Linux and PHP web application support and development (Bromsgrove, UK)

systems administration

Filesystem Magic on AWS with EBS volumes and BTRFS

One consistent pain has always been resizing a filesystem without rebooting on Linux. Thank fully in recent years, this has changed with filesystems like BTRFS – where you can do something like the following….

, , ,

Read more...

Saving memory under Linux when using virtualisastion

If you’re running low of memory on a server, there may be scope to free up memory through use of ‘ksm‘. (Note, that the kernel will start looking for memory to de-duplicate if KSM is turned on AND there are some processes running which have notified the kernel that they’re candidates; ‘kvm’ does the latter.) […]

Read more...

iPXE Network booting for ISO images

Historically we had a ‘normal’ pxe boot server in the office (DHCP server points to a TFTP server and specified a pxelinux file to load) from which we could choose to install various distributions. The only problem with this is that it was initially limited to the a specific release/version of Debian/Ubuntu (as we’d just […]

, , ,

Read more...

How to graph data with Munin

Using something like munin it’s trivial to create a graph plotting trends – and assists in answering questions like : Why is the website on server X feeling slow today? Are we receiving significantly more hits/email/whatever than normal? How effective is the new mail server? When are we likely to run out of disk space? […]

,

Read more...

SSH fingerprint (sshfp) dns records

To help aid security for SSH connections, you can publish ‘SSHFP’ records in DNS which contain a fingerprint of a server’s ssh host key. If DNSSEC is in use throughout the DNS hierarchy then it ought to provide a trusted way of verifying remote hosts when no record already exists in your ~/.ssh/known_hosts file. To […]

, ,

Read more...

High Availability cluster – DRBD + Apache

A short howto for configuring a two node highly available server cluster. This will be an active-standby configuration whereby a local filesystem is mirrored to the standby server in real time (by DRBD). The article below shows how to configure the underlying components (DRBD, setup a filesystem to go on top, setup DRBDLinks) with a […]

Read more...

Web Developers and Cron jobs

Dear other web developers …. if you’re going to add a cron job to a (web) server, please make sure any output is sent to a valid email address (or log file) which is monitored….

Read more...

Disk I/O performance on a Proliant + SmartArray server

Some time ago, we upgraded a customer’s Debian Lenny Linux server from running a 2.6.26 based kernel to use a 3.2 kernel. It hosts a relatively popular website, and the performance optimisations in the 3.2 kernel (particularly around TCP slow start) have made a big difference to page load times (for more information see this […]

, , , ,

Read more...

Stopping the deluge of email spam for qmail using SpamDyke

If you’re having spam trouble with qmail [edit – 2019; new fork, qmail.org is offline] based Linux servers (in our customer’s case – Plesk based) then perhaps you need to look at using SpamDyke Installation is pretty easy – wget http://www.spamdyke.org/releases/spamdyke-4.3.0.tgz tar -zxf spamdyke-4.3.0 cd spamdyke-4.3.0/spamdyke ./configure make  && cp spamdyke /usr/local/bin Then, assuming qmail is […]

, , , , , ,

Read more...

Two Factor Authentication for remote SSH users (using google authenticator)

Using Google’s Authenticator, we can change a Debian Linux host to make it require two factor authentication for remote users (or selected users based on name/ip address) as follows.

, ,

Read more...

‹ Previous Posts