May14

Rawhide week of fun, 2013-05-14

by nirik on 2013/05/14 at 12:48 pm
Posted In: fedora, linux, rawhide

Another week of rawhide has gone by, so another blog post. ;)

Utterly boring this week. I cannot recall any problems here at all.

In branched f19 news, we are moving into Beta freeze today. You can follow along on blockers and freeze exceptions (or propose new ones) at the blockerbugs application. There was a bunch of activity from various desktop sigs in the last week to get their spins down to their target sizes, but I think we are in pretty good shape on that now. Hopefully it will be a smooth and on-time Beta release for once.

 Comment 
May14

Flock talk

by nirik on 2013/05/14 at 11:58 am
Posted In: fedora, flock, linux
have you submitted a talk?

Have you submitted a talk?

Fedora is doing a new conference this year: flock

It’s setup more like a traditional conference (sessions proposed in advance) and it’s timed after Fedora 19 comes out, but early in the Fedora 20 cycle, so there’s good ability to plan things for the very next Fedora at it. Also, hopefully lots of folks from around the world will be able to attend. (Next years flock might well be in Europe).

I’ve submitted one talk so far that I thought might be fun an informative:

 

The life of a Fedora package: “This talk will follow in detail one package through all the steps of it’s life in Fedora and explain what happens at each step and all the systems and applications that deal with packages. Starting from idea, to project, to packaging, to review, importing, building, update, signing, mashi ng, syncing, testing, maintaining, retiring and end of life”

As usual, my problem isn’t what to talk about, but that there are too many things to talk about. :) I’ve considered a “Intro to Fedora infrastructure” talk, but I’m not sure how interesting people would find it.

I also submitted a ‘sprint’:

Highly available databases: Fedora infrastructure currently depends on serveral database servers, we want to come up with a plan to make them highly available and no longer a single point of failure. postgresql wizards wanted to help us with this sprint!

I’d love to get rid of having to schedule outages when we reboot or work on our database servers. :)

Anyhow, I might well propose some more sprints/talks/hackfests/workshops before the deadline (May 31st). If there’s something that you would particularly like to see me talk on or run a workshop/hackfest/sprint on, drop me a line and I might be willing to. :)

 

 Comment 
May11

unbound and nsd

by nirik on 2013/05/11 at 8:27 pm
Posted In: fedora, linux

After reading about upcoming bind10 changes and never really being all that happy with named, I decided to look around at other solutions for DNS serving. I’ve been running unbound (along with dnssec-trigger) on my laptop for a while, so I was pretty sure it could meet my needs for a recursive/caching solution, but I hadn’t found anything to replace authoritative servers until nsd was pointed out to me.

Replacing my authoritative server with nsd was pretty easy overall. I could reuse the same zone files, I just had to add a bit of nsd config to load them. My main firewall/gateway machine at home was also functioning as a caching server for machines here, so I had to replace named with nsd only listening on the external interface, and unbound only listening on all the internal interfaces. Worked like a charm. nsd now answers external queries for my domains and unbound does caching for other internal machines.

My main internal webserver/mail server machine also was running named and serving some internal only zones. nsd doesn’t have any kind of ‘views’ setup like named has so I had to ponder on this for a bit until I noticed that unbound can also optionally have local data. I just setup my zones there in unbound as local-data and it then was able to do what I needed (basically I need my domains to resolve to the internal ip’s on that machine so apache is happy, etc). It can also easily resolve *.example.com to whatever single ip you like. Very handy. The only downside of this is that dnssec doesn’t work right with local-data. Perhaps if I signed the zones with the same keys at the external site it could, but not sure it’s worth the trouble.

Unbound also has a nifty control program (non surprisingly called unbound-control) that can let you do things like flush cache for just a single specifc zone or host, setup a forward over a vpn or other link for just _some_ domains, etc. It’s really nice and flexable.

Both unbound and nsd as very dnssec aware and will try and validate as much as possible. Also, nsd has rate limiting built in so it’s resistant to DOS or DDOS amplification attacks.

So, if you are looking to replace bind, nsd seems to work nicely for authoritative and unbound does great for recursive.

Comments Off
May07

Rawhide weekly 2013-05-07

by nirik on 2013/05/07 at 6:04 pm
Posted In: fedora, linux, rawhide

So, this last week in the world of rawhide:

The 3.9.0 kernel came out, and quickly was replaced with 3.10.0 git snapshots. So far they have been all running just fine here, although there was a few there that had some problems with wired ethernet.

Xfce 4.10.1 updates came out. These are just bugfix/translation updates for the existing 4.10.x Xfce stable stream. The more important fixes we were already carrying as backported patches, so there’s nothing too thrilling here. Updates are out for f18 and f19, please do karma them up if they work for you. Rawhide had the packages monday.

There was some yum breakage last thursday. Luckily for me I didn’t update early in the day so I saw the reports and was able to update the fixed yum from koji before applying my daily updates. This is another nice way to be on rawhide and a bit more conservative, just wait and update late in the day so others will hit the big problems before you do and provide solutions. (It’s also another great reason to be on the test list to see those kinds of things).

Ran into an odd dig core dump issue (try: “dig fedoraproject.org +sigchase +topdown” and see the cores pile up). Unfortunately, abrt didn’t want to file it for me, so I will have to do a bit more digging and make sure it’s filed.

A fedora community member on g+ whipped up (pun intended) a rawhide wallpaper thats pretty cool: https://plus.google.com/116680320767812371369/posts/JTy5m3YhPAJ is the post.

Until next week… move em up.

Comments Off
Apr30

rawhide week for 2013-04-30

by nirik on 2013/04/30 at 5:15 pm
Posted In: fedora, linux, rawhide

A final rawhide post for April.

Another pretty dull week here in rawhide land. The updates flow has been pretty heavy, but breakage has not been.

There’s a very likely fix to a xfce4-session crash that some folks had been seeing in f19/rawhide. It was quite an anoying bug to deal with (you would be using your desktop and then, bam, back to lightdm). I really hope it’s fixed. If not, please do file it or note it on one of the open bugs.

Kernel 3.9.0 final was released, and rawhide has moved on to 3.10. :)

Looking forward to some more quiet weeks.

Comments Off