I don’t like to use untrusted networks. When I have to use such a network, e.g. an open WiFi network, I use a TLS encrypted tunnel connection to encrypt all web traffic that travels through the untrusted network. I’m using a simple stunnel/ Squid setup for this. My setup consists of three components:
Stunnel (server mode) Squid proxy Stunnel (client mode) What is stunnel? Stunnel is an OSS project that uses OpenSSL to encrypt traffic.
The downside of using WordPress is that many people use it. That makes WordPress a perfect target for attacks. I have some trouble with attacks, and one of the consequences is, that my web server crashes under load. The easiest way to solve this issue would be to ban those IP addresses. I use Fail2ban to protect some other services. So the idea of using Fail2ban to ban IP addresses, that are used for attacks, was obvious.
As a frequent reader of my blog, you might have noticed that vcloudnine.de was unavailable from time to time. Reason for this was, that my server was running out of memory at night.
Jan 1 05:22:16 webserver kernel: : httpd invoked oom-killer: gfp_mask=0x200da, order=0, oom_adj=0, oom_score_adj=0 Running out of memory is bad for system uptime. Sometimes you have to sacrifice someone to help others.
It is the job of the linux ‘oom killer’ to sacrifice one or more processes in order to free up memory for the system when all else fails.
By default, CentOS 6 comes with Python 2.6. This is a bit outdated, especially if you take into account, that Python 2.7.11, which is the latest Python 2 release, was released in December 2015. If you are new to Pyhton, you will usually start with Python 3. Currently, Python 3.5.1 is the latest Python 3 release. So, Python 2.6 is REALLY old.
Okay, I could use another distro. Ehm… no. CentOS is the is the open-source version of Red Hat Enterprise Linux (RHEL).
Over the last weeks, I’ve tried to improve the performance of my blog. The side was very slow and the page load times varied between 5 and 10 seconds. Much too long! I’ve reduced time consuming plugins, checked the size of pictures, checked CSS and HTML for misconfiguration/ slow clode and tuned the database. The page load times have not really improved.
Yesterday, I checked the httpd.conf on my webserver and found a little typo (accidentally commented line).
I’m using Veeam Backup & Replication (currently 8.0 Update 3) in my lab environment to backup some of my VMs to a HP StoreOnce VSA. The VMs reside in a NFS datastore on a Synology DS414slim NAS, the StoreOnce VSA is located in a local datastore (RAID 5 with SAS disks) on one of my ESXi hosts. The Veeam backup server is a VM and it’s also the Veeam Backup Proxy.
I’m not a developer. I deal mainly with infrastructe, things like virtualization, storage & backup, networking etc. Sometimes I had to write scripts, primarily PowerShell, batch or Bash. Many years back, I also wrote Csh and Ksh scripts. In the past years, automation was one of the rising trends in the infrastructure segment. And with automation, new challenges came up. Today I have to work with Windows PowerShell, in case of VMware with PowerCLI (which bases on Windows PowerShell), and sometimes I have use with REST APIs.
With the general availability of PernixData FVP 3.1, PernixData released the first version of PernixData Architect.
One of the biggest problems today is, that management tools are often focused on deployment and monitoring of applications or infrastructure. This doesn’t lead to a holistic view over applications and related data center infrastructure. You have to monitor at several points within the application stack and even then, you won’t get a holistic view.
While upgrading a rather old (but very stable) Veeam Backup & Replication 6.1 installation to 8.0 Update 3 (with intermediate step to 6.5), I ran into a curious error. Right after the welcome screen, this error message
Patrick Terlisten/ vcloudnine.de/ Creative Commons CC0
appeared. A closer look into the BackupSetup.log (you can find this log in the %temp% dir. Just enter %temp% into the Explorer address bar) resulted in this very interesting log entry:
PernixData is one of the presenting sponsors at the Virtualization Field Day 5 (VFD5). One of the four key announcements is FVP Freedom.
FVP Freedom will be available in the Fall of 2015 and it’s a completely free version of PernixData FVP. Of course, the functionality is limited. FVP Freedom will only support a single cluster, but with an unlimited number of VMs. Instead of SSDs, FVP Freedom will support up to 128 GB of DFTM (Distributed Fault Tolerant Memory) per cluster.
