Today I’m at the 3rd quarter Phoenix VMUG and will be live blogging my experience (provided I can find decent public WiFi).

For a full listing of the sessions, check out this agenda page. I’m here with a handful of colleagues, so there’s no telling exactly what will happen, however the sessions that I think I’ll take are:

• Session #1: EMC – Virtualization of Mission Critical Applications and Unstructured Data
• Session #2: VMware – vCenter 5.1: A Technical Deep Dive
• Session #3: Veem Software – 5 Ways Smart VM Backups May Surprise You
• Session #4: Quantum – VM Data Protection for Dummies
• Session #5: VMware – Performance Best Practices for vSphere (I’m torn between that and this:  Troubleshooting Storage Performance. Is it the Hardware or the Software?)
• Session #6: Pure Storage Debugging Storage Performance Bottlenecks Using Flash Memory (Mostly because I want to see the Pure Storage guys!)

I’ll keep the images to a minimum on the blog, however I might tweet out some pictures. Check out my Twitter account @Nonapeptide. I’ll be using the #PHXVMUG hashtag.

Here is the breakdown of the day. All time is -7 Arizona. Details will fill in on the fly:

Registration, Breakfast and Welcome

8AM – 8:30AM

7AM: Showed up very early, about an hour before registration. Things are still being set up. The venue is smaller than last year’s. I wonder how many people will show up. There were perhaps 500+ last year. If that many show up here, it’s going to be… cozy.

7:30AM: THEY HAVE TRUCK FULLS OF STARBUCKS!!

Keynote (VMworld 2012 Recap by Matt Mancini)

8:45AM – 9:30AM

8:37AM: A hush falls on the crowd. Jason Yarberry starts speaking.

8:41AM: Visit 14 of 17 vendors and enter to win a $500 Amex card. Is it worth it for the twelve months of vendor assaults I’ll have to endure? Not sure yet…

 8:52AM: Spoofing an apparent VM World 2012 bit, the VMware rep and three co-leaders of VMUG play drums on overturned buckets.

8:53AM: Keynote begins in earnest. “Users are in control of what IT is using. Mobile devices are starting to push this. Real time information exchange.”

9AM: Talking about vCloud Director and Operations Manager and the whole vCloudSuite. I so want to be the one that brings up OpenStack. I might get thrown out though…

9:04AM: Something called “Horizon Suite.” Wow, never heard of this thing. Also, something called “Mirage.” Something from an acquisition of a company called “Lenova.” It’s “Ghost on steroids integrated with View.”

I’m seeing money hemorrhage out of all my bank accounts.

9:08AM: VSAN – coming up! Distributed storage form commodity servers. Sounds interesting. I wonder if he just angered a few people in the room because a lot of VMware partners that are here are storage vendors. I also wonder how this will compare and compete with things like Nexenta or FreeNAS.

9:11AM: vRAM is no longer around. “The word has been completely removed form VMware’s dictionary.”

9:14AM: More recap from VMworld. They have dodgeball at VMworld?

9:22AM: Talking about the Hands on Lab at VMworld. Apparently it was a tough year and they had some authentication issues, however the nearly 300 person team at VMware that were dedicated to making the HoL work apparently smoothed it out. Sounds like fun.

9:24AM: vCloud Suite. Combining different products for a price savings. Blah blah blah. Simplified product line, simplified combinations. Looks decent actually.

9:28AM: Steve HAft, Sr. Education Business Development Manager, takes stage to talk about education and certification. I’d love to walk out of this place with some info on getting trained — even though I don’t use VMware a ton.

9:30AM: Average VCP makes between $95,000 and $125,000 USD salary. I wonder what that turns into for a contractor’s hourly rate…

9:35AM: Things running over. Gotta run out soon to get to my EMC session.

Session #1

9:45AM – 10:30AM EMC – Virtualization of Mission Critical Applications and Unstructured Data

There is a performance gap between disks and CPUs. CPUs are speeding up by leaps and bounds, and disks are getting bigger but not faster. SSDs bridge that gap.

Enterprise SSD drives are termed “flash” at least in this talk and not SSD simply to differentiate between consumer level products. AKA “EFD” Enterprise Flash Drive

“FAST Cache” form EMC = “Fully Automated Storage Tiering” Taking data and spreading it around across different speed storage devices.

Talk goes to a four tier model of

1. PCIe Flash
2. Array Flash
3. FC / SAS
4. SATA / NL-SAS

PCI flash gets the storage closer to the compute part of your application.

EMC Isilon is a cluster based storage system based on dropping in nodes of storage that auto balance a single volume / namespace. Infiniband backend network. Basically it’s a fancy NAS cluster. Storage appliances can include traditional spindle storage as well as EFDs.

Standard set of “value add” features. Snapshotting, backup accelerator, “SmartLock” to keep important files form being deleted, auto-tiering of files, auto-balancing of files across a new node.

There’s a virtual appliance coming down the line to do all of this coming out that allows VMs to be moved close to compute power as needed.

Q/A starts.

Someones who works at a government agency needs to make sure that certain files, original copies of documents, never gets deleted. They are using an existing EMC product and looking to migrate to Isilon some day. SEC level compliance features are built in to the EMC product. You can do WORM and other various means of securing data that keeps people from deleting files.

Session #2

10:45AM – 11:30AM VMware – ESXi Best practices

(I elected to go to the ESXi best practices session because I’m less likely to need to have a deep technical knowledge of vCenter. Knowing the basics of ESXi is always nice.)

vSphere CLI has the ESXi Shell, vCLI and PowerCLI. There is also the API/SDK for more advanced application and automation development.

A script rich environment will have trouble going from 4.1 to 5 you might have trouble because of the removal of the command console. Upgrading needs to be done in a process as well – vCenter first then hosts. ESX System Analyzer can be used to ease the migration process.

Stay up on the latest VMware tools.

Put your scratch on a persistent disk so that logs persist across reboots so that you can do better root cause troubleshooting.

Use ESXi Dump and Syslog Collectors so that you can better facilitate troubleshooting. This is especially recommended for Auto Deploy environments.

Configure NTP correctly or you will regret it. I think that’s a general rule of systems engineering. So much so that I recommend clients buy a dedicated NTP appliance if they’re much larger than a single rack of infrastructure.

Use directory services for SSO so that you can figure out who did what, rather than just seeing log entries for “root.”

Utilize the ESXi host firewall to limit access, such as ESXi Seland SSH access from only internal IP ranges.

Enable lockdown mode — but then again if you need to have that enabled to be secure, how are people even getting close enough to the server to be able to log in locally anyway? Then again, in smaller shops where the server room is actually a cabinet underneath the sink in the lunch room, then perhaps you have no better choice.

There is a recommendation to disable the ESXi Shell and SSH unless explicitly needed for troubleshooting. I’m not so sure I can see that as being good. That seems a bit too paranoid and more like a slide in the deck to please the lawyers.

Basically any application is said to be a candidate to be backed up with Veeam, but restoration is dependent on “native tools” which means, if you’re using, say, Jenkins in a VM you can back it up with Veeam. Need to restore a portion of the data? You can spin up a recovery instance and then pull the data that you need from it, but there’s nothing special within Veeam itself that can help you restore that data.

Lunch

11:30AM – 12:45PM

Om nom.

Session #3

12:45PM – 1:30PM Veeam Software – 5 Ways Smart VM Backups May Surprise You

I’ve zoned out in the early part of the session (digestion is exhausting) so I’m not sure what the first few “ways smart VM backups may surprise you” are.

Standard recovery for those that are familiar with this market space. You can instantly boot a backup based on the actual backup store itself rather than copying the backup into production.

“Veeam explorer for Exchange” can reach into a backup and restore a file or email.

Veeam Explorer for SAN Snapshots can reach into SAN snapshots and recovery files in LeftHand P4000 and a few other SAN vendors. This tool is free, or at least will be when it is released. Apparently this is not available in full non-beta version yet.

BackupAcademy.com is a Veeam learning tool to get to know their products better.

“Forever Incremental” means that after the first full backup, your incrementals can be merged into the last full backup, to be made into a new full backup. The the next incrementals can be merged into that new full to form a new new full.

Session #4

1:45PM – 2:30PM Starboard Storage Systems – Leveraging the Latest Technologies for Today’s Virtual Challenges Effectively & Affordably

I decided to duck into this one mostly because no session was terribly compelling and also the presenter nabbed me in the hallway and convinced me to go in. Also, I have never heard of Starboard Storage before.

15 minutes in and I’m waiting for something that’s terribly new. I’m hearing the standard storage spiel so far. Flash, tiering, spindles, unified, etc.

It really does look like a decent product, it has solid features and is targeted at the SMB / midmarket area for businesses. The prices are good and there are no extra license costs. You buy the product and it comes with all the features turned on and also a 24/7 support contract with 3 year hardware warranty.

I can’t remember anything terribly distinctive about the product – except good cost and simple licensing. Again, it looks good for SMBs. Look into them.

Session #5

2:45PM – 3:30PM

Lost interest and talked with people in the cafeteria.

Session #6

3:45PM – 4:30PM

Lost interest and talked with people in the cafeteria.

Closing

4:30PM – 5PM

After several underwhelming presentations, I lost interest and sat around in the cafeteria talking business with people. I then moved my way into the great room to see who won the prizes. There were a few $500 Amex cards, iPads, and VMUG advantage subscriptions.

One fellow won a $500 Amex card AND an iPad!

Did I win something? YES! I won a VMUG Advantage subscription! Of course, I also got fed for free and got to hang out with a bunch of cool people.

A reader of my blog who shall be named C.D. sent me his RHCSA study notes. C.D. will be taking the EX200 exam here in a few days, and thus didn’t officially join the 2012 Red Hat Study Buddy group, however he wanted to share his rapid-fire study guide for others to benefit from.

The study notes are in capsule form and follow C.D.’s understanding of the Ex200 objectives. They can be a good guide for anyone looking to evaluate their own readiness for the official exam.

Please understand that these notes were compiled by an individual in preparation for taking the RHCSA exam. This is simply a study guide that attempts to provide answers and information based on the ‘exam objectives’ provided on Red Hat’s website. This information does not provide specific information about what is or what is not on the RHCSA exam. This is not a “brain dump” or some other form of cheat sheet.

Behold, the notes:

1) Understand and use essential tools

Access a shell prompt and issue commands with correct syntax

• CTRL-ALT-F1: From system console, switch to GUI.
• CTRL-ALT-F[2-6]: From system console, switch to a terminal.
• Applications -> System Tools -> Terminal: From GUI, access a terminal.

Use input-output redirection

• cmd > file: Redirect stdout of cmd to file.
• cmd 2> file: Redirect stderr of cmd to file.
• cmd >> file: Append stdout of cmd to file.
• cmd 2>> file: Append stderr of cmd to file.
• cmd &> file: Redirect stdout and stderr to file.
• cmd < file: Redirect contents of file to stdin of cmd.
• cmd1 | cmd2: Redirect stdout of cmd1 to stdin of cmd2.
• cmd1 |& cmd2: Redirect stderr of cmd1 to cmd2.

Use grep and regular expressions to analyze text

• grep string file: Display lines in file that contain string.
• grep -v string file: Display lines in file that do not contain string.
• grep -i string file: Case in sensitivedsearch.
• egrep: Grep with extended regular expressions.
• fgrep: Grep without regular expressions.

Some simple RegEx rules. (A complete understanding of Regular Expressions is beyond the scope of this document.)

• ‘^string’: Search for lines beginning with string.
• ‘[a-zA-Z]‘: Search for any line containing a letter.
• ‘[^a-zA-Z]‘: Search for any line not containing a letter.
• ‘[0-9]‘: Search for any line containing a number.
• ‘[^0-9]‘: Search for any line not containing a number.
• ‘[0-9][0-9]‘: Search for any line containing at least two numbers in a row.

Access remote system using ssh and VNC

• ssh user@host: Login to host as user via SSH.
• vncviewer host:display: Connect to display on host via VNC.
• ssh -L port:host:port user@host: Connect to display on host via VNC over SSH.

Log in and switch users in multiuser runlevels

• su -: Switch to root user and load root user’s profile.
• su – user: Switch to user and load user’s profile.
• su -c ‘command’: Run command as root user.
• su -c ‘command’ user: Run command as user.

Archive, compress, unpack, and uncompress files

• gzip file: Compress file using gzip.
• bzip2 file: compress file using bzip2.
• gzip -d file.gz: Decompress file using gzip.
• bzip2 -d file.bz2: Decompress file using bzip2.
• tar cvf file.tar /dir: Create archive file.tar of contents of dir.
• tar cvfz file.tar.gz /dir: Archive with gzip compression.
• tar cvfj file.tar.bz2 /dir: Archive with bzip2 compression.
• tar xvf file.tar /dir: Extract archive file.tar into dir.
• tar xvfz file.tar.gz /dir: Extract gzip compressed archive.
• tar xvfj file.tar.bz2 /dir: Extract bzip2 compressed archive.
• star -xattr -H=exustar -c -f=file.star /dir/: Archive with SELinux.
• star -x -f=file.star: Extract archive with SELinux.
• star -xz -f=file.star.gz: Extract gzip compressed archive with SELinux.
• star -xj -f=file.star.bz2: Extract bzip2 compressed archive with SELinux.

Create and edit text files

• >file: Create file with no content.
• vi file: Edit content of file.

Create, delete, copy, and move files and directories

• >file: Create file with no content.
• rm file: Delete file.
• cp file1 file2: Copy file1 to file2.
• mv file1 file2: Move file1 to file2.
• mkdir /dir: Create directory dir.
• mkdir -p /dir1/dir2/dir3: Create a series of directories.
• rmdir /dir: Delete an empty directory.
• rmdir -p /dir1/dir2/dir3: Delete a series of empty directories.
• rm -r /dir: Recursively delete a directory and it’s contents.
• mv /dir1 /dir2: Move directory dir1 to dir2.

Create hard and soft links

• Hard-links creates a second copy of the file with identical inode.
• Soft-links creates a redirect to the original file.
• ln file1 file2: Creates files2 as a hard-link of file1.
• ln -s file1 file2: Creates file2 as a soft-link of file1.

List, set, and change standard ugo/rwx permissions

• ls -l: List files and include information about permissions.
• chown user file: Changes owner of file to user.
• chown -R user /dir: Recursively changes owner of directory and contents.
• chown user.group file: Changes owner of file to user and group.
• chown -R user.group /dir: Recursively changes owner of directory and contents.
• chgrp group file: Changes group owner of file to group.
• chgrp -R group /dir: Recursively changes group owner of directory and contents.
• chmod permissions file: Changes permissions of file.
• chmod -R permissions /dir: Recursively changes permissions of directory and contents.
• umask: Displays current umask.
• umask mask: Sets umask to mask.
• With chmod or umask, the permissions or mask are a three digit number.
• The first digit is for owner, the second is for group, the third for all others.
• Each number is made by adding together the numbers of following permissions: 4 = read, 2 = write, 1 = execute.
• chmod ### sets thos permissions
• ex: chmod 640 is read and write for owner, read for group, no access for all others.
• umask ### are the permissions subtracted from the default permissions (666) of a newly created file.
• ex: umask 002 means news files are created with the permissions 664.

Locate, read, and use system documentation

• man topic: Displays manual page for topic.
• man # topic: Displays manual page for topic within numbered category.
• whatis topic: Lists manual pages with topic in title.
• apropos topic: Lists manual pages relating to topic.
• /etc/cron.daily/makewhatis.cron: Regenerates manual page database.
• info topic: Display info page about topic.
• /usr/share/info: Location of all available info pages.
• /usr/share/doc: Location of more advanced package specific documentation.

2) Operate running systems

Boot, reboot, and shut down a system normally

• reboot: Reboot the system immediately.
• shutdown -h now: Shutdown the system immediately.

Boot systems into different runlevels manually

• runlevel: Displays the current runlevel.
• init #: Changes to specified runlevel.
• At GRUB menu, press “e” or “a” to edit/append boot kernel options.
• Append a runlevel # to end of GRUB options to boot into that runlevel.
• Runlevel 0: Halt
• Runlevel 1: Single-user mode
• Runlevel 2: Multi-user mode, limited services
• Runlevel 3: Multi-user mode, networking
• Runlevel 4: Undefined
• Runlevel 5: Multi-user mode, X11
• Runlevel 6: Reboot

Use single-user mode to gain access to a system

• At GRUB menu, press “e” or “a” to edit/append boot kernel options.
• Append single to end of GRUB options to boot into single user mode.
• Append init=/bin/sh to end of GRUB options to not load init files.

Identify, adjust priority, and kill processes.

• ps -u user: List all processes running as user.
• ps -aux: List all running processes.
• ps -axl: List all running processes and parent process information.
• nice -n # command: Run command at specified priority level.
• renice # PID: Changes priority level of process to specified priority level.
• renice # -u user: Changes priority level of all of user’s processes to specified priority level.
• The default process priority level is 0.
• The highest process priority level is -20.
• The lowest process priority level is 19.
• kill PID: Sends a signal to specified process.
• killall process: Sends a signal to all running processes of that name.
• The default signal sent to processes is SIGTERM.
• Other signals can be sent by adding the flag -SIGNAL.
  • 1: SIGHUP
  • 2: SIGINT
  • 3: SIGQUIT
  • 6: SIGABRT
  • 9: SIGKILL
  • 14: SIGALRM
  • 15: SIGTERM (default)
• top: Lists all running processes in an interactive environment.

Locate and interpret system log files

• /var/log: Location of system log files.
• lastlog: Outputs information about most recent login of each user based on information in /var/log/lastlog
• utmpdump btmp: Outputs information about failed login attempts based on information in /var/log/btmp
• utmpdump wtmp: Outputs information about logins based on information in /var/log/wtmp

Access a virtual machine’s console

• virt-manager: GUI program for controlling virtual machines.
• virsh list –all: Lists all virtual machines.
• virt-viewer server: Display graphical console forvirtual server.

Start and stop virtual machines

• virt-manager: GUI program for controlling virtual machines.
• virsh start name: Starts a virtual machine.
• virsh destroy name: Shutdown a virtual machine.
• virsh list –all: Lists all virtual machines.

Start, stop, and check the status of network services

• service name start: Starts network service.
• service name stop: Stops network service.
• service name restart: Restarts network service.
• service name reload: Reloads the configuration files for network service.
• service name status: Displays status of network service.

3) Configure local storage

List, create, delete, and set partition type for primary, extended, and logical partitions

• fdisk: Deprecated utility for manipulating primary, extended, and logical partitions.
• parted: Current utility for manipulating primary, extended, and logical partitions.
• The fdisk and parted commands are interactive and have their own built-in help files. Consult man pages for further options.

Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes

• pvcreate /dev/hd: Create physical volume from device.
• pvremove /dev/hd: Remove physical volume from an LVM.
• vgextend volumegroup /dev/hd: Create volume group with physical volume or add physical volume to existing volume group.
• vgreduce volumegroup /dev/hd: Remove physical volume from volume group.
• lvcreate -L size volumegroup: Create a new logical volume from volume group.
• lvdisplay volumegroup: Display information about volume group.
• lvremove /dev/volumegroup/volume: Remove a logical volume from volume group.

Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted files system at boot

• dd if=/dev/urandom of=/dev/hd bs=1M: Fill physical volume with random data.
• cryptsetup luksFormat /dev/hd: LUKS-encrypt physical volume.
• cryptsetup luksOpen /dev/hd label: Label LUKS-encrypted physical volume.
• mkfs.ext4 /dev/mapper/label: Format labelled LUKS-encrypted physical volume.
• /etc/crypttab: Configuration file for LUKS-encrypted volumes.
• /etc/fstab: Configuration file for volumes mounted by system.
• mount: Displays all volumes currently mounted on system.
• mount -a: Mount all volumes defined in /etc/fstab
• fstab entries are space delimited: device mountpoint fstype options dump fsck
• fstab example: /dev/sda1 / ext4 defaults,acl 1 1
• cryptab entries are space delimited: label device
• cryptab example: cryptvolume /dev/sdb1

Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label

• blkid: Find the UUID of a device.
• e2label /dev/mapper/volume label: Label a volume.
• umount /dev/hd: Unmount a device.
• /etc/fstab: Configuration files for volumes mounted by system.
• fstab entries are space delimited: device mountpoint fstype options dump fsck
• fstab example: /dev/sda1 / ext4 defaults,acl 1 1

Add new partitions and logical volumes, and swap to a system non-destructively

• The fdisk and parted commands are interactive and have their own built-in help files. Consult man pages for further options.
• pvcreate /dev/hd physicalvolume: Create a physical volume from device.
• vgcreate volumegroup /dev/hd: Create a volume group from a physical volume.
• lvcreate -L size -n logicalvolume logicalvolumegroup: Create a logical volume of size in volume group.
• swapon -s: Displays swap devices currently on system.
• swapon -v /dev/hd: Add swap device to system.

4) Create and configure file systems

Create, mount, unmount, and use ext2, ext3, and ext4 file systems

• mkfs.ext# /dev/hd: Format device as ext# File System.
• mount -o rw -t ext# /dev/hd /mountpoint: Mount’s device of ext# format in Read/Write mode to mount point.
• umount /dev/hd: Unmounts device.

Mount, unmount, and use LUKS-encrypted file systems

• Mounting a LUKS-encrypted file system is identical to mounting a regular file system, except you will be prompted for a passphrase.

Mount and unmount CIFS and NFS network file systems

• mount -t cifs //servername/dir /mountpoint –verbose -o user=username: Mounts a CIFS filesystem to mount point.
• mount -o rw -t nfs servername:/dir /mountpoint: Mounts a NFS filesystem to mount point.
• umount /mountpoint: Unmounts a mountpoint.

Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically

• blkid: Find the UUID of a device.
• /etc/crypttab: Configuration file for LUKS-encrypted volumes.
• /etc/fstab: Configuration file for volumes mounted by system.
• mount: Displays all volumes currently mounted on system.
• mount -a: Mount all volumes defined in /etc/fstab
• fstab entries are space delimited: device mountpoint fstype options dump fsck
• fstab example: /dev/sda1 / ext4 defaults,acl 1 1
• cryptab entries are space delimited: label device
• cryptab example: cryptvolume /dev/sdb1

Extend existing unencrypted ext4-formatted logical volumes

• lvdisplay: Displays infomration about logical volumes on system.
• lvextend -L +size /dev/volumegroup/volume: Extends logical volume by size.
• lvextend -L size /dev/volumegroup/volume: Extends logical volume to size.

Create and configure set-GID directories for collaboration

• chmod g+s: Changes a directory to be set-GID.

Create and manage Access Control Lists (ACLs)

• Filesystem must support Access Control Lists.
• Add ‘acl’ to options in /etc/fstab and remount filesystem if this option is not already set.
• mount -o remount /mountpoint: Remounts a mountpoint that is in use, applying any new options.
• /etc/fstab: Configuration file for volumes mounted by system.
• getfacl file: Displays the Access Control Lists (ACLs) set on a file.
• setfacl -m A:C:L file: Sets the Access Control Lists (ACLs) set on a file.

Diagnose and correct file permission problems

• ls -l: Display file permissions.

5) Deploy, configure, and maintain systems

Configure networking and hostname resolution statically or dynamically

• setup: Command line system for configuring networking related options.
• /etc/hosts: Local lookup table for statically defined hosts.
• /etc/resolv.conf: Configuration file for resolving hosts.
• /ets/sysconfig/network: Configuration file for system networking settings.
• /etc/sysconfig/network-scripts: Configuration files for interface specific networking settings.

Schedule tasks using cron

• crontab -l: Displays crontab for current user.
• crontab -e: Edits crontab for current user.
• Cron entries require six space delimited options.
• Each option can either be a *, something within the range, a comma separated list involving the range, or division math involving the range.
• The command will be triggered whenever all conditions match.
  • 1: Minute (0-59)
  • 2: Hour (0-23)
  • 3: Day of Month (1-31)
  • 4: Month (1-12)
  • 5: Day of Week (0-6, starting at Sunday)
• 6: Command to be executed.
• example: 0 3 1 1-12/2 * command, will run command at 3:00am on the first day of every other month.

Configure systems to boot into a specific runlevel automatically

• /etc/inittab: Edit to make runlevel changes permanent.

Install Red Hat Enterprise Linux automatically using Kickstart

• system-config-kickstart: GUI for creating kickstart files.
• /root/anaconda-ks.cfg: Kickstart file for running system at time of creation.
• For a bare metal kickstart enter GRUB an add the following line:
  • ks=hd:sdba1/ks.cfg: Use a kickstart file on the local disk.
  • ks-cdrom:/ks.cfg: Use a kicksart file on the cdrom.
  • ks=ftp://server/ks.cfg: Use a kickstart file on an FTP server.
  • ks=nfs:server/ks.cfg: Use a kickstart file on an NFS server.
  • ks=http://server/ks.cfg: Use a kickstart file on a web server.
• For virtual machines add an option to virt-install similar to baremetal kickstart options:
  • ex: -x “ks=KICKSTARTOPTION ksdevice=ETHERNETDEVICE ip=IPADDRESS netmask=NETMASK gateway=GATEWAY”
• There are numerous kickstart options available. Running ‘system-config-kickstart /root/anaconda-ks.cfg’ is your best bet short of memorizing all options.

Configure a physical machine to support virtual guests

• yum -y install libvirt libvirt-client python-virtinst qemu-kvm virt-manager virt-top virt-viewer: Install packages needed for hosting KVMs.
• yum -y install qemu* virt* libvirt* python-virtinst: Installs all packages related to hosting KVMs.
• modprobe kvm: Adds kernel module for hosting KVMs.

Install Red Hat Enterprise Linux systems as virtual guests

• virt-manager: GUI program for controlling virtual machines.
• virsh list –all: Lists all virtual machines.

Configure systems to launch virtual machines at boot

• virsh autostart name: Configures virtual machine to start at boot.
• virsh autostart –disable name: Disabled virtual machines from starting at boot.

Configure network services to start automatically at boot

• chkconfig –list: Lists all installed network services.
• chkconfig service on: Configures network service to start at boot.
• chkconfig –level # service on: Configures network service to start in specified runlevels.
• chkconfig service off: Disables network service from starting at boot.
• chkconfig –level # service off: Disables network service from starting in specified runlevels.

Configure a system to run a default configuration HTTP server

• yum -y install httpd && chkconfig httpd on && service httpd start: Install and start httpd, and set to start on boot.
• /var/www/html: Location of files served by HTTP server.
• Firewall: Open ports 80 for HTTP and 443 for HTTPS, using iptables.
• SELinux: Make sure SELinux contexts are correct for all files server, ‘man httpd_selinux’ for more various options.

Configure a system to run a default configuration FTP server

• yum -y install vsftpd && chkconfig vsftpd on && service vsftpd start: Install and start vsftpd, and set to start on boot.
• /var/ftp: Location of files served by FTP Server.
• Firewall: Open ports 20 and 21 for FTPD, using iptables.
• SELinux: Make sure SELinux contexts are correct for all files server, ‘man ftpd_selinux’ for more various options.

Install and update software packages from Red Hat Network, a remote repository, or from the local file system

• rhn_register: Register system with Red Hat Network.
• yum install package: Install package from yum repository.
• /etc/yum.repos.d: Directory containing information relating to yum repos.
• rpm -Uvh package.rpm: Upgrades RPM package from local file system.
• rpm -ivh package.rpm: Installs RPM package from local file system.

Update the kernel package appropriately to ensure a bootable system

• Never update the kernel package, always install a new kernel.
• rpm -ivh kernel.rpm: Installs a new kernel from an rpm package.
• yum install kernel: Installs a new kernel from a yum repository.

Modify the system bootloader

• /boot/grub/grub.conf: Configuration files for system boot loader.

6) Manage users and groups

Create, delete, and modify local user accounts

• useradd user: Adds user to system.
• userdel user: Deletes user from system.
• usermod options user: Modifty a user.
• usermod options:
  • -d /dir: Changes the user’s home directory.
  • -e YYYY-MM-DD: Changes the expiration date of user’s account.
  • -f #: Changes the number of days after password expiration that user’s account is disabled, 0 for immediately, -1 for never.
  • -g GID: Changes the user’s main group.
  • -G GID: Comma separated list of additional groups that the user belongs to.
  • -l newuser: Changes the user’s login name to a new name.
  • -L: Locks the user account, preventing logins.
  • -s shell: Changes the user’s login shell.
  • -u UID: Changes the user’s UID.
  • -U: Unlocks the user account, allowing logins.
  • -Z seuser: Changes ther user’s SELInux user type.

Change passwords and adjust password aging for local user accounts

• passwd: Change your password.
• passwd user: Change user’s password.
• chage user: Change user’s password aging.

Create, delete, and modify local group and group membership

• groups user: List which groups a user belongs to.
• groupadd group: Create group.
• groupdel group: Delete group.
• groupmod -n newgroup oldgroup: Change the name of a group.
• groupmod -g GID group: Change the GID of a group.
• groupmems -g group -a user: Add a user to group.

Configure a system to use an existing LDAP directory service for user and group information

• yum -y install openldap-clients: Install the required OpenLDAP clients.
• system-config-authentication: GUI for connecting system to existing LDAP directory service.
• It is possible to configure LDAP connections manually, but using system-config-authentication is your best option for the RHCSA exam.

7) Manage security

Configure firewall settings using system-config-firewall or iptables

• system-config-firewall: GUI program for modifying firewall settings.
• IPTables are complex when used from the command line. Using the ‘system-config-firewall’ or ‘setup’ are your best options for the simple firewall configurations required for the RHCSA exam.

Set enforcing and permissive modes for SELinux

• getenforce: Display SELinux enforcing mode.
• setenforce #: Toggle SELinux enforcing mode on or off.
• /etc/selinux/config: Make permanent changes to SELinux enforcing mode.

List and identify SELinux file and process context

• ls -lZ: List file permissions, with SELinux information.
• ps -Zu user: List all processes running as user, with SELinux information.
• ps -Zaux: List all running processes, with SELinux information.
• ps -Zaxl: List all running processes and parent process information, with SELinux information.

Restore default file contexts

• semanage fcontext -a -t context “/dir(/.*?)”: Sets the SELinux context of a directory and it’s contents.
• restorecon -F -R -v /dir: Recursively restores SELinux context of a directory and it’s contents.

Use boolean settings to modify system SELinux settings

• getsebool -a: Lists all SELinux boolean settings and current status.
• setsebool -P boolean on: Sets SELinux boolean to on.
• getsebool -P boolean off: Sets SELinux boolean to off.
• togglesebool boolean: Toggles SELinux boolean on or off.

Diagnose and address routine SELinux policy violations

• ausearch -m avc -c command: Search for SELinux policy violations associated with command.
• sealert -a /var/log/audit/audit.log: Detaild descriptions of SELinux policy violations found in log.
• /var/log/audit/audit.log: Log file containing information about SELinux policy violations.

The End

Keep in mind that these notes are just one student’s thought process while interpreting the official exam requirements as of October 2012.  Use them as you see fit and at your own liability. Everyone give a round of thanks to C.D. for sharing!

If you’re following along at home with the 2012 Red Hat Study Buddy Group, there’s a handful of folks (myself included) who have decided to nab some Red Hat certifications before the year ends. Perhaps that will lead to better things in the year 2013, but it certainly can’t lead to worse things (famous last words?).

I’ve compiled a short list of some of the more pertinent official sources of information for this endeavor. I’ll be referencing them and this post as I crunch through my RHCSA study plan.

• RedHat Product Documentation
• RHEL Specific Product Documentation
  • Some good guides pertinent to RHCSA/RHCE within the documentation:
  • Installation Guide
  • Deployment Guide
  • Security Enhanced Linux (Oh the pain)
  • Virtualization Getting Started Guide
• RedHat Enterprise Linux Server Product Page
• RedHat Certifications Page
  • RHCSA Page
    • EX200 Exam Objectives
    • EX200 Exam Information
  • RHCE Page
    • EX300 Exam Objectives
    • EX300 Exam Information
• Red Hat Courses
  • Even if you don’t plan on taking an official Red Hat course, give serious attention to each course’s syllabus to get a very good idea of what you need to know to become Red Hat Certified.
  • List of all Red Hat courses.
  • Red Hat System Administration I (RH124) Course Outline
  • Red Hat System Administration II (RH135) Course Outline
  • RHCSA Rapid Track (RH200) Course Outline (Apparently this course is very close to the actual RHCSA exam’s body of tasks. Keep a close eye on this one to see what will most likely be required of  you in the exam room.)
  • Red Hat System Administration III (RH255) Course Outline
  • RHCE Rapid Track Course with RHCSA and RHCE Exams (RH300) Course Outline
  • Red Hat Certificates of Expertise courses are not listed since so far no one has expressed interest in going out for one of them. They are all listed at the above link “List of all Red Hat courses.”
• RedHat Certificates of Expertise
  • I’ll leave the finding of specific information pages for each certificate of expertise as an exercise for the reader. So far no one has claimed the CoE as a goal, with all interested being RHCSA or RHCE.
• RedHat Hardware Compatibility List. Just because.

Know of any other official information sources? Post them in the comments below and I’ll add them to the body of the post. I’m also creating a list of unofficial, RedHat / CentOS  information sources and communities. Any suggestions for that topic would also be appreciated.

Earlier this week, I asked if anyone was interested in a loose-knit Red Hat study buddy group to finish 2012 with some Red Hat certifications. The response was positive and so far we’ve got five eight ten eleven twelve participants signed up to end the year with more letters after their name, and start 2013 with greater possibilities!

List of Participants:

Kenny: A man of many talents on ServerFault. Kenny is gunning for his RHCE. He already has his RHCSA.

Noe Gonzalez: SysAdmin with mostly Windows and Mac experience who is dabbling in the realm of Red Hat. He wants to get his RHCSA.

Simon: Attempting to slay the EX200 in his quest to attain the RHCSA honor.

Cole: Walking brain, currently working for NetApp. Has been working with Linux for many moons. Wants to do the EX200, but might also be able to hit up the EX300 for the RHCE just based on sheer experience.

Jeff C.: Already an RHCSA, Jeff has tried to complete the EX300 to earn his RHCE but been just shy of completing it. This attempt will be his triumph.

Shashi: An experienced Linux administrator who works on RedHat systems, this participant wants to get the RHCE by the year’s end.

Matthew: Already LPIC-1 certified, he’s going for the RHCSA/RHCE combo! No, wait — he’s going for the RHCSA. He’ll tackle the RHCE next year.

AdamD: Already been studying for the RHCSA but now wants to get in with a group of like minded penguins.

Ahmed Helmy: SysAdmin from Cairo Egypt going for the RHCSA.

Eddy Webster: Going for the RHCSA.

Leon Carter: And a late entrant emerges!

The Wesley: That would be me. I’ve been working with RPM based Linux distributions for a year and a half, so I’d like to have some official endorsements of my knowledge as well as have a structured means of exposing my deficiencies.

Study Buddy Hangouts

I made a thread over on the SysAdmin Network titled “Welcome to the 2012 RedHat study buddy group.” Go post a “hello!” message! I think the SysAdmin Network would be a good place to have direct discussions about specific topics as you slice through the Red Hat materials,

I was also considering the possibility of occasional Google Plus hangouts to have discussions and chats concerning anything that comes to mind. Perhaps we could have a bi-monthly schedule of every other Friday evening… or whatever time works best.

If anyone else has other and better suggestions for how to go about socializing and force multiplying our experiences so that we can all have better chances of passing our exams and, more importantly, learning useful information, let me know in the comments below or over on the SysAdmin Network.

Starting Lesson Plan

There’s really no official lesson plan for this little group, however it might be nice to have some kind of basic plan. I’m using the RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition and find it to be pretty solid. The labs require some virtual machines, and I assume that everyone will have some spare equipment around to spin up some VMs, but if not, comment below and I’ll see what I can arrange.

If anyone has suggestions for other good training materials and sources, post about it on the SysAdmin Network. I’m not planning on taking any classroom courses, at least not for the EX200 material. I don’t know of any good RedHat focused video training courses. I’m just sticking to old fashioned books and breaking things on my own.

So for the first week  (Oct 8 through the 14th) I’m going to have a goal to do the following:

• Scour the RedHat site for hints, tips, and the official synopsis for the EX200 test.
• Set up some virtual machines with the latest CentOS (Sorry Scientific Linux)
• Read one, maybe two chapters in the RHCSA/RHCE book including the labs.

Follow along if you’d like and share your experiences in the comments, but mostly over at the SysAdmin Network. I’ll post again on my blog in about a week concerning the topic of the study buddy group. I’ll include my commentary on my studying to date as well as with my plans for the next week of study. By the way, my goal is to be ready for the EX200 sometime in the first week of December to leave time for a retake if necessary.

Thoughts? Comments? Adulations? Detractions? lolcats?

I am going to be at the 2012 Phoenix Arizona VMUG on October 11, 2012. I’ll be doing my best to live blog the event. I’m not sure if public WiFi will be provided, and I haven’t yet sprung for the tethering option on my cell plan. However, it’s a conference, of course it’ll have public WiFi. Right?

I’m an unpaid, unsponsored, independent spectator so I’ll be giving my unfettered impressions and opinions while I’m there. Sadly, I don’t spend a ton of time with VMware products, so my impressions and opinions will likely be rather flat. Nevertheless, I’ll try to take pics, converse with people, and give a play-by-play for the sessions that I’ll be attending.

For a full listing of the sessions, check out this agenda page. The sessions that I think I’ll take are:

• Session #1: EMC – Virtualization of Mission Critical Applications and Unstructured Data
• Session #2: VMware – vCenter 5.1: A Technical Deep Dive
• Session #3: Veem Software – 5 Ways Smart VM Backups May Surprise You
• Session #4: Quantum – VM Data Protection for Dummies
• Session #5: VMware – Performance Best Practices for vSphere (I’m torn between that and this:  Troubleshooting Storage Performance. Is it the Hardware or the Software?)
• Session #6: Pure Storage Debugging Storage Performance Bottlenecks Using Flash Memory (Mostly because I want to see the Pure Storage guys!)

I’m open to suggestions if anyone wants to see my Cliff’s Notes for a different session. Let me know if there’s something you’d be more interested in and we can negotiate. =)

Check out my Twitter account @Nonapeptide. I’ll be tweeting the event with plenty of pictures on the #PHXVMUG hashtag.

Will you be There?

Well, will you? Let me know and we might just bump into each other. The location is the Desert Willow Conference Center in Tempe, Arizona. It’s an all day event and it appears to be catered (if it’s anything like last year’s catering, you’ll want to show up hungry to eat as much of it as possible).

Let me know in the comments below if you’ll be there and if you have any different preferences for the breakout sessions. It should be a good time!

Do you work with Red Hat based operating systems? When you go to a car show, and people talk about RPMs, do you get discouraged when you realize that they’re not talking about Linux? Are you inordinately fascinated by gaudy headwear? Do you want to make more money? Sure! We all do!

Certifications, love them or hate them, do have a tendency to help you earn more money and get noticed for positions. Sure, inside connections, professional network relationships, and public community projects are awesome and arguably better resources for ensuring employment opportunities, but having a few respected letters after your name won’t hurt matters any.

If you answered yes to any of the questions in the first paragraph, then consider the goal that I’m about to set forth. I’m gathering some names together to start a simple Red Hat certification study buddy group. Nothing crazy and nothing terribly structured. It’s just a place to publicly state your intentions, and then each person involved will have some names and faces to help get motivated.

Here are the Rules:

There are no rules.

Here is the (Loose) Plan:

First, pick your goal and put your name on it in the comments below. RHCSA? RHCE? A certificate of expertise or two (or three)? The RHCA?! Just name it.

Second, set the goal to pass whatever exam(s) you have in mind by Dec 31, 2012. You want to start 2013 with a shiny new piece of paper to be proud of, and hopefully some leverage for a better job or more money in your current job. Or maybe you just want the certification for your own personal development and satisfaction. Whatever your reasons, plan to make Dec 31 your do-or-die date.

Third, pick your study material. You could simply check out the official RHCSA exam objectives, or the RHCE objectives, or the objectives of the certificates of expertise that you’re interested in most. You could also pick up a book. I recommend the book RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition for those interested in the RHCSA/RHCE certs. Because the book mashes up the two certifications into one text, it is a bit confusing to follow at times, but I’ve perused it casually and it’s generally understandable if you focus. There are also several video courses out there as well as in-person classroom training. What you choose to use is of no consequence.

Fourth, buckle down, make some time, and get learnin’.

Fifth, we’ll all keep in touch, even if just loosely. How? I don’t know. Primarily, my plan is to make a loose reading schedule from the McGraw Hill RHCSA/RHCE book that I listed above. I’ll post updates every week or so and we’ll just fan out into a fairly unstructured body of people with the same goals in mind. Stay active in the blog comments. If things get too chatty, I can always spin up some kind of simple community site or we can shift over to the SysAdmin Network for more forum-style interaction.

Name It and Claim It

Hi my name is Wesley and I am going to work towards getting my RHCSA certification before 2013. I’ve been working pretty consistently with RPM based distributions for about a year and a half now, and it’s time to get lettered.

How about you? What Red Hat cert do you think could help out your professional life? Make your bold claim to a Red Hat certification in the comments below. I’ll make a follow up post listing those who have stated their intentions.

Share this post around! Let’s get some people motivated to end 2012 with some hard earned paper and start 2013 with, hopefully, some more money and better options for the future.

My Problem:

The OpenNMS service does not start. The OpenNMS daemon logs at /opt/opennms/logs/daemon/output.log have a daunting amount of errors concerning various things like Error creating bean with name 'trapDaemonContext' and Could not instantiate bean class [org.springframework.context.support.ClassPathXmlApplicationContext] and error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml].

The key is in the errors, just well hidden. Take a closer look…

My Solution:

…because in my instance, if I looked close enough, I found lots of errors concerning trapd. It just so happens that I was messing about with SNMP on the same server that my OpenNMS instance is running on. snmptrapd does not play nice on the same machine as OpenNMS. Disable it and you’ll be good.

On my CentOS machine:

chkconfig snmptrapd off && service snmptrapd stop

Then start the OpenNMS as your distribution prefers.

Etcetera:

For those interested, here is the full error dump that I was encumbered with:

Thu Sep 27 21:48:27 MDT 2012
begin ulimit settings:
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 62754
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 20480
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
end ulimit settings
Executing command: /opt/opennms/bin/runjava -r  -- -Djava.endorsed.dirs=/opt/opennms/lib/endorsed   -Dopennms.home=/opt/opennms -Dcom.sun.management.jmxremote.port=18980 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Xmx256m -XX:+HeapDumpOnOutOfMemoryError  -XX:MaxPermSize=128m -jar /opt/opennms/lib/opennms_bootstrap.jar  start  
[DEBUG] System property 'opennms.library.jicmp' set to '/usr/lib64/libjicmp.so.  Attempting to load jicmp library from this location.
[INFO] Successfully loaded jicmp library.
[DEBUG] System property 'opennms.library.jicmp6' set to '/usr/lib64/libjicmp6.so.  Attempting to load jicmp6 library from this location.
[INFO] Successfully loaded jicmp6 library.
An error occurred while attempting to start the "OpenNMS:Name=Trapd" service (class org.opennms.netmgt.trapd.jmx.Trapd).  Shutting down and exiting.
javax.management.RuntimeMBeanException: org.springframework.beans.factory.access.BootstrapException: Unable to return specified BeanFactory instance: factory key [trapDaemonContext], from group with resource name [classpath*:beanRefContext.xml]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'trapDaemonContext' defined in URL [jar:file:/opt/opennms/lib/opennms-services-1.10.5.jar!/beanRefContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.context.support.ClassPathXmlApplicationContext]: Constructor threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml]: Invocation of init method failed; nested exception is java.lang.reflect.UndeclaredThrowableException
	at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.rethrow(DefaultMBeanServerInterceptor.java:839)
	at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.rethrowMaybeMBeanException(DefaultMBeanServerInterceptor.java:852)
	at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:821)
	at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:791)
	at org.opennms.netmgt.vmmgr.Invoker.invoke(Invoker.java:316)
	at org.opennms.netmgt.vmmgr.Invoker.invokeMethods(Invoker.java:239)
	at org.opennms.netmgt.vmmgr.Starter.start(Starter.java:245)
	at org.opennms.netmgt.vmmgr.Starter.startDaemon(Starter.java:116)
	at org.opennms.netmgt.vmmgr.Controller.start(Controller.java:190)
	at org.opennms.netmgt.vmmgr.Controller.main(Controller.java:162)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at org.opennms.bootstrap.Bootstrap$3.run(Bootstrap.java:346)
	at java.lang.Thread.run(Thread.java:722)
Caused by: org.springframework.beans.factory.access.BootstrapException: Unable to return specified BeanFactory instance: factory key [trapDaemonContext], from group with resource name [classpath*:beanRefContext.xml]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'trapDaemonContext' defined in URL [jar:file:/opt/opennms/lib/opennms-services-1.10.5.jar!/beanRefContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.context.support.ClassPathXmlApplicationContext]: Constructor threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml]: Invocation of init method failed; nested exception is java.lang.reflect.UndeclaredThrowableException
	at org.springframework.beans.factory.access.SingletonBeanFactoryLocator.useBeanFactory(SingletonBeanFactoryLocator.java:409)
	at org.opennms.core.utils.BeanUtils.getBeanFactory(BeanUtils.java:51)
	at org.opennms.core.utils.BeanUtils.getFactory(BeanUtils.java:93)
	at org.opennms.netmgt.daemon.AbstractSpringContextJmxServiceDaemon.init(AbstractSpringContextJmxServiceDaemon.java:97)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:111)
	at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:45)
	at com.sun.jmx.mbeanserver.MBeanIntrospector.invokeM(MBeanIntrospector.java:235)
	at com.sun.jmx.mbeanserver.PerInterface.invoke(PerInterface.java:138)
	at com.sun.jmx.mbeanserver.MBeanSupport.invoke(MBeanSupport.java:250)
	at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)
	... 13 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'trapDaemonContext' defined in URL [jar:file:/opt/opennms/lib/opennms-services-1.10.5.jar!/beanRefContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.context.support.ClassPathXmlApplicationContext]: Constructor threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml]: Invocation of init method failed; nested exception is java.lang.reflect.UndeclaredThrowableException
	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:288)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1003)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:907)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
	at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1079)
	at org.springframework.beans.factory.access.SingletonBeanFactoryLocator.useBeanFactory(SingletonBeanFactoryLocator.java:397)
	... 26 more
Caused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.context.support.ClassPathXmlApplicationContext]: Constructor threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml]: Invocation of init method failed; nested exception is java.lang.reflect.UndeclaredThrowableException
	at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:141)
	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:108)
	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:280)
	... 36 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daemon' defined in class path resource [META-INF/opennms/applicationContext-trapDaemon.xml]: Invocation of init method failed; nested exception is java.lang.reflect.UndeclaredThrowableException
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1420)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)
	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
	at org.springframework.context.support.ClassPathXmlApplicationContext.(ClassPathXmlApplicationContext.java:139)
	at org.springframework.context.support.ClassPathXmlApplicationContext.(ClassPathXmlApplicationContext.java:105)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
	at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:126)
	... 38 more
Caused by: java.lang.reflect.UndeclaredThrowableException
	at org.opennms.netmgt.trapd.Trapd.onInit(Trapd.java:183)
	at org.opennms.netmgt.daemon.AbstractServiceDaemon.init(AbstractServiceDaemon.java:346)
	at org.opennms.netmgt.daemon.AbstractServiceDaemon.afterPropertiesSet(AbstractServiceDaemon.java:48)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1477)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1417)
	... 54 more
Caused by: java.net.BindException: Address already in use
	at java.net.PlainDatagramSocketImpl.bind0(Native Method)
	at java.net.AbstractPlainDatagramSocketImpl.bind(AbstractPlainDatagramSocketImpl.java:95)
	at java.net.DatagramSocket.bind(DatagramSocket.java:376)
	at java.net.DatagramSocket.(DatagramSocket.java:231)
	at java.net.DatagramSocket.(DatagramSocket.java:284)
	at org.snmp4j.transport.DefaultUdpTransportMapping.(DefaultUdpTransportMapping.java:99)
	at org.opennms.netmgt.snmp.snmp4j.Snmp4JStrategy.registerForTraps(Snmp4JStrategy.java:453)
	at org.opennms.netmgt.snmp.SnmpUtils.registerForTraps(SnmpUtils.java:173)
	at org.opennms.netmgt.trapd.Trapd.onInit(Trapd.java:172)
	... 58 more

I’m slightly irked that OpenNMS’s discovery daemon relies on ping replies to determine what node to stop and scan deeper. One way to explicitly scan an interface is to use the send-event.pl tool provided by OpenNMS.

So, I scripted the automated scan of each IP address on my subnet:

#! /usr/bin/perl -w
use strict;
 
foreach ( (1 .. 254) ) {
        my @ipaddy = ('/opt/opennms/bin/send-event.pl','uei.opennms.org/internal/discovery/newSuspect', '--interface', "192.168.168.$_" );
        system (@ipaddy);
}

However, even non responsive IP addresses end up in my items list in OpenNMS now. I’m still an OpenNMS noob, so I’m looking for something that I know I must be missing.

My ultimate goal is to scan the network several times a day looking for new devices that might not be responsive to ICMP echo requests. If I have to automate the deletion of empty items, I’ll do it. Don’t make me go all DBD::Pg up in this house!!

Actually, I think the answer likes in a concept in OpenNMS called “provisioning.” Maybe.

I just read an article that made me fear for the state of our nation. It doesn’t have to do with citizen’s rights, backroom deals, or big corporations. It has to do with storage systems.

In the story “Charges dropped against fugitive doctor, because evidence is using too much space on federal servers” it is exposed that the US government has so much “evidence” against a suspect that it’s taking up 5% of the DEA’s entire storage system. Not knowing what constitutes the DEA’s “storage system” makes me wonder what they’re working with, but the whole thing seems patently absurd.

However, the bureaucratic wound is bathed in the saline of a common technological misperception. Note what the reporter says in the midst of the article:

Part of that limited storage capacity stems from the fact that the DEA has not recently upgraded its storage capacity. An external hard drive with a terabyte of storage can be easily purchased online at outlets like Best Buyfor around $100.

So because Best Buy sells 1TB of storage for $100, then it must be a comparable price for a major agency. I’m not going to get into the deep debate on the true cost of storage or write at length on cloud services. However the confusion around the true cost of storage does get monotonous after some time.

Mention the cost of storage at Best Buy in this article is a bit like saying “Hey, I can get a car for $300 on Craigslist, so what’s the deal with Formula 1 cars being so darned expensive?!”

The topic has been beaten pretty hard on ServerFault too. The Q/A “Why is business-class storage so expensive?” is a good example of that. What one doesn’t see in that Q/A is the original furor that the topic brought up. Originally it was a well trafficked question from a software developer asking why he can’t get storage from the operations side of his department without getting either heavy pushback or heavy chargeback.

The response was a bit heated with some snarky jabs made which caused a canonical answer to be made that was heavier on facts and lighter on diatribe. The point that impressed me was that, even within the ranks of professional IT workers, the topic of storage and its real price is scarcely understood.

So here’s a suggestion: Let’s never assume that people understand that storage is expensive. Let’s always be ready with simple facts and bullet points to illuminate people to the true cost of storage. Let’s never be afraid to expose the true cost of storage. Certainly you can do some amazing things with free OSs, ZFS, and commodity hardware. However, even that, if done properly, is going to cost more than I think many people are expecting to hear for a few TBs of storage.

Oh, and if any one of my readers who work at Yahoo know reporter Eric Pfeiffer, take him out to lunch and help him realize that Best Buy is no indicator of the true cost of business class storage.

CyberArk is at it again. Last year they had a SysAdmin Day contest that asked the question ”What is your greatest enterprise IT accomplishment in the past year?” This year they’re asking a new question and offering prizes for the best answers. It’s part of their 2012 SysAdmin Day Twitter contest.

So What’s the Question This Year?

The question that CyberArk is asking of SysAdmins for their 2012 Twitter contest is:

“What skills and experience have you gained in the past year that will most help you in the coming one, and why?”

Prizes? WHOWHATHUH?

There are going to be three winners; a grand prize winner and two runner ups. To the grand prize winner a shiny new Amazon Kindle Fire will be awarded. To the two runners up, a $50 Amazon gift card will be awarded.

Okay, but what do I do to win?

First, you need to read the official rules.

Since this is a Twitter-based contest you’ll need to have a Twitter account. Then, ponder the question above. What have you learned in the past year that will be of most use to you in the coming year? When you come to an answer, tweet it to @Cyberark and use the #SysAdminDay hashtag. The format for your tweet would then be “#SysAdminDay @cyberark RESPONSE”

If the 140 character limit is just too cramping, then you can go to CyberArk’s blog post about the 2012 SysAdmin Day contest and elaborate on your tweet. Keep in mind that commenting on the blog is not a requirement, but rather a suggestion.

Here is the timeframe information for the contest:

The contest will begin at 9:00 a.m. ET on Tuesday, July 24th and will conclude at 4:00 p.m. ET on Thursday, July 26th. Responses will be monitored throughout the week. The winner will be announced by 1:00 p.m. ET on Friday, July 27th by @cyberark through a series of Tweets and a post on Cyber-Ark’s blog.

You must also be following @CyberArk to be elligible.

Limit one Tweet (entry) per participant; any user that creates and/or uses multiple accounts to participate will be deemed ineligible. Re-Tweets from other users are encouraged, however.

To be eligible to win and receive the kindle, participants must be followers of @Cyberark on Twitter. Prize information will be sent via Direct Message.

Of course, please check out the official rules and limitations for yourself to make sure that you’re all squared up.

Judges

Your submission to the contest will be reviewed by three people who will ultimately choose the grand prize and runner up winners. They are:

• Matt Simmons of SysAdmin blogging fame over at www.Standalone-Sysadmin.com among other distinguishing pursuits.
• Nicolas “Cole” Lavallee - Renaissance Man style SysAdmin for NetApp who has experience hacking anything that plugs into a wall.
• Me! Yep, me.

 Let the Tweeting Begin!

Go and think about what you’ve learned in the last year that you think will be of most value to you in the next year. Is it scripting? Some kind of framework? A project management methodology? Finally groked everything there is to know about your preferred directory service? Whatever it is, go tell @CyberArk about it. Even if you don’t win anything, you’ll be an inspiration to your fellow SysAdmins.