I had a co-worker ask me about upgrading puppet modules and I thought I’d share the information I spoke to them about. Writing individual puppet modules for a client can be a time consuming process. Luckily for us puppet modules for common tasks have been written and published. Using these modules enables the Systems Administrator to cut down on the amount of code they need to write and manage. However, things get tricky when you’re managing multiple environments (change controlled puppet deployments!
Previously I highlighted the release of an exploit to elastic search that results in the ability to execute unauthorized code on a server running elasticsearch 1.1.x. It has just been reported that this same exploit is now being used to install DDOS (distributed denial of service) bots on vulnerable machines hosted within AWS. Elasticsearch instances should always be treated like a database and not be directly exposed to the internet. As a minimum you should be using plugins to nginx to get JSON functionality direct from the web server and have it act as a proxy to back end processes like elastic search.
July 25, 2014 is the 15th Annual System Administrator Appreciation Day. Cake welcome!
The first System Administrator Appreciation Day was celebrated on July 28, 2000. Kekatos was inspired to create the special day by a Hewlett-Packard magazine advertisement in which a system administrator is presented with flowers and fruit-baskets by grateful co-workers as thanks for installing new printers. Kekatos had just installed several of the same model printer at his workplace.
sar gives us an overview of what the system is doing. If you had a high %iowait you might want to figure out what drive is currently being used. To do this we use ‘iostat’. ‘iostat’ will by default give you all the reads and writes that the server has performed since start up.
root@earth:~# iostat Linux 3.11.0-15-generic (earth) 07/01/2014 _x86_64_ (8 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 4.