Category: Data Center

Linux Distribution 1

How To / Operating System / Security

How to Secure SSH Connection on Linux

Why We Should Mitigate SSH Based Attack SSH (Secure Shell) is a most popular remote protocol. SSH allows remote login and execute commands. That providing secure way to login and run commands on remote systems in unsecured networks. Telnet replace with SSH cause of offering more security. But SSH has some weaknesses, in order to reducing SSH based attack, those weaknesses can be mitigated. There is some hardening tips, the tips turn your SSH server into a rock solid communication daemon. Best SSH Hardening Tips In the next minutes, we’ll review 15 solutions from best SSH hardening tips. Each hardening tip will a shield against SSH based attacks. Most of the tips are SSH configurations, some of those tips are different on Linux distributions, so please check the configurations on your distribution documents as well. Also Windows 10 and Windows 2019 have OpenSSH server by adding Win32-OpenSSH to Windows, so read Microsoft documents as well. You must restart SSH server daemon after applying configurations. 1. Custom SSH Port SSH server listening on port 22 by default, so attackers trying to attack your server on port 22. Changing SSH port to another port is a solution to reduce attacks. In order to change...

Corruption in dlmalloc 0

Server Hardware / Server Virtualization

ESXi Fails with “Corruption in dlmalloc” on HPE Server

“Corruption in dlmalloc” issue occurs because multiple esxcfg-dumppart threads attempt to free memory which has been used for configuring the dump partition. Thread A checks if there are entries to be freed and proceeds to free them, while within the same time frame, Thread B is also attempting to free the same entries.
Based on VMware KB2147888, this issue is resolved on ESXi 6 U3. But why issue is happening on ESXi 6 U3 or ESXi 6.5 U1 when they are installed on HPE ProLiant servers?

ovf 0

Server Virtualization

How to Export Big Virtual Machine (>2TB) as OVA or OVF

I guess, you know the instruction but let’s quick review. You can export virtual machines via some different tools such as vSphere Client, vSphere Web Client and others. All administrators do it today and familiar with OVA and OVF. It’s possible to export small virtual machines via vSphere Client, vSphere Web Client, PowerCLI. If you want to export virtual machine with 200~300 GB virtual disks (Thin or Thick), there is serious problem, just make sure that you have enough free space. But did you try to export big or monster VM as OVA or OVF?

VNX Domain - Unverified Systems 2

Data Storage / How To

VNX 2 Series: Best Solution to Remove Unverified Systems

VNX Storage arrays can be added to a domain for centralization logging and management for multiple storage arrays. Also Unisphere Central can be added to a VNX domain.

Sometimes, storage administrator makes mistake about adding or removing VNX storage arrays from VNX domain. As an example, administrator has to remove a VNX for send to repairing but forget removing storage array from domain. Another example, when there is multiple domains with multiple range of IP addresses, may be administrator add array to domain wrongly and after that, change IP and add to another domain.

In these situations, domains will contain some systems as unverified system, the unverified systems should verify again and otherwise should be removed.

Linux Container 0

Reviews / Server Virtualization

Operating System Level Virtualization (Part 2) – Implementations Comparison

These days, everyone knows what’s Cloud Computing and cloud based services are using for speedup deployment of organizations services. Operating System Level Virtualization or Containers helping system architectures and administrators to achieve the goals. There are many implementations for containers that today, those methods are compatible with different hardware architectures and operating system.

You may know that Unix has OS Level Virtualization from past years and this technology is very older than other virtualization such as Full Virtualization or Paravirtulization.

Full Virtualization (VMware ESXi, Hyper-V) and Paravirtualization (Xen, UML) provides different guest OS but there is no way to use different guest OS when you are using containers. Of curse, some solutions are under development.

ancient 1

Operating System

NTP Software Implementations Comparison

This post is about NTP Software implementations actually, but I have to write some words about NTP. NTP is an angle for financial applications, actually some of services such as banking services are very depended to clock synchronizations protocols. NTP is an ancient thing, it is more than 30 years old and even older than Windows 7 and Windows XP.

iSCSI vs Fiber Channel 0

Server Virtualization

Guest Connected vs RAW Device Mapping (RDM)

RAW Device Mapping (RDM) is one of oldest VMware vSphere features which introduced to resolving some limitation on virtualized environments such as virtual disks size limitation and deploying services top of fail-over clustering services.

You can use a raw device mapping (RDM) to store virtual machine data directly on a SAN LUN, instead of storing it in a virtual disk file. You can add an RDM disk to an existing virtual machine, or you can add the disk when you customize the virtual machine hardware during the virtual machine creation process.

Provisioning Types Comparison 0

Reviews / Server Virtualization

VMDK Write Performance on Different Provisioning Types

VMDK (Virtual Machine Disk) has been designed to mimic the operation of physical disk. Virtual disks are stored as one or more VMDK files on the host computer or remote storage device, and appear to the guest operating system as standard disk drives.

VMware supports three provisioning types:

Thin Provisioned
Thick Provisioned
Eager-zeroed Thick Provisioned

0

Server Hardware

Hardware Status Problem on HPE ProLiant Gen10

The Hardware Sensor Status Reported in the vSphere Web Client Do you have any HPE ProLiant Gen10 on your virtual environment? Did you upgrade their iLO firmware to 1.30? If you have the servers with upgraded iLO firmware, you may face with the below status on Hardware status tab in vSphere Web Client: VMware vSphere 6.0 VMware vSphere 6.5 VMware vSphere 6.7 Good news, HPE engineers are working on this issue and it has no impact on production. It can be safely ignored but I recommend that install the new firmware after release.

HPE Serviceguard for Linux 1

Reviews / Server Hardware

HPE Serviceguard for Linux

HPE Serviceguard for Linux (SGLX), a high availability(HA) and disaster recovery (DR) clustering solution, increases uptime for your critical applications by protecting them from a multitude of infrastructure and application faults across physical or virtual environments over any distance. It reduces the impact of unplanned downtime with no compromise on data integrity and performance. Furthermore, it helps achieve near zero planned downtime for maintenance.

Microsoft Windows Insight 0

News / Operating System / Reviews

[Review]: Introducing Windows Server System Insights

As an IT admin, one of the responsibilities you have is to ensure systems continue to run smoothly. That is true for a number of activities and components, such as monitoring if a disk is going to run out of space, determining how much memory and processing a Hyper-V host is consuming so you can plan for new VMs, and many other examples.

Linux Kernel Patching 0

Operating System / Reviews

[Review]: What’s kernel Live Patching?

Dynamic Software Updating (DSU) Dynamic Software Updating (DSU) is a field of research pertaining to upgrading programs while they are running. DSU is not currently widely used in industry. However, researchers have developed a wide variety of systems and techniques for implementing DSU. These systems are commonly tested on real-world programs. Current operating systems and programming languages are typically not designed with DSU in mind. As such, DSU implementations commonly either utilize existing tools, or implement specialty compilers. These compilers preserve the semantics of the original program, but instrument either the source code or object code to produce a dynamically update-able program. Researchers compare DSU-capable variants of programs to the original program to assess safety and performance overhead. Software Hot-Swapping Hot swapping can also refer to the ability to alter the running code of a program without needing to interrupt its execution. Interactive programming is a programming paradigm that makes extensive use of hot swapping, so the programming activity becomes part of the program flow itself. Only a few programming languages support hot swapping natively, including Pike, Lisp, Erlang, Smalltalk, Visual Basic 6 (Not VB.net), Java and most recently Elm and Elixir. Microsoft Visual Studio supports a kind of hot swapping called Edit and Continue, which is supported by C#, VB.NET and C/C++ when running under a debugger. Hot swapping is the central method in live coding,...