Announcing Edison – The Hamster that keeps your infrastructure running…

October 29th, 2010 | Posted by ProfFalken in Automated Build/Deployment | DevOps | Linux | Open-Source - (5 Comments)

I’ve just pushed a load of code to Github for a project I’ve been working on in my spare time.

The project is named after one of the developer’s ex-hamster (it had to go back to the shop for being too violent, but we’d named the project by then!) and is designed to combine Change Management, Configuration Management, Auditing and integration with tools like Puppet through a DJango-based website and API.

(more…)

How I learned to stop worrying and love libnss-mysql…

October 1st, 2010 | Posted by ProfFalken in Automated Build/Deployment | DevOps | Linux - (0 Comments)

I recently ran into a problem with NSS-MySQL – or rather I ran into a number of problems with NSS-MySQL.

  • The first was that there are two libraries with almost identical names (libnss-mysql and nss-mysql) hosted in two different locations (sourceforge.net and savannah.gnu.org respectively) which do exactly the same thing (lookup users from a MySQL database).
  • The second was that all our legacy servers that use this method of authentication had been installed from source, however the key text that told me which version to use (sourceforge or gnu) had been removed from the build documents so I didn’t know which one I was meant to be installing.
  • The third issue (and this isn’t the final issue unfortunately) was that when I realised that the version we were using was the gnu.org one, I also discovered that the only one for which maintained packages were available was the sourceforce.net version.
  • The fourth (and last for the time being) was that the configuration file formats were completely different

At this point, it wasn’t looking too good…

Working closely with a Colleague, we also identified that although the users in the MySQL database were completely different to those found in /etc/passwd, many of the uids and gids matched entries in both.  This was because although all the account names for users start at 2001 as far as the system is concerned, the database userId field starts at 1.  I love legacy systems…

After three days trying to solve this, we were starting to wonder if it would be any quicker to redesign the database and just reassign the permissions across the 25TB of data that we hold for various accounts, then, we hit the solution.

libnss-mysql (the package available from EPEL and the version that is hosted on SourceForge) has to be the version of choice going forwards as we must be able to deploy this server without any human intervention in order for the build systems based upon cucumber-vhosts/hudson that I’ve discussed elsewhere on this blog to work correctly.  This is how we fixed the queries…

(more…)

Switch to our mobile site