I would really like a logfile filesystem. Something like FUSE could do this well.

I was thinking of this this morning. Managing logs from server applications is a real pain. There are numerous problems. I’ll use Apache as an example, but this applies to almost everything.

The first pain is log rotation. When Apache, say, is appending to a log file, you need to get it to close and re-open the file in order to successfully rotate it. This is difficult to do cleanly—no matter how you do it, Apache notices. There are two “traditional” methods to rotate Apache logfiles. (This applies to other server processes as well, although with different levels of rotation support in the application.)

You can rename the “live” logfile, while Apache’s still writing to it. Then tell Apache to close and re-open its logfiles (thereby creating a new one at the old name). This ensures no logs are lost, but interrupts traffic. Apache, specifically, supports a “graceful” restart option that shouldn’t drop connections, but this, in turn, can be problematic: there’s no simple, cross-platform way to know when those connections have finished and the old logfile is closed, and there are some cases where code running in Apache as a module can fail to work correctly after such a restart.

Or, you can tell Apache to log to a command over a pipe. The theory then being that these processes handle the log rotation themselves, re-opening files at the appropriate times, with the appropriate names. This actually works really well on small sites, but can be a performance or reliability issue in the long run. It also results in a huge number of these additional processes having to run, one for each log file.

And I’ve fought with both in the past, and been rather unsatisfied.

What really needs to happen, from a reliability standpoint, is for Apache (or whatever server process) to use the simplest possible logging method: open the log file for appending, creating it if it doesn’t exist, and write to it. This is not prone to failure (until the filesystem fills up.)

If there’s a system outage, there will be far fewer log entries still in RAM. Very little CPU is used. Everyone wins.

What’s missing is a file operation that’s the opposite of ftruncate(). There needs to be a way for another, unrelated process to follow along in the file, and move the records to their final destination. And this process needs to be able to delete them from the _beginning_ of the file as it goes.

The second big problem with logfile management is security. It’d be very desirable to easily enforce the idea that an application can only append to its logfiles, never delete, truncate, or overwrite them. This prevents a remote execution exploit from covering its own tracks.

Many OS’s support filesystem flags or ACLs to enforce such a policy, but it’s not portable, and interferes with the usual log rotation methods.

And this is where FUSE comes in.

A FUSE filesystem could be implemented as a _mostly_ passthrough filesystem. It could easily enforce the append-only policy in the presented filesystem.

And one way to implement a correct and complete log rotation policy would be to map the published filesystem’s files to a series of small (16KB-16MB depending on the throughput of logging that occurs) “buffer” files. As each file reaches its maximum size, the next write would go to a new file.

And a separate process could read these files and write log entries to their appropriate “final” locations.

Perhaps a sqlite database could be used by that process to record state (ensuring in the event of a crash a reasonable chance of recovering where it left off).

And the FUSE filessytem’s code path would, for the important case (”append to a file”) be very straightforward.

This requires a lot more thought…

There was a clarity of focus

A searing light of pure thought

Then it was gone

And I’m left without a clue

Different UNIX and UNIX-like OS’s require different semantics when putting an IP alias on an interface. Mac OS X’s are different from Linux or Solaris.

On Mac OS X, be sure to set your primary IP with the correct subnet mask, but each _alias_ needs to have a subnet mask of /32, or 255.255.255.255.

This is because Mac OS X just lumps all the IPs on a given interface together. As a result, when it comes time to pick an outgoing interface, it uses the first one it sees which can reach the default router. This means it may pick an unexpected one.

For example, on Linux, you might have:

eth0: 10.0.0.2 netmask 255.0.0.0
eth0:1 10.0.0.3 netmask 255.0.0.0

And a default route of 10.0.0.1. When a socket is opened to a remote host, Linux will check eth0, eth1, etc. for a route to the default router, and use that interface for the local address (unless the process specifies it).

However, in the same case, Mac OS X would have:

en0: inet 10.0.0.2 netmask 255.0.0.0
en0: inet 10.0.0.3 netmask 255.0.0.0

Because the kernel might change their order, and there’s no way to _specify_ an order, your outgoing connection might come from 10.0.0.2 or it might come from 10.0.0.3. This won’t change over time, but it might change if you add or remove an alias, or you reboot.

The right way to specify an alias on Mac OS X (and this should work on Linux and other OS’s too, but don’t take my word for it), is to ensure that the default router only lives on one interface:

en0: inet 10.0.0.2 netmask 255.0.0.0
en0: inet 10.0.0.3 netmask 255.255.255.255

Now, only 10.0.0.2’s subnet contains 10.0.0.1, so it’s the only address that will be selected for outgoing connections.

A process can still specify a source address of 10.0.0.3, and it’ll work fine. It’s just the default that’s been made deterministic here.

Making An Operating System Faster

Excellent article on some optimizations in Mac OS X. Not really any new techniques, but still quite fascinating.

–plambert

Human Virus Scanner

The virus that have infected you will be show here along with thier cures, if known.

Viruses you suffer from:

Linux

Install the latest version of Microsoft Windows. Learn to love it.

Junkfood

Eat some real food. Something which you can identify the source of every ingredient, not the point of manufacture.

Sci-fi

Stop wearing the stick-on ears.

Free BSD

The GPL isn’t that bad really. Adopt a penguin at the zoo.

8-Bit

Polygons, all the polygons you can get are not enough.

UNIX

Anything this old must be obselete. Go and install a nice modern operating system. I hear MSDOS has come a long way lately.

Discordia

Buy a suit. Invest your money. Eat hotdog buns on a friday.

Windows

Try MacOS X. It’s based on UNIX, it has a smoother UI than Windows and it doesn’t suck.
As an extra feature the boxes look nice.

vi

Escape Meta Alt Control Shift.

Computer Games

Stop staring at the screen and get some fresh air. You should see a doctor about the RSI in your thumbs.

Conspiracy Theory

Face it, the elected government is in control. Actually that’s quite scary.

Environmentalism

Consume more stuff! It’s easier to buy new stuff than to recycle.

Macintosh

Use a mouse with more than one button.

Viruses you might suffer from:

Gaming (70%)

Life is not a game.
Roll 3D6. On a 4 or more go out and do something with your life.

Religion (70%)

Read “God’s Debris” by Scott Adams (yes, the Dilbert guy)

Politics (95%)

Stop caring!

Brand Names (80%)

Having a well-known name doesn’t make it good.

X11 (60%)

I hear Mac OS 10 Aqua is nice at this time of year.

Ultima (90%)

If you find one tell us.

Prog Rock (60%)

Long hair looks dumb with a bald spot. Listen to CD’s they don’t crackle.

It occurred to me today that when I see some idiot writing in 1337-speek, I should, at least in part, blame Apple.

Thanks, Apple, for the Apple ][ and the Apple //e. You d3w|>s r0×0r.

The instructions are: Grab the nearest book, open it to page 23, find the 5th sentence, post the text of the sentence in your journal along with these instructions.

netstat -i provides information on the interfaces.

I love my fucking job…
…and my job loves fucking me!

I could write more. But that sums it up.

with a start i woke up
and looked immediately about
yet nothing seemed amiss

a whisper on the wind said
“don’t go back to sleep”

my body, too tired to be obedient
my mind, too tired to be reasonable

“why,” i whisper urgently
to the wind
“why should i not go back to sleep?”

silence

my eyes begin to close
my thoughts begin to drift

“don’t go back to sleep!”

bolt upright
eyes wide
i await the dawn

second chances
are always the best, i think
the first time i never know
if i really care
once i fail, then i know
it mattered

second chances cost more
the first time is so cheap
until its over

second chances
are the best, i think
thirds reek of desperation

–plambert

Why have I never seen Donnie Darko (2001) before?

I really enjoyed it.

(more…)

i have a powerbook, thanks to my employer.

i have an ipod.

i also have a nice nokia 3650 bluetooth telephone.

i use them all a great deal. i love them, even.

but there’s something missing…
(more…)

Just a note to any users of plambert.net’s services: at no time have my genitals come in contact with your sites . That’s a promise!

I just set up a couple useful smart playlists in iTunes. First, I created one which matches “Date Added” “is in the last” “1″ “months” and then “limit to 25 songs selected by most recently added”

I called that “Recently added”

Then I made a similar one (with the same “limit to…” clause) but selecting on “Kind” “Starts with” “Protected”. This I called “Recently bought.”

And actually, they seem to work well…

went to berkeley tonight to see kevin smith.

that man can talk! the show started late–he arrived late–and wasn’t really underway until around 19:25. he was still talking at 00:00 when we left to catch the last BART train!

the insight into the industry was fun and his delivery was entertaining. if i weren’t so tired, i’d give examples, but i really need to get to sleep.

yay kevin smith!

went to sushi with merlin last night. tim was there too.

i’d totally forgotten how yummy their live scallops were. wow.

it was good to see merlin again, and to hear he’s likely to move back to the bay area soon. that’d be great!

i cannot find a decent blogging client for Mac OS X. i just want something that’ll work simply, quickly, and without having to type tags. i don’t mind typing tags. but i’d like to set up blogs on plambert.net for others, some of whom will mind. and the tags get pretty monotonous after a while. i want command-key shortcuts, darnit.

ecto comes close, but fails with the latest WordPress in some odd ways. sigh

so i gave into my baser urges today. and i drove to mcdonald’s for lunch. i brought it back to my desk, and before eating it, i looked it up on their nutrition info web page.

they didn’t give me info on the 24oz. Coca Cola so i used the 16oz. instead. it was still frightening.

• 1,510 calories
• 65 grams of fat
• of which 19 grams are saturated fats
• 125mg of cholesterol
• 2,550mg of sodium
• 185g of carbohydrates
• and 9g of dietary fiber
• plus, as a free bonus, 51g protein!

i am truly surprised i’m not dead yet.

Testing my new weblog. I’ve tried a thousand different packages, and this seems closest to what I want. Without writing something myself. Which I may do anyway. Whee. Hopefully, it’ll be more configurable than LiveJournal…