Debugging puppet queueing

puppet
December 9th, 2011

Today we ran into a problem where the data put in ActiveMQ by the puppetmaster seemed corrupted in some way. When running the puppet queue daemon on the foreground (with –debug –verbose –no-daemonize), we noticed messages like these: info: Loaded queued catalog in 22.16 seconds debug: Searched for resources in 0.31 seconds err: Could not […]

More...


Check SSL certificates

ssl_checks
August 24th, 2011

This post is mostly a collection of commands that can help in juggling around SSL certificates and associated files. Check SSL certificates and make sure they are what you think they are. Especially when things do not go as expected, these commands are handy to have around.

More...


Preseeding a Debian Squeeze install putting all volumes in LVM

debian
August 17th, 2011

In our quest to automate even more, we have further automated our installations. We use Debian and don’t want to answer any (except for IP and hostname) question in the debian installer by hand. We’ve already pre-seeded the installer with a lot of answers, but the partitioning was always hard. Before, we formatted the first […]

More...


Installing the Cryptostick in Ubuntu 11.04

nitrokey
July 5th, 2011

As you probably know by now: We have our SSH and PGP-keys on a CryptoStick. But getting it to work used to be somewhat harder than it is now. So without further ado: The (almost) foolproof way to get SSH and PGP working with the CryptoStick in Ubuntu.

More...


Proxying and multiplexing noVNC using wsproxy

code
June 29th, 2011

noVNC allows you to connect to a VNC server, using only a web browser with WebSockets. Unfortunately, WebSockets does not allow you to create arbitrary raw TCP connections. This is why we have written a rather compact noVNC proxy called wsproxy, which can connect to VNC servers within a whitelisted range of ports.

More...


Facter facts for PCI devices

code
June 17th, 2011

We are in the process of building the configuration for our monitoring system from exported resources (more on that in the future). To accomplish one of the checks we needed a way to identify the brand of RAID controller in our physical servers. The best way to do this is facter. We’ve written some custom […]

More...


Proxying Neighbor Discovery messages: ndproxy

code
June 10th, 2011

On our systems at Hetzner we only have a single /64 IPv6 range, which we use to assign addresses to virtual systems, running in Xen and KVM. Because we don’t directly bridge the virtual machines to the external interface, we have written a script that synchronizes Neighbor Discovery entries to the external interface.

More...


World IPv6 Day

World_IPV6_day
June 8th, 2011

Today (June 8th) is World IPv6 Day, a day where some of the biggest network and website operators (Google, Bing, Facebook) turn on IPv6 for a full day to test drive a dual stack setup.

More...


Kumina designs, builds, operates and supports Kubernetes solutions that help companies thrive online. As Certified Kubernetes Service Partner, we know how to build real solutions.