Working for an IBM Business Partner for quite some years, I was used to deploy and configure (and even teach for IBM) IBM Director as a monitoring solution (for both hardware/operating systems/snmp devices/etc/etc ...). Now that I work as a sysadmin, I have to maintain one IBM director 5.20.3 setup I had myself installed and configured quite some time ago (as a consultant then). But I didn't want to update to 6.2 because it simply kills the machine on which it runs .. needs too much processor, too much memory .. and just to give you an idea : it's a Websphere/java thing that you have to install now ... I wanted to go the opensource way instead, but with something that can still monitor Linux/Windows/snmp devices and IPMIdevices (we have quite some IBM servers and/or BladeCenter).

I tested Zabbix and directly felt in love with it : the agent memory footprint is really small (in comparison with that java-based agent on the Director side) and the way to build Items and Triggers is really great. I deployed it in our environment but focused first on the OS/services side (as the 'other' monitoring …

Following Dag's post about packages now being built for el6 (and landing in the el6 repository for x86_64 and i386) I have to say that the ppc builds are delayed for some reasons.

First is the (already existing) problem with the build arch. RHEL4/5 and 6 aren't build to work on Mac ppc hardware. I was able to build the el4/el5 packages with a minimal mock environment (using the official RHEL tree, but reduced to contain only the ppc and noarch packages, obviously because the ppc64 packages coudn't be installed in the chroot environment). It was even harder with the glibc package from RHEL5 because it contains specific patches that require Power4 or above processor for the ppc arch. I was able to reduild it without those patches, meaning that the buildroot isn't even 100% equal to the real RHEL 5.x tree.
Now that el6 landed, i'll have a look at all these problems and try to chase them one by one. I think that my 10+ years old mac G4 will suffer from all these tests but that's still the machine that i use to build the RPMforge ppc builds.

So my first plan is to …

I discussed today with a web developper who needed to reach a machine through ssh but not directly accessible from the wild Internet. In fact, she told me that she takes a shell on each hop with ssh agent forwarding and so from that shell launch another ssh session. Well, of course that works but my question was "Why don't you just simply use a ProxyCommand in your \~/.ssh/config for that host ?". I discussed with quite some people in the last months not knowing that ProxyCommand feature in OpenSSH so once again it was time to at least blog about it

From man ssh_config :

ProxyCommand
Specifies the command to use to connect to the server ...

The man page has an example but what I do is using ssh itself as a ProxyCommand. Just an example : suppose you need to reach HostB (not reachable from where you are) but that you can reach HostA (and that HostA can reach HostB). You can configure your \~/.ssh/config like this :

Host HostB  
  Hostname the.known.fqdn.as.resolvable.by.HostA  
  User arrfab  
  ForwardAgent yes  
  Port 22  
  ProxyCommand ssh remoteuser@HostA.with.ssh.access nc %h %p*

And what if you need to …

Well, this is a good question and most of us will likely answer 'yes of course'. Indeed, as a SysAdmin you want regular tasks to be automated and act the same way on a bunch of systems. But what if you need a custom task (that you only need once) to be launched on some machines at the same time ? A lot of solutions exist of course to "push" commands to be executed by clients machines. Some will use RHN/Satellite, some will prefer using something likeCFengineor Puppet. I've even discussed with some admin pushing some 'encrypted' commands on a Twitter feed followed by some clients able to understand the commands and process them ... Multiple solutions exists, and your imagination is probably the limit.

But what if you just have to manage a *very* small amount of servers at the same time for different customers/environments. For example, as an IT consultant, you probably have a bunch of customers running different solutions and sometimes with only 10 or 20 servers, right ? Will you install a satellite proxy server just to push commands for those 15 machines ? or sometimes even less ? IMHO, ssh is the solution, especially if you …

It was the first time that I was at FrOSCon and I admit I enjoyed it. Not only because I can always see in real life some other CentOS contributors (thanks again Andreas, Sarah, Didi and Christoph), but also because I can see some other people really happy with CentOS. Last year (even if i was not there), CentOS was used to 'power' some TFT screens at the entrance. So we did the same this year and just because Dag asked it, we took a picture this year too :-)

I've always loved Nokia products and always have been satisfied by my last two E-series (E51and E71). But there are those little things that can bring you a better life when using it. For example, you can decide which data access point (Wireless or 3G) you want to use when launching an application. That's fine and of course I prefer using my WLAN at home than the 3G connection. But what if you schedule something to happen automagically on your phone, like calendar and contacts sync (I sync those with the integrated Mail for Exchange application, even if, obviously, i don't have an Exchange server, but rather a Zarafa OpenSource server with z-push installed). You have to define a 'sync plan' and choose which connection it will use in the background. Wait, I'd like it to select my Wireless AP when at home (or with some pre-defined wlans from friends, etc ..) if available and then switch to 3G if no wlans available. That's where SmartConnect helps you a lot : you can define a 'fake' access point which is in fact a group that contains your connections (wlans/3G) with priorities and it will use the first available one. Use …

Hi all ... just to let you know that some members of the CentOS promo team (including myself) will be at the 'Free and OpenSource Software Conference' in Germany in (more than) two weeks ...

Feel free to come at the CentOS booth to discuss with some of us !

As some of you already know it, DRBD is now (since kernel 2.6.33) part of the mainline/upstream kernel. Some were expecting RHEL6 to come with that kernel (used for Fedora 13). The latest RHEL6beta2 still comes with 2.6.32, which doesn't include DRBD support. Of course we still don't know what the 'frozen' RHEL6 kernel will be but on the other hand, we know that Red Hat quite often 'backports' modules from newer kernel into the RHEL kernel. What about DRBD ? At the time of writing this blog post, it seems still undecided, but you can follow the DRBD RFE on Upstream Bugzillato get a clue, or even comment on it if you have a bugzilla account to  make hear your voice. On the other hand, you can still be sure that even if DRBD isn't part of EL6, CentOS will still ship it in the Extras repository, like for EL4/EL5 ...

The other day, Russ pointed me/us to a cli client for Twitter : TTYter. Even if i'm not myself a Twitter (ab)user, I thought it would be funny to create a tweet that can be followed by those Twitter abusers and wanting to follow the build status of the RPMforge PPC rpm packages that I build. I've quickly modified my automated build scripts to post a build status after each build and you can follow it here : http://twitter.com/rpmppcbuilder . It would be nice also to have such stuff for other build machines as well ... While i'm talking about those PPC packages, if you still have a PPC machine doing nothing and that you want to throw away, please redirect it to me instead (that can even be an IBM js2x blade that I would be able to have it hosted somewhere) ;-)

I had yesterday to migrate a server running CentOS 4.x to a new xen domU running CentOS 5.4 . While the migration was the easy part (including the data), the 'problem' I had was the backup part. In fact the backup application used is a proprietary one (Computer Associates Arcserve, to keep it 'secret' .. ). Well, that proprietary backup agent (v11.5, old but still used 'here') doesn't work on CentOS 5.4 (glibc issue) and i didn't want to find a workaround that problem (with LD_LIBRARY_PATH or some other tweak). That's where Samba came to the rescue : the Arcserve backup server can backup Windows nodes (and so Samba nodes too) through UNC path. OK, but for the previous system i had prebackup and postbackup jobs/scripts on the CentOS node (doing specific things, including creating a lvm snapshot and removing it after the backup job). How could i do that now through the samba-backup-method approach ?. Well a standard cron job on the CentOS machine was of course always doable but I (we ?) prefered some kind of 'triggering action'. That's where i used for the first time the preexec and postexec options for a samba share. Basically it still uses …