Designing for failure with Amazon Web Services
Avoid single points of failure. You can and should assume everything will fail. Start by listing all major points of your architecture, then break it down further, and then maybe one more level. Now review each of these points and consider what would happen if any of these failed.
Read moreInfrastructure Management: Part #2, mCollective
In the second part of our series on great tools to help with infrastructure management, we are going to talk about mCollective (Marionette-Collective). This project was recently acquired by Puppet Labs and helps to sensibly manage day-to-day system administrator tasks with an RPC framework. With so many people trying to write complex SSH for-loops to [...]
Read moreInfrastructure Management: Part #1, Puppet
This blog series will showcase some of the better technologies that we implement for our customers to create a truly scalable, fault-tolerant, easily managed, and well configured infrastructure. A challenge of any system administration team is to not only ensure that applications are working as expected, but deploying them in a way that consistency is [...]
Read moreCritical exim security update
A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM. All MNX Solutions customers have been patched, and are no longer vulnerable to this privilege escalation vulnerability. If you are not an MNX Solutions customer, you should read the following page for details on how to correct the problem:
Read moreCentOS5 and PHP52 upgrade rpms
We encounter many scenarios where using the latest version of PHP is required. No great way, aside from downloading the PHP5 source and compiling, is available. That is, until you discover then IUS Community Project.
Read moreInstalling IonCube in cPanel
To install IonCube loading in cPanel, run the following as root: # /scripts/phpextensionmgr install IonCubeLoader You can then check if ionCube was installed by running: # php -v
Read moreGreat security and auditing resource for your network
The Center for Internet Security has a great list of security configuration and audit guidelines. A great resource comprised of 40+ consensus Security Configuration Benchmarks for Operating Systems, Middleware, Software Applications and Network Devices. The Benchmarks are: Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices; Unique, because the [...]
Read moreCUPS Purging not-completed print jobs older than..
When working with CUPS using remote print queues, you may find that the remote printer is not always available, has timed out, ran out of paper, has a paper jam, etc. Sometimes this causes a job to ‘not-complete’ and when running ‘lpstat -o’, you see old print jobs. We put together a quick script to [...]
Read moreRHEL4 Kernel – PowerPath – OCFS2 upgrade procedure
We have been working on a project for a customer to upgrade the kernel, PowerPath, OCFS2 and other operating system patches. The project was interesting as no single source of information existed on the appropriate process. The procedure issue comes in because OCFS2 relies on seeing the disks which PowerPath presents. PowerPath and OCFS2 are [...]
Read moreZimbra – Pop before smtp authentication howto
We had a client with 3000+ named users, and each of them were configured without authentication for smtp relaying, the qmail/vpopmail system they were migrating from had “pop before smtp” authentication. Well, we wanted to have as little disruption as possible for the migration so we needed to enable this same feature in Zimbra. It [...]
Read more