentOS 6.x incl. Geo Replication

For those of you who are interested in clustered storage, I’ve put together a very quick run-through for GlusterFS (3.2.5) on CentOS 6.2. It also includes setting up Geo Replication. It’s very short, but tackles a few of the pitfalls. Just head this way.

In case you haven’t heard: RedHat acquired Gluster back in October 2011, and that is very good news, because it will push development, broaden the user base, and ultimately make it more interesting for some of the bigger players out there, which will result in even better stability and performance altogether.

Frankly, there were times when GlusterFS was in a mess and the only people knowing how to configure and properly use it were the devs (or the freaks who hung out in IRC whole day, which I sometimes did too), because documentation was a nightmare. These things will now change (and have already changed as far as documentation is concerned). That’s brilliant progress.

If you don’t look at GlusterFS now, you’ll probably feel left out soon.

Posted in general, Linux, Software, Storage | No Comments »

Slim and up-to-date CentOS 6.2 AMIs for Amazon EC2

[Update 01/Mar: updated EU-West AMIs, and added AMIs for AP-Southeast-1]

As CentOS 6.x has finally caught up with RHEL’s update cycle (as far as possible for a clone/copy/fork/you name it), I thought it might be good to have up-to-date images on EC2. But to my surprise I didn’t find many. Maybe it’s because you can get RHEL instances there, but I still prefer not to be dependent on licensing.

Anyhow, most AMIs I’ve found are outdated (6.0) or littered/bloated or heavily customised. I didn’t find a single AMI to my liking in either Europe or in the US regions. Plus, I wanted SELinux in enforced mode, which the vast majority of AMIs out there don’t offer and which is a bit of a nuisance to rectify later (due to long relabeling procedure and required reboot). Hence I created my own, which I made public.

Read the rest of this entry »

Posted in AWS/EC2, Linux, Operating Systems, Virtualisation, Xen | 2 Comments »

Scientific Linux — an alternative to CentOS?

As CentOS is currently in a bit worrying situation with security updates arriving late, and major and point releases being months behind, it’s probably a good idea to have a look around and check what else is out there that claims to be binary compatible with RHEL. With more than 100 active installations of CentOS, I just have to make sure that we’re ready for the worst case. Obviously purchasing subscriptions with RHEL for all those installations is not an option; the customers can’t possibly agree to the significantly higher costs that would force on them.

Now, I don’t want to spread rumours or create unnecessary panic. I don’t really doubt that the CentOS team will somehow manage to increase their pace a little bit, and their latest announcement regarding continuous releases (essentially “backported” security updates) goes into the right direction, if they can for once stick to their promised timelines.

Nonetheless, I need stability and consistency. That absolutely entails security updates, quite obviously. From my personal and professional experience, if it has to be Linux, RHEL-derivates are by far the best bet for enterprise environments. So, just in case, what else is in store for paranoid people like me who have committed to using RHEL and its forks/clones? (where FreeBSD sadly isn’t an option)

Read the rest of this entry »

Posted in general, Linux, Security, Software | 4 Comments »

FreeBSD 8.2 on Xen using Para-Virtualisation, Step-by-Step

Using FreeBSD on Xen is not exactly uncharted territory any more these days, however you’ll often find that people use hardware virtualisation (HVM) instead of para-virtualisation (PV). The latter can unleash quite a bit more potential, and of course features like memory ballooning, live migration, attaching of network interfaces or storage at runtime, etc.  Some of these features may not yet be supported very well, but I’ve got trust in the FreeBSD community! (I only wish my C/C++ wasn’t so rusty and I had focused more on system-level development in the past. But well, writing tutorials to help others use it isn’t too bad either, is it? )  Problem is that documentation with regards to this subject is scattered all over the place and often outdated.

So anyways, enough waffle here. Those of you who are interested, should follow this link: my step-by-step guide on how to set up a FreeBSD PV guest from scratch, including pygrub support. The tutorial will walk you through all the steps required from setting up an empty stub, over creating a HVM guest, to transforming that into a PV guest (or even hybrid, if you wish).

Posted in BSD, general, Virtualisation | No Comments »

GlusterFS, a workhorse that needs to be tamed

I’m sure by now most of you will have heard of GlusterFS, which allows you to store data on a very large scale, replicated, striped, or both – across multiple physical boxes. At the face of it, and if you believe the marketing, it is THE most reliable and fastest solution. And yes indeed, it has got massive potential, and it has matured a lot over the years since I last wrote about it. However, it still has got a few nasty pitfalls, which you need to be aware of before deploying it into a production environment. You should really test thoroughly how it copes with your workload, and how your applications and infrastructure behave in case of failure.

Read the rest of this entry »

Posted in general, Linux, Storage, Virtualisation | 8 Comments »

So long, XenServer

Citrix XenServer is great. No really. As long as you don’t want to do uncommon things like, say, replacing a network card which is your management interface, or deleting snapshots and expecting to get the freed space back instantly, XenServer is solid and very easy to setup and use. With a few clicks you can set up VMs with just about any available OS, attach them to a network interface or even VLAN [more on that later], and are only a few more mouse clicks away from starting it. I’ve run various different OS on it: a bunch of Linux flavours, FreeBSD, Solaris, Windows. It runs and runs and runs.

So where’s the but? Here it comes: …but if something unexpected happens, you are seriously screwed. Here are a few examples from the past couple of months.

Read the rest of this entry »

Posted in general, Operating Systems, Virtualisation, Work | 4 Comments »

EC2, Puppet, and some custom Development

Hello, and a Happy New Year everyone! I have been quiet here for many months due to an incredible work load. Fortunately the festive season gave me some time to breath, and to look into things which I have been wanting to look into for months, namely Amazon’s EC2 cloud, which has become much more interesting (from a business perspective) since they have achieved PCI DSS certification, and Puppet, which is a brilliant tool to automate lots of server (or EC2 instance) management tasks.

Read the rest of this entry »

Posted in general, Virtualisation, Work | No Comments »

Why I’m not fond of Ubuntu Servers

Recently I have found myself complaining about Ubuntu Server more often, and people apparently start taking offence. First, let me clarify that I do think that Ubuntu is a very good option for desktop computers, if you’re not too keen on running commercial operating systems like Windows or Mac OSX. Without Ubuntu founder Mark Shuttleworth‘s help, Linux still wouldn’t be that popular on desktop computers. That is a great achievement and certainly helped Linux to become more mature (both on desktops and servers), as wider interest in Linux automatically helped growing the community of developers who participated in various Linux-related and open source projects.

That said, we must not forget Ubuntu’s focus, which I think (and I will expand on it later) is still valid: desktop and laptop computers.

Read the rest of this entry »

Posted in Linux, Operating Systems | 2 Comments »

Reducing Downtime with Virtualisation

I’m not going to explain in depth how virtualisation can reduce downtimes in general, or what you need to achieve that. But from todays practical experience, I’d like to give one example.

Let’s say you are running FreeBSD on a server, and you need to do a major upgrade (that is from 6.x to 7.x). This process can take ages, if your machine is not running the latest hardware, and/or you have a lot of 3rd party software installed (ports). I’m not talking about an impatient person’s definition of ages, or about the one of a customer, who claims hundreds of quid financial loss in 20 minutes downtime on Sunday morning 1:30 am.  I’m talking about ages as in many hours.

Of course, a FreeBSD upgrade doesn’t require to be offline while it’s proceeding. But you will need to reboot. And as a rule of thumb, one can assume that dependencies in the ports will break. Usually only one or two of them, but it requires manual work, and can cause an unpredictable partial downtime, which is longer than it takes to reboot the machine.

So how can virtualisation help here? In a nutshell, it allows you to do the whole upgrade on another virtual machine. You can take a snapshot of the production machine, start it as a new VM, and do your work there, while the original VM stays online.

This also reduces stress enormously, because if you break something during the upgrade, there’s no time pressure to fix it. You can spend as much time as it takes to finish your work properly. Cool, isn’t it?

And when you’ve finished your work, you can inform your customer about an upcoming 1 or 2 minutes downtime for a major system upgrade (which you have already finished).

All you need to do when the time has come, is to sync files which changed during run-time (for example mail folders), change the network settings in order to make your upgraded snapshot take over, and then you can safely decommission the old VM. It really is as easy as that.

Posted in Virtualisation | No Comments »