Paul's Blog

The articles below are on various topics, though the majority are focused on some aspect of systems administration.

Thinking and Doing in Education · May 25, 2017

Back in late 2013, I had a short but congenial e-mail exchange with John Tierney about his article on the Maine Maritime Academy and a follow-up piece that discusses various responses he received mostly on the theme of career-oriented education vs. a liberal-arts eduction. Many more readers added their thoughts in another follow-up. I was recently cleaning up my e-mail archives and had a chance to revisit my thoughts on the issue.

Read more...

Expand ZFS in Linux VM · May 16, 2017

Ubuntu 16.04 has native support for ZFS, which means that VMs may start to use ZFS for non-root filesystems. Here’s a cookbook for expanding those filesystems. In OpenStack, the ZFS filesystem must be exported before this can be done, but at AWS it can be done without downtime.

Read more...

Iterating a Hiera Hash · March 31, 2017

I’m in the process of learning about and porting some rules to Puppet 4.9. One task that had eluded me was integrating custom Hiera data into modules. I used the saz-rsyslog module and discovered that it largely turned off local logging, so it became a good time to discover how to define logging policy.

Read more...

Repository Refresh · January 4, 2017

Given a directory (e.g., ~/src) with a bunch of git and/or subversion repositories, refreshing them all is a script away.

Read more...

Create IPv4 hex filenames for PXELINUX · December 16, 2016

The PXE network booting system distributed by the Syslinux Project is widely used for installing operating systems on networks of all sizes. It’s used in conjunction with DHCP and TFTP servers. The PXELINUX bootloader will look for a succession of files. You should read the official documentation to get the full story, but the short version is that their filenames are based on Client UUID (not always present) Client Ethernet MAC IPv4 address in hexadecimal A file named default The part that usually trips me up is converting an IPv4 address to hex.

Read more...

Basic Command-line AWS Glacier Workflow · September 23, 2016

Glacier is Amazon’s AWS cold-storage service. Its data-center analog is archival tape storage, and it is about as slow as tape. Retrieval times are measured in hours (if not days). Glacier is a disaster-recovery tool, not live storage.

Unlike most AWS offerings, Glacier cannot be usefully controlled from the web console. It must be accessed with command-line tools or custom-built programs. Here’s a quick overview of Glacier operations using the AWS command line interface.

Read more...

AWS S3 Access Management · September 7, 2016

Access control on Amazon S3 is subtle and complex. Here’s a high-level overview of the access controls that can be placed on S3 buckets and objects.

Read more...

Red Hat/CentOS Software Collections (SCL) · August 29, 2016

Red Hat promises software compatibility for the life of any given RHEL release. It will not upgrade major applications mid-release. For example, if RHEL 6.0 contains PostgreSQL 8.4, RHEL 6.7 cannot move to PostgreSQL 9.4. Too many applications will break.

Yet some customers require the upgraded software. By way of an answer, Red Hat and the CentOS project have published what are called Software Collections (SCL). Packages provided in the SCL repositories typically provide newer versions of software that play a key role in the Linux world: Python, Apache, PostgreSQL, MySQL, gcc, etc.

Read more...

Limitations of Hugo's Date Format Templating · August 24, 2016

As I’ve mentioned, I use Hugo to generate the bulk of the content on this site. Its templating system is built on that found in the Go programming language. The time and date formatting routines Hugo inherits from Go are idiosyncratic, to say the least.

Read more...

ACLs for OpenStack Swift Object Storage · August 11, 2016

An OpenStack Swift object-storage container is usually available only to users in the project in which the container was created, but Swift has an access-control mechanism that allows subtle permission sets to be constructed.

Read more...

Managing Multiple OpenStack CLI Environments · August 10, 2016

If you’re an OpenStack administrator or power user, there’s a good chance you need to use the OpenStack command-line tools within multiple projects. Here’s a bash script to help you move between projects.

Read more...

OpenStack Identity API and domain access · July 26, 2016

I was perusing the instructions to setup Heat, the OpenStack orchestration service, and found myself unable to use the openstack domain command.

Read more...

Your First OpenStack VM · July 12, 2016

Congratulations! You’ve setup OpenStack and you can get to its web interface.

Now what?

I found the process of setting up a new VM less than intuitive. I hope this not-so-brief howto will help others who likewise find it difficult to get started.

Read more...

The Demise of Independent Computer Retailers · May 10, 2016

A recent thread in a local tech mailing list noted the impending closure of Pacific Solutions, an established computer retailer here in Portland. I was never a frequent customer—to get there I typically had to go out of my way—but the store had a knowledgeable staff and stocked industry-standard parts. I was saddened, though not surprised, at the news.

One contributor to the mail thread noted that back in the 1990s, there were quite a few independent computer retailers in and around Portland. “Then,” he wrote, “came Fry’s and Amazon.”

It’s true that small computer retailers have largely disappeared, but I don’t think that Fry’s and Amazon are the main culprits.

Read more...

Re-index OS X Spotlight · May 4, 2016

Spotlight searches on my Macbook Pro running OS X 10.10.5 (Yosemite) were failing. Worse, the smart mailboxes in Apple Mail weren’t working. Without smart folders, it takes me a lot longer to navigate my inbox every morning.

The solution was to force OS X to re-index my hard drive.

Read more...