Archive for the 'Open Source' Category

Firefox 3 Download Day
Posted: 11:58 am
June 17th, 2008
Open Source

180x150_02 Firefox 3.0 is being released today and the folks over at Mozilla want to set a Guinness Book World Record for most downloads! So aside from being a fantastic browser you also get to be a part of history!

Check it out:

Read the whole post...

Firefox 3.0 RC1 is out!
Posted: 5:18 pm
May 17th, 2008
Open Source

I’m generally not a fan of beta testing browsers because its hard enough to get reliable rendering even on solid releases but Firefox is worth making an exception for. Today the Mozilla Foundation released Firefox Release Candidate 1 and the list of enhancements is remarkable.

With Firefox and developments with Adobe AIR the webapp world has never been more exciting.

Read the whole post...

Load Balancer Fun
Posted: 9:36 am
December 12th, 2007
IT Business, Linux, Open Source

I really don’t like talking smack about my competitors both because I know how difficult of a task we all have always being a step behind spammers and I choose to put my energy into building our own products. After all, with all due professional respect, nobody has unplugged more of their appliances than me.

But yesterday I had a particularly frustrating day of learning more about Linux load balancing than I particularly wanted to. And after several hours of piecing together the concepts through Google and outdated documents and technologies I figured – screw it, I’ll just go buy one from them and move on to one of the other billion projects I have on my desk. I look at the model breakdown and the first thing that strikes me is obvious hard locks in the appliance to limit the number of real servers so you’d have to upgrade to the higher model just because. Ok, fine, what’s $500 wasted on top of $1499? So I go to the order form and they got more fees – multiyear IDS protection subscriptions.

Ok, so now this is just getting ridiculous. So I figured let me hit up chat and see if there is “I’m not a sucker” form. So I ask politely, “Can I buy your load balancer without the extended support contract?” and instead of saying yes or no, he/she responds with “I can send you more information about that, what is your email address?” and I say “No thanks, I don’t want you spamming me, I am buying right now I just want to know if its possible to get it without the energizer updates”; They let me sit around for a minute or two and come back with the barrage of questions: “The updates come with IDS, blah, blah, blah” and I respond with “I just need a load balancer, can I please just order one without updates” and they say “No.” and close the chat faster than I can even blink.

So suffice to say they lost that order. I mean, I can understand that they are crooks and are using the same deceptive advertising that has been available from the beginning of time – low advertised price but by the time you get to the counter you end up paying almost double. And would I have paid $2K? Yeah. But after that treatment I won’t. And this is perhaps yet another reason why you don’t want to be a sales prick, you just might end up pissing off the guys that run data centers and will now spend another day trying to figure it out – and when they do, you will lose a hell of a lot more than the $399 or whatever bs markup it was.

So that’s the lesson for the day: Don’t be a prick when people are trying to give you money. You can still sell by saying “no”  but you can’t sell if you’re throwing customer out of the store.

Anyhow, if you’ve got Linux Kung Fu, this is what I’m trying to do:

ipvsadm -A -t -s wrr
ipvsadm -a -t -r -m -w 1
ipvsadm -a -t -r -m -w 1

Stock CentOS 5 (RHEL 5) 2.6.18 kernel with net.ipv4.ip_forward turned on and I have a public IP that I want to distribute traffic over the two real servers with direct return (direct path return) with both real servers on the public range. The load balancer is at and here is the tcpdump:

08:29:33.214112 IP (tos 0x0, ttl  64, id 5746, offset 0, flags [DF], proto: TCP (6), length: 60) > S, cksum 0x4bde (correct), 2861789973:2861789973(0) win 5840 <mss 1460,sackOK,timestamp 64775527 0,nop,wscale 7>
08:29:33.214171 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) > S, cksum 0x1f4c (correct), 3193828587:3193828587(0) ack 2861789974 win 5792 <mss 1460,sackOK,timestamp 377709289 64775527,nop,wscale 2>
08:29:33.214179 IP (tos 0x0, ttl  64, id 5747, offset 0, flags [DF], proto: TCP (6), length: 52) > ., cksum 0x6485 (correct), ack 1 win 46 <nop,nop,timestamp 64775527 377709289>
08:29:33.214232 IP (tos 0x0, ttl  64, id 5748, offset 0, flags [DF], proto: TCP (6), length: 52) > F, cksum 0x6484 (correct), 1:1(0) ack 1 win 46 <nop,nop,timestamp 64775527 377709289>
08:29:33.214753 IP (tos 0x0, ttl  64, id 38405, offset 0, flags [DF], proto: TCP (6), length: 52) > ., cksum 0x5f0a (correct), ack 2 win 1448 <nop,nop,timestamp 377709289 64775527>
08:29:33.218077 IP (tos 0x0, ttl  64, id 38407, offset 0, flags [DF], proto: TCP (6), length: 117) > P 1:66(65) ack 2 win 1448 <nop,nop,timestamp 377709293 64775527>
08:29:33.218091 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) > R, cksum 0x33d0 (correct), 2861789975:2861789975(0) win 0
08:29:33.218095 IP (tos 0x0, ttl  64, id 38409, offset 0, flags [DF], proto: TCP (6), length: 52) > F, cksum 0x5ec4 (correct), 66:66(0) ack 2 win 1448 <nop,nop,timestamp 377709293 64775527>
08:29:33.218102 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) > R, cksum 0x33d0 (correct), 2861789975:2861789975(0) win 0
08:29:33.222272 IP (tos 0x0, ttl  64, id 23742, offset 0, flags [DF], proto: TCP (6), length: 60) > S, cksum 0xb04d (correct), 2865052113:2865052113(0) win 5840 <mss 1460,sackOK,timestamp 64775535 0,nop,wscale 7>
08:29:33.222380 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) > S, cksum 0xb60a (correct), 2798131280:2798131280(0) ack 2865052114 win 5792 <mss 1460,sackOK,timestamp 408392 64775535,nop,wscale 2>
08:29:33.222396 IP (tos 0x0, ttl  64, id 23743, offset 0, flags [DF], proto: TCP (6), length: 52) > ., cksum 0xfb43 (correct), ack 1 win 46 <nop,nop,timestamp 64775535 408392>
08:29:33.222476 IP (tos 0x0, ttl  64, id 23744, offset 0, flags [DF], proto: TCP (6), length: 52) > F, cksum 0xfb42 (correct), 1:1(0) ack 1 win 46 <nop,nop,timestamp 64775535 408392>
08:29:33.223193 IP (tos 0x0, ttl  64, id 8985, offset 0, flags [DF], proto: TCP (6), length: 52) > ., cksum 0xf5c7 (correct), ack 2 win 1448 <nop,nop,timestamp 408393 64775535>
08:29:33.242440 IP (tos 0x0, ttl  64, id 8987, offset 0, flags [DF], proto: TCP (6), length: 117) > P 1:66(65) ack 2 win 1448 <nop,nop,timestamp 408412 64775535>
08:29:33.242454 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) > R, cksum 0x9847 (correct), 2865052115:2865052115(0) win 0
08:29:33.242458 IP (tos 0x0, ttl  64, id 8989, offset 0, flags [DF], proto: TCP (6), length: 52) > F, cksum 0xf572 (correct), 66:66(0) ack 2 win 1448 <nop,nop,timestamp 408412 64775535>
08:29:33.242465 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) > R, cksum 0x9847 (correct), 2865052115:2865052115(0) win 0

I see the connection come up, and the weights look right:

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP wrr
  -> i246 Route   1      0          0        
  -> i242 Route   1      0          1 

So I’m missing something here… If you can see it from there, let me know.

Read the whole post...

Howto: Speeding up AJAX web applications with htaccess and mod_expires
Posted: 12:56 am
December 4th, 2007
Mobility, Open Source, Shockey Monkey, Web 2.0

After the millionth time of watching my mobile phone choking on loading quarter meg of Javascript of Shockey Monkey’s new mobile rich interface I finally remembered the pain while searching for my lost Blackjack earlier this afternoon. Not only did Katie find it (love yooou honey!) but I also sat down to finally put the pesky Javascript static-code reloads to a grave.

Here is an article on how to use Apache’s mod_expires to enforce selective caching of javascript files.

That sounded like a mouthfull. Here is what it means: I telll your browser how long it needs to cache my Javascript code. One day? One month? One year? My call. By telling it which Javascript libraries do not change often I can force it to cache them and not have to download them every single time. Faster load times, less bandwidth, more efficient experience. And hopefully less need for a phone warranty as you watch that GPRS ghettonet connection struggling with the last few K worse than a fat man with the 26th mile of the marathon.

P.S. Yes, of course I am still working on Shockey Monkey! Lack of hype does not translate into lack of development, there are over 4,000 people using, you didn’t think I’d just let that slide did you? Geez.

Read the whole post...

Compiz and Beryl Merge
Posted: 2:15 am
April 6th, 2007
Linux, Open Source

Perhaps one of the best developments in the Linux GUI world in quite some time, two of the biggest projects that bring eye-candy to Linux are getting together! If you’ve never seen Beryl in action just search YouTube for it, it will blow you away.

And just in case you’re thinking – so what, what kind of an idiot is impressed by the shiny objects? Well, how do you explain Vista and every single Mac user? UI usability is big, and this is a sign that things like Gnome and KDE now get to stand shoulder to shoulder with the others.

Read the whole post...

Fun with Fsync & Bind Mounts
Posted: 2:10 am
September 19th, 2006
Open Source

ShagadelicThe answer to “Why don’t you blog about your work Vlad” and the final dagger in the back of my female audiences libido: moving sendmail spools to tmpfs.

First off, why bother? Well, with the ram being as cheap as it is and finally some solid hardware and software tmpfs is really getting a lot of play. It also helps when yours truly wakes up from an one hour nap and finds a node with 68,000 messages waiting in the spool because of poor disk performance. Talk about a motivator to work on optimizing the mail stream!


Doin’ it the wrong way

The first step is to actually create a tmpfs disk and mount it.

/bin/mount -t tmpfs tmpfs -o size=256M,nr_inodes=1M /var/spool/

That works. This creates a 256MB ram disk and mounts it in /var/spool/ Start up sendmail and everything works fine until mail has to be moved around and processed. Then you get bit in the ass by fsync errors (fsync is enabled by default on the 2.6 kernels). Time to turn that beast off:

  # override compile time flag REQUIRES_DIR_FSYNC 
 O RequiresDirfsync=false

Now we got the ramdisk, we disabled fsync, it should work now without a problem, right? Heh. Nope. Sendmail queue’s need to be on the same filesystem and same partition. If they aren’t sendmail starts complaining and poof.


Doin’ it the right way

This one actually belongs to my bud Pablo who has hacked in bind mounts on pretty much every box I’ve ever had. Bind mounts function similarly (or exactly) like folder mounts with NTFS, a folder (or directory) from one file system can be seen at another point on another file system. Go Pablo: 

mkdir /var/sendmail/tmpfs
mount -t none /var/sendmail/tmpfs

mkdir /var/sendmail/tmpfs/mqueue
mkdir /var/sendmail/tmpfs/

mount /var/sendmail/tmpfs/mqueue /var/spool/mqueue -o bind
mount /var/sendmail/tmpfs/ /var/spool/ -o bind


So to sum it up

First, thank god I found a woman to marry me because girls don’t respond well to pickup lines referencing linux filesystem optimization. Second, moving sendmail to tmpfs really helped, remarkably. In the few hours since the tweak the load average really went down – Linux calculates the load average by the amount of cycles all running processes take up – so if a ton of children are fired up and waiting on IO for something the load goes through the roof. Memory and IO really improved as well but you’ll have to take my word for it because the output from vmstat looks hella ugly. See why I don’t write about what I do?

Read the whole post...

Good intro to MySQL
Posted: 11:53 pm
August 3rd, 2006
Linux, Open Source

Needed to get some air and clear my head.. so I went to the local Linux User Group ( mostly because its one of the few places I can go to without looking like a human being. No shaving, no haircut, no problem – dirty jeans and “I read your email shirt” and I’m out the door.

Kevin Korb presented a very nice introduction to MySQL and SQL in general. He has a writeup here. Take a look at it, the paper is a pretty comprehensive description of the basics to get you started. MySQL is a powerful SQL server and yes, it runs on Windows too. Check it out.

Read the whole post...

Which Office is Cheaper?
Posted: 2:49 pm
May 3rd, 2006
Open Source

Untitled document

Get legal. Get OpenOffice.orgThe free one or the commercial one? Alright, so it's a trick question but a fairly legitimate one as Microsoft continues to wage a war against piracy. Let's for a second assume that the person running a pirated version of Office is indeed a criminal and not an innocent bystander that bought it from some OEM email that made it through the spam filters. Do you think they will A) Steal Office 2007 or B) Go legit with OpenOffice? 

This is probably the true indication on whether Office users actually use and appreciate most features available in Office 2003 any beyond. I personally do not use even 10% of things beyond Outlook. I'm a very "IT Basic" user and do not even have PowerPoint, FrontPage, Project and the rest of the extended family installed on my main workstation. For me though, Outlook is the glue that holds them all together. With Microsoft integrating the remainder of their family into each and every app, then integrating the entire platform into it would seem that the 10% will shrink to even less.

I've looked at Open Office time and time again and I just do not like it. It feels like Claris Works that we were forced to use on Mac's because the school system made a poor purchasing decision and trained its students on something they will never see in the real world. But in spite of that, I hold on to my Outlook. I use notepad more than I use Word, yet I have this $500 thing on my desktop. So OpenOffice folks, please, why don't you take a lesson from Microsoft interface design team and make OpenOffice 2 look more like Office 2003. If people didn't know there was a difference in what they are looking at (like Firefox), perhaps they would not see the difference and actually switch.

Read the whole post...

Oh sweet RSS Irony
Posted: 7:50 pm
March 16th, 2006
Open Source

So I'm going through my local Linux user group mailing list and a thread with the subject "[GoLugTech] Is this do-able in linux?" pops up. Alright, I'm intrigued if something can be done with Linux, what do you need? Are you curious too? Is that awesome or what?

Read the whole post...

WTF is a WMF?
Posted: 9:44 am
December 28th, 2005
Microsoft, Open Source

Don't you just love the acronym land? Did you know that there is actually a person at Microsoft whose sole job is to manage the list of acronyms that Microsoft uses (TLA)? If you didn't then please add that to the worthless knowledge you now possess. But why talk about acronyms today? Well, mostly because there is a 0 day exploit of another Microsoft file format that makes your Windows XP system wide-open for hackers if you made some bad decisions. On top of those is still using Microsoft Internet Explorer to surf the Internet – what in the world are you thinking? How many times do you have to stab yourself to bleed to death? If you know the answer to that please download Firefox today and say goodbye to IE-borne online threats. The second mistake, perhaps, is not updating the Firefox you already have installed on your computer. If you are running Firefox 1.0.4 or earlier on Windows you are still vulnerable (though you'll have to hold the knife and push in order to impale yourself in that scenario). So if you use Firefox remember that its not made out of titanium, its software, and software is broken no matter who writes it. So upgrade Firefox to 1.5 if you already have not. Now on to the actual knife – the 0 day exploit in WMF. WMF is a windows metafile format and pretty much only used by Office to store clipart and such. Well, today it joins the long line of exploited Microsoft formats that are no longer welcome in any mail system (along with .ico, .bmp, .hlp, etc) so please do not open wmf files, especially from third-party, untrusted web sites. The exploit is currently being used to distribute the following threats: Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Small.ev There is no known patch and you'll be waiting until at least the second Tuesday (patchday) of January to get this fixed so do something about it today. Install Firefox and stop clicking on WMF files! Update: Perhaps you don't have the time to switch your entire client base to Firefox today. Fair enough, Jesper Johansson has a post on how to restrict which extensions can pass through your ISA 2004 firewall. If your office does not have a firewall solution… well, you need to fire your network administrator. It is easy, look at the blog comments, I fired entire Microsoft Internet Explorer team today. Update 2: Ok, this appears to be a very sensitive subject for a lot of people, judging by the amount of you that have chosen to contact me. So let me come out one more step. Jokes aside. Folks, don't be afraid of the comments, what you say to me is between you and me, what you post in the comments is seen by everyone. If you feel strongly about something, VOICE it. Remember that the IE team dropped all development of Macintosh version of IE, then outright said it would not develop anything for XP anymore and everyone would have to upgrade to Vista, then they slacked away on security work and instead focused on visual issues while they got spanked on features by Firefox (which is why I switched) and finally its frequent posts like this one pointing to it. The Internet Explorer team needs to be punished, severely, for slacking away and compromising your computer and data security. This is not the case with almost any other Microsoft product. Will Bill fix it? Not as long as you continue to take it and not vote with your feet or at the very least tell them you are not happy with the risk they are placing on your computer. Step back, compose your thoughts and feelings and ask yourself one very simple question: If the manufacturer of your front door lock saw web sites giving away the key to your door, would you wait 2 weeks (Patchday, second Tuesday of January) or over a year (Windows Vista) to change that lock?

Read the whole post...







Divider Divider