On the joys of Actually Reading

Against the author’s wishes, I’m sharing the article titled “Actually Reading”, a comment on the fact that we (I’m guilty of this) often appreciate an article for it social “sharability” rather than the value it adds to us.

~1 min read

Restart VRRP on JUNOS to fix master/master issues

I spent about 30 min this evening chasing a non-existing VRRP issue between 2 JUNOS SRX devices after a hardware drop-in replacement. One was configured as master, one as backup. Both were in the master status (normally indicating a lack of L2 connectivity), but each could ping the other on their interface address. The solution, ultimately, was to run restart vrrp gracefully on each router, which restored the expected master / backup behavior.

~1 min read

Copying SSH host private keys between JUNOS devices to when replacing hardware

A certain customer of mine is (rightly or wrongly) pedantic about security warnings. Recently, we did a hardware replacement of a JUNOS device (an SRX240 firewall). While the config was a drop-in replacement, users who tried to SSH to the host post-migration would normally see an SSH “host key has changed” warning. In this environment, we wanted to eliminate this friction (and stop training our users to ignore security warnings), so we copied the following from the old device:

~1 min read

Importing existing RAID devices into new Linux installation

Recently I had to rebuild a CentOS5 VM host as CentOS6. My VMs were stored on a RAID1 pair (seperate from the OS disks). To avoid any possibility of impacting the VM data during the re-installation, I removed the VM data disks from the host during the reinstall.

~1 min read

Monitoring OSX with Icinga / Nagios using NRPE

I have a fairly comprehensive Icinga monitoring platform monitoring my various linux hosts, but one area which has been lacking until now is the monitoring of the OSX Mavericks Mac Mini that I use for a home media center. Considering this is used by my family to watch TV/Movies, play music, and manage iPhoto, it’s arguably one of the most important hosts to monitor carefully. Of course, I could monitor its state (up or down) by pinging it from Icinga, but I wanted to know more than that. I’ve had issues in the past with running out of disk space on the host, and I’m all to familiar with the risks of 4-year-old hardware using spindled disks. This solution enables me to monitor the following on OSX with Icinga:

1 min read

Monitoring Veeam Backup and Replication 7 with Icinga / Nagios

We’ve recently deployed a Veeam Backup and Replication 7 platform, and needed to monitor the ongoing success of the backup / replication jobs. I identified a plugin which does most of what’s required, but seems to have 2 current shortcomings: 1. In-progress jobs trigger false warnings 2. Date calculation doesn’t always work, and produces false warnings

~1 min read

Solving vsftpd’s unsupported record version unknown 48.48 error

I use FTPS with vsftpd to update my WordPress plugins. This means that the wordpress files don’t need to be writeable by the webserver user, which adds another layer of protection and separation. I make FTPS available to localhost only, and force SSL encryption end-to-end.

~1 min read