Developers Club geek daily blog

Program Internet gateway for not the small company (Shorewall, OpenVPN, OSPF). Part 2

2 years, 10 months ago
I submit the second article from a series, the "continuing" system administrators oriented on, for experienced I will hardly open something new.
In these articles we will consider creation of the Internet gateway on linux allowing to connect several offices of the company and to provide limited access in a network, a prioritetzation of a traffic (QoS) and simple balancing of loading with reservation of the channel between two providers.
Specifically in this part:
  • More detailed Shorewall setup
  • Terrible and not clear QoS
  • Balancing of loading and reservation

And in the previous part were considered:
  • The elementary Shorewall setup
  • Awfully difficult dnsmasq setup
  • Not less difficult OpenVPN setup
  • And for many continuing administrators atypical, dynamic routing, on the example of OSPF

Read more »

The logrotate setup + access for collecting of logs on SFTP

2 years, 10 months ago
I had a task: to configure compression of logs of the DNS Unbound server, with a possibility of convenient collecting of these backups in a collector. Also it was required to limit access rights that from a collector it was possible to come only into a directory where backups of logs are stored. Carried out the specified actions on CentOS 7 Minimal and CentOS 6.6 Minimal.

Read more »

We monitor S.M.A.R.T. in Zabbix

2 years, 10 months ago
For those who uses Zabbix, and wants will learn to do the templates and to monitor not standard systems (which are not in Zabbix yet), and also,
who needs expanded monitoring of S.M.A.R.T., and whom already existing templates did not arrange, I ask under kat.

Read more »

Why calculation of pertsentily works not as you expect?

2 years, 10 months ago
Often clients ask us about a p99-metrics (the 99th pertsentil).

It is definitely reasonable request and we are going to add similar functionality to VividCortex (I will tell about it later). But at the same time, when clients ask about it, they mean something absolutely certain — something that can be a problem. They ask not the 99th pertsentil on some metrics, they ask a metrics on the 99th pertsentilyu. This commonplace for such systems as Graphite, but all this yields not that result which from such systems is expected. It is a post will tell you that, perhaps, you have incorrect representations about pertsentil, about exact degree of your delusions and about what all of you can make correctly in this case.

(It is transfer of article which was written by Baron Schwartz.)

Read more »

Process priority, or attempt to optimize is a little more server

2 years, 10 months ago

In a case when a startup the project young and perspective, but the budget is strongly limited — it is necessary to squeeze out a maximum possible from the available resources.
Well if money under an equipment upgrade is budgeted (in mythical good time), but now it is necessary to receive performance maximum from the available resources.

On open spaces of the Internet there are many articles on a subject as to implement it — failure from LAMP for benefit of nginx+php-fpm or uWSGI (out of need), their thin setup (we do not forget to cache a statics), the PHP installation of an accelerator, tuning of DBMS (if it is used), and other useful things.

But even at installation and competent execution of all points it is possible to optimize work of services a little more.

Read more »

Why to you the best practicians of management of IT infrastructure?

2 years, 10 months ago
As you work: instinctively or on science? Probably, nobody will give a definite answer: work in the IT sphere assumes a combination of experience and technologies, exact instructions, regulations and beautiful, even talented, engineering finds. Anyway, experience solves. And how about others experience? In the world the set of the codes and rules intended for work of IT services which are integrated by concept with a marketing shade — "the best practicians" is created. It is the experience created by a set of the companies and allowing it is quite simple to solve standard problems.

In a post we will tell that such ITIL, ITSM, CobiT, DevOps as they are connected and why even system administrators of the small companies have to know something about these abbreviations.

Read more »

FlexPod Express: UCS-Managed configuration

2 years, 10 months ago
Among three previous configurations of Small/Medium/Large in architecture of FlexPod Express one more appeared under the name Cisco UCS-Managed. In this article the speech about this new configuration will go. FlexPod Express and FlexPod Datacenter are divided into two main types of connection: direct connection of SHD to servers (between SHD and servers there is no switch) or via the switch (between SHD and servers there is a switch), I will remind that Fabric Interconnect is not the switch, but part of the UCS domain of servers.

It should be noted several important differences of a new configuration from previous three.
  • First in architecture there were Fabric Interconnect, let also performed by the internal devices installed in the UCS Mini chassis with blades.
  • Secondly in architecture the possibility of direct connection of SHD to Fabric Interconnect appeared, earlier between servers and SHD there shall be a switch. At the same time the switch had to be only Nexus (3048/3500/9300).
  • In the third if we have a configuration of FlexPod Express Cisco UCS-Managed with direct connection, the switch for connection of ultimate users shall not be Nexus. Now it can be any standard switch maintaining fault tolerance on similarity of Multi Chassis Etherchannel. But if between UCS and FAS the switch is necessary, then the switch is obliged to be Nexus.

Read more »

Let’s Encrypt in a Plesk-panel

2 years, 10 months ago
On December 3 there was a public release of a beta of Let's Encrypt. This joyful event was already covered on Habré. Briefly I will remind, this piece gives the chance to set the free entrusted certificate on the website. In addition to free certificates, Let's Encrypt still the tool for invoicing, updating, a withdrawal of certificates that, as envisioned by authors, will facilitate life to system administrators.

In this article I will tell about features of Let's Encrypt about which you should not forget, and about how to use it if your server works under control of the Plesk panel.

Read more »

Updating of day from Microsoft: KB3104002

2 years, 10 months ago

The packet of December updates of Microsoft appeared not without surprises. The cumulative security update for Internet Explorer KB3104002 can make impossible correct work with the websites written on classical ASP.

Symptoms: You cannot upload files by using classic ASP applications in Internet Explorer after you install security update 3104002.

Allegedly, the problem is shown on the pages containing the following construction

 form method="POST" action="page.asp" ENCTYPE="multipart/form-data" name="myForm" 

Does not change the adjusting Hotfix KB3125446 which, by the way, it will not turn out to import regularly to WSUS, a situation. It is possible to solve a problem only having uninstalled the KB3104002 updating.

Read more »

Zabbix + SoapUI = monitoring of web services

2 years, 10 months ago
Today there is a set of applications and program complexes from different developers which we use for a solution of the general tasks. Data exchange and interaction between applications provide web services. For testing of their work, interaction debugging among themselves and client applications the set of tools is also released. The most popular of them – SoapUI: it supports SOAP/WSDL, REST, HTTP(S), JDBS, JMS and possesses a tool kit which allow to make testing simpler and more evident. SoapUI acts as test service and the test client and allows to test integration of subsystems. It is possible to get acquainted with the tool on the official site of the developer in more detail.

If for a solution of an objective one computer and a complex of applications is used, breakdown of the PC or failure of one of programs comes to light quickly. But what to do when in the organization there are a lot of technical means and software products? Physically difficult and very costly to monitor and each free minute to check, whether all as it should be. For a solution of this task specialized program systems which you will find much in the Internet come to the rescue: one of them – Zabbix.

Read more »