Computers « TIENHUIS Networking

Archive for the ‘Computers’ Category

Custom Ubuntu software repository

Tuesday, December 4th, 2007

Sometimes I need to recompile software packages on Ubuntu, for instance because of a special feature. I use the resulting packages on a number of servers, but manually using dpkg to install muickly becomes a pain if the number of machines becomes significant. Therefore I have created a custom software repository that can be used with apt-get. Add the following line to your /etc/apt/sources.list:

deb http://www.tienhuis.nl/ubuntu feisty main restricted universe multiverse

Run apt-get update, and you’re ready to install the packages. The repository is not entirely finished, but I plan to have binary packages for dapper, edgy, feisty, and gutsy, on i386 and powerpc. The version numbers have been bumped up so they will overwrite the original packages, so be carefull.

openssh-server with the sftplogging/sftpfilecontrol patch.
netatalk with support for encrypted logins (some background)
xmms with support for seeking in HTTP streams

During installation you will get this warning:

WARNING: The following packages cannot be authenticated!
  netatalk
Install these packages without verification [y/N]

This is because the packages are not signed. Even if I did you would get this warning because a default Ubuntu system does not have my keys. So just choose y to install.

As mentioned before, use these packages at your own risk.

Posted in Computers, Ubuntu | 1 Comment »

Music with Ubuntu

Friday, October 26th, 2007

Play it on remote HiFi speakers

After several Linux trials and errors over the last couple of years, I finally switched to Ubuntu Gutsy as my main OS on my laptop. The user experience of current Linux distro’s is good enough, and Linux does not (yet) suffer from the massive amount of malware and virusses for the Windows operation system. Another welcome issue is that I can now do all my perl/python/ruby programming work for school on my home machine, without any fuss. Also very nice is the ability to encrypt your partitions, so if your laptops gets stolen or lost (as they do), your data is reasonably safe.

What was a big problem, was playing music with my shiny new Ubuntu laptop. In my situation I have a nice stereo set with good speakers. Sitting next to that is my home server, running Ubuntu. I deliberately picked a very small server that does not make noise or suck up much power: the Lex Light. This is a completely silent (no moving parts) booksize PC with everything onboard:

533MHz VIA Centaur CPU
256Mb RAM
10/100 Mbit ethernet
1Gb Compact Flash (/dev/hdd)
audio
VGA
2 x USB

I have done some tests with a power meter and it uses about 10 Watts The audio output jack is connected to my amplifier, the ethernet is hooked up to my home network.

My laptop running Windows XP had WinAmp installed, with an obscure Russian plugin that sends the raw audio frames to a small daemon on my home server. This way I was able to play music on my big amplified speakers. The whole setup was quite buggy so the daemon would crash sometimes, an most of the time minimizing the Winamp window would make if disappear from explorer. Only running the Winamp binary again would make it show up

After installing Ubuntu-7.10 a few weeks ago, I really missed this great way of playing music, so I went on to find a Linux alternative for my remote sound system. It turned out to be quite easy I installed Esound (or ESD, the The Enlightened Sound Daemon). ESD can be configured to run in deamon mode and accept connections via TCP/IP. On my Ubuntu laptop I installed XMMS and the XMMS-ESD plugin, configured the right IP address and hey, Presto remote sound system

Seeking in HTTP streams with XMMS

There was one other annoyance though. All my MP3 music sits on a server that streams via HTTP. In Windows XP, I was a big fan of Winamp, which had great support for seeking (skipping inside a song) in these HTTP streams. However, it seems that XMMS (both the upstream source and the Ubuntu package) does not have support for this. Not very nice if you listen to 2-hour mixes As you can see in the original bugreport for this issue, this was recognized back in 2001. It is still not solved, but somebody did write a patch to implement it 2004. Luckily this patch applied cleanly to the Ubuntu sources, and after installing it XMMS now does have a slider to seek in the stream (it is not a good as Winamp’s seek support however, if you skip to position near the end you sometimes get a nice 416 Requested Range Not Satisfiable error. I think this is because the patch only does some basic assumption on ranges, which is not accurate with VBR streams).

You can download this recompiled Ubuntu XMMS package from my Ubuntu software repository.

Posted in Ubuntu | 1 Comment »

Multiple full VM backups using VCB, rsync, OpenSSH and VSS

Friday, August 31st, 2007

The problem

Our shiny new VI3 setup works really well, but the backup chapter still needs work. I P2V-ed all our Linux boxes to VM’s, so the existing rsnapshot file level backups still run. So far so good.
But, in addition to file level backups, I also want full VM backups, each day, both on-site and off-site. As a matter of fact, I also want some sort of versioning system, to have multiple, full VM, off-site backups. I don’t want to install some mega expensive disk array that contains X times the ~900 Gb of space all my raw VM’s suck up.
What I want is a very simple, efficient and elegant setup, without all kinds of fancy stuff and graphical bells and whistles. I’m running UNIX systems for a living so I’m not afraid of console utilities.

After doing some research I was unable to find any existing solutions, and the ones that come close are commercial and expensive, or require too much complicated crap to be installed.

The solution

Our VMware license includes a license for VMware Consolidated Backup (VCB). Being a great company, VMware has plugins and manuals for all the major ~~closed source, expensive, buggy black boxes~~ enterprise backup suites, but documentation about their command line tools is pretty lame and comes down to one louzy console screen of help text.
Luckily, it seems that in order to make full VM backups you actually need just one command (vcbMounter.exe).

Since the open source program rsync has served me really well in the past, I decided to use it again for our VMware backups.
My setup uses two machines (Windows 2003 Server, as VCB runs only on Windows), one machine hooked up to our SAN, running the VCB software, and one off-site machine housing the archive. Both machines are modest 1U Supermicro boxes, with 4 x 1 Tb SATA in RAID5, on Areca controllers. They are connected via our dedicated WAN link at 100Mb/s.

It basically comes down to:

Full VM backups are created locally with VCB; old backups are first deleted (because VCB refuses to overwrite old backups)
The new backups are transferred to the remote site efficiently and securely using rsync and OpenSSH
The off-site server uses Volume Shadow Copy to create a history of full VM backups

Steps 1 and 2 are done using this batchfile (rename to .bat/cmd).
By using the ––inplace option, we actually update the old backup files on the remote server. This is an important details, because without it the file would be deleted and recreated, thereby killing the efficiency of the VSS part later.
The rsync algorithm will cause only the diffs to go over the line. The backup of all our VM’s together here is about 500 Gb (VCB strips out redundant unused space, saving about 400 Gb already at this stage.
The link to our remote site is 100 Mbit/s, so in the theoretic, most optimistic approach this can transport 36 Gb/hour, which would make the synchronization take at least 13-14 hours. In practice it will be even longer, and thus impratical to use.
Using rsync, only the diffs are sent over the line.
Our situation, with 10 VM’s running website, e-mail, database, fileservers, applications etc, the first results show that the daily diffs are somewhere between 20 and 30 Gb. This would theoretically take less than a hour to transport.
The practical situation is alot different. Although the actual amount of data is reasonably small, running rsync with its sliding checksums on half a terabyte of binary chunks takes also hours.
My real-world example show that the VCB backups themselves take about 1.5 hours to execute, yielding a directory with ~500 Gb of backups. This then gets rsync-ed to the remote site, which takes 5-8 hours (a seen during the last week). This is a workable solution for a daily schedule.

The partition that houses the data on the remote server has Volume Shadow Copy enabled, and creates Shadow Copies daily at the appropriate time (30 minutes before the other site initiates the rsync step).
The following picture shows that we now have 5 full copies available of our 500 Gb directory, but instead of an extra 5 x 500 Gb = 2.5 Tb, it merely takes up an extra 120 Gb:
shadow copies dailog box on w2k3

At this stage we’ve got:

Daily full backups of our VM’s on-site
Multiple full backups of our VM’s off-site

Caveats

To prepare everything, I need a full copy of the 500 Gb tree on both machines. Initially I planned on using rsync and OpenSSH, but it turned out that the OpenSSH daemon on Windows is very slow. With my systems (dual Xeon 3 GHz etc) connected via gigabit, the throughput maxed out at about 6-7 Mb/sec (Linux to Linux: > 30 Mb/sec).
Instead of using rsync/OpenSSH, I simply mounted the disk with CIFS and copied over the whole tree.
Subsequent tranfers are already limited to about 12 Mb/sec because of our uplink speed, but that is not a poblem in the real world scenario.
I have used the cwRsync package to install rsync and OpenSSH on Windows. OpenSSH with public key authentication between two Windows systems is possible and runs perfectly fine, but setting things up can be a bit hairy, especially if you’re used to UNIX systems…
To secure things, you should restrict access to the OpenSSH daemon; I have used the buildin Windows Firewall to accomplish this, and it works fine.
This article describes only half of the story. The other half is called restore. The Vcb utility to restore VM’s that comes with VCB (vcbRestore.exe) is pretty buggy and inflexible. It is hard to restore VM’s to a different place or with a different name. As some people have found out, it is possible to use VMware Converter to ~~convert~~ restore VCB backups to a different system (VMware ESX, server, Workstation, etc), but even despite VMware now claiming Converter can do it, this step still requires manual fiddling with vmx and vmdk files.
I have recently updated VMware Converter to 3.0.2u1 build 62456, and now everything works like a charm
It is installed on the same machine as VCB, so Converter has direct access to the backups. The restoration process is very straighforward and easy to understand. The software allows you to change the disksize of the restore VM, the datastore where the VM will be put, and the name. This name is then reflected at low-level, so not only the ‘friendly name’, but also the VMDK files have this new name. I have restored several machines and it worked without glitch. The only downside is that the restoration process takes places over the network, which is a bit slower than the backup process, which is done over fibre channel. But with gigabit ethernet restoring a small VM of 4Gb only took a few minutes.
This way of restoring also allows you to restore a VM onto a totally different system. This might come in handy for Disaster Recovery, where you might be forced to revive a VM onto VMware server or even on VMware Workstation.

Posted in Computers, VMware | 3 Comments »

Google Mini rack rails

Friday, August 3rd, 2007

Google Mini v.2 Recently we decided to ditch the Mnogosearch search-engine and go for a Google Mini.

We haven’t configured it so I have no idea if or how it works. What I do know, is that you don’t get any rails to put it into a 19 inch rack. Since Google does not sell separate rails, you’re left with sticking it in the rack by its ears (example here). Since the box is small and light (hence the term “mini”) you could pull this off, but I found this rather unprofessional and crappy. I wanted to have rails, also because all the other servers have them too

I went to my local hardware shop (Magna Computers) and tried several sets of rails. None of them would fit without modification, but eventually I found one that needed only 1 extra hole in each rail. These rails ship with 19 inch Chenbro server cases, and have product-id 84-210710-024.

Google mini mounted in rack rails

The rails are 26 inch deep, and fit very nicely into our Dell rack.

Posted in Computers | 3 Comments »

mount: special device /var/run does not exist

Tuesday, July 24th, 2007

While P2V-ing an Ubuntu 6.06 server with my warm-cloning P2V method, I ran into a strange problem when booting:

The exact text of the error is:


mount: special device /var/run does not exist
mount: special device /var/lock does not exist
mount: wrong fs type, bad option, bad superblock on /dev/shm/var.run,
       missing codepage or other error
       In some cases useful info is found in syslog - try
       dmesg | tail or so

mount: wrong fs type, bad option, bad superblock on /dev/shm/var.lock,
       missing codepage or other error
       In some cases useful info is found in syslog - try
       dmesg | tail or so

Everything seems to work, untill I found out that the extra IP addresses on secondary network interfaces were not able to carry any network traffic…
I had to cancel the virtualization and revert to the physical machine again.
The system in question has a separate /var partition (see booting picture, /dev/sda6 in my case).
I first mount the root filesystem, which holds on empty “var” directory, and then mount /dev/sda6 on that “var” directory. I had created empty “run” and “lock” directories in there to be able to mount /var/run and /var/lock. Wrong!

Turns out that the root filesystem needs to contain /var/run and /var/lock, even though the system has a separate /var partition.

:bonk: :bonk: :bonk:

Thanks to Chris Siebenmann for pointing this out on his wiki.

The solution thus is to boot from Ubuntu Live CD, mount ONLY the root filesystem, and create the /var/run and /var/lock directories.
They are only needed for mounting the tempfs partitions, and will be hidden by the real /var partition, which is mounted over it once the system has finished booting.

Posted in VMware | 6 Comments »

Manual P2V of Debian Sarge

Friday, July 20th, 2007

Now that we at TERENA have a new and shiny setup of VMware VI3, I had to migrate several of our Debian 3.1 Sarge servers. Some of them had custom kernels, because of specific hardware.

This virtualisation process (P2V, or Physical to Virtual) is properly supported for the Windows platform using the VMware Converter software. This works very nice, and supports hot cloning. However when your Physical Machine (PM) is running Linux, hot cloning is not possible. The way to go is to use the VMWare Converter Boot CD. This requires rebooting the PM with a bootable CDROM, and from the PE-boot environment on that CDROM the dead corps is cloned to a VM.

The downside is of course that the machine has to be brought down for a substantial amount of time. Also, if your PM uses specific I/O controllers and/or network cards, the boot CDROM will need to be customized to hold the right drivers. This has to be tested too, so it might even take several times of downtime.

By doing things manually, you can avoid almost all of the downtime. I P2V-ed 3 systems, all over 100Gb, each with less than 20 minutes downtime.

Also, because you ‘warm’ clone a live system, you don’t need to worry about disk and network drivers. Another benefit compared to cold cloning is that you can test things first on a dummy VM without any downtime at all.
This article documents all the steps needed. It assumes your old PM is running Debian Sarge with one of the 2.6.8 kernels, uses GRUB as bootloader, has rsync installed, and can be reached by the root user via SSH.

The procedure basically comes down to cloning a live system to a dead VM, stopping all services, do a final syncronisation, and revive the dead VM.

Step-by-step guide:

Create a VM with at least as much diskspace as the PM.
Configure the VM to boot an ISO image of Ubuntu 6.06 LTS Desktop Edition
Open up a shell, su to root, and partition the disk. If you stick to exactly the same partition scheme, you don’t have to change the fstab file. You can change the size without any problem too. If you decide to change the partition scheme, be sure to not split directories that contain hard links. For example, if your PM has just one big /-partition, and you decide that the new VM will have separate / and /usr partitions, this will not work because hard links cannot be created across partitions.
Once all partitions are created, make filesystems on them (don’t forget swap), and mount them in the correct order under a temporary directory, let’s say /root/oldbox . Create root’s dir /root/oldbox/root and in there create a file /root/oldbox/root/excluded that contains:
/proc/* /sys/* /dev/* /mnt/* /tmp/* /root/excluded
If you changed the partition scheme, you should put /etc/fstab here too, and manually put the correct one in place.
cd into /root/oldbox/root and rsync everything from the PM into it:
rsync -avH --numeric-ids --delete \ --exclude-from=root/excluded IP_of_PM:/ .
This will take a while, depending on the amount of data your PM has.
Once everything is copied over, the time has come to shutdown all data-writing services on your PM (mail, databases, etc). Ideally only the SSH daemon should run. This means that most of your services will be offline from here. The good thing is that this period can be really small.
Once you made sure that nothing runs except SSH on your PM, rerun the rsync command. This time it will be quick, as only the diffs will need to be transferred. This usually involves open files from databases, logfiles, etc.
Now create the initial device nodes needed for the kernel:
cd /root/oldbox mknod -m 660 /root/oldbox/dev/console c 5 1 mknod -m 660 /root/oldbox/dev/null c 1 3
mount the proc and dev filesystem and chroot into the /root/oldbox dir:
mount -t proc none /root/oldbox/proc mount -o bind /dev /root/oldbox/dev chroot /root/oldbox
If we now would reboot, the old initrd image would not recognize the proper modules to (unless your PM accidentally had a LSI controller). We need to add the drivers. To do this, add this to the file /etc/mkinitrd/modules (assuming your PM runs one of the 2.6.8 debian kernels):
mptscsih mptbase
And regenerate the initrd image (depending on your specific kernel version):
mkinitrd -o /boot/initrd.img-2.6.8-4-686-smp 2.6.8-4-686-smp
(Since my PM had an older, custom kernel (2.6.8-3-686-smp), I installed a newer one, plus udevd. During installation a new initrd image is generated automatically:
apt-get install udev kernel-image-2.6.8-4-686-smp)
Now we need to regenerate the bootblock. Run the grub command to enter the grub shell and see where it finds the stage1 file:
find /boot/grub/stage1

It should come up with something like (hd0,1). Use this as argument for the next command:root (hd0,1)
Then use the hd part only for the next command:
setup (hd0)
Then issue quit to leave the grub shell.

By now your system is ready to boot. Leave the chroot environment (exit), unmount the dev and proc filesystem, then unmount all filesystems under /root/oldbox, issue sync, and then halt.
To avoid network clash, unplug the network cable of the PM, or shut it down.
Now you can power on your VM, it should boot a virtualized copy of your Debian system

TODO – Some things to do afterwards (vmtools, etc)

Posted in VMware | 9 Comments »

Configuring a static IPv6 address in Windows 2003 with netsh

Thursday, July 19th, 2007

For each network interface, Windows 2003 Server offers a GUI to configure IPv4 parameters (Internet Protocol (TCP/IP)).

After installing IPv6 there is a new item Microsoft TCP/IP Version 6. When selecting that, the “Properties” box becomes grey-out.

This means that there is no GUI to configure IPv6 parameters. You will have to use the netsh command.

This is quite simple, but it takes some effort to find out the right combination of switches to make it happen.

As an example my employer’s WindowsMedia streaming server. This box has native IPv6 connectivity.

I set the address and gateway as follows:

netsh interface ipv6 set privacy disabled
netsh interface ipv6 add address interface="Local Area Connection" \
    address=2001:610:148:dead:202:b3ff:fe9a:d264 store=persistent
netsh interface ipv6 add route ::/0 interface="Local Area Connection" \
    2001:610:148:dead::1 store=persistent

Posted in Computers | 5 Comments »

Upgrade PostgreSQL after upgrade to Ubuntu-7.0.4

Friday, April 20th, 2007

Ubuntu-6.10 (Edgy) has PostgreSQL-8.1.6 installed.

When upgrading to Feisty, PostgreSQL 8.1 is not supported anymore. When booting into Feisty, 8.1.6 still works, but you should manually upgrade to 8.2.3. After a few upgrades, this seems to be the right way (at least for most of us, that just run 1 cluster):

apt-get install postgresql-8.2
pg_dropcluster –stop 8.2 main
pg_upgradecluster -v 8.2 8.1 main /var/lib/postgresql/8.2/main

If this works, you can delete the old cluster:

pg_dropcluster 8.1 main

That’s it!

update for Gutsy to Hardy upgrade

A similar story for the upgrade of Ubuntu-7.10 (Gutsy) to 8.04 (Hardy).
Gutsy has 8.2.9, Hardy has 8.3.3. After upgrading with do-release-upgrade
8.2.9 need to be manually upgraded to 8.3.3.
Doing so will create an empty 8.3.3 cluster, which needs to be dropped first.
Make sure the old 8.2.9 cluster is running (/etc/init.d/postgres-8.2 start)
when upgrading:

apt-get install postgresql-8.3 pg_dropcluster --stop 8.3 main pg_upgradecluster -v 8.3 8.2 main /var/lib/postgresql-8.3/main

Posted in Computers | 3 Comments »

Array sorting but without articles

Saturday, March 31st, 2007

Sometimes you want to sort an array in PHP, but exclude certain words.
I once needed this to sort a list of artists and bands. It is very common for bandnames to have articles in front of them.
When sorting those, it feels more natural to leave those words out, so that “The Doors” would end up at the letter D, and not T.
This little PHP function will do natcasesort, but will leave out the english articles a, an, the, and the dutch articles de, het and een:

function sort_na($a, $prefix= '/^((d|th)e|an?|een|het)s*/i') {
    $n=0;
    foreach($a as $entry){
        $b[$n]['name']=preg_replace($prefix,"",$entry);
        $b[$n]['name_no_prefix']=$entry;
        $n++;
    }
    $cmp=create_function('$x, $y',
        'return strnatcasecmp($x["name"], $y["name"]);');
    usort($b, $cmp);
    $n=0;
    foreach($b as $entry) {
        $c[$n]=$entry['name_no_prefix'];
        $n++;
    }
    return $c;
}

Posted in PHP Programming | 2 Comments »

Workaround for “empty-contact-list” problem in Nokia PC Suite

Tuesday, March 27th, 2007

I recently lost my good-old Nokia 6100 mobile phone. Luckily, my provider KPN gave me a new one for free, a Nokia 5500 Sport. After a few weeks I found my old phone and was very happy that I had my 150+ contacts back

The Nokia PC Suite software made it look like I could simply copy all the contacts, but unfortunately the Contact List for the 6100 model in my Nokia Phone Browser always shows up empty

However, I was able to make a Full Backup using the application. That yielded a .nbu file, which upon inspection held the contact details in VCARD format, but smeared together with lots of binary poop.

I created a webpage that will parse an .nbu file, and give back a zipped VCARD file containing all your contacts. You can then simply drag this into the Contact List of your new phone.

I have used this to export 219 contacts from my Nokia 5500 to an HTC Hero.
You need to install vCardIO, then simply copy the contacts.vcf into the root of the SD card and import all of them.

TODO: I need to add a X-IRMC-LUID property to avoid multiple additions…

Posted in Computers | 45 Comments »

TIENHUIS Networking