by R.I. Pienaar | Dec 2, 2007 | Front Page
The CentOS team today released CentOS 5.1. This is good news there has been a ton of bug fixes upstream.
It is still trickling out to a few mirrors so should be available everywhere soon, I updated my 2 development servers using:
yum –disablerepo=\* –enablerepo=base –enablerepo=updates update
And so far it is all good, be aware that there seems to be a small issue with /etc/redhat-release still showing things as it was with 5.0, but this will probably be fixed soon as there has already been mentions of this on the forums.
As always, read the release notes before you upgrade as there are some outstanding issues you should know about.
Well done, the Wiki has also recently had a layout upgrade and it is all starting to look much more professional than before.
by R.I. Pienaar | Dec 2, 2007 | Front Page
I keep a pretty close eye on my email volumes as I own a little anti spam company – you point your MX to me and I’ll deliver a clean set of email to your server, nothing too complex.
A while ago while looking at my overall flow of email I noted this drop:
I thought it might be an anomaly or just a short interruption but it’s kept at this limit for a few weeks now. The only thing I can imagine is that some big botnet got shut down or very prolific spammer packed up shop as my average rate of connections have halved as in the graph.
There was a well publicized story in the news recently about Google also seeing a drop in spam their’s doesn’t seem to suggest a sudden drop but my stats and the news from them certainly makes me feel better.
by R.I. Pienaar | Nov 15, 2007 | Front Page
I am quite a big fan of CentOS, I run all my own systems on it and its my first recommendation for clients.
I’ve been using Red Hat since their Halloween release 31 October 1994. The major thing you notice about it is that it stays consistent and sticks to standards – usually existing ones without trying to make its own.
Consistency is really important in my mind from an Operating System, you do not want to redesign your own systems just because you go up a point release or even a major release. Red Hat more than certain other popular Linux Distribution has been providing this for years now.
CentOS gets the benefit of all of this plus provides you with a reasonably easy upgrade path to Red Hat should your investors for example require this, it maintains binary compatibility with Red Hat proper so you can rest assured that should the need arise to upgrade to a supported distribution you at least won’t need to redevelop your own code.
Why anyone would pay Red Hat support is another matter, I cannot remember a single instance of being satisfied with their support in the various places I’ve used them.
Anyway, 62976 processor core CentOS machines? Sun just announced their Constellation System HPC cluster based on their new blades as a backbone. From a searchdatacenter.com article the following:
The Sun Constellation CentOS Linux Cluster, named Ranger, will have 3,936 nodes, 123 terabytes of memory and 62,976 processor cores from AMD Opteron quad-core processors. The system is specifically designed to support very large science and engineering computing, according to TACC.
by R.I. Pienaar | Nov 5, 2007 | Front Page
I’ve been seeing some fake hostnames in my HTTP logs and did some investigation. What kind of idiot puts internal DNS names on routed ips?
% host -t any 42.165.55.65.in-addr.arpa
42.165.55.65.in-addr.arpa domain name pointer bl2sch1081908.phx.gbl.
Had to do some tcpdumps etc to get them because my apache logs doesn’t log hostname and IP address, but eventually found it:
OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
NetRange: 65.52.0.0 - 65.55.255.255
Some people should just be disconnected from the internet.
by R.I. Pienaar | Oct 30, 2007 | Front Page
Linux virtual hosting is all the rage today and there are literally thousands of companies doing it. One of the old hands in this market is Linode.com. They offer the usual type of thing really, bunch of operating systems to choose from, remote shell to manage it and the VM is essentially yours to do as you please.
Where they really shine though is in their admin tool, it allows you to profile your machine and allocate your alloted storage in many ways, you could for example have 1 linode with 20GB drive space but only use 5GB for one machine running Debian. The rest of the space can be used with OS images for RedHat or something else and you can freely choose to boot any of these as long as you only have one going at a time. I’ve not tried but you could no doubt also share 1 swap partition amongst a lot of OS images, or one /home partition so your development environment travels with you between the various operating systems.
That is really great for software developers who need to test their apps on many distributions. I’ve had machines at them since around 2003 now and have not once had cause to open a support ticket with them. I obviously had outages, the host machines need upgrading some times too and they post work notices on their forums etc about this.
The big thing though is that they don’t just leave you stuck with what you had years ago, they constantly upgrade you as they get more capacity. My machine there started off with 128MB RAM and 3GB drive space it has since without any involvement by me transformed into a 300MB RAM and 10GB storage allocation machine. Obviously my OS image did not grow, I just have some spare storage to allocate to VMs now. Really helpful when I want to rebuild the machine for instance to a newer version of the OS. My bills for these upgrades? Zero, no increase in rate and no setup charges.
If you’re in the VM market and looking for a machine in America, you just have to look at Linode.
by R.I. Pienaar | Oct 18, 2007 | Front Page
I’ve a machine at Hetzner DE and have been pretty happy with it and their service in general. I used to run VMWare Server on it for virtualisation but have become a bit annoyed at the totally unfixable clock problems that seems to be the norm with VMWare guests.
First the good news. I decided to give XEN a try on it, same setup same spec virtual machine on the host doing the same workload as before, below a CPU usage graph before and after, enough said.
I know it’s not the same technology etc, but XEN VMs will do what I need now so it seems a good option for me.
Now for the bad, I had a few problems:
- Hetzner uses a DHCP/TFTP rescue system that is very useful, if I make a mistake in a network config for example I can sort it out via this. XEN by default works in a bridged mode that will change the MAC address for your eth0 to FE:FF:FF:FF:FF:FF. The problem is that Hetzner uses Realtek NICs which as most people know are uber crap. When the machine gets a normal alt-ctrl-del or other reboot other than a power cycle the NIC does not reset to the original MAC. So if I get a crash I wont ever get to the rescue system. This cost me 119 Euro this weekend in support fees.
- In the past I had a few crashes on this machine, adding acpi=force irqpoll noapic to the kernel command line solved it, however the XEN kernel won’t poll my drives properly without removing the noapic bit, so I hope my machine doesn’t become unstable all of a sudden.
I am using CentOS 5.0 on this machine that came with XEN out of the box so installation was dead easy, creating new VM’s are easy etc and very importantly I can manage the VM’s all through text consoles which was a pain for me under VMWare as I don’t use Windows or Linux, getting console access was tough.
So about the MAC address, this turned out incredibly easy to fix by turning the machine into a routed network setup instead of a bridge, so previously the network was bridging eth0 with the vif’s from the virtual machines onto the wire, this required the MAC address of eth0 to change. Moving to a routed setup required the following changes:
/etc/sysctl.conf:
net.ipv4.ip_forward = 1
net.ipv4.conf.all.proxy_arp = 1
This basically enables routing and sets up proxy arp across all interfaces, this is to work with Hetzner’s routing where they don’t actually add a route to my subnet over my eth0 but over to the switch is connected too. Proxy ARP sorts this out.
/etc/xen/xend-config.sxp:
#(network-script network-bridge)
#(vif-script vif-bridge)
(vif-script vif-route)
(network-script network-route)
This points XEN to its provided route scripts rather than the bridge ones.
Reboot virtual machines and thats that. Machine is perfectly happy, routing traffic and MAC address is correct.
Bonus is now all traffic gets routed through my Dom0 and I can now do all the firewalling there outside of my DomU’s which enhances security as it is essentially a border firewall.
