Ars walkthrough: Using the ZFS next-gen filesystem on Linux In my last article on next-gen filesystems, we did something in between a generic high altitude overview of next-gen filesystems and a walkthrough of some of btrfs' features and usage. This time, we're going to specifically look at what ZFS brings to the table, walking through getting it installed and using it on one of the more popular Linux distributions: Precise Pangolin. That's the most current Long Term Support (LTS) Ubuntu release. With that said... if Ubuntu's not your cup of tea, don't worry! There are lots of options for running ZFS, and very little of this walkthrough will really depend on your use of Ubuntu in particular or even Linux in general. In the interest of brevity, I'm going to assume you're already familiar with most of the generic terms and features associated with next-gen filesystems: atomic snapshots, asynchronous incremental replication, self-healing arrays, per-block checksumming, etc. Prerequisites and installation Initial tuning Learning ZFS lingo vdev zpool
Taking e-mail back, part 2: Arming your server with Postfix and Dovecot In our last episode... Welcome back to our series on taking your e-mail back! In part 1, we looked at exactly why we're spending so much time discussing how to host your own e-mail server—something that is by all rights a solved problem in the modern Internet age. We touched briefly on concepts of ownership and security before talking about the responsibility that comes with that ownership and security. E-mail is like a puppy, and once you step up and own your own puppy, you've got to take care of it, clean up after it, and make sure evil people don't infect it with horrible viruses and transform it into a zombie. (Whoa. By the end of part 1, we had purchased a domain name, set up a basic server, and done a bare-bones installation of Postfix and Dovecot. Here in part 2, we've got three primary tasks: Let's get started. One last thing... Before we do anything else, it's time to update stuff. To update your server, log in via ssh and run the following two commands: Certifiable
Taking e-mail back, part 3: Fortifying your box against spammers It's time for part 3 of getting your e-mail server up and running! We have six main tasks with this segment, each of which has its own chunk of subtasks. We'll go through them in roughly this order: Install OpenDKIM so that we can use DomainKeys Identified Mail to help recipient domains validate that the e-mail we send actually comes from usInstall SpamAssassin for spam filteringInstall ClamAV for virus scanning (though this is somewhat optional, as we'll discuss when we get there)Configure SpamAssassin and ClamAV and talk a bit about spam filteringConfigure our external DNS and talk a bit about how to handle internal DNS as well (as part of this, we'll set up DKIM and SPF records and also talk about reverse-lookups)Set up some server-side mail filters with Sieve to toss spam and do some other neat tricks After completing part 2, our e-mail server has an almost fully configured Postfix and Dovecot stack. The first thing we need to get operational is DKIM: DomainKeys Identified Mail.
Taking e-mail back, part 4: The finale, with webmail & everything after You all have persevered through quite a bit to get to this point: we have a functional and secure e-mail server that does a good job at ignoring or dumping off spam before it hits your inbox. We've got all the right pieces in place to ensure that the mail we send gets delivered; we've got OpenDKIM operational, and we've got DNS properly configured (including reverse lookups!). We could stop here and declare success. After all, you can plug your mail account name and password into your mail app or your smartphone and send and receive e-mail. But are there any extra steps we can take to increase security? We're going to answer all of these questions in this final installment. Postscreen and additional filtering The Postfix configuration we set up in parts 1-3 is pretty aggressive. Postscreen actually does a whole bunch of other stuff, too, all with the intent of separating legitimate mail senders from spammers. Restart Postfix with sudo service postfix restart to make your changes live.
The Ars NAS distribution shootout: FreeNAS vs NAS4Free If you've been following along with our earlier articles on next-gen filesystems like btrfs and zfs, but wanted an easy way to get started without having to learn anything on the command line (or need an easy way to take advantage even though you're a Windows-only user), you're in luck. Today, we're going to look at two ready-to-rock ZFS-enabled network attached storage distributions: FreeNAS and NAS4Free. What's in a name? If FreeNAS and NAS4Free sound suspiciously similar, it's because they share a common root. ixSystems—the same folks who maintain the PC-BSD desktop oriented flavor of FreeBSD—acquired the FreeNAS name from Mr. What they have in common FreeNAS and NAS4Free are both "turnkey" network attached storage distributions with a relatively simple setup and Web interface for easier management. Windows users can successfully view and edit ownership and permissions using Windows Explorer without realizing anything is amiss. Where they diverge
Web Served, the finale: Congrats, you have a Web server! What’s next? Welcome, dear readers, to the final piece in our long-running "Web Served" series. Starting last November, Ars has been helping to shed light on the fun world of DIY Web hosting—we started with setting up Nginx on Ubuntu, and we've progressed to advanced application hosting with PHP and even Node.js. Along the way we've struggled with the command line and probably cursed at typos in config files. We've felt the incredible triumph of a simple "success" log file message and the crushing defeat of an error that appears to be happening for absolutely no reason. At this point you've got a functional Nginx Web server that's configured with an eye toward speed and security. But there is so much more out there beyond simple PHP applications! Strap in. Charts, graphs, and stats We've set up a whole lot of stuff over the past eight articles, but we haven't focused much at all on the monitoring and reporting side of things. Piwik for self-hosted analytics
How many apps does it take to back up your data? Sysadmin blog What is the better approach to backups: a single service that can back up everything on your network or a collection of applications for backing up different items? Over the course of my career I have been on both sides of this argument and I am still not convinced either is right. Now a pending network upgrade has forced me to scrap a recent backup plan and reopen the old debate. The more the merrier One of the simplest reasons to look towards multiple backup applications – or multiple instances of the same application – is restore speed. I have had to do a few full-bore disaster recovery events: they aren't pretty and they aren't fun. As well as the human side of the equation there is the more pragmatic time-is-money maths. Some backup providers grok this, others don't, but in my experience no single application is as fast as a restore from multiple points simultaneously. How will I know? The number of applications we use every day is growing. Trust me, I’m a provider
Open ZFS wielders kick off 'truly open source' dev group A bunch of companies that rely on ZFS to power their products have banded together in a new open source cabal that says it will offer a "truly open source" version of the filesystem. The group revealed itself to the world yesterday, erecting the eponymous open-zfs.org website and announcing an intention to do the following three things: Raise awareness of the quality, utility, and availability of OpenZFS by consolidating documentation for developers and sysadmins alike, and by engaging with the larger tech community through conferences, meetups, and online interactions. The last point is important because ZFS has forked many a time. More specific action items are listed on a Projects page that includes a plan to add Raspberry Pi support, better support for ZFS as a filesystem addressed by virtual machines and work to improve ZFS and Lustre interoperability. The first members of the effort are make use of ZFS in their products. ZFS co-founder Matt Ahrens has given the group his blessing.
Meeting the bandwidth demands of taking your business into the cloud Moving infrastructure from premises to the cloud can make sense for a lot of businesses. Few are going to look back on their lives, warmly recalling that time that they backed up their Exchange server or increased someone's mail quota. Microsoft and Google (among others) can both run your mail system for you for a reasonable monthly fee. And Mail is just the start. To use any of these services you will need a connection to the Internet. While on-premises systems can benefit from nice fast LAN connectivity, with even 10gigE becoming a fixture in the server room and gigabit common elsewhere, cloud services generally have to make do with much scarcer bandwidth resources. That's unfortunate, because a good case could be made that these are the sites that stand to gain most from cloud services, thanks to their lack of on-site IT staff. Varying needs Bandwidth requirements will of course depend on the service being used. Some tasks can be highly variable. Other applications aren't so robust.