NewPush featured in StorageNewsletter.com

StorageNewsletter.com is carrying and article about our new SAN infrastructure choice around IBM N series and Zerowait SimpleStor products. Here is an excerpt:

Zerowait Corporation, provider of independent NetApp support and off- lease systems, announced that NewPush, a global application and data-warehouse hosting company, has selected Zerowait to architect and manage NewPush’s NetApp and IBM N series storage infrastructure.

For the full article, click on NewPush Selects Zerowait


Migrate ProxMox KVM Storage from local to NFS on netapp

Proxmox KVM storage migration from local to NFS

In order to be able to use the live partition migration in Proxmox, the KVM partition needs to be on NFS or iSCSI.

Here is the process for an NFS storage.

- shut down vm
- rsync -av /var/lib/vz/images/<VMID> /mnt/pve/<NFS VOL>/images/
- edit /etc/qemu-server/<VMID>.conf
- change ide0: local:<VMID>/vm-<VMID>-disk-1.raw to ide0: <NFS VOL>:<VMID>/vm-<VMID>-disk-1.raw
- start up vm

Verifying SSL Certificates

Problem

You have a few SSL cert files on your server, but you are not sure which one is the newest, or the right cert to use.

Solution

Look at the contents of a CSR


openssl req -noout -text -in [domain_name].csr

Where [domain_name].csr is the name of the CSR file.

Look at the contents of a certificate


openssl x509 -noout -text -in [domain_name].crt

Look at the MD5 fingerprint of a certificate


openssl x509 -fingerprint -noout -in [domain_name].crt

Check the private key, the CSR, and the signed cert

To check that the private key, the CSR, and the signed cert belong to the same set, you need to compare the MD5 outputs:

openssl rsa -noout -modulus -in [domain_name].key |openssl md5
openssl req -noout -modulus -in [domain_name].csr |openssl md5
openssl x509 -noout -modulus -in [domain_name].crt |openssl md5


SMTP Server Testing with Authentication

Problem

You need to test manually an SMTP server that requires authentication.

Solution

The text you need to enter into a DOS or Unix command line is in typewriter typeface. Responses from the server are shown in italic.
telnet smtp-server.smtpdomain.com 25
Trying xxx.xxx.xxx.xxx…
Connected to smtp-server.smtpdomain.com.
Escape character is ‘^]’.
220 smtp-server.smtpdomain.com plus some other optional server greeting text

helo localhost
250 smtp-server.smtpdomain.com
auth login
You now need to enter your email and then your password encoded in BASE64. Do encode your password use the HCI Data Encoder
mail from: bnagy@newpush.com
250 Sender accepted.
rcpt to: bnagy@newpush.com
250 OK
data
354 End your message with a period.
Subject: test email

test content
.

250 Accepted message …
quit
221 Good bye.
Connection closed by foreign host.


Java Shopping Cart and eCommerce Solutions

Java Shopping Cart Hosting

The need to host a shopping cart comes up on a regular basis. There are literally hundreds of very good solutions out there. Here is a list of carts that satisfy the following criteria:
– configurable
– customizable
– embeddable
– has a flexible API
– compatible with IBM DB2
– scalable
– reliable

With these requirements, Java EE is a good technology to settle on, hence the need to find Java Shopping Cart Hosting.

Java Shopping Cart Hosting – Ready to Go Solutions

The following products have been identified as viable solutions for Java Shopping Cart Hosting deployments:

  • http://www-01.ibm.com/software/genservers/commerce/express/
  • http://www.softslate.com/
  • http://ofbiz.apache.org/
  • http://www.shopizer.com/
  • http://www.jadasite.com/
  • http://www.openedit.org/
  • http://www.konakart.com/
  • http://www.avetti.com/
  • http://allbinary.appspot.com/Weblisket.jsp

Java Shopping Cart Hosting – Tutorials

There are also a couple good tutorials we found that would walk you through how to create a shopping cart from scratch to embed into an existing application:

  • http://www.ibm.com/developerworks/library/j-ajax1/
  • http://www.tech-freaks.in/Java-Programming/JSP-Servlets/shopping-cart.html

Any of the above is supported in our Managed Hosting environment for a successful Java Shopping Cart Hosting deployment.


Restarting SMTP Service on a Domino Server

Stopping and starting a Domino Server’s SMTP service

Domino Server Settings

After updating mail routing settings on a Domino Server, typically the SMTP service needs to be restarted. The best way to do this operation is from the Domino Server Console.

Domino Server SMTP start

From the Admin UI:

  1. Click the Server – Status tab and select the Server Tasks view.
  2. Click Tools – Task – Start
  3. From the list of server tasks, select SMTP Server.
  4. Click Start Task.
  5. Click Done to close the Start New Task dialog box.

From the server console:
Load SMTP

Look for diagnostic messages on the console. Allow several minutes on a busy server.

Domino Server SMTP stop

From the Admin UI:

  1. Click the Server – Status tab and select the Server Tasks view.
  2. Select SMTP Server from the list of tasks.
  3. Click Tools – Task – Stop, and then click Yes.

From the server console:
Tell SMTP quit

Look for diagnostic messages on the console. Allow several minutes on a busy server.

Domino Server SMTP restart

From the Admin UI:

  1. Click the Server – Status tab and select the Server Tasks view.
  2. Select SMTP Server from the list of tasks.
  3. Click Tools – Task – Restart, and then click Yes.

From the server console:
Restart Task SMTP

Look for diagnostic messages on the console. Allow several minutes on a busy server.

For more articles from the NewPush Managed Domino Server Team see Domino Server Support and Collaboration Services.


Planning for Storage, Server, and Network Infrastructure

Questions to ask when planning storage and server infrastructure

Storage Requirements

  • What our their current storage environment? (What technology do we use? NetApp, EMC, HP, Hitachi, Compellant?)
  • What is our current amount of usable storage?
  • What is our current data in GB / TB? How much of that data is deemed critical as opposed to 2nd tier, or even archivable?
  • What growth increase are we seeing from year to year? (25%? 30%? 40%? More?)
  • Is this our largest variable IT cost within our overall budget?

Server Infrastructure

  • How many servers do we have within our overall Infrastructure environment?
  • What percentage is comprised of Power, Linux or “Wintel”?
  • Do we have a vendor standard? (HP, Dell, IBM?)
  • What is our overall server utilization (7%? 10%? 20%? 50%? More?)
  • Do we utilize virtualization in our server infrastructure environment?
  • If so, what percentage of our environment is virtualized?
  • What version / type of virtualization do we use?
  • Are we looking to do a server consolidation project to help us save on additional software maintenance and energy costs?

Network Infrastructure

  • Do we have (primarily) our own data center or do we store all of our equipment at a co-location / managed services location? (and if so, whom?)
  • What is our current network environment (Cisco? Avaya?)
  • Do we standardize on a vendor?
  • How old / new is their network environment?
  • What kind of connectivity do they have? (T1? T3? DS?)

Security Solutions

  • Do we have a set standard for our security environment?
  • Do we do quarterly security assessments? (PCI and/or FFIEC Assessments?) (Who do we use?)
  • Are there areas we need to improve?

Software Maintenance

Do we have a goto partner we standardize on for software and hardware maintenance contracts?

Projects

  • What are there next three primary projects?
  • What is our IT budget?
  • What is our Calendar year? Jan – Dec? July – June? Etc.

For more information about planning for storage, servers, and network infrastructure, look at our data warehouse pages.


High Availability Asterisk

Problem

If you have tried to set up high availability for an asterisk VoIP PBX, you probably notices that it is easy to do in theory, but in practice, it isn’t quite always working as expected. For example, Trixbox has ways to set up high availability (HA), but when it comes down to it, the configuration adds too much complexity, and the system overall becomes less stable.

Solution

Generation D has come out with a clustering product for Asterisk that cost $2,000 for two nodes and the web interface. They claim 7s to fail over completely, and provide an API to enable integration with other systems. If we manage to secure a demo, we will provide more details on setup and performance.


Online fax service with SSL API

Problem

You need to create an online application that is capable of sending a FAX securely (PCI, HIPAA or other compliance).

Solution

After trying trustfax and eFax, neither of which has a secure API, Ralph found that Metro Fax has a SSL API for developers and the cost is reasonable.

The following SDK as well as some supporting documentation below will help you get started: WsfSDK

The MetroFax webservice gateway is available at:

https://wsf.metrofax.com/webservice.asmx

And there is supporting documentation (NDoc) available below:

https://wsf.metrofax.com/doc

The attached SDK contains sample implementations of numerous common methods.


How to limit access to a web site on an IIS web server by IP address

Problem

You have a private web site for management purposes, and you want to limit access to it by IP address.

Solution

  • Open the IIS management MMC.
  • In the left hand treeview, drill down to the website in question.
  • The main window of the IIS7 MMC will now display all the familiar management icons.
  • Under the ‘IIS’ group you will find one named ‘IP Address and Domain Restrictions’.
  • Open this and you will see an empty list.
  • Step one here is to select ‘Edit Feature Settings’ From the right-hand menu and select the ‘Deny’ option. (this block all -undefined- IP ranges)
  • Step two will be to ‘Add Allow Entry’ for your defined remote user’s IP range.