Have you ever been having a good weekend, and you come into work Monday and *boom* — there was a power outage over the weekend. Some services on your servers started, others didn’t. Wouldn’t it be nice to be notified that services aren’t working, and even better if they were automatically fixed??
Enter Monit. Their website describes it best:
Monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses too much resources. You can use monit to monitor files, directories and devices for changes, such as timestamp changes, checksum changes or size changes. You can also monitor remote hosts; monit can ping a remote host and can check TCP/IP port connections and server protocols. Monit is controlled via an easy to use control file based on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions and recovery status via customizable alert.
Windows groups can be squirrely. The key to grocking them is knowing the order windows processes, or “expands”, them in.
The rule of thumb is that a group can have as a member any other type of group that has already been expanded. For example, the local group is the most flexible because it’s expanded last. Pretty much anything can be a member of a local group because by the time the server’s authority expands it, all the other group memberships are known. Global groups, on the other hand, because they’re expanded first, are heavily restricted. At the time they’re expanded, we know very little: The client’s domain starts with the user’s SID and begins expansion from there.
“What is a Group?” has a set of nice hand-scrawled diagrams to walk you through it all.
I don’t know quite how this could fit into our organization (yet?) except VirtualMin is a webmin addition that allows simple virtual hosting. It allows interfaces at the admin, reseller and customer level.
http://www.webmin.com/index8.html
Unison File Synchronizer is a a cross-platofrm, GPL’ed tool for keeping filesystems synched across machines.
I am really interested in this kind of technology that not only does mirroring of directories & files, but mirrors them in such a way that when you modify the file it doesn’t copy the whole file across the network but instead copies over changes at the byte level.
Other options might be Windows Distributed File System or Coda file-system on Linux.
I think it would help with the Dallas to Portland connection, but I think it would be especially useful for sharing with China and Malaysia offices. That way, if someone wants to pull down a file that’s already been uploaded & synched, they will be pulling down a local copy — much much faster than pulling down a copy over the LAN. We may ever consider mirroring our intraweb app server, so people can access it like they are in their local office.
Another one from the old bookmark bin.
Right now when users access shared folders, they see all folders created, even the ones they don’t have access to. Hiding folders that don’t have read access is called ABE, access based enumeration.
This page has details on how to do this in Window Server 2003. Wonder if there is a way to get this working with Samba.
Many places use webDAV technology to allow outside people into their file systems. PSU started to implement this type of access to student files in 2004/2005. We have the possibility to do it as well if so choose — and could provide useful for people traveling. They wouldn’t even need their own computer, since it runs over http
http://davenport.sourceforge.net/
I have a feeling we will shortly be deploying many Linux servers to perform certain actions. Maybe we will implement Asterisk to be used as a VoIP interchange between locations, maybe the backup servers will be Linux based, maybe the BDCs.
One thing that could speed up implementation at remote sites is to build live cds for certain purposes. For instance, on the file server in PDX to keep updated live cds for certain projects. Like, a BDC live cd or a backup live cd. Already setup with the most current packages (or scripts to fetch+install them). So when we get to the site we just put the CD in, click or type “load” and poof, the server is installed and configured.
These links (haven’t read all of the process) may be helpful:
http://www.linuxjournal.com/article/7233
http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_scratch
We don’t want to have a billion servers each doing their own task — so what can we use as a solution? Server virtualization (or semi-virtualization or para-virtualization). This involves cutting down a server into mini servers that each have full customization. Our VPS at hostmysite is like this. So why would you want to do this? A few reasons actually.
-Localize exploits. Let’s say DNS gets exploited — the access gained would only be for DNS, and not for mail and web and everything else.
-Easy “upgrades,” backups and redundancy. Let’s say we start to use MySQL more and more, but the server can’t handle it. To upgrade (ignoring replication for this example) we could just turn off the virtual server (in essense lock files), move it to other server, drop it into another server that is setup to do virtualization, and turn it it on. Nearly no downtime, and you know it will work.
Anyhow, worth looking at. Here are some of the most mature linux virtualization packages out there:
http://openvz.org/ — This is the open source version of hostmysites VPS. The main difference is it isn’t setup for doing mass hosting (like, 1000 VPSs on a huge mainframe).
http://www.openvps.org/
http://linux-vserver.org/ — Very plain website, but there is news that the authors are pushing for this code to be included in the Linux kernal natively.
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ — I’ve heard rumors also about this being one of the most advanced.
http://www.vmware.com/ — The one and only. This is full virtualization so will contain the most overhead (some of the previous packages have almost no overhead, not even 1%). Oh yea, and this “costs” money.