Original source: https://commons.wikimedia.org/wiki/File:Devops-toolchain.svg Original source: https://commons.wikimedia.org/wiki/File:Devops-toolchain.svg

Years ago, there was a worldwide tendency to adopt ITIL in the IT departments of all organizations, big or small. This, together with the wide adoption (although misunderstood by most) adoption of COBIT led to big and small companies setting up clear pillars, where the focus was on the activity being done, instead of the product or service delivered to the customer.

Continue reading

Since the update to Prometheus 2.0, the documentation still has to catch up. Because I’ve been debugging a custom written exporter, some unwanted metrics landed in my Prometheus.

This is how to delete those series.

Enable the Prometheus Admin API

Deleting the metrics is only available over the Admin API. You can enable it with a flag. Just edit your Prometheus start-up script and add:

--web.enable-admin-api

Continue reading

This guide will show you how to deploy Proxmox VE 5 with KVM Routing and NAT on a Hetzner server with focus on networking and DHCP/DHCPv6.

Assumptions

  • The connected interface is enp4s0
  • 192.0.2.62/27 is the public IP assigned by Hetzner
  • 192.0.2.33 is the default gateway for the network
  • 10.1.1.0/24 is the private block used on the VMs
  • 2001:db8:1111:2222::/64 is the IPv6 block assigned to the host
  • 2001:db8:1111:2222:81::/80 is the IPv6 block delegated to the VMs
  • The domain name used in the VMs is my.cloud
  • The host name of the hypervisor is hyper.my.cloud
  • All the commands are run as root

Continue reading

SaltStack / Apache Logo

Ever since I’ve started hosting my own domains, I’ve searched for ways to automate the website provisioning.

Normally, the documentation includes the information on configuring your infrastructure based on roles. But if you have a webserver role for all your minions it doesn’t help with the individual provisioning I am aiming at.

Continue reading

Spring Cleaning

I’ve managed to move the blog away from tumblr.com to my own hosted server. I’m celebrating by deleting old (and obsolete) posts from my blog. I’m curious to see how much success I’ll have in writing new articles on WP.

Continue reading

Linux “root” tweaks

Tired of always being afraid someone will hack into your Linux computer/server?

One of the most important steps is to make sure the attacker can’t log in with the “root” account.

In order to do this, you have to:

  1. Make sure you can “switch user” to root (you will need to be able to control your system, after all)
  2. Make sure that nobody can log in with root, neither remote nor local.

Continue reading

Author's picture

Alex Thomae

Personal Blog

Head of Platform Engineering Compute at 1&1 IONOS

Berlin, Germany