Mario Obejas on "a replacement for bash?" and on writing production-grade code in any language.

Recently Yves Dorfsman asked on the lopsa-tech mailing list: A lot of people love to hate bash, and there are good reasons for it, but it seems that there isn’t an obvious replacement for it. […] What do you use? Do you see any clear winner to replace it on the horizon? Mario Obejas, a popular occasional Instructor for Vertical Sysadmin, and living proof that there is life after system administration, answered with this gem. This is the voice of 34 years of Software Development, Infrastructure, and Information Security experience, folks. (Thanks for allowing us to re-post it here, Mario!) ...

May 29, 2016 · 3 min · Aleksey Tsalolikhin

Ansible now available as an RPM

Ansible is now available as an RPM from the EPEL repo. It pulls in all the dependencies needed by Ansible (Python libraries, libyaml and sshpass). The RPM provides Ansible version 2.0.2.0 which includes a number of bug fixes including a security one (CVE-2016-3096). This is a lot easier to handle than fiddling with Python’s package manager of the day. $ sudo yum install ansible ... ============================================================================================================= Package Arch Version Repository Size ============================================================================================================= Installing: ansible noarch 2.0.2.0-1.el6 epel 2.9 M Installing for dependencies: PyYAML x86_64 3.10-3.1.el6 base 157 k libyaml x86_64 0.1.3-4.el6_6 base 52 k python-babel noarch 0.9.4-5.1.el6 base 1.4 M python-crypto x86_64 2.0.1-22.el6 base 159 k python-crypto2.6 x86_64 2.6.1-2.el6 epel 513 k python-httplib2 noarch 0.7.7-1.el6 epel 70 k python-jinja2-26 noarch 2.6-3.el6 epel 527 k python-keyczar noarch 0.71c-1.el6 epel 219 k python-paramiko noarch 1.7.5-2.1.el6 base 728 k python-pyasn1 noarch 0.0.12a-1.el6 base 70 k python-simplejson x86_64 2.0.9-3.1.el6 base 126 k python-six noarch 1.9.0-2.el6 base 28 k sshpass x86_64 1.05-1.el6 epel 19 k Transaction Summary ============================================================================================================= Install 14 Package(s) Total download size: 6.9 M Installed size: 33 M Is this ok [y/N]:

May 26, 2016 · 1 min · Aleksey Tsalolikhin

Key references for various tools

The following post was contributed by Mike Weilgart who has recently joined the ranks of Linux system administrators. For bash and POSIX shell scripting: Variable quoting Security implications of forgetting to quote a variable in bash/POSIX shells Why does my shell script choke on whitespace or other special characters? Explanation of How quotes relate to argument lists Miscellaneous What is a shell and what is a shell builtin? Why is printf better than echo? Why is using a shell loop to process text considered bad practice? For vi and Vim: The article “Why, oh WHY, do those #?@! nutheads use vi?” Stack Overflow answer encapsulating basics of vi command language Stack Overflow answer encapsulating buffers vs. windows vs. tabs Quick tips for using buffers effectively For git: What exactly do we mean by “branch”? The Think Like a Git website, including all of the links on the “Resources” page. cgroups: Stack Exchange answer serving as an Introduction to cgroups

May 12, 2016 · 1 min · Aleksey Tsalolikhin

Training program to make a Novice System Administrator

I’ve put together a program to make entry-level Linux system administrators because we need more to maintain the IT fabric of modern civilization. The program is self-paced, using online resources. This is not training I deliver personally, rather I will guide you to quality training resources, in the correct sequence, and work with you to debug any stops. There is no fee to me for this program. The training takes 2-3 months full-time and costs about USD 1,000 for the online training courses and books. You’ll need a practice computer you can install Linux on. ...

May 5, 2016 · 3 min · Aleksey Tsalolikhin

CFEngine Enterprise: Enabling Postgres Query Logging

Since the CFEngine Postgres database internals aren’t widely documented, you can learn more about them by observing what queries the Mission Portal sends to the DB (e.g., to do things like get the count of hosts with health issues which powers the health indicator you see in the Mission Portal status bar). Postgres has a configuration parameter log_statement which you can change from none to all to enable query logging (i.e., all queries will get logged to /var/log/postgresql.log) to learn what queries the Mission Portal sends to the database. ...

April 29, 2016 · 1 min · Aleksey Tsalolikhin

CFEngine and Ansible are complementary

CFEngine is designed for ongoing maintenance and verification of desired state; whereas Ansible is designed as a simple tool for making changes quickly. CFEngine and Ansible complement each other. For example, I have a CFEngine promise to inventory CliQr version by reading in /usr/local/osmosix/MANIFEST.MF. By pulling up a CFEngine Enterprise report, I can tell in 3 seconds how many of my thousands of hosts are on which version of CliQr. To run this report with Ansible would take minutes (the more hosts, the longer it would take). ...

February 18, 2016 · 2 min · Aleksey Tsalolikhin

LOPSA Mentorship Program protege Ionut Cadariu earns RHCE

I got a touching letter yesterday from a computer system administrator I’ve been mentoring over the years through the LOPSA Mentorship Program: On Fri, Oct 16, 2015, Ionut Cadariu wrote: Hello Aleksey, I finally achieved my long term objective -> to be Red Hat Certified Engineer…it was a long journey and I wanted to thank you for all the hard work you did with me in order to achieve this. A big part of my career is because of you and I can’t thank you enough! ...

October 17, 2015 · 1 min · Aleksey Tsalolikhin

Senior Sysadmin becomes Director of Operations: Retrospective on Seven Years in Digital Cinema

In my position as Director of Production Systems at Deluxe Digital Cinema in Burbank (June 2013 - September 2014), I was responsible for Operation and Quality of Alchemy, Deluxe’s theatrical booking and delivery management system. This system would book which movies are going to play in which cinemas when, so Deluxe Digital Cinema could deliver the movie to each theatre and then deliver the decryption key so the cinema could play it. ...

August 16, 2015 · 3 min · Aleksey Tsalolikhin

CFEngine Bootstrapping Primer

Definitions Managed server A server managed by CFEngine. Presumably one of many. Policy server A file-sharing service used to distribute policy from some centralized point to a fleet of servers. Hub A commercial add-on to CFEngine that collects reports from managed servers. These reports are available through the Web UI (another commercial add-on) and give you instant insight into the state of your infrastructure. The policy server, the hub and the Web UI usually run on the same server called “hub” for short. ...

July 9, 2015 · 4 min · Aleksey Tsalolikhin

Can CFEngine compare server configurations?

One question I often hear sysadmins ask who are just getting into configuration management is, can CFEngine can report on configuration drift between servers? As in, take a server “A” and baseline it, and compare it to server “B”, and make a report telling where things are different. Comparing existing servers is the hard way to go about getting consistency. I have a story about how I got into configuration management. ...

May 28, 2015 · 3 min · Aleksey Tsalolikhin