A small consumer router/firewall doesn’t cut it anymore. For a little bit more money you can have a much higher performing router that you control. To me, nothing beats the complete control of running your own firewall config and being able to handle and shape traffic as you please.
make.conf is an especially useful file on FreeBSD. It allows the system administration to change the overall defaults when compiling software on FreeBSD. For example, if you never want to compile any library that is linked to or requires X11, you can set
These are essentially my notes for working with FreeBSD Jails. I tend to do things the way of the FreeBSD handbook.
Your FreeBSD servers have been in production for a while, you do a good job with your capacity planning but one of your VMs is running out of space. It is time to grow the VM a little bit, say from 16GB to 40GB.
So you want to setup an HA cluster, lets say a real simple one using UCARP. Now that you have your cluster online, every time you SSH to the virtual IP you may or may not connect to the same host. SSH has security features in place to warn you if you are connecting to the same host/IP that has a different key than what was recorded the first time. This is a fantastic safeguard, but we need to explain to our machine that we know these machines behind this one IP are in a cluster.
- Install ddclient:
pkg install ddclient
- Enable ddclient on startup:
/usr/local/etc/ddclient.confwith your favorite editor.
Download the latest NetBSD (7.0-RELEASE at the time of writing) mini memstick image.
Download the latest FreeBSD (10.2-RELEASE at the time of writing) mini memstick image.
I have completely shifted directions in terms of my blog design/implementation. To align more closely with my strategy when it comes to architecture and design, I have re-implemented my blog in the most minimal way possible.
I always find myself googling for this to quickly create a USB installer of the latest version of the OS X release. (I re-create my USB install drive every time there is a new point release, not just a major release). The reason for this is because I typically do a clean install of my machines once per quarter.
AsciiDoc is a fantastic documentation markup language that supports many output formats. I have been using it for years. My previous workflow consisted of building AsciiDoc from source, setting up a project Makefile, and building when files were changed. All that heavy lifting is gone thanks to Asciidoctor, but more on that later…
To change your default login shell on Mac OS X, first we must find the options we have.
Moving from Puppet to Ansible was extremely refreshing. That said, there are a couple things I initially missed about Puppet. Check out this post to learn how to have Zabbix report when Ansible runs are done.
I have been running my SmartThings up for a few months now. More than just being a gadget that is fun to play around with, it opens up a new world of possibility and insight. While convenient to not have to run up two flights of stairs to see if the light is off upstairs, that is not the core benefit of SmartThings. At least not to me.
When using git, feature branches are easy and encouraged. Now that you have all these feature branches laying around, you may find yourself wanting to clean them up.
I absolutely love FreeBSD and Ansible.
Here is a quick tip that takes seconds to do, minutes to master, and puts a huge smile on my face: Remap the CapsLock key to Control on your Mac.
This is a foundation template for all my FreeBSD machines. All of this configuration done via Ansible and Packer. I am outlining it here long-hand for education purposes.
Oracle instant client is needed to build the ruby-oci8 rubygem. There are a few docs out there but all are slightly outdated. In order to build ruby-oci8 just run through the following steps and you will be golden.
Log into your FreeBSD host in which you want to add an SMTP relay to.
Right now you really have two choices when it comes to ruby version management… well three.
Before we get started I want to go over what it means to be highly available/fault tolerant. To have a pair of machines (the minimum!) in a cluster that provides redundancy to a service or set of services. High availability is usually accomplished by a cluster framework like the one we will be using in this post. That being said there are a lot of tutorials online that show a partial implementation of this setup. My objective here is to have a more complete resource in one place. That said, this post still only scratches the surface of what you can do with Pacemaker/CoroSync.
Server installations should be as minimal as possible, the template will include only the bare essentials necessary to have a functioning server. Once deployed this is the same mantra that should be used throughout the life of the server.
Gitolite is a fantastic git repository management project. It allows for a secure way to manage a few or many repositories and at its core its just SSH tricks with a sexy front-end.
Puppet is an infrastructure and configuration management tool-set that no only unifies the management of multiple machines across multiple platforms. It allows for knowledge sharing, elimination of repetition, increase portability of configurations because it is platform agnostic. This is done by overlaying a domain-specific language (DSL) on top that can be shared across multiple systems, platforms, and architectures. By doing this you turn things like
yum install and
apt-get install into
After much reading, research, and testing I have come to the following conclusion on BIOS settings with UCS specific to VMware ESXi 5. Ensure that you provide the necessary hooks via BIOS to allow ESXi to have all the Host Power Management features enabled. By enabling all the CPU features you extend the management into vSphere 5 instead of hopping back into the BIOS policy settings.