Michael Steele

I'm moving to http://lagerhead.blogspot.com/

Please update your bookmarks/RSS feeds.

Just wanted to put up this link to an article I wrote for SALUG showing some of the uses a UNIX Systems Administrator has for the AWK programming language.

Probably not interesting to non-technical types.

From Byte Magazine in April of 1995: The AeroComm GoPrint.

This was a wireless print server that I installed for the Catholic Office of Religious Education in Mobile some time between 1995 and 1998, while I worked for Computer Technical Services. Another uninteresting story about ORE is that about two years ago, I found out my first grade teacher was working there...

At any rate, these little things were cool. In 1995, they could create a small, server-less printer "network." You'd connect the base station to the parallel port on your printer, and connect a unit to the parallel port of each of your PCs. It seems like you could connect up to 6 PCs at the time. The thing knew how to spool print jobs from all 6 PCs, and keep them separate. Not only that, but the thing worked with DOS! Keep in mind Windows 95 had just come out, and was not being widely adopted at this point, so you could forget about networks. If you wanted a network back in the DOS days, you were most likely talking about Novell, and that was a very costly option a small office like the ORE could just not afford. Back to the point.. the damn thing just worked. No muss, no fuss.

The only printer sharing we'd done prior to this, was one of those crappy A <--> B parallel switch boxes hooked up backwards. The box normally worked to switch 2 printers to 1 PC. By plugging 2 PCs and 1 printer, users were able to switch the printer back and forth between themselves. If you were on PC A, and the switch was set to B, your print job just landed in the bit-bucket. As I recall, DOS didn't do much to check that there was actually a printer on the other end of that parallel port...

This was WELL before 802.11b had ever been heard of.

In fact, if I'm not wrong, this was before I'd ever even set up a network before... Let alone even heard of a print server. So, this thing was cool, and way ahead of its time. I don't know if it sold very well. I think it was pretty expensive, but still much less than buying a server for Novell, licensing the software, buying ethernet (or Token Ring... eww) cards for every PC in the place, having cable drops made, and paying someone to put it all together.

Here's a pic of one of the client side devices.

"Holy crap! Run! RUN!!!!"

If you're worried about how much money the oil companies have recently made, or the fact that they're making record profits, don't. There's something else you should be concerned about even more.

Even with the recent supply and distribution problems caused by the hurricanes, the "windfall" profits the oil companies have made amount to an average of $0.10 per gallon of gasoline sold in the US.

Ok, fine. 10 cents per gallon. It may be more than the 8 cents or whatever they were making before.

The thing that blows me away is that on a national average, the federal, state, and local taxes charged for every gallon of gas sold amount to more than $0.46. That's almost five times what the people who actually MAKE the stuff get! What the hell?!

Let's say you were selling ice cream cones for $3.00 a pop. And say it cost you $2.44 to pay your employess to make, distribute, and sell your ice cream cones. That would leave you with $0.56 cents of profit. Except that the government (who had absolutely nothing to do with the production of your ice cream cones) holds out their hand for $0.46 cents of that... Why would you even want to bother making ice cream cones any more?

Now, in reality, the oil companies are not paying these taxes. They are added to the gallon price you see at the pump. So the ice cream scenario doesn't quite wash, but I wanted to tell a story about ice cream cones, and this seemed like as good a time as any. Either way, before you start complaining about the greedy oil companies, you should first be mad at the local, state, and federal taxes that have been approximately 5 times that greedy for years.

One of the recurrent themes I've noticed about democrats is that they complain about greed a lot. Greed isn't illegal for the most part, unless someone statisfies that greed through illegal means (like embezzlement, etc...). However, {elected} democrats and even some republicans have used it as a tool for years... Get the poor and middle class to vote for them by claiming that they'll punish the greedy rich. And of course, they'll do it for good reasons... like... I don't know... welfare programs... So, they want to soak the greedy rich for "a good cause."

True conservatives differ significantly from this. Even the poor and middle class (where I am) among us. That is because poor and middle class conservatives know that greed is an excellent motivator. Some day, they wish to become the greedy rich. We think greed is good and acceptible, as long as two conditions are met. The first rule being that you don't do anything illegal. Greed on the part of corporations is also fine, as long as they don't break rule number one. Corporations provide jobs for people who would otherwise have none. Enron broke rule number one, so they get punished.

The second rule is that while greed is good among individuals and corporations, government greed is inherently wrong because government doesn't actually produce anything. This is not to say that government is useless. Only that (in Ciba parlance), they are not a profit-center, they are a COST-center. When I worked at Ciba, the IT department was always poorly treated because they did not produce any profit for the company. It mattered little that the IT department provided an essential service, when time were tough, the cost-centers were always put under close watch before the profit centers were. The government also provides essential services. But at Ciba, the IT department still managed to get away with just about anything without being fired, and we didn't have an annual budget of $6 trillion.

I found http://www.cityfreq.com that gives some pretty cool listings of radio frequencies used by various businesses and organizations around your town. Using my Yaesu VR-120, I've picked up quite a few in and around Huntsvegas.

Yesterday, after four years of on-and-off looking in boxes and bags packed in haste to move from Mobile to Huntsville in January of 2001, I found my Yomega Wing Force Yoyo. I call it the Great Masher because it is made from aluminum, and is freaking heavy. I've hit myself in the head with it enough times to know.

Less than five minutes after finding this thing, that I have legitimately been looking for since we moved away from Mobile, I got a phone call. North West Airlines had found my luggage. In Omaha, NE. A city I have never been to... Not even to change planes. They got it on the next plane to Hunstville, and now all of my missing stuff has come back to me. It was a harrowing 32 days, believe. Among other things, my CD case was in there, packed FULL of CDs, DVDs, and software. I'm really glad to have it back. Last weekend, as a sort of therapy, Amy and I went to Unclaimed Baggage in Scottsborough. All unclaimed luggage in the US allegedly ends up in this place, for sale, to the general public. It is definitely worth a trip. It ended up being quite therapeutic for me, because a lot of people lost much nicer and more expensive things than I did. Granted, now that I have my luggage back, everything is ok anyway.

The other curious thing, is that some how, this place ended up with the Hoggle puppet from Jim Henson's Creature Shop used in the Movie Labyrinth, although he looks quite rough now.

Found a decent article about the place here.

Sigh...

http://nyc.indymedia.org/newswire/display/150975/index.php

Then, there is this git.

This reminded me that I almost started a fight with a hippie at Huntsville's premier hippie-food store for wearing this T-Shirt:

I guess that's what I get for wanting good produce. Lucky for me, I remembered that this pratt's mother probably still dresses him.

It seems to me, that if you're that ashamed to live in the place, you'd go somewhere else. You know, somewhere your hippie conscience could allow you to live in peace without feeling that you're a hypocrite. Except the niggling little truth that there isn't a scrap of land on this ball of mud that hasn't been conquered by this group, routed by that, and Emperialized by the other. I mean, do you really think that the "Native Canadians" already just happened to speak French when the frogs arrived? Hell, do you think the frogs spoke Latin when the Romans arrived? (I don't know if they did or not, actually, I just really doubt it.)

No. There's nothing for it, except to move to Antarctica. There's never been a war there. The people have never been enslaved. None of that pesky "big business" (that by-the-way gives millions of people jobs world-wide) to deal with. Hell, I'm pretty sure you could set up a government to collect taxes and provide socialized health-care to everyone living there! You don't even have to worry about a place to live... Just build an igloo, and let your happy conscience warm you, heart-and-soul.

This brings me around to another one of America's great social injustices... Guantanamo Bay. For some reason, the American media still hasn't gotten around to informing us that every single detainee currently being held at Guantanamo Bay has received a hearing before a military tribunal. We are now starting to hear politicians (mostly on the left, but you never know what McCain wil.. wait... all from the left, of course) demanding that we close the prison. As the Guinness advert says: BRILLIANT!

The answer is simple. Close the prison, and release all of those evil cretins... in Antarctica! On second thought, they'd probably just end up dhimmifying the penguins (see here and here ... coming soon to a country near you...) and decapitating the hippies. Not to mention the lack of anything useful for them to blow themselves up trying to destroy.

Our history is not always something to be proud of. Ann Coulter argues that slavery is the second worst chapter in our history, ranking right behind abortion. What our government (and people) did to many American Indians wasn't our finest moment either. We sometimes get things wrong. This shouldn't be surprising, unless you are an idiot. But our value to the world, and our contribution to the world make this country the envy of the world. The fact that in 229 years, BILLIONS of people have lived free, happy, and productive lives makes this country great. The fact that we provide more food and aid to the poor and starving in the world than any other country proves that we are a responsive and responsible people.

So, to all of those who are ashamed of our country, our president, our history, our heritage, I encourage you to follow your conscience. Don't just live your life pretending that dissent is the most patriotic thing you can do. If you can't stand living as a hypocrite one day longer, please go and find somewhere else. Once you grow up, and realize that this is the greatest place to live in the world, you will find us still here, waving our flags, proud of our country, and protected by the brave men and women of our armed forces.

May 8-12 Newark, California: SunUP Network Forum

Wednesday

SunUP didn't start until 09:00 today. Missed the shuttle bus. No big deal. The campus is only a few miles from the hotel. Got delayed in toll-booth traffic for a few minutes. Drove straight to the right building, no wrong turns. This place is MUCH easier to get around than New York.

The first talk this morning was about the Sun-Fujitsu relationship. Basically it amounts to a way for Sun and Fujitsu to trade some technology for a few years, until they can find a way to screw each other. Diplomacy is the art of saying "Nice Doggy" until you can find a big stick.

Then came the Solaris 10 migration "Lessons Learned" session. This was possibly the best talk of the conference. Some of the highlights were:

• Most applications experience a performance gain simply by upgrading to Solaris 10.
• The IP Stack has been rewritten to vastly improve performance.
• A "Container" == A Zone + Resource Management.
• "Whole Root" local zones!!!
• All Zones in a domain share the same process table. So a fork-bomb in any local zone will crash the global zone. I knew this already, but it is nice to see Sun admit to it.
• Memory leaks in a local zone can also take down the global zone. I didn't know that, but I suspected.

It would be nice if Sun were actually able to get Zones to be as fine grained and self sufficient as LPARS on an IBM mainframe, but they have a LONG way to go.

This would have been the most appropriate discussion to bring up some of the gripes I had about Solaris, but it didn't seem right to voice them to the guy who migrated his datacenter to Solaris 10. It would have been REALLY nice to have had access to an actual Solaris Engineer.

Then we talked about the new DIMM replacement policy. Most sites like to replace DIMMs that are throwing Correctible memory errors, under the assumption that soft errors will lead to hard errors. Sun did some research, and found that 70% of these correctible errors were replaced on 'suspicion' of being bad. They collected 800 of these DIMMs that were throwing correctible errors, and ran them all for 5 months under heavy load. They found that at the end of that 5 month period, they didn't have a single non-correctible error (read system panic). I know that we replaced a LOT of them on our E10k machines in the first two years I was here.

The new policy is to replace a DIMM only if it has thrown 24 errors over 24 hours. I'm not sure how this meshes with the new Memory Page Retirement functionality that was introduced in Solaris 10, then back-ported to Solaris 9 and Solaris 8. It seems like MPR would retire pages of memory (essentially a "bad block map" for RAM) before they hit that threshold of 24 in 24, and you'd never see enough errors to replace a failing DIMM. They had a customer testimonial, and the guy said that they don't bother replacing a DIMM until the memory error is logged as persistent. That is how we've treated them for the most part over the last few years, anyway.

Sun also suggested the new cediag. This new and presumably useful tool does not ship with the OS, but instead the 5.0 version of the explorer package. Talking of which, why isn't explorer part of the OS by now??

The only choices for technical break-out sessions were "Capacity Management" and "Disaster Recovery." I stayed for the DR discussion. It wasn't very useful unfortunately. That being said, I'd like to see more break-out sessions next time, particularly ones with Solaris engineers.

The next discussion was on Time Dependant Reliability (snooze). The guy giving the talk was so far above the heads of the audience it wasn't funny. The crux of his argument was that MTBF is a poor tool for reliability analysis.

The last thing we did was to plan the next meeting. Hopefully, it will be at Sun's Broomfield campus. Fat Tire is plentiful near Broomfield because the brewery is less than an hour away. I've done the tour, and quite enjoyed it.

Wednesday night, I had dinner with Stephen. As good as it was to see Shannon, it was better to see Stephen because I did get to hang out with Shannon and So Jung over Christmas. Stephen, I hadn't seen since one week before I got married, very near five years. Stephen didn't have long. Something about Google working him to death, I suspect. Still, it is incredible to me that with real friends, the passage of time evaporates when you get together. It has been eleven years since high school, and it just didn't matter. I really appreciate that, since it reassures me that I made the right choices in friends so long ago. We ate at the same steak place I had eaten at on the first night. I had two Lagunitas India Pale Ales which claim to be made with 65 different malts and 43 different types of hops. That is incredible. Needless to say, the first one was so good, I had to have a second. Stephen had to leave early, but it was so good to hang out with him that I didn't care. Hopefully, I'll get to go back some time.

Thursday

Got up at 09:30. Checked out at just before 10:30. On the I880 toward San Jose. I only missed one turn going into the airport, mostly due to construction around the airport. Flight was supposed to depart at 12:15 PDT. We had to wait on the plane at the terminal for an hour, while they fixed the plan with duct tape. Seriously. Ok, ok... so the problem was that one of the overhead bins came unhinged, and they had to tape it closed. I really didn't think I'd make my flight from DFW to HSV, and I was certain my luggage wouldn't. Fortunately, I got to the gate just as boarding was starting. My luggage also made it to HSV unharmed. All-in-all, long, boring, and full flights, but safe ones. I got to Huntsvegas at about 20:15, made it home by 21:00.

May 8-12 Newark, California: SunUP Network Forum

Tuesday
Set the clock for 06:30. Then 06:45. Then 06:50. Amy called 06:46. Got up. At least I didn't have to iron anything.

Got the shuttle-bus to Sun's Menlo Park campus. Like everything here, it was beautiful. Nice view of the bay and of the mountains. Nice green trees. Just like everything here.

Signed in with about 50 or 40 other people. They had packets on the table with everyone's names on them. When you got your packet, they handed out Mikasa crystal wine stoppers in the shape of grapes. This is wine country, I suppose, but that was the strangest schwag I've gotten since EMC handed out toe nail clippers in 1999. Once you got in the door, they had a table full of circa-1999 Sun Blueprints books for grabs. I snagged 6 different ones. A nice addition to the book shelf, but they are all hopelessly out-of-date and mostly useless.

This was a long freaking day. We started at 08:30 PDT, and didn't really stop until 18:30 PDT. By about 15:45, I was ready to start throwing things. Really, people. If you have this much junk to cover, make it a three day conference!

As a result of the long time sitting, I began to think of ways Sun annoys me.

1. Solaris excluded, Sun isn't any good at making software. They have a lot of tools that are either half-finished, half-useful, half-tested, or half-assed in some other way I haven't listed yet. Worse than that, they have a lot of products with overlapping functionality, and don't really seem to understand the concept of code reusability. I really wish they'd get their act together, particularly with systems management software. They spent probably three hours out of the day, showing off several new offerings that they were really proud of, but were nothing more than an extension of the current mess they have (or in a couple of cases, completely new messes. One dude told us about this new program going by the moniker SMC. I don't remember what SMC stands for in this case because Sun already has at least three other products called SMC.

2. Product names. Is it Netscape Directory Server? Or maybe iPlanet. Or maybe SunOne. Uh... how about Java Directory Server? Sun Management Center (SunMC, not to be confused with Solaris Management Console: SMC) apparently used to be called Symon. Netconnect is now being renamed into two different products (that only half-work at this point). PLEASE stop renaming things. Or at very least, remove all of the old names from the documentation.

3. Java AWT(Abstract Window Toolkit)/Swing. It is old. It is slow. It looks like it has been beaten with an ugly stick. When most people say "Java sucks!" they are talking about AWT/Swing applications. For some reason, Sun has chosen to make all of their systems management applications with Swing, rather than native tools using C and probably GTK (since they are now shipping Gnome). These apps look like they were written in 1989. They are way too slow to be useful to anyone. They only work half the time. If you need to update the Java Virtual Machine on your box, they probably won't work at all. If you need to run them over a remote X-Windows session, the best thing to do is forget it. Curiously enough, Sun are not the only guilty party here. Veritas has recently perpetrated this with their NetBackup admin client. I think that Apple did it right by providing a Java interface into Aqua. As a result, you can write Java apps that at least look like native applications, though they may not always behave like native apps. From what few I've seen, they actually perform like native apps too. What Sun should to is to hire some GUI designers from Cupertino to work on a replacement for Swing (which was a replacement for the AWT), or just freaking license the Java + Aqua layers. Yeah, right. I know that UNIX is predominately a text-oriented system. I am fine with that. However, if you're going to provide GUI tools and force us to use them for some tasks, PLEASE make them useable.

   In a lot of ways, I think that Apple has ruined things for other UNIX vendors, by proving that UNIX can look good and be functional.

4. Could you guys please make better LDAP server and client configuration tools?! This is one thing Microsoft has got right. It is really easy to configure a secured Active Directory server, and connect clients to it, without ever passing clear text passwords over the wire. Replication to redundant servers is apparently not very difficult either. They have had this working well enough since NT 4.0, and you haven't. Period. If system administrators can manage to figure out exactly what documentation they need for the Directory Server, it is possible to get an LDAP server running, with clients authenticating to it in probably about 48 hours if you've never done it before. Now try adding TLS. Good-freaking-luck. We don't need to go dinking around with ten different tools for creating self-signed certificates, etc. You should assume that:

   1. We need Transaction Layer Security by default. These days, it is NOT acceptable to pass clear-text passwords over the wire, unless I specifically tell you to.

   2. Unless I tell you differently, self-signed certificates are OK. Ask me if I have a "Real" cert, and if not, CREATE A FREAKING CERTIFICATE AUTHORITY. Make the admin tools smart enough to push the proper trusts out to the clients when I initialize them. Instructions for working with self-signed certificates that say things like: "Open the Netscape Web Browser" are NOT ACCEPTIBLE. This needs to be automated, easy, and above all needs to "just work."

   3. pam_ldap needs to be smart enough to allow RSA key authentication for password-less logins over SSH. You might be able to talk me out of that one. It would at least be nice if a system administrator could allow that for specific accounts.

   4. Kerberos integration should be documented and as easy to implement as it is on Windows (nearly invisible).

   In other words right now, the Directory Server that ships with Solaris is just a tool. Sun needs to evolve a little bit by providing the tool integrated with the design, configuration, and deployment tools to make it useful quickly.

5. Jumpstart needs to be updated to be smart enough to use DHCP. There NO excuse for this. And "Go download JET" isn't a good answer either, unless Jet both grows up and gets shipped with the OS. Again, this needs to be automated, easy, and just work. We have to use this tool often, and have committed significant time into customizing it for our environment. We shouldn't have to dance around RARP any more, since DHCP has been the standard for at LEAST 10 years.

The patch management discussion nearly drove me over a cliff. They are trying to make better tools, but it looks like they are worse and that is really a shame. I can't imagine that people are going to want to use these tools unless something dramatic happens. If Sun are planning to charge for these tools, I will laugh.

The most interesting quote of the day was "You cannot manage availability. Availability is a result." That is simple, but quite profound, and I'm glad they are thinking along those lines. Also interesting is the statistic they gave of the % chance of a system administrator inadvertently causing an unplanned outage: 1 in 200. So, every time I log into a machine, I have a .5% chance of causing down time such as accidentally rebooting production instead of a development machine, etc. Excellent.

Over all, I left the first day of the conference a LOT more agitated than when I went in. Hopefully I will get some opportunity to provide input (read vent) about some of these things tomorrow.

We did get a chance to tour the iForce center today. That was pretty neat, but I already have an E25k, and they could have done the tour in 20 minutes instead of more than an hour. It got old fast.

I skipped the free dinner, in favor of going to the Apple Store in Palo Alto. It wasn't worth the time. I was very disappointed in it, as the Mac Resource in Huntsville is way better than this place. Ate at PF Chang's in Palo Alto. Had the Orange Peel Shrimp and a Fat Tire. All I ask of life is a plate of shrimp(or maybe oysters) and enough Fat Tire to choke a goat. Maybe one day, New Belgium will expand enough to be able to ship to Alabama. For that matter, maybe one day Alabama will change their beer laws to make that worthwhile.

Got Amy a present, then headed back to the hotel.