System Administrator Appreciation Day 2010 @ Nucleus

Posted on Friday, July 30, 2010 by Matti

Every year we count the remaining days. And every year, it’s worth it. This is our 2010 System Administrator Appreciation Day gift! In 2009 we had pretty cakes as well! And if you need a reminder for why we deserve this day, have a look here.

I love being in IT. :-)

Posted in Personal | Tagged , , , | 2 Comments

phpsh: Running An Interactive PHP Shell (Python)

Posted on Thursday, July 22, 2010 by Matti

If you haven’t heard of it yet, there’s a very intersting tool available called phpsh, a python implementation to a PHP shell – but better.

Installing phpsh

SSH into your server, and download, build & install the binaries. This assumes you’ve downloaded the .tar.gz version.

# wget http://github.com/facebook/phpsh/tarball/master
# tar xzf facebook-phpsh-1bc1c01.tar.gz
# cd facebook-phpsh-1bc1c01/
# python setup.py build
# python setup.py install
# phpsh

As simple as that.

How do I use it?

Even more simple. Once the install is done, execute phpsh on the CLI, and get started writing PHP code.

srv ~ # phpsh
Starting php
type ‘h’ or ‘help’ to see instructions & features
php>
php>
php> echo “Testing this new PHPSH”;
Testing this new PHPSH
php>
php>
php> $dbconn = mysql_connect(‘localhost’, ‘user’, ‘pass’);
PHP Warning:  mysql_connect(): Access denied for user ‘user’@'localhost’ (using password: YES) in /usr/lib/python2.4/site-packages/phpsh/phpsh.php(534) : eval()’d code on line 1
php>
php>
php> exit;

This can help to easily test or debug some PHP code. It has syntax highlighting, tab completion (!!), manual pages, … Still not convinced? Have a look at some real-life examples for a PHP interface shell.  Seriously, awesome tool.

Posted in Devops | Tagged , , | Leave a comment

Implementing & Maintaining DNSSEC On Bind9 Nameservers

Posted on Monday, July 12, 2010 by Matti

I won’t be going into detail what DNSSEC is, and what it does. This only covers the implementation (deployment) and maintenance that accompanies DNSSEC. Here’s the small index of topics I’ll cover.

  1. What is DNSSEC?
  2. Enabling DNSSEC in your environment
  3. Generating your keys: Key Signing Key (KSK) and Zone Signing Key (ZSK)
  4. Adding the public keys to your zone
  5. Signing the zone
  6. Key rotation, zone maintenance
  7. Summary
  8. Links, Articles & Video

There are a few assumptions throughout this article, mostly related to directory structures as I like to keep things organized. Another method would be to create a directory per zone, and store all data within that directory.

  1. I’m doing the signing for the dummy host “dns.org
  2. I have my zonefiles stored in /var/named/zones/
  3. I have my Key Signing Keys stored in /var/named/KSK
  4. I have my Zone Signing Keys stored in /var/named/ZSK
  5. I have my Delegation Signer and Keyset stored in /var/named/SET

Continue reading

Posted in Devops | Tagged , , , , | Leave a comment

How, What and Why – On Scalability, Availability & Manageability (Facebook)

Posted on Tuesday, July 6, 2010 by Matti

Since I’ve not updated this blog in quite a while, I’ll share a very interesting video and mention its highlights.

Video: A Day In The Life Of A Facebook Engineer

Obviously, Facebook has seen amongst the most impressive scalability problems ever. And here are some of the interesting bits, which can be used to manage and tune high traffic & high availability websites.

  • HipHop for PHP: transforms PHP code to optimized C++ code, for greater CPU efficiency. Started as a “hack” on one of Facebook’s Hackatons.
  • Memcached: duh … only downside is it requires some PHP recoding to make use of it (but shouldn’t be much if you’re already using frameworks or database classes).
  • Services: seperate key systems, make them independant of each other (news feed, photos, video, … – allows you to disable one service, and keep the rest going)
  • CFEngine: automating sysadmin tasks (alternatives: Puppet, Chef). Ideal in “clone” environments, a cloud of servers running a similar configuration. I have my doubts on highly customized environments, where each server is configured individually to specifics needs.
  • dsh: distributed shell, run commands on any set of hosts in your network

Monitoring will be needed to keep an eye on your infrastructure:

Take a look at other Open Source contributions made by Facebook’s Team!

Posted in Devops | Tagged , , , , | Leave a comment

Selling A Classic Mini British Open (Special Edition)

Posted on Sunday, May 30, 2010 by Matti

Not tech-related, at all. But since I can use the extra promotion in selling it …

For sale: Classic Mini, British Open (Special Edition). This version was created in limited stock. Only 1.000 in the UK, and 2.000 more in Europe.

It features an electric sunroof, 1.3l petrol engine, and the driving experience of a lifetime. It’s on sale since I lack the time to fully enjoy it. It’s among the best preserved British Open’s I’ve ever seen, fully restored by it’s previous owner.

It’s located on several dealer-sites:

And if you’re up for some mild reading, I would recommend: The History of Mini. Some more info on the car can be found here.

Posted in Personal | Tagged , | Leave a comment