Update (03/01/13): the diagram below is hopelessly wrong in regard to the networking for the ‘backend’ containers. I’m leaving the post as is as a reminder of how I worked through the setup. Will add a link here in future when I get the setup right.
I’m currently setting up a Hetzner dedicated server to replace an existing one. While doing this I’m changing the way I do things to make the setup easier to administer. I use a number of web applications at the moment; several instances of WordPress, Gitorious and ThinkUp. Getting all of them to play nicely together can be a pain. In particular, adding another RoR application to the setup is horrid. So I’ve been looking at how bits of the software infrastructure can be separated. While doing this I’ve taken an interest in LXC – Linux Containers akin to chroot or FreeBSD jails or several other server partitioning technologies. There’s various other interesting points on this that aren’t really relevant here and now. Folks at Ubuntu seem to have taken an interest in LXC and have done a massive amount of work to make it easy to use. In particular, Stéphane Graber has written some great content.
So, I’m working on my setup which is going to make use of separate web application containers i.e. multiple Ubuntu containers running Apache and PHP or Ruby talking to a database container. The following diagram represents what I think the setup should look like:
Currently, lxcbr0 exists (it’s in the default conf file for a container) and I have UFW forwarding port 80 connections on eth0 to nginx. Nginx will serve as a reverse proxy communicating with the appropriate Apache servers for the particular site requested. So I expect it to have two network interfaces; one to lxcbr0 (this exists) and one to communicate with the backend Apache servers (this doesn’t exist yet). The backend servers consist of a DB server and multiple Apache servers which I see as being part of a VLAN, communicating with each other and the internet (for the purposes of updates and external services like mail). This is the bit which confuses me currently and which I’m trying to figure out before adding any more configuration or packages. Although I’ve used the term VLAN I’m looking at both VLAN and MACVLAN (and possibly other networking options). I’ll write another post when I get the final setup but if anyone wants to throw in their tuppence worth it’s all welcome :)
I’m currently upgrading my sister’s 1.83GHz Core Duo MacBook Pro so that it can be handed on to our Mum, now that Jeanna has her shiny new MacBook Air (both at healthy discounts from Apple refurb stock). One of the reasons for handing this on is the built in camera which would allow us to use FaceTime. Thankfully FaceTime is available on OS X 10.6.6 and this MBP supports a maximum of 10.6.8. I did a clean install (to a new SSD) from a 10.6.3 retail disk and updated to 10.6.8 through Software Update straight away. Then FaceTime from the App Store. Unfortunately, I couldn’t get logged in. I kept getting errors along the lines of:
”Could not sign in to iMessage. The server encountered an error processing registration. Please try again later. “
When I looked at Console.app I was seeing
06/12/2012 00:49:52 FaceTime ApplePushService: Certificate not yet generated
06/12/2012 00:49:52 FaceTime Couldn’t retrieve identity
My instinct was that the new iTunes account I had setup for Mum as part of the process was the problem and searched on that basis. However, looking at support topics it was clear that when the ID worked with App Store and iTunes Store that it wasn’t an ID issue. By chance I was looking at “About This Mac” and noticed that the serial number wasn’t displayed. You’ll see it’s mentioned in several threads and the outcome is that it generally happens when Apple replace the logic board. Given it was a machine from the refurb store that’s consistent. It naturally occurred to me that the lack of the serial number might be an issue when identifying a client device (thinking of license keys which used to be tied to Sparc host ids). The serial number is in the battery compartment so you just need to find a way to get it on the board. This would typically be a trip to an Apple Service Centre but I’m not aware of a decent one in Dublin – the one I know of had me standing around like a gobshite when I was trying to buy something so I wouldn’t trust hardware to them. There is what appears to be an Apple Service utility which does the job. Have a look for “SetSysSerSum-3T100″.
After that I got another error trying to login to FaceTime but logging into the App Store and then into FaceTime has resolved the issue.
The project I’m working for currently is about data in the context of a regulatory framework. As part of that I come across interesting articles from time to time. While the industry domain is insurance there’s some good stuff in here about data. Have a look at the presentations over on the BCS.org (British Computer Society) Data Management Specialist Group subsite. Dean Buckner’s is particularly interesting. Haven’t had a chance to listen to the audio yet, just ran through the presentation.
There are some key points in there about what you should focus on and also the idea of ‘materiality’ i.e. what’s actually important. Even having a think about the materiality of your data is a useful exercise. It may even be a useful challenge for you to ask yourself: “Is the data I think is important really important”.