williamhathaway.com

I just saw a post from Bill Krazter about searching for his first post on usenet.  This got me thinking about my activities and I google stalked the resume I sent out on misc.jobs.resumes on June 9th 1995.

Kind of interesting to look back at how I thought of myself 14 years ago.  The text formatting got a little dorked up in the translation.

Hi,
I've just gotten a Bachelor's degree in Computer Information Science,
and am looking for employment as a programmer or assistant sysadmin
in a UNIX shop.  I have very good C skills, have done a pretty fair
amount of "lower-level" unix coding for both the computer services dept
at Kutztown, and for my personal use (i.e. wrote a finger utility when we
switched OS's, and Dynix's finger was broken, wrote a user watch program
that notified me when friends logged onto any of the networked machines
here, and a process reaper to help kill runaway programs).  I'm a quick
learner and always enjoy exploring new areas. I have good verbal/written
communication skills, enjoy beating expectations, and am a team player.
I'd prefer a dress-down environment, and to work in the Philadelphia/Princeton
area.   If it sounds like I might be a decent match for your business,
please get in touch.  Thanks for your time.
-Bill
hathXXXX@kutztown.edu
+++++++++++++++++++++++++++++++++++++++++++
++
William D. Hathaway
4XXX George School
Newtown, PA 18940
215/860-XXXX
OBJECTIVE   An entry level position as a system adminstrator/programmer.
EDUCATION   Kutztown University, Kutztown Pennsylvania
Bachelor of Science in Computer Information Science
Concentration: Business
GPA: 3.34/4.00
May 1995
COMPUTER
KNOWLEDGE   Operating Systems: UNIX (SunOS/Solaris,Dynix,OSF/1,Linux),
MSDOS,MacOS,Windows
Languages        : C,C++,Ada,pascal,COBOL,80x86 assembler,
perl,shell scripts,lex,yacc
Programmed in C since September 1992.
Extensive working with UNIX since January 1992.
Adminstered own Linux machine since February 1993.
RELEVANT
COURSES     Internetwork Programming (independent study)
Data Communications          File Structures
Compiler Design              Algorithm Analysis
EXPERIENCE  Student Programmer/Consultant September 1993 - May 1995
Kutztown University Computer Services, Kutztown PA.
* helped network adminstrator pinpoint/fix problems
* individualized tutoring about UNIX/internet
* wrote various utility programs
ACTIVITIES  Lacrosse Team
Kutztown University Computer Association
REFERENCES  Available upon request

The dpconf command for managing DSEE Directory Proxy Servers (DPS) shows you a lot of information about the ldap-data-sources (the back-end directory servers), including whether or not they are administratively enabled or disabled.  One status that I couldn’t find was whether a given back-end server was actually considered on-line by the DPS itself.  It turns out the current status information is available, but only by digging through the cn=monitor entry on the DPS instance.  Bear in mind you will need to authentication as the proxy’s root DN (default is “cn=proxy manager”) to dig it up.   Also, it appears that logic that implements cn=monitor doesn’t hande all search criteria perfectly, so we will use a little bit of grep magic to reduce the result set to what we want.  Here is an example ldapsearch to get the current status of servers:

ldapsearch -D “cn=proxy manager” -j ~/.dmpass -b cn=monitor serveravailable=*  \
| egrep “^backendServer|^serverAvailable”

backendServer: testdscc01:3998/
serverAvailable: true
backendServer: testds05:389/
serverAvailable: true
backendServer: testds06:389/
serverAvailable: false
backendServer: testds07:389/
serverAvailable: true

In this case it would be good idea to check testds06 and see if the server is down, or perhaps it is failing a DPS health check for some other reason.

If you want to dig a little deeper into cn=monitor, you can find a lot of detailed information about the thread that is monitoring a particular data source. Here is an example of one pointing to an LDAP server that is unavailable:

dn: cn=Proactive Monitor for testds06:389/,cn=Monitor Thread,cn=Resource,
 cn=testdps01:/opt/dsee/instances/dps,cn=Instance,cn=DPS6.0,cn=Product,cn=monitor
objectClass: top
objectClass: extensibleObject
cn: Proactive Monitor for testds06:389/
started: true
running: true
startTime: [03/19/2009:12:20:36 -0700]
operationalStatus: OK
statusDescription: The monitor thread is fully operational
threadId: 19
threadStack: java.lang.Thread.sleep(Native Method) /  com.sun.directory.proxy.server.ProactiveMonitorThread.runThread(ProactiveMonitorThread.java:122) /  com.sun.directory.proxy.util.DistributionThread.run(DistributionThread.java:225) /
backendServer: testds06:389/
serverAvailable: false
checkInterval: 30000
additionalCheckType: op connection
totalChecks: 594
availabilityChecksFailed: 2
additionalChecksFailed: 0

I’m working on an environment for a customer where we are using Directory Server Enterprise Edition (DSEE) and ZFS.   On the DSEE side, my co-worker Mitch and I were inspired by Ludovic’s post a while back about setting up command line completion for  dsconf and dpconf.   One small item Mitch noticed was that in the original examples, if you had a command name that didn’t contain a hypen (like dsconf import), it wouldn’t be completed (but command like dsconf get-server-prop would be).

Here is what Mitch came up with:

for cmd in dsconf dsadm dpconf dpadm; do
  complete -W "`$cmd --help | \
    perl -lane 'print $F[0] if \
      (/^The accepted values for SUBCMD/ .. \
       /^The accepted values for GLOBAL_OPTS/ \
       and not /^The /)'`" $cmd
done

For ZFS, check out this script on Big Admin by Mark Musante.
Mitch did a small update to the script which made the list of sub-commands on the fly to account for additions. Mitch’s updated version is available here.

Clio and I went to see the Chinese National Acrobatic Troupe at the Hershey Theatre last night.  It was an absolutely amazing show.  We’ve seen a bunch of the Circ de Soleil shows in Vegas and while those had a higher production value (and crazy tilting stages or water mechanics), the Chinese acrobats showed  an incredible amount of human talent.  My jaw kept on dropping every time they did a new scene. I’d highly recommend seeing them if they are touring in your area.

Mon: 5 miles with Jon around Camp Hill

Tue: 4 miles with Nate, Jon, Cali, Mark and Josh  along the riverfront and then ate at Passage to India

Wed: off

Thu: 5 miles with Jon around the Conodoguinet Creek

Fri: off

Sat: 8 miles at Conewago by myself (averaged about 7:50/mile pace, my Garmin lost .13 miles)

Sun: 6 miles with Nate at the Newville rail trail

Total for the week: 28 miles

Adam Leventhal just blogged about a new form factor for solid state drives that will be announced soon called the ‘Open Flash Module’.  From the picture, it looks like the form-factor is based around SO-DIMM (commonly used in laptops).  I’m excited to see this since the most common form factor now is 2.5 inch or 3.5 inch drives that connect to SATA/SAS/SCSI/FC bays, which is great for compatibility (physical form-factor as well as drivers), but is a huge waste of potential density.  The new form-factor should allow you to have much greater density and boost bandwidth/reduce latency compared to current implementations.  One thing I am curious about though is the ability to hot-plug a form-factor like this which seems like it will be plugging straight in to a motherboard.

Update: Sun just posted more information about it here.  Initial capacity will be 24G with a 64M DRAMM buffer.

There are quite a bit of fixes in the DSEE 6.3.1 patch that was released in the last few weeks.  If you use Sun’s Directory Server or Directory Proxy Server, you should definitely check out the release notes.

Mon – off

Tues – 4 miles with Nate along the PennDOT/Greenbelt trail

Wed – 7 miles with Jon, Tex, and Cali

Thu – off

Fri – 2 miles along the PennDOT/Greenbelt trail (and had a good night bowling, got my first 200 game in about 2 years!)

Sat – 7 miles at the Geisinger Humdinger trail race with Jon.

As expected, I wasn’t as quick as last year (I’m a little heavier and have averaged about 1/2 the miles/week), but I had a good time at the race.  The weather was a close-to-perfect 50s when we started and unlike last year’s snow-covered romp, the trail was all dirt, rocks, mud, and the occasional downed tree.  It was a fun experience and felt really nice to run a race again.

Sun – 18 minutes on the elliptical at home

Total for the week: 20 miles running, 1 light elliptical workout.

Yesterday I spent some time helping a developer who is creating a tool for synchronizing accounts between a RDBMS and an LDAP server and thought I would document the process.  The tool basically makes a request to the RDBMS for all the accounts sorted by a specific attribute, then makes a similar request to the LDAP server.  The customer expected the number of records to max out at about 200,000 entries.

The first thing we did was spin up local copies of Mysql and the LDAP server.  I’m not going to document the mysql part since there are a million pages available on that.

Note that the DSEE 6.3 binaries were already installed on my test machine under /opt/dsee6.  I personally prefer the zip based distribution.

Here are the steps for the LDAP server:

Step 1 – create a new instance and add a suffix for the data

# export PATH=$PATH:/opt/dsee63/ds6/bin

# dsadm create -w /tmp/dspassword /data/ds3

# dsadm start /data/ds3

# dsconf create-suffix dc=example,dc=com

Step 2 – create an sample LDIF with 200k entries

# cd /opt/dsee63/dsrk6/bin/example_files

# cp example.template 200k.template

# vi 200k.template (change numusers value to be 200000 and added employeeNumber as a sequentially valued attribute)

 # ../makeldif -t 200k.template -o 200k.ldif

Step 3 import the sample data

# dsadm stop /data/ds3

# dsadm import -i /data/ds3 /opt/dsee63/dsrk6/bin/example_files/200k.ldif

 # dsadm start /data/ds3

Step 4 create an account with proper settings

We created an account uid=dbsync,ou=admins,dc=example,dc=com that will be used by the application to perform the search and updates.

Note that we had to adjust 2 attributes on the dbsync account. We added the following operational attributes/values:

nsSizeLimit: -1

nsLookThroughLimit: -1

We also added an ACI to the ou=people,dc=example,dc=com branch giving the dbsync user  full permissions.

aci: (targetattr !=”aci”)(version
3.0;acl “db sync – full permissions”;allow (all)(userdn = “ldap:///uid=dbsync,ou=admins,dc=example,dc=com”);)

The tool was now able to pull back all 200,000 entries, but was not able to make server-side sort request.

To enable server-side sorting we had to create a VLV index.

Step 5 – VLV index creation

We used the following LDIF to create a VLV index sorting on employeenumber

dn: cn=people_browsing_index,cn=example,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: Browsing ou=People
vlvBase: ou=People,dc=example,dc=com
vlvScope: 1
vlvFilter: (objectclass=inetOrgPerson)
aci: (targetattr=”*”)(version 3.0; acl “VLV for Anonymous”;
allow (read,search,compare) userdn=”ldap:///all”;)

dn: cn=Sort employeenumber,cn=people_browsing_index,
cn=example,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvIndex
cn: Sort employeenumber
vlvSort: employeenumber
We then had to use dsadm to create the index

# dsadm stop /data/ds3

# dsadm reindex -l  -t “Sort employeeNumber”  /data/ds3 dc=example,dc=com

# dsadm start  /data/ds3

After these changes the tool was now able to query all 200,000 entries and have the server return it as a sorted list.

We also ended up doing 2 small performance tweaks to the server, but these weren’t strictly required:

dsconf set-server-prop db-env-path:/tmp/ds_cache

dsconf set-server-prop db-batched-transaction-count:5

dsadm restart /data/ds3