Archive for August, 2007

Have I mentioned how much I hate Debian?

So we landed a fairly big customer. Said customer is all about Debian. It went down kind of like this

Sales: “Will you guys support 40 Debian servers?”
Us: “No!”
Sales: “Okay, we’ll need those by the end of September”

So of course not only am I the guy responsible for creating all Linux deployments, I’m one of the only people in the company that know anything about it. I’ve never been a fan of Debian. I’ve tried to like it, and it just never works out. Talk all the shit you want about Red Hat based distros, but there’s a reason they rule the corporate Linux marketplace.

So anyway, now I have to figure out a way to integrate Debian into my kickstart server, or create another deployment server using their lame ass FAI. And did I mention that said deployments will be happening on blades that HP completely does not support Debian on? Should be fun trying to find modules for this shit, let alone managing these servers after the install.

This is the good part…

For all the suck that my job provides, I have to try to remember that I have it pretty good overall. It’s about 11:00am, I’m sitting at panera (aka pantera), eating a bagel, drinking coffee, and working. The better part of my work week is usually spent at home or in coffee shops. As long as I have wifi, and a cell phone connection, I can work from anywhere in the world. I go into my office maybe 2 or 3 times on a good month. I think there was a stretch a couple months back that I went in once in 2 months. I spend a bit of time in the Data Centers, but not anything regular. It’s a luxury that few people I know get to have, and I am thankful to be in the position I am in.

Yesterday turned out to be a 16 hour work day (minus a couple hours for lunch and dinner). I got everything finished that I needed to get done, so in the end it’s worth it. And being that I’m the one who dishes out work, those who failed me, are going to have some rather unpleasant tasks to deal with today.

I’m trying to plan a “business trip” out to California, so I can spend a couple of days at the corporate office, up in Santa Clara, then head down to LA where my part time boss is, then down to San Diego where my director is. Since I have family and friends in LA & San Diego, I figure I can get some time to hang out with people there, since it’s so hard to take a vacation there. I’d like to bring Steph, but she’s not keen on the idea of a “working” vacation. So maybe I’ll take 2 trips out there.

Anyhow, time to get back to doing work.

Responsibility Part Deux

I started my day as I always do around 8:00am. Sometimes it’s a little earlier, sometimes a bit later. Today, I went to the coffee shop to take care of some stuff remotely for about an hour, then I headed to one of my Data Centers to take care of some stuff before my team meeting. During my meeting, I made our priorities very clear. Told my team what we needed to get done today, and that I’d be back to complete stuff later in the afternoon. Then I went to our other Data Center to take care of some stuff there. So at about 4:30 I come back to the DC, expecting to configure 8 switches and go home. I get here, and find that the one thing that I told them absolutely had to be done today, didn’t get done; cable up a blade enclosure stack. Thus, I couldn’t configure the switches that live in these enclosures.

So lucky me, got to start cabling shit up at 4:30PM. If anyone has ever dealt with blades, you know that they are stupid simple to deal with after the enclosure is setup, cuz there’s no cables or anything to deal with. However, setting up a new stack of 4 enclosures is a pretty big ordeal. Each enclosure has 2 switches, each switch has a redundant connection to the patch, then duplicate that to the network cores. in all, you end up with 68 cables that have to be run and labeled. Time consuming to say the least. I finally got everything cabled up at 8:00PM, then took a break to meet Steph for dinner. Now I’m back in the DC configuring my switches. I should be done with this in about half an hour. Then I have to be at the other DC for a maintenance window at Midnight.

It’s times like this that I wish I could be irresponsible, and pass the buck.

Clicky?

So I was searching for new analytics (besides google), and I came across Clicky. Anyone using it? My site is still far too low traffic to generate any useful stats, but the interface looks awesome. Just curious what other people’s experience with them is.

Where did my weekend go?

Seriously. Can I have it back?

All in all, it was a decent weekend. I took Friday off for no reason other than the fact that I work too much, and my boss thought I should take a day. After the whole being called several times thing from 3-4 AM, I finally got back to sleep at around 7, then got up at like 9. Wen downstairs and played the search and release game on at ticket bastard until I got some good seats for the Van Halen show. Ended up with some pretty decent seats, but the shit was completely over priced. Had coffee with Steph and Benny, then decided to go have lunch with a friend I never get to hang out with. My 12:00 lunch turned out to be an all day thing, as we sat and talked tech until 5PM. After Steph got home and we ate dinner, I spent the rest of the night working on more prep work for the big migration.

Didn’t do much yesterday. We had brunch at Clydes which is always excellent, then ran some errands and came home. We got a nice console table for the foyer, which Steph has been bugging me about for a while. I have to admit it looks pretty good, and she even built the thing herself! I spent the better part of the day & night working on stuff for this site. I got things looking the way I want now, and I’ve started uploading old content. I got all the Red vs Blue videos setup on a page, as well as the GI JOE PSA’s, and I have begun uploading old HOWTO’s & Docs that I’ve written in the past. I’m pretty happy with how things are coming together. WordPress has come a long way from the last time I set it up a couple of years ago.

Today, my company had a 5 year anniversary party for us. Since we are essentially a satellite office (we are headquartered in Santa Clara, CA), we basically get a budget to do whatever the hell we want. So we rented out the Dulles Golf Center & Sports Park, and had it catered by Famous Dave’s. It was a lot of fun! We hit some balls at the batting cage, emptied a couple of buckets at the driving range, played some basketball, and ate and drank beer. Not a bad way to spend a Sunday afternoon.

Other than that, not a whole lot else going on. I’m waiting on some new flash tutorials to be developed for my hosting site, before I send out the notification on the migration. I’m thinking I’ll probably do it in 2 weeks.

Server migration time again

Over the past month or so, I have been working on a flurry of updates, reconfigurations, migrations of services, and entire servers for my personal sites, and my hosting company. The personal stuff is always fairly painless. If something breaks, it’s not the end of the world. We lose a little ad revenue, and a few people complain that they can’t reach Stvlive, or QuizMeme. I’m a bit of a masochist in this regard, because I always seem to do 8 million projects at once when I should really be focusing on one. In all, I have done, or am in the process of doing 2 complete server migrations (move from one server to another in a completely different Data Center, new IP space, etc), migration of secondary mail & DNS services for my personal sites to a 3rd party, and massive amounts of hardening across all of my sites/servers.

Most of the personal stuff has gone well, and we even revamped some really old stuff on some of the sites, which makes me happy from an InfoSec stand point. I’m mostly content with how things are running on all of those servers, now it’s just the ongoing issues of cleaning things up that have been around since the late 90’s to make things more secure.

My hosting migration however, makes me lose sleep. I have done this a few times over the years, and it usually goes “okay”, but never without some screwup that keeps me up for hours fixing. The problem isn’t from a lack of planning, or skill. I have been doing this a long time, and I am very knowledgeable about these things. Where the problems occur is usually in the little configuration changes (read: hacks) that have been made on the servers over the years, and have been forgotten about. This server has essentially been upgraded and migrated over and over again since 2001. It’s gone through 3 different FULL RedHat releases starting with RedHat 7.1 (going on a 4th now). I can’t even count the number of Plesk versions, I’m an old school customer, so this server (in it’s original form at my house 7 years ago) started at PSA 2.5, and is getting ready to be Plesk 8.2. So as anyone with any admin experience can imagine, the number of “hacks” that would have been put into place over the years to add support for some unsupported feature, or fix a bug. The irony is, that it’s the old “hacks” that were meant to fix something in the past, that break something on the new.

At this point I have most of the behind the scenes work completed. New server is up and running, and has been (mostly) configured. DNS is going to be the biggest hurdle. The current setup is not so good. All DNS is served from the same server. This isn’t really a big deal, because it’s pretty much an all-in-one server, so if DNS goes down, chances are everything else is down too, so the DNS doesn’t really get you anywhere. However, in a migration situation, having a secondary somewhere else is extremely useful because it isn’t going to change. So when the madness happens when I change my name servers at the registry level, propagation isn’t that big of a deal, because the secondary server is still churning out results. So I want to get this server added for all the domains prior to the move.

I host over 200 domains, and unfortunately they were not all registered through me. That means that the owners of all of those domains need to log into their registrar account, and make modifications to their name servers. This is a very simple task for someone with only a little technical knowledge. All of the registrars have documentation on how to do it. The problem is, getting the domain owners to ACTUALLY MAKE THE CHANGE! I am willing to bet most of my customers don’t even know what a registrar is, let alone which one their domain is registered at. Which is going to equal me doing a shit ton of whois lookups for people to point them in the right direction. And in more than a few cases, I’ll probably just have to obtain their login info, and make the change for them. I am actually having some new flash demos made up right now to show people how to login to the various registrars, and make this change, so hopefully that will help a bit. The plus side is, most registrars don’t require an IP address for name servers, so when I actually re-IP my name servers, there shouldn’t need to be any changes on the end user side.

I’m rambling, and I’m sure this is way more information than most people who read my blog care about, but that’s what a blog is for right?

Gotta love responsibility

We had a customer who wanted some basic stuff done during a 3:00AM maintenance window today. Since my boss told me to take Friday off, I assigned this maintenance to one of my guys. I sat down with him yesterday, to make sure that he knew what he was doing, and showed him some docs I made for the issue. So I felt good about him doing it, but told him to call me if there were any problems.

3:08AM – phone rings, I explain some stuff to him
3:18AM – phone rings again, I walk him through something else
3:32AM – phone rings again, I explain something else
4:34AM – phone rings again, he tells me the jobs all failed. I’m pretty sure they are fine, but tired of trying to explain what to look at so I tell him I’m getting online to look at it myself.

So now I’m up. I guess it’s a good thing I’m not working today after all. Though I’m sure as soon as I try to sleep today, someone is gonna call me.

First real post in 2 years

So what’s been happening in my life?

We bought a new house in Ashburn in March. We moved in a few months before that, but were waiting to sell our townhouse. The house is awesome! It’s on about a quarter of an acre, in a great neo-traditional neighborhood. We’ve done a ton to the house already, and it looks great!

House

Shortly after we moved here, India our Rotti girl lost it completely. After several attempts to reverse her behavior, we had to let her go. Shortly after, we began looking for a new puppy. We wanted to find a dog that would be completely submissive to China, as well as just being an all around awesome dog! So we picked this little guy from a breeder.

Benny The Golden

A little over a year ago, I quit my job at MITRE, and went to work for a “startup” called OpSource. I was hired as the Sr. Linux Engineer for Data Center Operations. These days, I end up doing more management, than engineering, but it’s still a good gig. I mostly work from home, or any other random place with wifi. I’m starting to work in InfoSec now on top of my normal workload, with the intentions of switching over full time as soon as they can afford to replace me.

I could ramble on about the past 2 years forever, but I think I’ll take it one post at a time for now. Commenting is now open, but you must register.

Almost, but not quite

I’m still working on getting things the way I want them here. So far so good. I need to make some catagories, and catagorize all my old postings. It’s kind of cool reading through some of these old entries from so long ago. Time flies!

So here it is…

I set this blog up originally a couple of years ago, and as I promised then, I didn’t update it at all. I was inspired by Doug, so I decided to revamp this thing. I imported all of my old entries from LJ, though I can’t figure out how to get comments. I’m over LJ, which is apparent by my lack of entries in the past 2 years. I still read it fairly regularly to keep tabs on my “friends”, but I just feel it’s impersonal now.

I’m not promising that I’ll keep up on this one, but I think I’m gonna try. I always have shit to write about. For now, I have comments disabled, till I get things set the way I want them (gotta keep those fucking comment spammers out).