Alex Mikhalev blog

Colleague of mine came with strange bug: 1. * i am opening python shell, and sending request User.objects.all() It returns valid information * then i’m adding user via web site * then i send request User.objects.all() again and new user is missing. If i will reopen shell then everything will be ok

1. when i’m running “python manage.py test name_of_application” creating and deleting database takes too long Percona Server version: 5.5.15-55 Percona Server (GPL), Release 21.0 We decided that Postgres will be better and switched to it

Tags: django, MySQL, percona, postgres

Simple task like setting up monitoring with monit for rabbit mq include two parts: 1) As discussed here Modify /etc/init.d/rabbitmq-server

2) Add this to monit configuration file:

Tags: monit, monitoring, rabbitmq, rabbitmq-server

Few days ago I realised that my django installation in production started producing too many memory errors – thanks to monit memory alerts were filling my mailbox without any serious service interruption. But hundreds email messages daily annoyed me enough to look deeper into trouble.

Read more…

No tags for this post.

Recently, I decided to have a closer look at Riak non-sql database, but found out that unlike CouchDB riak doesn’t have a HTTP basic auth implemented, or any other way of defining secure access to database.

I have three servers to build a cluster, but I feel very uneasy leaving open ports and full access to database to everyone in the world. The best practice guide here lists all ports necessary to secure riak installation, but messing with iptables didn’t feel like compelling idea.

So I decided to set up a VPN and only make riak nodes available on internal network inside VPN. Again, system administration is my hobby rather than the main job, so VPN installation should be straightforward and simple.

That’s how I found absolutely amazing product – n2n – Peer-to-Peer VPN network. I used svn version, but it is in standard ubuntu repos. I suggest install n2n network first, then configure cluster later(obviously I did it other way around,but you don’t have to repeat my mistakes). I successfully installed n2n on 3 Ubuntu Lucid 10.04.2 and Mac OS X Leopard and Snow Leopard.

1) Step 1. Prepare supernode (Linux):

sudo aptitude install uml-utilities #user mode utils
sudo tunctl -t tun0 # create tun0 interface
sudo aptitude install quilt libssl-dev #necessary libraries
svn co https://svn.ntop.org/svn/ntop/trunk/n2n #checkout trunk
cd n2n/n2n_v1/
make

So far everything straightforward.

Step2. Start supernode:

./supernode -l 1222 -v

“-v” indicate verbose output, supernode is a daemon, so no need to nhop etc.

Step3. On any other machine (not supernode), for linux follow step 1, create tun0 interface, then

For linux client “-d” is compulsory and should pass already created tun0 interface after that. new_node_internal_ip – new internal IP, my for example in range 10.0...

“-k secretkey” – you network encryption key. Should be common between nodes.

Then most important part – wait. Looking at verbose output of supernode and edge, edge should have:

"Registering with supernode"
Received REGISTER_ACK from remote peer [ip=*:1222]

for successful registration. Every time when you shutdown/restart edge or supernode it takes some time to re-register. Depending on the network it can take from few seconds to a few minutes. If you shutdown supernode, all clients should re-register, which can take up to 5 minutes.

Next repeat step 1 and 3 for other linux client for example. Do not try to install edge client on supernode until you have at least two other nodes and you can ping each other on internal ip. Replace “-v” with “-f” once configuration is fully functional.

If you want to add Mac OS X client, install tun/tap driver for mac os first from here, then

sudo ./edge  -a new_node_internal_ip -c myVNPnetwork -k secretkey -l supernode_ip:1222 -v

no need to pass parameter “-d”.

Now, assuming you have successfully installed at least two clients and have pinged each other over internal network, adding supernode computer as a node edge:

“-r Enable packet forwarding through n2n community” is important parameter here and that was the only way how I manage to add edge on supernode computer. This is enforces all packets to go via supernode ( Usually supernode acts only as an information exchange for other nodes, and encrypted connection formed between two edges directly ( remember it’s p2p network), but routing becomes messy if you connect edge node on same computer which runs supernode – other edge clients can’t see edge installed on supernode directly).

Supernode also acts as a router for a nodes behind NAT firewall.

All nodes should be fine and talking, we can go to Basic Cluster setup. For linux:

Then edit “/etc/riak/app.config” and “/etc/riak/vm.args”, put new (internal) IP addresses in appropriate places. If you already had riak installation,

and on other new riak nodes:

Now you should have a secure riak cluster and in my case it is also spread across two datacenters and home. But you still may want to for a trial of Enterprise Riak if you are serious about deploying riak in production.

Tags: linux, Mac OS, Mac OS X Leopard, nosql, p2p, p2p network, riak, secure, security, Ubuntu, Virtual private network, VPN

Selecting python installed from mac ports on leopard works now like this:

Took some time to figure it out as most of the hints on the web don’t work

Tags: darwin, leopard, macports, python

I found myself using more and more of this one-liner for working with couchdb database:

this example retrieves new uuids from couchdb, but I was using it to retrieve _rev of the document before deletion and similar one-off problems.

Tags: ajax, couchdb, Database, javascript, json, parse, uuid

If you wanted to make a select or checkbox element using mustache in couch db and trying to find example, here it is:

Read more…

No tags for this post.

Recently I was asked the number of technical questions which I nearly failed to answer, not because I don’t now the answer, but because I believe such questions require more information about the context. There is a common assumption about the default mind frame with ms windows and C/C+. The assumption doesn’t work for me hence I came out as a non-technical person (I think people who know me a bit will consider it as a joke, since most of the conversations I came out as a mix of geek and scientist).

• Network: what is the difference between port and socket.(I wonder what is the difference between port and file in *unix).
• between process and thread ( not much if you are reading programming erlang. I wonder what answer will be for QNX or other RTOS)

• how many ways to copy file from Linux to windows (I know at least +1 to most common: use netcat)

• Posted using BlogPress from my iPad

No tags for this post.

I just pushed xtreemfs cookbook to my git repo This cookbook automates xtreemfs quick start for ubuntu 10.04. I am using it with vagrant:

Tags: chef, deployment, sysadmin, xtreemfs

I found an interesting way of adding apt repository in hadoop cookbook:

Tags: chef, hadoop, ruby