partrotate_unixtimestamp.pl

partrotate_unixtimestamp.pl

$maxparts = 6; #6 days How long keep the data in the DB
$newparts = 2; #new partitions for 2 days. Anyway, start this script daily!
@stepsvalues = (86400, 3600, 1800, 900);
$partstep = 0; # 0 - Day, 1 - Hour, 2 - 30 Minutes, 3 - 15 Minutes

Mysql partitioning allows a large table to be segmented, storing each segment in a different file. This allows multiple disks to be used for a single table to increase efficiency. This also allows for increased query times when a WHERE statement including the partitioning index includes, allowing mysql to only have to search the records in the relevant partitions and not all the data in the table.

The Mysql database table storing the captures is partitioned using range partitioning by the unix timestamp of the date column. By default, $partstep is defined as 1 day, and so each partition contains one days worth of captures. Every night when the cron job is run, the oldest partition is deleted, and a new partition is created. The "VALUES LESS THAN MAX VALUE" partition always exists as a catchall in case an INSERT is performed with a date before the last specifically defined partition so an error will not be returned.

The partitions are named using the format pYearMonthDayHour with minutes being included in the name if the $partstep is more frequent than every hour ( > 1). p2013081620

PARTITION BY RANGE ( UNIX_TIMESTAMP(`date`))
(PARTITION p2013081620 VALUES LESS THAN (1376784000) ENGINE = MyISAM,
 PARTITION p2013081720 VALUES LESS THAN (1376870400) ENGINE = MyISAM,
 PARTITION p2013081820 VALUES LESS THAN (1376956800) ENGINE = MyISAM,
 PARTITION p2013081920 VALUES LESS THAN (1377043200) ENGINE = MyISAM,
 PARTITION p2013082020 VALUES LESS THAN (1377129600) ENGINE = MyISAM,
 PARTITION p2013082120 VALUES LESS THAN (1377216000) ENGINE = MyISAM,
 PARTITION pmax VALUES LESS THAN MAXVALUE ENGINE = MyISAM)


$maxparts - defines how many partitions will be created in the database. This is a bit confusing because $newparts defines the number of the partitions in the future. So really there are ($maxparts - $newparts) partitions of historical data, plus the partial current day, and ($newparts - 1) partitions covering future days.

$newparts - defines how many of the defined partitions will be in the future. For example when $newparts = 2,

ILOM

http://docs.oracle.com/cd/E19836-01/E20746/z40002821391018.html


The ILOM reset command generates a graceful or forced hardware reset of the server. By default, the reset command gracefully resets the server.
  • Type one of the following commands to reset the server.
    • Perform a graceful reset from ILOM:
      -> reset /SYS
    • If a graceful reset is not possible, perform a forced hardware reset from ILOM:
      -> reset -force /SYS

Cacti

http://docs.cacti.net/manual:088:1_installation.1_install_unix

Name: you may choose your own
Consolidation function: AVERAGE needed
X-Files Factor: always 0.5
Steps: 1 (that is the number of data points to use for consolidation, 1 says: no consolidation at all)
Rows: 115200 = 400 days with 24 hours and 12 data points per hour (= 5 min interval)
Timespan: used for displaying 33,053,184 seconds = about 382 days (taken from other cacti rra)

Name: just suggestive name 
Steps (archiving ratio): how many data points (poll values) are needed to put as one value of the RRA.
For RRA "Monthly" 24 poll values (24 polls * 5 minute between poll = 120 min= 2 hour) will be consolidates as 1 value.
By default one step represents 300 seconds (5 minutes), which is how often data is entered into the rrd file. 
Rows (Hours to store values): how many generations data is kept in the RRA.   

Storage (calculated) default RRAs , 1 RRD = 94 KB (94824 Bytes)
Timespan (used for graphs only): how many seconds to display in graph for this RRA.
X-Files Factor: The amount of UNKNOWN data that can still be regarded as known (= 0.5 always)



TCP-MIB::tcpRtoAlgorithm.0 = INTEGER: other(1)
TCP-MIB::tcpRtoMin.0 = INTEGER: 200 milliseconds
TCP-MIB::tcpRtoMax.0 = INTEGER: 120000 milliseconds
TCP-MIB::tcpMaxConn.0 = INTEGER: -1
TCP-MIB::tcpActiveOpens.0 = Counter32: 5
TCP-MIB::tcpPassiveOpens.0 = Counter32: 157
TCP-MIB::tcpAttemptFails.0 = Counter32: 11
TCP-MIB::tcpEstabResets.0 = Counter32: 4
TCP-MIB::tcpCurrEstab.0 = Gauge32: 0
TCP-MIB::tcpInSegs.0 = Counter32: 9670
TCP-MIB::tcpOutSegs.0 = Counter32: 9881
TCP-MIB::tcpRetransSegs.0 = Counter32: 96

OSX TFTP Server

http://blog.dustinrue.com/archives/655
https://discussions.apple.com/thread/3661529?start=15&tstart=0
http://meinit.nl/how-to-enable-tftp-server-on-mac-os-x

FTP Server Behind Time Capsule

Set server up as "default" host in time capsule using the airport utility. On client use the the "u" flag -u Restrains ftp from attempting ``auto-authentication'' upon initial connection. If auto-authentication is enabled, ftp attempts to authenticate to the FTP server by sending the AUTH command, using whichever authenti- cation types are locally supported. Once an authenti- cation type is accepted, an authentication protocol will proceed by issuing ADAT commands. This option also disables auto-login. # ftp -u ftp.server.com Connected to ftp.server.com. 220 192.168.3.3 FTP server (tnftpd 20100324+GSSAPI) ready. Remote system type is UNIX. Using binary mode to transfer files. ftp> user (username) ftpusername 331 User ftpusername accepted, provide password. Password: 230 User ftpusername logged in. ftp> passive Passive mode off. ftp> mput file.txt mput file.txt? y

Linux Central Authentication

aws iam isn't open to managing resource outside of aws 

https://github.com/denismo/aws-iam-ldap-bridge/blob/master/INSTALL.md was the closest i found and seemed like a giant hac

https://code.google.com/p/openssh-lpk/ - patching openssh to store keys
The OpenSSH LDAP Public Key patch provides an easy way of centralizing strong user authentication by using an LDAP server for retrieving public keys instead of ~/.ssh/authorized_keys.

google authenticator has a cool pam module.. but i need soln that less trendy, more practical
https://code.google.com/p/google-authenticator/wiki/PamModuleInstructions

using ldap to centralize account information and using a configuration management tool like chef or puppet to distribute authorized_keys file doesn't seem to allow for the granularity required. Need to be able to limit which users can access which hosts without complicated exception rules in configuration management tool
http://serverfault.com/questions/471753/what-are-best-practices-for-managing-ssh-keys-in-a-team

Arrived at freeipa.

Upgrading OSX PHP to 5.4.15 with snmp and radius support

By default the new macbook pros ship with an older version of php. Looking back it's hard to remember why I needed to upgrade, but I believe the introduction of namespaces in php came after the version that was shipped with my mac, and consequently I couldn't develop using zend framework 2. I aslo needed to compile with snmp support.

Most of what is needed to accomplish compiling php 5.4.15 (latest stable), I found here:
http://mac.tutsplus.com/tutorials/server/upgrading-the-native-php-installation-on-os-x-mountain-lion/

Quick Summary:
Mac by default doesn't have a good place collect src. Follow *nix traditions...
mkdir /usr/local/src

Prereqs Installed via Brew:
brew install libjpeg
brew install pcre
brew install libxml2
brew install mcrypt

Prereq ICU:
cd /usr/local/src
curl -O http://download.icu-project.org/files/icu4c/4.8.1.1/icu4c-4_8_1_1-src.tgz
tar -xzvf icu4c-4_8_1-src.tgz
cd icu/source
./runConfigureICU MacOSX
make
sudo make install

Prereq imap-2007:
cd /usr/local/src
curl -O http://cursor.uam.mx/mirrors/imap/imap-2007f.tar.gz
tar -zxvf imap-2007f.tar.gz
cd ~/Downloads/imap-2007f
make osx EXTRACFLAGS="arch i386 -arch X86_64 -g -Os -pipe -no-cpp-precomp"
sudo cp c-client/*.h /usr/local/include/
sudo cp c-client/*.c /usr/local/lib/
sudo cp c-client/c-client.a /usr/local/lib/libc-client.a

cd /usr/local/src
curl -O http://us1.php.net/get/php-5.4.15.tar.gz/from/us3.php.net/mirror
tar -zxvf php-5.4.15.tar.gz
./configure  \
--prefix=/usr  \
--mandir=/usr/share/man  \
--infodir=/usr/share/info  \
--sysconfdir=/private/etc  \
--with-apxs2=/usr/sbin/apxs  \
--enable-cli  \
--with-config-file-path=/etc  \
--with-libxml-dir=/usr  \
--with-openssl=/usr  \
--with-kerberos=/usr  \
--with-zlib=/usr  \
--enable-bcmath  \
--with-bz2=/usr  \
--enable-calendar  \
--with-curl=/usr  \
--enable-dba  \
--enable-exif  \
--enable-ftp  \
--with-gd  \
--enable-gd-native-ttf  \
--with-icu-dir=/usr/local \
--with-iodbc=/usr  \
--with-ldap=/usr  \
--with-ldap-sasl=/usr  \
--with-libedit=/usr  \
--enable-mbstring  \
--enable-mbregex  \
--with-mysql=mysqlnd  \
--with-mysqli=mysqlnd  \
--with-pdo-mysql=mysqlnd  \
--with-mysql-sock=/var/mysql/mysql.sock  \
--with-readline=/usr  \
--enable-shmop  \
--with-snmp=/usr  \
--enable-soap  \
--enable-sockets  \
--enable-sysvmsg  \
--enable-sysvsem  \
--enable-sysvshm  \
--with-tidy  \
--enable-wddx  \
--with-xmlrpc  \
--with-iconv-dir=/usr  \
--with-xsl=/usr  \
--enable-zip  \
--with-imap=/usr/local/imap-2007 \
--with-kerberos \
--with-imap-ssl \
--enable-intl \
--with-pcre-regex  \
--with-pgsql=/usr  \
--with-pdo-pgsql=/usr \
--with-freetype-dir=/usr/X11 \
--with-jpeg-dir=/usr  \
--with-png-dir=/usr/X11
make test
sudo make install

modify /etc/apache2/httpd.conf to contain
LoadModule php5_module        libexec/apache2/libphp5.so

sudo apachectl restart

To add radius support, I attempted to install the radius extension using pear which resulted in a compile error. I had to modify one line of in radius.c to correct the extension so it would compile against php-5.4.15.
cd /usr/local/src
curl -O http://pecl.php.net/get/radius
tar -zxvf radius-1.2.5.tar.gz
cd radius-1.2.5
$ phpize
change line containing "function_entry" to "zend_function_entry" to fix compile error that occurred during pear install
$ ./configure
$ make
# make install