2008/10/04

Preventive Maintenance

As I'm sitting here waiting for the numbness from my root canal earlier to wear off, I'm thinking about the preventive maintenance I could have performed to prevent needing it.  The standard stuff comes to mind of brush on a more regular basis, floss or use mouthwash, visit the dentist at least twice a year.  You know, the basics.  Stuff that is fairly common knowledge, but it's a matter of taking the time out of an already busy schedule to do the work necessary.

How does this apply to software?  If you think about it, it parallels pretty well.  Having to fix a bug in production is much the same as spending time in the dentist chair getting a cavity fixed (or in my case, a root canal).  Even worse is a full outage due to a error lingering in the code base that could have been prevented early on.  Code audits done every week or two is similar to brushing and flossing daily to prevent rot.  Checking with users a few times a year ensures the product is still fitting their needs and performing as they expect.  Granted your dentist doesn't come to you checking if everything is okay, but a couple check ups a year still prevents bigger problems.

It even applies to IT professionals.  Sure everybody does backups because it needs to be done, but how often are the backups checked by restoring from them?  If a system winds up becoming corrupted and a backup fails, it's the same as having to have a tooth pulled.  Both have to be replaced entirely.  On a more regular basis they should be verifying the systems are running as expected.  No excessive CPU spikes, adequate free disk space, no bloated memory usage.

Just as a toothbrush and floss help with regular maintenance of your teeth, tools like unit testing and system monitoring help with hardware and software maintenance.  The real question is, how often do you practice your IS & IT maintenance?

2008/08/21

The joys of Apache webserver and modules

I've been fighting an issue with Apache 2.2.8 on Ubuntu 8.04.1 (Codename Hardy Heron) to get my Subversion repository to authenticate over LDAP for work. We had previously set it up on Apache 2.0 on Gentoo. It was a week long battle, but we got it working. I figured that since we figured it out on there it should be a pretty straight forward approach this time around. Yeah, that was wishful thinking!

Doing the standard Google searches I came across the step by step guides of how to configure it (most were building from scratch). With the beauty of apt-get I had everything I needed in no time at all (Seriously wish there was a Windows alternative to that...). I created the repository for Subversion, configured Apache and Subversion to start up automatically, and added in the Subversion modules to Apache (which threw me off as it was a link in /etc/apache2/mods-enabled to /etc/apache2/mods-available). Restart Apache and everything still worked so it was time to configure a location for the repository. So following the standard layout I found on every other Google search I set it to the following:

<Location /repos>
DAV svn
SVNPath /path/to/repository
AuthType Basic
AuthLDAPEnabled on
AuthLDAPAuthoritative on

Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all

AuthName "Subversion Repository"
AuthLDAPBindDN "cn=Subversion User,dc=domain,dc=com"
AuthLDAPBindPassword UserPassword
AuthLDAPUrl "ldap://domain.com:389/dc=domain,dc=com?sAMAccountName?sub?(objectclass=user)"

Require valid-user
</Location>


I go to restart and I get a marvelous error message of:

Invalid command 'AuthLDAPEnabled', perhaps misspelled or defined by a module not  included in the server configuration


It wasn't until some repetitive googling later that I came across this amazing post that provided some insite:

http://www.linuxforums.org/forum/servers/124011-apache-ldap-authentication.html

With a little ingenuity, I figured out the correct set up for us was this:


<Location /repos>
DAV svn
SVNPath /path/to/repository
AuthBasicProvider ldap
AuthType Basic
# AuthLDAPEnabled on
AuthzLDAPAuthoritative on

Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all

AuthName "Subversion Repository"
AuthLDAPBindDN "cn=Subversion User,dc=domain,dc=com"
AuthLDAPBindPassword UserPassword
AuthLDAPUrl "ldap://domain.com:389/dc=domain,dc=com?sAMAccountName?sub?(objectclass=user)"

Require valid-user
</Location>


Now to actually continue on with why I had to set up another Subversion server...