Monthly Archives: April 2006

Xsan

Mounting a Volume for Xsan 1.x

To mount a volume:

  1. Open xSAN Admin from /Applications/Server.
  2. Under the SAN Components list click on the Volume you would like to mount.
  3. Click on the Clients tab for the volume.
  4. Click on the client you would like to mount the volume for (see Figure 2.x).
  5. Click on the Mount Read Only if the client system does not need to write to the volume. If the client system does need to write to the volume, click on the Mount Read Write button.

Figure 2.x Mounting the Volume on a client

  1. Once you have mounted the volume, click on it using the Finder.
  2. Click on the Finder menu of the system and select Get Info.
  3. Make sure that the volume size and attribute look as they should.

Figure 2.x Get Info on Mounted Volume

Once you have the volume mounted for your Xsan client systems then you are done installing the Xsan itself. However, as you will learn in the next chapter, administering the Xsan is far more involved than just the volume.

Xsan

Xsan: Corruption

Volumes can become corrupt no matter what file system you are talking about (er, there might a magical file system out there that cannot become corrupted but I’ve never heard of it and would like to sell a certain bridge to you if you have).  Xsan is no different and so you need to be ready to use the command line to combat said corruption.  fsck is the traditional *nix tool to fix issues with volume corruption.  cvfsck is the weird cousin that’s used for Xsan.  If you see any iNode errors in your logs, corruption errors, high latency or just too many weird issues to shake a stick at then use cvfsck to check for errors.  It can be run in a non-destructive mode (it is by default actually).  If errors are found then, if possible, backup the SAN immediate as cvfsck could cause the volume to get shredded (or more commonly for specified files on the volume to become unuseable).  Then you can use cvfsck to repair the volume.

Xsan

LinuxWorld Toronto

Details of the talk I’ll be giving at the upcoming LinuxWorld in Toronto, Canada:

http://www.lwnwexpo.plumcom.ca/session_detail.cfm?id=239

Business Consulting

Web Hosting Primer

I originally posted this at http://www.318.com/TechJournal

When you start a new hosting environment, you will probably handle many of the tasks that you will likely want your clients to handle later down the road. There are many products that help to ease the administrative burden of a shared hosting environment. These products empower users of your services to create their own accounts and perform other administrative tasks using easy to navigate web portals.

• cPanel and Plesk are server management software solutions designed to allow administrators to create Reseller accounts, Domain accounts and email features. Administrators have the ability to assign users rights to various aspects of their hosting environment. This saves time for the hosting provider and allows for clients to receive a wider variety of features without the hosting provider having to set these up for each individual client. These include web support, adding features to web sites, domain control, DNS control, email account control, spam filtering, virus filtering and other features. While cPanel and Plesk are not the only products that allow for these types of functions they have risen to be what most sites now use.
• Webmin is an open source solution that allows for managing web sites, DNS, email, spam filtering and virus filtering from a web portal. Webmin is not meant specifically to be used in a web hosting environment but can be used to obtain some of the features that are available in the commercial packages, cPanel and Plesk.

One of the main reasons that many web-hosting ventures don’t work out is support. When we think of supporting clients in a web-hosting environment we typically think of the phone calls where we help the clients troubleshoot FTP, Mail and web issues. But the overall level of support that you provide for your clients also includes setting up email accounts, web features and other settings that they can setup themselves. The first time they need to do this they may call, but if you have a support department that is dedicated to helping them use the tools that you can provide them then you can drastically cut down the support calls you receive.

Rather than just offer tools that help users on a technical level, the makers of Plesk also offers tools to help run your entire web hosting company. HSPcomplete integrates billing, provisioning and marketing using control panels that integrate with their Plesk control panel. If you are planning on moving from simple web hosting and into colocation for clients, you can use PEM to manage an entire data center.

Network Bandwidth Monitoring enables network administrators to identify how their network is being used. This allows for the optimization or blocking of certain network services that are creating bottlenecks. By monitoring bandwidth, web hosts are also able to plan for the future development of their network services.

Securing Your Hosting Environment
Many hosting environments are started using a single server that is plugged directly into a network port provided by a colocation company. Over time, new servers are added but the need for a firewall to protect these servers is often overlooked. Many administrators will choose to use the firewall that is built into their servers rather than a physical firewall. Once you have a multi-server environment it is going to become important to start considering your network architecture and the security of this network. This includes patch management, firewalling, intrusion detection and security audits.

A network security system designed to identify intrusive or malicious behavior via monitoring of network activity. The Network Intrusion Detection Systems (NIDS) identify suspicious patterns that may indicate an attempt to attack, break in to, or otherwise compromise a system. Many networks have a hard exterior that is tough to penetrate. Many companies have invested time and manpower to make the perimeter of their network as secure as possible using firewalls. In this scenario, if a single system is compromised, it is often easy for attackers to exploit other systems on the network. Host based Intrusion Detection Systems (IDS) help to mitigate this by scanning network traffic for known attacks.

If you are processing credit card transactions then at some point you are likely to go through an automated security audit using an application like Nessus, so the bank can limit their risk to legal ramifications of data theft. Whether required or not, security audits can help organizations ensure that they are meeting security best practice minimums.

Contingency planning is a critical aspect of security. Implementing industry standard tiered storage and backup procedures help ensure that your data is fully redundant. Disaster recovery goes beyond backup and requires you to ask many questions about what you would do in certain situations. Many organizations have redundant hardware, the software required to restore in case of a failure, and redundant locations that ensure their clients the 99.999% uptime that many organizations now require in their Service Level Agreements.

Whether you are just getting started, adding new servers to your hosting environment, switching to a new colocation facility or bringing your servers in house, Three18 can help you. You are not alone. We have been there many times over and can work with you to define the systems and procedures that will get your hosting environment profitable, secure and stable.

Mac OS X

vm_stat

The vm_stat command in Mac OS X will show you the free, active, inactive, wired down, copy-on-write, zero filled, and reactivated pages for virtual memory utilization. You will also see the pageins as well as pageouts. If you wish to write these statistics routinely then you can use the vm_stat command followed by an integer. For example, to see the virtual memory statistics every 5 seconds:

vm_stat 5

Consulting Mac Security Network Infrastructure Unix Windows Server

WAF: Web Application Firewall

Web Application Firewalls, or WAFs, are firewalls for web application.  They monitor web traffic and decide whether to allow or deny specific requests.  IIS web servers (OWA), Apache, WebObjects, Lasso and other web servers will likely end up working with them, although I’ve only tested IIS and Apache at this point.

On the Road

On the Road: San Francisco

There is upscale and then there is the Mission district in San Francisco.  You know that line “don’t expect too much and I just might not let you down”?  Well, that is the Mission district.  But there is a mission here, and I do so love them.  But even the mission is run-down.  The mission from which the city gets it’s name.  Indicative of the rest of the area.  :(

Articles and Books

Article on Macs in the Enterprise

Interesting article with a little quote from me by John Rizzo  on Macs in the Enterprise:

http://www.eweek.com/c/a/Apple/Despite-Growth-Apple-Falls-Short-on-Enterprise-Traction/