I am a network engineer by profession, but with the proliferation of SDN and OpenFlow, I have had to spend a lot of time re-learning a lot of system admin skills that I’d shelved years ago. Now, I’ve been a virtualization user forever. From VMware (Fusion, ESX), VirtualBox, to Parallels, I’ve used them at least in testing if not in production environments. I’d not really spent any mentionable amount of time with XEN, qEMU or KVM, but some projects I was working on…
UNIX
It’s no secret that I’m a fan of the model Arista Networks is using to make gear and provide innovative services and products. In my opinion, they’re changing the landscape of campus and data center networking gear. I’m always a fan of the little guy trying to change the world and this falls under that category. For those that don’t know, Arista Networks is a “hardware” networking company that is using merchant silicon wrapped in their custom linux based…
A bit of back history: I came from BSD land. I was a FreeBSD user from way back in the 1990s. BSD land is a land of secure boxes and very high uptimes. It’s also a land of arguably clunky package support, a lot of compiling by hand and these days, not nearly as encompassing package and network tuning support. I decided to move to Linux”) a while ago, reluctantly, and chose Debian as my flavor of choice. I do love debian, however, I very quiuckly realized that even debian is a bit of…
Starting from a base CentOS system with nothing configured, and referencing the CentOS wiki, here is how I like to set up a headless virtualbox environment: Disable selinux. It’s overly cumbersome and is enabled by default in CentOS. I like to permanently disable it even though the default is permissive. I ride the edge, I know.``` vi /etc/selinux/config
If you are running a network and aren’t using RANCID, you should give it a serious look. RANCID is a cross platform configuration management toolkit for backing up router configurations and certain environmental and hardware information into version control. It’s been around for as long as I can remember and supports nearly every platform I can think of, including a few modules that I cobbled together myself. There is are a few nice web based front ends for CVS and SVN, I prefer…
It’s always annoying to me, being a convert from *BSD to Linux, that tools lke dig and host aren’t in the minimal base install. I realise that this makes me somewhat of a hypocrite, as I prefer an additive system rather than a subtractive base OS. Nevertheless, I’m continually surprised that “host” isn’t available after installing a minimal CentOS system without adding an additional package. So, since I always forget, here is a quick blog post to remind me…
wget http://dl.fedoraproject.org/pub/epel/6/x86\_64/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
yum -y install apache2 php5 php5-json php-xml php-mbstring php5-zip php5-gd
yum -y install php5-sqlite curl libcurl3 libcurl3-dev php5-curl php-pd
php5-sqlite isn’t available in the repos I use. I wasn’t able to find it elsewhere either. Per this page, I have to install it by source.
cd /etc/yum.repos.d/
wget…
Securing SSH is a form or art. It’s often debated, much like blocking all ICMP packets (which I normally disagree with). If you need good proof, read these posts by Bob Plankers. There is a camp that likes to promote moving to a non-standard port. There is a faction that likes to block it completely except from a handful of hosts. Then there are those that like to leave it open all together. Running naked in the digital jungle. I tend to err on the side of blocking except for jump…
For a long time I ran a blog called tech.buraglio.com that was a self hosted wordpress site. After having kids and getting a bit busier at work, I decided to move everything that I had been hosting (images, scripts, hacks, blogs and DNS) to “the cloud”. I managed to do this for everything but my primary DNS resolver, which I had always intended to keep, and one wordpress blog that I hosted for someone else.
Recently, there was a thread over at Packet Pushers about what folks use for their daily workflow. I quickly realized that my setup is pretty simple (as I like it) and relied on a large amount of terminal based tools, which makes sense since I have been a UNIX (or UNIX based) OS user since my migration from the original MacOS back in the 1990s. Anyway, Since I wrote most of this up already, I thought I’d post it here: