Will Warren

The blog of an engineer from Canada who specializes in SaaS, HA, Cloud and Product Development. I work in the Internet.


Redis Cluster Cheatsheet


Redis is very, very good at running as a Highly Available service. It has supported clustering since 3.0.0 was released back in April of 2015. Clustering many redis servers together allows for higher throughput (spreading the load), as well as redundancy (for when servers die unexpectedly).

Here I have assembled some notes about common things you might want to do to your Redis cluster, and how to do them.

Read the rest →

Tags: sysadmin linux redis

SQL Server: Enabling Read Committed Snapshot Isolation


When using Microsoft SQL Server, enabling Read Committed Snapshot Isolation (RCSI) is one way to prevent reads (SELECT statements) from escalating into full table locks. Depending on your application this can either be a good or a bad thing. I’m not going to get into the why’s and why-nots of each strategy - this is a good article to read if you’re having a hard time deciding which strategy to choose and why.

So let’s say you want to enable RCSI on a fictional database MyDB. This can be achieved by simply issuing the following T-SQL:

ALTER DATABASE MyDB SET READ_COMMITTED_SNAPSHOT ON
GO

To check that it was successfully enabled, you can check the System View sys.databases:

SELECT is_read_committed_snapshot_on
FROM sys.databases
WHERE [name] = 'MyDB'

If it returns 1 then RCSI was successfully applied, you’re done! Unless…

Read the rest →

Tags: sql database sysadmin

Set a Static IP Address in VMware Fusion 7


Update: This technique also works in VMware Fusion 8!

I am an OSX user, and I run a lot of VMs using VMware Fusion 7 which I have been very happy with since I purchased it. One thing that always bugged me is that Fusion allocated a different IP address to each VM every time it started up, or resumed from a suspend. Applications that I use that have references to those IP addresses always had to be reconfigured each time I wanted to use them.

More recently, I’ve been testing out lot of different type 1 Hypervisors (ESXi/vSphere, Proxmox, XenServer etc) which usually make the assumption that they will be given a static IP (which they should in the real world).

So imagine my delight when I discovered that you can indeed allocate static IP addresses to VMs simply by editing a single config file.

Read the rest →

Tags: discoveries sysadmin

Resize your EC2 instances with minimal downtime


Amazon Web Services (AWS) provides a really great service-oriented way of creating virtual machines in the cloud with their Elastic Cloud Compute (EC2) system. There’s many reasons you’d want to increase or decrease the size of an EC2 instance on AWS. Maybe you misjudged how much traffic you’d be getting, or maybe you need more horsepower to finish a certain workload in a shorter time.

Read the rest →

Tags: aws sysadmin

Setting up SPF records for Google Apps and Amazon SES


Update: AWS now sends email using a Mail-From domain that they own and control (see here). This means you don’t really need to configure your own SPF records at all. I’m leaving this post here for posterity and all the links that already point at it.


The Sender Policy Framework (SPF) is an attempt to mitigate certain types of spam - specifically spam where the sender masquerades as a different sender. Technically, you can put whatever you want in the From: header of an email message, so you can pretend to be sending emails from facebook.com simply by putting something like From: no-reply@facebook.com in your email’s headers. Email relay servers prevent this by looking up the sender’s domain’s SPF record (defined in DNS records). The SPF record tells the mail server “here are some originating IP addresses that are legit, if a message arrives pretending to be from this domain, make sure the originating IP address is on this list”.

Read the rest →

Tags: sysadmin aws

Adding firewall rules for Oracle Database using iptables


To connect to a box on your network that is running Oracle Database, you will first need to allow connections to Oracle through your firewall.

If you’re running CentOS, RHEL, Fedora or any other Linux variant that uses iptables, use the following commands to create a firewall exception (Assuming you’re running your listener on port 1521 - check with sudo lsnrctl status):

sudo iptables -I INPUT -p tcp --dport 1521 -j ACCEPT

Read the rest →

Tags: sysadmin database oracle

Apache Tomcat with SSL behind Amazon ELB


If you’re running a high-availability system of some kind, chances are you are into some sort of Load Balancing. If you happen to be writing a Java app, and happen to be using Apache Tomcat as your servlet container, then this tip is for you.

I had a system which needed to be HTTPS-only but also have the SSL terminated at the load balancer. Naturally, I forwarded the HTTP and HTTPS ports on my Elastic Load Balancer and had my application configured to redirect any insecure connections to an SSL connection. I started having a couple of strange issues where occasionally it would leave the connection on HTTP when it should have been redirecting.

My setup was basically:

  HTTP (80) -----> ELB -----> Tomcat (8080)
HTTPS (443) -----> ELB -----> Tomcat (8080)

Turned out, I needed to set a couple of extra options in my Tomcat HTTP Connector section (find it in server.xml). This was the combination of options that did it for me:

Read the rest →

Tags: aws sysadmin

Password protecting folders with .htaccess


I always forget how to do this, so I’m posting it on here for posterity. Sometimes it’s useful to password protect a folder or files on your web server. If the web server is Apache, then you can use a couple of files - .htaccess and .htpasswd - to achieve this.

Read the rest →

Tags: sysadmin

Read on...