Sunday 18 December 2011

Advantages of PXE

It's just a note about my positive experience with PXE. Although I was working with it some years ago, but now it became so simple to setup, than it's definitely worth to have it in many cases.

First case is when you have to have some new systems installed pretty often. Of course, if you have to setup more than 5 identical systems it's reasonable to have an image or use some kickstart for example, but in this case it's also useful to have PXE configured to help you with that. But in my work I'm facing a situation when I need to prepare some new system for some special need with different hardware and unique post-install steps.

Second case is when you need some special tools available in simple way. It could be even tools for those mentioned purposes like imaging (Acronis True Image for example). Or (what we use pretty often) is a GParted tool and a BartPE image. Yes, it's not a good idea to give everyone in your network the tools like that, but now it's really easy to protect any item in your PXE boot menu with a password. Of course, the way this function is realized doesn't give you any strong protection, but if the guy is able to find and download a file with the password and decode this password, he will also be able to make his own bootable USB-drive with all the tools he needs. And, of course, I'm not talking about the systems without physical access for the "bad guys".

Also, what I have configured with the PXE, is some Live distributions. For example, I have prepared a special installation of Ubuntu, then have put it on NFS, and configured it to mount the root (/) in a special way: nfs+ramfs=unionfs(aufs). Thus, now I have a Network-Booted system, which is configured just how I need, and which anyone can boot on and configure just how he wants, but no changes are applied to the real image on the network - after reboot the system is clean and ready again.

I will not give any examples of code, since there are a lot of it in the Internet. I've started with this recipe, and then I just migrated it to the CentOS server. Unfortunately, I can't find the recipe with which I have configured unionfs, but I can provide anyone with the examples if needed, or you can just google by the  keywords like "PXE aufs ramfs".

Friday 16 December 2011

Will you pass The Limoncelli Test?

 Few days ago I have found an interesting article which I'd like to share - "The Limoncelli Test: 32 Questions for Your Sysadmin Team". As for me, it's not just a test, which you have to pass to consider your team as successful, but it is a checklist with the most important, fundamental questions that you should take into account when building your IT department work.

 The list is really perfect. During my 12-years practice I developed different IT solutions which in one way or another solves the issues from the list. I can praise myself - not a single question was new for me. Actually, there isn't something new or very special for many of sysadmins. However it worth respect, when someone with this knowledge share it.

Tuesday 6 December 2011

Zenoss: filtering the icons on the Infrastructure tree

This is the next article about my small hacks of Zenoss.

This time I will show how I filter the events which are taken for represent event severities with the appropriate Device Class, Group, System and Location at the Infrastructure->Devices page . The main reason for this, is that I have added in zenoss all systems from ours "Server" networks. These servers could be in "Test", "Pre-production", "Maintenance" and even "Decommissioned" state. Thus, there is number of events we could ignore. Moreover, on the "Production" systems we could have some events which we already aware of. If not filter these events, the icons on the Infrastructure tree element does not show us the real state of our infrastructure, and we have almost all tree filled with Warning, Error or Critical icons.

Unfortunately, because of poor knowledge of Python, the filter is hardcoded. Nevertheless - it works :)

[zenoss@zenoss infos]$ pwd
/opt/zenoss/Products/Zuul/infos
[zenoss@zenoss infos]$  diff ./device.py.orig ./device.py -u
--- ./device.py.orig    2011-12-06 19:08:19.000000000 +0000
+++ ./device.py 2011-12-06 18:59:06.000000000 +0000
@@ -100,7 +100,10 @@
         f = getFacade('event')
         root = self.root.uid.split('/')[3]
         orgcol = ORGTYPES[root]
-        q = 'select %s, max(severity) from status group by %s' % (orgcol,
+       """
+       Added "where eventState = '0'" to suppress error icon in tree on acknowledged events
+       """
+        q = "select %s, max(severity) from status where eventState = '0' and prodState > '499' group by %s" % (orgcol,
                                                                   orgcol)
         result = {}
         for org, sev in f._run_query(q, ()):
You can see my tree with- (left) and without (right) the filter applied. (Yep, there are event some critical events in Production. Will solve them tomorrow... if lucky... )

 

Hope this will help.
Stay tuned :)