Quote of the Day

Posted on 18. September 2015 by bastelfreak

20:30:19 daenney | “Stack Overflow is the lead developer on my team”. So true.

Posted in General, Internet found pieces, Linux, Nerd Stuff | Leave a comment

Meme der Woche

Posted on 18. September 2015 by bastelfreak

Zitat aus diesem Internetz:

14:07:38 danzilio | but i've been up for two hours so you'd think i'd be somewhat less grumpy by now
14:07:49 danzilio | i work in ops, grumpy is my default

Weil wir Ops Leute ja so oft so schlecht drauf sind (weil irgendwelche Deppen versuchen unsere Infrastruktur kaputt zu machen):
opscat

Posted in General, Internet found pieces, Nerd Stuff | Leave a comment

Wochenrückblick

Posted on 13. September 2015 by bastelfreak
Posted in General, Internet found pieces, Linux | Leave a comment

Sysadmin Manifesto

Posted on 13. September 2015 by bastelfreak

Here are some general guidelines for being a good sysadmin:

  • Whoever build/maintains the infrastructure is responsible for everything (and not the one who breaks/hacks it)
  • Don’t run outdated software, update your stuff on a regular basis
  • Subscribe to securitylists like oss-sec to get informed about new CVEs
  • Use configuration management for configuration and backups for business data
  • Don’t fuck up production, use testing/staging environments
  • Don’t build unsafe infrastructure because your boss tells you to do it
  • Don’t build infrastructure if you’ve got bad feeling about it, trust your instinct
  • If you don’t have any instinct, opinion or experience, ask others!
  • Don’t accept technical decisions from your boss if you don’t like them, discuss them
  • Always be friendly and honest, tell your boss your concerns, accept input/improvements from others
  • The integrity of the platform is more important than any single customer on it
  • Document your stuff and keep it stupid and simple (the KISS way)
  • Build smart infrastructures with proper sizing(hardware is maybe sufficient now, but will it work in a year as well?)
  • You will break something from time to time, this is okay
  • If you need to do maintenance work at night your infrastructure is broken, you should be able do it during business hours
  • Trust in yourself and your own work
  • Honor the CAP-theorem but keeping it KISS is more important
  • DRY – Don’t Repeat Yorself; automate everything that makes sense
  • Do not run shadow IT if the existing systems sucks, fix it! (or kill it)
  • Always be open minded for new technology – Always test it and collect technical argument for/against it before you decline it
  • Don’t be lazy or do stupid things just because other do it. Their bad behavior is no justification for your behavior and decisions
  • Play!

Please let my know if you’ve got further points for the list or if you disagree with any point.

Posted in General, IT-Security, Nerd Stuff | 7 Comments

Ungarischer Krautsalat

Posted on 2. September 2015 by bastelfreak

Reicht für 8 Personen:

  • Ein großer Weißkohl
  • Zwei Speisezwiebeln
  • Eine Tasse Zucker
  • Eine Tasse Öl
  • Zwei Esslöffel Salz
  • Ein Teelöffel Pfeffer
  • 300ml Kräuteressig
  • 700ml Mineralwasser
  • Ein Glas Oliven (160gr)
  • Eine Packung Patros Schafskäse klassisch (150gr)

Zuerst muss der Strunk des Kohls entfernt werden, danach kann er geraspelt werden. Dazu bietet sich eine Küchenmaschine an. Die Zwiebeln werden gewürfelt und zum Kraut gegeben. Die restlichen Zutaten alle in einer eigenen Schüssel verrühren bis sich der Zucker aufgelöst hat, danach alles zum Kraut kippen.

Der Krautsalat sollte nun 24h unter leichtem Druck ziehen, hier bietet es sich an eine große Schüssel zu nehmen und den Kraut darin mit einem kleineren Teller zu bedecken und diesen dann mit Konserven oder ähnlichen zu beschweren. Nach 24h das Wasser abgießen, die Oliven kurz auswaschen, den Käse würfeln und beides unterheben, fertig.

Posted in General, Recipes | Leave a comment

Düsseldorfer kartoffelsalat

Posted on 2. September 2015 by bastelfreak

Simpler Salat, fix gemacht und reicht für 8 Personen:

  • 1000gr Pellkartoffeln
  • Zwei rote Paprikaschoten
  • Vier (milde) Peperoni
  • Eine große Salatgurke
  • Ein Bund Frühlingszwiebeln
  • Zwei Becher saure Sahne
  • Vier Teelöffel Zucker
  • Vier Teelöffel Bautzner Senf
  • Sechs Esslöffel Kräuterdressing (z.b.)

Alles wird gewürfelt was würfelbar ist (Kartoffeln, Gurke und Paprika), Zwiebeln alternativ in Ringe schneiden und alles vermengen (das Innenleben der Gurke sollte entfernt werden, sonst wird es zu wässerig). Aus Peperoni, Sahne, Zucker, Senf und dem Dressing eine Soße rühren, diese danach unter das Gemüse heben und das ganze ziehen lassen für einige Stunden. Im Anschluss kann noch mit Salf, Pfeffer und Chilis nachgewürzt werden.

Posted in General, Recipes | 1 Comment

Why Openstack sucks

Posted on 19. August 2015 by bastelfreak

I got asked to write a few sentences about openstack and why I don’t like it (anymore).

Background: I’m working at one of the largest hosting provider in europe, HEG. We got asked a few times if we want to start selling public cloud stuff (we already have VPS und private cloud in our portfolio), so we started to evaluate openstack, because this seemd to be “the new hotness”.

My requirements:

  • host more than 10.000 instances
  • shared storage for all of them
  • provide private ip space for each customer
  • full support for adding public ipv4 and ipv6 addresses to instances
  • no single point of failure
  • provide scaleable bandwith from 100mbit to at least 10gbit for each customer
  • API for everything
  • easy to maintain and to update/upgrade

These are a few of my personal requirements, lets compare this to openstack. They used iscsi a long time to provide blockdevices for virtual machines, this is fine in small environments but doesn’t scale, luckily they new also support ceph which is working fine. Openstack has many many services, all of them have APIs to interact with, but it is such a complex construct which makes it hard to understand and to modify. The APIs have docs but they weren’t easy to understand (but still useful, and hey, nothing is perfect). Major upgrades weren’t supported, the recommended way was to install new servers and migrate, this really sucks (but should have changed since the last release?). Their network design is a huge issue and a no-go. The neutron service is designed to build a fully meshed network via GRE tunnels and you only have one gateway to the outside (relies on openvswitch). This is a huge SPOF and not acceptable. It is possible to build active/passive neutron nodes, but even this is bad because it is hard to build a single node that handles multiple 10G links and traffic for more than 10.000 machines. Also, GRE doesn’t scale, more than 50 nodes in one availability zone weren’t recommended ( one zone = one fully meshed GRE setup). Since few months, you can use OpenContrail as an alternative solution to openvswitch. Their development is really slow, the code is unstable/partly broken and they use way to many technologies: rabbitmq, cassandra, zookeeper, redis, python, C/C++, and many more

Conclusion: Openstack is nice, and may works fine in smaller environments (less than 100 Nodes?), but it simply doesn’t scale in larger networks. It was easier to build a KVM infrastructure from scratch than deploying openstack. I’ve written down some information about a FOSS KVM solution that scales way better on github.

Posted in General, Linux, Virtualization | 1 Comment

Tweet des Tages

Posted on 13. August 2015 by bastelfreak

Posted in General, Internet found pieces, Linux, Nerd Stuff, Virtualization | Leave a comment

Tweets des Tages

Posted on 13. August 2015 by bastelfreak

Posted in General, Internet found pieces, Linux, Nerd Stuff | Leave a comment

Tweet des Tages

Posted on 12. August 2015 by bastelfreak

Posted in General, Nerd Stuff, Puppet | Leave a comment