servers Archive

Commando style: triage dashboard

If you're working on a foreign system, or one that doesn't have the bells and whistles that make you feel at home, sometimes you need to improvise tools on the spot by chaining together commands, etc. This little one-snip serves as a "dashboard" approach for quickly assessing consumption, [crayon-5bf4377c2bd95429607160/]   [crayon-5bf4377c2bd9f231174386/]  ...
Read More

iptables list – a helpful ~/.bashrc alias

I grow tired of asking iptables to give me my line numbers for insert/deletes, and sometimes, I just want it to "cut to the chase" and give me numbers. Toss this into your ~/.bashrc for making life easier: [crayon-5bf4377c2c2b5271572925/] then run [crayon-5bf4377c2c2bb426082253-i/]  to reload. Output sample: [crayon-5bf4377c2c2be823047827/] Voila! Now you've got counters (helpful for debugging btw), numeric...
Read More

Securing Elasticsearch – Part 1

The most frequently asked question for ElasticSearch and security is "how do I require login"? Once you've answered and implemented the answer to that question; a larger, truly more troublesome issue looms. The same principals used to secure ElasticSearch; typically a proxy fronted by Apache/nginx use various auth techniques. If you...
Read More

Skeletons: Older versions of ntp and not using DNS

A while ago (years), I reluctantly set up ntp on some servers using an IP address for the source server; at the time, using a DNS name in ntp.conf was incompatible with the ntp/ntpd version and I didn't want to go out of my way to compile it from scratch. Today,...
Read More

MySQL’s max_connect_errors … 6 years later…

Having recently been bitten by the awful default value (10) for max_connect_errors on a production server - I'm having a very hard time coming to terms with who the heck thought this would be a good way to do it. This type of "feature" allows you to effecitvely DOS yourself quickly...
Read More

Using Logstash to log SMTP/email bounces like a boss

I've recently worked on a customized emailing suite for a client that involves bulk email (shutter) and thought I'd do a write up on a few things that I thought were slick. Originally we decided to use AWS SES but were quickly kicked off of the service because my client doesn't...
Read More

MySQL command line – zebra stripe admin tool

I came up with a cool usage for the zebra stripe admin tool.  In MySQL you can set a custom pager for your MySQL CLI output; so one can simply set it to the zebra stripe tool and get the benefit of alternated rows for better visual clarity. Something like 'PAGER...
Read More

pt-online-schema-change and partitions – a word of caution

Just a quick word of wisdom to those seeking to cleverly change the partitioning on a live table using a tool like pt-online-schema-change from the Percona Toolkit. You will lose data if you don't account for ALL of your data's ranges upfront. (E.g: MAXVALUE oriented partition). The reason being is how...
Read More

Why Rackspace is bad!

Fanatical support != Customer service, at all! Recently I've migrated a customer that's been on Rackspace for 6 years, and paying a handsome penny for it at that. The migration was to Amazon Web Services (AWS) and I sent a friendly reminder to the client to cancel the RS account (9...
Read More

Why are we spending so much time refuting?

There's a nice juicy war going on in the 'data / web' sector, that seems more heated than I can remember. It essentially boils down to sensationalist claims from the likes of MongoDB and MemSQL, which in turn draw refuting remarks from industry professionals that are typically embedded with RDBMS technologies. The...
Read More

MySQL CPU maxing out due to leap second, and AWS US-E1 outage

Wow, US-EAST-1 has the worst luck doesn't it?I had CPU consumption alerts fire off for ALL of my AWS instances running Percona Server (MySQL).I couldn't for the life of me figure it out - I re-mounted all but the root EBS volumes, restarted the services and ensured there was no...
Read More

MySQL COALESCE(), UNION behavior on zerofilled columns

I've just filed a (potential) bug report, depending on your views for MySQL's COALESCE() behavior: http://bugs.mysql.com/bug.php?id=65763 If you have a zerofill column and perform the COALESCE() function on it, the leading zeros are truncated. As I mention in the bug report, this may not matter to most - but it does change the...
Read More

On MySQL: The latest, far-reaching password circumvention

By now, everyone has, or will be hearing about this issue. While it's an extremely simple hack and covers (dare I say the majority) of MySQL installation version. Let's not forget to finish reading the entire disclosure: From the disclosure: But practically it's better than it looks - many MySQL/MariaDB builds are not...
Read More

Mercurial (hg) checkstyle hook, at last!

As far as I can tell, there's not much in the lane of check style hooks for Mercurial.There's a lot of hits for git and SVN, but not much for Mercurial.Check it out in my 'hg-checkstyle-hook' bitbucket repo.I thought I'd share my (imperfect) rendition of a Mercurial checkstyle hook. It's...
Read More

MySQL 5.6 – InnoDB (innodb_file_per_table) and recovery

All I can say is rejoice!.There's a lot of fluff out there that beat around the bush or contain a regurgitated process for recovery using the 5.6 LAB edition of MySQL.So instead, here's the info straight from the horses mouth: http://blogs.innodb.com/wp/2012/04/innodb-transportable-tablespaces/  . This will make a huge difference in the...
Read More

Disable PHP 5.4’s built-in web server, while keeping CLI …

Administrators: Don't get blind-sided by PHP 5.4's CLI web server!I've gone over a similar issue like this before regarding the likes of git/hg. While those are developer tools and are less likely to be present on a production machine.PHP 5.4 is jumping on the bandwagon to include a 'cute' little...
Read More

PHP Vulnerability – DJBX33A – Hash table collisions

Trickling through my RSS feeds this morning was an article with quite the topic "PHP Vulnerability May Halt Millions of Servers". In a nutshell: A modest size POST to almost all PHP versions in the wild (Sans 5.3.9+) are in danger of an extremely simple DoS. The vulnerability exploits the PHP internal...
Read More

If you’re not off of Godaddy yet …

You should be. The Godaddy girls are stupid. The commercials are worse. Bob Parsons is kinda creepy (not just the elephant thing). The ads are terrible. The site is terrible.Do you need another excuse to move your registrar needs to another company such as Gandi or Namecheap?You need another excuse?...
Read More

ab – Apache Bench, understanding and getting tangible results.

Apache Bench (AB) is a very powerful tool when used right. I use it as a guideline for how to set up my apache2/httpd.conf files. All too often I see people boasting that they can get an outrageous number of RPS in AB (the Apace Bench tool). "OMG, I totally get 3,000...
Read More

Grepping extremely large files

So you forgot to set up logrotate on an active log eh? You've got a many gigabyte file to weed through and you need to extract a chunk of time from it?Here's a quick cheat sheet to help you get by, quickly and sanely.It's about byte offsets!Get the byte offset...
Read More