Recently in Annoyances Category

My poor much abused laptop tends to get introduced to a lot of networks, most of which happily use DHCP, but a few which need special setup such as static ip addresses etc. In general, Network Manager handles this fairly well, however I've yet to find a way within Network Manager to set a default set of search domains for all connections.

The most reliable method I've found to implement this is the resolvconf package. Install this by running "sudo apt-get install resolvconf" and then edit /etc/resolvconf/resolv.conf.d/base to add the following line:
search domain1.com domain2.com
Tell Network Manager to restart whatever connection your on, and /etc/resolv.conf should have the above line in it.

An added advantage to this method is that resolvconf is smart enough to look at any search domains set via DHCP or that you might have added to the connection in Network Manager and append them to the search line.

It would seem that random pie in the sky figures about server virtualisation is one of my berserker buttons. I work in IT, hence I know that everything in IT is a compromise. So when someone on twitter quoted figures from a Sunday Business Post article stating that the HSE were using 200 servers, and then immediately proclaimed that virtualisation would reduce that number by 75%, I had to respond. Anyone on twitter is free to look it up.

At work we use virtualised servers extensively. Our whole shared hosting/VPS platform is built on Virtuozzo. We have numerous other services which are virtualised in the the background using other technologies such as Xen, KVM, Hyper-V etc. It is a brilliant tool when deployed properly and has plenty of other benefits such as being able to move an virtual server to new hardware in a hurry.

However, if you are to believe the marketing hype, virtualisation will immediately save you X% where X is ridiculously large number like 70 or 80. What they always seem to fail to mention is that they're presuming that you're massively under utilising your current hardware.

This leads to a lovely self fulfilling prophecy. The people who move over are the ones underutilising their current hardware and they will see massive savings. These savings are due to bad planning and over speccing the hardware in the first place though, and virtualisation is the ideal technology to consolidate the hardware while keeping the outward facing infrastructure looking the same. This means there's a massive selection bias in the figures which virtualisation vendors quote, as they seem to only use these customers as examples.

If we then look to the other end of the spectrum, people properly utilising their existing infrastructure. Here virtualisation will still give plenty of benefits. For example, being able to move a virtualised server from physical server to physical server, often with no downtime. However, then you have to consider virtualisation overhead. As virtualisation is simple abstracting away the hardware, there is going to be an overhead in the translation. Depending on the technology used the overhead might be minimal or it might be large enough that new hardware is required to account for it.

There will also be no savings due to less hardware in this scenario as the virtualisation isn't being used for consolidation, but for ease of management. If it's a commercial virtualisation product such as VMWare, there's going to be extra cost involved. This cost might be offset in deceased administration time, but it's not going to be anything near the figures normally quoted for savings.

To go back to what started all this off, the 200 servers in the HSE. We have no way of knowing what the utilisation is like on these servers. For all we know, it's a fairly heavy Java based app running on them and the systems are well utilised. It's also possible that they are underutilised, but without knowing what they're actually doing, it's not possible to pull random figures like 75% out of the air.  

Enhanced AIB Security?

Just after logging into my AIB Internet Banking account, and I spotted the following security notice:

From June 23rd you will be required to enter two codes from your AIB Code Card in order to complete the following actions on AIB Internet Banking:

This is only required for certain transactions, but it still seems to be a useless change. If someone has one code, the odds are extremely good that they have the code card. If not, the second code can probably be obtained using exactly the same method as was used to get the first.

If they really wanted to enhance their security, they might be better off deploying something like Rabo Direct's Digipass. I believe they already have something similar for their Business Banking. Unfortunately, this probably won't be done due to cost.

To go slightly off topic, the new AIB Internet Banking site is a vast improvment over the previous incarnation.


Nokia Divide By Zero Error

I think the Nokia Beta Labs need to do a bit more QA, their Enhanced Calculator for the the N96 has a slight issue:

Nokia_Divide_By_Zero.jpg

This can be replicated by installing the app, opening it and hitting the button in the middle of the directional pad.



Reinventing The CLI Wheel

As part of my day to day work I spend a lot of time on the command line. In the vast majority of cases this means ssh into devices as diverse as Linux Servers, Cisco Switches, Juniper Routers and Fortinet Firewalls. While in some cases there will be a GUI available, it's a lot easier to document, script and backup what is being done on the CLI. Ssh also the advantage that it can be accessed on anything from a mobile phone to a perl expect script.

I have had the chance to play with a Dell MD3000i over the last few days, which is basically a rebadged LSI/Engenio SAS Raid Array. It's a nice bit of kit however Dell have seen fit to use the SMI interface for managing the array. The SMI interface is great idea which means that there is a nice "object-oriented, XML-based, messaging-based interface" (buzzword overload!) for doing day to day managment.

There is a CLI interface to this in the form of SMcli. In the case of Dell, this is a java app which requires sacrificing goats and/or virgins in order to get running on anything other that Windows, RHEL or SLES. So much for Java allowing platform independence!

What annoys me is that people have gone to the trouble of creating SMcli, so why not use it as a shell on an ssh server running on the array itself. This would all of sudden mean that they gain a lot more platform independence, and therefore a larger potential market. The other technologies needed in order to setup the MD3000i are iscsi and dm-rdac which are already a solved problem and relatively easy to setup.

Am I mad in thinking that it's in Dell's best interests to put as few obstacles as possible in the way of setting up their products?

I had an interesting issue today where up2date was complaining because a package was already installed. The error showed up as follows:

Fetching Obsoletes list for channel: rhel-i386-es-4...

Fetching rpm headers...
########################################

Name Version Rel
----------------------------------------------------------
e2fsprogs-devel 1.35 12.11.el46.1 i386
gd 2.0.28 5.4E.el4
6.1 i386
krb5-devel 1.3.4 54 i386
krb5-libs 1.3.4 54 i386
openssl 0.9.7a 43.17.el46.1 i386
openssl-devel 0.9.7a 43.17.el4
6.1 i386
perl 5.8.5 36.el45.2 i386
tzdata 2007k 2.el4 noarch


Testing package set / solving RPM inter-dependencies...
########################################
RPM package conflict error. The message was:
Test install failed because of package conflicts:
package perl-5.8.5-36.el4
5.2 is already installed
Running "up2date -u --force" just gave me the same error. The eventual solution after much head scratching and wandering down deadends was to run the following commands:
up2date --get perl
rpm -Uvh --force perl-5.8.5-36.el4_5.2.i386.rpm
Once this was finish, "up2date -u" happily went about it's business again.

DHL Tracking Madness

| 1 Comment
I ordered a nice new toy from Komplett over the weekend and got a email with a "Track And Trace" code for DHL Europlus. I went to www.dhl.ie, saw a nice DHL Fast Track search box on the top right and entered my code. I got a page entitled "Tracking Good Afternoon" (at 6 in the evening) and search boxes all over the place. Besides not looking well in Firefox, it didn't show the code I had just entered anywhere.

I put my code in the top search box (Air Express), pressed search, and up popped a box saying entitled "DHL Road Express Shipment" telling me:
You may have entered a DHL Road Express Licence Plate Number / Identcode Number.

Please use the European Road Express Parcel Tracknet below to track this shipment.
The main page also had a section entitled "DHL Road Express Parcel Tracking", so out of interest I tried the code there and got the same popup. I then clicked the European Road Express TrackNet as they wanted, and figured out how to add my code and submit as needed. The tracking as it turns out is pretty dire. According to them, my package is in Tilberg, NL since yesterday morning. It better be wrong!

The point of this rant? Their system was smart enough to realise that the code I entered was a European Road Express TrackNet code. Why didn't it simply redirect to the proper page from the main page rather than carrying me into a page with multiple search boxes? Instead of a popup explaining where I need to go, why doesn't it redirect to the right page? Or even a link to the right page in the popup? Was there any UI testing done at all on the site?

I was talking to someone who once worked in a company bought by DHL. I was told that their biggest problem is that as they are buying up smaller local companies to do local deliveries, they are aren't integrating the new IT systems properly. This does explain why the tracking mightn't as great as it should be. However it doesn't explain why they can't add a small bit of intelligence to their site.

Whois Tip

| 2 Comments
alias whois='whois -H'
Put that in your .bashrc (or equivalent) and get rid of the legal disclaimers which usually mean that you have to scroll up two pages to get the actual results! I should have looked at the whois man page ages ago.

Eircom Wireless SSL

| 2 Comments
I'm in Heuston Station for a while and I have had to use Eircom wireless to access to the internet. What was disappointing was that the login page for Eircom's wireless does not have a valid SSL cert.

I logged in anyway (naughty, I know) as the IP it was pointing at was an eircom ip, and I am stuck. I am surprised that Eircom can get away without using a valid SSL cert for pages that have to handle credit card details.

I would have thought that one of the requirements for Credit Card processing would be having a valid SSL cert!

Cleaning Up After "apt-get remove"

By default "apt-get remove package" doesn't purge everything related to the package. This eventually means that a log of configuration files are left scattered around the place with no corresponding packages. A couple of weeks ago, the following solution was proposed on #linux:

dpkg --purge `dpkg --get-selections | grep deinstall | cut -f1`

This is good for cleaning up after the fact, but is also possible to get apt to purge configuration files automatically. To accomplish this put the following in /etc/apt/apt.conf:

    APT
    {
Get
{
    Purge "true";
}
}
This will cause apt-get to automatically purge the configuration files every time you do "apt-get remove"

About this Archive

This page is an archive of recent entries in the Annoyances category.

Audio is the next category.

Find recent content on the main index or look in the archives to find all content.

Pages

OpenID accepted here Learn more about OpenID
Creative Commons License
This blog is licensed under a Creative Commons License.
Powered by Movable Type 5.02