System Administrator Inspiration

How do I become a better systems administrator?

The best way to become a better systems administrator is to fully understand the theory of what’s happening in your server’s environment.

What do I mean by that? Learn why things aren’t happening as you expected and think about all of the factors that could possibly be involved. Instead of thinking purely about cause and effect, you’ll find it much easier and rewarding to consider everything inside and outside your environment before you make any changes.

This still may be a little difficult to fully understand, so he’s an example. Let’s say you’re handling an issue where a customer can’t reach a website hosted on their server. When you ask them for more details, they might give you the dreaded reply: “It’s not coming up.” Start by making a mental list of the problems that are easiest to check:

• Is the web server daemon running?
• If a database server is being used, is it running and accessible?
• Is there a software/hardware firewall blocking port 80?
• Is a script stuck on the server tying up resources?
• Could there be a DNS resolution problem?
• Is the server up?
• Did a switch fail?
• Is the server’s hard disk out of space?
• Can the customer reach other websites like Google or Yahoo?
• If SELinux is involved, have the appropriate contexts been set?
• Could the site be a target of a denial of service attack?
• Has the server reached its connection tracking limit?

Of course, this is a relatively short list, but these are all easy to check. If you’re thinking about cause and effect, you might only consider the web server daemon and some basic network issues. By considering all of the other factors that may be related, you’ve ensured that all of the basics are covered before you consider more complex problems.

Most systems administrators have taken an error message and tossed it in en masse into Google before. Occasionally, no results will appear for the search. If you find yourself in this situation, try to understand the individual parts of the error message. Work outward from what you know already. You should know which daemon said it, and you may have an idea of what the application was doing when the error occurred. Take time to consider what the daemon is trying to tell you within the context of what it was doing at the time.

One of the easiest ways to force yourself to be immersed into this way of thinking is to host applications for non-technical people. You’ll find that many customers want things done differently, and they’re all at different levels of technical aptitude. Some may find it a frustrating experience at first, but you’ll think yourself later. It will force you to consider all aspects of how a server operates since you might not always know what’s happening within a customer’s application.

As always, if you find yourself stumbling, remember to ask your peers and colleagues. Even if they haven’t seen the particular issue, they will probably be able to guide you closer to the solution you seek.

Basic configuration of Cisco IOS with SSH

Here is my _very_ basic configuration of a Cisco router running IOS. Just remember to change all {VARIABLE} to the correct value including the {} part.

This will result in an all basic configured router, running SSH and with a user you can use to log in through SSH.

Router> enable
 
Router# configure terminal
 
Router(config)# hostname {ROUTER_NAME}
 
Router(config)# enable secret 0 {ENABLE_PASSWORD}
 
Router(config)# interface fastEthernet 0/0
 
Router(config-if)# ip address {IP_ADDRESS} {SUBNET_MASK}
 
Router(config-if)# full-duplex
 
Router(config-if)# speed 100
 
Router(config-if)# no shutdown
 
Router(config-if)# exit
 
Router(config)# username {USERNAME} privilege {PRIVILEGE_LEVEL} secret 0 {USER_PASSWORD}
 
Router(config)# ip domain name {DOMAIN_NAME}
 
Router(config)# crypto key generate rsa
How many bits in the modulus [512]: 2048
 
Router(config)# line vty 0 4
 
Router(config-line)# login local
 
Router(config-line)# transport input ssh
 
Router(config-line)# exit
 
Router(config)# ip routing
 
Router(config)# exit
 
Router# show running-config
 
Router# copy running-config startup-config
Destination filename [startup-config]? [PRESS_ENTER]
 
Router# exit

Difference between SIGTERM & SIGKILL

Sending signals to processes using kill on a Unix system is not a new topic for most systems administrators, but I’ve been asked many times about the difference between kill and kill -9.

Anytime you use kill on a process, you’re actually sending the process a signal (in almost all situations – I’ll get into that soon). Standard C applications have a header file that contains the steps that the process should follow if it receives a particular signal. You can get an entire list of the available signals on your system by checking the man page for kill.

Consider a command like this:

kill 2563

This would send a signal called SIGTERM to the process. Once the process receives the notice, a few different things can happen:

• the process may stop immediately
• the process may stop after a short delay after cleaning up resources
• the process may keep running indefinitely

The application can determine what it wants to do once a SIGTERM is received. While most applications will clean up their resources and stop, some may not. An application may be configured to do something completely different when a SIGTERM is received. Also, if the application is in a bad state, such as waiting for disk I/O, it may not be able to act on the signal that was sent.

Most system administrators will usually resort to the more abrupt signal when an application doesn’t respond to a SIGTERM:

kill -9 2563

The -9 tells the kill command that you want to send signal #9, which is called SIGKILL. With a name like that, it’s obvious that this signal carries a little more weight.

Although SIGKILL is defined in the same signal header file as SIGTERM, it cannot be ignored by the process. In fact, the process isn’t even made aware of the SIGKILL signal since the signal goes straight to the kernel init. At that point, init will stop the process. The process never gets the opportunity to catch the signal and act on it.

However, the kernel may not be able to successfully kill the process in some situations. If the process is waiting for network or disk I/O, the kernel won’t be able to stop it. Zombie processes and processes caught in an uninterruptible sleep cannot be stopped by the kernel, either. A reboot is required to clear those processes from the system.

A geek`s perspective on cloud hosting

The term “cloud hosting” has become more popular over the past few years and it seems like everyone is talking about it. I’m often asked by customers and coworkers about what cloud hosting really is. Where does traditional dedicated hosting end and cloud begin? Do they overlap? Who needs cloud and who doesn’t?

You can’t talk about cloud hosting without defining it first. When I think of “cloud”, these are the things that come to mind:

• quickly add/remove resources with little or no lead time
• hosting platforms that allow for quick provisioning of highly available systems
• self-service adjustment of tangible and intangible resources that normally require human intervention

That list may seem a bit vague at first, but try to let it sink in just a bit. Hosting applications in a “cloud” shouldn’t mean that you must have a virtual instance running on Xen, KVM or VMWare, and it shouldn’t mean that you must have an account with Rackspace Cloud, Amazon EC2, or Microsoft Azure. It means that your hosting operations are highly automated and you can rapidly allocate and deallocate resources for the requirements of your current projects.

Consider this: a customer of a traditional dedicated hosting provider decides to take their applications and host them on one VPS at a leading commercial provider. That provider allows the customer to spin up new VM’s in a matter of minutes and re-image the VM’s whenever they like. Is that cloud hosting? I’d say yes — even if it’s one single virtual instance. That customer has moved from a hosting system with manual interventions and extended lead times to a system where they have instant control over their resources.

It’s not possible to talk about what cloud is without talking about what it isn’t.

• Cloud is not infinitely scalable. If any provider ever claims that their solution is “infinitely scalable”, you should be skeptical. Regardless of the provider, everyone eventually runs out of datacenter space, servers, network bandwidth, or power. (If you know of a provider that is infinitely scalable, please let me know as I’d love to see their facilities and review their supply chain.)
• Cloud isn’t right for everybody. Some applications have demands that cloud hosting might not be able to meet (yet). If an application depends on proprietary hardware that is difficult to virtualize or rapidly allocate, cloud hosting is probably not the answer for that particular application.
• Cloud doesn’t mean VPS. VPS doesn’t mean cloud. As I said before, having a virtual private server environment is not a pre-requisite for cloud hosting. Also, not all VPS solutions fit my definition of cloud as they don’t allow for rapid deployments and resource adjustments.

It’s important to remember that cloud hosting is a marketing term. As for the technology of cloud, it’s what you make of it. You should be looking to reduce costs, solidify availability and increase performance every day. If the ideals of cloud hosting help you do that, it might be the right option for you.

No sound problem in Ubuntu

One after another 17 days have passed.. till today my laptop was completely silent when i booted into Ubuntu. But now, just 10 mins back, after a lot of hit and trial with driver model, I could make my laptop speak. Here’s what I did.
Though I specified this as ubuntu problem in title, it the problem of alsa; it’s not recognizing your device.

I completely forgot what I did to mess up my laptop-sound-system, so i thought to start afresh.
I removed the alsa and pulseaudio completely. And One thing I would like to mention: I am completely unfamiliar about the interaction of alsa and pulseaudio with the sound system. This is my first deal with sound system of linux to this depth.

sudo apt-get --purge remove linux-sound-base alsa-base alsa-utils \
       "pulseaudio-*"

Then I did a quick Reboot; just playing safe. (Karmic boots on/off so fast, I am fan of it.)
Next I reinstalled the alsa with pulseaudio.

sudo apt-get install linux-sound-base alsa-base alsa-utils \
       libasound2-plugins "pulseaudio-*" paman padevchooser \
       paprefs pavucontrol pavumeter 

Then, I appended following lines to the file /etc/modprobe.d/alsa-base.conf
alias snd-card-0 snd-hda-intel
alias sound-slot-0 snd-hda-intel
options snd-hda-intel model=dell-m6
options snd-hda-intel enable_msi=1

The bold faced “model=dell-m6″ was the main hack for the system to work.

Then after another quick boot, I got the sound.

Saving Keystrokes With Bash

Bash is a wonderful fully featured shell that provides a multitude of ways to cut back on your keystrokes. One of my favorite features, which I don’t see used often enough, is brace expansion. Simply put, brace expansion lets you specify multiple similar arguments without retyping the commonalities. Let’s take a look at how this is accomplished.

With this handy feature, you can do a multitude of things. You can make a backup copy of a file:

cp /etc/mpd.conf{,~}  #Same as cp /etc/mpd.conf /etc/mpd.conf~

Then you can restore that file:

cp /etc/mpd.conf{~,}  #Same as cp /etc/mpd.conf~ /etc/mpd.conf

Obviously, it doesn’t stop here. You can make a whole directory structure:

mkdir -p /skynet/{usr,opt}/{rw,ro}
#Same as mkdir -p /skynet/usr/rw /skynet/usr/ro /skynet/opt/rw /skynet/opt/ro

Bash will expand ranges as well. You can create a zero padded range like so:

echo {000..100}  #Will print 000 001 002 003 ... 097 098 099 100

Ranges aren’t limited to being numerical. Better yet, expressions can be the preamble and postscript to each other.

echo {0..9}{A..Z}   #Prints 260 strings!

If you really use your noodle you can nest expressions, though I’ve personally not come across a situation where this has been needed (yet).

Grep Sed and Awk

In this post I will list commands that I use and include at least one of grep,sed or awk.
cat filename | grep "phrase"
Search line containing phrase in file

cat filename | grep -v "phrase"
Search line not containing phrase in file
cat filename | grep "phrase1\|phrase2"
Search lines containing phrase1 or phrase2 in file.
sed -i "s/phrase1/phrase2/g" ./filename
Replace phrase1 with phrase2 in file.
sed -i "s/[ ]*\(.*\)[ ]*/\1/g" ./filename
Trim spaces of each line of the file.
awk '{if($7=="2") $7="5"; print;}' file
Conditional modification. Field no.7 is is replaced by “5″ if it is “2″. The default field seperator is .
uptime | awk 'BEGIN {FS=" "} { gsub(",",""); if (index($0,"day")) {gsub(":"," hours, ",$5);print $3" "$4", "$5" minutes"} else {gsub(":"," hours, ",$3); print $3" minutes"}}'
Get the Uptime in a proper and clear format.
ls | grep -v 'file or folder or regex' | xargs -I{} mv {} /target/folder/
Move all but one to /target/folder. You can also use it to move all the files/directories in current directory to another directory in the same path.Be Aware: The Target directory should exist. Just to be at the safe side, I suggest not to miss the slash (/) at the end. This will give you warning/error if you messed up something.

For now I have just listed few that came in my mind; just thought to prepare a seed.
I’ll promise to grow this list as soon as they come to my mind.

Note: If you have some commands in your mind, that you regularly use, you can post it as comment.

Verify IPv4 address in php using regex

A simple function in php to verify IPV4 Address. It is completely based in regex and does full ip verifying.
It tests the ip for;
1. Need 4 numeric blocks separated by a dot.
2. Each numeric block must noot exceed 255.
3. Shouldn’t contain space. So remember to trim before calling this function.

function isINetAddress($ipaddr){
if( preg_match( "/^((?:25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9]).){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])$/m",$ipaddr) > 0)
return true;
}

This can’t me more simpler.
Enjoy!

Dropbox for BlackBerry is here (beta)

Given Dropbox is available for so many other devices, this latest bit comes with less surprise. That said, it is good news nonetheless. Dropbox has just announced the beta of their BlackBerry app. The catch so far, the app is available in a limited beta, which means you may or may not get access right now. In other words, if you are a BlackBerry user and want Dropbox—stop reading and hit the read link below. Otherwise, the BlackBerry app remains as what we have come to love with Dropbox including a free account that offers 2GB of storage and being able to access your files from a wide variety of devices.

Download from Here

I am on the Beta and I can say that the app is very clean and simple. When you open it you just login and you see all your files. You can see pictures as thumbnails. You can also upload a photo from your BB to your dropbox. There’s a search option if you have a lot of files to go through. As I said this app is simple so the only customizable setting is the cache size that can go from 1 to 60 mb. So far so good!

Split and merge pdf files in Ubuntu

The easiest way to split, merge or edit pdf files in Ubuntu is to use pdftk utility. This rather old (latest version was released in 2006) but still simple and powerful program can be installed in Ubuntu (Debian or any deb-family Linux distribution) by the following command in terminal:

sudo aptitude install pdftk

(if you run Fedora, RedHat or CentOS use this one: yum install pdftk)

Split large pdf into many one-page files:

pdftk largepdfile.pdf burst

(as the result you will get many small files like pg_0001.pdf, pg_0002.pdf and so on).

Merge files into one PDF file:

pdftk *.pdf cat output onelargepdfile.pdf

pdftk is extremely powerful and makes it possible to do almost anything with input pdf files. Thus above two commands are just examples showing how to split and merge pdf files in Ubuntu easily.