Check that the vpn is up and running in nagios
A problem I had to deal with once, was to be able to use nagios to know when the VPN stopped working. The conflict I had by just using simple private network ping checks is that I was unable to easily tell at first glance whether it was the VPN that had a problem or the whole network.
Thus, I wrote this little script that receives three arguments and is able to tell whether it is actually the VPN that has any problems. Besides, it also checks for packet loss and is able to detect if the whole public network goes down.
The three arguments that receives this check are the following:
- Public IP Address: A public IP address to ping in order to know whether the network is working properly.
- Private (VPN) IP Address: A private network IP address to ping in order to know whether the VPN is working properly.
- Number of pings: Total number of pings to send in order to know more about packet loss.
The check issues a CRITICAL only if there is 100% ICMP loss while pinging the private network and the public network is suffering less than 100% ICMP loss.
The check issues a WARNING if either the public or the private or both IP addresses suffer any kind of packet loss. It also issues a WARNING if the public network suffers 100% ICMP loss.
You can download the full source code for this check in the following link: check_vpn
GUADEC streamed live in WebM using Flumotion
GUADEC (GNOME Users’ And Developers’ European Conference) of this year, 2010, is being streamed live from several locations (Paris, Copenhagen and Seville) in WebM format using Flumotion and the Flumotion Streaming Platform.
It is amazing to be able to finally start streaming in an open format, no more flash! Remember that you need Firefox 4 or Opera 10.60.
You can find more details about the event and about the streaming here.
You can use the following URLs to watch it live:
Enjoy the live streaming!!!
Finally a graphics card for Linux that works flawlessly with compiz and is lightning fast
After years of struggling and looking around, I have finally found a graphics card that works flawlessly when running compiz under Linux and that processes all the effects at lightning speed. I've never seen something like this for that reasonable price!
Testing out Funtoo
The other day I decided to give a try at Funtoo (for those that do not know it yet, a variant of Gentoo). I am very impressed with the improvements that Daniel Robbins has done so far.
Among the things that I like:
How to be able to use your ssh agent forwarding after using sudo
Recently we have hit with a solution for an issue where we wanted our users to run certain secure commands as root, which included repository commits. This can easily happen to you if you use savon, for instance.
Because of the nature of savon, given that it understands not only about standard permissions and modes, but also of SELinux contexts, this tool can only be used properly as root, if you want to use all of its features.
The problem comes when you need non-root users, that work with certain files in a directory, to be able to commit these changes. You have to use sudo, which you surely already know. For increased security, standard distributions drop most environment variables when you run a command with sudo.
Check that a physical link is up with the proper speed
This check is great to detect when a network cable for whatever reason deteriorates and stops providing the desired up-link speed. It works perfectly for any system that has ethtool installed.
This particular check has helped me as a sysadmin to detect bad quality cables that, after being reused many times, end up deteriorating and do not let me get 1Gbps in RJ-45 CAT 5E cables. I have also been able to detect network card failures, and also malfunctioning switch ports.
Check that an FTP account is fully working
This script uses lftp, a sophisticated ftp/http client, to check not only that a give FTP account is accessible, but that it is also able to list files and directories, to get and put files and to delete files. This simple script is fast, easy to configure, flexible and can be extended easily.
Sometimes, things like SELinux, a failed network mount point or wrong permissions cause an FTP account to not work properly. With this check, you will be able to detect it immediately.
Puppetcamp Europe 2010
According to this information, Reductive Labs, the team behind puppet, has announced that Puppetcamp Europe 2010 will happen on 27 and 28 May 2010 in Ghent, Belgium. For those who do not know, Puppet is an open source application for system control automation.
Releasing cached memory in Linux
Under normal circumstances, modern Linux systems try to cache into memory disk data that is accessed often. Sometimes, we have that much memory in the system that our kernel keeps filling up the memory by caching every piece of data we access.
Other times, because of the swappiness factor, active data finds its way into the swap instead of the main memory. I have seen this behavior in a few systems hosting databases, specially running mysql, and it is a serious performance hazard.
In order to fix systems like this, we need to fix the swappiness, drop the caches and, swapoff and swapon the system swap.
Check that a glusterfs partition is mounted
When using glusterfs in a production system, it is mandatory to properly monitor that the partition is mounted and performing well, specially in heavy loaded environments.
I have created a nagios plugin in bash that monitors a glusterfs mounted partition and detects whether the partition gets unmounted, responds slowly or gets disconnected from the server (causing reading processes to die in an uninterruptible sleep state, which will force you to restart the system in order to get rid of them).