Seite wählen

NETWAYS Blog

Lessons learned – how not to make beginner’s mistakes: Fibre

Another entry of this somewhat cathartic short series. In the previous post, I already have included a lengthy introduction, so there is no need for this anymore.

Let’s dive directly into todays topic: Fibre

Fibre is easy: light goes in on one end and in a matter of nanoseconds reaches the other end of your cable. Voila, data transferred.

Always keep in mind that you can’t conduct electricity via your fibre installation. So you have to use some kind of media converter to let your data travel. A switch might serve the same purpose.

Everybody knows about the difference between multi mode and single mode fibre, right? Actually, you don’t necessarily need to know the exact difference. Just be aware to not mix them.

Not mixing means from start to finish. Just because there is a patch panel in between, you can’t magically switch from single mode to multi mode. And vice versa, obviously.

This concerns not only the fibre itself but also the transceiver which you have to plug into your active network component.

Be sure to always have the correct transceiver for your switch/firewall model. Avoid mixing SFP, SFP+, SFP WDM and SFP with RJ45 jack. Of course the difference multi mode ./. single mode still applies.

You might have heard of GBIC. You will know when you have to use it.

Also, have a look at DAC cabling for your system. Of course you use uniform hardware, don’t you?

Speaking of uniformity: you know exactly which kind of connector types you will need for your installation. If not, look closely and keep asking yourself why you can’t plug in your connectors.

Copyright: Twentieth Century Fox

Copyright: Twentieth Century Fox

 

 

 

 

 

 

On the other hand you might have to use adapting cables, as the preexisting installation tells you so. No, a knife won’t do the trick.

Also be prepared to disjoint your patch cables to switch a and b channels. Have fun rejoining them.

For having a colourful setup, make sure all your fibres come in different colours. There is a colour code in place, but how can you express your individuality best if not using colour?

As there is no interference between the optical medium and your ethernet cabling, there is no need to route your cables separately. Todays fibre isn’t as brittle as it has been in the previous millenium. You are free to pull or twist them – you might simply intertwine your fibre in your rats nest of Cat.7 cables.

This will save mm³ of space in your rack, and rack space is expensive! (cherry on top: try to match the colour of fibre and copper jackets)

To give your datacenter the last polish, you should have plasterboard (AE: drywall) all over the place. For the perfect finish, make sure, sanding takes place while you’re doing your fibre cabling.

Only this will guarantee best results of your cleaning kit.

(/sarcasm)

Tim Albert
Tim Albert
Systems Engineer

Tim kommt aus einem kleinen Ort zwischen Nürnberg und Ansbach, an der malerischen B14 gelegen. Er hat in Erlangen Lehramt und in Koblenz Informationsmanagement studiert, wobei seine Tätigkeit als Werkstudent bei IDS Scheer seinen Schwenk von Lehramt zur IT erheblich beeinflusst hat. Neben dem Studium hat Tim sich außerdem noch bei einer Werkskundendienstfirma im User-Support verdingt. Blerim und Sebastian haben ihn Anfang 2016 zu uns ins Managed Services Team geholt, wo er sich nun insbesondere...

Lessons learned – how not to make beginner’s mistakes: Migrating server

At Netways we try to learn all the time. Often you can simply read man pages, change logs, or even tabtab through your shell command at hand.

Trainings and conferences are a bit more time consuming, but can offer you one priceless advantage: the direct communication with someone, who has seen several sides of the topic at hand. I think, you learn best from other peoples experiences – even more from the situations where failure ensued. Here it is critical to not only look at the failure itself, but why it occured and how it was finally resolved.

Using other persons failure as a mean to learn  might seem a bit cynically at first. In an ideal world, however, the same failure would only ocurr once.

So let’s begin with my contribution to a better world, maybe even as a start of a series. This entry is not meant as full post-morten per se, it only describes mistakes you can make and should avoid.

As many might know, our office moved. Having been 10ish years in our “old” office, you might figure that quite a lot “historical infrastructure” can grow in this time. Especially in an IT environment where everybody wants to try something new, better, and undocumented.

Being in the distinguished situation of having direct access to our DC via 1GBit-Fiber, it was possible to use some of our external IPs in our office. VLAN-Tagging, firewall policies, iptables rules – all well known and understood best practices. The services got installed, used and worked flawlessly for all the time and have lived happily ever after.

With the announcement of moving to the new premises, the blue sky became a bit hazy. We had to move all needed hardware devices (NASA could tell you how small and well hidden some of them can be) and also separate them from the unneeded devices. Todays story is about two specific systems, each consisting of two 1U server. Those were some of the systems which used external IPs to provide services to the public. They have been running flawlessly for quite some time and given their age, had started to develop some adorable quirks.

It was my task to move these “dear old ladies” out of the cozy office into the cold, professional DC downstairs.

What harm can 4 old and lovable server possibly do, you might ask? The answer is: None, if you treat them the way they were used to.

First things first: How can you gain access to the DC? Is there a registration process, which has to be followed? How long does this take? Can you access the DC after business hours easily? (Hints: yes, long, no)

Also don’t try to rush things when it comes to shutdown the machines for moving  them. The machines owners like to what is going to happen.

Grab all the tools you will need to remove the server from your previous rack and install them in their new home (cordless screwdriver, all bits you can find)

Are all installation material available? This is not only referring to rack rails, but also cage nuts, screws (size matters) and front covers for feng-shui and air flow. (depends, mostly: no)

Cables! Just collect all the cables you need and then some. Usually, they will be too short. Too long is not an issue you can’t fix with zip ties (you will forget these)

Do you have network access in the DC for debugging, communication etc.? (Hint: depends)

Do you want to move more than one server? Be cautios and do them step by step. You’re absolutely allowed to install them all at the same time. Be aware you might experience crooked rails, incorrect cabling and other time consuming things.

When you have installed the machines, definitely take your time to check these with a KVM device. Whichever is in reach. (you guessed it: there won’t be any when you need them the most). Don’t rely on the machine and its fancy blinkenlights: Some may flash when everything is ok, some flash to indicate errors, some don’t flash at all.

Check all your cabling at least twice, give them a gentle pull – if they come lose, you have to start over again.

Take breaks between different machines. Either try to find a cool spot in the DC (haha) or get outside, have something to drink and return refreshed. The noise (ear plugs, ANC Headphones), temperature, confinement while working in the rack will wear you out eventually.

If you route the machines traffic through several VLANs, make sure all needed switch ports are tagged (or untagged? You decide!) and firewall policies applied for the new location.

Always have a piece of paper and a (working!) pen with you – it’s faster to scribble something on paper than to crawl through yor rats nest of cabling, climb over all the machines you’re up to install and then find your trusty notebook with dead battery.

Before you finally leave, make sure to give everything one last check and, if possible, communicate with the owners of the respective machines. Collect all the tools you brought with you. If you didn’t bring them but “found” them somewhere and used them: make sure to return them.

If you run into any issues, make sure all colleagues you could ask for assistance are currently at the party you’re rushing to attend.

Also make sure to communicate only via phone, so you don’t leave any paper trail when it comes to DC access, network config or time accounting.

When you don’t experience some of these mistakes because of this post, this post was a success. Of course some points are missing (feel free to comment), but I hope the overall pattern is visible:

be prepared, double check and take your time

 

Oh, and don’t forget the key to your racks. There is just one key, right?

Tim Albert
Tim Albert
Systems Engineer

Tim kommt aus einem kleinen Ort zwischen Nürnberg und Ansbach, an der malerischen B14 gelegen. Er hat in Erlangen Lehramt und in Koblenz Informationsmanagement studiert, wobei seine Tätigkeit als Werkstudent bei IDS Scheer seinen Schwenk von Lehramt zur IT erheblich beeinflusst hat. Neben dem Studium hat Tim sich außerdem noch bei einer Werkskundendienstfirma im User-Support verdingt. Blerim und Sebastian haben ihn Anfang 2016 zu uns ins Managed Services Team geholt, wo er sich nun insbesondere...

OSDC 2019 Part 2 – Automating patching, VMs in containers & much more

After having a really successful and sublime evening event on Tuesday, today was the last day of the Open Source Data Center Conference.

Andreas Lehr and Rico Spiesberger showed off with their automated patch management using Ansible and Rundeck at Lidl and Kaufland.
Things to keep in mind:

  • rebooting bare metal takes time
  • firmware updates might change things
  • have enough space in /var/yum and /tmp -> might result in kernel panics (:

And why not doing a Live Demo at a production system and simply patch the spanish webshop?

On the next slot, it was our pleasure to welcome Kosisochukwu Anyanwu with kinvolk.io. She showed us how to use KVM as a Hypervisor, running a VM in a Docker Container! Get in touch with her at @kosyfrances and feel free to ask her for their use case.

Nikhil Kathole presented how to simplify your IT Workflow with Katello and Foreman. You can use Foreman for provisioning, configuration and monitoring (to some extend) of your hosts. It also provides you with many plugins for flexibility for provisioning tools and infrastructure. If you want to manage your .rpms/.debs, katello should be your choice

 

Troy Harvey started with tossing shirts and gave a quite interesting introduction into the concept of privacy. Privacy demands ethical behaviour of professionals and they should always try to automate things

 

Furthermore, if you want to have to use slack, try to get a job at Carta.

Colin Charles closed the conference with mysql & mariadb security. Obviously breaches are bad and there are the issues you can easily avoid. Use TLS for replication – also update your instances!

I don’t know how you feel after these two days. But I feel like I want more of that! Save the date for next OSDC!

 

 

Tim Albert
Tim Albert
Systems Engineer

Tim kommt aus einem kleinen Ort zwischen Nürnberg und Ansbach, an der malerischen B14 gelegen. Er hat in Erlangen Lehramt und in Koblenz Informationsmanagement studiert, wobei seine Tätigkeit als Werkstudent bei IDS Scheer seinen Schwenk von Lehramt zur IT erheblich beeinflusst hat. Neben dem Studium hat Tim sich außerdem noch bei einer Werkskundendienstfirma im User-Support verdingt. Blerim und Sebastian haben ihn Anfang 2016 zu uns ins Managed Services Team geholt, wo er sich nun insbesondere...

Aufmerksamkeit – ein super Mittel gegen schädliche Emails

Vor etwa einem halben Jahr stand der Autor im Kontakt mit einer lokalen Metzgerei im Vorwahlbereich 0911. Es ging um leckere Weißwürste mit ebenso leckeren Brezen.

Diese wurden geliefert und NETWAYS-typisch mit vollem Einsatz verzehrt.

Wir nehmen an, es wäre Mittwoch, 20.02.19, 09:19. Emaileingang am persönlichen Postfach:

Erstmal verblüffend:

a) Ich hatte keine Rechnungskopie angefordert.

b) Der Absender hat nichts mit der Metzgerei meines Vertrauens zu tun – die zensierte Emailadresse in der Signatur wäre allerdings korrekt.

c) Die Vorwahl in der Signatur zeigt ins Nirvana

Nun gut, aber man will ja ein verlässlicher Geschäftspartner sein, eventuell liegt es ja nur am “von meinem Samsung gesendet”?

Also klicken wir fröhlich den Link und landen auf einer Seite aus Beheshti Avenue,Tehra,1577837414,Iran??

Außerdem wird eine .doc-Datei angeboten. Auch die kleinste Metzgerei hat es mittlerweile hinbekommen, Rechnungen per pdf zu verschicken.

Aber gut, schauen wir doch mal, was LibreOffice damit so anfängt:

Hier habe ich dann das Experiment abgebrochen.

Es waren zuvor schon viele “Red Flags”, die einen aufmerksamen Emailbenutzer stutzig machen sollten.

Und im Zweifelsfall kann man seinen Geschäftskontakt auch schlicht anrufen, wenn man denn auf Nummer Sicher gehen will.

Wer sich weitere Beispiele anschauen möchte, kann bspw. hier klicken.

edit (TA): typos

Tim Albert
Tim Albert
Systems Engineer

Tim kommt aus einem kleinen Ort zwischen Nürnberg und Ansbach, an der malerischen B14 gelegen. Er hat in Erlangen Lehramt und in Koblenz Informationsmanagement studiert, wobei seine Tätigkeit als Werkstudent bei IDS Scheer seinen Schwenk von Lehramt zur IT erheblich beeinflusst hat. Neben dem Studium hat Tim sich außerdem noch bei einer Werkskundendienstfirma im User-Support verdingt. Blerim und Sebastian haben ihn Anfang 2016 zu uns ins Managed Services Team geholt, wo er sich nun insbesondere...

Startup Days bei Netways Vol. II

Dass Bernd einen gewissen Hang zum TrashTV hat, dürfte allgemein bekannt sein. Was würde also näher liegen, als sich von einem ehemaligen (stv.) Mitglied im Kunstbeirat des Deutschen Bundestages aus Nürnberg inspirieren zu lassen und seine Netways-Familie in eine selbstkonzipierte Löwenhöhle zu schicken.

Letztes Jahr wurde das Projekt initial gepitcht und dabei fiel unser neues Konferenzbuchungssystem raus.

Bis repetita non placent, könnte man meinen, aber dieses Jahr treten wir mit noch mehr Ideen an als schon 2017.
Zwischen Oktober 2018 und heute kamen etwa 100 Commits auf unsere Wiki-Page und brachten somit 12 Projekte zu Stande.
Zwar wird gibt es hier nochmal einen weed out, aber hier ein kurzer Abriss über die Projekte mit der höchsten Resonanz bisher:
Christian möchte weiter an seinem Windows Monitoring Konzept mit Icinga schrauben und sammelt hierfür Wünsche und Vorschläge.
Marius und Eric planen die Weltherrschaft bis Merz per automatisertem Aktientrading und hoffen auf mehr als 39,24% bzw. 48,52 % in der Endabstimmung.
Max verfolgt einen technischeren Ansatz und will mit seinem “SkyNET(ways)” heute das Office und morgen die Welt automatisiert kontrollieren.

(what could possibly go wrong)

Vanessa dagegen möchte etwas für unsere Gesundheit zu tun, wobei sie fachkundig von Julia unterstützt wird.
Nicole geht mit ihrem Projekt in eine Produktevaluation von Tinkerforge um unser Shop-Portfolio eventuell zu erweitern.
Wie die/der eine oder andere mitbekommen hat, sind wir dabei, in neue Buroräume zu ziehen. Die dort neue Dachterasse versuche ich, unter anderem mit Daniel, in eine Spielwiese für Urban Gardening und Gartenautomation umzuwandeln.
Wie man sehen kann, sind die Interessen bei Netways nicht ausschließlich technisch ausgerichtet.
Unseren Projektverläufen folgen kann man auf twitter: #lifeatnetways und #startupdays
Wer nächstes Jahr mitmachen möchte, darf gerne auf jobs.netways.de vorbeikommen!

Tim Albert
Tim Albert
Systems Engineer

Tim kommt aus einem kleinen Ort zwischen Nürnberg und Ansbach, an der malerischen B14 gelegen. Er hat in Erlangen Lehramt und in Koblenz Informationsmanagement studiert, wobei seine Tätigkeit als Werkstudent bei IDS Scheer seinen Schwenk von Lehramt zur IT erheblich beeinflusst hat. Neben dem Studium hat Tim sich außerdem noch bei einer Werkskundendienstfirma im User-Support verdingt. Blerim und Sebastian haben ihn Anfang 2016 zu uns ins Managed Services Team geholt, wo er sich nun insbesondere...

Veranstaltungen

Dez 01

Icinga 2 Fundamentals Training | Online

Dezember 1 @ 09:00 - Dezember 4 @ 17:00
Dez 03

DevOps Meetup

Dezember 3 @ 17:30 - 20:30
Dez 08

Terraform mit OpenStack Training | Online

Dezember 8 @ 09:00 - Dezember 9 @ 17:00
Dez 08

Icinga 2 Advanced Training | Online

Dezember 8 @ 09:00 - Dezember 10 @ 17:00
Dez 15

GitLab Training | Online

Dezember 15 @ 09:00 - Dezember 16 @ 17:00