antipaucity

After several years of being hosted at tektonic, it has come time to move hosts.

My current web server is running 32-bit CentOS 4.9. Eek! That is old.

Since upgrading to a new release of CentOS is now becoming more urgent, and upgrading is really reinstalling a new OS, I’ve started to look at new hosts. I’ve considered Chunk Host, but while their entry-level service are Okay, they’re not really in line with what I need at this time. Likewise, I have review iWeb‘s offerings, but unless I go for a colo, they’re not going to suit my personal needs well, either.

My requirements for a new host are the following:

• CentOS 6 x64 (for a variety of reasons – this is not a religious thing: I have evaluated other distros/platforms, and this is the best option for me)
• at least 250GB of storage (>500G preferable)
• several CPU cores (a minimum of 2, 4 or 8 would be better)
• at least 4GB RAM
• decent amount of available traffic (though I don’t anticipate major traffic patterns for some time)
• at

What I am planning to run:

• Apache (ports 80 and 443) hosting several domains
• MySQL
• Plone (on 8080)
• PostgreSQL
• sendmail for several domains
• SVN
• Trac
• WordPress with some plugins (one of which is a little CPU intensive)
• a backup store for myself (hence the storage requirements)
  • OS media
  • personal files
• continued mirroring of m0n0wall
• oh – and it’d be nice if it was in the same rough price range as what I’m spending now on far less (2GB 2CPU 60GB on one host, and 512M 4CPU 20GB on my other host – total ~$45/month)

So far, I have found a couple viable options – but have not 100% settled on them yet.

I am curious as to what alternatives may exist in this area that I have not yet seen, and would appreciate any suggestions

Career development. Career path. Development opportunities. Taking your career to the next level.

Terms and phrases we all hear and pretty much pass over in our day-to-day lives. Right up until we want to move to a new/better job or performance reviews roll around.

But what do they mean, and how can you advance your career (presuming, of course, that you want to)?

This is by no means an exhaustive list – indeed, I’d appreciate any other ideas / feedback / improvements y’all may suggest

For a software developer:

• be the documentation KING of your code – if it’s not right, make it right
• own every bug in your code – even when it’s not “yours”
• be The Guy™ who learns a new component of the code/product (at least conversationally) every few weeks
• write at least one tutorial a month on the internal wiki/kb about something you found or did with the code
• write at least one tutorial or similar a month externally (maybe a personal blog) in a general fashion about something you learned or did

For a systems consultant:

• be the documentation KING of every project you work on – make ABSOLUTELY sure the next guy can do more after you leave
• own every issue you find, even when it’s really somebody else’s problem (no throwing it over the fence)
• the The Guy™ who learns something new about the environment or product every couple weeks
• write at least one tutorial a month and/or give an overview talk of something you learned/did
• write about what you’ve done (changing names to protect the innocent) on a blog or elsewhere
• teach as many people as are willing to learn what you know (in your company / on your team / etc)

Focus – decide where you want to be, and plot a course to get there.

Finally, NEVER make yourself “irreplaceable” – the instant you make yourself irreplaceable, you also make yourself unpromotable: after all, if you’re the Only Guy™ who can do your job, why would your boss/manager/supervisor even think of moving you into a new role?

^{As a side note – if you’re ever working at a customer site, don’t take calls from anyone other than the customer while you’re at your desk/cube/workspace: even if it’s project related, take it in a different room}

When I worked at Opsware, and for a while after HP bought us, we used to try to have once- or twice-a-week meetings for each support group wherein we would bring our most difficult cases (with the difficulty being determined by the case owner), and have an opportunity for everyone on the team to ask questions, contribute, and maybe even solve the problem our customer was having.

Novel idea, isn’t it? The typical Support team is driven by stats – the number of tickets in their queue, age of the ticket, number solved/closed, number escalated, etc. Support is driven by these numbers because managers don’t think of any better way to do it.

All things being equal, if you can close 40 cases in a week, that’s a lot better than your podmate who “only” finished-out 12. But what about the complexity of each of those cases? And how much effort did each engineer put into them? Did the customer come back and ask for it to be closed because it’s either no longer an issue, or they solved it themselves? Is it a question that can be answered with a reference to a specific page/section of a manual? Or was it a problem that took multiple webex engagements, and dozens of contacts back and forth to find a solution because it was a deep bug?

Theoretically, the goal of “support” is to, well, support - get the problem reporter a solution of some kind they can use. That solution may be a bug fix, an RFE, a reference to a tutorial, reconfiguring, or a work around / alternative approach to their problem. A big problem with this setup is that the reporter rarely asks the right question. They ask what they have pre-determined to be what they think is a question – but by biasing their initial report, they can often end-up dragging-out the solution process far longer than it should take. I recently wrote a guide on creating effective support tickets, based on my experience working in support, and interacting with various support organizations both before and since.

Reporter bias is the hardest issue to overcome, in my opinion; engineer bias is easier to get past because (hopefully) there are folks you can bounce the problem off of in the team who can help narrow-down the problem and find a solution … or at least figure out where to try looking next.

Communication is the key to solving problems – when I was at Opsware we utilized internal IRC channels and (gasp!) talking with each other to try to find solutions to customer issues. We also spent a lot of time wording inquiries to the reporter to try to gain as much information as possible on each iteration of the communication process.

Another key to solving problems was to make records of cases with the following:

• initial reported behavior (or lack thereof)
• actual problem
• solution

Those records were sometimes on wiki pages, sometimes in our Plone internal KB, and sometimes got “promoted” out to the customer-facing KB. All of these approaches helped us get problems solved faster – either by offloading the “work” to the customer (via a KB reference), or by being able to apply previous answers more quickly when new-but-similar/identical problems were reported.

The end goal of a support team is not to outdo one another on how many cases one engineer has in his queue, or how many another has closed – the end goal is to solve customer problems. “Works well in a team setting” is a qualification typically associated with support engineering employment listings – but all too often that gets reduced to a cliche that practically means “tries to outdo his cubemates by closing more cases than the next guy”.

I’m as much a fan of personal responsibility and action as the next red-blooded capitalist, so don’t take this next section to imply I’m promoting communalism.

The way a support team should work is the way [good] sports teams work, or the way a Nascar team operates: yeah, it’s the driver of the car who gets the “glory”, but without his pit and maintenance crew, he’d be no better than you or I going to the grocery store. Any given support engineer gets to have his name tagged to the case for posterity – both with the good things he did, and the not so good ones. But since the goal is really to get the customer’s problem addressed, the ego of the engineer needs to be removed from the equation.

Bob Smith might be “the guy” who informed his customer of a solution, but generating the solution involved the other 7 people in his office. He gets the “fame” from Universal Widgets LLC, but he was just one of the [important] cogs in the process of resolving the issue.

The number of cases Bob has in his queue should have [almost] ZERO correlation to his skill as an technical engineer: it’s the 7 people behind him whom he can ask and brainstorm with that get the job done.

Maybe Bob gets to handle most of the “customer” action, but the other 7 are writing bug reports, solutions articles, etc. When evaluating that team, management needs to do just that: evaluate the team first, and the individuals second.

The September meeting of the Bluegrass Linux User Group will be this Saturday, 17 Sep.

We’ll be meeting at Collexion’s facilities in Lexington at 2:30p.

I will be presenting on data center automation, specifically on HP’s Server Automation platform (the tool I use on my day job).

Some [limited] history of HPSA is available on the Opsware wikipedia page.

We’ll also briefly touch on some of the OSS alternatives to a full-blown environment like HPSA, such as:

• Puppet
• CFEngine
• Chef
• Cobbler
• xCAT

Wow. It’s been several months since I last posted a book review. I have been reading in the mean time – just haven’t gotten around to posting any of them hereon.

In the intervening months I’ve read 1434 by Gavin Menzies (follow-on to 1421) and The Lost City of Z by David Grann. I’m currently reading Netherland by Joseph O’Neill and Radical by David Platt.

I also bought a Kobo ereader at one of the Border’s stores in Louisville, and my wife and I have started reading The Adventures of Huckleberry Finn by Mark Twain together.

I’m sure there have been others, too – but I’ll be posting reviews of them over the coming weeks.

I saw an interesting question this morning on ServerFault, entitled “SSH Prompts for password even though private keys are available, presented to server and known to it”.

• when my user is not already connected to the server (first ssh connexion), it prompts for password even though privates keys are availiable (PuTTY + Pagent). After that first connection, if I open a secondary or a third connection it gets connected with the keys.
• If I close all connections and open a new one it prompts for the password.
• If I have let say 4 open connections and I close the first one (the one that prompted for the password), the fifth connection will be opened with the keys

Now that is an interesting problem. The answer supplied, with follow-on comments was also interesting, but the process behind solving this is even more fascinating, I think.

The issue is that password-less logins should work. sshd_config has been set properly, and there is a set of matching keys in authorized_keys.

But it doesn’t work, obviously – or there’d be no question raised.

A list of items to look into, both from the supplied answer, and from my own thoughts (somebody else beat me to an answer):

• permissions on .ssh/authorized_keys (must be 600)
• verify sshd has been started/restarted post changes to sshd_config
• check to see if home directory is remotely mounted / mounted on demand
• check to see if key has a passphrase in use
• look at /var/log/auth.log for errors
• check to see if the home directory is encrypted (actual answer)

Debugging is something I have written about recently – it seems to come up over and over in my line of work.

It’s a skill that’s vital to have in the IT world, and yet an awful lot of folks do not.

The answer, for those interested:

It sounds like, for whatever reason, the user’s home directory is not available if the user is not logged in, so that sshd can’t find the authorized_keys file

…

The user’s home directory must be using ecrypt or something like that

…

that’d be the cause, then, since sshd can’t decrypt the contents of the home directory

…

Ubuntu Desktop asks if you want to encrypt the home directory (why not?) without mentioning what it may do to ssh… a simple “note: this will effect SSH…” would be helpful

I have been working on my Connexions submissions again recently, and have a collection ready for use (it will be growing as time goes on): “Debugging and Supporting Software Systems”

I realize there are some small typos in the current text, but I will be addressing that in a upcoming revision

I’d love to get feedback from anyone on how it could be improved/expanded.

I’ve recently had some travel for work that had put me up in Indianapolis.

Tuesday evening I watched the best light show ever: a miles-high, miles-wide thunderhead flashing nearly constantly for over 30 minutes.

It was a little east of where I was staying in Fishers, but man was it pretty!

For the record, God’s fireworks are cooler than any 4th of July party

My wife and I are participating as judges in the state finals for the Kentucky 4-H presentations at UK’s campus Saturday. We’ve both gotten tagged to judge speeches.

This’ll be my first time ever involved with 4-H, whereas my wife has been doing something with them every year for about 15 years

A couple weeks ago, my wife and I flew up to NJ for my family reunion (held near South Bound Brook every last Saturday in June). I’ve missed the last few due to other things getting in the way (like living in Singapore and getting married ) – so it was great to be able to catch up with some people I haven’t seen in 3+ years, but sad that not everyone could make it.

Excluding the cruddy service we got on US Air from CVG, the trip was pretty good. The Sheraton at Newark Airport bumped us to the “lounge level” (that floor you need your room card to get to). The picnic was fun. And dinner that evening at one of my favored restaurants in Whitehouse Station was tasty, too.

Sunday early we got to Newark Penn Station to do something neither of us has ever done before in the US (and my wife, well, ever) – take a “substantial” train ride! I’ve taken the train back and forth between Albany and NY Penn a few times, and I’ve taken the train in the UK, but never anything longer than a couple hours in the US.

The Cardinal line runs 3 days a week, and hits myriad stations on its way from NY Penn (the stop before we got on) to Chicago (we got off in Cincinnati).

Some things we learned:

• coach class seats are comfy – for the first few hours; after this, a room would have been a LOT better
• had we bought a room, our meals would have been included
• it’s intensely bizarre to eat going backwards at 75mph
• the NRHS does narrated tours of part of the Cardinal run (West-to-East) a couple days a week
• there are way more train stations in this country than I would have expected: but never quite where you want them to be
• meals are eaten with whomever they set at your table – so unless you’re in a group of 3+, you’ll be eating with total strangers

We’re both constantly checking Amtrak now for any future trips – both leisure and business – to see if taking the train is a better deal than flying… and a non-trivial percentage of the time, it is turning out to be so

The only truly bad part of the trip was the taxi ride from the Cincinnati Amtrak station to CVG – the guy who picked us up waited until we got to the airport to claim his credit card reader was down (future reference – if the machine is off/”down”, it’s probably that the driver wants cash in his pocket, or for change, but he is still REQUIRED to take your card info by hand). Then he offered for us to “just buy gas” for him instead of pay him. Then he didn’t shut the meter off when he drove us to an ATM (at the airport terminal) to get cash out for paying the sheister. When I talked to the taxi owner the next day, he set us straight on how that should have worked, and fired the driver for cheating us. Oh – and he also told about all the “mechanical and electrical” issues his car had.. yeah – extremely unprofessional