Upgrading Graphite

March 17, 2014 by · Leave a Comment 

Recently swills@ upgraded Graphite and reconfigured how it works to fit more in to the FreeBSD file system layout.

So if you are upgrading from a graphite installation older than 0.9.12_1, you will need to follow the following instructions:

  1. Stop carbon
  2. Copy the old data from /usr/local/storage/whisper/* to /var/db/carbon/whisper/
  3. Copy the /usr/local/etc/carbon/carbon.conf.example over to carbon.conf
  4. Set the SECRET_KEY to something random in /usr/local/etc/graphite/local_settings.py
  5. Then follow the instructions after the install, including updating the httpd.conf per the message after the install
  6. Restart Carbon and Apache

Be careful that you do not miss any of the steps and you should have a working Graphite install.

Puppet + pkgng/poudriere

May 21, 2013 by · 1 Comment 

First thing we will need a clone of https://github.com/xaque208/puppet-pkgng into /usr/local/etc/puppet/modules/.

This will be pushed out to the clients as long as: pluginsync = true

For me the next step is to create a manifests/init.pp in the new module directory. This is important to me because I want to sync out a /usr/local/etc/pkg.conf to all my machines so that they point to my internal poudriere repos. So I end up with something like this:

file { "/usr/local/etc/pkg.conf":
        mode => 755,
        owner => root,
        content => "packagesite: http://pkg/91-web/
",
}

Once that is done it is easy to use pkgng packages via:

package { "www/apache22":
        ensure => installed,
        provider => pkgng,
        require => File['/usr/local/etc/pkg.conf'],
}

BSDCan 2013 Talk: FreeBSD Birth to Death: Managing the Lifecycle of a FreeBSD Server

May 17, 2013 by · 1 Comment 

This is a bunch of links to the tools I talk about in my presenation

Tools:

Collectd: https://collectd.org/

Graphite: http://graphite.wikidot.com/
Nagios: http://www.nagios.org/

Poudriere: http://fossil.etoilebsd.net/poudriere

Config Management:
Salt Stack: http://saltstack.com/
Chef: http://www.opscode.com/chef/
Puppet: http://puppetlabs.com/

Subversion: http://subversion.apache.org/

LogStash: http://logstash.net/
Audit: http://www.freebsd.org/handbook/audit.html

CARP: http://www.freebsd.org/handbook/carp.html

OATH: http://www.openauthentication.org/

Serial Console: http://www.freebsd.org/handbook/serialconsole-setup.html

Generic Resources:
FreeBSD Handbook: http://freebsd.org/handbook
Everything Sysadmin Blog: http://everythingsysadmin.com/resources.html

The Importance of Serial Console

January 16, 2013 by · 2 Comments 

I have long been a huge fan of having serial console on my servers–it can really save the day when a mistake is made. Yesterday, one of my coworkers botched the sshd_config in an upgrade of a server, so the server came up fine, but without sshd. As a result, the system was not accessible for remote login via the network.

Over the years, I have done serial console in many ways. I began with a single null modem cable between the back of two servers. Next, I utilized a RocketPort multi-port serial card with 8 serial ports on it. These days, I have moved on to employing big serial console servers such as those made by OpenGear, providing up to 48 ports. They also have ancillary features such as providing a Nagios platform and Environmental monitoring.

No matter your physical connectivity, I recommend using Conserver. This helps by logging what is happening on the console, which can be very handy if you need to see what happened in the past whether it be a function of the system, or to see who did what. It also provides multi-user access, so you can watch while someone else is working and both of you can collaborate on fixing a problem.

In order for the previous technologies to be useful, the servers require configuration as well. The first step is to configure the BIOS for serial console redirection. Once this has been performed, the OS will need to be configured to present a console login via the serial port. The FreeBSD Handbook explains how to do this Here.

Scripted Install of FreeBSD 9

May 8, 2012 by · Leave a Comment 

Continuing in the theme of automation, here is a distilled guide on how I do an install on FreeBSD 9.

http://freebsd.so14k.com/freebsd9_scripted_install.shtml

It is pretty basic, here are some of the highlights:

  1. GPT disk layout
  2. ZFS Only Install (which could be easily converted to UFS)
  3. The Script is nice and short!

PXE Booting FreeBSD 9

March 23, 2012 by · Leave a Comment 

I have thrown together a quick guide to get FreeBSD 9 to PXE Boot:

http://freebsd.so14k.com/freebsd9_pxe.shtml

In FreeBSD 9, a few things have changed. If you have an old PXE environment from FreeBSD 8, you will want to make note of the following:

  • No more mfsroot.
  • Which means, no more changes to /boot/loader.conf, it should be empty infact.
  • You need the new pxeboot binary from 9, do not try using an old one.

anoncvs1/cvsup14 Update

March 23, 2012 by · Leave a Comment 

Just a quick note. I have cvsup14 running again, and has been for awhile.

Anoncvs I have not gotten around to setting up yet, hopefully soon.

New FreeBSD Forums box has been Shipped!

January 31, 2012 by · 2 Comments 

I have just shipped the new FreeBSD Forums box. It will be much nicer to have a more powerful box and lots more RAM to play with. Maybe even let us implement things like Varnish finally!

Puppet patch pushed upstream!

January 23, 2012 by · Leave a Comment 

Thanks to everyone that helped. Especially Andrew, Tim, and Daniel.

The commit is here: https://github.com/puppetlabs/puppet/pull/338

Pushing the Puppet patch for FreeBSD password management upstream

December 13, 2011 by · 1 Comment 

I attended LISA in Boston last week and was able to talk to a few of the Puppet developers. This reminded me I needed to push this patch upstream.

I opened a ticket in the Puppet Bug tracker, 11318. Then I found out that someone by the nick of tdb had already incorporated our changes into another pull request that adds more functionality and some unit tests. So hopefully this will be committed soon and we can have this support upstream.

I just wanted to thank tdb for taking this work and running with it!

Next Page »