Dell is building up its system management capabilities to make it easier for customers to monitor and manage their PowerEdge servers in virtualized data centers.

Dell officials on Jan. 19 announced several enhancements to its systems management portfolio, including the Dell Management Plug-in for VMware vCenter, which enables IT administrators to do a wide variety of server tasks—from provisioning bare metal servers to deploying hypervisors to updating firmware and BIOS—directly from VMware’s vCenter management console.

[...]

With the VMware plug-in the cost is contingent on the number of 11th-generation PowerEdge servers that are being managed via VMware’s vCenter, Iler said. Pricing starts at $299 for three servers, and goes to $799 for 10 servers, $1,799 for 50 and $2,999 for 1,000 systems.

This is very handy indeed, although I don’t forsee smaller companies paying for the feature very frequently.

via Dell Offers VMware Plug-In for PowerEdge Servers – IT Infrastructure – News & Reviews – eWeek.com.

I have a few CentOS 5.4 webservers to upgrade from httpd 2.2.3 to 2.2.17, but 2.2.17 isn’t available as an RPM from in any repository that I can find, so I’m making my own.  Here’s how I did it.

First, I built a new CentOS 5.4 x64 virtual machine on a spare 64-bit VMware vCenter server using the same ISO as my production machines.  This VM will have a plethora of build and development tools that I don’t need or want in production.

Then, I googled around and found some helps on setting up an RPM build environment, including wiki.centos.org, and OwlRiver.com.

Next, I logged in as root, and:

# yum update
# yum groupinstall "Development Tools"
# yum install rpmdevtools rpm-build  redhat-rpm-config  openssl-devel

Create a user to run the build process, and then become that user:

# /usr/sbin/useradd rpmbuilder
# su - rpmbuilder

Set up rpmbuilder’s environment, using the Owl River’s tips:

$ wget http://www.oldrpm.org/hintskinks/buildtree/RPM-build-tree.txt
$ chmod 755 RPM-build-tree.txt
$ ./RPM-build-tree.txt

Then wget httpd-2.2.17.tar.gz from one of the Apache mirrors, and try a build and see what else is needed. (NOTE: httpd includes an httpd.spec file in the root of the tarball, which greatly simplifies building an RPM from the source — we do not need to create a .spec file to guide the creation of the RPM. If you want to modify the build parameters of the RPM, extract the .spec file (tar zxvf httpd-2.2.17.tar.gz httpd.spec), modify it, and then specify your .spec file with rpmbuild --rmspec httpd.spec.)

$ rpmbuild -tb httpd-2.2.17.tar.gz
error: Failed build dependencies:
apr-devel is needed by httpd-2.2.17-1.x86_64
apr-util-devel is needed by httpd-2.2.17-1.x86_64
openldap-devel is needed by httpd-2.2.17-1.x86_64
db4-devel is needed by httpd-2.2.17-1.x86_64
expat-devel is needed by httpd-2.2.17-1.x86_64
pcre-devel >= 5.0 is needed by httpd-2.2.17-1.x86_64
/usr/bin/apr-1-config is needed by httpd-2.2.17-1.x86_64
/usr/bin/apu-1-config is needed by httpd-2.2.17-1.x86_64

When you weren’t looking, I added rpmbuilder to the sudoers file. If you didn’t do that, switch back to root and install the missing packages, but as for me, I sudo-install them as my rpmbuilder

$ sudo /usr/bin/yum install apr-devel apr-util-devel openldap-devel db4-devel expat-devel pcre-devel

And try, try, again:

$ rpmbuild -tb httpd-2.2.17.tar.gz

(Lots of text scrolls past, ending with:

configure: error: distcache support failed: can't include distcache headers
error: Bad exit status from /var/tmp/rpm-tmp.71094 (%build)

RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.1844 (%build)

Install distcache, then try again.
$ sudo yum install distcache distcache-devel
$ rpmbuild -tb httpd-2.2.17.tar.gz

It builds and builds and builds… it’s working! And you are rewarded with this output:

Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.55847
+ umask 022
+ cd /home/rpmbuilder/rpmbuild/BUILD
+ cd httpd-2.2.17
+ rm -rf /var/tmp/httpd-2.2.17-1-root
+ exit 0

Look in the RPMs/arch/ dir for the product of your (or my) hard work:

$ ls rpmbuild/RPMS/x86_64/
httpd-2.2.17-1.x86_64.rpm httpd-devel-2.2.17-1.x86_64.rpm mod_ssl-2.2.17-1.x86_64.rpm
httpd-debuginfo-2.2.17-1.x86_64.rpm httpd-manual-2.2.17-1.x86_64.rpm

Copy httpd-2.2.17-1.x86_64.rpm to a test/dev/QA machine, install it, test your websites, and then repeat in production.

Welcome to 2.2.17!

Great news – I have one client who’s been waiting for this functionality before making The Switch.

Google Apps administrators can now create policies specifying who their users can communicate with over email, and administrators can tailor these policies for different groups of users.

For example, school faculty and staff can have unrestricted email access while students have the freedom to send and receive emails within the school community but are protected from unwanted email interactions with outsiders.

via Google Apps update alerts: New email delivery controls for Google Apps Administrators.

Google has revealed Android 2.3, codenamed Gingerbread, a new version of its popular mobile platform. It introduces a handful of modest user interface enhancements—such as a more refined touchscreen keyboard—and brings some noteworthy performance improvements that are largely intended to boost Android gaming.

Alongside the release of Android 2.3, Google has also announced plans to launch the Nexus S, a new smartphone that was developed in collaboration with Samsung. Much like Google’s Nexus One, the new phone in the Nexus series will be available unlocked with a pure Google experience. The unlocked version will be sold at Best Buy for $529 without subsidy, and T-Mobile will be selling it on contract for $199.

The aptly named Nexus S looks like the love child of the Nexus One and the Samsung Galaxy S. The touchscreen-only device has a four-inch curved “contour” Super AMOLED display, 1Ghz Hummingbird processor, 1GB of internal storage, and a 1500 mAH battery rated for 6.7 hours of talk time. The handset showcases some of the new hardware features of Android 2.3, such as support for near-field communication (NFC), which can be used for close-range contactless data exchange.

via Google serves hot Gingerbread, unveils Android 2.3 and Nexus S.

It could very well be worth making sure you’re IPv6 compatible… just in case The Switch happens sooner than later.

Yesterday, the Internet Assigned Numbers Authority (IANA, part of ICANN), allocated two blocks of 16.8 million IPv4 addresses to the RIPE NCC and another two blocks to ARIN. The RIPE NCC and ARIN are the Regional Internet Registries that give out IP addresses in greater Europe and North America, respectively. This brings the global pool of still available “/8″ address blocks that IANA maintains from 11 down to 7.

via Global pool of IPv4 addresses set to run dry in weeks.

Something for the next patch cycle:

VMware Inc. has released a security advisory, warning users of its ESX 4.1 software that a vulnerability in the hypervisor could allow a local user to gain local privileges.

The company issued a patch, Monday, fixing a stack pointer underflow problem that could fail to block a local user from gaining additional privileges without proper controls.

via VMware fixes ESX 4.1 hypervisor flaw.

In all editions of Google Apps:

Domains whose admins have enabled the ‘enable pre-release features’ checkbox in the Control Panel

The following new features are now available in Google Calendar for these domains:

Optional attendees: When adding invitees to an event, you now have the ability to communicate the importance of a meeting for each attendee.

via Google Apps update alerts: Optional attendees now in Google Calendar.

Iijitsch van Beijnum presents Understanding the Internet’s insecure routing infrastructure.  It’s a good overview.

via Understanding the Internet’s insecure routing infrastructure.

This is quite a hole in a Cisco product.

The vulnerabilities were first reported to Cisco by Florent Daigniere, a researcher with Matta Ld, a penetration testing company based in Richmond, Surrey. He found seven distinct vulnerabilities in the Cisco products, including hard-coded usernames, weak session IDs and weak obfuscation of credentials.

In a posting at the Full Disclosure Mailing list, Daigniere said the Cisco vulnerabilities would allow an attacker to “get full control of the device and harvest user passwords with little to no effort.” The attacker could also launch an attack against other parts of the target infrastructure.

via Multiple Linux vulnerabilities found in Cisco videoconferencing systems.