Book Review: Systems Performance: Enterprise and the cloud

Uncategorized
Welcome back for another book review. This time, I am going to review a book that I have bought when it came out, in late 2013. I have always wanted to do a review of this one but it seems I had two options:  Write a short review that probably does not do the book justice. Postpone the review for a more suitable time, when $IRL and $DAYJOB allow ... I opted for the second option, as I consider this book to be indispensable (yes, this is going to be a positive review). So, here is the table of contents: Introduction Methodology Operating Systems Observability Tools Applications CPUs Memory File Systems Disks Network Cloud Computing Benchmarking Case Study Appendices (which you SHOULD read) Wow, a lot of contect, huh? (something…
Read More

Conference review: Distributed Matters Berlin 2015

Uncategorized
"Kept you waiting, huh?" - to start the post with a pop culture reference. Yesterday, I was privileged enough to attend Distributed Matters Berlin 2015. The focus of the conference is, you guessed it, distributed systems, often within a NoSQL context. It was hosted at the awesome KulturBrauerei, a refurbished brewery. The format of the conference was 45 minute presentations, including Q&A, thankfully followed by a 15 minute break between talks, in two tracks. The overall level of the presentations was above the average and given that you could only attend one at a time, it made for a hard choice. Owing to the greatness of Berlin taxi drivers (you know what I am talking about if you used a taxi in Berlin recently), I managed to attend only half…
Read More

Book Review: DevOps Troubleshooting

Uncategorized
Hello everyone and welcome back for another book review at woktime. Today's edition is a short review of a short book called "DevOps Troubleshooting: Linux Server Best Practices". Without further ado, below is the Table Of Contents Troubleshooting best practices Why is the server so slow? Running out of CPU, RAM and Disk I/O Why won't the system boot? Solving boot problems Why can't write to the disk? Solving full or corrupt disk issues Is the server down? Tracking down the source of network problems Why won't the hostnames resolve? Solving DNS server issues Why didn't my email go through? Tracing email problems Is the website down? Tracking down web server problems Why is the database slow? Tracking down database problems It's the hardware's fault? Diagnosing common hardware problems So…
Read More

Book Review: PostgreSQL Replication

Book Review, Uncategorized
So for my series of System Engineering books, I will proceed with a short review of PostgreSQL Replication by Packt. The reason this book came to be a part of my collection is that while there is a lot of information regarding PostgreSQL replication out there, a lot of it is out of date, given the overhaul of the replication system in PostgreSQL 9.X. Without further ado, here is the list of contents of the book. Understanding Replication Concepts Understanding the PostgreSQL Transaction Log Understanding Point-In-Time Recovery Setting up asynchronous replication Setting up synchronous replication Monitoring your setup Understanding Linux High-Availability Working with pgbouncer Working with PgPool Configuring Slony Using Skytools Working with Postgres-XC Scaling with PL/Proxy The book gets straight into business with an introduction of replication concepts, and…
Read More

Book Review: Web Operations: Keeping the Data on Time

Uncategorized
For my kickoff of systems engineering book reviews I have chosen this book. While not being technical in the strict sense of the term (if you are looking for code snippets or ready-to-use architecture ideas, look elsewhere), this collection of 17 essays provides a birds-eye view of the relatively new principle of Web Operations. As you will see from the short TOC below, no stone is left unturned and broad coverage is given to a range of subject ranging from NoSQL databases to community management (and all the points in between). This is what you will be getting: Web Operations: The career How Picnik Uses Cloud Computing: Lessons Learned Infrastructure and Application Metrics Continuous Deployment Infrastructure As Code Monitoring How Complex Systems Fail Community Management and Web Operations Dealing with…
Read More

Coming up on Commodity

Uncategorized
For the past few months I have been silent, with the last entry being a re-blog from xorl's (defunct?) blog. That is quite a long time for a writer's block, eh? Well, here is some insight: professionally I have somewhat moved away from security to towards a systems engineering paradigm. While security still plays an important part both professionally and on my personal time, it is not the dominant focus. Building systems engineering skills is hard work, especially of focus on the engineering part as opposed to the systems part (e.g. systems administrator and systems engineer should not be interchangeable terms). My plan is to publish reviews of books and other resources that I found helpful during my journey, as well as some original hacks that I have made. I…
Read More

Rediscovery and Security News

metablogging, Rants, Uncategorized
First things first: Happy 2012 everyone. So, this blog has been silent for a little while now. More astute readers might argue along the lines of "hey man! This is supposed to be a technical blog - where are all them technical articles? Have you ran out of material?". Take a deep breath, the dreaded, almost compulsory metablogging block after a long pause is coming ... The answer is a big NO! There is an abundance of material that I am proud of BUT a lot of this research has been done while solving problems for paying clients. The problem can be refined as "how do you tip-tap-toe around NDAs and do you choose to do so?". Smart money says not to do it, so I am not. Keep this…
Read More

P For Paranoia OR a quick way of overwriting a partition with random-like data

Hacking, Uncategorized
(General Surgeon's warning: The following post contains doses of paranoia which might exceed your recommended daily dosage. Fnord!). A lot of the data sanitisation literature around advises overwriting partitions with random data (btw, SANS Institute research claims that even a pass with /dev/zero is enough to stop MFM but YPMV). So leaving Guttman-like techniques aside, in practice, generation of random data will take a long time in your average system which does not contain a cryptographic accelerator. In order to speed up things, /dev/urandom can be used in lieu of /dev/random, noting that when read, the non-blocking /dev/urandom device will return as many bytes as are requested, even if the entropy pool is depleted . As a result, the result stream is not as cryptographically sound as /dev/random but is…
Read More