LiveJournal Blackout Analysis Online 333
Hakubi_Washu writes "LiveJournal has posted their official analysis of what happened last Friday.
Apparently someone "accidentally" pushed the emergency power off (which should keep all power off, even UPS), reset it and ran off. They had problems to come back up fast, because of "9 machines with faulty motherboards with embedded NICs that don't do auto-negotiation properly", Machines not fully rebooting for analysis reasons and few others. "
Lesser OS... (Score:5, Funny)
They should be using OpenBSD. It can run right through power failures [grub.net]
Re:Lesser OS... (Score:2, Informative)
Re:Lesser OS... (Score:2, Insightful)
By your logic, I can claim that my computer is down due to a power failure.
Perhaps you would complain: But power was getting to the computer.
So what about the situation where I accident
The less we've learned... (Score:5, Funny)
Re:The less we've learned... (Score:2)
Re:The less we've learned... (Score:2)
Re:The less we've learned... (Score:3, Funny)
Chris Mattern
Big red buttons (Score:2)
Re:The less we've learned... (Score:3, Funny)
Re:The less we've learned... (Score:2)
The red button will eternally be linked in my brain to the one in the pool of ManiacMansion that reads "Do not push" and wich everyone i know pushed anyways.
Photo of the button (Score:2, Insightful)
Apparently this photo [kekkai.org] is an example of the button that was "accidently" pressed.
I'd love to hear the explanation for this "accident".
faulty mobo's (Score:5, Interesting)
Re:faulty mobo's (Score:2)
Not millions of paying accounts. (Score:5, Informative)
This is a paste from the Livejournal stats:
* Free Account: 5713743 (98.3%)
* Early Adopter: 14220 (0.2%)
* Paid Account: 94857 (1.6%)
* Permanent Account: 1632 (0.0%)
Re:faulty mobo's (Score:2)
Re:faulty mobo's (Score:2)
In reality, the only places where auto-negotiation is important are mobile devices (laptops) which may connect to a variety of network connection types or for the home user "plug-and-play" market. Ma
Re:faulty mobo's (Score:2)
>with embedded NIC
so basically, they're using shite hardware because they're too cheap. bet they've noticed by now that it costs less to use good hardware than to try to fix it later when something goes wrong
503 pages (Score:2)
I havent seen them that much lately, but then i havent been online that much either...
Re:503 pages (Score:2)
You get 503 sites? I only reach one at slashdot.org
Then again, you're a subscriber. Who knows what goodies you lucky few get here...
Oppsie (Score:5, Funny)
"Oppsie, I hope that button wasn't anything important."
Re:Oppsie (Score:2)
Re:Oppsie (Score:2)
History Eraser Button (Score:5, Funny)
Ah, the famous History Eraser Button rears its ugly head. I think that everyone who has worked in a large datacenter or lab environment with one of these has a story to tell...
Re:History Eraser Button (Score:5, Interesting)
I'll never forget my visit to the State Farm DSO in Detroit, MI. I'd just physically installed the new machine, at the bottom of a rack, and stood up.
Stood up putting my shoulder right into the unprotected "History Eraser Button" on the wall. The screams of the employees working int he datacenter could be heard all the way back home in Chicago, I've no doubt.
Then it turns out the fuses which will reset the systems in the datacenter are in a locked cabinet.
Then it turns out no one on site has a key.
Fortunately, I found that the cabinet will pop open if you kick it hard enough. Hey, I was panicking, okay?
And get this. After it was all over and I realized I probably wouldn't get killed by anyone... they told me "It's okay, this happens all the time. The guy installing the A/C unit last week did it too."
Maybe they should have put a cover over the damn button then. Morons.
Re:History Eraser Button (Score:2, Funny)
Hey! I worked that project too... it was fun, but mindnumbing. They actualy sent me to New Orleans for an install on fat tuesday.
Mardi Gras on an expense account
Re:History Eraser Button (Score:3, Funny)
You of all people should realize that putting someone's head on a pole in front of a data centre is dangerous. For one, it tends to become a disease vector, as for some mysterious reason everyone feels the need to touch it. Rats are usually attracted to the smell, and you know how rats wreak havock on eth
You mean "The Big Red Button" (Score:2)
Blame (Score:2)
Most of the time it is Stimpy's fault. The rest of the time it is Fry's fault. I think there may be a connection...
Perhaps they should answer (Score:2)
Fascinating read (Score:5, Insightful)
Congrats to the LJ folks for getting things working, taking the time to do it right, and giving an admin's-eye-view into what actually happened.
Re:Fascinating read (Score:2)
So Slashdot - what are all the 500 errors about then?
Missing opportunities (Score:4, Funny)
They had to power back on when they realized deadjournal.com [deadjournal.com] was already taken...
LJDotting: LJ user base vs Slashdot user base. (Score:5, Funny)
LJ's active user base is easily 10x that of Slashdot's. We'd have to come up with a new term for the internet event that pales any slashdotting that ever came before.
Auto-negotiation (Score:4, Informative)
Re:Auto-negotiation (Score:2)
It's a convenience that isn't always needed.
Re:Auto-negotiation (Score:5, Insightful)
Sounds like a classic Cisco problem. I don't know what switches LJ were plugged into, but for years most Cisco switches would autonegotiate 100/half-duplex if the NIC was locked to 100/full; conversely, sometimes, NICs would autonegotiate 100/half if the Cisco was locked to 100/full.
They're cheeky enough to document this [cisco.com] now. It's a feature, not a bug! Honest!
Re:Auto-negotiation (Score:2, Funny)
I don't buy Cisco anymore for this very reason, it's not just their switches, it's on everything they make that has a NIC.
I deployed some CSS's, right after Cisco bought ArrowPoint, and they did auto correctly. Another client deployed some a couple of months ago, and auto was broken. Cisco is the Borg!
You, sir, are an idiot. (Score:5, Informative)
No, really. Go read up on it...
Okay, since you don't bother reading up on it, and since you claim that someone's cheeky because they *document* what happens when you misconfigure a connection, I must conclude that you, sir, are indeed an idiot.
(To summarize for those of you who won't bother to look it up, a NIC can sense the carrier for 100, so it can differentiate 10/100. Full and half are actively negotiated by the two sides of the connection. If side 'A' is hard set to 100/full, it won't negotiate with the other side. Hearing no negotiation, side 'B' will assume the NIC doesn't support full duplex connections and failover to half duplex. This is the proper, standardized, documented behavior. Anything else would require the psychic interface spec that *still* hasn't been finalized.)
...and ran off? (Score:5, Funny)
Ran off skipping and giggling, like a 13 year old who just put toothpaste on the toilet seat?
Or do you really mean, slunk off, like my dog does when I walk in and find her curled up on top of the remains of the remotes for the TV, TiVo, DVD player and stereo?
My dog likes remote controls more than snausages.
OT: Anyone know where (brick and mortar) to get a replacement (original) TiVo remote?
13 yo? :P (Score:3, Funny)
By any chance, was his name "Zero Cool"?
Re:...and ran off? (Score:2)
http://www.weaknees.com/tivo_remotes.php
Credit (Score:5, Informative)
A great article (Score:2)
They at least admit their own systems weren't perfect... and clearly explained each fault they observed.
Good info.
Ahhhh silence is GOOOOLDEN (Score:4, Funny)
Re:Ahhhh silence is GOOOOLDEN (Score:2)
Re:Ahhhh silence is GOOOOLDEN (Score:4, Funny)
machine failure (Score:4, Insightful)
I was a sysadmin at a Fortune 100 company with thousands of servers. Every Saturday evening, we rebooted all of our servers. We almost always had several machines which would not come back up for one reason or another - so we dealt with it then, on Sunday morning, instead of during the week when a reboot of a critical machine that did not work would be much worse. Scheduled reboots are a part of good systems administration. If once a week is too often, then once every two weeks, or once a month. With this much failure, I'm almost certain they never did scheduled reboots. They had two failures - their power failed, and then their lack of planning allowed for so much to go wrong a result of that.
Re:machine failure (Score:5, Insightful)
Many customers - and internal staff - really, really got scared at that point. The thing is, if you don't trust your backups, what good are they? Its amazing what things got taken care of and found during double-checks the week before the backup/restoration test.
Oh, and we always went with scheduled reboots as well, for very much the same reason as you mentioned. An hour a month of scheduled downtime is almost always available - usually we booted every week and had an optional downtime window on a monthly basis. And if your (talking to readers here, not parent) organization can't afford to be without a single machine for a 2-3 hour block once a month, WTF is your plan to handle a hardware failure? Prayer?
Re:machine failure (Score:3, Insightful)
Yeah, we had servers like that once, too. Ba-da-bing! Thanks, I'll be here all week.
On a serious note, am I the only one here who thinks a world in which no one questions a policy like that is insane? We've had critical, and I mean critical, servers that have uptimes measured in years. But then again they run NetWare, or OS/400, or MVS, or.... ABW.
Scheduled reboots are a part of good systems administration
Yeah, scheduled, as part of a disaster re
Re:machine failure (Score:2)
He's talking about Windows, where regular reboots are a good thing when they are planned, so you don't have regular reboots when they are NOT planned!
Re:machine failure (Score:2)
Why should it have to? If it's a critical server, your infrastructure should be such that it never power cycles. Our computer room has "power cycled" once since the facility was built in 1984. And that incident led to spending $65k in consulting engineering services alone, to determine why it happened and develop a plan to prevent it happening again. I'm not even sure what the expenditure in hardware or electrical contracting related to that was. I gu
Re:machine failure (Score:3, Insightful)
LOL! Kindof like when... (Score:5, Funny)
And I was like OMG I shut off the internets and stuff!!1!!
And i called the AOL helpdesk and they helped turn it back on.
Re:LOL! Kindof like when... (Score:2)
And here (Score:2)
Re:And here (Score:3, Interesting)
Also, (Score:2)
This also raised the all-important "Why do we even have that button?" question.
Re:Also, (Score:3, Informative)
Re:Also, (Score:2)
Those buttons are generally maintenance devices; it's usually less of a button and more of a keyswitch though. So the guy comes in to service something, he needs to know that no power is anywhere in there, so he removes the key and keeps it in his pocket. Now he knows he's safe.
Re:Also, (Score:2)
Re:Also, (Score:2)
Please, do not be alarmed or reply with an explanation. This is a joke. I am joking. You have been joked with.
Sigh...
No, it did not (Score:2)
Also.. ""EPO, by the way, stands for Emergency Power Off and it's a national fire/electrical requirement for firefighters to be able to press these big red buttons near all exits that turn off all power in the entire data center."
Button of Doom (Score:2)
Wait a second! (Score:2)
"EPO, by the way, stands for Emergency Power Off and it's a national fire/electrical requirement for firefighters to be able to press these big red buttons near all exits that turn off all power in the entire data center."
"...all our DBs have redundant power supplies. we'll be plugging one side into Internap's, and the other side into our own UPS, which itself is plugged into Internap's other power grid. that way if EPO is pressed, we'll have 1-4 minutes to do a clean shutdown. (but if we do the rest of
Re:Wait a second! (Score:3, Informative)
"If it's stupid and it works, it's not stupid."
Re:Wait a second! (Score:3, Interesting)
It's not so much that the firefighters spraying water are worried about getting electrocuted via current conducting through the water itself... it's more about worrying bout stumbling i
Re:Wait a second! (Score:2)
Sorry, but you confused me.
It seemed as though they were talking in the article about putting a separate, independent UPS system in place for their machines, that are independent of the EPO system. It sounds to me like that would keep their machines on for four minutes even after one or both of the facilities EPO systems have been triggered creating an electrocution danger.
Are you suggesting that their UPS would have a separate EPO just for it? I don't think that's the case, because they specifically men
The reason why some NICs don't auto-neg (Score:3, Informative)
Re:The reason why some NICs don't auto-neg (Score:3, Informative)
OOB console access is the answer. (Score:3, Insightful)
Why they don't seem to grasp this is beyond me . . . anyone running a public-facing, high-volume service should have OOB access to all servers, routers, switches, firewalls, etc. . . . it's just common sense.
HAH! (Score:2)
Looks like my "Newbie Operator" found hisself a new job.
2 accounts of the powerloss (Score:5, Funny)
No! (Score:3, Insightful)
Who in their right mind goes with the on-board NIC in a server environment?
Re:No! (Score:3, Interesting)
Are you kidding?
How about everyone? Regardless of PC, Sun, Alpha or whatever hardware.
Re:No! (Score:2)
Re:No! (Score:2, Informative)
Nothing wrong with onboard NICs in "real" servers. (Score:2, Informative)
No UPSes before? (Score:2)
Re:No UPSes before? (Score:3, Informative)
Unfortunately, this would defeat the purpose of the "Big Red Button", which
Accidents happen (Score:3, Interesting)
About a month later, one of the managers was giving a prospective new-hire a tour. He got to the software lab, and started blathering about "don't ever push the red switch" as he put his finger on the switch
So some einstein decided that the Big Red Switch was "dangerous" and put a plexi cover over it - the same kind that goes over the thermostat control, and the same kind that has a key lock. Yep, about six months later we had a gen-you-ine emergency. One of the HP 9000/300 monitors went crispy, and was snorting smoke and sparks. One of the software folks went to hit the Big Red Button, but was somewhat nonplussed to find a locking cover over it. She took the co-located fire bottle, sheared the cover off, pressed the button, then got to use said fire bottle on the monitor.
So the cover gets replaced again, though this time with a non-locking cover. At some point, the software server stack needed to be relocated into the corner with the Big Red Button. Another einstein discovered that it was inconvenient to slink behind the equipment rack - the cover kept bashing him in the neck or shoulder. So he removed it, thinking that accidental presses wouldn't happen because the button was obstructed by the server stack. (yep, inaccessible = useless.) Some time later, the equipment was being jockeyed for an upgrade, and one of the big SCSI cables snagged the Big Red Button and *click*
All these shenanigans happened in the space of one year, and I got tired of the thrash. I measured the space between the back of the switch and the faceplate - just over 3/4 inch. I cut a horseshoe shape out of 3/4 plywood, and hung it on the switch shaft. In and emergency, it's really easy (and obvious) to remove it. Gravity keeps it there otherwise. No problems since
LJ IS TEH LITTLE GIRL HOLE! (Score:2)
happened to us (Score:2)
Needless to say, we now have a cover over our Button. Funny thing is, the electrician who installed the original button is also the guy who leaned his ladder against it.
Re:happened to us (Score:2)
This is what happens... (Score:2)
Cabling? (Score:2)
I most often see autoneg problems with faulty cabling (split pairs from crimps). 98% of newbies cannot get it right, and they aren't to blame because the standards are counter-intuitive unless you've worked for Ma Bell for 40+ years. I beware of all field crimps.
OTOH, I saw one example of a Crisco Crapalyst router not wanting to play with some devices. Of course they blamed the device, bu
The result. (Score:2)
(b) Engineers that spent their weekends getting the system back up: off to India with your jobs!
Make the Luser pay (Score:2)
And what the hell was a visitor doing playing with the Big Red Button anyways?
Big Red Button (Score:2)
It happens (Score:2)
The Facilities manager had some guys in to install shelving to store toner, cables, etc.
Our datacenter is divided into two sections, inner and outer. All CPUs, UPSs, HVAC, etc are in the inner room. The outer room is shelving, desks, CCTV (security), etc.
The EPOs are near every door, as they should be, including the outer doors. Some guy, while installing the shelves, decided to take a little break and lean against the wall, leaning on the EPO in the proce
Re:Where was the switch? (Score:2, Informative)
They usually are in a server room. They're for emergencies. Ours have red cages around them and a BIG RED SIGN, you have to basically punch them.
Re:Where was the switch? (Score:2)
Generally the buttons themselves are behind plexiglass lids that easily flop up or behind breakable glass.
Re:Where was the switch? (Score:2)
These switches are generally big round buttons about 2" in diameter, and almost always made out of bright red plastic. On top of that, the button take some force to depress and many facilities place a hinged, clear plexiglass box over them to prevent accidental use. It is pretty hard to mistake one for a normal light switch.
Re:Where was the switch? (Score:2)
Re:I want to name this file..... (Score:2, Funny)
Re:I want to name this file..... (Score:2)
Re:How do you do that by *accident*???? (Score:2, Funny)
Re:How do you do that by *accident*???? (Score:2, Funny)
I'm trying to figure out how depressing a button reverses a press. (Since the button is depressed by pressing it.) Unpressed it?
They're attention whoring (Score:2)
Total kissasses. I wonder how many of them are paid members vs free accounts.
Remember, the overwhelming majority of Livejournal users are *NOT* paying customers...
Account Types
What type of account do people have?
* Free Account: 5713743 (98.3%)
* Early Adopter: 14220 (0.2%)
* Paid Account: 94857 (1.6%)
* Permanent Account: 1632 (0.0%)
Re:Don't forget... (Score:2)
Re:Its a Small World... (Score:3, Funny)
I was unaware that SCSI drives had the ability to run without power - thanks for the info!