Skip to content

123Unix!com

Easy Automation is Here

  • About
  • Ask a Question
  • Automation Services
  • About
  • Ask a Question
  • Automation Services

Tag Archives: Computing

  • Home
  • Posts tagged "Computing"

Servers are cattle, not pets

This is the essence of the Chapter 9 “Cloud Computing” of the “UNIX and Linux System Administration Handbook.”

Indeed, you need to treat cloud “servers” as disposable, otherwise it is going to cost you more than your existing in-house server fleet – just like with real cattle it would be more expensive to keep even a small herd at home compared to a single, albeit rare-breed super dog.

On other notes:

  • when moving into cloud, system administrator’s role shrinks considerably:
    • – administrators’ duties are shifted from in-house’ to in-cloud’s admins
      • 1) from local servers to IaaS: half (5/10) of the layers to administer are dropped
      • 2) from IaaS to PaaS: another 2/5 is dropped
      • 3) in SaaS virtually no work is left for the in-company system administrator
    • automation
      • – AWS CloudFormation (native, error prone)
      • – Troposphere Python library – eases CF
      • – Terraform

    And a few quotes from the book:

    – servers should be treated as cattle, not as pets

    – A system is said to be cloud native if it is reliable even in the face of unanticipated events.

    – hybrid cloud
    — operating two distinct cloud presences in tandem increases complexity more than proportionally.

    – AWS offers on-site visits from the AWS Snowmobile, a 45-foot long shipping container towed by a semi truck than can transfer 100 PiB from your data center to the cloud.

    – access controls should conform to the principle of least privilege

    – Serverless functions hold great promise for the industry.
    — AWS introduced Lambda, their cloud function service, at a conference in 2014.
    — Google followed shortly with a Cloud Functions service.
    — Several cloud function implementations exist for projects like OpenStack, Mesos, and Kubernetes.

    – Costs
    — new cloud customers are often surprised when costs climb quickly.
    — third party cloud use analyze services to optimize overprovisioning:
    — Cloudability
    — CloudHealth

  • 31 Jan, 2020
  • (0) Comments
  • By Alex
  • Training

cron vs. systemd timers

This is from the Chapter 4 about the process control of the “UNIX and Linux System Administration Handbook” – once again systemd ripples the waters and, IMO is almost a clear winner, despite the hesitation expressed by the book authors.

systemd timers is a feature superset of cron, and rather huge one at that. Out of six systemd timer types only one(!) is a direct representation of what cron is usually in charge of: OnCalendar. (Sure, some implementation of cron are capable of meta time specificators, like @reboot, which is yet another timer type – OnBootSec – in the realm of systemd, but anyway.)

What I personally like about systemd timers are:

  • Sub-minute (actually it is sub-second) precision. Sometimes it is badly needed.
  • Accuracy specification with AccuracySec. This is a cool substitute for the hackish random delay tricks for the classic cron, which is a must for large server farms managed by a CM system.
  • AND operator for OnCalendar time specifications instead of cron’s traditional OR. It was always a great mystery to me why cron had it as OR from the conception.
  • Centralized point of periodic tasks management. It’s been daunting me for ages to find the exact place a particular cron job was defined at, with the myriad of cron files and directories throughout the system (/etc/crontab /var/cron/tabs /var/spool/cron /etc/cron.{d,daily,monthly,weekly} etc). With systemd it is a simple systemctl list-timers

Sadly, quite a few things still go vague, even after a review by such a great cohort of world-famous admins:

  • Zombie processes. The nature of zombie processes is described rather vaguely, they are not at all demystified.
  • DATA (SIZE in FreeBSD) field is hidden from the top display for a reason. This piece of data is rather useless, at least compared to the RES item, or am I still missing something?
  • strace usage examples could be a little more practical, because when you first try it, it is either too simple, like with tracing cp, or too complex, like with monitoring firefox.
  • 4 Jul, 2018
  • (0) Comments
  • By Alex
  • Training

sudo or not sudo

Nothing prevents you from changing the username on this [root] account or from creating additional accounts whose UIDs are 0; however, these are both bad ideas.

That was the most profound saying in probably the most boring chapter of the “UNIX and Linux System Administration Handbook”, Chapter 3, about the root account and related topics.

Still, it provides some interesting points, notably about Mandatory Access Control (MAC) and Role-based Access Control (RBAC).

Interestingly, these are the areas where Linux has been lagging behind Microsoft Windows, only having discretionary access control facilities taken from the classic Unix. Proprietary Unix variants, like HP-UX, AIX and Solaris have been closer to leading the way here.

A cool approach at building SELinux policies is mentioned in the chapter. A tool (audit2allow) compiles a policy from the policy violations triggered and logged. Clever, though not foolproof.

Another controversial practice suggested in this chapter is the rule of using sudo for all administrative work.

It is a non-trivial question of what is ultimately more secure: entering a password every 5 minutes for sudo or having a root terminal on standby, authenticated just once at session startup and protected by generic Xwindow session protection mechanisms like screen auto lock and biometrics authentication.

  • 3 Jul, 2018
  • (0) Comments
  • By Alex
  • Training

System administration: How to start?

Today, a good friend of mine Nikolai Dyumin, a seasoned PhD in mathematics, asked me of a recommended book on the Unix system administration topic.

Immediately I recalled of the “Unix System Administration Handbook” by Evi Nemeth “and kids” paper back sample of the 2nd edition I have had and praised a lot since my early student years. It is a Russian translation (one of the best technical book translations I have ever read), pretty used already, nevertheless offering a good deal of timeless Unix philosophy inside.

While the book is still relevant in the terms of general administrator’s job approaches and concepts, a large part of it has become hopelessly obsolete over the past couple of decades of me owning it. Indeed, who still remembers the RS-232 cables or who does add user accounts directly on the host without any intermediary configuration management system or a centralized directory these days?

In an attempt to refine my book recommendation I went ahead and browsed a bit, and lo and behold! the 5th(!) edition of the book, modernly re-titled “UNIX and Linux System Administration Handbook”, just popped up on my screen.

Looking inside the new edition made me realize just how much time has passed!

The book starts by telling us Evi Nemeth, the most renowned SysAdmin ever who is also a sailor, is no longer with us.

One of the Evi’s mottoes listed in preface states “Be conservative in what you send and liberal in what you receive” truly summarizes the essence of the SysAdmin’s character. Think of it. Probably half of the rest of the Evi’s tenets are largely variations on this one. Take for example “Be liberal in who you hire, but fire early” – that’s the same thing, basically!

And then there was the 1st chapter. A few quotes warrant bringing up.

your response to these [stupid] issues [like “I spilled coffee on my keyboard! Should I pour water on it to wash it out?”] affects your perceived value as an administrator far more than does any actual technical skill you might possess. You can either howl at the injustice of it all, or you can delight in the fact that a single well-handled trouble ticket scores more brownie points than five hours of midnight debugging.

– indeed, a system administrator is a psychologist first. Most administrator’s customers just need someone to understand their problem, regardless of the problem’s nature.

Use it [the nano editor] discreetly; professional administrators may be visibly distressed if they witness a peer running nano.

– looks so familiar!

Gartner found that AWS is ten times the size of all competitors combined

Have you ever thought AWS is that large? I haven’t. Doesn’t it qualify AWS as a monopoly?

As a system administrator, it’s in your best interest to befriend data center technicians and bribe them with coffee, caffeinated soft drinks, and alcoholic beverages.

– interesting, why the authors take the hardware specialists for confirmed drunkards? Is the hand work considered easier than the scripting or security testing while drunk? Or is this type of work more depressing?

Anyway, having recommended such a profound book of about 1300 pages to someone who is a scientist, I thought why wouldn’t I read the new edition myself? If nothing else, this’ll:

  • make my Unix philosophy freshly organized,
  • update me on the current technology trends in a good systematic manner,
  • help me grow professionally by learning from great professionals,
  • entertain me once again with the cool writing style.

It just occurred to me that:

  • today is the 1st of the month,
  • the month has 31 days, and
  • this 5th edition of the book happens to have precisely 31 chapters, conveniently and sequentially numbered through the four book parts.

So what am I still waiting for?! I’m starting on the quest of “A chapter a day” today with this fine book!

  • 1 Jul, 2018
  • (0) Comments
  • By Alex
  • Training

32-bit or 64-bit for Linux desktop?

Various Linux distros have long been offering both 32- and 64-bit options for download.

While traditionally 64-bit was tout as “For more than 4GB of RAM”, those downloads are gradually becoming more common. So I decided to investigate a little deeper into what’s wrong with running 64-bit on smaller systems.

Read More

  • 5 Feb, 2013
  • (0) Comments
  • By Alex
  • /var/log, News

Clean up EXIF tags in digital photos with 1-liner

Use the following one-line script to control witch EXIF data to leave in the photos published online:

exiftool -P -overwrite_original -all= -tagsFromFile @ -ExposureTime -MeteringMode -Flash -FocalLength -FocalLengthIn35mmFormat -FocusDistance -VibrationReduction -FocusMode -CreateDate -DateTimeOriginal -ISO -FNumber -UserComment -copyright='(c)2011, Alexander Shcheblikin' -artist='Alexander Shcheblikin' -model="Sasha's DX dSLR" _DSC*jpg

This should all be entered on one line (note: the dashes which hang over the ends of the lines must actually be adjacent to the command line switches following them).

This is a power tool affecting multiple files at once and it will process all the files matching _DSC*jpg pattern in the current directory.

To retain original files remove the -overwrite_original parameter

exiftool is available natively in Linux/UNIX as a Perl library and a front-end script and as a standalone executable for Windows and a package for Mac OS X.

  • 7 Feb, 2012
  • (0) Comments
  • By Alex
  • Tools

dataserv.exe: energy hog #1 from APC, not so “green”

This service from APC is supposed to take care of calculating energy usage.

The irony of this all is that this process holds one of the top positions in CPU hogs list. Take a look: it takes more CPU cycles than many of the most demanding processes in the system – virtual machines. (In other words, killing dataserv.exe would allow to run an extra full-fledged virtual computer!)
Read More

  • 14 Apr, 2011
  • (4) Comments
  • By Alex
  • /var/log