itemprop="text"> If you had to do capacity planning and hardware sizing "BEFORE" you had a chance to actually code and test the application (typically while you are defining solution architecture), how would you do it? I know this can not be known accurately beforehand but the point is to present the approach at an early stage (including questions you need to ask, assumptions you need to make). All you know, it will be an enterprise java application with App server, Web Server, Database. Business has given some number of concurrent "USERES" say 1000. Also assume that you will get a chance to fine tune your numbers after load testing the application but you can't be far off from the original estimates. itemprop="text"> class="normal">Answer All you can base

If you had to do capacity planning and hardware sizing "BEFORE" you had a chance to actually code and test the application (typically while you are defining solution architecture), how would you do it? I know this can not be known accurately beforehand but the point is to present the approach at an early stage (including questions you need to ask, assumptions you need to make). All you know, it will be an enterprise java application with App server, Web Server, Database. Business has given some number of concurrent "USERES" say 1000. Also assume that you will get a chance to fine tune your numbers after load testing the application but you can't be far off from the original estimates. Answer All you can base it on is experience with "similar" applications. And that's not likely to give you good estimates. If you have no such experience, or cannot get numbers from a "comparable" system in production elsewhere, you're up a

itemprop="text"> I'm building a test environment containing multiple Active Directory domains in the same forest, but I'm having strange issues while trying to add a child domain to the forest root domain. All servers are Windows Server 2012 R2 VMs running on the Azure cloud platform, connected to the same virtual network; they have statically reserved IP addresses and they can talk to each other without any networking issue. My domain structure is (or at least should be) as follows: A0.lab (forest root) B0.lab / \ / \ A1 A2 B1 B2 | | A3 B3 Thus: A0.lab (forest root) A1.A0.lab A2.A0.lab A3.A1.A0.lab B0.lab B1.B0.lab B2.B0.lab B3.B1.B0.lab I've created the forest root domain (A0.lab) successfully and I've defined an AD site and its subnet; the domain is operating correctly. Nex

I'm building a test environment containing multiple Active Directory domains in the same forest, but I'm having strange issues while trying to add a child domain to the forest root domain. All servers are Windows Server 2012 R2 VMs running on the Azure cloud platform, connected to the same virtual network; they have statically reserved IP addresses and they can talk to each other without any networking issue. My domain structure is (or at least should be) as follows: A0.lab (forest root) B0.lab / \ / \ A1 A2 B1 B2 | | A3 B3 Thus: A0.lab (forest root) A1.A0.lab A2.A0.lab A3.A1.A0.lab B0.lab B1.B0.lab B2.B0.lab B3.B1.B0.lab I've created the forest root domain (A0.lab) successfully and I've defined an AD site and its subnet; the domain is operating correctly. Next, I've configured the server which should become the domain controller

I have a VPS Debian server with Apache 2.4.10 mod-php. Server starts normally, but after some time I get 100% cpu on one of www-data processes and a web-server becomes unavailable. I tried strace on that procces and I got an infinite loop of these lines: poll([{fd=93, events=POLLIN}], 1, 3000) = 1 ([{fd=93, revents=POLLHUP}]) read(93, "", 13160) Then I tried lsof ant got this: COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME apache2 1134 www-data 93r FIFO 0,8 0t0 3176528027 pipe What can cause the problem? When I restart apache, after some time I have the same behavior.

I have a VPS Debian server with Apache 2.4.10 mod-php. Server starts normally, but after some time I get 100% cpu on one of www-data processes and a web-server becomes unavailable. I tried strace on that procces and I got an infinite loop of these lines: poll([{fd=93, events=POLLIN}], 1, 3000) = 1 ([{fd=93, revents=POLLHUP}]) read(93, "", 13160) Then I tried lsof ant got this: COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME apache2 1134 www-data 93r FIFO 0,8 0t0 3176528027 pipe What can cause the problem? When I restart apache, after some time I have the same behavior.

itemprop="text"> Background We're using nagios to monitor our infrastructure. We don't have the nagios configs under version control at the moment, and there are two of us that manage nagios configuration. As such, I'm working to get our nagios config into a central git repo, using some hooks to do syntax checking and then if the configs look good, make them "active". I'm using rel="noreferrer">this guy's post as a starting point. The general workflow I'm trying to implement is: Edit local git repo of nagios config. Add edited files, commit locally. git push origin master to the remote repo. Push is intercepted by the pre-receive hook, which takes the files, moves them to a temporary directory on the server, and runs them through the nagios syntax c

Background We're using nagios to monitor our infrastructure. We don't have the nagios configs under version control at the moment, and there are two of us that manage nagios configuration. As such, I'm working to get our nagios config into a central git repo, using some hooks to do syntax checking and then if the configs look good, make them "active". I'm using this guy's post as a starting point. The general workflow I'm trying to implement is: Edit local git repo of nagios config. Add edited files, commit locally. git push origin master to the remote repo. Push is intercepted by the pre-receive hook, which takes the files, moves them to a temporary directory on the server, and runs them through the nagios syntax checker. If the syntax checker passes, accept the push, then use the post-commit hook to git pull the new code into the live nagios configuration directory and then restart nagios. If the syntax checker fails, reject the push, showing the

itemprop="text"> I want to redirect HTTP traffic and HTTPS traffic to a backend Flask application and I have the snippet below in my nginx.conf which works for https but not for http server { listen 80; listen 443 ssl; ssl_certificate /usr/local/nginx/server.crt; ssl_certificate_key /usr/local/nginx/server.key; location / { proxy_redirect off; proxy_cache off; proxy_pass http://127.0.0.1:5000; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } Does anyone have any pointers? Is there something obvious in the config file snippet or did I install Nginx wrong? Thanks! Answer I installed nginx on my Redhat16 machine from yum. After I removed the contents of the etc/nginx/conf.d direc

I want to redirect HTTP traffic and HTTPS traffic to a backend Flask application and I have the snippet below in my nginx.conf which works for https but not for http server { listen 80; listen 443 ssl; ssl_certificate /usr/local/nginx/server.crt; ssl_certificate_key /usr/local/nginx/server.key; location / { proxy_redirect off; proxy_cache off; proxy_pass http://127.0.0.1:5000; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } Does anyone have any pointers? Is there something obvious in the config file snippet or did I install Nginx wrong? Thanks! Answer I installed nginx on my Redhat16 machine from yum. After I removed the contents of the etc/nginx/conf.d directory, everything worked as expected. It seems something in that directory was overruling the http proxy_pass.

itemprop="text"> We are trying to setup the FTP on our stand-alone dedicate Windows Server 2003 (Standard, 32bit, SP2) IIS6. We are NOT using AD. It is NOT setup for user isolation, as I need the "administrator" account to be able to access any part of the D: drive (which the FTP has setup as it's root). I want to be able to restrict a single user account (created on the local box) to only be able to access a particular sub-sub-directory structure on the drive. I do not want to allow this user to read/write/navigate to any other part of the D: drive. If necessary I can accept directory listings, but certainly nothing more than that. In IIS6 I have created a virtual directory using the username (as the user mentioned above) as the alias - logging into FTP using the credentials puts them straight into the directory, whi

We are trying to setup the FTP on our stand-alone dedicate Windows Server 2003 (Standard, 32bit, SP2) IIS6. We are NOT using AD. It is NOT setup for user isolation, as I need the "administrator" account to be able to access any part of the D: drive (which the FTP has setup as it's root). I want to be able to restrict a single user account (created on the local box) to only be able to access a particular sub-sub-directory structure on the drive. I do not want to allow this user to read/write/navigate to any other part of the D: drive. If necessary I can accept directory listings, but certainly nothing more than that. In IIS6 I have created a virtual directory using the username (as the user mentioned above) as the alias - logging into FTP using the credentials puts them straight into the directory, which is correct and what I'm after. But I cannot find any way of blocking them from navigating outside of "their" structure. I have tried Denying them permiss

EDIT: This question was poorly asked, later I found another question which answers what i wanted to know: href="https://serverfault.com/questions/17221/spam-prevention-tips-for-postfix">Spam prevention tips for Postfix I'm running a small (20 users, 30 mailman-lists) server with postfix. I think it's configured fine, more or less. I spent 2 days reading up on all kinds of material on postfix configuration, but I couldn't find any list of measures that are actually safe to enable/disable. For about every configuration option i found there were some people pro and some against it. This is my postfix configuration, can you give me simple measures on what to improve? alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/alia

EDIT: This question was poorly asked, later I found another question which answers what i wanted to know: Spam prevention tips for Postfix I'm running a small (20 users, 30 mailman-lists) server with postfix. I think it's configured fine, more or less. I spent 2 days reading up on all kinds of material on postfix configuration, but I couldn't find any list of measures that are actually safe to enable/disable. For about every configuration option i found there were some people pro and some against it. This is my postfix configuration, can you give me simple measures on what to improve? alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix disable_vrfy_command = yes home_mailbox = Mail/ inet_interfaces = all mailbox_command = /usr/bin/spamc -e /usr/lib/dovecot/deliver mailbox_size_limit = 0 mydestination = localhost, .

itemprop="text"> I am playing with vmware ESXi v5 and installed a Win XP 32bit as one of the VMs inside. I wish to block outgoing access (especially http) from the VM (maybe some form of firewall?), yet still allow: Entry to the VM via RDC Sharing of files or other features with other VMs (perhaps meaning within LAN) in the host kind of like via Workgroup. (this might need a seperate question) Any ideas on how can I do the above? Still very new in VM-ing! But willing to learn! :) Answer I'd suggest one of the VMWare href="http://www.vmware.com/products/vshield/overview.html" rel="nofollow noreferrer">vShield products, perhaps 'App' or 'Edge' - take a look, there's lots of options.

I am playing with vmware ESXi v5 and installed a Win XP 32bit as one of the VMs inside. I wish to block outgoing access (especially http) from the VM (maybe some form of firewall?), yet still allow: Entry to the VM via RDC Sharing of files or other features with other VMs (perhaps meaning within LAN) in the host kind of like via Workgroup. (this might need a seperate question) Any ideas on how can I do the above? Still very new in VM-ing! But willing to learn! :) Answer I'd suggest one of the VMWare vShield products, perhaps 'App' or 'Edge' - take a look, there's lots of options.

We are looking into adding a 10g fiber link between two of our locations however we arent sure if its possible. We have an HP Procurve 2910al on one side and an AdTran 1638 on the other and we are looking to go between with single mode fiber. If we get the appropriate SFP adapters for either side does it matter if one SFP adapter is Adtran and the other is HP?

We are looking into adding a 10g fiber link between two of our locations however we arent sure if its possible. We have an HP Procurve 2910al on one side and an AdTran 1638 on the other and we are looking to go between with single mode fiber. If we get the appropriate SFP adapters for either side does it matter if one SFP adapter is Adtran and the other is HP?

A server of mine had a drive failure of some sort which caused the OS (CentOS 5) to crash and stop working (it refuses to boot). So we put another drive with a working OS and from there we try to mount the partitions in the old drive. Most partitions mount fine except for one: the /var partition, where my MySQL tables reside. />When I try to mount that one, I see these errors with dmesg : sd 0:0:1:0: Unhandled sense code sd 0:0:1:0: SCSI error: return code = 0x08100002 Result: hostbyte=invalid driverbyte=DRIVER_SENSE,SUGGEST_OK sdb: Current: sense key: Medium Error Add. Sense: Unrecovered read error Info fld=0x4a47e JBD: Failed to read block at offset 9863 />JBD: recovery failed EXT3-fs: error loading journal. Is there a way I can recover the data in that partition? /> EDIT:

A server of mine had a drive failure of some sort which caused the OS (CentOS 5) to crash and stop working (it refuses to boot). So we put another drive with a working OS and from there we try to mount the partitions in the old drive. Most partitions mount fine except for one: the /var partition, where my MySQL tables reside. When I try to mount that one, I see these errors with dmesg : sd 0:0:1:0: Unhandled sense code sd 0:0:1:0: SCSI error: return code = 0x08100002 Result: hostbyte=invalid driverbyte=DRIVER_SENSE,SUGGEST_OK sdb: Current: sense key: Medium Error Add. Sense: Unrecovered read error Info fld=0x4a47e JBD: Failed to read block at offset 9863 JBD: recovery failed EXT3-fs: error loading journal. Is there a way I can recover the data in that partition? EDIT: As requested, the output of tune2fs -l /dev/sdb2 is: tune2fs 1.39 (29-May-2006) Filesystem volume name: /var1 Last mounted on: Filesystem UUID: d84f5181-24f3-40ce-9eaa-601ae5ae33bd Filesystem

Well, I was talking with a guy about servers the other day. I was a bit shocked whenever I asked him if there was any significant difference between SCSI and SATA and why he always uses SCSI. (note, I'm not sure if by SCSI he meant SAS) He told me that SCSI is always faster and that the drives are always more reliable.. I mean, this seems like a bold statement. He told me something about how SCSI will always be faster than SATA because the OS sends the SCSI (controller?) a request to get a file and it will build the file inside of the SCSI controller, instead of searching all over the disk.. which I do not understand how that would work, so I figure it is BS. SAS and SATA currently have equivalent data rate speeds.. Is there any true backing for his reasoning that SCSI is always faster and more reliable than SATA?

Well, I was talking with a guy about servers the other day. I was a bit shocked whenever I asked him if there was any significant difference between SCSI and SATA and why he always uses SCSI. (note, I'm not sure if by SCSI he meant SAS) He told me that SCSI is always faster and that the drives are always more reliable.. I mean, this seems like a bold statement. He told me something about how SCSI will always be faster than SATA because the OS sends the SCSI (controller?) a request to get a file and it will build the file inside of the SCSI controller, instead of searching all over the disk.. which I do not understand how that would work, so I figure it is BS. SAS and SATA currently have equivalent data rate speeds.. Is there any true backing for his reasoning that SCSI is always faster and more reliable than SATA? Answer For SATA, you need to be careful about using a consumer drive if you are building a RAID array. Some power saving features and in the case o

itemprop="text"> I'm looking at adding some disks to one of my systems, for which I need to add an offboard HBA. Looking around, I came across the LSI MegaRAID SAS 9211-8i (LSI part number LSI00194 ) which looks quite interesting. LSI also seem to be popular in general, including href="https://serverfault.com/a/420812/58408">right here . Since I run ZFS, I plan on using the HBA itself as just a dumb controller, letting ZFS handle everything related to storage-level redundancy and recovery. The host OS is Linux (Debian/Linux to be precise). While I doubt LSI will stop producing these cards any time soon, it would still be nice to know: does the 9211-8i add any data structures of its own to the disks when used in JBOD mode? In other words, can I unplug a disk from the 9211-8i, plug it into an alternate H

I'm looking at adding some disks to one of my systems, for which I need to add an offboard HBA. Looking around, I came across the LSI MegaRAID SAS 9211-8i (LSI part number LSI00194 ) which looks quite interesting. LSI also seem to be popular in general, including right here . Since I run ZFS, I plan on using the HBA itself as just a dumb controller, letting ZFS handle everything related to storage-level redundancy and recovery. The host OS is Linux (Debian/Linux to be precise). While I doubt LSI will stop producing these cards any time soon, it would still be nice to know: does the 9211-8i add any data structures of its own to the disks when used in JBOD mode? In other words, can I unplug a disk from the 9211-8i, plug it into an alternate HBA, and everything "just keeps working"? Or will the OS then see some form of garbage on the disk that is not exposed through the LSI, which might interfere with ZFS' usage of the volume? Answer No. The disks are raw

itemprop="text"> I'm building a server with a RAID5 array, based on a hardware controller. I want to be able to later add additional disks and have the array rebalance across all of the disks, enlarging the usable size. I also want to be able to later upgrade to bigger disks (one at a time, of course) and then expand the array to fill the entire drive. These features are available in Linux software raid (md). I've also heard they're available in some hardware controllers. Currently, I own the Adaptec RAID 3805 card and the 3ware 9650se card. I'd prefer to use the Adaptec if possible, but I can't find if either of these cards offer this feature. If they don't, are there other affordable (read as: sub-$600) RAID cards available that can accomplish this? Answer The Adaptec 3805 specifi

I'm building a server with a RAID5 array, based on a hardware controller. I want to be able to later add additional disks and have the array rebalance across all of the disks, enlarging the usable size. I also want to be able to later upgrade to bigger disks (one at a time, of course) and then expand the array to fill the entire drive. These features are available in Linux software raid (md). I've also heard they're available in some hardware controllers. Currently, I own the Adaptec RAID 3805 card and the 3ware 9650se card. I'd prefer to use the Adaptec if possible, but I can't find if either of these cards offer this feature. If they don't, are there other affordable (read as: sub-$600) RAID cards available that can accomplish this? Answer The Adaptec 3805 specifically states it provides "Online Capacity Expansion" in its 'specifications' tab HERE . This will allow you add more of the same size or larger disks 'live' bu

We've discussed the tools used for href="https://serverfault.com/questions/2107/">load href="https://serverfault.com/questions/917/">testing here on ServerFault, but what about training on how to use them properly? Are there companies that specialize in IT training that cover load testing? How do you properly come up with a simulated load? How long should you run the test for? What are the best metrics to be tracking on the server-side while the test is running? And so on... Answer First, start with the business representatives. They (should) know the application best. Identify the key transactions, and the end to end response times. Ideally, they'll be able to hand you a document which captures their non functional requirements. If your application is replacing a legacy application, all

We've discussed the tools used for load testing here on ServerFault, but what about training on how to use them properly? Are there companies that specialize in IT training that cover load testing? How do you properly come up with a simulated load? How long should you run the test for? What are the best metrics to be tracking on the server-side while the test is running? And so on... Answer First, start with the business representatives. They (should) know the application best. Identify the key transactions, and the end to end response times. Ideally, they'll be able to hand you a document which captures their non functional requirements. If your application is replacing a legacy application, all the better - get as many applicable usage metrics from that app as you can. This is the most critical success factor to performance testing. Understanding the size of your potential userbase, the number of users likely to be using it concurrently, the #