I started working at a company (Shutterstock) that had MCollective implemented a few months ago. We use it to perform various functions across a wide range of servers. Things such as rolling the application servers to pick up new code, clearing caches, checking replication lag on databases, telling our puppetmaster to sign certificates, and even doing code deployment.
Linux
Capistrano for the sysadmin
There's always been a fine line between a good sysadmin and a programmer. Capistrano is software built for Ruby on Rails to make deploys across multiple servers easy, however, the potential is much greater than just code deployment. I have recently grown in love with how easily I can run commands across groups of servers, and setting up Capistrano is not a difficult task. If you've ever configured password-less SSH access, you can get this up and running without much difficulty.
Tags:
Central login management with OpenLDAP
Over the weekend I spent some time learning how to configure OpenLDAP to provide a central login server at home. This is pretty useful since I was tired of either syncing UID/GID's across servers or setting directories to 777 on my NFSv4 server. I chose Fedora 12 as my OS for the server, and will show how easy it is to configure authentication on both Fedora and OpenSolaris.
Tags:
Kernel Virtual Machines using libvirt
I use iSCSI from a giant ZFS storage pool in order to setup virtual machines. There's a couple advantages to this, as you get the power of ZFS snapshots and the ability to grow your virtual machine's disks fairly easily. To make administrating things a bit easier, I use one large iSCSI target and put LVM on top of this. So really this article will apply to anyone that wants to use logical volumes for their disks, which is much preferred over using files.
Tags:
Connect to iSCSI targets on Linux
I'm going to be describing this process using Fedora, but any Linux that is using iscsiadm should use the same sort of configurations. To start off make sure you have the proper packages installed.
Tags:
Creating a Chroot Jail for SSH Access
Here I show how to setup a secure SSH server that could be used for SFTP. It limits the users to what they can do and what commands they have access to. Could even be configured as a way to allow ssh tunneling for your friends/family who don't have the ability to do this themselves. The chroot jail stops the users from getting access to anywhere else on the system and keeps you from worrying about users messing around with key system components.
Tags:
Securing LAMP: Apache
I've decided to start a little mini-series here on how to secure a LAMP environment. For those that don't know this is a Linux + Apache + MySQL + PHP environment. This week I'll look at Apache specifically and continue with the other parts of this environment early next month. Click the link below to check it out.
Tags:
Hardening an Apache Server
Installing an Atheros Based Wireless Card on the Eee 901
So, I got pretty fed up with the Ralink RA2860 wireless card that comes with my ASUS Eee 901. It does not play well with Backtrack 3 nor does it do packet injection. I want to turn this thing into a nice little security machine that I can bring with me and easily start testing some networks.
Tags:
Pandora Desktop on Adobe AIR
So today Adobe AIR came out of beta for Linux. That is great news because I also came across the Pandora Desktop (currently in beta) in the same day. These two complement each other very well. It is great for removing that one Firefox window or tab that I always have open to Pandora. Click read more below to check out some screenshots.
Tags:
Pages
