September 2007 Archives

yellowbotA couple of weeks ago Vani and I went to Lunch 2.0 at the ThisNext office (pictures on their weblog and from Andrew Warner). It was good fun - even if we didn't actually eat anything, with all the people.

To help out we at YellowBot will host the next lunch in Los Angeles, on October 12th! It is in our office in Burbank, so if you live east of Santa Monica it'll be easier to come! :-) RSVP here. Bring business cards and your friendliest face and you'll have a good time.

If you aren't in Los Angeles, then there are lunches being organized in Seattle, San Francisco and New York as well.

Obligatory link to the (idle-ish) YellowBot Blog.

Updated NTP Pool Stats

About three weeks ago I mentioned that Meinberg are giving the NTP Pool members some free equipment. It helped the pool grow to just over 1000 servers (we had been there before, but the number kept going up and down). Heiko from Meinberg then submitted a story to Slashdot about hitting a thousand servers.

What happened next? Over the next couple of weeks more than 400 new servers joined, growing the pool by 40%!


The graph is the total number of servers in the pool since I started keeping track of the numbers in August 2005.

In particular then the number of North American servers about doubled, which is great because it was badly lagging behind.

Of course all these new server operators also created more interest for the giveaway, so Heiko emailed me asking if we'd like even more equipment. Yes please. The new equipment they pledged will be DCF77 cards and an indoor DCF77 antenna - so only European operators will be able to have fun with that.

Port unpack and build

The macports (formerly Darwin Ports) is awesome for "building from source" many open source applications. On most of my Macs I use it to have a separate installation of Perl, Apache etc into /opt. That way I can install extra things without messing with the system versions of the software.

Most of the time all you have to do to install something is port install "package", for example

$ port install mod_perl2

This will download, compile and install perl, apache2 and mod_perl -- and all the dependencies needed for each of those. Easy, huh?

Once in a while though you need something slightly different than whatever it does automatically. For example rrdtool needed some help to properly build the Perl extensions. What to do? Seemed like a lot of work to find, download, configure and compile it all just for that! Aha - fancy options to the rescue:

With the following command it'd recompile and install rrdtool but leave the work files there:

$ port -dfk install rrdtool
  • -d - enable debug and verbose mode. I used this to get an output of the obscure path where the compiled rrdtool was
  • -f - do all the work again, even if it's been done before
  • -k - "keep", don't autoclean after install

The last option was what I really needed - it left all the work files there and let me go in and work with the rrdtool perl library to make it work for whatever it was I needed it to do.

For more options, type man port.

iphone notes

John Gruber had a good idea for changing the default Marker Felt font on the iPhone: just remove it!

I tried copying the Helvetica ttf files to the old MarkerFelt filenames instead of just removing them, but as you can see in the screenshot it didn't seem to work, it still defaults to the Arial font. :-( (yeah, I did try variations of having the OS create the Cache files (it didn't) and copying the cache files from the Helvetica fonts too.

So it seems like the font name is in the ttf file and that's what's being used, so now I just have two helvetica fonts on the system rather than a fake Marker Felt font.

Is there a True Type font editor available for free or on a trial basis anywhere? (really just a meta-data editor, I obviously don't need to edit the actual font).

One of the NTP Pool server operators emailed recently and told that his server was unavailable for a few hours because he had changed some firewall rules remotely and managed to lock everyone out. Oops!

There's an easy way to do safe remote firewall changes.

He should have used the at daemon to automatically recover! If you don't have a console server then you absolutely must get in the habit of using it before doing anything that can lock you out of your server.

The basic concept is to setup something that in say 5 minutes will undo whatever you're about to do. So if you are messing with the firewall rules, the easy way is to tell it to disable the firewall in five minutes. For example on Fedora and RHEL you can use service iptables stop to stop the firewall, so as root enter:

at "now + 5 minutes"
service iptables stop

You can type a whole list of commands and when you're done, press ctrl-d to stop.

It will look something like:

# at "now + 5 minutes"
service iptables stop
job 6 at Tue Sep 18 17:53:03 2007

Another variation to "program" the at daemon would be echo service iptables stop | at "now + 5 minutes".

Anyway, now you go mess with the firewall for 5 minutes and when you're done you delete the at job. You use the atq command to see a list of queued jobs and then atrm to remove it

# atq
6       Tue Sep 18 17:53:00 2007
# atrm 6

Editing firewall rules is a great use case for this, but other neat ways to use at could be:

You mess with the network configuration. Make the system just reboot in case you get it wrong (be sure that the working configuration files are put back; or that you don't edit the configuration files until you've gotten it working with ifconfig).

You take something down for maintenance; use at to schedule it being started again in an hour. So if you forget to restart it, it'll come back in an hour at the latest.

For example, start MySQL replication at 8pm:

$ at 20:00
mysql -uroot -e 'start slave;'
job 8 at Tue Sep 18 20:00:00 2007

Send yourself a reminder:

$ at 18:32
mail -s "put money in parking meter!" < /dev/null
job 8 at Tue Sep 18 18:32:00 2007

You have to make sure atd is running of course, but on most Unix systems it should be (it's installed on OS X, but isn't running by default).

I realize that tools to fight the automated scripts of web-spammers are needed, but come ON! Can't we come up with something better than IMPOSSIBLE captchas? Captcha good. Too hard or broken captcha not good.

Take this one I got after trying to add a comment to Duncans weblog.


Did I type it right? I thought so - but TypePad didn't. They made me try and try again about 10 times before letting me add the comment! So assuming I'm not a complete idiot, it's their fault. Either they had a bug comparing the text or they made it TOO HARD.

I don't mean to pick on SixApart though; it just happened that they were the ones I got the screenshot of.

If only they'd use reCaptchas, then it wouldn't feel so wasteful. You might have heard about how spammers use humans doing something else to solve captchas. The reCaptcha project uses humans to do OCR of old books that the computers had a hard time with. Pretty clever, huh?

Kajang Night MarketI've been working on the pgeodns nameserver again. It's fun picking up years old code. Currently we're using it for various services to geographically distribute requests and I'm working on some new features so we can use it for that and to more carefully load balance the servers in the NTP Pool. I've been working on writing tests for
everything and since then refactoring the code to get it cleaned up while adding a few features.

It's tempting to have a generic all-purpose super flexible modular nameserver platform, so I might take a cue from qpsmtpd and make all the Real Logic be plugin driven.

For most DNS serving I use MyDNS which serves data out of MySQL, so one of my use cases would be "could I re-implement MyDNS in a plugin?".

So following that thought I'm thinking I should re-shape Net::DNS::Nameserver to be Danga::Socket based. Why? Well, so I can integrate Gearman to help do to MySQL lookups in an asynchronous fashion.

You want your nameserver to 1) Not Block and 2) Be Fast. This will accomplish 1), but not necessarily 2). We'll see which direction I go. For now I just need to add a few features ...

Update: The solution a few years later was to rewrite it in Go.

Free GPS time server equipment!

Thanks to our friends at Meinberg we (the NTP Pool) are giving away some awesome equipment for time keeping.

If you have a reasonably connected server with a static IP address (see the requirements), please join the pool. Literally millions of users are counting on you! Any old server that can keep track of the time can run ntpd too. The cpu requirements are really minimal, so your current MySQL/Apache/whatever load is not going to be affected. If you are able to setup a GPS antenna then you can also go apply for the GPS devices. They are really really cool.

In any case, if you are able then please give us a link from your weblog.

About this Archive

This page is an archive of entries from September 2007 listed from newest to oldest.

August 2007 is the previous archive.

October 2007 is the next archive.

Find recent content on the main index or look in the archives to find all content.


OpenID accepted here Learn more about OpenID
Powered by Movable Type 4.38
/* bf */