# uname -a

Switch

mercredi 22 juin 2016

Debian 8 : Configure Nginx and Passenger to supercharge your PuppetMaster

The Puppet master comes by default with a basic WEBrick server. It allow a quick start for those that are not familiar with Puppet, but when the number of Puppet nodes grows, the performances of the default WEBrick server are going down quickly.

The Puppet documentation show how to configure Apache and Passenger to replace the default WEBrick server, but what if you have a lot of nodes ? What if you want to apply your configuration within minutes, instead of the default half-hour threshold before the agent asks the master if something changed ?

Or you may just want a fancy Nginx instead of your plain-old-reliable Apache.

Here is how.

Lire la suite...

jeudi 1 octobre 2015

About ToBeHost : the last of my student's projects

Hello there, this is not your ordinary reading on this blog. This post is a sort of introduction for a series of posts about the making of a free web hosting provider, implementing a web panel from scratch using Drupal for front-end and Puppet as back-end.

But first, let me introduce you the reason why we started the project. I said “we” because I am not the only one in the boat, but it’s me who will make all the technical choices, and implement it. I am also the one who was saying “give up” to my colleague a few months ago, before going back with this new and exciting crazy idea.

Lire la suite...

samedi 8 février 2014

Conflict between broken Apache packages makes FCGI angry (mod_fcgid: can't lock process table)

Here is is a quick note on the fix I made today for a messed up Apache server.

The environment

Apache2 + Debian + mod_suexec + mod_fcgi

The problem

The server was down only for PHP-running websites. It triggered a connexion reset when trying to run PHP scripts. Static content and reverse proxies were working correctly, as if nothing was happening.

In the server logs, the following error was present :

mod_fcgid: can't lock process table

The suexec log was showing no anomaly.

The server wasn’t gracefully stopping anymore, and I had to kill him with the -9 signal to stop it.

The cause

Searching around the web was giving me very few clues on the problem. I couldn’t find why the CGI subprocess was broken, it is spawned by Apache and so it should not be missing permissions (there is no CGI daemon listening in Apache setup, contrary to Nginx)

What causes the Apache subprocesses to get spawned ? Either the Apache mpm-workers, or mpm-prefork, or mpm-event or mpm-itk. I knew I was using workers, but a glance in APT installed packages showed me broken packages on workers and ITK. Wait… ITK ?

Actually, I run Puppet, and Puppet was configured to keep Apache ot its latest version from repositories. With the release of a newer version of Apache, it had updated the apache2 package … and installed apache2-mpm-itk while apache2-mpm-workers was still present !

The result was a conflict while trying to spawn CGI processes, and a crash of the subprocess.

The fix

Doing a remove apache2-mpm-itk, and force-reinstall apache2-mpm-workers did the job.

samedi 17 août 2013

Le monitoring sous Debian avec Nagios et Munin (Puppet en guest star) : de A à Z - Partie 3 : Puppet

.

Dans l’article précédent, nous avons vu comment écrire une configuration de base pour Nagios.

Dans cette partie, je vais aborder un sujet un peu transverse mais nécessaire à la création de notre solution d’ensemble : Puppet.

Lire la suite...

jeudi 4 juillet 2013

Le monitoring sous Debian avec Nagios et Munin (Puppet en guest star) : de A à Z - Partie 1 : introduction

.

Le monitoring. Graal des administrateurs système dès qu’un parc de machines commence à se constituer. Avec ce petit guide, vous allez découvrir que même avec seulement trois machines, on peut faire du monitoring. Même avec des machines mobiles ou pas toujours allumées, on peut faire du monitoring. Même avec les machines des clients, on peut faire du monitoring.

Pour pouvoir intervenir en cas de problème, il faut déjà savoir qu’il y a un problème, c’est le but du monitoring.

Lire la suite...