Submissions are being accepted through the end of the month, and it’s really super-easy to do. All you need is a short paragraph describing the talk or poster session that you’d like to give. Email that to submissions@picconf.org, and they’ll consider it. It couldn’t be easier!

If you’d like, you can also read the Call For Papers online. Hurry and get it in!

So I went to the store and bought the cheapest R/C car I could find ($7), took it apart, attached a piece of foam to the wheel, attached an arrow to the foam, made a suitable geek-o-meter image, and had it printed out and mounted on a foam board last night at FedEx.

Today, I unveiled it at the symposium:

If you’re curious, the things are, from left to right, a kid’s toy computer, Milhouse from the Simpsons, Alton Brown, Adam and Jamie from Mythbusters, Rear Admiral Grace Hopper, and Sheldon Cooper from The Big Bang Theory.

Yep, I built a radio-controlled Geek-O-Meter that the Wireless Field Day delegates can control from their seats in the audience. I suspect I’m a little too proud of myself.

I’ve been arguing my case with Philip Durbin since then on Google+. I’ve had almost innumerable conversations with people on twitter about it. And it apparently spurred Wesley David into writing a piece talking about the moral side of the issue. Interesting stuff.

And for the record, because A LOT of people have asked me about it, my definition of theft is straight out of Merriam-Webster.

I think if you read the article that I wrote, I never said anything about right vs wrong, or illegal vs legal, and that was on purpose. I have mixed feelings about all of it. It’s obviously wrong to take something of someone else’s without their permission. On the other hand, I don’t think that it’s necessarily wrong to do something that’s illegal if the law is in the wrong, either.

Slightly related is YCombinator’s recent Declaration of War on Hollywood. YCombinator wants to fund startups that will eventually eliminate Hollywood Studios.

Joel Spolsky recently wrote a piece on Google+ advocating legislation that causes the elimination of software patents and the rolling back of copyright protection. And this is from a guy who’s company makes copyrighted software.

Between you and me, I think there’s something going on, society-wise. As a group, we’re looking at things differently than we did, even two years ago. I’m not sure if all of the SOPA blackouts would have happened then. I don’t know if it changed with the Arab Spring or not, but it just feels like people are more cognizant of their ability to make change to the world around them. And I think that’s a great thing, and very promising.

I don’t have a lot of experience with them either, but I’ve spent a decent amount of time learning how they work, why they fail, and reading about the various failure modes. The problem is that I have no hands-on time with old, failed, failing drives.

What I’d like is to see some failing (or old/slow/etc) drives first hand. My ultimate goal is to write a small SSD health check that can be plugged into Nagios (or whatever monitoring system you want to use). As of right now, there’s no SSD health check on Nagios Exchange, and I think one that actually did check would be valuable.

Of course, there will be limitations (like when the SSD is part of a RAID array, or really really old, or the drive is so dead that it doesn’t respond), but still, the lack of ANYTHING is kind of frustrating.

Since I’m not made of money and time, I can’t just go buy a bunch of SSDs and wait on them to die in interesting ways. This is where you come in :-) I’d be interested in taking (or borrowing, if you’d prefer) your old unhealthy drives. I can get my own reference shiny-new drive(s), but I’m more interested in drives that are long in the tooth, either because they’re just old, or because they’re slow from all of the writes that you’ve been putting them through, or whatever.

I’d prefer drives with the SMART extensions, but I’m not overly picky, I guess. Since I don’t need dozens, I can probably pick up shipping as long as you’re in North America.

If you can help me out with my little project (or have suggestions on how I can acquire drives like this), please drop me a line or comment on this story. Thanks!

But it did get me to start to think about software piracy, and consider the harms that it causes, and what its detrimental effects really are.

So what is the nature of software piracy, anyway? Is it theft, as lawmakers would have you believe?

As many have said, theft is the taking of something which deprives the owner of use. If you steal a car, the owner of the car can’t use it anymore. So it’s certainly not theft as it would be defined in the physical world.

However, a software pirate is taking something that, if acquired legitimately, would have required them to pay the copyright holder money. The copyright holder did not get their money in the case of pirated software. But is that theft? The copyright holder wasn’t materially injured, but they were not justly compensated for the use of their property.

By that logic, it sounds to me like software piracy is more akin to trespassing than it is to theft.

Of course, I also find it laughable whenever software piracy is mentioned and people assign monetary value to the “stolen” software…as though the options were either “steal this software” or “pay for it”. A false dichotomy if I ever heard one.

Let me just say this…I was in college and I knew a lot of people who pirated software. I can tell you with 100% certainty that none of the people who had the newest copy of Photoshop on their computer would, if unable to steal it, say “gee, I guess I need to pony up $500 to buy photoshop so I can alter this picture of my professor”. They didn’t have $500 to buy Photoshop. Did Adobe really lose the $500 that didn’t get paid to them? No. That money didn’t exist. Assigning it a value is dishonest.

Another option is to use an alternative piece of software to accomplish the same thing. As it turns out, Adobe does make several versions of Photoshop. Photoshop Elements is around $60, or about 1/10th the price of Creative Suite. But guess which one is pirated more?

I’m not going to link to the Pirate Bay, but you can check if you want. If you don’t want, you can just take my word that Adobe Photoshop Elements 10 currently has 462 seeders, while Photoshop CS5.1 Extended Edition has 5,881. It’s really interesting that the the ratios between price and seeders is so close. I’m going to have to investigate that further at some point.

Nevertheless, you can see what’s happening. Not nearly as many people are pirating Photoshop Elements. Is it because the pirates who would have “stolen” it bought it instead? I have my doubts. I suspect that it just isn’t as appealing to pirate as the more expensive option.

More people pirate CS5 because there’s no disincentive to them for doing it, compared with Elements. “In for a penny, in for a pound” is the phrase (incidentally, pound is a reference to the monetary denomination, not the weight, for my fellow Americans who have never really thought about the it). If you’re going to pirate something, you might as well pirate the most feature-rich application available, right? They’re not going to hold a trial and find you less guilty. No one will complement your restraint for having “only” pirated Photoshop Elements. So why not get CS5?

So imagine a perfect world, where there is no software piracy. What are the options? Well, we take the false dichotomy listed above, and we can immediately add “Don’t use software in this manner”. In other words, there is always the option to not photoshop your professor’s head onto a donkey. I think we all know that this scenario is unlikely.

The 4th option is to use an alternative software, such as the above-mentioned elements. However, we’ve seen that would-be pirates are less likely to use that, probably because they’re unable or unwilling to spend money. There is, of course, alternative alternative software. Not every image editing program is made by Adobe and sold for money. Software like The Gimp has, I would estimate, 80% feature matching with Photoshop. And of that 20% left out, there are essentially 0 features that the average young, run-of-the-mill software pirate would be interested in. Most of the features are professional level, having to do with things like printing and high end modeling. For casual (or even mid-to-high level) photo editing, The Gimp has everything you need. And it’s 100% free.

So why aren’t people using it?

Well, a lot of people are, but why aren’t the pirates using it instead of pirating photoshop?

I suppose it depends on what their goals are. There are software pirates who collect software much like I collected baseball cards when I was a kid. There are also probably the print shops out there who pirate software because they’re running so close to red that they really can’t afford to buy another copy of CS5. Aside from those two extremes, I’d guess most are “casual” software pirates. People who need to do occasional image editing, who use their software, but aren’t in love with it, and only continue to use it because they’re familiar with the interface and because it’s easy to get.

That last group, the “casual” pirates, are where we see the bulk of the damages in terms of claimed income lost, and also where it’s the most ridiculous, because there’s absolutely no need for them to use something as powerful as Photoshop when something like The Gimp would be just as valuable to them.

And this is the true evil of software piracy. Those users who don’t need any features specific to the software that they’re pirating are actively shrinking the user base for the free software that fills the same niche. Every user that pirates Photoshop when they could be using The Gimp (or paint.net or pixlr or any of these) takes resources away from the others. Of course, when the price of The Gimp (or whatever) is the same price as Photoshop CS, they make the same choice as when they choose between CS and Elements.

These users aren’t stealing software, they’re stealing userbase.

Does that affect you? Yeah, absolutely. How?

Because publishers can write losses to piracy off of their taxes.

So these people who pirate software casually are increasing the counts of piracy, which allows the publishers to claim losses that aren’t really losses, as I’ve explained. Because the publishers are claiming less income, they pay less in taxes…which essentially robs the government of its income.

Who is stealing from who?

What are your thoughts about all of this? Is there a solution that doesn’t involve a massive upheaval of the copyright laws? What can or should be done?

Their company just purchased another corporation, and the submitter has been tasked with creating a “State of IT” report. When I originally read the question, I thought that his current company’s president wanted an overview of the new company. As it turns out, the president of his company is actually from his NEW company and wants an overview of the existing IT infrastructure!

That’s ok, I answered the question that I thought I read, because I find it interesting.

If your president or CEO tasked you with creating an executive-level report of a company that they had bought, or had considered buying, how would you do it? Here’s the advice that I came up with…

1. Finances / Tax information

If you haven’t, yet, you need to perform an audit of the hardware and software assets of the acquired company. Report on the value of the hardware and software that’s usable. Indicate how many pounds or tonnes of hardware will need to be recycled through an approved firm, and what the estimated cost will be.

2. Broad overview of their infrastructure

This should be a high level, 10,000ft view of their network highlighting what it does to help the business, not what it does from a technical standpoint. If it’s a manufacturing company, sentences should sound something like…

IT in $U company supports the business by enabling communication throughout the enterprise via (internal email/instant messaging/internal documentation sites/etc), and empowers clients to share data via (whatever). The IT department consists of $X number of personnel, $N being senior with at least $A years of experience, $M number being junior. Last year, they had $Y business-impacting failures, with a mean time to repair of $L minutes.

3. Upcoming problems

This should be a list of the major systems that need repaired or replaced, plus any grievous issues with the number or constitution of employees (i.e. massively under or over stocked).

4. Remediation of problems

Should consist of a report of everything you foresee needing to do to bring the company’s IT up to your level of operations, with particular emphasis on the monetary element (i.e. an aggregate cost of software licenses, a per-major-system breakdown of new hardware (a new storage infrastructure, or new server replacements if they’re still running on pentium 2s), or “we’re going to need to hire three new junior level admins” or whatever).

Make sure to provide a time frame of when you believe you’ll be ready to spend money (estimate it on a quarterly basis, such as “we’ll need a new storage infrastructure with a likely cost of $$$,000 in Q3 of 2012). It should go through the issues brought up at the previous, matching one to one.

Also, assuming you have MTTR numbers in that company that aren’t where you’d like them to be, now is the time to list the plans you have to implement improvements, such as “Begin transitioning $NewCompany to our QA department test processes in order to improve MTTR”, and so on.

5. Time Line

Unless the president plans on operating the purchased company as a standalone entity, he’ll probably want to have their services integrated with yours (and if you value your sanity, so will you). Here’s where it gets hard, because you have to account for a LOT of variables, and estimate how long it will take you to make adjustments to both your and their infrastructure (both will probably end up changing, unless you just completely dwarf them). Increase the amount of time that you think it will take, because it almost certainly will take longer, but establish a time line with the major events between now (completely disparate infrastructures) and full integration, and assign quarterly dates to those events.

I’m sure there’s more, though. What advice would you give to someone in this situation?

2checkout.com
4350 Equity Dr. Suite G, 43228

Here’s a link to the Google Map: http://goo.gl/rafcE

View Larger Map

The meeting topic will be “Beginner and Advanced Monitoring with Nagios”, and the presenter will be….me!

At the meeting, we’ll have socializing at 6:30 (with pizza and soda), and the presentation will begin at 7pm lasting until 8pm. We’ll probably go out for drinks again following the meeting.

Please take this time to register at EventBrite (registration is free, but it lets me know how much pizza and soda to get).

Let me know if you need have any questions or concerns. I’m looking forward to seeing everyone at the meeting!

I want to spend the majority of my time talking about configuring and managing Nagios, but compiling it takes valuable time, so in the announcement, I sent everyone a link to this page, and basically said “if you want to follow along, do these steps before the meeting”. And here you are!

I’m providing these directions not because I think that Nagios should be installed from source in a production instance (it shouldn’t – you can’t manage versions with a source install), but because it’s easy, and it’s a known quantity. And the lessons that we learn here can be applied to the distro-provided package (or an in-house packaged solution, if you do that sort of thing (and you should)).

We’ll be using the Nagios “Open Source” version, which can be downloaded here. As of right now, the current version is 3.3.1, but it may be newer by the time you read this, so click the first link.

We’ll also need some plugins, which actually perform the checks. You can download those here, (current version is 1.4.15, but again, get the newest stable version).

Now that you’ve downloaded it, lets compile and install it. The following assumes you have the development tools installed on your machine.

tar zxvf nagios-3.3.1.tar.gz
cd nagios-3.3.1

# You need to have installed development tools for the rest
./configure

make all

sudo groupadd nagios
sudo useradd nagios -g nagios
sudo make fullinstall

This installs Nagios into /usr/local/nagios/ – distribution packaging installs the various parts God-Knows-Where.

Now we’ll need to do the same for the plugins:

tar zxvf nagios-plugins-1.4.15.tar.gz
cd nagios-plugins-1.4.15

./configure

make

sudo make install

This installs the plugins into /usr/local/nagios/libexec – We’ll be using those plugins to execute checks for ourselves when we get going.

At this point, you’re ready to begin configuring Nagios…which I’ll talk about at the meeting! And I’ll make sure to post slides. If I can, I’ll try to have the talk recorded, but I can’t really promise that.

Wish me luck!

Before now, I’ve always kind of considered config management as a way to get things done, but part of the Visible Ops methodology is building fences around fragile resources. One of the authors’ suggestions is to use configuration management in this role, which can kind of augment something like Tripwire.

The reason that I even heard of this book is because Ben Rockwood talked about it in his keynote address at LISA’11. If you have a spare 45 minutes, you should watch that talk. Ben talks about the DevOps movement, and gives a lot of information on the backstory of how we got to where we are, even going so far as to discuss the history of the agile or lean methodologies back into the 19th century. It’s really informative.

Anyway, they’ve got a lot of stuff going on, so my old boss asked me if I’d be able to set up a couple of servers to perform automated installations, to which I agreed. This means that I’m playing with kickstart and Cobbler again…but while I’m walking through this, I do have to wonder…why put much effort into setting the initial configuration?

I mentioned Cobbler on twitter not too long ago, and the responses varied from “I really need to use that” to “We barely even use that anymore”, which reflects the general spectrum of system administration across the board pretty well.

My thoughts are that if you’re going to be using “best practices”, then you’re going to have a configuration management solution in place, be it puppet, cfengine, chef, etc. Why duplicate all the work you’ve put into your configuration management solution by doing it again in a kickstart file? It doesn’t make much sense to me.

If a simplified lifecycle of a server looks like this:

Why would we insist on making it look like this?

Anyway, food for thought, I suppose. I didn’t manage to get the puppet infrastructure completed before I left, and the new administrator isn’t sure which solution he’s going with, and has asked me to leave off puppet from these images.

What are you currently doing in regards to automated system builds? Do you still lay out the full machine config in the kickstart file (or its equivalent), or do you throw down a bare bones generic install that then is enforced to policy via config management?

What we have is:

• Networking: The Crib Sheet

When I wrote these pieces, I intended them to be tied together, and I didn’t expect everyone to have the underlying knowledge necessary to administer a network. Such a big part of understanding why our networks are laid out and configured they way that they are is understanding how TCP/IP operates. I wrote this piece to try to introduce the information necessary to really grok the rest of the work.

• Physical Layout for the Reluctant

Wrangling the configuration on switches and routers is only half the battle. We small infrastructure admins often find ourselves doing a lot of the physical work, too, and I don’t ever see any documentation for it. Which sucks. So I wrote this to help.

• Logical Network Layout for Small Networks

The documentation that I DO see is almost always about either large infrastructures or small home networks. Never anything devoted to the size that I admin. So I wrote this piece about building and managing small and medium business networks.

As I said, I hope you enjoy them. If so, please vote on them at Simple Talk, and let me know if you have any corrections or additions.

Two weeks ago, I got the chance to head to Boston, MA and attend LISA’11, the 25th LISA Conference…or was that the 25th Anniversary? I always get those confused…

Anyway, I had a really great time, got to sit in on some great sessions, meet some great people (and see some old friends, too!). You can see the blog entries that I and my fellow conference bloggers made at blogs.usenix.org.

Also, I was humbled and honored to be given the Chuck Yerkes Award for outstanding individual contributions on member forums:

I can’t tell you how special that is to me. Chuck Yerkes was a gentleman who contributed greatly to the SAGE mailing list, who helped people, and was, by all accounts, a friend to everyone. He was killed in 2004 in a motorcycle accident, and this award was established in his name. It means a lot to me that the leaders of LOPSA thought so much of my efforts that they decided to honor me like this. Thank you, everyone.

Over the course of the week, I attended several Birds of a Feather sessions (BoFs) as well. At the LOPSA Mentorship BoF, I won a drawing for something really cool:

Now, there’s a slight wrinkle…I’m a USENIX conference blogger…so I’ll be going for free anyway…this is where you come in.

I am going to give away this pass to someone who reads this blog. The only real challenge is how to decide. I need your help figuring that out. Think about it, and let me know how you think I should decide to give away my free pass to the LISA’12 Technical Sessions in sunny San Diego, CA!

This was done directly to counteract the bad publicity that they garnered when they moved to the rapid release schedule.

This is really exciting, and Mozilla should be commended for committing to support the enterprise community while still maintaining their aggressive stance of improvement.