Wednesday, June 29, 2011

moving ...

After some thought and a few kneejerk reactions, I've decided to move this little tech blog to Wordpress.com before it got much larger.

There are just a few too many limitations to the Blogger platform. It's one of the FEW times where I feel Google truly failed to capture their customers desires.

Since I'm too lazy to build my site out in Django, off to wordpress.com we go.

We'll be living at http://lostinopensource.wordpress.com. Thanks!

Tuesday, June 28, 2011

test

test

Lesson in Life and Story-telling


Presentation Zen referenced this video today, and I'm amazed at how many lessons you can take from a 20 minute video. Lessons for your own life, and lessons in how to tell a story to make a point and connect to an audience.

It's a great talk, well worth the 20 minutes of your life.

-jamie

Monday, June 27, 2011

At what level Open? Walking the walk or being a fanatic?

I most sincerely do think that, ultimately, the business model that is going to win out is going to be some variation of what the most successful Open Source companies are doing (see http://www.redhat.com). Heavily simplified, these companies release the software they produce for free, and if they make a profit it is providing associated expertise with their software (training, installation, customization, etc.).

The reason I believe that it is going to be the model that wins out is that is the only way you can truly foster a community around a product. And that community is the only way that a project will be able to truly remain innovative and be able to move at the speed of technology. These are pretty amazing times that are around the corner. Hiding your development team solely in a cube farm and expecting them to be at the front of the pack is an increasingly antiquated idea.

But at what point do I stop being an advocate for open source solutions? And at these points, am I being pragmatic, or am I shielding myself from the harsh truth that more than a few of the things that I take for granted and/or hold dear are against the very principles that I hold dear?

At the micro level, I love Google Apps. I love it for myself, and I love it for my company. I proved a long time ago that I know how to set up an email server, and I hope to never have to maintain one again for large groups of users. Google is willing to dedicate teams of people and maintain acres of datacenter for just that purpose, and sell me the service for an incredibly reasonable rate. Since Google doesn't release GMail and Google Apps (or at least portions of them) under some flavor of the GPL, am I being a bad ambassador for FOSS concepts by using them?

I recently re-read an old piece written by @jimmy_wales at http://jimmywales.com/2004/10/21/free-knowledge-requires-free-software-and-free-file-formats/, from 2004. In it he states, quite eloquently that by providing information in any format that is encumbered by proprietary software or some sort of patented process, you're not making the information freely available.
If we offer information in a proprietary or patent-encumbered format, then we are not just violating our own commitment to freedom, we are forcing others who want to use our allegedly free knowledge to themselves use proprietary software.
 I totally get his point. But is there a point where putting this into practice in the real world would become impractical? And is that being a good citizen within the community I'm sharing knowledge, or is it simply perpetuating the problem?

And at the macro level there is the internet itself. The internet isn't run across campus labs at Stanford, Harvard, and MIT any more. The internet's lifeblood courses through Level 3, Cogent, and Verizon's fiber networks.  Reading http://www.shareable.net/blog/the-next-net, this is in direct opposition to the principles of Open Source and even the premise that the Internet purports to be founded under.
Of course the Internet was never truly free, bottom-up, decentralized, or chaotic. Yes, it may have been designed with many nodes and redundancies for it to withstand a nuclear attack, but it has always been absolutely controlled by central authorities. From its Domain Name Servers to its IP addresses, the Internet depends on highly centralized mechanisms to send our packets from one place to another.
And I read about Afghan people ingeniously running point-point ethernet connections through their country using what is essentially trash. And I think that's great. But I don't think that the internet is going to be made ubiquitous and truly universal by scrapping the current infrastructure and hanging an array of Pringles cans off the side of millions of chimneys worldwide. Starting up a "new net" with the proper principles and a truly decentralized architecture is a great idea. But is it going to happen from the grass roots up? Being down here in the grass roots, I don't see enough disgust or distrust with the current situation to start that fire burning. IPv6 ain't that bad...

In conclusion, I have no conclusion. But is does make me wonder. Am I being pragmatic and forward thinking, or am I being diluted by at least some level of hypocrisy just to make my life a little easier. Should I try to continue to be innovative with what I'm doing now, or get a dovecot cluster rolling and start building a WiMax antenna in my garage?

Saturday, June 25, 2011

Zabbix Fun - Tracking SSL Certificate Expiration Times

One of the most important things that an IT pro has to do is make sure the SSL certs for his sites don't expire. It's one of those weird little things that seems to fall through the cracks way too often. Happily, Zabbix can help keep track of this and make sure we take care of it.

For the record, I heavily borrowed this idea from http://aperto.fr/cms/en/15-blog-en/15-ssl-certificate-expiration-monitoring-with-zabbix.html, keeping the vast majority of his technical operation, and primarily changed how Zabbix is executing the check.

Step 1 - the script:


[root@sfo-it-zabbix-prod-01 ~]# cat /etc/zabbix/scripts/ssl_check.sh 
#!/usr/bin/env bash
host=$1
port=443
end_date=`openssl s_client -host $host -port $port -showcerts /dev/null |
          sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
          openssl x509 -text 2>/dev/null |
          sed -n 's/ *Not After : *//p'`


if [ -n "$end_date" ]
then
    end_date_seconds=`date '+%s' --date "$end_date"`
    now_seconds=`date '+%s'`
    echo "($end_date_seconds-$now_seconds)/24/3600" | bc
fi


This script takes a hostname as input, and looks up the associated SSL certificate using openssl. Example usage is:



[root@sfo-it-zabbix-prod-01 ~]# /etc/zabbix/scripts/ssl_check.sh www.gmail.com
176


The SSL Certificate for www.gmail.com expires in 176 days.


Now we add this as a custom parameter to Zabbix.


Step 2 - adding to zabbix_agentd.conf


UserParameter=cert_check[*],/etc/zabbix/scripts/ssl_check.sh $1


More information about creating custom checks in Zabbix can be found at http://www.zabbix.com/documentation/1.8/manual/config/user_parameters

Step 3 - setting up the Zabbix GUI

Since this will only change once per day, we really only care about checking it once every 24 hours, or 86400 seconds.


So now we're collecting data.  If you look at the overview for the box your zabbix server (or wherever you wrote this script and applied the template to), you should see something similar to:


And that's cool. BUT, how do we get Zabbix to send us info if our certificates are getting close to expiring? The answer is TRIGGERS.

Information on Zabbix triggers is available at http://www.zabbix.com/documentation/1.8/manual/config/triggers. I created three alert levels. 

1. If the certificate is within 30 days of expiring, a standard level alert is sent out.
2. If the certificate is within 7 days of expiring, a high level alert is sent out.
3. If a certificate expires, a Disaster level alert is sent out.


And there you have it. Zabbix is now keeping an eye on our SSL Certificates, and will scream at us loudly to make sure we don't let it expire.

Friday, June 24, 2011

Making Open Source Better with LUGs

When I tell people I work "with Linux", most of them have a vague idea of what I do for a living. Granted, some of them think if involves dark basements full of hardware that looks like it's from War Games, but at least they're in the right ballpark.

A (very) few of them actually perk up and mention that they're interested in Linux a little. Usually this is phrased as "Oh, I tried out Ubuntu on an old laptop for a while". This is when I go into something that looks a little more like this scene from Tommy Boy than I care to admit.


Unless I've seen this person previously at my local LUG meeting, odds are the first impression is out. 

My poor salesmanship notwithstanding, I often find myself wondering why desktop use of Linux is still lagging behind. With the debut of Gnome 3 recently, I find myself wondering that even more, because that experience is at least as good as the one with Mac OSX 10.6 (I use them both every day). 

So how do we, as the ambassadors and experts of Linux, make our own community better?

The LUG. 

I know. It sounds weird. The first thing that most people think of when they hear "Linux User Group" is acne, debates about kernel logging, and nerd-sweat. But I truly believe that the Linux User Group can be a game-changer in how Linux is perceived and used. 

Take a look at the Mac Genius Bar. Come in. Test drive a Mac, and talk to people who know way too much about it who can show you how and why it's better than Microsoft. And if you have a Mac, come in and learn cool new stuff whenever you want in a very comfortable, low-hurdle environment.

Why can't a LUG do that? And do it better?

Make it the focus of a LUG meeting, and take away the $2k price tags. You can have people come in who are interested in Linux (or just interested in not paying for Windows or Mac OSX), and have your own community of experts show them how Linux can be superior for them no matter what their needs are for a computer. Lots of LUGs have "Install Fairs" already. Why not make them "Welcome to Linux Fairs", and include some basics on the user experience, as well?

The second thing that the Genius Bar does so well is that softening of the initial learning curve and offering soft support to people when they come in.  A LUG could easily man an email address that new users could ask questions on, or have online forums for that purpose, or make videos, or any of a thousand other cool things that would help someone get comfortable in Linux more easily. And if the LUG takes it on as a community it could easily be a superior experience for everyone involved. Not only would more people use Linux, but the people in the LUG grow, and the current members would gain experience by generating that support network. It's a win-win situation for everyone, and well worth the effort.

The long and the short of it is that even now we people in the Linux community like to walk around and feel a little bit superior about using Linux to solve our problems better. That's great. But instead of just walking around I think we should be showing other people how they can do it, too.




Monday, June 20, 2011

Next up at RVaLUG - it's Zabbix Baby

Tomorrow evening, I'll be talking at the Richmond, VA Linux Users Group (http://rvalug.org). The talk will start around 6:30p. Snacks will be supplied by 5AM Solutions (http://www.5amsolutions.com). Sadly I'll be buying the snacks and I typically have pretty bad taste.

Just in case you don't know, RVaLUG meets up at the Richmond Hackerspace (http://hackrva.org).

I'll be talking about Zabbix (http://www.zabbix.com), one of my favorite open source projects and the tool I've used for the enterprise monitoring solution at my last 3 gigs.

The gist of my talk is going to be, I hope, the logic behind what led 5AM Solutions to decide to use Zabbix as its monitoring platform, and then dive just a little bit into some of the features that we enjoy the most.

A (much) longer version of what I hope this talk to be is available at http://lostinopensource.blogspot.com/p/enterprise-monitoring.html . It's long, but I hope it provides some information.

Hopefully we'll spark off a good conversation, which is always the goal

Sunday, June 19, 2011

insert cloud joke here

For way too long now, the buzzword supreme in the IT world has been "cloud". Building clouds inside, using clouds outside, leveraging clouds, making clouds cost-efficient, having pretty clouds, your music in the cloud, clouds that look like former presidents, we are the cloud. we are the walrus. All cloud. All the time.

Amazingly, only a precious few people that I've run across can truly define what a cloud actually IS with regards to Information Technology. Not amazingly, none of those people have been the people currently shoveling the cloud manure du jour into every nook and cranny of the interweb.

Soren Hansen (http://blog.warma.dk/), gave a talk back in February (I'm not 100% sure where, but at some conference and on youtube at http://www.youtube.com/watch?v=XV8M_v1rf0s), that one of my favorite co-workers (@cowmix) really enjoyed and asked me to listen to over the weekend. Other than Soren needing to get some hydration issues addressed, it was a really good talk about the inner workings of OpenStack (http://www.openstack.org/). For the record I'm really excited about the vast majority of where OpenStack is going. I'm excited enough to set aside a lot of the disappointment and frustration I had when I was dealing with Rackspace (http://www.rackspace.com/) at a previous gig and look at this piece of technology without bias and even consider adopting it for my company's infrastructure.

In this talk he defines a cloud, any cloud, quite clearly and perfectly as:

"an IaaS service with an API".

Waiting for fireworks? Sorry. As it turns out it's just like all other novel technologies; not exactly new, but a spin on an established technology that hadn't been thought of before. Now don't get me wrong. The push to distributed storage and computing is an amazing one that will eventually revolutionize not only our businesses but our lives in ways we can't even think of yet. This excites me and I can't wait for it to happen.

The source of my sarcasm is the marketing engine that is making the cloud sound like we just discovered a whole new layer of the internet, and it's about to solve all of the problems of mankind in some magical soup of unlimited music storage, perfect data connections and Charlie Sheen video rants. It's almost as if nobody ever learned anything from the first dot-com bubble, so here we are blowing up another one. Sticking a cloud logo on a bad idea doesn't make it a good idea, just like making something a website in 2000 didn't make it good, and putting something on a CD-ROM in 1995 didn't make it good.

The cloud concept has incredible potential, and it's going to be a game-changer. Look at the internet AFTER the bubble burst. Now it's everywhere. I'm pretty sure my refrigerator just emailed somebody to tell me I was running low on mustard. But the same bad ideas that popped that first bubble are creeping in again. If you don't believe me just google "making money in the cloud".

*Note -- this has been cross-posted to http://rvalug.org*

Tuesday, June 14, 2011

Breaking Down Barriers to Entry - Has your LUG kept pace with the kernel?

One of the largest stigmas still attached to Linux is that "it's too hard to learn and use". One of the easiest ways to dispell that myth is to get someone around people who enjoy using and making Linux and show them not only how easy, but how amazing it can be as a tool.

A local Linux User Group has the ability to be an incredible entry point to do this, but unfortunately they're still stigmatized more than Linux itself. Has your group kept up with Linux itself in the adoption of new technologies, concepts like social media, and does your group have a goal of growing FOSS/Linux contributors? If not, should it? And if so, how can it?

This thought popped into my head a few hours ago, and I'll be exploring it more fully over the next few weeks.

Monday, June 13, 2011

Fedora 15 midterm report card

My first experience with Linux was a Cheapbytes CD version of Mandrake 1.0 I bought off Ebay. Since I had a (comically) cheap video card, I could never get X configured. But I was able to mount a disk from my linux computer on my parent's Windows computer - 1 floor and at LEAST 15 feet away. I was amazed and instantly addicted.
The user experience with Linux has certainly come a long way since those heady days of "BUT LOOK, that file is ALL THE WAY UPSTAIRS".
Fedora 15 "Lovelock" is the latest leap in that user experience. Happily and amazingly, they get the majority of things right.
Things they got right
Speed... pure demon speed
Out of the box, F15 is fast on my relatively recent Sony Vaio laptop. Fedora has suffered a (sometimes warranted) reputation of being bloated and a little clunky in recent releases. Fedora 10 was glacial to boot oten times, and coming back from a suspend could grow moss. That's not the case with Fedora 15. I haven't clocked it but I was startled the first time I picked up my laptop lid to come back from a suspend. We're getting into the neighbourhood of Mac here. The boot time isn't quite as impressive, but it's still as good as I've seen. I caveat that with the fact that I'm not much of an Ubuntu user, so they could be booting as fast as a stabbed rat, but I'm impressed with Fedora 15 regardless.
Holy crap Gnome3 is going to be cool
The fact that my desktop is now primarily rendered with JavaScript causes stirrings within my person in some very special places. It gets us all one step closer to a truly personalized computing experience. That day will be right up there with Skynet and Atmos. We're night quite there yet. I'm hoping that the Fedora community at large will do its job (and I think it probably will) and begin providing some really cool tweaks and tricks that will unleash my desktop into the amazing thing I've had in my head since 1995.
That being said, Gnome 3 in Fedora 15 is almost a really good UI. After a few weeks of using it consistently, I'm coming more and more to the conclusion that the changes that have been made are benificial. The hot corners, simplified topbar, more intuitive maximizing and resizing windows... all great things. The biggest issue I've run into so far is consistently finding the various admin widgets. I'm sure it's just a learning curve, but it's there and I'm complaining.
An Even better desktop OS
Back when I was using my Cheapbytes CD version of Mandrake, I was running down the street screaming when I got my 33.6k modem to talk online. Fedora 15 took about 10 minutes to get 99%+ of my sites to render properly. Since it's open source, of course Flash, Air, and a few other minor things took that extra step. But the community had thorough docs about any changes and odd needs. I can't wait for HTML5 to replace Flash and Air and all of the other proprietary ugliness out on the interwebs, but tomorrow is not going to be that day.
Things that aren't quite there yet
Most things that aren't great in Fedora 15 ring true for just about any current Linux distribution. But here they are any way.
still hanging out with ext4
There is talk of btrfs (http://en.wikipedia.org/wiki/Btrfs), and it's supported in Fedora 15. Pull the trigger. It's amazing. Let's do it.
We get it. Adobe isn't open source
I hate that things I depend on use non-open source tools, but I still need to use them. Tweetdeck, Flash, Skype...etc. I get the issues and don't want to see them in Fedora's repositories. But let's go ahead and crank out a simple script to get the software quicker. Those 10 minutes I have to take to configure a Linux desktop OS with those applications is a huge barrier to a new user. Let's get practical and get rid of it in a way that doesn't violate copyright or ethics. I think it's possible.
Driver issues still exist
I'm a pretty handy guy with Linux. I even have pieces of paper that tell me I am a pretty handy guy with Linux. My webcam isn't even close to working. I know that's not Fedora's fault, or any Linux distributions. I'm mentioning it here to make the point that it's another area we're going to have to grow as a community to bring in more casual and new users.
So there you have it. All in all I'm really really enjoying running Fedora 15. My work laptop is a 17" macbook pro with 8GB of RAM. It's quickly becoming my "other" laptop since getting going with Fedora 15.

SE Linux Fest Highlights

From June 10-12 this year, a thousand or so fans of Linux and Free/Open Source Software got together in Spartanburg, SC to get smarter, talk about what they believe in, network a little, and drink top-shelf booze paid for by sponsors. In all of those, and many other, respects the 2011 incarnation of Southeast Linux Fest was a huge success.

While it's three days long, the climax of the event is Saturday, which has the vendor tables going strong and is bookended by keynote addresses to start and end the day. Somehow, though, the schedule this year had a few oddities that ended up giving me even more enjoyable time, and ended up providing my own personal geek peak on the first day of the conference.

Friday started with Jared Smith (http://www.jaredsmith.net/), the Fedora Project Leader, delivering a talk about Open Source communities and how upstream and downstream communities ultimately benefit one another. It's a great talk with even better visuals.  While I heard an earlier incarnation of it in October when he visited Richmond, VA (http://rvalug.org), it truly never fails to impress. It brings the whole idea of community into a crystal-clear focus that is often hard to find when talking about such an abstract idea when we're all so used to dealing with regression tests and overloaded classes.

The last speaker on Friday, Leslie Hawthorn (http://hawthornlandings.org/), was perhaps even better. Reading Leslie's bio is an experience itself. The work she's doing is amazing on multiple levels. To hear her talk about the causes and ideas that the holds dear is the closest I've been personally to wanting to win one for the Gipper. She makes you want to devote your time and efforts (and maybe your life) to these amazing causes.

Lots of people are talking about the keynotes from SELF 2011, and they were both great. A particular thank you to Tom "Spot" Callaway, for slaying the 800 lb. cloud in the corner with his first few slides in the afternoon keynote address. But for my (meager) money, two of the best talks happened while the main rooms were still being set up. I wish they'd have gotten a little more attention at the time, and I hope they get a little more attention when the SELF folks get the videos online from all of the talks.

I met some great people who are doing the work every day to keep the concept of Open Source happening, and it always helps to re-focus my own thoughts on where I want to make my contribution.  SELF 2011 was certainly not an exception to this. For anyone who thinks Linux and free or open source solutions are the hear of technology's future, SELF 2012 should go on to your calendars now.

Word for the day

At SELF (http://www.southeastlinuxfest.org) this past weekend, one of the most interesting people I had the good luck to meet was Tarus Balog (http://www.adventuresinoss.com/), who is the CEO of OpenNMS(http://www.opennms.com and http://www.opennms.org). His blog plugged above has taught me my word for the day.


1.Freetard

A freetard is a unyielding proponent of Free and Open Source Software (FOSS) like the linux operating system. They make no apologies for going on 10 minute rants about the importance of their impeccable values like "not paying for things" and "sticking it to the man".

It's nice to know that I have a label other than "geek".