User: Password:
|
|
Subscribe / Log in / New account

Code names

Code names

Posted Mar 6, 2010 19:50 UTC (Sat) by nix (subscriber, #2304)
In reply to: Code names by jeremiah
Parent article: Fishy business

Um, we could always do the slice-and-dice dance. You give the server a
meaningful, memorable name, and a role-based CNAME.


(Log in to post comments)

Code names

Posted Mar 6, 2010 21:59 UTC (Sat) by jeremiah (subscriber, #1221) [Link]

yeah, but why should the names be different? esp. when all of the iptables rules, and routing are
by ip, and not name. And what could be more meaningful than staffvpn.x or clientvpn.x or dns.x or
ntp.x, web.y, etc? By keeping the hostnames the same, automated searches against centralized
syslogs never have to be changed, dns never has to be changed. I'm curious what benefit you
would get from sliceing-and-diceing?

Code names

Posted Mar 8, 2010 16:04 UTC (Mon) by Baylink (guest, #755) [Link]

I would say "well, if we can't trust you to spell 'slicing' and 'dicing' properly, then..." but Jon wants us to be polite and respectful.

So I won't. :-)

Seriously, though: the issue has to do with replacing machines. There are often cases where you *cannot* have two machines existing in the world with the same name; most of these have to do with commercial licensing and other related stupidities.

If you're in such a regime, then you have no other real choice: the machine's "true name" has to be something new, different, and arbitrary -- the last because we've already established that it *can't* be the same name as the box it's replacing, which would then have to already have the functional name.

If you're replacing one outbound FTP server with another already configured server, you drop in the replacement, test it, and then "swing" the DNS CNAME to point to it (as telco guys used to swing jumpers on switch frames at 2am on Sundays on Big Switch Cuts), and you're done.

No muss, no fuss.

But AEleen, Evi, or Tom can probably explain this to you much better than I can. :-)

Code names

Posted Mar 8, 2010 17:37 UTC (Mon) by jeremiah (subscriber, #1221) [Link]

I never said I was trustworthy or that I could spell. Only that my life has been easier after moving
from code names to role based names, in a virtualized environment w/ one service per server.
Perhaps a hybrid approach would work best. With dns-1 and dns-2 as the hostnames and dns
as the CNAME? I realize that I'm beating a dead horse here, but let me continue anyway, since
this discussion will make me better at what I do, and therefor is more about understanding, than
arguing a point.

I have 40+ fibre channel LUNS, in most cases each LUN represents server/service. Each has a
number and WWN associated with it. I can map a WWN to a NAME which is represents a target
WWN. no DNS here. I also have FC switches which need mapping as well, zone names etc. I have
8 blades each of which has the ability to have 16 named LPARS. I also have wiki-documentation
for each complete mapping (IP,name,MAC,LUN,LPAR,VLAN,etc). The only thing that is constant in
this mess is the service that the machine is performing, and the IP address where it can be
found. Perhaps this is where the issue arises, in that in everyone else's experience, the IP
address and the Service are disconnected as well. When I bring a new replacement system online
I either copy it from a hardened clean copy, or the currently running copy, and run that LUN on a
different blade where I can test it etc. Then shut both the old and the new systems down, switch
the LUN mapping, and bring the new one up. This takes 2 - 5 min tops, which in my
environment, is fine. I don't have to change any DNS entries, logging, intrusion detection, etc. All
I have to do is change one entry on a fibre-channel controller.

After reading what I have written, maybe I am 'slicing' and 'dicing' but at a different level, than
CNAMES. Because my LUNS are just numbers that I can't really control. And If I could, they would
become DNS-1,DNS-2,DNS-3. I will say though, that when trying to diagnose a problem, it
helps immensely to have strict naming conventions on every piece and configuration.

Real machines vs. single-serving

Posted Mar 9, 2010 10:53 UTC (Tue) by dion (guest, #2764) [Link]

Something strange happens when you start using tons of virtual machines, in stead of maintaining every machine and putting more services on it, every virtual machine tends to become a wrapper around a single service, once that service is no longer needed the vm is simply deleted.

In the case of virtual machines that are created on demand and are sure to get nuked when they have served their purpose, I can certainly see a good reason for using function oriented names, because that name doesn't ever grow stale and once you have 17 similar servers doing pretty much the same thing then it becomes quite boring to come up with names and equally pointless.

I have no need to name single-use build slaves, so they are simply xp-1, xp-2, xp-3 and so on, no human typically interacts with the machines in their entire lifetime (about a day) before they are deleted and re-created from the master image.

For real, actual machines I still want an abstract name that have nothing at all to do with function and point function oriented CNAMEs at it as needed.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds