hetzner.de hardware policies
So I use Hetzner a lot for my machines, I've about 10 to 15 of their machines now across various clients and am mostly quite happy with them. They provide a service that matches the price - ie. good enough.
One area of their service though really grates me, they give you old machines, when those machines fail they replace them with other old machines similarly for drives etc.
On more than one occasion now have I had hard drives fail only to see them replaced with other shitty drives. Each time they claim the drives are well tested and each time they pull the old 'it could be the cable' trick and then replace the machine and the drive.
Since this has happened to me every single time I've changed a disk so far I have to wonder if this is everyones experience?
From where I sit its simple. They made a choice to take out drives reported broken by someone, they then test it and put it back when their tests fail to find any problem, they do this to save them money knowing full well that drives will fail and all they're doing is shifting the risk onto their clients, while the clients keep subsidizing their expansion.
So given this is the quality of service they're aiming at, surely once this policy bites a good long standing user offering some kind of payback for the inconvenience would be good business practice? Apparently not.
This is pretty poor, even after complaining to them they swapped my chassis and again put a disk with > 6000 hours under its belt in my machine.
So I guess you need to be pretty sure your softraids are setup properly when you want to use this company, their support stand is clear:
I'm sorry but we don't promise anywhere that we built always new hardware into our servers. I can only ensure you that all hardware is always well tested and without any problem before we build it into a server.
Ie., screw you, we don't care for any evidence and repeated failures, and we take zero responsibility for our equipment, we'll just keep taking your money.
Compiling Custom Kernels in Debian
Things aren't how they used to be.
It seems I spent most of the '90s and the early '00s (damn you Y2K!) building my own kernels. The preposterous thought of sticking with the default kernel of your chosen distribution simply never crossed a lot of minds. For one thing, your hardware was pretty much guaranteed not to work out of the box, and RAM was expensive! It was in your best interests to tweak the hell out of the settings to get the best performance out of your hardware, and to avoid compiling in any unnecessary code or modules, to reduce your system memory footprint.
This involved much learning of new terminology and options, many failures and unbootable systems, and many trips to the local steakhouse or coffee shop, since each compile would take hours on your trusty 80386 or 80486.
Things aren't the way they used to be, thank goodness. Chances are, the vanilla kernel you received with your latest Masturbating Monkey Ubuntu 13.0 installation performs well and works with most of your hardware. You don't need to roll your own kernel. In fact, you should probably avoid it, especially if you're thinking of installing servers in a live production environment.
Well, usually. Sometimes, you really need to tweak some code to get the feature or performance you were counting on, or try out some awesome new patch which might just revolutionise the systems you are developing.
I'm a sucker for Debian. I love dpkg and apt(-itude). The package manager is powerful and I enjoy using it. I like everything except building packages from source. It's rarely as straightforward as it should be, and sometimes it's incredibly difficult to obtain a package which installs the same way and into the same places with the same features as the upstream pre-built package that you're supposedly building.
Building kernel packages is worse yet. Far worse. When rolling your own kernel, especially if you don't want the package manager to install the latest version over your own, you are forced to play ball with apt, and you must play by apt's rules.
I've tried a multitude of incantations of dpkg-buildpackage, debuild, make-kpkg, etc. All I want to be able to do is patch the kernel source, make some changes, append a custom version tag, and build a .deb which I can safely install, yet each HOWTO or set of instructions I tried failed to do this to my (misguided?) specifications. I had particularly nasty problems with the grub update post-inst scripts in all cases.
WIRED UK
I was quite excited about the new UK edition Wired. I'm not anymore.
I got my first exposure to the Wired while in school in South Africa, I think the ones we got were months behind the time and stupidly expensive, but hey we had no internet so it all seemed awesomely futuristic and ahead of its time.
The thing though that always stuck in my mind about the US edition Wired were the ads, I can clearly remember ads for Harleys, or weird american Fugly cars, even from the editions I read back in school, the ads were of products we never saw in South Africa, they were kewl, done in a style unlike anything we saw there and all just seemed so, idylic.
Fast forward a few decades, I still buy the US Wired now and then, and I still only remember the ads? Few months ago I bought one, I can clearly remember the ads for Dexter and Californication, but can't really say much about the magazine content otherwise, eventhough I read it end to end and felt interested, even drawn to it at the time. I recall something about malware peddlers? who knows.
Why is that from a magazine that costs 6 pounds I don't remember anything of substance other than the ads? It's because they were different from what I see on the tube, in the cinema, on the tv, on the billboards, they were off far-off kewlness.
Enter Wired UK. The editorial content is still pretty shoddy, the signal to noise ratio is still shockingly poor for a £3.90 magazine literally filled to the brim with ads, except, now they're the same shitty ads I see on the Tube, Train, Cinema and TV.
I read the whole thing, a day on I remember some vague predictions - one prediction sticks to mind, male birth control only around 2021? I dont think so - but mostly I remember how the ads pissed me off as instead of interesting, they're just dominating and a reminder that I paid too much for something whose main purpose clearly is to sell ads.
I'd pay £12/month for a Wired UK without the ads, someone need to develop Tivo for paper.
Warranty service compared
I had a thought recently when dealing with Apple and Microsoft on warranty fixes just how different things are, thought I'd sum up my experiences here:
Dell
I had a 15 inch Dell laptop, 3 year extended on-site warranty that I purchased to cover any issues. During the time I had the laptop it all worked well except the battery died after about 2 years.
Contacted Dell about this, they pointed out batteries are consumables and so not covered, that was expected. The kicker though was that I couldn't even buy a new battery from them because since they only covered batteries for the 1st year, and the machines has been off the production lines for more than a year they simply stopped making them.
2 year old laptop, 1 year left on it's warranty and it was useless, awesome.
Microsoft
My Xbox 360 is showing the dreaded 3 red lights of death, Microsoft has admitted the problem and offers a 3 year extended warranty for this problem. I went to their site, saw I can book the machine in online for fixing, after filling everything in the page said it's not available in my country, contact support.
Contact support, tell them the problem and clearly point out I have filled in the form and that I am in the UK and thus not covered by the service offered by the form. Support droid points me back to the same support page, but warning me that its not covered in all countries and that I should contact them if I am not covered.
I've gone through this little circle jerk 4 times now, each time with the same circular logic applied by the drones, I'm about to just towel fix the 360 or upgrade to a 360 Elite.
Apple
I have a black 1.5 year old macbook, it's pretty sweet but so far I've had a HDD and a battery die on me. It too is on 3 year extended warranty.
The HDD dying was inconvenient, I had to book in with a Genius but they swapped it witout question or cost, I just had to reinstall my stuff - easily done with time machine. I walk past an Apple Temple daily so no biggie there, they kept to their time schedules and the booking went smooth as can be, 3 days later my macbook was fixed.
When the battery died they first said its a consumable and not covered, I pointed out it died suddenly and not gradually and so it must be a fault rather than consumption. They posted free of charge a new battery, and paid for the old one to go back. The next battery arrived the next day without fault.
So all things considered, so far the Apple tax has proven a absolute bargain to me.
Cogent
I've not posted here for a while, been insanely busy but today those lovely people at Cogent kicked me out of my blogging slumber with a shocking display that I simply had to share.
Cogent for those who do not know is a very large Tier 1 ISP, known mostly for many disputes with other ISPs about peering, it has become so bad that in the UK at least they are basically a complete no-go zone for anyone.
I've previously delt with Cogent when a client signed up for a few mbit of Cogent bandwidth on the basis of a £5/mbit pricing structure, they soon realised that you get what you pay for. Even between racks in the same Data Center you could not reach each other without first hopping over to Europe. I've attempted to resolve this at the time with Cogent and the other ISPs and both confirmed that it is essentially a waste of time. Cogent said they can't speak to the ISP in question since most of the UK ISP industry can't stand them. The other ISP basically laughed out loud about being 'suckered' into buying Cogent bandwidth.
This is confirmed elsewhere, search the Renesys Blog for Cogent and you'll find a lot of information about Cogent, mostly bad news. From an article on their blog about Cogent in the UK you will see this:
Firstly, Cogent has a fairly serious Europe problem right now. They
have been aggressively attacking the European market for a few years
now and making some solid headway. They bought a couple of carriers
(Lambdanet Spain and France, Carrier1 in Germany among them), ruthlessly
integrated them and then proceeded to undersell the market by a factor
of 50-80%. This has made them many enemies.As a result of this approach to business, Cogent has much less
effective peering in Europe than do many of its larger competitors.
Most of the European PTTs refuse to peer with Cogent anywhere on the
European continent. Recently, some large US carriers (among them
Level (3) ) seem to have adopted a similar approach. This means that
when Cogent sells capacity in Europe, it is forced to drag that
traffic back to the US to hand it off to its peers here. Of course
that means that if the ultimate destination is European, the traffic
has to travel back. This is a burden on both Cogent and the European
carrier and, of course, the customers on both sides. But it's
unlikely to change because of just how much hate there is for Cogent
among European networkers.
This basically confirms my experience with Cogent and those of many I have spoken too. As such if you choose to support Cogent you will basically be forced to:
- Buy a lot of other bandwidth since if you're hoping to serve UK customers, Cogent is a terrible sole carrier to have
- You will need to invest in extra hardware, extra admin time, extra complex routing infrastructure and additional overhead on your teams
- You will forever be at the mercy of everyone who hates Cogent, you will find your self randomly falling off the internet, randomly de-peering with vast swaths of the internet and basically the whole thing will be a pain in the behind.
For these reasons, everyone who I know with Cogent bandwidth use them as last resort backup carriers, they are cheap and basically shit, but ok enough to use as a backup when everything else failed.
Over the last few years Cogent has contacted me direct via email to attempt to sell their wares, always the threads end withe me saying something along these lines:
Furthermore we'd prefer to use companies who do not directly
contact us with marketing material, please remove us from your lists
for future contact.
Today again one of my clients got a mention on Techcrunch which resulted in more spam from Cogent, again to an email address totally unrelated to my business activities, not listed in whois records for the client or anything like that. The sales person even had the nerve to copy the email that the above quote is from in his mail to me asking if I can have a conference with him.
My response was the usual, no we don't deal with spammers, you were told to leave us alone now please stop bothering us. Which resulted in an amazingly pushy email from the sales person, quoted below:
No doubt that writing when being asked not to is, well, borderline. That
said, it is both of our responsibilities to make sure that all options
are explored. You need to confirm that you are aware of all vendors
information, and mine includes getting it out there..
.
Admittedly, this is difficult to resolve via email. However, if I didn't
think that we could compliment your service, I wouldn't persist.
This is just amazing, this person really think he can presume to tell me what my responsibilities are, what I need to do, and that I have to indulge his blatant b/s.
After I again pointed out that they were asked to stop mailing me and I pointed out that they were using a private email address held by a UK citizen and as such under the data protection laws they need to stop contacting me when asked, they once again mailed me demanding further information about my customers. They really are on par with simple Viagra spammers.
Does anyone really think this kind of heavy handed tactic gets them business?
The worst part of it is the ISP who currently provide a large part of our b/w are Cogent customers, Cogent Sales people do not think twice to approach clients of their clients and try to undercut them - effectively trying to steal their customers business away from them.
Why would any business support such a company? I would not, I would effectively be negligent in my duties to my clients to ever recommend these clowns for anything since they are just a nightmare waiting to happen.
Layeredtech’s thanks to old customers
I have been a customer of Layeredtech for years, at present I have only 2 machines there but at times I've had 7 or 8. My one machine is pretty old, I think I got it circa 2002 or so and it's been doing well, same hardware etc.
Yesterday I received the following email from them:
Layered Tech is committed to being the leader of the Hosted
Infrastructure market by providing our customers with the best products
backed by the best service. In an effort to improve our customer
experience, we have determined that a small number of existing servers
will need to be relocated from their current data center. As you are
receiving this message, we have identified that you have one or more
servers in the in area of the Savvis facility that will need to be
moved. It is our intention to minimize any interruption in service and
we will do our best to work within predetermined time frames that are
convenient to you.Due to the form factor (chassis type) of
this server, we will need to migrate your data to a new server. We will
work with you so that the impact is as minimal as possible.Below
are the servers that are affected by this migration. Please respond to
this message acknowledging the need to relocate your server(s). At
that point, we will move this ticket to our Operations Department where
we will work with you on a migration schedule.
From reading this you might assume they will assist you with the migrate and this is a notice of an impending change, perhaps a month or two from now?
In reality the situation is that no, they will not help you migrate your data. They want you to take out a contract for a new machine and then migrate your data yourself - something which even at best will take 5 to 10 hours on oldish machines like this.
They do not offer any compensation, and when pressed on that point only offer 1 month...the cherry on the cake is that all this has to be done for 18 days from now, in effect they are terminating your old machine forcing you to take a new one and doing it with less than the agreed 30 days notice. Like it or not.
The sales person who has been coordinating this from their side is incredibly unhelpful and frankly useless, only after much pushing back by me do I even get a hint that anything other than do-it-yourself migration is an option, at this point still waiting for details.
This kind of disregard for customers is typical of large hosting centres, they have thousands of customers and their hard handed handling of their customers is acceptable because at worse they'll loose a fraction of a percentage of customers, so being unhelpful really does pay off for them since most people will probably just take this crap.
This is shockingly poor service, if you value your data, avoid Layeredtech.
Nasty PHP Authentication Handling
Sometimes you come across things that just make you wonder what is going on in peoples minds.
For years everyone who wrote applications compatible with the standard HTTP Authentication method has used the REMOTE_USER server variable as set by Apache to check the username that was logged in by the webserver, this has worked well for everyone, CGI's and all would just grab it there and everyone would be happy.
Along comes PHP and they make great big mess of it, PHP suggests that we use $_SERVER['PHP_AUTH_USER'] instead, and they give some good reasons for this too, except they have severely crippled this for all but Basic and Digest authentication, the following code from main/main.c
if (auth && auth[0] != '\0' && strncmp(auth, "Basic ", 6) == 0) {
char *pass;
char *user;user = php_base64_decode(auth + 6, strlen(auth) - 6, NULL);
if (user) {
pass = strchr(user, ':');
if (pass) {
*pass++ = '\0';
SG(request_info).auth_user = user;
SG(request_info).auth_password = estrdup(pass);
ret = 0;
} else {
efree(user);
}
}
}
As you can see above, they only import the user and pass from Apache if the AuthType is Basic, this makes no sense at all. Why not just check with Apache, if it set the username then import it? Surely Apache know if a user has authenticated? Ditto for password. It is so broken in fact that PHP in CGI mode also doesn't work since those headers don't get set for that either, countless comments and nasty hacks can be found in the PHP user contributed notes about this, but it is all just sillyness.
The reason this is annoying me is that I have written a Single Singon system in PHP, you can host a identity server on any domain and hook any site in any other domain into the SSO system, its a bit like TypeKey
Of course it's nice to have a easy to use SSO system in PHP but what is the point if you can't make legacy apps like Nagios, Cacti, RT etc play along with the SSO? So to solve this I extended Apache::AuthCookie with a new mod_perl module that plugs into Apache and does authentication using my SSO and a small bit of glue that you put on your RT/Cacti/Nagios box.
All's great, I have SSO to Nagios, RT and countless other things working flawlessly, except of course Cacti because it's written along the lines of the PHP manual, uses PHP_AUTH_USER instead of REMOTE_USER and so my new fancy AuthType in Apache does not work with Cacti. As it turns out its a quick 2 liner fix in the Cacti code but you would think PHP would be a bit more generic in this regard since as it stands now I think a lot of people who want to do SSO using hardware tokens and such have issues with PHP being silly.
Open Source Movable Type
Back in May 2004 Sixapart announced they were closing up Movable Type with a set of draconian licenses that essentially set out to punish the countless people who contributed to the project.
This move was met with much hatred throughout the blogging world and large amounts of people responded by simply moving on, making Wordpress todays leading Open Source blogging platform.
Today it was announced that they are heading back to their roots and giving Open Source another try.
Ever since the changes with our version 3.0 launch three years ago, there have been those who are quick to judge or quick to question whether the intention of openness was ever there. And of course, we've since learned a lot about how to communicate better with our community, and how to build a sustainable business that we're proud of, so that we can ensure even greater investments in Movable Type. We hope that it's not just the
launch of MTOS that demonstrates our commitment to openness -- from our
community feedback process (which has already yielded a completely new MT wiki) to our creation and promotion of open
standards for the web to our genuine interest in dialogue with the
communities we serve, we truly believe Movable Type is the most open
platform around.
I think Movable Type is a great application and I use it for my own blog, I am certainly very glad it is now Open Source and I have no real reason to move off it. But I think the damage the last few years has done to the community is immense.
When I started out with Movable Type and my blog in 2003 there were a ton of MT resources out there, when new versions came out the community literally jumped and ported extensions to it, made new themes and plugins for it and as a whole rallied behind the company. Today the situation is very different, just try and find a single good resource for MT4 themes and skins that support all the various new technologies built into it with widget sets, the new templating system etc, there are a few but nothing as amazing as there used to be. Have a look at the lack of ported plugins etc, the uptake and enthusiasm for the product is gone, Wordpress is where its at today.
This could be in part due to the constant breaking of backward compatibility and reworking of template systems, changing APIs and such though I am not convinced. This situation is pretty much par for the course in the Open Source world and anyone willing to commit to contributing does so and are prepared to port at the drop of a hat.
It just isn't happening with MT, not because Sixapart made it too difficult, not because people aren't prepared to support a changing product but simply because Sixapart alienated its contributors.
Todays announcement lists a number of cool things the community contributed over time, it was delivered in spin that would make most political parties look like amateurs, fact is the list that they showed as community contributions, not many of those are recent, not many of those are breakthroughs that happened since 2004, why? Because everyone fell out of love with MT.
I think the move is one of desperation, I wish them all the luck in the world as I do not want to move to a new blogging platform so it is in my interest to see this work for a long time, but I am afraid that ship has sailed. I hope I live to eat my words though.
I think the overall technology - namely Perl - just doesn't belong on the web anymore, this will no doubt be met with a lot of scorn by certain types, but the general idiocy around Perl 6 etc will sink anything that is based on it, Wordpress ultimately is in a much better camp being PHP based.
But lets not sling opinion around too much - nevermind that I am still mentally recovering from the displeasure of trying to maintain a MT Enterprise installation on a really big site. To gauge the community involvement is simple, both companies publish a plugin directory on their website.
Movable type: Total Plugins: 578, ones tagged as working with MT4 68
Wordpress: Total Plugins: 1277, it is not indicated if these work with some versions of WP and not with others.
So 11% of MT plugins got ported from 3 to 4, some were just not needed because the functionality were added directly to MT4 for sure - like Captcha's - others, I guess the authors packed up and left to another platform or simply stopped blogging. Either way, it is a pretty sorry state of affairs for MT to be in.
If I had to choose a blogging platform today, and had to weigh up MT against WP, my money would be on WP without needing to spend too much time thinking about it. I recently created a new blog - now defunct - it was based on WP and my next one will also be.
I am sick of Librarything.
I've previously blogged about Librarything and said I quite like it.
Feature wise it's fine, I would have liked to also include my DVD's etc but mostly I just want the book feature to work.
The authors have been introducing all kinds of new wonderful features like groups etc, but the site is incredibly unstable. Each time I want to go add a new book, I am subjected to 2 hours of downtime, maybe I just have bad luck, but tonight I wanted to add 2 books again and the site was down for a hour again.
No planned notices on the blog (ever) no explanations afterwards, its just down indefinitely. This time it lasted an hour or so. It's like the image above is their actual home page and the working one is the exception to the rule.
Anyway, other things that annoy me, they have these blog widgets, for putting in your site, but they don't have a API that has enough features, so I parse the blog widgets to build my current reading list, of course they can't stop messing with the HTML in these widgets so things keep breaking. I know this isn't really something that will affect someone who use it on their website, but still it's irritating.
In that hour I used my backup that I made a while ago of the data (librarything have previously had a disaster where their machines failed, their backups failed and they lost data!) and just imported it all into Delicious Library. It cost me more, but it indexes books, DVDs, games, CD's etc and it actually works. I guess you get what you pay for and it seems $10 or whatever I paid for Librarything just isn't enough to actually get a working site.
Why I don’t use Ruby On Rails.
It's simple, the community around it are a bunch of bigots. See this post on macslash.
The poor guy asks for something simple and gets flamed to death by a bunch RoR idiots who are acting like they need to justify their choices, no thank you. You'd swear its the new third reigh.
There are countless reasons why someone would want to stick to PHP, why does he need to face up to this kind of abuse just because he made a choice?
Links
- @ripienaar
- Flashpolicyd
- Flickr
- London DevOps Group
- MCollective Plugins
- R.I.Pienaar
- Ruby PDNS
- The Marionette Collective
- Wiki
Tweets
- I love the E4 ipad ripoff ad http://srt.ly/epad
- RT @garnaat: The only accurate model of the system is the system itself. All other representations are a compromise. <- what he said
- Parallels announces support for Google Chrome Operating System http://bit.ly/aCXXCJ
- RT @brunns: RT @jaywgraves: This is pretty awesome. http://bit.ly/aJ12Gb
- Kelway are totally wicked hardware suppliers. Threw away a £100 cable by accident, they gave me a freebie replacement
- Police stop runaway Toyota Prius http://bit.ly/904jED
- Vagrant: EC2-Like Virtual Machine Building and Provisioning from Ruby http://bit.ly/cttcgQ
- RT @lochii: http://github.com/alandipert/ncsa-mosaic <-- mosaic now on github, yay!
- RT @littleidea: What does DevOps mean to me? http://bit.ly/alzrta #devops
- QCon presentation take #2 done I think, need to rehearse a few times now. Wonder if the iPhone remote for keynote is any good
Reading
Planned books:
- The Science of Fear: How the Culture of Fear Manipulates Your Brain by Daniel Gardner
- Relentless by Dean Koontz
- Mind Over Ship by David Marusek
- The New Space Opera by Gardner Dozois
- The New Space Opera 2 by Gardner Dozois, Jonathan Strahan
Current books:
-
Ariel: A Book of the Change by Steven R. Boyett
Recent books:
- Hacking Vim: A Cookbook to Get the Most Out of the Latest Vim Editor by Kim Schulz
- Beautiful Architecture: Leading Thinkers Reveal the Hidden Beauty in Software Design by Diomidis Spinellis , Georgios Gousios
Categories
Archives
Licence
