kluner.net

overloaded

No, I am not overloaded, though I’m not far from it sometimes, but my trusted mailserver is almost there. All day long there’s been a close to inifine flow of spam, bounces and other junk storming into my mailbox.

As some of you may know, I’ve got a powerful IBM server running FreeBSD here at home under my desk, which handles all my daily internet and e-mail activities. This box is so powerful, that it would not be out of place in the e-mail infrastructure for an Internet Service Provider. I got the thing from someone who had just acquired another company, and since the new owner did not choose IBM as his hardware platform of choice, the thing was obsolete. ( in terms of usability for them, the hardware is great). Well, I was happy as can be with that, since he gave the server to me for free. I can’t afford hardware like that, heck, I can’t even afford a normal computer at the moment (that laptop is take everywhere is of the company I work for, not my own)

Anyhow, even that server has trouble dealing with it all. Mostly because it’s not setup to handle that kind of ammount of traffic, and it’s a little low on the memory department. Sinds midnight it received 845 messages, of which 409 where immidiatly discarded because they where blacklisted, 140 where removed after spamassassin determined that it was indeed spam (spamscore > 6), and 151 where passed through eventhough they where suspected of being spam (spamscore < 6). 99% of those where bounces, and it looks like someone used my e-mail address once again to end out spam. (*sigh*). For me it’s annoying, for my mailserver it’s even more of a drag. A little excersize with the ‘d’ key (for delete) later, my mailbox was cleaned up again, but I’m caught thinking I might have been a little too passionate in deleting stuff. So: if I do not respond to an e-mail you have send: I am not ignoring you, I’ve just been a little careless with removing a couple of hundred messages. I appoligize.

In other news today: everything is pretty much going the way it should: Femke smiles, Femke tries to grab anything she’s not allowed to grab with a passion, and is a wonderfully healthy and pleasant little girl. What more could a proud daddy whish for?

A little bit less spam please, but that’s something the readers of this blog can do little about.

vmware ESXi

Vmware released it’s answer to Microsoft’s Hyper-V product today: a free to download and using 32MB diskspace of footprint Hypervisor.

This can only mean that the virtualisation market is gearing up for one heck of a competition run, maybe even a full-out war. Frankly, Vmware has the lead right now, they are market leader in this segment, and their products are currently second to none. As I mentioned in my earlier blogpost, Microsoft turned out what I consider an ‘unfinished’ product with Hyper-V, but the advantage is that it comes included with windows. On the other hand, Vmware is proven technology, something you want for virtualisation in a business setting, and Microsoft clearly has a couple of miles to go before they get to the level Vmware is at.

So, we have to wait and see how well either product family does. I’m betting on Vmware, quite simply because I’ve been using it for a while now, and it’s a very robust and mature solution. It’s fast, scalable and flexible, but the prices are kind of steep for a beginning business. On the other hand, prices are dropping fast, and each products competitive advantages are becoming more and more clear now.

Hyper-V: why you do not want it

Microsoft has released a ‘final’ version of Hyper-V, it’s virtualisation product, it seems however, only a shadow of what Xen and VmWare can offer customers when it comes to Enterprise level virtualisation.

This article will explain Hyper-V, and why it’s a very poor choice for virtualisation indeed.

About Hyper-V

Hyper-V is Microsoft’s implementation of a so called ‘hypervisor’. A hypervisor is a technology that allows for easy virtualisation, it allows for virtual computers do directly address the hardware on the host computer. It’s a step up from paravirtualisation, which emulates certain hardware types, at the downfall that the hypervisor needs to do a lot of translation and conversion work in order to get things to the real hardware.

The alternatives

Virtualisation isn’t new, it’s been around since 1969. But mainstream (meaning affordable) virtualisation is a recent development, since we now have processors that deliver so much performance, that most of our servers are idle most of the time. By utilizing virtualisation, we can use the full power of one server better and more efficient, and therefor be more cost effective. Virtualisation products are offered by Vmware (the first to do so, and also the global leader in this segment) and the Citrix owned Xen product line, which is largely an open source effort.

Microsoft’s ceavats

Microsoft is a fairly new player in the virtualisation market. Their products so far have been limited in their possibilities, and the feature set is nowhere near what Vmware and Xen can offer. The big upper for Microsoft is that they have a grip on a vast amount of the OS market with Windows. The choice for windows often is not technical in nature, but political. Since almost everyone uses windows on their desktop, it seems like the logical choice to use it on the server as well. This however, is a common misconception that has lead to many problems with companies worldwide, and the recent gains of many Unix-like (opensource) Operating Systems is a vital clue to how the market is getting smarter in it’s choices.

Many companies might think: “this virtualisation product is included in Windows Server 2008, and therefore a cheap alternative for my virtualisation needs”. While this seems logical, we must not forget that this is a highly specialized field, and no matter cheap, or included, Microsoft’s product simply does not cut it when it comes to overal features and support. While Microsoft naturaly supports all of it’s Windows products, it only supports Linux through Suse Linux, by Novell, since it has an agreement with Novell to do so. Suse however is not by far the most comonly used Linux, and enormous amounts of companies virtualise Red Hat, Debian, Ubuntu and other Unix Operating Systems, the most foremost being FreeBSD and Solaris 10.

Another big problem is overal features, both vmware and Xen support a technique that allows you to move a running virtual machine from one physical server to another, without any downtime to the virtualised machine. Hyper-V does not allow for that, you need to shut down the virtualised machine first, before moving it. This causes more downtime, and more frustration since this moves important maintenance to the night time, when it could have been avoided. Personally, I can upgrade my entire virtualisation environment during office hours, without anybody noticing a thing. This prevents cutting in my sleeping time, and it’s also cheaper for my boss since he doesn’t have to pay overtime.

Then there is the problem of resources. One of the things of virtualisation is that the goal is to utilize available resources to the maximum possible. While virtualisation enviroments are often more expensive to purchase in terms of hardware requirements, in the long run they are much more cost effective since you can easily phase out 8 physical servers. This is not only a reduction in cost of hardware purchases, but also costs of space, power, cooling. Efficiency is the keyword here. Microsoft has it’s Hyper-V hypervisor running in combination with Windows. Where the windows 2008 server is actually virtualised in the same way as with Vmware ESX. However, the ESX management console requirements are far less then those of a full Windows 2008 environment. Just running virtualisation from Microsoft will cost you about 10% virtualisation capacity, compared to vmare ESX and Xen at about 1%.

Security

Let’s face it, Microsoft does not have a good reputation when it comes to security. As a matter of fact, any security solution based on Windows is an act of pure lunacy if you ask my proffesional opinion. Now, in all honesty to Microsoft: they can’t do much about that. Changing the Windows security model to something that will absolutely work will most likely cause so many problems, that everyone will scream. Their shareholders will never go for that. The recent problems surrounding Windows Vista’s security model is the most compelling evidence. In the end: nothing has changed, since all users have disabled ‘those irritating nag screens asking for permission every time you do anything at all’. Also, their backwards compatibility allows for serious security considerations, not only by allowing ‘ancient’ windows code to exist (some security issues discovered in the last 2 years have been arround since windows 3.11), but also allowing applications to run that where coded in a time where we weren’t all that focused on security.

Inovation

Microsoft has about the level of inovation that one would expect from an ant. (usefull little critters they are, they do everything the way they have always done, change does not happen often there). In part this is because inovation is difficult, risky and hard to do at best. Microsoft has billions of profit to protect, and they do so by not inovating much. Most of the time they wait for someone to come with a good product, and buy that company or product. Virtualisation should be inovative, it should be ’special’, for the first time we are no longer trusting our important mision critical data to physical machines, but to virtualised ‘invisible’ machines. This field wil grow and expand even more with the arrival of multi-core systems. This requires huge ammounts of research and development and a lot of experimenting to ‘find the right way’. Intel and AMD do that part on the hardware side, AMD coming up on top purely because of Pacifica and Hypertransport. Xen and Vmware do that in their software lines, and on a whole, they are doing great. Microsoft will struggle to keep up with them, purely based on the mere fact that the corporate structure there is run by politcians, accountants, marketing and lawyers, not by the people invisioning and building the products.

We’ve seen the problems at Microsoft for many years, sharepoint, though conceptualy sound, is so complicated and tricky that even Microsoft’s own staff can’t figure it out (real world example). ISA is so full of problems and so complicated, that nobody knows exactly how to get the darn thing under control.

Conclusion

If you want virtualisation, use Xen or Vmware. I’m not partial to either one in general, but professionally I’ve been using Vmware Virtual Infrastructure (Build around Vmware ESX 3.x) for years now, and I’m very happy with it. We’ve reached the point where we need to seriously upgrade our hardware architecture to keep up with demand. We virtualise everything, from development servers, to staging/testing servers, to full production enviroments. It works, all the time, everything, 24×7. The only downside I’ve been able to find with Vmware is that their management client does not work on Mac, but from what I’ve heard, they are working to fix that, and release a Mac and Linux client soon. That is something Microsoft will probably not do, ever. (it’s enough of a miracle they released silverlight for Mac OS X).

Feature overview

*) Windows 2000 SP4 is supported, however, with only 1 virtual CPU. Pretty darn ‘weak’ I say.

new goodie, inbound

I ordered something from the Iron Maiden official store today, the tour shirt for the Somewhere back in time tour, that is currently running. They are coming to Assen, The Netherlands in August, and I have a ticket. (with special thanks to my ex-wife, who gave it to me for my birthday, thanks sweetie!!!)

Here’s the image (click for a larger version) from the Live CD they’ve released, I think I’m going to purchase that one on iTunes+.

I sure can’t wait for the concert, it’s going to be great. My last concert was in 2003 in Ahoy, Rotterdam, The Netherlands, and that was Iron Maiden too. so after 5 years, it’s about bloody time I got to a concert again! Up the Irons! I am sure I will see some of you there.

Firefox Download Day

Firefox Download Day 2008 has started.

Everyone, please download Firefox, so we can set a world record!

And suddenly….

A letter from our lawyer, who handles our joint request for divorce, arrived

The judge has declared to agree with what Petra and I decided, and has confirmed that with a signature

I immediately send the lawyer a confirmation (that we agree with the verdict/decree, which is a sort of final check) and that he can go ahead with registering it with the ‘mariage-registry’ in the city we got married in. This should take about a week, and then the divorce is final.

Call us crazy, but we’re pretty happy about it.

weird day, ditto week

I expect today to be pretty weird in the chaotic sense. Petra (my ex wife) will be subjected to surgery on her armpit. Last time she went in for surgery, she came out of the anesthetic pretty darn well and quickly too, and she was out of the hospital within an hour after surgery. Let’s hope that this time will be no different

A difference from her previous (unrelated) surgery, is that they will not close the wound, and put in a drain, this means that the coming week will be troublesome. For that reason I will work from home the coming week, because she will probably not be fit enough to take care of Femke alone. (especially lifting our darling little girl is becoming heavy enough under normal circumstances, let alone after having had surgery in a rather tender spot).

Speaking of Femke: she has a very clear musical preference for ‘The Offspring’, and particularly ‘Pretty fly’ causes her to really turn wild, she’s showing clear ‘head-banging’ behavior. A chip of the old block as they say.

Thankfully, this week we also have support from Petra’s mom, who is staying over. ( she happens to be a nurse ), but all in all, it’s probably going to be pretty chaotic week.

update: As the previous time, Petra bounced out her anesthetic quicker then anything, and within no time at all, she was eager to leave the hospital again. So, now she’s back home again, and everything seems to be going just fine.

signed, sealed and almost delivered

For most of you it’s been known for a little while now, for some of you this will come as a nasty bit of a shock:

Petra and I are getting a divorce.

Before anyone gets wild ideas about lengthy court battles and endless custody hearings: we will have none of that. We are ending our marriage in mutual respect and friendship, and everything we do revolves around one person: our daughter Femke.

For the time being, the girls are going to stay with me in our house. Once the divorce is final Petra will set out to find a place the girls can live, and I will do everything in my power to help them and support them.

These things are never easy, on none of the persons involved, but I think we’ll manage.

why we have lost the war on terror

The title already has plenty of stuff to make this a very controversial article. But hey, someone needs to say this stuff.

Let’s make one thing clear: I don’t like terrorists. I don’t like what they stand for, and what they do. Attacking innocent men, women and children is something which is beyond the pale. I specially don’t like what terrorists did on 9-11.

But we are letting them win!

Ask yourself: what do terrorists want? The answer is quite simple: they want to change the target society (meaning us, not meaning the USA, but not excluding the Americans either). To bring fear to it. To make the government of the target change it’s stance on liberties.

And what do we do? We impose security rules that make air travel even more a pain in the rear then it already is. We start allowing law-enforcement to get easier access to wire-taps and internet connection taps. We take away one of those most holy of liberties: privacy. Freedom of speech gets nibbled on as well.

Essentially: we play right into their cards, and give them what they want. Fear, doubt, the feeling of having to look over our shoulders. People become more suspicious of the followers of Islam (of which I am not one), while Islam and the Koran explicitly forbid the things the terrorists did. We’re seeding hatred, and harvesting discontent among all the races on this earth.

What we should have done: Ignore them. Sure, we should grieve for those who perished. Off course, if we can find those who aided in committing these crimes, we should prosecute them - not kill them, that would only make them martyrs - and imprison them for all eternity. But other then that: ignore them. Do not change our way of life, because that is their target. They don’t like our freedom. They don’t like the liberties that are our right. They don’t like anything about us. That is why they attack us. By starting to take away those things from our people, we are giving them what they want. Which will only encourage other terrorists to do more of the same, to achieve even more of the same. Terrorists, because they are what they are, can almost never be stopped before they do their damage.

So what to do when/if it happens again (let’s hope not)? Simple: the British have an enormous good history of showing what should be done: keep a stiff upper lip. The British showed us that during the second world war, when London and industrial cities where bombed every single night by Hitler’s Luftwaffe. They took to the shelters, sat it out, and in the morning they climbed out, and started rebuilding that which was destroyed.
They showed us again, when the IRA was running it’s bombing campaign inside Britain, when London was shook up by assassinations and bombings more often then not. Did the British waiver? No, they kept a stiff upper lip and continued with their business.

When is the last anyone heard about the IRA? Well, they have their political party in full gear now. And it looks like peace is getting there slowly and certainly. Violence didn’t work, talking got them a heck of a lot further.

I think that example gives us everything we need. Faith, courage, and that darn stiff upper lip. We should not waiver, we should not cower. We should stand up brave and tall, and smile right back at them. And say: we are what we are, and you’re never going to change that. Up yours! And just go about our business like those terrorists don’t even exist. Because through that, they will loose their will, and their courage to sacrifice themselves, and when that happens, we can finally sit down and talk about the problems we’re having. And fix them.

to quote Benjamin Franklin (arguably):

Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.

usefull tips for FreeBSD in vmware

Ivan Voras made a nice post called FreeBSD under VMWare, it has very usefull tips. Read more here.

it covers a number of common pitfalls related to using FreeBSD in a vmware setting:

• using the wrong network driver (reducing network bandwith to 10Mbit/s)
• wrong kernel time frequency (modern day is 1000Hz, 100Hz is recommended)

if I come up with some more interesting things, I’ll post them here.