THE BLOG

StorNext performance: Allocation fill or round robin?

Topic

There are many ways to configure and optimize your file system under StorNext, and one option that makes (or can make) a difference is the allocation strategy. Which setting to use depends on your storage and the type of content you create. For the media and entertainment world we talk about unstructured data.

For the sake of this example, I create an imaginary setup with a StorNext based MDC and one 24bay RAID (dual controller) with 2 x 24bay expansion chassis. Continue reading

FibreChannel zoning template

Topic

A SAN (storage area network) provides the option of allocating resources for device load balancing and for selective data access only to certain users. This administrative setting is called Zoning and essentially allows the administrator to control who can access what data in a SAN.

Continue reading

StorNext metadata slowness

Topic

As the  SAN environment contains many moving parts from the storage subsystem, fibre channel HBA’s, SFP’s, optical wire, the FC and Ethernet switch all the way to the metadata disks and the StorNext file system from Quantum it cannot really be called trivial. Every now and then you may struggle with performance issues that might be caused by any part mentioned above.
In such a complex environment you need to have some troubleshooting skills or you will end up ripping your hair out. Although there are many parts, I am going to focus on the StorNext metadata side in this article as I have seen it a few times now and users ended up remaking the file system.

Situation

Your SAN is working as expected with a decent performance; however, suddenly you hear from your users that browsing a folder takes a loooong time. Continue reading

Shellshock Vulnerability – Bash bug

Just recently (24 September 2014) the Shellshock bug has been discovered in the Unix Bash shell which is a wide spread used shell. This is also a known bug for OS/X based systems. Especially servers reachable in the Internet could be compromised quite easily.  According to various statistics, 50% of the Internet is driven by Unix flavored systems and almost all ports like HTTP i.e. Meaning even if you do not allow access via SSH or Telnet to this server it could be compromised via HTTP and the executable interpreter underneath.

The bugs cause Bash to unintentionally execute commands when they are stored in specially crafted environment variables and compared to the SQL Slammer in 2003 (which brought the Internet down for 12 minutes) could be worse.

Robert Graham (at errata security) who has discovered the bug wrote a little test script to demonstrate the bug which convinces machines to execute the ping command.

What does the ShellShock bug could do?

An infected host (probably a web server) scans for it’s next targets (as many as he can reach) and induces them to download the exploit code and those in turn start scanning and exploiting. This could be used for a DOS (Denial Of Service) download malware or whatever the author of that script intends to do.

How can I test if my Bash shell is vulnerable or not?

You can run this simple command below which will tell you if your Bash in vulnerable or not:

env X="() { :;}; echo busted" bash -c "echo stuff"

Result: busted stuff = Bash welcomes the bug
Result: stuff = safe (for now?)

Are there patches available?

Almost all Unix flavors have a patch available which can be updated via yum, apt-get or your choice of package manager.

 

StorNext cvfsck free space fragmentation

Situation

Many StorNext users have a handful of tools that come with the default StorNext installation, basic or full blown with interface.

One of those tools which can assist in troubleshooting is cvfsck. The most common use of cvfsck is to verify the file system itself. It’s a simple and powerful command line tool if you use it for the right reasons.

Details

Checking the health of the file system can be done when the file system if active but not really recommended as the journal is updated frequently. It’s basically a sanity check which may lead you to the action to take the file system offline. Continue reading