Technology

Virtual vs Physical

by

At work I am deploying a growing number of servers for both production use and development & testing. One of the things we are doing is paying more attention to replicating our production environment at every step of the development and deployment environments. That means allot more servers. How much is allot? We added 25% more gear enterprise wide in the month of August. We have been busy, and we are not yet done. I have filled one computer room at a facility and we are bringing online another at that location sooner than originally planned. We also moved into a larger cage at our data center earlier this summer. Then we added cabinets to the new cage to accommodate the larger growth. In yet another office we added a cabinet, and are working on beefing up the power in the room to accommodate yet more gear. Then we need to look at more HVAC. I never had to deal with ancillary issues such as not having enough power to run gear. 5 years ago I would never have thought I would be in a situation like this. It is very interesting to me to look at how many rack U’s a server takes up when quoting them out and determining what to buy based on the cost of a 2 vs 4U server and how much it would cost to just add another cabinet if you got the bigger gear. As a plain old engineer I would just recommend buy this server because it did the job. In my current position I need to look at the entire picture.

The next few months will bring another burst of server sprawl. One of the things we are looking at is the cost of buying hardware for every server role we need to fill, or the cost to do the same amount of computing power in virtual machines. I must sound like a broken record talking about one of my favorite software companies, VMWare. Our GSX server has served us well, and is a great proof of concept to show how we can expand the use of VM’s. I don’t think we will deploy VM’s en-mass at our data center to do production work, but we have plenty of other uses for the technology elsewhere that makes looking into GSX or ESX server a viable alternative to buying more gear.

To me it boils down to 2 factors. 1 is of course cost. How much does it cost us to buy and deploy a dozen servers, power them, get KVM’s, and rack space for them, vs purchasing hardware for a VM server (or 2) that can handle the same amount of work load.

The 2nd factor is ease of use. How quickly can we get build a physical server for use? Restore it from a preset level of configuration for use in dev and qa? How fast can we buy and deploy hardware when a need comes up for a new server? The same questions apply for virtual machines.

I am a bit biased. I want to virtual machines. The flexibility they give you is amazing. I also know that I have SLA’s to keep, and costs to consider. So if the per server (or server instance) costs are too high we can’t do it. For now I spoke with my boss late this week to identify what applications need homes in what environments. The next step is to crunch the numbers to get all of our options. The VMware user groups have been helpful in figuring out realistically how many VM’s you can get per GSX and ESX server. More news as the project unfolds.

The Security Myth

by

Security. I am a fan of it. Security is like a nice warm um well security blanket! No really. It is good, and most people take it for granted. The problem is allot of time security is this myth that people believe in that may not really exist. Take Wifi for example. I just used macstumbler while I am sitting at my desk at home. Do you know what I found? 8 wireless networks. One of them was mine. Of the other 7, I saw 4 open networks. Of those 2 had the default network names, and one was just named my network. That means that 50% of the networks around me where not just open for anyone to go into. That is crazy. I bet the people using those open networks don’t know they have a huge security hole on their network, or they don’t care. The network device manufacturer’s have a big problem. Make the setup of the devices too hard and people won’t buy them. Make them too easy (as they are most of the time now) and you have tons of unsecured networks. Having the majority of the people using this gear not know the mechanics of how the gear works does not help the situation. It is like having everyday people work on their cars instead of taking them to mechanic’s.

I don’t think most computer people will argue with the assessment I have made above. Or they can if they want. Wifi security has been discussed to death. Even with proper WEP or WPA encryption the system is still not safe. I know that. I have WPA setup on my wifi point. I know I can also add MAC address filtering, etc. I know better, but I still think I have secured the system enough. Have I really? I think for the most part yes. I think of WPA as the club. you can still steal the car (aka break into my network) but why would you waste time with my network or car when you can steal the guy down the streets car who left the door unlocked or just doesn’t have a club? I have a myth of security.

Another example of gaping security wholes is another growing wireless standard, Bluetooth. I have been a fan of it since I first read about it almost a year before the first mobile phone with bluetooth came out. And when it did, I bought one. A Ericsson (they were just Ericsson back then) r520. So for the record I am a fan of Bluetooth. I am a fan of wifi for that matter. I remember when I was at my first tech job back in 96 I got to play with a demo of a 1mbit (i think) wireless card and point from Raytheon. The problem is bluetooth has the same security myth. It also has the problem of the media blowing the issues into this huge security crisis. The simple fact is that most phones and other bluetooth devices were configured to be as easy to configure as the manufacturer could make them. That means allot of devices are setup to be discoverable by default. That means that if the bluetooth radio on a phone is on, someone else looking for bluetooth devices can see your phone if you are in range. To prove that, last week on Amtrak home from my trip I was able to view up to 4 other bluetooth devices from my seat. To protect yourself all you usually have to do is make a change in the default configuration of your device to not be “discoverable”. Do most people do this? Nope. But if you turn discovery off by default you have people complain that setting up partnerships are too hard. See the problem?

You have people then go around thinking all is ok, until they have a problem or someone tells them their phone is at risk of being broken into. First of all that may or may not be true given that you have to set passkeys, etc. For argument sake lets say it is an accurate assessment. These people then freak out and get mad at hardware vendors for delivering unsecured devices. How do you win?

Most of the time people live in the dream world that their stuff is safe. The crazy thing is that maybe 99% (or the vast majority) of the time people’s fantasy worlds are not broken. That perpetuates the myth that all is safe. Even if someone has been using their unsecured wireless internet connect for free for months.

The more I think about it, the more security myths I think about. And I am only thinking in terms of personal computer security. Don’t get me started on other society security concerns.

A perfect example is a few years ago my mom called me after she saw an Oprah on TV. She was calling to warn me that email I send wasn’t secure and that anyone can intercept and read it. She was shocked, but Oprah set her straight. I was like, yeah mom of course email is not secure. Old news. She was surprised that I knew that. It is scary that the general population assumes something like email is secure, and it isn’t. On the flip side can email be intercepted? Of course if it is not encrypted. Is most mail not encrypted? Yes. Will my mom have to worry about her neighbor reading her email or some stranger intercepting it? Probably not. It is very possible to do, but come on who really is going to try and sniff out her mail? its a real threat, but I don’t think most people won’t ever have to worry about it. Doesn’t mean I don’t think we should all get certificates and secure our mail. I would love to do that, but it is impractical in today’s world. So you see even I let the myth of my stuff is secure live on some level. We all do it, and if you don’t think you do, you are kidding yourself.

More VMWare Work

by

This week I actually am working on a technical project, not just managing them. I built a test environment to put up a windows 2003 terminal server. I used VMware’s GSX server to do it. I was testing what ports I would need to open up if I wanted to access a terminal server via the TSWeb client Microsoft gives you. Turns out even if the web server and the terminal server are the same machine you have to open up the RDP port on your firewall anyway. That wasn’t the answer I wanted to hear, so I am looking into Citrix to see if I can use their product and only open up port 80? Waiting to hear back from them.

Technorati Tags: , , ,

Treo Refresh

by

Last night I ended up wiping my Treo 650 and reinstalling all my software. I have been having issues with it rebooting every time I tried to sync my mail using Snappermail. That program is half the reason I use my Treo over the Blackberry, so I was not too happy when it started acting up earlier this week. I had to go on my trip Thursday without being able to use the Treo for email. I got by on the Razr and the Blackberry but I like the Treo better. After the reinstall Snappermail seems to be working. But I have had 2 random reboots since the hard reset. Once after a call to my sister right after I got out of the subway this morning. The other when I was syncing with my Powerbook. The sync reboot also happened often before I wiped the Treo, but I am not sure if it is because of the config on my Powerbook or the Treo.

I will try using for a while longer, but if the random reboots continue I will have to seriously consider an alternate PDA phone. As much as I like this device, I cannot have it randomly rebooting on me almost daily!

HL DL 320 SATA Servers

by

I have been working with a few HP Prolient DL 320 SATA servers. The price was right on them and they have decent specs. The issue I had with the last round of Supermicro SATA box’s weren’t the supermicro box’s them selves, but the SATA RAID cards that went into them. They would fail much more than their SCSI counterparts. Also the array controllers would not rebuild without crashing computers. We tried several brands. We are using 3ware for new deployments of older chassis SATA servers. They seem the best out of all I have seen. They were a crap shoot. These HP box’s seem to rebuild fine in our tests. Time will tell if they drives hold up, but so far I think HP finally got it right with a low end non SCSI RAID system.

More Data Cleanup

by

I moved all my files off of one of my firewire drives this week. This was so I can format it to work on my Mini. Dam NTFS not working on the mac. It took 36 hours to robocopy the data off of the firewire drive onto another USB drive. Even-though it was a USB 2.0 drive, I think it was running at 1.1 speeds. 36 hours was an awfully long time to copy 90 gigs of stuff. Even if it was mostly small files.

I am in the process of backing up old backup files to DVD’s. I am also just deleting tons of old crap that I don’t need anymore.

New Used Blackberry

by

About 2 weeks ago I got a new Blackberry 7520. Well it is new to me. Someone else at work had it, and never used it. They finally gave it up saying give it to someone who will use it. My group was having a new guy start so we were going to give him the Blackberry. Instead of giving him a new one, I decided to “upgrade” mine and give the older hardware to the new guy. Hey he is the new guy.

Well the musical Blackberry’s don’t end there. Someone else’s Blackberry broke this week. Instead of waiting for the replacement we configured my old one up for her to use, and we can wait for the refurbed unit for the new guy.

The new Blackberry is very similar to the old one. The major enhancements are the screen, and screen brightness of the backlight. It is a night and day improvement. Also the new unit has bluetooth so I can use my wireless headset on it, if I wanted to.

I also went out and bought Pocket Mac for the Blackberry. Now I can sync the Blackberry address book with my Mac!

One Of Those AIM People

by

Are you one of those people who leave themselves logged into AIM (if you don’t know what AIM is just stop reading this now)? I used barely use AIM. I have a cycle. Sometimes I won’t turn it on for days, and I get people asking me if I am logged in every. Then there is the other side where you log in once (lets say at work) and never log off. I have lots of friends who do both. I am sort of in the middle. I use iChat (that is how I get onto AIM) on my Powerbook. When I turn on the powerbook I launch AIM. Never auto-start it but almost always I start the program when I start doing anything. I then leave it logged in as long as my computer is on. That means that friday night I turn on my computer at home and usually leave it on all weekend. However that does not mean I am sitting there waiting to take anyone’s IM’s at any moment. So if it says I am idle for 16 hours, or if it says I am unavailable or away I am most likely maybe away or unavailable. Why then do people feel like they have to IM anyway?

Backup’s

by

I am well above average when it comes to backing my files up on the computer. Of course there is always something you forget to backup. I have been burned more than once by loosing important information. Last month I started using rsycn a bit to backup my files. I am trying to get a bit more advanced in how I use the tool.

I also decided instead of backing up my data to a firewire drive attached to my Powerbook that I would backup the data to another firewire drive connected to my desktop. In order to do that I am moving files around on my desktop to allow me to use the firewire drive as a backup only drive.

ISO’s and virtual machines sure do take up allot of space.

Cool Custom Ring Tones

by

I like talking about technology. I work with it all day, and yet I am still amazed at how some things work, and others that don’t. I have been going back and forth with wanting to keep my Treo and wanting a smaller phone. That is why I switch back and forth between the Treo and the Razr. One program that will keep me coming back to the Treo is mRing, by Motionapps. I love the ability to have distinctive rings for a type of call, a person, or a group of people. I keep coming up with cool ring tones for groups of people.

For over a year and a half I have had the carnival circus music play if anyone from work called. I always get funny looks at the office when it rings. Recently I was bored late one night during an upgrade and I programed the phone to ring with the A-Team theme song when everyone from my group calls. It is really funny. I am also programing the imperial march in for when my boss calls. That is funny for the simple fact that his character does not fit that song, but typically when you think “boss” you think something like Darth Vader!

I am trying to come up with other good tones for others.