How many times do you connect with SSH to your remote server and cat, grep, tail and awk through your logs? It probably works for 3 servers and running a handful services, but if you have more, you should definitely spend some time to centralize your logs. I personally prefer Graylog2 which can deal very well with different log formats like GELF, Syslog RFC’s. Just start some listener with the format and forward them to your Graylog2 instance.
To monitor your systems you rely heavily on SNMP, it gives out of the box a lot of possibilities getting important performance and status information. The main topic security is often not considered. SNMP version 1 and 2c transmit everything in plain text over the wire. There is also no user, password authentication method, just a shared community string which gives access to the information. To address these problems SNMP v3 was introduced.
Centralizing logs is important as soon you have more than 2 servers. In my environment the bare metal is monitored with Net-SNMP and my services are deployed as containers with Docker. All system logs are sent to a Graylog2 instance and I quickly noticed a few ugly entries caused by snmpd. Cannot statfs /run/docker/netns/...: Permission denied You will notice a few of them. First approach try to increase the logging level in /etc/default/snmpd from SNMP daemon with
As most of us noticed a few companies changed our perspective how to develop software and deploy them as a service. There are quite a few changes between selling every year a box with 10 CD’s and develop and deliver your software as a service. This article is a collection of thoughts and ideas I had and wanted to be written. Who cares about a version number? User give a shit about version numbers anymore, all what matters needs to be focused on the user.
During work building Docker executables, I ran in an interesting corner case. Fortunately the Docker IRC channel helped me to investigate with special credits to Ravensoul. When you build a container as an executable you can use the ENTRYPOINT for your binary to execute and CMD as a default overwritable argument. In most cases the CMD is the --help argument to provide a useful default behavior in case you just run the container without anything specified.
I’m using Mac OS X with iterm2, oh-my-zsh and spend 75% of my time in those terminals. It is totally annoying to me if I connect to a DHCP network and it screws up my hostname. Especially when I’m used to looking at the prompt which tells me the host I’m connected to. It is possible to fix your computer name for several things using the scutil command which requires administration permissions.