SecurityMetrics PCI testing fails again
They've done it again. @SecurityMetrics has irritated me with their insufficiently tested scan scripts and poor customer service. Is there someone else we should be using for PCI testing? [Read more...]
They've done it again. @SecurityMetrics has irritated me with their insufficiently tested scan scripts and poor customer service. Is there someone else we should be using for PCI testing? [Read more...]
This concept is thrown around a lot. People frequently say that "GlusterFS is slow with small files", or "how can I increase small file performance" without really understanding what they mean by "small files" or even "slow". [Read more...]
Version 3.3 introduced a new structure to the bricks, the .glusterfs directory. So what is it? [Read more...]
The advanced file replication translator (AFR) departs from the traditional understanding of RAID and often causes confusion (especially when marketing people try to call it RAID to make it easier to sell). Hopefully, this should help clear that up. [Read more...]
Back at the end of 2003 I was toying with Gnutella's distributed peer-to-peer network and wanted to host a peer lookup server myself. I tried several cache servers but most of them didn't support the newer protocol and would frequently fail. I wrote my own. It worked very well and was quickly becoming the most popular of it's kind until some commercial software developers wrote horrible client software to make use of the network. [Read more...]
Late last night I reconfigured my network. Today, some of my remote sites could get their dhcp info. Here's why. [Read more...]
'The kernel patch that nuked GlusterFS was signed off by mostly Lustre developers:' [Read more...]
On Sunday, March 18th, Fan Yong commited a patch against ext4 to "return 32/64-bit dir name hash according to usage type". Prior to that, ext2/3/4 would return a 32-bit hash value from telldir()/seekdir() as NFSv2 wasn't designed to accomidate anything larger. This broke the distribute translator as suddenly the dirent structure was returning 64bit d_off values. When DHT (Distributed Hash Translator) applied dht_itransform() on those values, it would overflow. Since the dictionary entry did not have a cached offset, it would try to create one again and would end up in an endless loop. [Read more...]
I'm trying to use openstack for my 2 vm hosts. I think that this will puppetize better than how I'm doing it now. Primarily, I think OpenStack will offer more flexibility when I need to schedule hardware maintenance as it will handle which compute node the vm goes on so puppet won't end up restarting the VM I just migrated to the other host. Using simple nova cli commands, puppet can inquire as to the states of machines and manage them without being so node dependent. [Read more...]
A GlusterFS user from IRC asked me about my puppet management of KVM in RHEL/CentOS and how it works. I started to write this post two weeks ago and had to stop because although it works great, I figured that wasn't the answer he was looking for. I looked at the puppet module that I knew I'd hacked on from Carla Souza and after 2 hours of trying to figure out what I had done, gave up and went to bed. I finally was able to look at it again and it wasn't quite as hacked up as I thought I remembered. I've since forked hers and added my changes. [Read more...]