LlamaLabs

Amazon announced the availability of their Windows Server 2003 AMI’s. Read more at Amazon EC2 Running Microsoft Windows Server. The current version of Elasticfox has the new API built in, so it was a good experiment to try it out too. Read through the links below to quickly get your Windows instance up. I went with the most basic 32 bit version available for my solitaire test. Click on any of the images for a larger version.

• Amazon Public Images - Windows Server 2003 R2 (32bit)
• Feature Guide: Amazon EC2 Running Windows
• Elasticfox Firefox Extension for Amazon EC2
• Elasticfox Getting Started Guide
• CoRD: Remote Desktop for Mac OS X

Once you read the directions and get your instance started, you can use your favorite Remote Desktop client to access your instance:

The new API allows you to get the administrator password. Log in as Administrator with the password you get back and you’re greeted with the desktop.

Big deal? I want to play solitaire on it. Oh, it doesn’t come with Solitaire, you’ll have to supply that yourself (Thanks Gmail for not letting me send Windows executables). It also seems that they don’t provide an easy way to access the installation media for Windows either (Not that I could install it from the install media if I wanted to, and I’ll probably be proven wrong on this anyhow).

Wasn’t that exciting? ec2kill time.

“Quercus is Caucho Technology’s fast, open-source, 100% Java implementation of the PHP language” [1].

It has been demonstrated that Quercus outperforms a straight-out-of-the box installation of mod_php.

1. “Performance: Quercus outperforms a straight mod_php implementation by about 4x (for Mediawiki and Drupal).” [1]
2. “Resin backed PHP drives 4x performance improvements for Drupal” [2]

I had always wondered how Quercus compared to APC though, specifically for running a Drupal instance. I had planned on performing a bunch of tests, but they state clearly enough in the docs that it roughly matches PHP performance with accelerators like APC. [1]

That’s exactly what I needed to know. I’ll stick with APC until I need to write some new PHP functions in Java. So sorry to disappoint you with a lack of no new conclusions, but mod_php + APC keeps me pretty happy.

Links:
[1] http://www.caucho.com/resin-3.0/quercus/
[2] http://www.workhabit.com/labs/resin-backed-php-drives-4x-performance-improvements-drupal

I’ve been collecting notes about my experiences with Google Apps Premier (The service where you pay $50 per seat). It includes Google Mail, Calendar, Documents, and Sites.

Yesterday’s outage reminded me of my list and I wanted to get around to posting it.

Hopefully these notes will be useful to someone who is evaluating Google Apps for their email/calendar/docs solution.

Without any specific order, here are the notes I have collected.

There’s no way to enforce communication over HTTPS through the admin control panel.

Before the recent announcement of the option to require https, by default you would be redirected to http://mail.google.com after signing in. With employees working remotely, not being able to force communication using HTTPS was a real bummer. There is now the option to always use HTTPS in Google Apps Premier. It’s still possible to switch back to plain old HTTP once logged in.

Here are a few pages discussing the issue. It’s no really such an issue anymore, but they are in my notes, so I’m including them here.

• Using SSL/HTTPS for Gmail and Google Apps.
• Google Apps for Enterprise missing full-time SSL?
• SSL on Google means Semi Secure Links
• Fix A Problem > Need to be able to enforce the use of SSL

You are forced to go through the Google Checkout process to add new seats

There’s no easy way to add a new user account without going through the Google Checkout process. If you’re purchasing single seats each time you have a new hire, that means that you need to go through the Google Checkout process in addition to adding the account. You could avoid this hassle by purchasing seats in advance.

Ideally there would be an option to charge the credit card on file. It’s already stored in the account used for Google Checkout, so why not automate the process?

Can’t forward one user’s email to another user in the same domain

So, when someone leaves the company, and you need to forward new messages destined for her account to her supervisor, you’d usually put a forward in place.

When I try to do so in Google Apps I get the message “Forwarding to Google Apps hosted email addresses is not supported”. I’m not the only person having this problem.

I’m able to do so by logging in as that user and putting the forward in place under the user’s Gmail settings.

I’ve been going back and forth with Google Apps Premier support for a couple weeks now attempting to troubleshoot this issue. I’m assured it’s a problem specific to my account.

Disabling account access.

When you change the password for an account, it does not invalidate existing logged-in sessions. If the user is logged in, she will be able to to still use her account.

Why not suspend the account? That disables logging in, and will log a user out after several minutes, but it also blocks incoming mail to that user.

A third option is to log in as the user and click the “Details” link that is part of the account activity messaging. That opens a pop-up that shows you existing logged in sessions and gives you the opportunity to log those sessions out. It would be nice if that feature was in the Admin control panel.

Unreliable IMAP

I don’t personally use IMAP for my email, but there have been confirmed cases of messages being delayed for 20+ minutes when using IMAP. The messages will show up instantly through the Gmail interface,
but in an external mail reader the new messages won’t show up. YMMV.

Some messages silently ignored during migration

If you use their IMAP migration tool (Which is very handy), you may notice that some messages (containing zip files) are not migrated.

Support

It’s been hit and miss when dealing with Google Apps Technical Support.

Customer: We're having problems checking mail using IMAP.
Support: Which web browser are you using?


The online documents are nice.

Feature Suggestions

Make sure to take a look at the Feature Suggestions to make sure some critical feature you require isn’t in the pipeline.

Google Groups not included

Before signing up I looked into whether or not Google Groups was one of the included applications.

Pine Star said:

Hello everyone interested in this integration:

I had a chat with the Google Rep of Commercial (paid) version of
Google Apps yesterday.
He said they are going to release a “Premier” edition of Google Apps
by end of 2007 that wil have Google Groups integrated.

So, they are also thinking on these lines….

If you’re looking for Google Groups for your projects in Google Apps Premier, you will be disappointed to find out that it’s not included.

We were really hoping to have it so we could have archived discussions for projects.

Email Lists

You can create email lists that deliver to multiple recipients, both members of the domain and external email addresses.

A couple notes on the lists.

• No subject prefixes.
• No List-id field.
• Not as cool as having Google Groups included as an app.

Calender Importing

Aside from using the API, there appears to be no way to import an entire calendar into a new instance.

Branding with a Custom Logo

You can define a custom logo to be displayed instead of the default Google logo.

Conclusion?

Like any service, Google Apps Premier has its pros and cons. Research thoroughly before making the leap.

Many thanks to Tim for his article Installing git on Mac OS X 10.5 Leopard. It’s a great starting point for git use on OS X Leopard.

In addition to his configuration and aliases, I have a couple of my own that I have added. Here’s an excerpt from my .profile:

git config --global user.name "Your Name"
git config --global user.email "your email"
git config --global color.diff auto
git config --global color.status auto
git config --global color.branch auto
git config --global color.interactive auto
git config --global alias.st status
git config --global alias.ci commit
git config --global alias.co checkout
git config --global alias.br branch
git config --global merge.tool opendiff
git config --global merge.summary true
git config --global core.excludesfile ~/.gitignore

alias g='git'
alias gst='g st'
alias gci='g ci'
alias gdiff='g diff'
alias gadd='g add'

I don’t have anything against the space bar, but it does seem to be easier with those aliases. See Tim’s article for some additional comments on some of the git configuration.

The color configuration commands will also add quite a bit of richness to your git experience.

Instead of typing in the password to decrypt my private SSH key every time I want to ssh to a host I use a program called ssh-agent, which is included in the openssh-clients package in CentOS.

When you run ssh-agent it creates a long-running process that holds decrypted keys and spits out some environment variables that the ssh client can use:

SSH_AUTH_SOCK=/tmp/ssh-Ksfjq28070/agent.28070; export SSH_AUTH_SOCK;
SSH_AGENT_PID=28071; export SSH_AGENT_PID;
echo Agent pid 28071;

The problem is that you want to have those environment variables sourced in when you open new terminal windows. I added the following to my .profile to write those lines out to a file so they could be sourced in easily.

test -e ~/.ssh_agent && . ~/.ssh_agent
need_to_start_ssh_agent="0"
if test "" != "$SSH_AGENT_PID" ; then
  /bin/ps -p $SSH_AGENT_PID | /usr/bin/grep ssh-agent > /dev/null
  res=$?
  if test "1" == "$res" ; then
    echo "ssh-agent is not running. We need to start the agent"
    need_to_start_ssh_agent="1"
  else
    echo "ssh-agent running - pid: $SSH_AGENT_PID"
  fi
else
  echo "ssh-agent is not running. We need to start the agent"
  need_to_start_ssh_agent="1"
fi

if test "1" == "$need_to_start_ssh_agent" ; then
  `which ssh-agent` | grep -v echo > ~/.ssh_agent
  . ~/.ssh_agent
  `which ssh-add`
fi

After using this for a while I found Daniel Robbin’s article about his keychain utility http://www.ibm.com/developerworks/library/l-keyc2/. It’s basically a more-refined version of my addition to .profile. I’m still going to stick with my solution for now because it’s so lightweight.

First, see what’s in the cache:

$ dscacheutil -cachedump
DirectoryService Cache Overview:
AAAA Queries  - Disabled (link-local IPv6 addresses)
Buckets Used  - 31
Cache Size    - 16

Entry count by category:
Group  - 2
Host   - 11
User   - 3

Flush:

$ dscacheutil -flushcache
$

All gone:

$ dscacheutil -cachedump
DirectoryService Cache Overview:
AAAA Queries  - Disabled (link-local IPv6 addresses)
Buckets Used  - 0
Cache Size    - 0

Entry count by category:

Please see the previous post to see how to clear the DNS cache on OS X Tiger http://llamalabs.com/2007/04/18/how-to-flush-your-dns-cache-on-os-x/

Here’s another rpm command I can never remember. This lists all installed packages, and sorts the list based on installed size.

rpm -qa --queryformat '%{SIZE} %{NAME} %{VENDOR}\n'  | sort -n

The -qa flag specifies that we wish to query all packages. The –queryformat flag specifies how we want each result to be formatted. See below for additional items you can put in your query format string. The -n flag for sort tells us to perform a numerical sort (rather than alphabetical). Try it without the -n to see how the output looks.

Here’s an example to see the 10 installed packages that take up the most space:

[user@host ~]$ rpm -qa –queryformat ‘%{SIZE} %{NAME} %{VENDOR}\n’  | sort -n -r | head -10
195644952 VMware-server VMware, Inc.
113550744 jdk Sun Microsystems, Inc.
66639973 glibc-common CentOS
52098364 compat-gcc-34-c++ CentOS
51851071 festival CentOS
45929176 libstdc++-devel CentOS
41768729 libgcj CentOS
41719064 MySQL-server-community MySQL AB
41653082 frysk CentOS
38859091 firefox CentOS
[user@host ~]$

There are many options that you can specify in your query format. Try this command to get a list:

[user@host ~]$ rpm –querytags
HEADERIMAGE
HEADERSIGNATURES
HEADERIMMUTABLE
HEADERREGIONS
HEADERI18NTABLE
SIGSIZE
SIGPGP
–snip–

Geoffrey Grosenbach, author of the nuby on rails blog, wrote an article titled Useful Shell Shortcuts.

He talked about the Using csh & tcsh book and gave some examples of some shortcuts. I remember using those shortcuts for a while but eventually forgot them all.

What I really found interesting were the CLI tools for interfacing with the clipboard in Mac OS X. I was surprised to see that those utilities existed. See the man pages for pbcopy and pbpaste for details on those tools.

I figured i’d mention a couple of useful commands that I use on a regular basis.

The first is Ctrl+L to clear the screen. Old habits can die hard, but there’s no reason to type ‘clear’ and hit enter to clear the screen if your shell supports Ctrl+L. I’m not sure when this feature came about, but it seems to work on tcsh 6.12.00 and bash 2.05 and 3.

The second thing I use frequently is history along with the !n shell shortcut (where n is the history id). History shows an integer next to each command. If you wish to run the command with the number 42 at the beginning of the line, you simply type !42 at the prompt.

The other benefit of using history is in a shared server environment. You’d be surprised at what you can learn by looking at the commands that other people run.

For a long time I had been using lsof to track down which process was listening on a particular port, and I know i’m not the only person to find it that way. The -p flag for netstat helps out by showing the pid of the process that owns that listening socket. Here are the flags I use when doing a netstat:

-p, --program
  Show the PID and name of the program to which each socket belongs.
-a, --all
  Show both listening and non-listening sockets.  With the --interfaces option,
  show interfaces that are not marked
--numeric , -n
  Show numerical addresses instead of trying to determine symbolic host,
  port or user names.

This gives a nice output like this:

[root@host ~]# netstat -anp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address  Foreign Address  State  PID/Program name
tcp        0      0 0.0.0.0:22       0.0.0.0:*     LISTEN      10587/sshd
tcp        0      0 0.0.0.0:80       0.0.0.0:*     LISTEN      16872/httpd
tcp        0      0 0.0.0.0:21       0.0.0.0:*     LISTEN      26698/proftpd
tcp        0      0 0.0.0.0:25       0.0.0.0:*     LISTEN      2209/sendmail

It can be a lot faster using the netstat -anp method on heavily loaded systems.

Adjust your call to dd to get the size you want.


[root@host ~]# dd if=/dev/zero of=/swapfile bs=1024 count=1048576
1048576+0 records in
1048576+0 records out
[root@host ~]# sync
[root@host ~]# mkswap /swapfile
Setting up swapspace version 1, size = 1073737 kB
[root@host ~]# swapon /swapfile
[root@host ~]# echo “/swapfile swap swap defaults 0 0″ >> /etc/fstab