On Nagios

The things I’m about to say will almost certainly be common knowledge to anyone who has used Nagios before, but I’ll say them anyway.

In short, Nagios is a network/server monitoring tool. It’s web based and can monitor almost any network device. It comes with dozens of modules included, to monitor things with something as simple as a ping, to more complicated tests such as executing MySQL queries.

A friend of mine runs a web design and hosting business, and I look after his Linux boxes and some aspects of his network infrastructure in the data centre. He asked me to look into a monitoring tool for his various devices, which include Windows servers, Linux servers, managed switches, routers and firewalls, a couple of NAS boxes and some data centre kit such as an IP KVM and PDU.

I had heard of Nagios before but never used it, so I thought I’d give it a go. I was delighted at how easy it was to compile and install on CentOS, and to get a handful of basic tests set up on localhost. A small amount of fiddling later, I had the majority of the “advanced” tests set up, such as monitoring of HTTP, FTP, MySQL and other services on the Windows boxes. A slightly larger amount of fiddling later and I was interrogating several of the infrastructure devices for SNMP.

I was also very pleased at how modular and extendible the system is. Each test is simply defined in a config file, and an appropriate executable for the test is provided. By “executable” I mean anything that can be called by Nagios, and provides a return code for yay or nay. Many of the included executables were binary files, but I found many free downloadable modules online, many written in Perl. I have written some of my own in bash and Perl.

I’ve also downloaded other extensions, such as the ability to have an RSS feed of status alerts.

If any of the Nagios developers read this, well done, and keep up the good work. This is the ideal tool – quick to set up, yet with endless possibility for expansion once you have a little familiarity.

Baltic cruise: Copenhagen

Our first port of call was Copenhagen, the capital of Denmark.

Unfortunately the weather on the day wasn’t great (grey and rained on and off) but being British we put our brave faces on and walked around in the rain.

The walk from the dock to the centre of the town took us past the statue of the Little Mermaid, supposedly the most iconic sight in the city. I hadn’t actually heard of the statue before, but it was fairly unimpressive.

The Little Mermaid

Getting into town a bit, we saw this advert. Sounds like the title of a cheap porno, but the translation from Danish actually means final sprint.

Slut Spurt

A few paces further on, we arrived at Nyhavn (translation: New Port), a 17th century waterfront which is now dominated by cafés and bars. The sun came out, so we took a boat trip with a tour guide, and I took quite a few photos.

Firstly of Nyhavn itself:

Nyhavn
Nyhavn

Then our boat ventured out a little, and we passed the new opera house.

Operaen

Then the rain really started pelting. Fortunately our boat had a sliding perspex roof, but the passengers of the Sommerfuglen weren’t so fortunate.

Sommerfuglen

We passed lots of other grand buildings but unfortunately with the rain lashing down and the perspex roof closed, there was no point in taking pictures. Coming back into the Nyhavn again a little later, I saw another Danish sign that immediately appealed to my immaturity.

Max 4 Knob

We passed a moored boat on which there was a handful of bhangra drummers and dancers. A small crowd had gathered but I couldn’t see anyone throwing their Kroner into hats.

Bhangra dancers

To be continued…

Darwin Award

This evening, on my way home from work, I was knocked off my bike by a careless pedestrian. Again.

A family of 5 or 6 people walked out into the road without looking. I hit the brakes immediately and shouted to get their attention – cycling around Bristol this is practically an everyday occurrence for me, and the pedestrian almost always looks up and stops dead in their tracks – allowing me to pass them safely.

But on this occasion none of the group looked up, and they were spread across the road so there was no gap I could aim for.

Even though I was braking as hard as I could, my racing bike brakes aren’t really designed for stopping, and I ended up ploughing into the crowd of people. I shouldered a woman hard, which sent me veering off to the right, where I crashed up a steep kerb with both wheels. Having anticipated the crash, I managed to fall ‘nicely’ and avoided serious damage.

I immediately got back on the bike and rode away. The front wheel was a little buckled but ridable. After a bit I looked back over my shoulder and saw the woman lying in the road, crying. Perhaps a bit harsh of me not to stop, but I feel no guilt when the accident was entirely her fault. It’s what you get when you walk into the road without looking!

She was with her family who could look after her if necessary, and who might also have had a go at me for the accident (as is often the case with relatives).

Overall I’m just glad I didn’t end up with a dislocated shoulder, like I did last time. Not a pleasant experience.

As an aside, I was using my new heart rate monitor today. I didn’t check it immediately before the crash, but earlier on the same, flat stretch I had been doing about 130bpm. Immediately after the crash I was doing over 180bpm. That’s adrenaline for you!

Baltic cruise: Jewel of the Seas

I briefly mentioned in the last entry that we cruised on the Jewel of the Seas. Unfortunately, at the time of writing, the Wikipedia page is in dispute for being written like an advertisement. So I think some pictures would give a better impression of the ship.

The Centrum

At the centre of the ship, there is an atrium called the Centrum that extends the full height of eight decks. The first photo shows the view looking at up from the bottom; but perhaps more impressive is the view from the top, standing on the plate-glass floor! Absolutely terrifying.

A view up the centrum
A view down the Centrum

In dock

Here’s the Jewel (right), docked in Tallinn next to the MSC Ocean (left).

MSC Ocean and MS Jewel of the Seas

And another view of the Jewel, this time docked in Oslo.

The Jewel in Oslo

Not a great photo, but I wanted to include this photo of the horns. The largest horn has a diameter of probably six feet or more. All three horns sound simultaneously and interfere to make a deep growly noise which is unlike anything I’ve heard before.

The horns of the Jewel

Refuelling

In St Petersburg, we took on more fuel. It took about an hour to set up the tanker, 3-4 hours to pump the fuel, and another hour to pack up. The oil tanker was pretty big, but dwarfed by the Jewel.

The oil tanker alongside the Jewel

The crew extract some oil from the tanks using a small pot on a piece of string, and test it before it is pumped. I couldn’t tell what these tests might be, but it didn’t take long and the foreman jotted down some notes on a clipboard.

From what I could tell, the belly of the tanker contained twelve compartments, each with its own pump and hatch for testing. The crew sampled oil from all twelve hatches, and when pumping began I heard twelve pumps start working, one after another.

The crew test the oil

Some fat guy checks the counter to see how many litres have been pumped. Also visible is the black hose where the oil is pumped to the Jewel. A sign on the tanker said this hose had been tested to 10 Bar.

The fuel gauge

The oil tanker has what appears to be a jet-propelled lifeboat. It looks like it can go temporarily underwater, which makes sense when you look at the angle of its launch. I’m guessing it has to be pretty fast so the crew can bail if the tanker is in danger of catching fire.

The tanker’s lifeboat

To be continued…

Baltic cruise: Harwich

Yes,I know. Harwich isn’t the most exciting, picturesque or romantic destination. But it was the port of departure for the Baltic cruise, which I went on with my family (parents and two younger brothers).

I took lots of photos over the fortnight, and now on my photoblog I will upload the highlights of each destination, bit by bit.

Like I said, Day 1 involved driving from Nuneaton to Harwich (about 3 hours by car), boarding the ship – the beautiful Jewel of the Seas – and setting sail. I didn’t take many photos of note, but I did capture a nice shot of my brothers on deck, and one of the sunset as we sailed out into the North Sea, on our way to Copenhagen.

My brothers on deck
The view as we sail across the North Sea

To be continued…

An ugly fix

My home server seems to have developed a problem where its internal-facing network card “jams up”. It still keeps its IP address and everything looks normal, but in actual fact no traffic passes through it, cutting all my LAN hosts off from the Internet.

Restarting iptables, network services or anything else doesn’t help. The only cure I’ve found is to reboot the whole box.

This is OK if I’m using the computer at the time, but a pain if it breaks overnight or while I’m out, as things like my folding@home client, Vista Media Centre TV listings and overnight BitTorrent downloads need Internet access.

So I wrote this bash script to periodically check if it’s broken, and reboot if it is. The only gotcha is that it tests if the interface is working by pinging another LAN host. This is by no means a concrete test!

#!/bin/bash
HOST=192.168.0.10
if ! ping -c 1 -w 5 "$HOST" &>/dev/null ; then
logger ZEUS REBOOT
/sbin/init 6
fi

My crazy partition setup

My requirements

When I built this computer back in January, I had carefully considered the RAID storage configuration. My requirements were basically:

  • Must dual boot Fedora and some flavour of Windows (unfortunately)
  • Fedora must have a redundant /home partition, as it holds my most important data
  • Windows must have a fast Media (aka /home) partition for my audio work
  • Would also be nice to have redundant OS partitions

The initial plan

So I decided to buy a pair of identical 320GB disks for the OS, a set of three 640GB disks for my media. My new motherboard had 4 SATA ports on an ICH10R controller, and 2 SATA ports on some other SATA controller.

It seemed best to set up a fakeraid RAID5 array across the 3 media disks in the ICH10R controller, and to let the OSs do their own thing on the 2 OS disks.

I split both of the OS disks in half to allow Linux software RAID1 (mirroring) across both of its RAID partitions, which would be mounted as /. The two partitions showed up to Windows as C: and D:. It is not possible to use Windows software RAID (aka Dynamic Disks) on a Windows boot partition so I installed Windows on C: and used D: for Program Files.

I created a RAID5 array across the 3 disks using the ICH10R RAID BIOS. Booting into Windows, it was immediately spotted so I cut the device in half and created drive J: for my media. Sorted – it was fast and worked nicely.

No such luck with Fedora 10 (the latest relkease at the time I built this PC). Anaconda, the Fedora installer, was not able to see the RAID partition – it only saw the three separate disks. Try as I might, I could not get round this. Kind of a showstopper.

Onto plan B

I figured that I could avoid using the ICH10R fakeraid by keeping the disks as 3 separate disks, cutting each in half and using three halves for Linux software RAID, and 3 halves for Windows Dynamic Disks. No such luck – Windows is only able to use a whole disk as a Dynamic Disk, and wasn’t able to share it with Linux. Bugger.

What I ended up with

Given that Windows and Linux cannot share a RAID array, whether it be software or pseudo-hardware, my only choice was to somehow divide up the disks.

The two OS disks were fine as they were; Windows was not using RAID but rather a more manual approach to having two disks (OS on C: and Program Files on D:).

Eventually I decided to give Windows two of the media disks and use them in a RAID0 (striped) Dynamic Disk for performance. This still gives approximately the performance of a 3-disk RAID5 array, but without the redunancy. I get around this by not keeping anything permanently on the RAID0 array. It is only used as a cache/buffer during audio work, and the audio files are primarily stored on my server via the network.

This left just a single disk for Fedora’s /home partition. It doesn’t tick the box of having redunandcy, but thanks to my hourly backup script this is less essential.

This diagram shows my current sub-optimal setup. Click for a bigger version. Windows partitions are in red and Linux in blue.

My partition setup
My partition setup

The future

Since setting up this PC, I happened across a blog post that seems to be the answer to my prayers. It’s a bit hacky, but it’s the only documented way I have seen of getting a dual-boot system to share an ICH10R array.

Next time I can be bothered to reinstall both OSs, I will write about it here.

WHOIS

A matter brought to my attention just a few minutes ago – visibility of personal data in WHOIS info.

I registered the domain jonathangazeley.com with No-IP. It worked, and I thought nothing more of it. But this morning one of my colleagues received a personalised scam and it seems likely that the scammers retrieved his personal information from WHOIS.

I checked my own WHOIS data and was shocked (although not really surprised) to see my personal data appear before my eyes. My name, home address, mobile phone number and email address were all included. This is bad news, as anyone can get hold of this information – such as scammers, spammers, legitimate (but annoying) marketing, or even real-life criminals who want to know where I live.

Fortunately No-IP offers a private registration option for $9.95/year. I immediately purchased this option and now my WHOIS data shows nothing except my name.

I urge anyone who has registered a domain to check their own WHOIS data and take appropriate steps if necessary. It’s easy in Linux:

[jonathan@poseidon ~]$ whois jonathangazeley.com
[Querying whois.verisign-grs.com]
[Redirected to whois.no-ip.com]
[Querying whois.no-ip.com]
[whois.no-ip.com]
NOTICE: Access to No-IP.com WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the No-IP.com registrar database. The data in this record is provided by No-IP.com for informational purposes only, and No-Ip.com does not guarantee its accuracy.  This service is intended only for query-based access.  You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator or any ICANN-Accredited Registrar, except as reasonably necessary to register domain names or modify existing registrations.  All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.

Domain Name: JONATHANGAZELEY.COM
Created On: 02-May-2008 10:53:42 UTC
Last Updated On: 02-May-2008 10:53:42 UTC
Expiration Date: 02-May-2010 10:53:41 UTC
Sponsoring Registrar: Vitalwerks Internet Solutions, LLC / No-IP.com
Registrant Name: Gazeley, Jonathan
Registrant Organization:
Registrant Street1: ATTN: jonathangazeley.com, c/o No-IP.com Registration Privacy
Registrant Street2: P.O. Box 19083
Registrant City: Reno
Registrant State/Province: NV
Registrant Postal Code: 89511
Registrant Country: US
Registrant Phone: +1.7758531883
Registrant FAX:
Registrant Email: 1a37bda6b1603338-250851@privacy.no-ip.com
Admin Name: Gazeley, Jonathan
Admin Street1: ATTN: jonathangazeley.com, c/o No-IP.com Registration Privacy
Admin Street2: P.O. Box 19083
Admin City: Reno
Admin State/Province: NV
Admin Postal Code: 89511
Admin Country: US
Admin Phone: +1.7758531883
Admin FAX:
Admin Email: 1a37bda6b1603338-250851@privacy.no-ip.com

Name Server: NS2.NO-IP.COM
Name Server: NS1.NO-IP.COM
Name Server: NS3.NO-IP.COM
Name Server: NS4.NO-IP.COM
Name Server: NS5.NO-IP.COM

As you can see, all of this data (except my name, of course) now belongs to No-IP. Problem solved!