Debian has a nice way to handle multiple java installations on a the same machine. Let’s say that for some reason you want to have sun-java 1.5 and also 1.6 installed on the server, we can easily configure the default one with the update-java-alternatives command (part of the java-common package). Here is how it can be used:

To see what versions of java we have installed on the system (from debian packages):
update-java-alternatives -l
java-1.5.0-sun 53 /usr/lib/jvm/java-1.5.0-sun
java-6-sun 63 /usr/lib/jvm/java-6-sun

We can see that the default version is 1.6 in my case (as it was the last installed):
java -version
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)

We can change the default version with: update-java-alternatives –jre -s <ver> , like:
update-java-alternatives --jre -s java-1.5.0-sun
and now the default is 1.5:
java -version
java version "1.5.0_22"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_22-b03)
Java HotSpot(TM) Client VM (build 1.5.0_22-b03, mixed mode, sharing)

This is quite handy if you need to have multiple java versions installed, and need a quick way to change the default one (you can access any of them directly from their own path of course).

During the annual Debian Developer Conference “Debconf10” in New York, the Debian’s release managers have announced the freeze of the upcoming stable release Debian 6.0 Squeeze. Basically this means that no new features will be added and all work will now be concentrated on fixing existing bugs.

The upcoming debian stable release will include:
- Linux 2.6.32 kernel
- Apache 2.2.16, PHP 5.3.2, MySQL 5.1.48, PostgreSQL 8.4.4
- Python 2.6 and 3.1, Perl 5.10, Ruby 1.8.7.299 and 1.9.2~svn28788, GCC 4.4
- DKMS, a framework to generate Linux kernel modules whose sources do not reside in the Linux kernel source tree.
- Dependency-based ordering of init scripts using insserv, allowing parallel execution to shorten the time needed to boot the system.

Hopefully we will see Squeeze going stable in the next 4-6 months, ideally by the end of the year!

Release Announcement: http://www.debian.org/News/2010/20100806

Ever since I sow the oscon presentation of reconnoiter I wanted to check it out and play with it. Yesterday, I finally had some time to do this and thought it would be a good idea to document it as a short howto. Most of the infos I used are from the readme (BUILDING), the wiki and the excellent writeup of Thomas Dudziak on how to install reconnoiter on ubuntu.

The daemons noitd and stratcond are written in C, and the database used is postgressql, while the web interface is written in php. We will need to install a few dependencies to be able to compile noitd/stratcond: Read the rest of this entry »

The Debian project just announced the fifth update for its stable distribution “lenny” 5.0.5. Those installing regular updates from security.debian.org will notice just a few new updates (base-files for the version change to 5.0.5, apache2, apt, bind9, linux-image, openssl, etc). Also the installer has been updated in this point release to correct an issue with the display of the “BIOS boot area” partitioner option when using GPT partitions and to update the list of available mirror servers for package installation.

“The Debian project is pleased to announce the fifth update of its stable distribution Debian GNU/Linux 5.0 (codename “lenny”). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems.

Please note that this update does not constitute a new version of Debian GNU/Linux 5.0 but only updates some of the packages included. There is no need to throw away 5.0 CDs or DVDs but only to update via an up-to- date Debian mirror after an installation, to cause any out of date packages to be updated.

Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.

New CD and DVD images containing updated packages and the regular installation media accompanied with the package archive respectively will be available soon at the regular locations.”

Release Announcement: http://www.debian.org/News/2010/20100626

The Debian release team recently announced the current status of the next Debian release Squeeze. The team just finished the work on some major parts like completing the changes to run init scripts in parallel, transition to eglibc into testing, GNOME 2.30 and KDE 4.4.3. The next big step is to make Python 2.6 the default python version for sqeeeze and based on Adam Barratt estimation this could be finished sometime in late August, and at that time to freeze the release.

Squeeze freeze was planed for December 2009, meaning it is already way behind schedule, and it looks that it is not so easy for the Debian project to switch to a fixed 2 year release cycle (or freeze cycle). This was pushed back because of the high number of critical bugs for a release freeze. Based on past experiences there will be at least 4 months needed after the freeze to release the next stable version, meaning this could show up by the end of the year if everything works out fine. But realistically, this could take 6-8 months after the freeze, and push the release date in 2011.

The Debian project just announced the third update for its stable distribution “lenny” 5.0.3. Those installing regular updates from security.debian.org will notice just a few new updates (base-files for the version change to 5.0.3, heartbeat, perl, openssl, linux-image, svn, etc). Also the installer has been updated to incorporate the new kernels released with this point release, adding support for new network hardware, and to fix a segfault early in the boot process of installations for the S/390 architecture.

“The Debian project is pleased to announce the third update of its stable distribution Debian GNU/Linux 5.0 (codename lenny). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems.

Please note that this update does not constitute a new version of Debian GNU/Linux 5.0 but only updates some of the packages included. There is no need to throw away 5.0 CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated.

Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.

New CD and DVD images containing updated packages and the regular installation media accompanied with the package archive respectively will be available soon at the regular locations.”

Release Announcement: http://www.debian.org/News/2009/20090905

I’ve just finished reading “Learning Nagios 3.0″ by Wojciech Kocjan and published by Packt Publishing, and this is a great book for anyone interested in nagios. This is a beginner level book that introduces nagios to new users interested in monitoring their infrastructure, but it will also present advanced features that even more experienced sysadmins can benefit from. All these in a pretty compact book, at 301 pages.

The topics are as follows:

• Introduction
• Installation and Configuration
• Using the Nagios Web Interface
• Overview of Nagios Plugins
• Advanced Configuration
• Notifications and Events
• Passive Checks and NSCA
• Monitoring Remote Hosts
• SNMP
• Advanced Monitoring
• Extending Nagios

Read the rest of this entry »

One of the great features of Amazon EC2 is the possibility to dynamically query and use instance specific metadata, or even custom data. This can be useful for various reasons, and the greatest advantage I’ve personally seen into this, is the possibility to allow the instance to have some information on how to configure itself when first booting (using chef or puppet, or some other configuration management tool).

The Amazon documentation explains how to get this information, basically just by using simple http get requests on the ip: 169.254.169.254, like for ex (for the metadata index):
curl http://169.254.169.254/latest/meta-data/
or for the custom data:
curl http://169.254.169.254/latest/user-data

Eucalyptus supports this great feature (starting with v1.4), but we obviously need to target a different ip to retrieve this information (as the amazon ip has nothing to do with our internal cloud ). We need to use the cloud controller IP for the request and the port it is bound (by default 8773 if you have not changed it). This will look like this (you need to run it from inside the actual instance): Read the rest of this entry »

s3sync is a great tool to synchronize local data with Amazon S3 for backups, or whatever other reasons you might want to put your data on S3. It is very simple to install (gem install s3sync) and use (s3sync -v -s -r –progress <source_dir> s3_bucket:<dir>); it runs very well and it can be easily scripted to do regular backups or even synchronize live data with S3. The only problem I found while using s3sync was that it can be very slow when uploading a lot of data (millions of files) to S3; this because the process is slow but also because it runs a single file at a time, and it doesn’t do several uploads in parallel. I would have loved for s3sync to do this out of the box, but unfortunately it doesn’t, but for my particular need I was able to do this by running more s3sync commands a the same time. It will not apply to your data (unless it is structured the same way as here; very unlikely), but it might give an idea on how you could do this your own data if it is structured in a feasible way.

Read the rest of this entry »

Many startups these days are using Amazon S3 to serve directly their static assets. S3 is being used as a simple CDN instead of more professional (and expensive) solutions (including Amazon’s own CloudFront) because it is very simple and cheap to use. Still if you have a high traffic site, this will no longer be so cheap since you will be paying for all those requests and the bandwidth. In such cases if you still want to use S3 for the storage advantage (like storing millions of files and see it as an unlimited storage space) but not have your bill go up like crazy, you can use a reverse proxy or web accelerator to cache your assets locally and reduce the number of direct hits on S3. We could use Squid or Varnish for this, and in this article I will show how we can configure Varnish for this. We are using varnish with S3 on various projects and it works very well, simplifying the setup and saving a lot of money in the Amazon S3 bill.

Varnish is a state-of-the-art, high-performance HTTP accelerator. It uses the advanced features in Linux 2.6, FreeBSD 6/7 and Solaris 10 to achieve its high performance. I will not go over the installation of varnish here, but I would highly recommend to use the latest version available at this time 2.0.4 as older versions have various issues.

We could try to use something simple like this in a varnish vcl:

backend s3 {
   set backend.host = "my_bucket.s3.amazonaws.com";
   set backend.port = "80";
}

sub vcl_recv {
   if (req.url ~ "\.(css|gif|ico|jpg|jpeg|js|png|swf|txt)$") {
     set req.backend = s3;
     lookup;
   }
}

Read the rest of this entry »