Friday, September 29, 2006

a void left by Dell discontinuing PowerEdge 1850

I was tasked to purchase yet another Dell PowerEdge 1850, to be dedicated to certain tasks currently done on some other-purposed server. The Dell account rep sent me an quote for PE1950, in response to my RFQ for an PE1850. I thought it is merely a typo, so I called him up. He told me, it is not a typo but that Dell decided to discontinue 1850, as the industry moves towards dual-core processors, aka, the new x9xx series for Dell PE. I told him that we can't go with dual-core processors, due to software licensing restrictions, since DBMS (Sybase & Oracle) will count each core as 0.8 CPU or so . We either go with single dual-core CPU (loss of redundancy and an underutilized 2-CPU license), or go with dual dual-core CPU ( now we need to purchase 1.2 CPU license to make up 3.2 CPU license instead of 2 CPU license). He informed me that the next best alternative for us would be 850, which only features Celeron processors.
This move contradicts Dell's intention to cater to SMB users, who use smaller boxen to house database applications whose licenses often involve CPU count. Not sure this void will be filled by Dell herself later, or by some third party such as HP. Either way, wish they had a published life expectancy for each model. So, you can make an informed decision when you starts. Case in point, I wouldn't buy six PE1850 last summer or Dell for that matter, if I knew then it will be discontinued only a year later or less.

Wednesday, September 27, 2006

f5 support site top-notch : web UI useful & friendly & easy.

After signing up for an, I was redirected to site. Therein I found documentations, release management information, release/patch/hotfixes downloads in a well-organized fashion. Most other tech support sites I visited before gave you the feeling of a dump-all-here repository with a thin cover of HTML. The F5 sites allows you to select a version, which has a short description of what this version is on a neatly tabulated fashion. MD5 is provided for downloads. The provided md5 checksums is way above par for commercial entities, even though PGP or GnuPG signature is more desirable and more secure. Three different downloading mechanism is provided: FTP/HTTP/HTTPS. Again, all  neatly tabulated and explained in plain English. It seems that this site itself had gone through a real OO modeling design & implementation, to ensure the UI be useful & friendly & easy. One cue to support this suspicion is a reference of 'choose a container' instead of saying "choose a version number'.
The F5 LTM/GTM software release scheme has recently been revamped and are well documented on their site. The scheme is pretty straightforward and makes an easy read for a professional systems engineer like me instead of software engineer. basically a x.y.z scheme with y being odd/even to distinguish a feature release versus a maintenance release. As I am writing this, I came to wonder whether this F5 scheme had been influenced by the odd/even version scheme of Linux kernel development. For instance, kernel 2.5 was unstable/cutting-edge while 2.4 was stable releases with maintenance fixes only). I will consider to recommend this scheme to our internal release team, such that our next release number will not be an 'ass-pull' - a quirky code invented by an obnoxious-wanna-be Yankee veteran and has been circulated around our office.
No wonder is the first and only site the F5 Big-IP SE (systems engineer) referred me to. It gave me warm & fuzzy feeling about F5 that all this releases and patches are manged so well, so consistent, and for free. This came in stark contrast with Citrix Netscaler SE. He made such a big deal of gaining access to newer builds and releases and didn't give me access until he agreed the feature I need to evaluate is not there in the bundle. Even then, he had to grab them somewhere and slap them into a FTP server in his own iBook (OS X), and gave me an one-time ad hoc account to download. One year or three years post-sales, I have no doubt that I can find bug fixes and new features with ease from F5. Needless to say, I don't have that confidence with Citrix Netscaler team. Hope they are merely temporary quirks produced by the Citrix acquisition.

Wednesday, September 20, 2006

old 9G not in supply any more?

A 9G disk failed on a production server. It is a Dell PowerEdge 2450 and I know the service tag, so I searched on Dell's site. Amazingly it recognized the service tag of the old boxen, but produced only 18G or above and started at $250 a pop.

technical interview for an enterprise job (continued)

Three days after the interview (the labor day weekend), I was offered the job. So, the hints I picked up are real, when they showed me around the office and introduced me to the potential peers after the technical interview. The offer was initially ~10K short to meet my current full compensation & ~5K below my current base, so I told my headhunter who relayed the good news.
The headhunter's account manager kept assuring me that they won't be able to offer more and insisted that he just signed up a professional with a 10K pay-cut. He said, and I quote, "people do that all the time." So I said, and I truly meant it, "I'll to have to decline the offer as it stands now." He didn't say anything and we bid adios . Next day, he called me. Obviously he picked up only part of the message (5k lower than my current base) and went on to bat for me. Appreciatively speaking, it worked, the client offered to match my current base. That did make me feel good and bad. "Good" in the sense that my skills and experience are truly appreciated at this new place, so my pay rate is rectified in more than one places. Sometimes I wondered whether my current "high" pay was only because my current employer was desperate in need of a systems engineer when they hired me on. "Bad" in the sense that their offer was such a low ball, so I'd expect an up-hill fight to get big raises in the future if I get in. Hope it was only because I am making too high a salary now (hmm, should I feel good about that?!)
Since the new place doesn't have ESPP, stock option, or bonus for that team, the improved offer was still a 5~10K pay-cut for me. Once I made that clear, the account manager again assured me that their client wouldn't be able to offer any more. Sure enough, the client rescinded the offer the next day. Later I learned from my source, that the hiring manager was offended, since my pay situation was not explained or presented clearly to him, thus he took that as a needy/greedy give-me-more-and-more request, taking advantage of his good faith effort to sweeten the offer last time.

to flush a jsp

in order to test how a load balancer (F5 BIG-IP or Citrix Netscaler or others) time-outs an idle server or client, I cooked a simple JSP. what I desire is to flush any byte as soon it is written to the response stream. Using PERL, one'd set $| = 1; or autoflush(1) and be over with it. In an Apache/Tomcat environment, I ended up using <@ page buffer="none" %> and response.flushBuffer() combined. The API for 'buffer' page parameter led me believe it should accomplish what I desire by itself. It doesn't seem to be the case. Maybe it is buffered by Apache?

F5 BIG-IP version 9 sends a RST packet to the client after timeout

The load balancer in production on our site currently leaves the client hanging. After timeout on the server or client, it terminates the connection to the server but doesn't terminates the connection to the client. As a result, the FireFox or IE browser spins its hourglass or whirls forever, as confused the hell out of the unsuspecting non-techie end users.
With that in mind, it is quite a relief to me to see a RST packet received by the client, after 320s of idle time ( thread.sleep(320000)) in a jsp served by Apache/tomcat. Since FireFox actually sent 'keep-alive 300' in the http request header, so I am not so sure the 300s is per FireFox's request, or per F5 Big-IP v9's own hard-coded client (or server) idle timeout. If I recall correctly, Citrix Netscaler EE9000 (version 6.1 and 7.0 beta) defaults to timeout on idle client at 180 seconds and on idle server at 300 seconds.

Friday, September 15, 2006

F5 version 9 is based on Redhat Linux 9 microkernel

I received a F5 LTM 3400 on Tuesday. Today I finally squeezed in some time to boot it up and checked it out. It seems to be based on Redhat Linux 9 microkernel.
It has two processors, so the SMP kernel is used. However, I was told by the F5 SE that only one is used for the application switching task (load balancing + content switching).

Tuesday, September 12, 2006

wonder of modern technologies: MSN video conference allows my son dance for his grand-parents half-globe away

 Tonight, I put my son on the desk in my study. He danced, clapped hands, while his grandma and grandpa sang a song and cheered him on, via MSN Messeger & a pair of Logitec Pro 4000 webcams. All in real time, across half a globe.  Hearing ans sharing the laughter and joy on both sides of the MSN screen, I am once again amazed by the wonders of video conferencing and the technology advancement that made all this possible, even though I am an IT professional by trade.

It is certainly inconceivable to send electronic mail just forty years ago, much less a video conference.  My uncle lives several states away from home since his teens. His siblings including my mom visited only once when he turned 60. The only connection they have is a greeting card for the new year.

Wednesday, September 06, 2006

custom transport for postfix on RHEL 4/AS (CentOS 4.3)

I was told to use a special server to relay outbound emails for a new NMS server I built. The NMS server has POSTFIX installed and is configured to send production alerts to a new duty pager, a Blackberry 6230 with BIS account served by T-mobile. I did POSTFIX relay thingy once elsewhere, so, I instantly did the following
  • vi /etc/postfix/transport & added the following two lines at the bottom of the file smtp:
  • run 'postmap' to generate the hashed transport:
postmap /etc/postfix/transport
  • vi /etc/postfix/ and commented out the global relay
#relayhost =
  • reload configuration for the running postfix. Reloading was met with some nonsense error/warnings, so I ended up with a full restart.
/etc/init.d/postfix reload OR service postfix reload
  • tested it and it didn't work. it seemed that the transport map doesn't exist, since it looked up MX record to find SMTP servers to send mail to.
man postmap, man postfix, man 5 transport, grep -i transport
  • It became obvious that doesn't have reference to use which transport hash at all. so I added the following then restarted POSTFIX. Bingo!
transport_maps = hash:/etc/postfix/transport

It still made me curious why this is not enabled by default since one needs to consciously insert rules into the transport configuration file as well as to consciously run postmap to generate the hash. This would save me the hassle to figure out it is not there, and save a service outage in production environment should custom transport becomes necessary. The only argument I can find up to now is the security, only if it takes different credentials to modify transport.db and to start use transport.db at first place.

Of course, "crazy" default behavior can be identified on other modern operating systems also. Don't get me started with that Solaris halts if it receives the POWER Fail signal sent by a resetting serial console.

Friday, September 01, 2006

technical interview for an enterprise job

Two days ago, I went for an on-site interview at a major media company. The lobby is similar to Google's in that you have  their namesake news channel  on a big LCD TV instead of a big screen showing all the current buzz words people are searching using Google Search. The schedule seemed a bit rushed than Google's, since it is 1.5 hours instead of 3.  Of course,  I flew from ATL to SFO just for the Google interview, thus they'd want  to ask any/all questions they have at one shot.

At this point of my life and career, I am really interested in a technical lead or hands-on manager type position, as a transition to move up the ladder, so to speak. I have advanced degree (MS/MIS) and broad exposure to major IS/IT components such as OS, RDBMS, network, security, etc. Over the course of the interview, I started to get the feeling that this position was purely technical thus no upward opportunity would be there. That said, the group is sizable and currently has no manager or lead, plus the job description in the ad requires tech lead experience. So, we'll see. Before he took off for another meeting, the director asked me a PM-type question and told me that my answer was a good one though a little bit too detailed. Is this a hint ?!

Two potential peers showed me around the working places and introduced me to the other three guys/gals. A classic textbook hint that they view you as a potential peer (a good thing). Or, I could have read too much into it, since they could have been just showing off their manners.

On my drive back to work, I thought of a couple of cons:
  • The cube is tiny though private
  • The drive would be bad and I don't think telecommuting would be an option.
  • On-call duties would definitely be rotated.
  • Money won't be so great either, since the high end of the range is lower than what I make now.
  • could be pigeon-holed into an OS-only type person
  • could be victim of outsourcing or politics in a large organization
And, of a few Pros:
  • The name recognition of the group
  • The enterprise experience you definitely won't have from working with SMBs.
  • opportunity to specialize & get deep onto topics of interest
Working with SMBs are more stressful, since you are the ONE, plus very limited resource to address same type of concerns that large enterprises pour money/man-hour into.