12.27.06
Posted in Email Servers at 2:13 pm by Michael
I know this isn’t exactly a virtualization topic, but many virtual servers are liable to be email servers, and this definitely applies. About 4 months ago I got sick of the spam that was coming into all my domains. Even putting in Spam Assassin and ClamAV didn’t seem to stop it completely, and my poor little cobalt raq 5 server was under strain just from the spam. I did some reading and found information on something called a greylist. This almost magical solution completely eliminated all spam to my inbox overnight. Since implementing this solution, not only have I not gotten ANY spam on my server, I was able to uninstall Spam Assassin since there was nothing for it to catch anymore.
I am using the postgrey addon for the postfix mail server. Postfix is much easier to use and configure than most of the other email servers out there, so that’s what I run. Installing postgrey was fairly easy, their website has excellent docs on how to get it up and running in just a few minutes. Immediately I was able to see the rejected emails in the logs, and since I installed it, haven’t gotten even 1 piece of spam. That’s an amazing feat for such a simple to install and configure service. Not only did it eliminate the spam from my inbox, but it reduced the load on my server. All those spam messages didn’t make it into Spam Assassin, so they didn’t take any server resources in order to be denied. Doing things the old way with Spam Assassin, every spam ate up cpu and i/o on my server, as Spam Assassin chugged away at it, trying to determine if it was spam or legitimate email.
Using a greylist adds some time to email delivery, since the entire idea behind it is that spammers never resend a failed or blocked message. You see a spammer will use software that hammers away at mail servers, usually on domains that mail server actually handles, in order to send spam to accounts that are valid for that server. Greylisting puts up a temporary block to ALL emails. Once it has blocked an email, it remembers the person the email was addressed to, as well as the server that tried to send it. The SMTP protocol used for relaying mail has the ability to queue a failed message for a while, then try to resend it. The greylist service uses the remembered recipient and delivering mail server to allow legitimate email to pass through on a second delivery attempt. Spam software only tries to deliver a message once, if it’s rejected the software moves onto the next email address in their list, without a resend. This means spam messages get blocked, and due to the nature of SMTP, real email gets redelivered a second time and is allowed in.
Greylisting is so good at blocking spam that I have turned off Spam Assassin on my server, since it’s just overhead on every email that I no longer require. The delay for emails to be delivered is typically 5 to 10 minutes, but that’s a small price to pay for a spam free inbox. I highly recommend anyone that runs an email server to enable greylisting if their email server software supports it, or to seek out an add-on module for their software and use this service. If you require real-time delivery of email, you shouldn’t use a greyllist, but most everyone can handle a short delay in email to rid their server of any and all spam. If you currently use Spam Assassin and are concerned with the load on your server, implementing a greylist can greatly reduce the load on your server, and help to block even MORE spam than you do already. I am very happy with the results of adding a greylist to my mail server.
Permalink
12.26.06
Posted in Mac, Parallels Desktop at 11:05 pm by Michael
I know this is a little old but I finally got around to installing the new version of the Parallels Beta. It’s actually quite nifty. Coherence mode has been improved, and the ability to see windows apps from the dock has to be seen to be believed. You can hide almost every aspect of windows with the settings for coherence, it makes running windows apps very unobtrusive. They look like crap but it’s windows, what do you expect?
I tried out the USB 2.0 support and it works very well. I am able to plug my jumpdrive (formatted ntfs) and mount and copy files from it at the faster speeds in my Windows XP guest host. The update was flawless, although booting safemode in Parallels seems to be a trickier operation than in the VMware products, due to the flip animation it uses to switch from the configuration screen to the guest os console. There is a setting for this on the menu bar. Go to Parallels Desktop->Preferences and click the Animation tab. The setting there for OS Window transition allows you to disable this annoying animation and helps with that tricky F8 action to boot into safemode.
I’m very impressed with this software, for beta, it’s very well executed. I haven’t experienced any problems at all with either beta build, but the features in this new one are WELL worth the time and effort it takes to upgrade your current version. If you decide to upgrade be very sure you boot safemode in Windows and install the new version of Parallels Tools. You should do that on the first boot under the new version of the beta.
Permalink
12.22.06
Posted in VMware, Mac at 5:11 pm by Michael
With the release of the VMware Fusion Beta, I am in the process of evaluating it on my Macbook. So far as initial releases go, it’s interesting. I have installed and configured Ubuntu Linux onto a 5 gig virtual disk using Fusion. It’s comparable to Parallels Desktop, but this is obviously a beta. Things don’t look quite as nicely polished as they do on Paralells, but I expect by the time VMware releases Fusion most of that will be fixed. Performance seems good so far, though I’m not doing anything terribly demanding of the system. Just a simple LAMP setup to test things out. As a caveat anyone wanting to install the Ubuntu Server version will need to make an adjustment to grub’s config file. On the initial reboot after I installed Ubuntu Server, I got a kernel panic on an acpi component. I simply edited the grub config file at /boot/grub/menu.lst and added the “noacpi” kernel parameter to the line for my kernel. Once I did that it booted up successfully and no problems since.
Fusion seems to cause the fans on my Macbook to go into overdrive when compared to Parallels. It happens whenever I get any sort of load going on the Ubuntu server. I will have to create the same setup in parallels and test things. So far, running Windows XP, using Parallels, my Macbook’s fans don’t seem to run as much as they do once I have Ubuntu booted on Fusion. Running both at the same time keeps the fans on at the highest setting, pretty much non-stop. Obviously I’m putting a strain on the system, but you’d think it would alternate the fans a little… I only have 2 virtual machines going, and I was hoping to be able to run 4 at a time on a regular basis. The fans will be a bit of a let down, but I still love my Macbook.
I am going to change the blog around a bit, I want to get a custom design for the site, but with the holidays and work, I’m lucky to get time to post articles, much less change things around.
Permalink
12.19.06
Posted in Migrations at 12:23 am by Michael
When you can’t just pull an image of a server and virtualize it, you are in for the dreaded Migration. A flawlessly executed Migration will make you feel almost invincible, but it’s one of the hardest things to pull off without collateral damage. Users get spooked when you talk about changing things around. Administrators start eyeing each other like strange cats inside a house. Faces turn grim, and people mutter as you walk away. Yes, it really can be THAT BAD. Botched Migrations cost companies untold amounts of money every year. There are several things you can do to help improve your chances of making a successful Migration. These “Ways of Migration” as I like to call them are pretty much just plain old common sense. I leave it for you to decide.
- Plan With the End-User in Mind
That’s right. I’ve seen good techs spend bad time trying to make things work “right” without ever considering the people that use the server every day. I could tell stories, but I’m going to focus instead on how to get usable info from the end-user. Go around and talk with them on-site if you can. Schedule some calls if you can’t, and find out how they actually use the server. Document as much as you can about their day-to-day usage of applications and try to get a feel for how they move data around. Don’t rely on what a manager tells you, speak to the end users who interact directly with the server. Don’t try to correct their “bad” behavior as they explain to you exactly what they do on their computer, or how they interact with the server. Instead focus on how you can smooth the transition from one machine to another. Try not to get bogged down in semantics, but realize this move is pretty scary to a non-technical person. Also as a nice source of follow-up revenue, you can get a feel for what training this person might need in the future and make a note for later use.
- Spend 80% of the Time Planning and 20% of the Time Executing
This is common sense as well but I cannot tell you how many times I have seen people jump right into a problem without even any planning, much less 80% of the time spent on the project. You have to have a good grasp of how a server is used in an organization before you can go around changing things. While planning, try to brainstorm ways end-users could hold up the process, and plan accordingly. Also, in the planning phase, you can test using a virtual machine. If you are migrating from a different version, make sure you install and test the Applications on the new server before you try to start using the server in production. You will run into problems you didn’t think about, make sure you have license and serial numbers, cdkeys and support numbers for any big ticket software you are working with. This information will save you valuable time once you move to executing the migration.
- Plan to execute in Stages
Most migrations are fairly simple, but almost every migration requires user input. End-users, managers, owners, and everything in between will have a “say” in any Migration. You will want feedback while you are testing things out, and the stages should reflect that. Every stage of your migration should be planned to lead into the next stage. Testing one or more pieces of software requires careful execution. You must take backups of data and restore them to the new server. Test the software, and have multiple end-users test the software and the data. Once all the software is working correctly, move onto security issues. Once things are working smoothly with backup data, plan a day to do the actual cut over.
- Schedule double the time you expect for any stage of execution
If you think that database will backup, copy and restore in 3 hours, schedule 6. If you are absolutely positive that it will take you 15 minutes to shut down the old server, schedule 30. Once you get into the execution of your migration, you will find that time slips away faster than you anticipated. It sounds counter-intuitive to schedule things this way, but it can have an almost magical affect on your ability to actually hit, or even exceed your estimates. When you come in under your scheduled time, the client is usually much happier than when you come in over your estimated hours. You will likely have time to spare at the end of the project if you keep your cool and handle anything unexpected as it comes up. That “extra” time comes in very handy.
- Have a fall-back position
Every plan has it’s weaknesses, it’s hidden traps. Problems can be any size, big or small. Don’t forget to have a backup solution ready to go. If you are under a deadline, be sure you think of a stop-gap measure you can quickly put in place if everything goes down the drain. This one Way can make or break you as a professional. I even suggest having a backup to the fall-back position, just to be on the safe side. An amateur will often fail to plan for a “worst-case” scenario, but as a professional you took it into consideration and know exactly what you will do to save the day. You didn’t anticipate every problem that came up, but you planned for the most important problem, the one that stops you in your tracks. It’s an old cliche but it bears repeating: Fail to plan and you plan to fail.
A solid migration plan with proper staged execution can make migrations move smoothly with a minimum of snags. If you spend your time planning carefully, and execute your plan, you will not be disappointed. There is no better feeling of accomplishment than finishing a successful migration. End-users will throw rose petals at your feet the next time they see you. People will whisper in hushed tones behind your back, telling other people who haven’t met you yet, what an amazing “computer guy” you are. A professional plans their moves meticulously and executes them flawlessly. Are you a professional?
Permalink
12.17.06
Posted in Mac at 4:04 pm by Michael
I recently got a nice new black macbook. I enjoy this laptop more than any other computer I’ve ever owned. It makes me wish I had moved to Mac 3 years ago. I installed Parallels Desktop for Mac so I could run a few Microsoft only apps from my Mac. Parallels is by far the most powerful simple app I have installed on my Mac. I call it a simple app because it’s extremely simple to install and get running. It even has an express install method for Windows XP so I didn’t have to keep clicking through the Windows install. It’s very fast, and using the newest Beta version, I can run Windows apps in a window layered right onto my Mac desktop. It’s called Coherency Mode and it’s very slick. The performance for a single virtual machine is close to native performance, probably due to the Core Duo cpu in my Macbook.
Parallels is a great product and I highly recommend it to anyone thinking about getting a Mac. It has saved me many hassles related to Microsoft only apps, and it’s just neat to run Windows in a window on a Mac… I have included a link below for a macbook configured exactly the same as the one I’m using.
13.3 MacBook Intel Core 2 Duo 2GHz Black 2GB/120GB/SD with Parallels Desktop and Microsoft Windows XP Pro pre-installed 
Permalink
11.02.06
Posted in VMware at 3:46 pm by Michael
Virtualization is the process of taking a physical server and turning it into a virtual server. A virtual server can then be run in a special environment where multiple virtual servers share physical memory and cpu. The process takes some time to master, but once you do, it reduces your cost of ownership on a server by quite a bit. The main problem with physical servers is space, they take up real (usually expensive) space. With a virtual server, you can pack multiple servers onto a single physical machine and save that space. It’s also handy to be able to deploy a virtual server to test things out before you do a widespread release. This applies to patches and software mainly, but it is nice to be able to load several different OSes, have them all running, and test things from each one.
The best benefit comes from the ease of maintenance after you virtualize. Once you have virtual servers running, administration becomes very easy. I use VMWare on the IBM Bladecenter. With this setup, you can log into the virtual server console, and control any of your virtual servers from a single software interface. This makes rebooting, and troubleshooting on multiple servers much easier than if you have to connect to each machine seperately, using the network, or even the local console (keyboard and mouse connected to the physical server). This means if you need to work with many servers, you save quite a bit of time if they are all virtual servers.
The main problem I run into while working with legacy physical servers is determining if they can be virtualized or if they must be migrated. Virtualizing entails running some software to get an exact copy of the physical servers hard drive, and transferring that image to a virtual machine with a virtual hard drive. This process means you inherit every problem that the physical machine may or may not have. The physical machine could have countless problems that aren’t apparent from a cursory inspection. A virus might be live on it, there could be legacy applications that hurt performance running in the background, or it could just have been initially setup incorrectly. Migrating a server entails installing a new OS into a virtual machine, and then installing the applications in use on the physical server, and finally moving the data from the physical server to the virtual server. Once you migrate a machine, most of the legacy issues I typically find in production go away. Knowing how to correctly do an initial OS setup in crucial to having a migration work correctly.
Virtualizing can bring many benefits to an Administrator’s day-to-day activities. Anything that can save you time will make you more effective when it comes to the things that matter. I highly recommend anyone interested in virtualization to get and install VMWare Server. It’s free for Windows and Linux, and can give you a small taste of the ease and effectiveness of Virtualization. I myself prefer the Linux version, because you can strip a Linux box down to bare essentials, you can make better use of the resources (cpu, memory) in your machine. The Windows version runs adequately, but Windows entails more overhead from the GUI than you might like on a virtual server. You can strip Windows down pretty well, but not quite as well as you can a machine running Linux. Windows forces you to use the GUI, and that is ram and cpu being used that could be better spent on a virtual machine.
The Enterprise level of VMWare Server is called VMWare ESX Server. ESX is very useful when you are going to use many virtual servers in production. I can attest it is the fastest, and easiest to use software of this level I’ve seen so far. It is expensive, but if you are going to be using virtual servers in production, it’s worth having. If you install multiple copies of ESX, you can aggregate the administration into a single interface using VMWare VirtualCenter. VirtualCenter connects to multiple ESX servers and allows you to administrate any virtual server on any ESX server from a common software interface. It’s quite powerful for large deployments of virtual servers, especially when you consider the cost of building the same sort of infrastructure for physical machines.
Virtualization can save you time and money. It can also simplify your daily administration and maintenance tasks. Using a single interface to control many machines is effective and efficient. You can easily modify and revert changes to virtual machines using the tools included with VMWare. I’ll get into that a little more in a later article, this one is for the “big picture” benefits. Patching, Rebooting, and remote trouble-shooting are all simplified on a virtual server platform, simply from having every machine “at your fingertips” so to speak. I cannot stress enough how much of a difference this makes in the amount of time I spend at normal administration. It has saved me literally weeks of time since I started using virtual servers instead of physical servers.
Virtualization is here to stay, and I’ll be blogging my various trials and tribulations as I learn to master this technology. I have quite a bit of experience with it already, but now I’m using the big tools, like ESX and VirtualCenter, rather than the smaller free versions. I’ve spent countless hours playing with VMWare Server and have found it to be the most robust, and easiest to use of the free solutions available. Don’t just take my word for it, download VMWare Server and try it for yourself.
Permalink
· Next entries »