-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathblog.xml
111 lines (111 loc) · 17.6 KB
/
blog.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?xml version="1.0" encoding="utf-8" ?><rss version="2.0" xml:base="http://devopera.com/blog" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:og="http://ogp.me/ns#" xmlns:article="http://ogp.me/ns/article#" xmlns:book="http://ogp.me/ns/book#" xmlns:profile="http://ogp.me/ns/profile#" xmlns:video="http://ogp.me/ns/video#" xmlns:product="http://ogp.me/ns/product#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:sioc="http://rdfs.org/sioc/ns#" xmlns:sioct="http://rdfs.org/sioc/types#" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#">
<channel>
<title>Blog</title>
<link>http://devopera.com/blog</link>
<description></description>
<language>en</language>
<atom:link href="http://devopera.com/blog.xml" rel="self" type="application/rss+xml" />
<item>
<title>Security is a hard problem</title>
<link>http://devopera.com/blog/2015/03/12/security-hard-problem</link>
<description><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Keeping a server secure online is hard. It takes constant vigilance, but there are things you can do to give yourself the best chance of avoiding a hack. The consequences of an exposed port that you've forgotten or never knew about can be dire. What's more, while IPtables is a fantastic bit of kit, it's not always obvious what's on the list of ports that are open and when that list changes.</p></div></div></div></description>
<pubDate>Thu, 12 Mar 2015 13:24:07 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">73 at http://devopera.com</guid>
</item>
<item>
<title>Server maintenance, analysis and troubleshooting tools</title>
<link>http://devopera.com/blog/2015/02/01/server-maintenance-analysis-and-troubleshooting-tools</link>
<description><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>I spend a lot of time looking into misbehaving servers. Most of the time, it's because someone, somewhere is trying to goad a machine into misbehaving. That's not to say their intent is malicious, only that for one reason or another their activity is influencing the performance of the machine; it's causing it to run slowly, consume excessive resources or crash.</p>
<p>On every Devopera build, we include an array of tools that make that job a little easier.</p></div></div></div></description>
<pubDate>Sun, 01 Feb 2015 13:25:44 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">74 at http://devopera.com</guid>
</item>
<item>
<title>Relocated pidfile causing httpd to start but not stop</title>
<link>http://devopera.com/blog/2014/12/18/relocated-pidfile-causing-httpd-start-not-stop</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/relocated_pid_file.jpg?itok=WLipY7mb"><a href="/blog/2014/12/18/relocated-pidfile-causing-httpd-start-not-stop"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/relocated_pid_file.jpg?itok=WLipY7mb" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Most of our PHP builds are based on Zend Server, but just occasionally we'll need an up-to-date Apache for PCI compliance.</p>
<p>doapache handles most of the details, but it relies on Puppet Labs' apache module. The module was locating the HTTPD pidfile in /var/run/httpd.pid, but it didn't update the /etc/init.d/httpd start/stop script. That means that Apache could start properly, but not stop, because it couldn't find the newly created pidfile.</p>
<p>The solution was to make the symlink in /etc/httpd/run point to ../../var/log/httpd:</p></div></div></div></description>
<pubDate>Thu, 18 Dec 2014 21:56:54 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">72 at http://devopera.com</guid>
</item>
<item>
<title>Apache 2.2.29 on CentOS 6 for PCI compliance</title>
<link>http://devopera.com/blog/2014/11/23/apache-2229-centos-6-pci-compliance</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/compliance-dancer.jpg?itok=WtHfssKD"><a href="/blog/2014/11/23/apache-2229-centos-6-pci-compliance"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/compliance-dancer.jpg?itok=WtHfssKD" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>I've been doing some compliance work this week. Frequently Devopera clients need the servers we support to pass pre-emptive PCI scans from the likes of McAfee and Comodo / HackerGuardian, which necessitates patching a few daemons, such as Apache HTTPD. This week I had to install Apache HTTPD 2.2.29 (current at the time of writing) on Cent OS 6.</p>
<p>Here are the compiled 64-bit rpms for Apache and the dependencies that you can't get from yum:</p></div></div></div></description>
<pubDate>Sun, 23 Nov 2014 21:16:58 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">71 at http://devopera.com</guid>
</item>
<item>
<title>It's the little things that make server config great</title>
<link>http://devopera.com/blog/2014/10/16/its-little-things-make-server-config-great</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/29574751_little-extra-cocktail-umbrella.jpg?itok=0gjiGJvK"><a href="/blog/2014/10/16/its-little-things-make-server-config-great"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/29574751_little-extra-cocktail-umbrella.jpg?itok=0gjiGJvK" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>It's the smallest details that make for a good server config, like folder permissions. We setup files and folders with the right permissions to avoid latent problems. For example, on one of our dev VMs:</p>
<h4>Stick bits</h4>
<p>The web user originates files by SSH or Samba that the web server will later access, through its www-data group. When creating those files, through whatever mechanism, they need to be given the right permissions. 640 on the files (web user r/w, web server r, all -) and 750 on the folders (</p>
<p>Devopera VMs use ACL and the stickybit to ensure that:</p></div></div></div></description>
<pubDate>Thu, 16 Oct 2014 09:42:15 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">68 at http://devopera.com</guid>
</item>
<item>
<title>10 questions answered about virtualisation</title>
<link>http://devopera.com/blog/2014/07/06/10-questions-answered-about-virtualisation</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/131290649_virtualisation-explained-10-answers.jpg?itok=bEaKxELm"><a href="/blog/2014/07/06/10-questions-answered-about-virtualisation"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/131290649_virtualisation-explained-10-answers.jpg?itok=bEaKxELm" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>How do I use a virtual machine (VM)?<br />
Virtual machines require a piece of software called a hypervisor or host to run. There are a handful of free or inexpensive hypervisors, such as Virtualbox, VMWare and Hyper V.</p>
<p>Once you've downloaded and installed a hypervisor, you can run as many virtual machines as your machine can handle.</p></div></div></div></description>
<pubDate>Sun, 06 Jul 2014 12:35:48 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">70 at http://devopera.com</guid>
</item>
<item>
<title>Switching dev VMs over to development web server</title>
<link>http://devopera.com/blog/2014/07/05/switching-dev-vms-over-development-web-server</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/174433070d_butterfly-starting-dev-server.jpg?itok=5wH3WYVp"><a href="/blog/2014/07/05/switching-dev-vms-over-development-web-server"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/174433070d_butterfly-starting-dev-server.jpg?itok=5wH3WYVp" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>All Devopera VMs come ready-to-run, which means that any service you need to run an application will be started automatically when the machine boots. These services are managed using initd.</p>
<p>If however you want to take your development to the next level, you may want to run a development web server, as opposed to a production web server (Apache). Development web servers typically have some if not all of these sort of advantages, depending on what language they're compiling/interpretting into HTML:</p></div></div></div></description>
<pubDate>Sat, 05 Jul 2014 20:32:32 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">69 at http://devopera.com</guid>
</item>
<item>
<title>npm update from 1.3.6-4.el6 and 1.3.6-5.el6 on CentOS/RHEL</title>
<link>http://devopera.com/blog/2014/06/02/npm-update-136-4el6-and-136-5el6-centosrhel</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/174433070d_spider-npm-bug.jpg?itok=gU_fGPd_"><a href="/blog/2014/06/02/npm-update-136-4el6-and-136-5el6-centosrhel"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/174433070d_spider-npm-bug.jpg?itok=gU_fGPd_" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>yum update will fail on CentOS 6.5 when upgrading between 1.3.6-4.el6 and 1.3.6-5.el6. The solution is to remove npm:</p>
<p>yum remove npm<br />
==============================================================<br />
Package Arch Version Repository Size<br />
==============================================================<br />
Installing:<br />
npm noarch 1.3.6-5.el6 epel 329 k</p></div></div></div></description>
<pubDate>Mon, 02 Jun 2014 16:47:53 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">67 at http://devopera.com</guid>
</item>
<item>
<title>Perils of Facter upgrade (1.7.5 to 2.0.1)</title>
<link>http://devopera.com/blog/2014/04/04/perils-facter-upgrade-175-201</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/facter_perils_of_upgrade_1.jpg?itok=2qYg7hB8"><a href="/blog/2014/04/04/perils-facter-upgrade-175-201"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/facter_perils_of_upgrade_1.jpg?itok=2qYg7hB8" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Puppet's fact service (Facter) has recently undergone a major upgrade and if you're a CentOS puppetteer, you may have been affected. These are the errors we've encountered to date that are currently outstanding:</p>
<p>Module: epel<br />
Error: Failed to apply catalog: Parameter proxy failed on Yumrepo[epel-testing]: Must be a valid URL at /etc/puppet/modules/epel/manifests/init.pp:57<br />
Wrapped exception:<br />
Must be a valid URL<br />
Status at the time of posting: unfixed</p>
</div></div></div></description>
<pubDate>Fri, 04 Apr 2014 08:42:35 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">65 at http://devopera.com</guid>
</item>
<item>
<title>Organising repos into app-format</title>
<link>http://devopera.com/blog/2013/11/28/organising-repos-app-format</link>
<description><div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/app-format-line-grid.jpg?itok=glqAfSkH"><a href="/blog/2013/11/28/organising-repos-app-format"><img typeof="foaf:Image" src="http://devopera.com/sites/52_devop7/files/styles/medium/public/field/image/app-format-line-grid.jpg?itok=glqAfSkH" width="220" height="87" alt="" /></a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Increasingly people are using one of the major Version Control System (VCS) hosts, such as <a href="https://github.com/">Github</a>, <a href="https://bitbucket.org/">BitBucket</a> or <a href="https://codeplane.com/">Codeplane</a> to store and version their code.</p></div></div></div></description>
<pubDate>Thu, 28 Nov 2013 22:12:29 +0000</pubDate>
<dc:creator>admin</dc:creator>
<guid isPermaLink="false">62 at http://devopera.com</guid>
</item>
</channel>
</rss>