I spent the last month taking a break from Open Source, partly due to FreeBSD 7.1 failing to hit the FTP servers as scheduled (any excuse), but mostly due to Santa’s early delivery of Ableton Live. Not really Open Source I may add but extremely cool nonetheless and a much needed break from coding!.

I find that staring too much at code can hamper the creative process (hehe), and as you know Creativity and Innovation go hand in hand with Open Source Software!.

Speaking of which, while I have been busy playing with waveforms and elastic audio, the Open Source world has been all guns blazing with cool releases like MySQL 5.1 GA, Open Solaris 2008.11, VirtualBox 2.1 and WordPress 2.7 to name a few.
You really cannot take a break these days without something big in the world of Open Source happening in your absence.

So the year is nearly at an end which got me thinking, what was the highlight of 2008 in the world of Open Source?.
I have to confess to spending more time than I would have liked this year working with proprietary software, always in combination with Open Source tools of course!. So if I had to highlight anything from 2008 it would be that Open Source is now more pervasive than ever. From your OSX laptop at home to the Linux servers at work, right the way up to the Internet’s biggest sites and services (running FreeBSD ), you’ll find Open Source Software behind every successful venture. In fact it is now so popular even Microsoft could not resist the urge to get in on the game!.

In fact there are so many Companies using Open Source now that proprietary software may actually be the minority! We all know everyone loves an underdog, so maybe propreitary software will be the hit in 2009? Then again with the state of the economy maybe not!

The biggest influence for me this year (both good and bad) had to be Sun Microsystems who played a large part in Open Source adoption in the enterprise and continue to lead the way with their open business model (GlassFish, MySQL, Netbeans, OpenJDK, OpenSolaris and VirtualBox to name just a few of their many contributions).

Although most of the time it seems like they cannot do anything right, one thing is for sure, without the corporate weight of Sun behind the Open Source ethos we may not have made it here so quickly. So while your saving big bucks with your ZFS storage and processing millions of transactions with MySQL, don’t forget to say thank you to Sun next time you are complaining about JavaFX or MySQL 5.1.
You may even want to swap those complaints for contributions (I know complaining is often easier). Thanks Sun!

So if you are one of the few companies yet to Open your code to the world, what are you waiting for? This Christmas give the gift of knowledge and share your achievements instead of fearing the competition and wrapping your code in a black box (don’t worry we won’t laugh at it). You’ll feel much better knowing you helped make the world a better place!

Until next year I wish you all a Very Open Source Christmas!! and as always Happy Coding!

Happy Halloween! – well by the time you read this it will be more – Remember, remember the 5th of November!. So what’s been happening?

Well I spent the last month getting to grips with DB2 – why I hear you ask?.
You shouldn’t keep all your eggs in one basket, and there were rumors that DB2 might become Open Source at some point (or not). Anyway even if that never happens there is a lot to learn from the original DBMS and with DB2 Express-C available for free there’s nothing to stop your Open Source app taking advantage of that fact. Besides competition is a good thing.

Anyway not forgetting my favorite DBMS, I managed to find time to spend a morning at the 4th MySQL Conference in London where the keynote opened to – here comes the sun – cute. There was a lot of emphasis on the fact that MySQL was not being written to run faster on Solaris (even though I got the impression that it does, with features like ZFS and snappy 64bit libraries outlined during the second session).

It was a relief to hear that MySQL 5.1 will finally go GA during the first week in December along with the new query analyzer (aka proxy). I couldn’t help get the feeling of déjà vu out of my head, after all it was only last October that I remember seeing some very similar slides – anyway fingers crossed for a December release!.

My only disappointment at the conference was hearing that the auditing / security features would not make an appearance until after 2010? (TBD), frustrating especially with items like PCI compliance high on everyones agenda. Still with a little ingenuity and help from the MySQL Proxy Server you can roll your own auditing solution and customise it to your own needs (is there anything proxy can’t do ).

Speaking of which it looks like the Proxy Server will finally hit GA early next year in the form of the MySQL Load Balancer. In fact it is planned to make an appearance in December in the form of the Query Analyzer – yes that’s based on the Proxy too!. Time to brush up on your Lua and check out the samples over at the Forge.

The big news this October/November goes to the G1, the first phone to take advantage of Android: a complete, open, and free mobile platform.

My own G1 adventure started last Thursday with a call to T-Mobile who were keen to dispatch my phone next day, but not so keen to deliver it to my workplace. Not a problem, I could wait till the weekend even if it meant paying £6 for delivery.

Saturday morning came and went with no sign of a Royal Mail van and after a 20 minute call to T-Mobile it seemed I would not be getting my G1 anytime soon. I listened to several explanations ranging from the order not going through to high demand exhausting stock. No offer of apology or even a discount of any kind!.

Not one to accept lame excuses I asked for the order to be cancelled and fought for another 15 minutes with a customer service rep who claimed the order could not be cancelled over the phone. His manager however had no problem canceling the order – funny that eh. A quick Google search confirmed my thoughts!.

My local T-Mobile shop was not much help either claiming that the plan I had accepted on Thursday no longer existed on Saturday due to it now being November. They did however have the G1 in stock, well they did until I decided to purchase it, then it seemed Monday was the earliest I could get one. I picked mine up on Sunday from Bluewater and even got the plan that no longer existed this month…

The fun didn’t end there though as it was about 5 minutes after opening the phone that I managed to lock the SIM while trying to set-up the password protection – PUK locked please contact customer services – do I have to I thought!. 30 minutes later the customer services rep had no idea how we could unlock the phone and instead decided to give me my PUK code along with the phone number for HTC‘s customer services (it’s their problem not T-Mobile’s) – which as you may have guessed already happened to be closed at the weekend. Maybe Google could help!.

Another quick search and it seemed I was not the only one with this problem and the only answer so far was to place the sim in another phone to enter the PUK code and unlock the SIM. Simple when you know how! (and you have a spare mobile to hand). Anyway my phone is now unlocked and I’m ready to start exploring Android. I did try logging into the My T-Mobile site to register my phone etc however the link failed – no surprises there.

As with most Open Source projects it is the community that provides the support and with the G1 / Android this is no exception. If you want to learn more about Android on the G1 don’t waste your time contacting T-Mobile, instead head on over to the website or forum and marvel at what is no doubt going to be THE mobile platform of 2009. All I need to do now is think up an idea for an app…..

If you are security conscious and nowadays who isn’t?, you may have pondered over ways to make your external SSH connection safer.
Of course there’s always One-time Passwords and Public Keys, but if like me you watch the daily barrage of brute force attacks you may be thinking it’s only a matter of time…

That’s what I was thinking at about the same time an SMS arrived on my mobile….then it hit me….I take my mobile everywhere, if only my server could call me and ask if it is really me trying to log in.

My first instinct was to try and insert a Perl or Python script into the login process. After all Clickatell have several libraries that you can use to send SMS messages. How hard could it be?
Well for starters it didn’t feel right relying on a script that runs within an interpreter that is running within a shell, but how else could it be done? Pluggable Authentication sprang to mind but that’s hard right? Wrong!.

Hitting the FreeBSD handbook I was able to gain a decent understanding of PAM functionality and even managed to find some sample code. Shame the programming section had not yet been written. O’Reilly to the rescue. After reading a few articles on PAM it wasn’t long before I had a working prototype, in fact most of my time was spent deciding upon the right library/s to use.
The end result is a pam module that can be dropped into the authentication chain for any PAM aware application/service – think SSH, FTP, POP3 etc.

Upon successfully entering your Username/Password the pam_codemein module uses libcurl to send an HTTPS request via Clickatell, my preferred SMS gateway, which then forwards the random Code to your mobile before prompting you to enter the same Code at the prompt to gain access. Of course there are issues with using SMS, such as mobile reception and timeouts, but in testing I didn’t notice any.

If you are concerned over the cost of SMS messages, Clickatell are a bulk SMS provider so rates are good, and if you prefer to be contacted via some other method the code can be adapted to any other service e.g. XMPP via TLS, you could even GPG encrypt the Code in an email if you prefer.

It was only after I had the fun of writing this module that I stumbled across this blog post. Shame as it may have saved me a lot of time, but hey where’s the fun in that? I’ll just have to get cracking on the XMPP method – either that or search deeper within Google.

Have you seen RT 3.8!

It’s been a long time coming but after 2 years in the making the enterprise-grade ticketing system that is RT has had a well earned facelift, and what a difference!!.

Upgrading from 3.6.3 would have been straightforward if it was not for the fact that I also decided to upgrade to MySQL 5.1 at the same time. The final product made the pitfalls worthwhile however and RT is now slicker than ever. Plus I got know RT better along the way – bonus!.

If your thinking of upgrading to RT 3.8 / MySQL 5.1 just remember to use the MyISAM engine for the Attachments table (It’s worked so far for me with around 84k tickets). Failing to do so will result in slow response from the UI on certain actions due to MySQL failing to select the correct index on certain queries:

ALTER TABLE Attachments ENGINE=MyISAM;

It looks like the optimiser is broken for the InnoDB plugin, however if you check out this bug it may have been fixed by now (I was using FreeBSD port: mysql-server-5.1.26).

After spending the best part of an hour installing the latest OpenSolaris 2008.5 release, which I may add was straightforward and a massive improvement on previous releases (ZFS default filesystem – very cool!) I headed over to the IBM website to download DB2.
After spending the best part of 10 minutes navigating the website and filling in forms I found no sign of the Solaris x86_64 version of DB2 9.5 Enterprise, all I could find was the SPARC install.

Never mind I thought, the Express-C release will do for now and the documentation does say that DB2 Enterprise will run on Solaris x86_64 so I can upgrade later if needed (that is if I can find the install ).

Having downloaded and untarred the install files I ran the setup program db2setup only to be greeted with an empty command prompt. The Getting Started guide did mention this might happen so I proceeded to run the fix xset fp+ /usr/openwin/lib/X11/fonts/TTbitmaps only to find TTbitmaps missing….

Frustrated with the lack of support for OpenSolaris and the BSD’s from both Oracle’s 11G database and IBM’s DB2 9.5 Enterprise, I resigned to the fact that I would have to leave playing with Solaris for another day and install Linux instead. Gentoo to the rescue!.

It’s been a while since the last Gentoo release and I have to admit I gave up waiting for a release about a year ago. It was my desire to roll with BSD that prompted me to wander over to the Gentoo website – if only out of curiousity. What a surprise it was to see a 2008.0 release, Gentoo may not be Unix but if you are a BSD fan it is similar enough to enjoy working with it. Portage rocks!.

Installation may not be the fastest and certainly isn’t the easiest, but it is the most rewarding in that you get to watch your server grow from /mnt/gentoo to a high performance server right before your fingertips. It may take all day , but you get to control every step of the install giving you a better feel for how things work – you might even learn a thing or two along the way!.

The DB2 install under Gentoo was painless, all it took was a few USE entries and several emerge statements to get the OS ready to install the tarball.
All I have to do now is find the client tools for OSX….

If only your database would just tell you that replication had failed or that the disk was full…
Ok some database servers do but MySQL doesn’t (yet). Another excuse to write a script

In my pursuit for total database visibility I have been searching for a tool that would tell me when something went wrong, that would simulate regular usage, and let me know if anything failed. After all SNMP can only probe so far and if your database is secure the last thing you want to do is open up another port on your server.

Don’t get me wrong there are tools out there that do a decent job of monitoring MySQL. MySQL Entperprise Monitor is one such tool. But if you want to look under the hood or add some functionality specific to your environment things start to get tricky.

So what’s this dbAlerter?

dbAlerter is the name of a project (Script) that I started developing to provide notification of key server events. It’s written in Python; Why?, I wanted something lightweight. Java would have been my first choice but the JVM eats too much ram and felt too heavy for such simple functionality.
Python on the other hand feels lighter and when running a script as a daemon it seems to take up less resources allowing the DB to use more memory and continue doing it’s job. Plus it’s been a while since I wrote anything with Python, variety is the spice of life!

Speaking of Java, if you have ever used tools like JConsole and jmap (and if not why not!) you may not have realised that since JDK 6 Update 7 there’s now one tool to rule them all – VisualVM.

VisualVM pulls together several commandline tools like JConsole, jstat, jinfo, jstack, and jmap to make monitoring and profiling a more visual experience.

Now that the changes from BSD Java have been merged into the OpenJDK and the FreeBSD Foundation have updated the JDK to 1.6.0-7 I’m pretty sure the original concept of write once run anywhere is closer than ever.

Databases are used by many different disciplines, from your DBA to your Developer, right down to the End User. They can also be viewed from many different perspectives…

DBA’s are usually interested in the server configuration, index usage etc. Developers however are often concerned with retrieval methods, datatypes and occasionally stored procedures. One thing is for sure, your database if used effectively will be changing frequently, and with so many people accessing your database do you know what the last change was? Would you know if someone added an index to a table? (would you care… )

Revision Control is often used to track changes to source code and other documents, so why not your database?.

When I first started to think about change control for my database servers one tool sprung to mind, Rancid. If you manage more than one network device you may already be familiar with the Really Awesome New Cisco confIg Differ.

Using a combination of scripts Rancid will connect to your network devices, check for changes by comparing the config with a VCS managed copy and notify you with details of the changes. Why not do the same for your database? Enter dbRecorder.

Rather than extend Rancid I decided to prove the concept by writing a quick Java application that utilised Open Source libraries like SVNKit and jYAML. The features continued to creep and before I knew it I was recording more than just table definitions. Server configuration and grant tables all found their way into my Subversion repository coupled with e-mail notification whenever anything changed – nice huh!.

The aptly named dbRecorder is currently targeted at my database of choice, MySQL. It’s far from a finished product (then again so are most of my ideas) but it’s working to a degree and can only improve over time….

One thing I never got around to was making this site work well with IE6 (or even just splash the screen with some silly message when someone using IE6 tries to connect) and with Firefox 3 soon to be released I am hoping I won’t have to. If you have not tried Firefox 3 already you can visit the site today and pledge your download to help break a world record as soon as it is released!.

It’s been a while since I had chance to work on Informeer as my itch was one of multi-user web based password management (AuthStor). Oh and moving house.

Now that things are settling down again (Servers back up and running) I decided to take a break from AuthStor and focus on something new – Informeer.

The concept is simple, Centralised Notification.

I am forever configuring notifications from several sources, be it backup alerts, host monitoring notification and even simple applications that send mail via SMTP. When living in a world of change, both software and business, having to visit every application to change an e-mail address or add a new user to a notification schedule can be quite time consuming. Add to that the effort of having to modify firewalls, SMTP servers and XMPP settings etc etc. The idea of a single web interface where all your notifications can be configured is quite appealing. Informeer aims to make that a reality (one day).

While I take my time with the implementation I thought I would post a basic intro to RPC-XML using Perl. The RPC-XML Perl module makes writing your own client/server application a piece of cake, and while not quite point and click, it will give you enough flexibility to centralise your own notifications (or anything else for that matter). It’s not rocket science, but it works!

If you have been looking for a flexible quick and easy fix to the centralised notification problem, or even if you are just looking to push some data from a firewalled site to one of your servers This Tutorial should help get you started.

In between moving house and playing with notifications I found time to upgrade to WordPress 2.5 and MoinMoin 1.6, and wow what an improvement in both camps.
The WordPress dashboard is the most visible improvement – it’s amazingly clean! If you have been waiting for 2.5 to settle down or just cautious about upgrading, I would say take the plunge, you won’t regret it. As for MoinMoin 1.6, there really is no better Wiki engine out there (my opinion) and it just keeps getting better with every release!.

That just leaves me to post a quick MySQL tip that may well be obvious, but happens to catch me out from time to time.

MySQL Tip of the month

If you ever get the urge to convert a 1Gig MyISAM table (with 34 million rows) to InnoDB within MySQL, try to avoid the simple ALTER TABLE tablename ENGINE=INNODB; method.
I made the mistake of running that command on a fairly decent server with bags of space and memory only to find the command running over 5 hours later with an InnoDB tablespace at around 4Gig (ok a bit of tuning might have helped)

Your best bet is to dump the table using mysqldump, drop the existing table and re-import the table after modifying the definition to be InnoDB. That worked for me in less than 10 minutes. Alternatively you can create a new InnoDB table and insert directly from the existing table as per MySQL documentation e.g INSERT INTO newtable SELECT * FROM oldtable.

I’m sure I am not the first to make this mistake, and may not be the last…..

It’s been a busy month so far and with Easter now upon us the year is showing no sign of deceleration.

I spent the last few weeks working hard to recover from my initial attempt at passing the Zend Certified Engineer exam. Having used PHP and other languages for several years I grabbed a copy of the Php|architect’s Zend PHP 5 Certification Study Guide, bought a few online practice tests from Zend and spent a few days scoring Excellent before heading down to the test centre confident I would be leaving with a Pass.
Forty five minutes into the exam I was racing through the questions thinking I had it in the bag only to be presented with a Fail upon clicking the End button…..Bummer

The score report gave no real indication of how close I came to passing, so wondering where I went wrong I scoured the net for any information that could help me prepare for my next attempt (which you get a 10% discount on if you ask Zend nicely). During my search I found the Zend Certification Forum, however it was broken and I had to ask for it to be fixed (which took a couple of days) before I could read others views on the exam. The Zend forum and site I have to say are not good adverts for PHP. The site often takes ages to load (is this down to PHP? people will think) and the forum feels pre web 2.0.

After a few hours of searching I finally found this PDF, the PHP 5 course material that outlines everything you need to focus on for the exam and provides enough examples to to get your head around the “gotchas” that are hidden in many of the questions. Second time round I passed, although many questions were similar to my first attempt and I answered them no different, I can only put my initial fail down to the PHP “gotchas” like:

What is the output of echo 09;

Post certification I had to ask for the Yellow Pages entry to be added (a common problem it seems), and after finally getting the page updated it seems to have reverted to its former state…..If only it was written in Java I keep thinking to myself.
Don’t get me wrong I am a big fan of PHP but feel its place is within the presentation layer (this site is written using PHP). When it comes down to middle tier processing I am yet to be convinced…

Speaking of Java, I decided that along with moving house this Easter (I need a server room ), I would open my mind to the world of software that is Oracle. The Oracle Database is hardly Open Source, however Oracle as a company do support the Open Source Community and to be honest I’m a knowledge junkie and need something fresh to feed my mind with (fear not MySQL).
Besides at the end of the day everything I learn from taking apart Oracle can be directly applied to the Open Source world, that is if it has not been applied already.

You may have noticed the Easter Bunny pic included with this post and if you are into Open Source you would have recognised him as Big Buck Bunny the star of the upcoming open movie Peach. That’s right there are only a few more weeks to the release of the movie and you can now take a look at the trailer before downloading your copy of Blender and having a go yourself – I can’t wait!

I spend the majority of my days working with OpenSource Unix derivatives and have to say I enjoy every minute of it! Not a day goes by where I do not learn something new or discover a new way to solve a problem all thanks to Unics (Everything has a beginning).

If you are passionate about GNU / Unix / Linux / OpenSource I apologise for the generalization “Unix” but wanted to focus on the OS and tools that make moving between one Unix variant and another as easy as pie.
Putting aside all the nuances that distinguish the many flavors of Unix, once you gain a core understanding of the Community, Tools and Kernels, you find that moving from one OS flavor to another is as simple as uname and man.

Take for instance my latest branch off the Unix tree – HP-UX. Having minimal exposure to HP-UX I wanted to get up to speed quick as possible, so I grabbed a copy of the HP-UX Study Guide and booked the CSA exam knowing that if I had a goal I would not just move onto the next flavor.

The book was a great resource and I only wished I had read it sooner as it covered many tools and concepts that are commonplace in SVR4 Unix derivatives such as Solaris. I felt like I was stepping back 10 years to when I first started to discover basic utilities such as cat, sed and awk but explained in so much detail that I found myself learning some new tricks!. Even if you are not interested in HP-UX this book is so well written and easy to condense that it is worth a place on your Unix bookshelf!.

As for HP-UX, well I felt right at home and only had to spend time learning the key differences such as Software Management and HP’s Partitioning Continuum technology (Virtualization to you and me) – very cool!.

Would I run HP-UX on my own servers? Probably not, it’s not OpenSource for starters (plus I don’t have the hardware), and to be honest I have been running FreeBSD for over 10 years now and no matter how many Unix/Linux derivatives I encounter not one has been able to surpass FreeBSD’s community, stability and manageability. Plus FreeBSD is Free in every sense!.

Speaking of FreeBSD you might have noticed the image in the upper left corner of this post – yes you guessed it; FreeBSD 7.0 has been released!.
I have been running a release candidate for a while now and have to say that the one thing you will notice is how fast it runs. Don’t take my word for that either, check out the Benchmarks and read through the new features explained in detail over at the BSD Devcenter. With performance like that why would you want to run any other OS?

Download your copy from here and never look back.

AuthStor came to life back in late 2007 after the Password Safe I had been using became corrupt. Not through any failure in Password Safe’s functionality but really to the way it was being used – Multi-User.

I had been seeking a decent Web Based Password Manager (Open Source of course) for ages but had not found anything that I liked. All the semi-decent software out there seemed to be Closed Source with license fees attached and to be honest I would feel more comfortable if I understood the inner workings, especially if this software is storing the key to my empire (mwuhahahaha).

So after a long history of Spreadsheets, Password Safe, Keychain and various other methods of storing passwords I finally decided to scratch the itch and roll my own password manager.

Now AuthStor is not my first attempt at a password manager, in fact I originally started to write an extension to MoinMoin that provided a method of storing passwords directly within the Wiki. This worked great for a while but was not the most secure method of managing passwords, especially as the secret key was embedded within the Python code!. I learned a lot from mmPasswords and hope to improve upon that greatly through the development of AuthStor.

So what is in store for AuthStor? (Get it? ) Well key features will include Multi-User capability, Full auditing, GnuPG encryption, REST like interface and that is just the start. Future plans include interfaces like SMS, VoIP and anything else I can think up.

Here is a sneak peak of the progress made so far:

The application itself is written in Perl and runs on top of the Catalyst Framework. Why Catalyst? Flexibility, Performance, Scalability, the list goes on… Catalyst’s plugin architecture provides multiple views (among many other things) so I can focus on the functionality and not worry about the presentation. Speaking of presentation, AuthStor makes extensive use of the Yahoo! User Interface Library to provide a rich interface with dynamic elements such as DataTable’s, Toolbars and Treeviews and all wrapped in a BSD License!!. Nice work folks!.

Expect a commit in the next few weeks…