Archive for April, 2007

Subversion (SVN) over SSL in 10 small steps

Friday, April 27th, 2007

I have installed SVN on Centos4 (RHEL4) following these small and short steps.

1. Check out svnbook. This is the place where all your later questions will be answered.

2. Using Centos/RHEL and still not using Dag Wieers and RPMForge’s RPM repository?

3. Install using YUM or Apt the following packages:

mod_dav_svn

subversion

mod_ssl

distcache

neon

4. Create your SVN repository root directory and cd to there: "mkdir /var/www/svn ; cd /var/www/svn"

5. Create your new repository. I’ve used the name "projects" and I maintain the name later on. If you decide on another name, make sure to change wherever valid later: "svnadmin create projects"

6. Change ownership to Apache: "chown -R apache.apache projects"

7. Rename /etc/httpd/conf.d/subversion.conf to /etc/httpd/conf.d/subversion.conf.old

8. Edit /etc/httpd/conf/ssl.conf and add the following lines:

–Near the beginning, add these two lines:

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

–Just above the line saying </VirtualHost> enter the following:

<Location />

      DAV svn
      SVNParentPath /var/www/svn
      SSLRequireSSL
      AuthType Basic
      AuthName "Company"
      AuthUserFile /etc/httpd/conf.d/passwd
      Require valid-user

</Location>

9. Check Apache to verify you didn’t destroy anything. No need, by the way, to create SSL self-signed certificate, as the installation of mod_ssl creates one for you: "apachectl -t". If you get "Ok", you’re Ok.

10. Add users by using the utility "htpasswd". The first time will require the flag "-c" which tells htpasswd to create the file. Later on, no need for this flage. Exmaple: The first user will require: "htpasswd -c /etc/httpd/conf.d/passwd user1". The 2nd user will require just "htpasswd /etc/httpd/conf.d/passwd user2".

Done. All you need to do is point your SVN client to https://<IP or Name>/projects and you’re good to go (of course – as soon as you specify your username and password).

Correction of a small but annoying error

Thursday, April 19th, 2007

For some reason (probably a typo) I’ve missed an important character in an example I gave here, but I have just recently fixed it. Anyhow, to clarify this, here is the extended description of the correction.

The $IFS Bash system variable defines what is the default separator between strings. Changing it can help when dealing with, for example, file names with spaces in them, variables which should be considered one unit, but are separated by semicolon, etc.

To change the default string separator from "space or tab or new-line" to new-line only. you need to set, in Bash the following parameter:

IFS=$’n’

Cacti and per minute poll

Monday, April 16th, 2007

I love the tool Cacti. It’s a nice graphing tool, which helps a lot in system monitoring and management.

Its logic, however, is not always obvious. The relationship between data types, host templates and graph templates is quite complex, and if you are to implement any non-default setup using Cacti, you better understand these relationships as soon as possible.

I was using it to monitor an ERP system. I have encountered in the past a problem with monitoring Linux network traffic through SNMP, since the container is a short integer, and during 5 minutes wait it gets filled several times, if this is 1Gb/s network connection we measure.

The solution I wanted to employ was to haste the system, and measure every minute (60 seconds). This isn’t trivial using either Cacti or MRTG, because they were designed for 5 minute interval.

I have found this link in Cacti’s forums, which shows how to do it, and it works fine, as long as you follow instructions by the letter. This was done on RH4 x86, using Dag Wieers’ Home-made RPM repository as the source for Cacti.

I will attempt to export the modified templates and upload them here, to save some of the dirty work required for the process to work.

Correct rack wiring tips & tricks with pictures

Sunday, April 15th, 2007

This post will offer several tips and tricks for wiring cables into new rack closets. It uses pictures as a demonstration of what to do and what not to do. It is based on a job I have taken part in with several other companies, moving the server farm to a new location. This job included rewiring new rack closets, and these pictures are based on work I and another team have done.

Since this post includes many pictures, I have decided to split it into this description, and the real contents.

AIGLX or XGL?

Monday, April 9th, 2007

As you can see in my previous posts, I have an NVidia card. It worked quite well while using XGL, but due to XGL’s memory consumption (it takes a lot of memory), I have decided to try for AIGLX, which is part of the X.org system.

In my previous post you can see that (and how) it was done. However, my overall experiance is that AIGLX, at least where it comes to Xorg 7.2 and NVidia (Driver 1.0-9755) is that XGL is much much faster.

The slow responses of the system during the several hours I used AIGLX (while trying somehow to increase performance) just made me go back to XGL. AIGLX is not good enough.

I’ve read several posts about it, and still, the results are undetermined. That’s why I post my own software versions here. AIGLX may perform better when using older or newer versions of NVidia’s driver, or Xorg, or whatever, but for me now – XGL does it well.