Oh The Huge Manatee!
Author Image

Thoughts and technical notes from the field. I'm Campbell Vertesi, Global Partner Strategy ISV CTO for Red Hat at Microsoft, opera singer, and parent. These are the things that go through my mind.

What the Sony hacks tell us about their Sysadmins and management May 21, 2011 {% raw %} I wouldn't want to be a Sony sysadmin right now. F-Secure just blogged about evidence of a fourth hack at the electronics giant. This one is relatively harmless - a phishing scam being run from Sony servers - but this pattern of security problems should tell us a few things about Sony's SysAdmin staff: 1) They're powerless in their own organization. 2) They don't get to set IT resource policy. ...
Sendmail Return-path, php, and the importance of the variables you don't think of May 20, 2011 {% raw %} I got called in for an interesting issue on one of the servers I co-maintain today.  Sites were messing up left right and center, in all sorts of bizarre ways.  CSS wouldn't be delivered, or half of it would be, or some of the content would disappear... and different on every page load!  It only took me a moment to confirm - the server was out of space on the root device. ...
Running Redmine in a subdirectory May 16, 2011 {% raw %} Redmine is a fantastic project management tool for technically oriented organizations.  At my job, we use it to manage 30-50 active projects at a time, as well as the back history of several hundred projects.  Oddly enough, the normal installation process puts it on port 3000 .  We had some trouble with developers' ISPs not allowing HTTPS traffic over non-standard ports, so we had to move redmine onto port 443 along with the rest of the SSL traffic. ...
Setting up Secure LDAP on Ubuntu 10.04 - the idiot's guide to SSL, TLS, and SLAPD May 13, 2011 {% raw %} LDAP is one of the Elder Gods of the UNIX world.  It had it's beginnings in DAP, the first Directory Access Protocol, in 1988.  Within a decade DAP was more or less discarded in favor of the Lightweight Directory Access Protocol.  And it has stayed in basically the same format ever since. LDAP is, as you might have guessed, a directory protocol.  It was developed in response to X. ...
Updating kernels for Amazon (AWS) Instances May 09, 2011 {% raw %} Lately I've been getting hit by an odd kernel bug on one of the servers I maintain.  It's discussed in some depth on Launchpad, but the gist is that when trying to find an idle cpu for a new thread, the scheduler divides by cpu_power.  On EC2 instances, it's possible for cpu_power to be 0, which causes a divide by zero kernel crash.  Why cpu_power is 0 is still an unknown; this should never be the case. ...
Simple AWS backups with Snapshots and AMIs Apr 30, 2011 {% raw %} Are you just getting started with Amazon Web Services?  It's a great service, but it faces some reliability challenges.  This post explains how to set up a simple backup system using Amazon's "snapshot" "machine image" functionalities. Dependencies Before you begin, you will need: Amazon's standard EC2 Command Line ToolsAlestic's ebs-consistent-snapshot programTech Kismet's remove-old-snapshots.php script (which must be so named) AMI Images Everyone knows that Amazon Instances are ephemeral. ...
AWS Load Balancer SSL limitations Apr 29, 2011 {% raw %} No one else seems to have documented this anywhere, so I'm gonna do it here. Amazon Web Services has a great little load balancer system you can use.  A few clicks, and you're away to the races with a shiny load balancer of your own!  The best part?  It will even do SSL termination at the load balancer for you.  Just paste in your certs and away you go! ...
Multiple SSL sites on one AWS instance Apr 29, 2011 {% raw %} It's a familiar problem - you can't really host multiple SSL sites on a single IP address.  There's a fancy workaround if you get a pricey multi-domain certificate, of course.  But separate sites, with separate certificates just won't work.  The reason is simple - put yourself in Apache's shoes. When you're using name based virtualhosts, Apache uses the request headers to determine which vhost should get the request. ...
Working with Bash - awk Apr 24, 2011 {% raw %} Now a quickie - one of my favorite tools: awk.  Some of you will probably think of this as obvious, and that's great.  But tools like awk are the things that I skipped learning when I got started... and when I finally started using them, my world expanded tremendously.  Here's hoping I can pay it forward to one other sysadmin out there.  So let's get going. ...
HTC Inspire, Cyanogenmod 7, and HSUPA Apr 14, 2011 {% raw %} About a month ago, I picked up my first Android phone: the HTC Inspire 4g, from AT&T in the US.  I determined to root it, install a custom OS, and laugh at all the poor saps who get bad battery life on HTC Sense. The first challenge is in the name.  See, the HTC Inspire 4G is really just a rebranded HTC Desire HD, which is a tweaked HTC Desire, which is another name for the HTC Ace. ...