Kris Buytaert's blog

Jan 29 2009

What does your BOFH want ? :)

Larry, I`m glad you asked ..

With the risk of receiving a flood of comments pointing me to already existing tools here's my go at what I as a sysadmin of often large deployments am looking for in Drupalland .

You suggest LDAP and syslog integration .. guess we already have that don't we ?

But what I haven't found yet ..
An rpm/deb repository of Drupal modules So we can do an apt-get install drupal-package , yes I know about Drush, but I want the files on my system to be in a package and clearly identified, it helps me keeping my system uncluttered.

apt-get update drupal-package , or yum install drupal-package would be a luxury, same for themes btw.

It would be lovely if the postinstalls of those package also trigger a database upgrade if needed.

Which brings me to the next issue. If I have a multisite setup and I update a module in sites/all/modules, I usually have to go trough each and every site hosted there to update the databases. No really something I like to do for 10+ euh 3+ sites.

Also think big, don't waste your time on desktop apps or guis .since as long as you only have 1 site to manage point an click is fine, for you , Think in terms of what if you have 10 sites, 100 sites, or more .. do you really want to do that kind of administration via a browser or gui ? Some wise man once said If your computer can't install it the installer is broken. A script should or automation tool should be able to interact with the sites, not a human operating a mouse ;) It's not just the RSI , but also the fact that to err is human, and if the computer fails a script you can patch it :)

Jan 29 2009

Will Poken catch on ?

Poken is the new gadget in town. Some people called it the future of social networking.

The idea of exchanging data at the click of a button , or less has been here fore ages. The problem always is that the tool needs to gain Critical Mass before it becomes useful.

I remember transferring my VCard from my Palm Pilot or Handspring Visor to other people's Palm Pilot , or using different IrDA protocols to transfer my details between different phones, that worked fine, for the happy few that had similar devices. These days we transfer details over SMS' messages or Bluetooth, but then they are stuck in the mobile phone, with the Palm I at least imported them in my PIM.

The thing is not everybody had a Palm, not everybody had a IrDa enabled phone , and people tend to turn off Bluetooth for security reasons. The idea of adding a (soon to be rebranded) TikiTag to your business card seemed cool, So far I could hand out 2 cards to people whom I was absolutely sure they had a reader ,

So different efforts have tried already the same .. to exchange digital data while people had physical contact. none of them seems to have catched on .. yet.

My Poken is on the way .. maybe this time it will catch on .. who knows .. it surely looks more viral than the others ...

Jan 26 2009

Stop stupid Software Patents

If you read this blog, you should probably sign the petition !

Jan 21 2009

Oldskool, Fuck the Cloud

This comment by Jim Leonard, Trixter/Hornet for those who still remember our previous lives , is right on the spot.

"This is the longest post I’ve ever seen that says “do not put your only copy of data on a site you do not pay for or trust.”

Weird, how you suddenly bump online into someone you haven't heard from for over a decade, and even weirder how they still seem to have similar ideas to yours :-)

Jan 21 2009

This week in DNS problems

SANS notes a weird DOS atack on different namesevers. People quering for "." a lot.

Ward wondering what's going on with the .org nameservers

And Dries migrating his site.



Jan 18 2009

Is anybody else confused about Chef ?

Chef absolutely confuses me..

Luke is confused too ..

I’m clearly disappointed that someone who has been a high-profile user of Puppet but has never contributed much in the way of code (Ohloh claims 2 commits) would decide to start a whole new project rather than attempt to contribute to Puppet

Now , if you know me a bit you know that reinventing the wheel, or creating identical projects with no clear reasons is something I dislike .

When looking at Chef's FAQ there isn't really a clear reason listed why they wanted to create a new project.

I could understand if Chef were written in a total different language .. but hmm.. it's written in Ruby again .. I can only think of one other area where there are 2 major competing tools written in the same language and that is OTRS and RT, still wondering how that can happen.

One of the core values of an Open Source project is that you can contribute, adapt , and even fork.. why would you want to start over from scratch ?
So launching a competing open source project in that way therefore doesn't really seem like a smart thing to do,

Maybe one way to explain it is the European vs American style of Open Source Adoption ... , Luke has the more European approach (consultancy, build new features, support, train, evangelize, earn a good living) , where as OpsCode with Jesse Robins in charge might head for a more American style (Productize, Dual License , CashOut ).

So can the Chefs please explain why they didn't contribute to Puppet, or as their FAQ , well it doesn't really Answer any of the Questions

Jan 18 2009

New interesting open Source releases

In case you haven't noticed them yet ..
MySQL Proxy has a new release and moved it's public repo to Launchpad.

(Still Launchpad isn't open source yet .. a matter of time .. but in the meanwhile Jira and Confluence are sadly gaining adoption in the market)

In the devministration area there is a new Puppet module that automagically populates puppet managed machines in Zenoss , I've seen different people using Puppet to populate their Nagios configs, but adding Zenoss to the list is new.. so when will we see the Zabbix and Hyperic plugins ?

Oh yes.. and then there is Chef

Jan 18 2009

How to suck at Security

There is this great post over at sans.org Teaching people how to to suck at Security, (actually a reprint of this post

Especially the remarks about security tools ..
On how not to implement them or how to neglect configuring, afterall the default values must be secure enough.

However My favorite

Hire somebody just because he or she has a lot of certifications.

I'd write Vendor Certifications however .. as independent certifications might have some use.. but if I`m looking for a security guy and he starts talking to me about his product certificatins, something is wrong..

Remember, security is a life style, not product you can buy ..

Jan 18 2009

On Filesystem Layouts

Wouter blogged about his favourite Laptop filesystem layout , just one filesystem , and some geeks think that's a bad idea.

Actually I can understand Wouter not wanting to have different /usr/ /var or other partitions on his laptop , the 20Mb left and 300Mb right you loose on different partitions are exactly what you want to use on your laptop, however isolating partitions also has it's benefits

My setup looks similar to this :

  1. /
  2. /home
  3. /opt
  4. /altroot

/ and altroot so you can run 2 distros, keeping my local data on a different partition so I can upgrade , switch distro etc.. and /opt .. for the software that isn't shipped as a package.

Obviously I use LVM so I can use these different partitions also as storage for virtual machines that can boot a different distro either on the physical or the virtual machine.

And obviously the rules for servers are different than the ones for laptops or even personal desktops for that matter

Jan 17 2009

Zenoss, "mail" problem ?

Funny how people call clear and obvious DNS problems a
"mail" problem.