Ryan White alzabo

## gist:5694537
[root@test ~]# kinit admin
Password for admin@USHAS.LO:
[root@test ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin@USHAS.LO

Valid starting     Expires            Service principal
06/02/13 14:46:14  06/03/13 14:46:11  krbtgt/USHAS.LO@USHAS.LO
[root@test ~]# ssh admin@ovz2
Connection closed by 10.3.3.61

## MySQL crash
130712  6:44:35 [Note] Event Scheduler: Loaded 2 events
130712  6:44:35 [Note] /usr/sbin/mysqld: ready for connections.
Version: '5.5.30-cll'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  MySQL Community Server (GPL)
10:44:35 UTC - mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed,
something is definitely wrong and this may fail.

## gist:7991896
type=SYSCALL msg=audit(1387217398.315:1811677): arch=c000003e syscall=2 success=yes exit=3 a0=182df40 a1=c1 a2=180 a3=7f1647fa916
1 items=2 ppid=17908 pid=22704 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="/usr/local/cpan" exe="/usr/local/cpanel/3rdparty/perl/514/bin/perl" key=(null)
type=CWD msg=audit(1387217398.315:1811677):  cwd="/usr/local/cpanel/whostmgr/docroot"
type=PATH msg=audit(1387217398.315:1811677): item=0 name="/usr/local/lib/" inode=160956447 dev=08:03 mode=040755 ouid=0 ogid=0 rd
ev=00:00 nametype=PARENT
type=PATH msg=audit(1387217398.315:1811677): item=1 name="/usr/local/lib/php.ini.lock" inode=160963285 dev=08:03 mode=0100600 oui
d=0 ogid=0 rdev=00:00 nametype=CREATE
type=SYSCALL msg=audit(1387217398.316:1811678): arch=c000003e syscall=87 success=yes exit=0 a0=182dbd0 a1=7f16481eda10 a2=7f16481
eda10 a3=1772c18 items=2 ppid=17908 pid=22704 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)

## gist:6a3f6360c4698ccd06a2
140611 19:28:29 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
2014-06-11 19:28:30 0 [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead.
2014-06-11 19:28:30 0 [Warning] The syntax 'pre-4.1 password hash' is deprecated and will be removed in a future release. Please use post-4.1 password hash instead.
2014-06-11 19:28:30 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2014-06-11 19:28:30 20854 [Note] Plugin 'FEDERATED' is disabled.
2014-06-11 19:28:30 20854 [Note] InnoDB: Started in read only mode
2014-06-11 19:28:30 20854 [Note] InnoDB: Using atomics to ref count buffer pool pages
2014-06-11 19:28:30 20854 [Note] InnoDB: The InnoDB memory heap is disabled
2014-06-11 19:28:30 20854 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2014-06-11 19:28:30 20854

## xmlrpc-distributed-brute-defense.conf
# These rules are designed to be effective versus /distributed/ brute force
# attacks. While they will function just as well against attacks which are
# /not distributed/ they will deny access to all XML-RPC method calls
# namespaced with the prefix "wp."
#
# An IP-based version of these rules may be more appropriate for sites which
# attacked from just a few distinct IP addresses.
#
# See http://alzabo.io/modsecurity/2014/09/15/wordpress-xml-rpc-brute-force.html
# for additional information

## gist:c562ef2e729654e5ad27
Sensu
-----

monitoring not only an ops problem. devs need to be on board, looped in

poor monitoring coverage

rather than making a large change, iteratively integrate sensu, gradually replacing nagios

exploring what success looks like; observations on whether or not it was better than the status quo

## gist:3df06f94dbdca01fa173
Beaker
------

acceptance-level testing
DSL
web-based output

## gist:902f3de8c34f6a574bae
Continuous Delivery
-------------------

delivering on promises
 service availability

if you're constantly changing you are less averse to change

stateless services on immutable systems

## gist:65ab77b5cdeae6a4842b

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                alzabo
                / gist:65ab77b5cdeae6a4842b
            
            
              Created
              September 24, 2014 00:48
            
          
    Jenkins/Puppet

jira
irc bots
reporting for puppet runs
ci tasks

lint


## gist:5451ed5bafda1288a54f
puppet subsystems
=================ti

catalog contains instances of type objects

tagging resources, applying only tags


multi-tier applications
=======================
	[root@test ~]# kinit admin
	Password for admin@USHAS.LO:
	[root@test ~]# klist
	Ticket cache: FILE:/tmp/krb5cc_0
	Default principal: admin@USHAS.LO

	Valid starting Expires Service principal
	06/02/13 14:46:14 06/03/13 14:46:11 krbtgt/USHAS.LO@USHAS.LO
	[root@test ~]# ssh admin@ovz2
	Connection closed by 10.3.3.61
	130712 6:44:35 [Note] Event Scheduler: Loaded 2 events
	130712 6:44:35 [Note] /usr/sbin/mysqld: ready for connections.
	Version: '5.5.30-cll' socket: '/var/lib/mysql/mysql.sock' port: 3306 MySQL Community Server (GPL)
	10:44:35 UTC - mysqld got signal 11 ;
	This could be because you hit a bug. It is also possible that this binary
	or one of the libraries it was linked against is corrupt, improperly built,
	or misconfigured. This error can also be caused by malfunctioning hardware.
	We will try our best to scrape up some info that will hopefully help
	diagnose the problem, but since we have already crashed,
	something is definitely wrong and this may fail.
	type=SYSCALL msg=audit(1387217398.315:1811677): arch=c000003e syscall=2 success=yes exit=3 a0=182df40 a1=c1 a2=180 a3=7f1647fa916
	1 items=2 ppid=17908 pid=22704 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
	comm="/usr/local/cpan" exe="/usr/local/cpanel/3rdparty/perl/514/bin/perl" key=(null)
	type=CWD msg=audit(1387217398.315:1811677): cwd="/usr/local/cpanel/whostmgr/docroot"
	type=PATH msg=audit(1387217398.315:1811677): item=0 name="/usr/local/lib/" inode=160956447 dev=08:03 mode=040755 ouid=0 ogid=0 rd
	ev=00:00 nametype=PARENT
	type=PATH msg=audit(1387217398.315:1811677): item=1 name="/usr/local/lib/php.ini.lock" inode=160963285 dev=08:03 mode=0100600 oui
	d=0 ogid=0 rdev=00:00 nametype=CREATE
	type=SYSCALL msg=audit(1387217398.316:1811678): arch=c000003e syscall=87 success=yes exit=0 a0=182dbd0 a1=7f16481eda10 a2=7f16481
	eda10 a3=1772c18 items=2 ppid=17908 pid=22704 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
	140611 19:28:29 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
	2014-06-11 19:28:30 0 [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead.
	2014-06-11 19:28:30 0 [Warning] The syntax 'pre-4.1 password hash' is deprecated and will be removed in a future release. Please use post-4.1 password hash instead.
	2014-06-11 19:28:30 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
	2014-06-11 19:28:30 20854 [Note] Plugin 'FEDERATED' is disabled.
	2014-06-11 19:28:30 20854 [Note] InnoDB: Started in read only mode
	2014-06-11 19:28:30 20854 [Note] InnoDB: Using atomics to ref count buffer pool pages
	2014-06-11 19:28:30 20854 [Note] InnoDB: The InnoDB memory heap is disabled
	2014-06-11 19:28:30 20854 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
	2014-06-11 19:28:30 20854
	# These rules are designed to be effective versus /distributed/ brute force
	# attacks. While they will function just as well against attacks which are
	# /not distributed/ they will deny access to all XML-RPC method calls
	# namespaced with the prefix "wp."
	#
	# An IP-based version of these rules may be more appropriate for sites which
	# attacked from just a few distinct IP addresses.
	#
	# See http://alzabo.io/modsecurity/2014/09/15/wordpress-xml-rpc-brute-force.html
	# for additional information
	Sensu
	-----

	monitoring not only an ops problem. devs need to be on board, looped in

	poor monitoring coverage

	rather than making a large change, iteratively integrate sensu, gradually replacing nagios

	exploring what success looks like; observations on whether or not it was better than the status quo
	Continuous Delivery
	-------------------

	delivering on promises
	service availability

	if you're constantly changing you are less averse to change

	stateless services on immutable systems
	puppet subsystems
	=================ti

	catalog contains instances of type objects

	tagging resources, applying only tags


	multi-tier applications
	=======================