Practical Technology

Over the last year I've spent a lot of time learning (thank you, long commute & lunch hours).  Many topics ranging from Chef to DevOps to architecture concepts to management concepts and everything in between.  Why have I done this? DevOps Demystified with Ben Rockwood: https://www.youtube.com/watch?v=h5E--QSBVBY DevOps at ancestry.com: https://www.youtube.com/watch?v=pF5ya0q53kk Those two presentations were key in sending me down this road.  First, and most important, was Mr. Rockwood's explanation as to the real 'why', and the point behind DevOps from an operational perspective.  Second, and no less important but for a different reason, the continuous delivery system at ancestry.com really made it real to me because they are a 'Windows shop'.  So much of what I'd been reading about Chef/config mgmt. relied on amazing tools (see the error there?) only available to the Linux world.  Suddenly here's this guy telling me that it's possible...

We're sunsetting an old environment - we took backups, but these will most likely never be used again.  My part of the project is importing the backups (from a 3rd party datacenter), logging on to ensure things are functional, then shutting them down. Of course, Windows wants to know why you're shutting it down... sleepy time so tired... time to sleep now... good night thank you I wonder what the other side looks like... I'm pretty sad right now.  Poor VMs...

Here are some config snippets from the haproxy setup I mentioned in the last post.  Note that if this looks weird, it probably is - our environment is a bit of a mess, but due to constrained test resources, no cleanup is possible. Some organizational helpers I used: IP addresses 'make sense' - for example WEB02-IP2 is 192.168.1.62, -IP3 is .63, etc Keep the naming convention for backends consistent Keep things simple Comments only for the first frontend, first backend, unless actual specific notes required Keep spacing consistent, tabs, etc Frontend Example frontend domain1_com-http bind 192.168.0.50:80 # Subdomains: I put relevant subdomains here (just to keep track) acl is_GKWEB-http hdr(host) -i -f /etc/haproxy/GKWEB-http-urls # Subdomains: subdomain1 subdomain2 acl is_ITF01-http hdr(host) -i -f /etc/haproxy/ITF01-http-urls # Subdomains: subdomain1 subdomain2 acl is_WEB34-IP2-http hdr(host) -i -f /etc/haproxy/WEB34-IP2-http-urls # Subdomains: ...

This project was something I'd been wanting to do for quite some time, but never had the opportunity.  Well, opportunity kicked the door in, so who would I be to not offer tea & crumpets? I've not had much exposure to load balancers so far aside from 'hey, they are neat' and understanding the basic concepts behind them.  Never had the chance to set one up from scratch, never done actual configuration, etc.  So why not have my first shot be with a pretty complex environment that had been badly maintained for the last 5 years? (they're dropping the contract at any moment, don't bother fixing it up - really) We were moving said environment as a cost-savings exercise and had decided to forego load balancers (it was leaving behind some Stingray LBs) as another cost-saving exercise (we priced out Netscaler VMs at ~$2k each, Riverbed started at $5k).  Should be simple enough to just static-NAT straight to the servers and remove any redundancy (it was a dev envi...

Sooo, we dropped Chef from our lineup.  There were a number of good reasons to do so, such as: To properly get the most out of Chef in a Windows environment, you really need DSC (desired state configuration).  We are not using DSC at this time (on the to-do list). We were starting to twist it into doing deployment tasks - this is not appropriate (such as 'stop the AppPool, deploy, start the AppPool'). We found a way to do the same thing via (easy?) Powershell scripts, and modules!  Yes, we have really started having fun.  Not only that, but all of this is in TFS and part of our deployment chain. Another big step is moving all of our pipelines into templates, and introducing a development process around new template features/fixes.  This means that keeping track of pipelines is really easy for us, and much easier for the devs to deal with from a requirements standpoint. Further - we've gotten everyone to agree to a naming convention so our template...

None of us saw it coming.  I'm still scratching my head about how this is even a problem. APC rack.  2x Tripplite PDUs (managed, metered).  Mounted in the APC toolless 0U panel at the back of the rack, side-by-side. As-is, there is no way to remove rear-facing network equipment that mounts using rack ears.  i.e. Physics prevent you from removing said equipment.  I'd have to remove both PDUs to get anything mounted w. rack ears in or out - e.g. if a switch fails... Maybe you just can't do that - maybe all equipment you want to remove must be mounted from the front.  Did some more looking (to be sure), and both the APC and Tripplite models we can use are pretty much the same physical dimensions. Unfortunately I wasn't able to meet directly with the datacenter manager (flight was delayed), so we came to the conclusion that our only real solution was to dismantle the rack entirely so we could move the vertical mounting flanges.  Doing so would gain...

So you are finally doing it!  Moving everything to a colo site - so exciting! So much redundant input power!  So much reliable A/C! So much latency between sites. It made so much sense to move EVERYTHING over that the only consideration you gave any thought to was DFS/Folder Redirection (which does, indeed, stink over the WAN).  One other small fuzzy area you forgot about was AccPac (Sage ERP 200). DFS/Folder Redirection - at least this was a known potential issue.  It's slow, but users can live with it if they must (and $ dictates wait they must).  But AccPac!  It's so un-useable at this point that immediate measures must be taken. Latency, you ask - how awful is it?  27ms.  (both sites on 100mb fiber) Yep, 27ms is enough to bring AccPac to its knees.  It turns out that AccPac is a rather old application, and has a neat feature called 'DBspy' that displays its age nicely.  If you watch the 'DBspy' monitor screen, simply clicki...