16. Oktober 2012: Dienstag

LDAP:

  • Still working on moving the database that holds the backend from Oracle’s Berkley DB (the old Sleepycat DB, or BDB) to Howard Chu’s MDB (Memory Data Base) that he has developed in the past year.  It is very fast, requires zero configuration and just bloody works!
  • Still getting the RHEL6 replica image worked out, almost there.  Just a few more bits and bobs to tweak before I declare it acceptably ready and roll it into production.  Aiming for Thanksgiving to do that.
  • Watching the newest update to the eduPerson objectClass.  It has a couple of new attributes (eduPersonPrincipalNamePrior and eduPersonPricipalNameTimestamp) that will be of good use to us (with some development work) to remembering the former NetIDs that have been assigned to people so we don’t reuse without serious consideration.
  • Working on (finally) getting the Employee Privacy Flag (EPF) routines moved to and working on the account management system.
  • Dealing with the PeopleSoft upgrade that is coming soon and appears that it is going to have a large change in the fake SSNs we have been using.  Still working to gather the facts and figure out what I need to change in the update scripts.
  • I have also become aware of the CIFER project and I need to read information about that to determine if I should advocate for migrating to that platform to make it possible to replace myself at some point.

NetWorker:

  • Still working on the vault space issue.  We are attacking this on multiple fronts.
    • We are investigating a large reduction in the amount of data that we keep for the full seven years, likely the largest space consumers being reduced to two years.
    • We are changing the way we dispose of the seven year old tapes.  Instead of removing them once a year, we will remove them every month.  This maximizes the reclaiming of vault space and reduces the burden on me to fit all of them into the destruction bins in July.
  • Still working on the pricing and feasibility of a dedicated backup system to handle the VMware ESXi clusters.  The two current candidates are AVAMAR and VEEAM.  We looked at VADP as provided by NetWorker and found it to be lacking critical features.  The biggest problem being the inability to do a disaster recovery (or bare metal restore) from incremental backups that use Changed Block Tracking (CBT).  Disk is cheap, but it is not cheap enough to do a daily full backup of our entire VMware infrastructure.
  • Our Data Domain’s OS (DDOS) is about to fall off support, so I am working on the upgrade of that to the current version.  DD support is not answering questions as rapidly as I had hoped.  I may not be able to do the work on October 22 as I had hoped.
  • October 22 is the next Backup Maintenance Day.  I’m still pulling together the list of work to be done this month.
  • And just for fun!  One of the tape drives decided to do a failure mode of “stuck tape”.  So much for the morning.  However, the tape was finally released.  After power cycling the drive and waving the rubber chicken around the office and over the keyboard a few times.  Visual inspection of the tape says it is either ok, or there is hidden damage buried in the supply spool of tape.  Work is progressing to move the data to another tape.

Personal System:

  • Upgraded the MacBook Pro to OSX 10.8 (Mountain Lion).
  • As a result of that, I have found that Thunderbird is not reliable for me (people are not receiving my emails — or are at least claiming that they were not!) as well as some messages that our own systems tell me were delivered into my INBOX were lost.  Therefore, I have stopped using ThunderBird.  I tried Apple’s Mail.app, but was unable to find a reliable way to get it to work with gpg to sign and/or encrypt messages that I send out.  Therefore, believe it or not, I have returned to pine.  I am actually using the re-alpine 2.0.2 code from sourceforge.  I found directions HERE that didn’t work for building, but did work to set up the .mailcap and SSL certificates.  I found directions HERE on configuring to use gpg with re-alpine. [EDIT: 17. Oktober -- Yeah, this is not the modern way of doing pgp encryption, and it doesn't support the modern MIME/multi-part methods]
  • I also, since PGP Whole Disk Encryption is not ready for Mountain Lion 10.8.2 :(, re-encrypted the system disk using FileVault2.

Tags:

Comments are closed.