Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »
sysadmin

sysadmin

A room to share about system administration
imabonehead
"Talk for AWS re:Invent 2014. Video: https://www.youtube.com/watch... . Netflix tunes Amazon EC2 instances for maximum performance. In this session, you learn how Netflix configures the fastest possible EC2 instances, while reducing latency outliers. This session explores the various Xen modes (e.g., HVM, PV, etc.) and how they are optimized for different workloads. Hear how Netflix chooses Linux kernel versions based on desired performance characteristics and receive a firsthand look at how they set kernel tunables, including hugepages. You also hear about Netflix’s use of SR-IOV to enable enhanced networking and their approach to observability, which can exonerate EC2 issues and direct attention back to application performance." - imabonehead from Bookmarklet
imabonehead
"Introduction to the Bosun monitoring system, focusing on the problems it solves." - imabonehead from Bookmarklet
imabonehead
"John Wilkes discusses cluster management at Google in his keynote speech from #MesosCon 2014." - imabonehead from Bookmarklet
imabonehead
Supermicro A1SRM-LN7F-2758 Review - Awesome!ServeTheHome – Server and Workstation Reviews - http://www.servethehome.com/Server-...
Supermicro A1SRM-LN7F-2758 Review - Awesome!ServeTheHome – Server and Workstation Reviews
Supermicro A1SRM-LN7F-2758 Review - Awesome!ServeTheHome – Server and Workstation Reviews
"The Supermicro A1SRM-LN7F-2758 combines an 8-core Intel processor with QuickAssist acceleration along with 7 gigabit NICs and out-of-band management." - imabonehead from Bookmarklet
imabonehead
"The Bash vulnerability known as Shellshock can be exploited via several attack surfaces including web applications, DHCP, SIP, and SMTP. With multiple proofs of concept (including Metasploit code) available in the public domain, this vulnerability is being heavily exploited." - imabonehead from Bookmarklet
"Most discussion of Shellshock attacks have focused on attacks on web apps. There has been relatively little discussion on on other surfaces like DHCP, SMTP, and CUPS. In this post, we’ll tackle Shellshock exploits over the DHCP protocol. These techniques could be used by an attacker to compromise more machines within the network." - imabonehead
imabonehead
Data Recovery Techniques on Linux | HowtoForge - Linux Howtos and Tutorials - http://www.howtoforge.com/data-re...
"Data stored in files has a table of contents which indicates the storage location for each file on the drive. When we remove or delete a file the file goes into the trash. Files removed using rm command can be easily recovered. Removal/Deletion of a file leads to the removal of only of the table of contents. This states that now the space from which the file is removed is ready for new data to be stored; so while in the case of new data having been written over that space the recovery of the old data becomes difficult. But, if there is no new data written there, we can still recover it. First, let's go through a few Dos and Don'ts ." - imabonehead from Bookmarklet
imabonehead
Spotify is Powered by Linux and Open Source | Linux.com - http://www.linux.com/news...
Spotify is Powered by Linux and Open Source | Linux.com
"Spotify has more than 5,000 physical (not virtual) servers and four different data centers running Debian GNU/Linux. The songs are encoded using yet another open source project, Ogg Vorbis, which is a free software audio codec." - imabonehead from Bookmarklet
imabonehead
Rolling updates with Ansible and Apache reverse proxies « Arrfab's Blog - http://arrfab.net/blog/?p=410
Rolling updates with Ansible and Apache reverse proxies « Arrfab's Blog
"When you want to put a backend node/web server node in maintenance mode (to change configuration/update package/update app/whatever), you just "remove" that node from the production flow, do what you need to do, verify it's up again and put that node back in production. The principle of "rolling updates" is then interesting as you still have 24/7 flows in production. But what if you're not in charge of the whole infrastructure ? AKA for example you're in charge of some servers, but not the load balancers in front of your infrastructure. Let's consider the following situation, and how we'll use ansible to still disable/enable a backend server behind Apache reverse proxies." - imabonehead from Bookmarklet
imabonehead
logstalgia - website access log visualization - Google Project Hosting - https://code.google.com/p...
logstalgia - website access log visualization - Google Project Hosting
"Logstalgia (aka ApachePong) is a website access log visualization tool." - imabonehead from Bookmarklet
imabonehead
Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions | Forensic Focus - Articles - http://articles.forensicfocus.com/2014...
Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions | Forensic Focus - Articles
"SSD drives are getting more complex, adding over-provisioning support and using compression for better performance and wear leveling. However, because of the increased complexity, even seasoned manufacturers released SSD drives with buggy firmware, causing improper operation of TRIM and garbage collection functionality. Considering just how complex today’s SSD drives have become, it’s surprising these things do work, even occasionally. The playfield is constantly changing, but what we know now about SSD forensics gives hope." - imabonehead from Bookmarklet
imabonehead
Free tool simplifies SHA-2 migration for system administrators - http://www.net-security.org/secworl...
"DigiCert released a free tool which helps system administrators analyze their use of SHA-1 hashing algorithms across all domains and subdomains and map out a path for SHA-2 migration. Google’s announcement that it would accelerate deprecation of SHA-1 certificates, including giving untrusted warnings to sites with SHA-1 certificates that expire in 2016, makes it necessary for many administrators to migrate to SHA-2 by as early as November or risk their customers receiving downgraded trust indicators in Chrome." - imabonehead from Bookmarklet
imabonehead
"You shouldn't use Nagios any more - it sucks. Let's build a new, better, more awesome monitoring system." - imabonehead from Bookmarklet
imabonehead
"Linux distributions still ship with the assumption that they will be multi-user systems, meaning resource limits are set for a normal human doing day-to-day desktop work. For a high-performance system trying to serve thousands of concurrent network clients, these limits are far too low. If you have an online game or web app that’s pushing the envelope, these settings can help increase awesomeness." - imabonehead from Bookmarklet
I knew about decreasing swappiness (I've gone so far as to drop it to 0), and I had run into issues where it was necessary to increase the number of file descriptors to unbreak things. Will need to re-read this one a few times. - Julian
Kevin Johnson
Today I'm hosting a Chef Summit at work (yes, the config-mgmt kind, not the food kind). Expecting 250 attendees, with catered food and door prizes. I managed to line up the Chef CTO as the keynote. Going to be crazy awesome!!! You should be jealous.
*jealous* - imabonehead
I was amazed that I was able to get the Chef CTO lined up. He's basically giving the keynote he did at ChefConf 2013. Worth a watch if you haven't seen it. - Kevin Johnson
So the videos will eventually be posted publicly? - imabonehead
Unlikely for this event (but I'll be asking), but the ConfConf 2013 keynote is on youtube. - Kevin Johnson
What no outside invitations? Whats the deal? Throw some knife love.. ;) - Me
The summit was awesome. Adam Jacob knocked it out of the park. - Kevin Johnson from Android
*jealous^2* - imabonehead
imabonehead
"Network device configuration backups and change alerts for the 21st century - inspired by RANCID!" - imabonehead from Bookmarklet
imabonehead
FreeBSD and Raspberry Pi GPS/NTP (Part 1) » Cryptomonkeys - https://www.cryptomonkeys.com/2014...
"I’ve been *needing* to have a reliable time server and yet I don’t need something that is large, or consumes a lot of power. Enter the Raspberry Pi. I picked up a Cana Kit, Model B, a 700MHz ARM SoC (System on Chip), 512MB RAM, USB, Ethernet, SD slot. It came with all the bits needed to get started. A bit of google work turned up some hints on putting FreeBSD on it. FreeBSD offers the ability to provide PPS (pulse per second) to facilitate better time tracking (used as input to NTP). If you wish to do this, you need to create a new kernel config file, define the PPS option, and include the generic config." - imabonehead from Bookmarklet
no part 2....*sad panda* - imabonehead
imabonehead
notch - A Network Operator's Toolkit for Command-line Hacking - Google Project Hosting - https://code.google.com/p...
"Notch is web service and (Python) client library which makes it easy to do stuff on your switches, routers and other network equipment. You can use it to build powerful, automated network management applications. It can support anything with a command-line interface and provides a consistent API for multi-vendor access." - imabonehead from Bookmarklet
imabonehead
Evolution of a Sysadmin (JPEG Image, 3451 × 2635 pixels) - https://mediacru.sh/JRmlbWj...
Evolution of a Sysadmin (JPEG Image, 3451 × 2635 pixels)
imabonehead
New “TCP Stealth” tool aims to help sysadmins block spies from exploiting their systems — Tech News and Analysis - http://gigaom.com/2014...
New “TCP Stealth” tool aims to help sysadmins block spies from exploiting their systems — Tech News and Analysis
"Systems administrators who aren’t down with spies commandeering their servers might want to pay attention to this one: A Friday article in German security publication Heise provided technical detail on a GCHQ program called HACIENDA, which the British spy agency apparently uses to port-scan entire countries, and the authors have come up with an Internet Engineering Task Force draft for a new technique to counter this program." - imabonehead from Bookmarklet
imabonehead
https://github.com/arachny... - Self-hosted, easily-deployable monitoring and alerts service - like a lightweight PagerDuty
imabonehead
How to Back Up Terabytes of Databases | Brent Ozar Unlimited® by Brent Ozar Unlimited® - http://www.brentozar.com/archive...
How to Back Up Terabytes of Databases | Brent Ozar Unlimited® by Brent Ozar Unlimited®
"When you weren’t looking, your databases went and grew up. Now your backup window has grown so large that you’re about ready to open it and jump. Time to make a choice. The Native Way: Tuning SQL Server Backups You can theoretically pull this off by using a combination of tactics..." - imabonehead from Bookmarklet
imabonehead
Hands-on with Canonical’s Orange Box and a peek into cloud nirvana | Ars Technica - http://arstechnica.com/informa...
Hands-on with Canonical’s Orange Box and a peek into cloud nirvana | Ars Technica
Show all
"Take ten high-end Intel NUCs, a gigabit Ethernet switch, a couple of terabytes of storage, and cram it all into a fancy custom enclosure. What does that spell? Orange Box." - imabonehead from Bookmarklet
imabonehead
▶ Can You Imagine Life Without SysAdmins? - YouTube - http://www.youtube.com/watch...
▶ Can You Imagine Life Without SysAdmins? - YouTube
Play
"To celebrate SysAdmin Day 2014, SysAid presents an alternative reality that is completely bizarre in this hilarious video. Enjoy!" - imabonehead from Bookmarklet
imabonehead
"When users make your life hard, Sophos makes your life easy. We salute you, IT Pros and System Admin professionals, with 12 Days of Sysmas: http://soph.so/z3VtB" - imabonehead from Bookmarklet
imabonehead
"What do Niagara Falls, wild horses, and a slow-motion explosion have in common? They're all freaking mind-bogglingly awesome. Just like you, IT PRO, magnificent specimen that you are. So, we took our epic SysAdmin Day song and karaokified it with insanely bad ass visuals that will leave you forever a changed Server Samurai. Clear your throat, mic up, and get ready to bellow out some IT pro lyrical poetry. You're welcome. Lyrics by Spiceworks Studios and the Spiceworks Community. Music by Travis Hagan." - imabonehead from Bookmarklet
imabonehead
Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA | Enterprise | WIRED - http://www.wired.com/2014...
Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA | Enterprise | WIRED
"When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA’s prying eyes. It’s called Tails. And naturally, nobody knows exactly who created it." - imabonehead from Bookmarklet
Che sia *per caso* questo?https://tails.boum.org - Luca Perencin (No_CQRT) from Android
imabonehead
"We were able to find five models from iXsystems with the FreeNAS Mini product name. Systems come with 16TB, 12TB, 8TB, 4TB, or without storage drives. The new FreeNAS Mini uses an Intel Avoton 8-core SoC processor and pairs the system with 16GB of ECC DRAM. Hardware wise, this is a massive increase in processing power from the off-the-shelf NAS products we normally test, including even some of the larger rackmount systems. To put this into perspective, over the last twelve months, an average NAS on our test bench used an Intel Atom dual-core processor with HyperThreading and shipped with 2-4GB of system DRAM." - imabonehead from Bookmarklet
imabonehead
▶ Google I/O 2014 - HTTPS Everywhere - YouTube - http://www.youtube.com/watch...
▶ Google I/O 2014 - HTTPS Everywhere - YouTube
Play
"Data delivered over an unencrypted channel is insecure, untrustworthy, and trivially intercepted. We must protect the security, privacy, and integrity of our users data. In this session we will take a hands-on tour of how to make your websites secure by default: the required technology, configuration and performance best practices, how to migrate your sites to HTTPS and make them user and search friendly, and more. Your users will thank you." - imabonehead from Bookmarklet
imabonehead
Using LVM’s new cache feature | Richard WM Jones - http://rwmj.wordpress.com/2014...
Using LVM’s new cache feature | Richard WM Jones
"If you have a machine with slow hard disks and fast SSDs, and you want to use the SSDs to act as fast persistent caches to speed up access to the hard disk, then until recently you had three choices: bcache and dm-cache are both upstream, or Flashcache/EnhanceIO. Flashcache is not upstream. dm-cache required you to first sit down with a calculator to compute block offsets. bcache was the sanest of the three choices. But recently LVM has added caching support (built on top of dm-cache), so in theory you can take your existing logical volumes and convert them to be cached devices." - imabonehead from Bookmarklet
Can't wait for the benchmarks against ZFS's Hybrid Storage Pools… - Jean-Marc Liotier
imabonehead
"SigmaVPN is simple, light-weight and modular VPN software for UNIX systems, deploying the NaCl encryption library. It's easy to configure, has low overheads and is reliable. No longer is it necessary to waste precious time configuring overcomplicated tunnels." - imabonehead from Bookmarklet
Other ways to read this feed:Feed readerFacebook