Jason Antman’s Blog

I was reading Ben Rockwood’s blog before (as I do every day, thanks to the magic of Google Reader), where he had an article praising up.time network monitoring software. Now, up.time (have I ever mentioned that I *hate* names with punctuation in them?) is proprietary software. And, given their support options, level of integration, and fancy web site, I assume it’s probably not cheap. They bill it as turnkey monitoring – they claim to be “up and monitoring” within 15 minutes “including the download”. They also have an impressive list of clients, including JP Morgan, Merrill Lynch, Cingular Wireless, Verizon Wireless, T-Mobile, Wyeth Medica, Hewlett-Packard (how ironic – did the OpenView team hear about this?), and a whole slew of other clients including major hospitals. Aside from the irony of HP using their product, I wonder to what extent these clients use up.time. Surely the likes of Merrill Lynch can afford more than a turnkey solution. And I’d bet that Verizon Wireless doesn’t use anything 100% off-the-shelf to monitor their communications systems.

Anyway, this got me thinking about network monitoring systems. Well, open-source ones, since I like the idea of having control over infrastructure. The forerunners seem to be Nagios (my personal choice), GroundWork Monitor (available in both open-source and proprietary versions), Zenoss (”Core” free version and a paid-for Enterprise version), Zabbix, OpenNMS, and Munin, Cacti, or one of the other MRTG-/RRD-based applications for graphing/trending.

As stated, I’ve always been a Nagios man. I’ve been running it for 3+ years, and it’s always worked well for me. Once you spend days learning to cope with the config files, it’s a breeze. Until they go and change them in Nagios 3. The one thing that I always missed was built-in graphing and trending. And some sort of *good* log analysis. So, Nagios 3 is coming out (the Nagios site claims to get Nagios 3 up and running in 15 minutes, as well), and I guess I should upgrade. However, after looking around a bit, I came to a frightening realization – Zabbix, Zenoss, and OpenNMS look a heck of a lot better than Nagios. Their interfaces appear much nicer (personally I think OpenNMS wins) and they seem to have a lot more features, too – like Zenoss’s inventory and configuration management. So, this got me thinking that there might be a change in the future – even though I’ve put hundreds of hours of painstaking customization into Nagios.

We’ll see where it goes. My main concern is that whatever I pick can handle integrating with my soon-to-be-implemented barcoded hardware inventory and tracking system. Integration with a good log parses, configuration file management system, and reporting system would be good too. We’ll see if the other offerings can stand up to testing (the concept of device detection is especially intriguing) or whether I’ll just end up building myself a Nagios front-end that pulls various bits of data (text, graphs, pictures, HTML, etc.) from various other sources such as Munin, Cacti, an inventory system, log parsing, etc.

Reviews

The other big news in tech today – as posted on slashdot, the author of the pchdtvr/atscap package previously on SourceForge has announced his attempt to retroactively remove his package from GPL coverage. His post states, in part,

I have revoked the licensing under the GNU General Public
License (herein after referred to as “the GPL”) for the
atscap version 1.1 codebase, all prior versions of the
atscap codebase and all the various release candidates of
the atscap codebase.
[...]
As sole author of both the atscap and the pchdtvr codebases,
the licenses under the GPL were granted at my sole
discretion and the licenses under the GPL are now hereby
revoked at my sole discretion.
[...]
If you are currently using the atscap or pchdtvr packages,
or any part thereof, it is in your best interest to remove
the software from your system(s) and destroy all copies in
your possession.
[...]
If you have incorporated the atscap or pchdtvr codebase, or
any part thereof, into any of your projects, it is in your
best interest to remove any and all of my code from your
project(s).

So not only is this guy trying to retroactively unassign rights that he has previously irrecovably assigned, but he’s asking developers to pull his code from their codebase???? I mean, that’s not just an inconvenience. Does he comprehend what he’s asking? To pull a few excerpts from GPLv2:

1. You may copy and distribute verbatim copies of the Program’s source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients’ exercise of the rights granted herein.

Apparently this is being discussed at length over at GrokLaw, including the analysis, “If you change your mind and don’t want to use the GPL any more, you can stop and use something else on new code going forward, and you can dual license your own code, but you can’t redo the past and pull back GPL’d code”. The developer is telling people to delete their copies, and to cease distribution. Now, I’m not a lawyer, and I’m not an expert on copyright law. But I didn’t think that one party to a contract could unilaterally alter it if there weren’t any terms allowing such an action, and the GPL FAQ seems to support this.

Take an example: Your car breaks down. You have planned a family vacation tomorrow. The car dealer, out of the kindness of their hearts (ha ha) gives you a free loaner car. You sign the agreement to keep the loaner until your car is fixed, pack up the car with all of your luggage, and head off on the trip, stopping at a hotel along the way. In the morning, you wake up, walk out to the hotel parking lot, and find all of your luggage in a pile in a parking space – no car! On top of the pile is a letter reading, “we’re sorry, but we decided that we don’t want you to have this free loaner car anymore. We’ve taken it back. Have a nice trip.”

My biggest curiosity, though, is what happened to the developer. He was using the SourceForge account “inkling”, but it seems like both of his previous projects are now gone, along with any other relevant information. I’d sure like to see his response to the community regarding this incident.

Ideas and Rants

One of the biggest pieces of news in the tech world today is the FCC’s auction of the 700MHZ spectrum. I won’t go into background – you can get that from the wonderful TechRepublic article I just read, “Sanity Check: The 700 MHz auction will tip the wireless balance, but in which direction?”. The author makes some very good points. The bottom line is that 700MHz has the capability to flat-out revolutionize mobile communications in the US. Not only does it hold the possibility for a truly open network, where devices and applications are carrier-neutral, but it had bandwidth and geographical coverage possibilities that are revolutionary here in the US. With the right driving force, 700 MHz could begin replacing cellular service altogether, with people simply buying mobile bandwidth and handsets that are natively VoIP-capable.

The 700 MHz spectrum has endless possibilities. It has the possibility of revolutionizing mobile communications in the US and, most importantly, letting us catch up with the rest of the world.

On the topic of broadband, I also read another interesting article from ComputerWorld – “Keeping a lid on broadband“. Thanks to my involvement with Sun as a Campus Ambassador for Rutgers, I’ve been in contact with other CA’s across the world, not to mention many people involved in the OpenSolaris project. Here in New Jersey, I have about 5Mb broadband to my home and apartment (5 Mb down / 2 Mb up). Download rates rarely peak over 700 Kb. I was flat-out amazed, when speaking with CAs from Japan, to learn that they have connections well over 50Mb, and even 100Mb (!!!) to their homes, and they pay LESS than I do!

While the broadband revolution has swept into urban and suburban American homes, for the most part consumers are ignorant of the state of broadband outside of the US. People remember 56k, and know that what they have now is a lot better. How did the American public allow the telephone/cable comapanies to force us into a position where we pay more than citizens of almost any other developed nation for service that is orders of magnitude slower, and markedly less reliable, than anyone else?

I won’t touch on the topic of Net Neutrality – for me, one of the most important current issues – aside from my anger at the thought that one day, this blog (and the rest of my web presence) may disappear simply because I don’t want to pay money to an unknown third party. But I must raise the question, “what has happened to the rights of communications customers in America, and how have we let our rights be ignored for so long?”

PS – If you’re interested, RCR Wireless has ongoing coverage of the 700 MHz auction.

Ideas and Rants

I’m trying to get around to updating my blog on a regular basis. I have a lot of links that I wanted to mention, but I might just post a list of them with short descriptions.

I’ve finished most of my HOWTO on installing OpenSuSE on an external SDHC card on the eeePC. It’s not 100% complete yet – I still haven’t gotten ACPI working, so I don’t have 100% accurate battery-level readings. But if you get an SD card larger than 4GB, or don’t fill up your root partition to 99% like I did, you shouldn’t have a problem installing the kernel headers and GCC and building the kernel module from source.

I also added a page to my wiki on monitoring Solaris hardware through Nagios.

As always, I have a lot of projects that I’m working on. I also am going to be doing a lot of work for Sun this semester as Campus Ambassador, including a survey of classes and computer labs to determine what Sun software is in use (you’d be amazed how many Java classes don’t even mention that NetBeans exists!) I’ll also be giving some technical demos this semester, which I’m really looking forward to.

Most importantly, though, I’m starting classes again. This semester, I have five on tap – “War, Peace and Military in US” for my history minor, and four classes for my ITI major: Social Informatics, Management of Technological Organizations, Network and Internet Technology with Bruce Rights, a SysAdmin here at Rutgers, and Web Design with Steve Garwood. While I’m really psyched about classes – specifically the latter two, which really appeal to someone technical like me (and also the MTO class, as I know I could use some experience with “management” beyond Dilbert and my sarcastic view of workplace dynamics), this brings me to a quite painful realization. While my two programming classes at the Rutgers CS Department met in Linux labs, the usual lab for classes at SCILS is a Windows lab.

This isn’t just a problem because of moral reasons, but more because of practical ones – I know Linux. I like it. I’m used to Linux. I do tens of hours of development and admin work every week (maybe hundreds if I’m being bad, or in a prolific period), and I’m most productive in the environment I’m used to. I remember when I took my Java classes, trying to explain to the TA’s that I wasn’t cheating, but I had to bring a CD-ROM to the on-computer programming exam – “there’s no way you can make me program without my .emacs!”

I’ve considered that I could just bring my eeePC to class and do everything on that over wireless. I guess that could work for most of the class, though I can’t say how my professors will react to that. In preparation for an averse reaction, I’ve looked into how to deal with using Windows in a way that’s usable for me. After doing a little research, I found PortableApps.com which provides versions of Firefox, Thunderbird, OpenOffice, Pidgin, and other apps (even including WinSCP, a Windows SCP/SFTP client) as Windows executables that will run entirely from a USB flash drive. Most importantly, I even found instructions (and also here) to run the Windows version of GNU Emacs from a flash drive. Granted, I always preferred the CLI version of Emacs over the graphical one, but I guess it’s a small price to pay. So, once I can find a working USB flash drive (or an SD card to use with an adapter), I’ll setup what I need to be able to work.

One side note – on the first day of my Management of Technological Organizations class (painfully meeting 9:50-12:50 Friday mornings) the professor announced that we’ll be using Microsoft Excel, Access, Project, etc. After class I spoke with the lecturer, Cathy Smith, and explained the situation (that I can’t use those) and asked whether other software that did the same thing would be acceptable. Amazingly, not only did she tell me that’s ok, but she also said that she’s a big fan of OpenOffice, and went so far as to say that in place of Access, she’d be happy to accept SQL files. Maybe it’s because she’s a doctoral candidate and not a Ph. D. full professor, but I was very happy to find such enlightenment at Rutgers (for the first time).

On one side note – one of the classes that I had thought of registering for distributed the syllabus as a .docx MS Office XML file. I was dumbfounded. I know that few professors take the time to think that some students may be using Linux or Unix, but do they really think that everyone’s already upgraded to Word 2007? I know most professors – even in an IT program – probably don’t know about the flaws with OOXML or the current issues surrounding it, but I thought that the old .doc was pretty well established as the default document format in the Windows world. More importantly… do these people know nothing about standards and best practices and cross-platform usability? If I were distributing a static document, PDF is the first thing that would pop into my mind…

On a side note, a few links for the day:
Photos of great data center cabling, almost art.
Designing PDF forms with Scribus.
A wonderful Craigslist ad: Help me keep the shell people alive.

Projects

Well, the semester is starting to heat up, and I have a bunch of personal stuff I haven’t posted yet. But I’ll get to it this weekend.

In the mean time, I feel the need to comment on an article I read online, in Conde Nast Portfolio. It’s a lengthy piece about “Ethan”, the malicious user (I take great offense to the article using the term “hacker” in the media-popularized sense) who broke into MediaDefender’s network and publicly released internal emails and even phone calls (I guess there’s a downside to VoIP).

First, let me say that while I utterly hate what MediaDefender does, I don’t view Ethan’s highly illegal actions as being any different from physically picking the lock on their office door and photocopying stuff from file cabinets. It’s theft of information. It’s burglary. No matter what the motive, it’s illegal. And even worse, this wasn’t a socially-minded attack on one specific “evil” company, but some script kiddie randomly compromising corporate networks. He happened to find something interesting, of social value, and let the rest of the world know about it. He deserves to rot in jail.

That being said, I have two main comments on the article. First, one of the entertainment industry execs flat-out says that P2P file sharing, and BitTorrent specifically, have no positive qualities. Obviously, he’s not a Linux user. But the very idea that there are companies out there trying to unilaterally crush the medium (BitTorrent) which lets me download an OpenSuSE image in record time is disturbing. But I guess nobody takes the time to tell these people that there’s lots of software on BitTorrent and, believe it or not, much contrary to the Microsoft and entertainment industry view, there are actually people out there who produce software and *want* people to be able to get it for free.

Secondly, and most importantly, is the flat-out ignorance of the entertainment industry. Traditionally, it’s an industry that’s been full of what I call BS; focus groups, surveys, and customer feedback. Did any one of these guys take the time to have a focus group agency sit down with a hundred *anonymous* P2P users, and ask them why they use the technology? Obviously, either they haven’t, or they don’t want to listen to the answers.

I can only speak for myself and a few friends who I’ve discussed this with, but for us, it’s not about getting something *free*. It’s about getting it how we want it – which most importantly means NOW. If I want to watch a movie, I really don’t want to drive to a video rental store. I have a 5Mb internet connection, so I want to use that. I want to have the movie *here*, now. Or not here. Maybe on my laptop, or on my Nokia tablet. Or on my cell phone. Would I pay $5 for that? Sure. And there’s no reason why that’s not a realistic price. If I can buy a DVD, in a nice printed box, in shrink wrap, that had to be shipped to my local Best Buy, for $10 or $15, then surely it would be reasonable to buy the *content* of that DVD for $5. The same goes with songs. I can’t count how many times I’ve looked at a CD, realized that I only want to hear one song on it, and not purchased it.

Also, perhaps more important, is the idea of options. People are used to being able to use what they buy however they buy it. I’ve heard many times that the recording industry tries to push the FALSE notion that simply ripping an MP3 from a CD – for your own use, or for backup purposes – is illegal. More to the point, I use Linux. I can’t buy music from iTunes, or any other source that includes DRM. By including DRM, I’m being told that whoever sells that music doesn’t want my business. It’s that simple. But this isn’t an issue that’s just limited to Linux users. What if you own (gasp) MP3 player that’s not an iPod, and just shows up on your computer as a USB mass storage device? What if your car stereo plays MP3 CDs? DRM is designed to tell these people that their money isn’t wanted.

If I could pay $5, or even a bit more, for a movie or TV episode that I could download, copy to my laptop or cell phone (I have a Treo 700p) or tablet computer – or whatever else – I would. In an instant. It becomes the retail industry’s most powerful sales too – an impulse buy; instant gratification. If I could pay $1 or $3 for a single song, of my choosing, and play it on my Sansa MP3 player, on my laptop, on my desktop at work, and on an MP3 CD in my car (truck), I would in an instant (one viewer at one time = fair use). When will the entertainment industry wake up and realize that a new distribution medium – the Internet – will *help* them… if they realize what people want, and provide it?

Ideas and Rants

I’ve got a lot to update about in the next few days. I’m back in my apartment for the new semester of school, I’ve got a lot of infrastructure work to do here (most importantly getting net-to-net VPN with DynDNS at both ends working from here to home, even if it means bypassing IPcop totally), and I also did some freelance administration over winter break, including some work with SCO OpenServer and some work with DF generation – I also set up my own PDF form filling system, which I’ll be posting in CVS once it’s done. Most importantly, the new mailserver has been up and running for 22 days without any problems. And, by far the most exciting, I’m typing this up on my beautiful new Asus eeePC 4G (which I upgraded to 1 GB RAM) running OpenSuSE 10.3 from a 4 GB SDHC card – A HOWTO will be coming soon. I’m also going to be doing some work with sitemaps on this site – specifically Google sitemaps – and building one map for the blog, Mediawiki, and static content. I’m also testing Google Analytics on my wiki to augment Webalizer. I’ll be updating the blog in the next few days with a lot of content.

I’m also catching up on all of my RSS feeds in Google Reader (yes, I use Google everything – but not mail or Docs) which I mostly ignored over break. I started yesterday with 780 items, and I’m down to 500. I’m also going to attempt to start quick little “links of the day” entries, as it seems that it’s taking me too much time to fully blog on the interesting news of the day, and my list of things to blog on is getting way too long. (Just as a side note, the only reason I really use del.icio.us is so I can have the firefox plugin sync my bookmarks between the many machines I use.)

Anyway, on to the hottest bit of news today – Sun Microsystems has acqured MySQL AB. Now, I must say that I’m an intern at Sun – the Campus Ambassador to Rutgers University. Essentially, my job is talking to students, professors, and staff and telling them that “Yes, Sun does open source, and they have a few things that should interest you” – in addition to giving tech demos, handing out CDs, and raffling off t-shirts – and even a SunSPOT. I must emphasize that what I say here is my own opinion and nothing more. Heck, I’m an intern, it’s not like I know any more about what’s going on at Sun than anyone else who reads Digg.

Anyway, lots of people are talking about the MySQL acquisition. I’ve heard every possible opinion, but it seems like lots of them are worrying about something along the lines of Sun pushing a Solaris/Apache/MySQL/Java stack on SPARC hardware. Now, I’ve been watching Sun *very* closely for the past year or so. And I’ve been following Jonathan Schwartz pretty closely too, especially his blog post about the MySQL acquisition.

I can’t say anything as a Sun employee (I don’t have anything more to say than anyone else who follows the news) but, personally, I think a lot of people who are worried are just missing the point. Sun used to be a closed, proprietary company pushing Solaris on SPARC. But it seems to me, lately, Sun is all about options. Java’s Free software now. Solaris has been opened as well. I don’t get the feeling that acquiring MySQL is about pushing Solaris instead of Linux, or that it will cause Sun to ignore PostgreSQL or Oracle/Solaris products. It’s about options. Just look at Sun in the news lately – more and more Intel-based commodity hardware, Solaris, Linux, or even Windows on Sun Hardware, Java, OpenSolaris…

I very much get the feeling that Sun/MySQL is not about Sun trying to force LAMP out of the marketplace or, as some have conjectured, to turn MySQL into a mostly proprietary product with minimal free version. It seems to be about options. About diversity. Whatever you want, Sun can help. Everything from million-dollar Enterprise servers running Trusted Solaris and giant Oracle databases to Intel-based 1U or 2U LAMP servers – or even, now, LAMP servers on non-Sun hardware. (Though why anyone with the money to do so wouldn’t buy Sun hardware, I have no idea).

Stay tuned for more.

Ideas and Rants mysql, sun

So in the past weekend, I had my first real experience with Solaris in production. I finally setup my Sun Blade 150 running Solaris 10 as my new mailserver, replacing a (!!!) vintage 1998 Gateway Pentium II 350MHz desktop. Quite an upgrade, even to the still-not-new Sun workstation. Maybe sometime in the future I’ll even upgrade some of my other old desktops with my spare Dell PowerEdge 2550.

Anyway, the whole process, from fresh Solaris install to working mailserver, probably took me around 24 work hours. That being said, I’ve never really administered Solaris before, so that also included horribly long stretches of doc reading and figuring out SMF, package and service administration, etc.

I’ve detailed the entire process on my wiki in excruciating detail. The Solaris package repository any pkg-get systems from blastwave.org were immensely helpful, as were a number of Ben Rockwood’s blog posts. The entire operation involved installing and configuring Dovecot with IMAPS, Postfix with TLS and SASL to authenticate to my ISP’s mailserver (which I use to relay outgoing mail, given my dynamic IP), Procmail, Fetchmail and SpamAssassin. I also had to setup the machine to relay mail for other hosts on the LAN. Rounding it out, I setup monitoring with Nagios and backups of the system and mail through Bacula. During the process, I also had to modify some Service Management Facility (SMF) manifests for Fetchmail, Postfix, and Dovecot.

I still have a few things to do – namely create Nagios check scripts for processors, temperatures, and fans (using the prtdiag command) and hard drive status/errors (using iostat -Exn, given that I haven’t been able to find a SMART tool that supports IDE under Solaris). For everything else, I just checked the NagiosExchange plugin repository, using check_by_ssh for everything. The only problem I had was that NagiosExchange didn’t appear to have working default Nagios plugins for Solaris 10. Luckily, though, Blastwave had a “nagiosp” plugin package.

I’ll probably update this blog with my check plugins as I develop them, but for now I have a little page on my wiki about using Nagios with Solaris.

Also, I uploaded a few photos of the equipment that runs this blog and the rest of my site and development network – all on a “beautiful” Sears shop shelf in my basement. Nothing wonderful, but it gets the job done. I’ll admit that I could have done a better job stitching the photos together, but the space is so tight that I can’t get a wide shot of the whole rack.

The rack, in all its glory:

A closer view of (most of) the hardware:

Happy New Year!

Projects