Sunday, January 3, 2010
Wednesday, November 25, 2009
Building the Ultimate White Box Server for under $2000
from: HAK5.ORG
When it comes to building a white box server for ESXi your best resources are vm-help.com, UltimateWhiteBox.com, the VMware Compatibility Guide, and the VMware community.
We carefully selected ESXi supported components based on reliability and value. If this were the ultimate $3000 white box server we might have picked a server board with dual Xeon’s and ECC memory, but to keep it under that magic $2000 price point we went with beefy “desktop” components such as the Intel Core i7 920, the ASUS P6T Deluxe, and 12 GB of Corsair XMS3 memory.
Drive wise you can’t go wrong with the 3ware 9650SE-4LPML. It supports four SATA II drives in RAID 0, 1, 5, 10 or JBOD. It’s bigger brother the 9650SE-16ML sixteen channel SATA II controller is hot too — just at three times the price. The 9650SE isn’t supported out of the box by ESXi, however 3ware provides a knowledge base article and drivers necessary to add support for the card after your ESXi box is built.
Drive wise we picked up four Western Digital Caviar Black 1TB drives since they’re cheap and reliable.
To make things easy when installing all these components in our Rosewill RSV-Z4000 4U rackmount case we picked up a 4 Drive trayless how swap sata backplane from StarTech. IcyDock makes one too. This was the only $100 spent for convenience over performance/value, but anyone who has dealt with 5.25″ to 3.5″ mounting brackets will agree it’s worth every penny.
Rather than installing ESXi on the RAID, we used a 4GB USB drive from Patriot. The Xporter XT. It boasts really fast read/write times. I’m sure any old 1gb or larget USB drive would have done but they’re so cheap, why not?
When it comes to building a white box server for ESXi your best resources are vm-help.com, UltimateWhiteBox.com, the VMware Compatibility Guide, and the VMware community.
We carefully selected ESXi supported components based on reliability and value. If this were the ultimate $3000 white box server we might have picked a server board with dual Xeon’s and ECC memory, but to keep it under that magic $2000 price point we went with beefy “desktop” components such as the Intel Core i7 920, the ASUS P6T Deluxe, and 12 GB of Corsair XMS3 memory.
Drive wise you can’t go wrong with the 3ware 9650SE-4LPML. It supports four SATA II drives in RAID 0, 1, 5, 10 or JBOD. It’s bigger brother the 9650SE-16ML sixteen channel SATA II controller is hot too — just at three times the price. The 9650SE isn’t supported out of the box by ESXi, however 3ware provides a knowledge base article and drivers necessary to add support for the card after your ESXi box is built.
Drive wise we picked up four Western Digital Caviar Black 1TB drives since they’re cheap and reliable.
To make things easy when installing all these components in our Rosewill RSV-Z4000 4U rackmount case we picked up a 4 Drive trayless how swap sata backplane from StarTech. IcyDock makes one too. This was the only $100 spent for convenience over performance/value, but anyone who has dealt with 5.25″ to 3.5″ mounting brackets will agree it’s worth every penny.
Rather than installing ESXi on the RAID, we used a 4GB USB drive from Patriot. The Xporter XT. It boasts really fast read/write times. I’m sure any old 1gb or larget USB drive would have done but they’re so cheap, why not?
Tuesday, September 22, 2009
BCP
1. Continuity Planning
Business continuity planning for pandemic influenza is critical, particularly in the IT department, as your organisation will be relying on IT like never before. So identify a pandemic coordinator and/or team with defined roles and responsibilities for preparation and response planning immediately. The planning process should include input from all relevant stakeholders in your business including sub-contractors, outsourced services and the logistic providers needed to maintain business operations by location and function.
2. Business Impact
Talk to your suppliers about their swine flu plans and identify alternate suppliers. Train and prepare an ancillary workforce if necessary, for example, using retirees who have left the company. Develop and plan for scenarios likely to result in an increase or decrease in demand for your products and/or services during a pandemic. Determine potential impact on service delivery by using multiple possible scenarios that affect different services, products or production sites. Ask what would your department look like with a 20% or 40% cut in personnel and supplies?
3. Sustainable Plan
The critical question to ask is: When the pandemic strikes how long can you sustain service delivery? Any plan must include identification of key contacts (with backups), chain of communications (including suppliers and customers), and processes for tracking and communicating business and employee status. Implement an exercise to test your plan, and revise periodically. For a training drill select 40% of your staff at random and see how your department would function without them.
4. Preventative Measures
Implement guidelines to reduce the conduct of face-to-face contact for example, no hand-shaking among employees and between employees and customers. Critically, for IT and support staff there is the issue of hygiene around work stations (contact with mice, keyboards and shared resources like printers – invest heavily in antiseptic wipes and introduce a culture of your staff regularly washing their hands.
5. Attention to Detail
Critical to all this is the actual IT itself, or more importantly, the operation and support of IT by people. You need to ask, how hands on is your operation? For example, do backup tapes need to be changed manually every day and what will happen if they are not replaced? It is these types of details that need to be mitigated against with planning and preparation.
6. Impact Assessment
The key is to understand the impact on your department and have a strategy in place to suit the business needs. It is often underestimated how much human intervention is needed to keep IT services running, particularly those housekeeping tasks. It might be necessary in extreme circumstances to make fundamental changes to the operating model and make it less ‘hands on’ for a defined period of time whilst the risk of staff absenteeism is high. Some tasks may be able to be done by non-IT staff. However, it is not acceptable to grant non-IT staff systems administration authority, so it is critical to identify vulnerable skill sets that are held by key IT staff.
7. Failure Points
Consider the impact of an IT component failure, such as server, storage or network and the fact there may be no engineers available to resolve the problem. Are there single points of failure in your core infrastructure and implement greater resilience where necessary.
8. Eight Point Plan for remote working during a Flu Pandemic
1) Identify the employees can easily work remotely and enable them with the appropriate resources.
2) Develop a policy so that both sides understand the terms under which remote working is allowed and how much employees will be reimbursed for heat/light/phone costs etc.
3) Undertake a Health and Safety risk assessment for minimum working standards that employees must comply with when working remotely.
4) Provide the necessary IT and telecoms tools including call re-routing and wireless/ 3G data connection and secure access to your corporate network.
5) Enable access to corporate applications and data via a VPN or secure web-based email systems (make certain your company directory is up-to-date).
6) Ensure remote workers do not get isolated by facilitating tele/web conferencing and/or instant messaging.
7) Manage remote workers by regular line management communication. (Remember voice recording of re-routed calls and key stroke monitoring can keep the lazy on the straight and narrow.)
8) Trust your staff and don’t expect them to be working the same way they do in the office.
However, what issues might arise when remote access is oversubscribed? In many organisations it’s the ‘road warriors’ who have been the main users of remote access capability so you will need to plan for the most productive use of resources to prevent a free for all as staff compete for connectivity. The options are simple, increase capacity (expensive in a recession) or clearly outline who has access when and for how long.
-from Computerweekly.com
Business continuity planning for pandemic influenza is critical, particularly in the IT department, as your organisation will be relying on IT like never before. So identify a pandemic coordinator and/or team with defined roles and responsibilities for preparation and response planning immediately. The planning process should include input from all relevant stakeholders in your business including sub-contractors, outsourced services and the logistic providers needed to maintain business operations by location and function.
2. Business Impact
Talk to your suppliers about their swine flu plans and identify alternate suppliers. Train and prepare an ancillary workforce if necessary, for example, using retirees who have left the company. Develop and plan for scenarios likely to result in an increase or decrease in demand for your products and/or services during a pandemic. Determine potential impact on service delivery by using multiple possible scenarios that affect different services, products or production sites. Ask what would your department look like with a 20% or 40% cut in personnel and supplies?
3. Sustainable Plan
The critical question to ask is: When the pandemic strikes how long can you sustain service delivery? Any plan must include identification of key contacts (with backups), chain of communications (including suppliers and customers), and processes for tracking and communicating business and employee status. Implement an exercise to test your plan, and revise periodically. For a training drill select 40% of your staff at random and see how your department would function without them.
4. Preventative Measures
Implement guidelines to reduce the conduct of face-to-face contact for example, no hand-shaking among employees and between employees and customers. Critically, for IT and support staff there is the issue of hygiene around work stations (contact with mice, keyboards and shared resources like printers – invest heavily in antiseptic wipes and introduce a culture of your staff regularly washing their hands.
5. Attention to Detail
Critical to all this is the actual IT itself, or more importantly, the operation and support of IT by people. You need to ask, how hands on is your operation? For example, do backup tapes need to be changed manually every day and what will happen if they are not replaced? It is these types of details that need to be mitigated against with planning and preparation.
6. Impact Assessment
The key is to understand the impact on your department and have a strategy in place to suit the business needs. It is often underestimated how much human intervention is needed to keep IT services running, particularly those housekeeping tasks. It might be necessary in extreme circumstances to make fundamental changes to the operating model and make it less ‘hands on’ for a defined period of time whilst the risk of staff absenteeism is high. Some tasks may be able to be done by non-IT staff. However, it is not acceptable to grant non-IT staff systems administration authority, so it is critical to identify vulnerable skill sets that are held by key IT staff.
7. Failure Points
Consider the impact of an IT component failure, such as server, storage or network and the fact there may be no engineers available to resolve the problem. Are there single points of failure in your core infrastructure and implement greater resilience where necessary.
8. Eight Point Plan for remote working during a Flu Pandemic
1) Identify the employees can easily work remotely and enable them with the appropriate resources.
2) Develop a policy so that both sides understand the terms under which remote working is allowed and how much employees will be reimbursed for heat/light/phone costs etc.
3) Undertake a Health and Safety risk assessment for minimum working standards that employees must comply with when working remotely.
4) Provide the necessary IT and telecoms tools including call re-routing and wireless/ 3G data connection and secure access to your corporate network.
5) Enable access to corporate applications and data via a VPN or secure web-based email systems (make certain your company directory is up-to-date).
6) Ensure remote workers do not get isolated by facilitating tele/web conferencing and/or instant messaging.
7) Manage remote workers by regular line management communication. (Remember voice recording of re-routed calls and key stroke monitoring can keep the lazy on the straight and narrow.)
8) Trust your staff and don’t expect them to be working the same way they do in the office.
However, what issues might arise when remote access is oversubscribed? In many organisations it’s the ‘road warriors’ who have been the main users of remote access capability so you will need to plan for the most productive use of resources to prevent a free for all as staff compete for connectivity. The options are simple, increase capacity (expensive in a recession) or clearly outline who has access when and for how long.
-from Computerweekly.com
Saturday, July 25, 2009
/etc/motd
This computer system is for authorized users only. All activity is logged and regulary checked by systems personal. Individuals using this system without authority or in excess of their authority are subject to having all their services revoked. Any illegal services run by user or attempts to take down this server or its services will be reported to local law enforcement, and said user will be punished to the full extent of the law. Anyone using this system consents to these terms.
Thursday, July 9, 2009
Setting a firewall using ufw in ubuntu
First what is ufw, as per man - program for managing a netfilter firewall,This program is for managing a Linux firewall and aims to provide an easy to use interface for the user. Cool! easy to use so how do you use it as the man page said easy.
1. Run from the terminal "ufw"
:~$ ufw
Usage: ufw COMMAND
Commands:
enable enables the firewall
disable disables the firewall
default ARG set default policy to ALLOW, DENY or REJECT
logging ARG set logging to OFF, ON or LEVEL
allow|deny|reject ARG add allow, deny or reject RULE
delete RULE delete the RULE
insert NUM RULE insert RULE at NUM
status show firewall status
status numbered show firewall status as numbered list of RULES
show ARG show firewall report
version display version information
Application profile commands:
app list list application profiles
app info PROFILE show information on PROFILE
app update PROFILE update PROFILE
app default ARG set profile policy to ALLOW, DENY, REJECT or
SKIP
2. Enable it
:~$ sudo ufw enable
3 . default policies of DROP
:~$ sudo ufw default denay
4.Now look in to your rules.
:~$ sudo iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0
...............
note: if you have two network cards and one was eth0 and the second was eth1
and you were FORWARDing traffic to an internal network, maybe using NAT and having a firewall on the outside and you need to make sure that your /proc/sys/net/ipv4/ip_forward is 1
5. Check the status
:~$ sudo ufw status
Status: active
6. Check if its working.
:~$ tail /var/log/messages
thats it!
Thanks to beginlinux for the howto.
1. Run from the terminal "ufw"
:~$ ufw
Usage: ufw COMMAND
Commands:
enable enables the firewall
disable disables the firewall
default ARG set default policy to ALLOW, DENY or REJECT
logging ARG set logging to OFF, ON or LEVEL
allow|deny|reject ARG add allow, deny or reject RULE
delete RULE delete the RULE
insert NUM RULE insert RULE at NUM
status show firewall status
status numbered show firewall status as numbered list of RULES
show ARG show firewall report
version display version information
Application profile commands:
app list list application profiles
app info PROFILE show information on PROFILE
app update PROFILE update PROFILE
app default ARG set profile policy to ALLOW, DENY, REJECT or
SKIP
2. Enable it
:~$ sudo ufw enable
3 . default policies of DROP
:~$ sudo ufw default denay
4.Now look in to your rules.
:~$ sudo iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0
...............
note: if you have two network cards and one was eth0 and the second was eth1
and you were FORWARDing traffic to an internal network, maybe using NAT and having a firewall on the outside and you need to make sure that your /proc/sys/net/ipv4/ip_forward is 1
5. Check the status
:~$ sudo ufw status
Status: active
6. Check if its working.
:~$ tail /var/log/messages
thats it!
Thanks to beginlinux for the howto.
Friday, June 26, 2009
SWAP allocation
If M < 2
S = M *2
Else
S = M + 2
Swap should equal 2x physical RAM for up to 2 GB of physical RAM, and then an additional
1x physical RAM for any amount above 2 GB, but never less than 32 MB.
S = M *2
Else
S = M + 2
Swap should equal 2x physical RAM for up to 2 GB of physical RAM, and then an additional
1x physical RAM for any amount above 2 GB, but never less than 32 MB.
Monday, June 1, 2009
I been hook with this Series
http://watchweedsepisodes.com/ -This new series is a single-camera comedy about a single mother who makes ends meet by selling marijuana in the fictional suburb of Agrestic, California. The series exposes the dirty little secrets that lie behind the pristine lawns and shiny closed doors of homes in the of this gated community.
Subscribe to:
Posts (Atom)
