Spent Sunday in Tramore with Keith, Jayme, and Keith’s niece. Got lunch at a small bar there. It was Mother’s Day which we hadn’t realized so the first few places we stopped into were packed. Boiled bacon with mashed potatoes and parsley sauce. Didn’t really know what to expect but not bad. I was expecting the bacon to be saltier but none of the bacon I’ve had here has really been very salty. It was just like boiled ham which I’ve had before. Had a bite of Jayme’s burger and it was different from what I expected. Just tasted different and the meat seemed different somehow. Afterwards we went on down towards the beach for a little bit. Was kind of cold but there were a handful of people in the water. Felt sorry for the kid who must’ve lost a bet and was forced to wade out into the freezing water with just his jeans on. Later on in the day we went to Keith’s parent’s place for dinner. Chinese food. Someone told me once before I left, “If you want good Irish food, get Chinese.” Prawn crackers are pretty awesome by the way.
March 22, 2009
March 21, 2009
Some days in Ireland – Saturday
I’ve been in Waterford, Ireland since the weekend through this coming weekend. I’m over here with my roommate Jayme and her boyfriend Keith who is from Waterford and back for the week for work. I’m functioning as a combination of third wheel / daytime entertainment for my roommate. It’s a role I’m happily embracing.
We left on Friday evening from Boston and arrived in Shannon around 5am. Couldn’t sleep on the plane like I had planned so I was happy I bought Watchmen to read while in the airport. It was then a two hour drive from the airport where I again had planned on sleeping. Instead I spent the entire ride like a dog staring out the car window. This was mostly due to the fact that I was scared. Two-lane highways with walls on either side and tons of rotaries. Wow. (Though it wasn’t until about the sixth rotary when I figured out that’s what they were and it wasn’t just that no one felt like paving straight roads.) Along the way we stopped at a gas station for some coffee which was where I first felt like a stranger. Man in front of me as I waited turned to joke with me and my face just dropped as I realized he spoke English and I had literally no clue what he had just said and wished not to sound impolite. Keith stepped in at that point fortunately. Still think that man must’ve thought I was a tard. Now I realize why I sometimes have to speak slowly to Canadians.
Eventually we made it to Keith’s sister’s house where we met the family and had some breakfast. White pudding… Actually not bad. Still haven’t experienced black pudding however. My favorite is still the breakfast sandwich. All I can picture is Homer telling Bart to butter his bacon. Take some bread, slather butter on it, then throw some bacon on top. Of course it’s pretty awesome but as I noticed later so few fat people and I’m amazed how that is possible when they butter their bacon. (Tried to buy shirts some days later and I’m a large or extra large in the US while a double extra large here. I happen to be reasonably slim in the US and of course don’t butter my bacon.)
We hit our walls after breakfast and made our way to Keith’s place then for a relatively short nap at around 11am. Just four hours since we had to make our way out to the pub for the Ireland vs. Wales rugby match. An Ireland win would clinch the Six Nations tournament as well as be their first grand slam (beating every team) in about sixty years. I spent a little time having Keith explain the game to me during the England vs. Scotland match beforehand at his place and then we made our way off to the pub. Was feeling still a little sleep deprived but maybe eating while we were out would pick me up slightly. Need sleep or food in order to drink. Ended up at T&H Doolan’s in Ciddy Center around 4:30. Back home I once went to my local bar and found it closed only later to find out it was because of a kitchen problem and serving alcohol without being able to serve food would just be irresponsible. (This attitude doesn’t apply in Pennsylvania where I hear even serving peanuts would just encourage you to drink more.) Learned quickly that pubs don’t really serve food. Drinking, tired, and hungry at 4:30pm.
T&H is about the oldest pub in Waterford and the crowd was interesting. Half Irish and the other half Welsh transplants. Interestingly while a little tough at first I found the Welsh the easiest to understand after a short bit. They sounded like my old neighbor. (If you know the story, yeah, THAT neighbor.) Let me first start by saying that the Guinness in Ireland DOES NOT TASTE AND DIFFERENT. The difference is you’ve probably been drinking bad Guinness from lines and taps which haven’t been cleaned enough. It tasted no different than a good Guinness that I’ve had many times in Boston. Granted, I’ve drank a lot of bad Guinness in Boston too. Got into the rugby match after it started. Possibly because of the excitement surrounding me. Possibly because of the drinking, sleep deprivation, and hunger. The bar has about three parts to it. One side is the “tourist” side. A dollar bill with my name and cell phone number may be tacked to the rafters. Next there’s there middle third and then finally the third we were at. I ended up really getting into it. The bulb on the TV kept overheating, typically during tense portions, and I would end up running with everyone to the middle third of the bar to watch the TV on that side. Ireland ultimately one and I celebrated. Things at this point started to get hazy. Keith made sure to give me a piece of paper with his address just in case. Drinking, tired, and hungry at… *shrug*
Spent sometime drinking and talking with various folks. Both Keith’s friends as well as other locals. Eventually we ended up at McLoughlin’s down the road a short bit. Had a shot of whiskey there. Didn’t vomit which is typically a good sign. Unfortunately it convinced me I was invincible at this point. More talking with the various locals. Eventually learned that “Colleen” is both a proper noun and an adjective. Up till that point I just thought half the girls of Waterford had the same name. After sometime there we walked back up the road to Harvey’s. Keith’s friends were there to take care of me at this point. Nearly didn’t make it in but managed to answer the bouncer’s question correctly. “Yes sir, I am still alright to drink.” Went downstairs and was greeted by lots of people, loud music, and flashing lights. Pretty much like every club in Boston I try and avoid. I grabbed a beer and made my way around with the guys. Not a lot made sense to me but I kept going. I think a few times I was told to, “Stand right here,” but I don’t like standing still too much. Especially not on a night out as I wanted to meet new people. This however proved a little tough. People liked my American accent but my ability to hold a conversation was fairly impaired at this point. I think I could still speak fairly coherently as evidenced by the fact that people recognized my American “twang” (Teaxans have twangs, New Yorkers don’t thank you), I just couldn’t think of what to say at all. Eventually I found myself with Keith’s friend Jimmy and two of his lovely friends and we hung out until closing. As we walked out of Harvey’s we made our way back down the block into a sea of people. Entered a fried chicken fast food place called Hillbillies at this point. Finally maybe I could eat… Unfortunately I could not figure out the menu. Where was the #1 or the #5. Maybe a #4 with a Diet Coke? I tried asking the girl I was with how I was supposed to order but just managed to confuse her. I decided to just go outside and skip ordering. (Now I know to just say “snack box”.) As a consolation I did receive an onion ring from my new friend for which I was very grateful. Drinking, tired, and hungry at about 3am.
Ultimately I did end up making my way home. Had perhaps one of the best nights of sleep I’ve ever had. Also had one of the best nights of my life. Not sure how to possibly top such a long night.
February 17, 2009
Some VMware ESXi post install notes
I ended up reinstalling ESXi 3.5u3 recently since there were no running needed VMs on the box and I wanted to play with a few changes I made to the installer image. I have a few steps I do after installation which seem common enough after doing some googling so I thought I just write up how to do them in one spot.
Enable SSH
You can do a lot of management from the VIC or RCLI but some days I just feel like logging onto the console and getting a shell. You can get to it from the console but I don’t like getting off the couch. SSH isn’t enabled by default but it is available.
Access the console on the box by hitting CTRL+F1, type “unsupported” (it doesn’t echo), and then enter the root password.
1) Edit the inetd .conf file: # vi /etc/inetd.conf 2)Uncomment the SSH line: :%s/#ssh/ssh/ 3)SIGHUP inetd: # ps | grep inetd | cut-f 1 -d ‘ ‘Keep in mind that a user created through the VIC will not be able to ssh in since their shell is set to /bin/false and their home directory is non-existent. You can’t enable shell access using `vicfg-user` from the RCLI package so this needs to be done from console. The easiest thing to do is add the user via the VIC or `vicfg-user` and then edit /etc/passwd to change the user’s home directory to “/” and their shell to “/bin/ash”. (`usermod` can change the user’s shell but not thier home directory.)
Setup an SSL certificate
After installing I rename the box which means it’s time to get a new SSL cert to reflect that. You can run `/sbin/create_certificates` to create a self-signed certificate or you can create a certificate and have it signed by a CA. I have a CA setup here at home and signed the new key with that. I also created the key on that box as well. (You can just create an /usr/local/ssl/openssl.cnf file which is missing based on the `create_certificates` script if you want to create the key and csr on the ESXi host.) File paths of course differ depending on the OS you use to generate the key.
1) Generate the “rui.key” file: # openssl genrsa -out /etc/ssl/private/rui.key 1024 2) Create the certificate signing request: # openssl req -new -text -key /etc/ssl/private/rui.key -out /etc/ssl/rui.csr 3) Sign with your own CA. (Or send the file off to your CA.): # openssl x509 -req -text -days 7000 -in /etc/ssl/rui.csr -CA /etc/ssl/CA.crt \ -CAkey /etc/ssl/private/CA.key -out /etc/ssl/rui.crt 4) Set proper file permissions:# chmod 0400 /etc/ssl/private/rui.keychmod 0444 /etc/ssl/rui.crt 5) Copy the files over to the ESXi host and delete the ones just created: # scp /etc/ssl/rui.crt /etc/ssl/private/rui.key esxihost:/etc/vmware/ssl # rm /etc/ssl/rui.crt /etc/ssl/rui.csr /etc/ssl/private/rui.key
Reboot the ESXi host. (Not sure what specific service needs to be restarted.)
Send hostname by DHCP client
The ESXi DHCP client does not send the hostname but it can. I searched through the system to see where the dhcp client was started but couldn’t find it. I have a feeling it’s in the _vmkctl python module but couldn’t find the source for it to confirm this. Instead I just use a script that I snagged off the VMware forums and drop it into /etc/rc.local.d. The host ends up DHCPing twice but whatever.
1) Extract the oem.tgz: # mkdir /tmp/oem/ # tar xzf /bootbank/oem.tgz -C /tmp/oemmkdir -p /tmp/oem/etc/rc.local.d 2) Create /tmp/oem/etc/rc.local.d/send-hostname:#! /bin/ash
if [ -r /var/run/dhcp-vmk0.pid ]; then
kill $(cat /var/run/dhcp-vmk0.pid)
/bin/busybox udhcpc -i vmk0 -p /var/run/dhcp-vmk0.pid --retries=20 -H $(hostname | cut -d . -f 1)
fi
3) Make the script executable and then tar it up.
# chmod +x /tmp/oem/etc/rc.local.d/send-hostname
# cd /tmp/oem
# tar zcvf /bootbank/oem.tgz *
After that just reboot or copy the send-hostname script over to /etc/rc.local.d and run it.
These are the three things I usually do after installing ESXi and hopefully this will save a few people some extra googling. The next thing I’m trying to figure out is how to build applications for the service console. Specifically, I’d like to get pam_krb5 and nss_ldap working on the service console.
December 1, 2008
Verizon FIOS Actiontec MI424WR and multiple subnets
I have Verizon FIOS for internet service and I have a roommate. I like to play with my network and don’t necessarilly mind a temporary outage when something goes wrong. My roommate just wants the internet to work. For those reasons I’ve decided that my vmware guests will be on their own subnet and behind a router / firewall so I can freely break things without hearing anyone else complain. This sounded easy enough. Setup a guest in the VM with one leg in the physical network and one in the virtual network to act as a router. Setup a static route on the Actiontec router that comes with FIOS. Be happy. It sounded simple but getting things right with the Actiontec took a little more work and the googles, they did nothing.
The physical network here will be 192.168.1/24 while my VM guests will be on 192.168.2/24. After setting up a VM guest as a router with a guest behind it I logged into the Actiontec and went to Advanced -> Routing and selected New Route where I entered in the routing information for the 192.168.2/24 network.
New Routes screen
After doing this I found an odd problem. I could ping a host on the VM network from the physical network but couldn’t ping a host on the physical network from the VM network. After setting up a few sniffers I saw the packet leave the VM guest, in the VM router and then out, in the physical host and back out to the Actiontec router, but nothing was received by the VM router. I looked through the firewall logs under Firewall Settings -> Security Log but it was a flood of entries. After going into the Security Log Settings I disabled logging of accepted incoming and outgoing connections and had it log all denied connections.
Firewall Log Settings page
Now the logs gave me something useful. (Not sure why the Security Log logged all accepted connections and no denied connections by default but whatever.) The Actiontec’s default policy is blocking the return traffic from the physical network back to the VM network.
Security Log
I’m not sure where that policy is defined to see exactly what is blocked but under Firewall Settings -> Advanced Filtering I added some additional inbound and outbound rules to just allow all traffic between the two subnets to fix this problem and hopefully prevent any other network issues in the future between the two.
Firewall Advanced Filtering
First I added an inbound rule from the physical subnet to the VM subnet. Under the inbound Network (Home/Office) Rules I selected Add to take me to the “Add Advanced Filter” screen.
Add Advanced Filter
On this screen for “Source Address” I changed the drop down to “Specify Address” and selected Add again to take me to the Edit Network Objects screen.
Edit Network Object
There I hit Add again which brought me to the “Edit Item” screen. There I changed the “Network Object Type” to “IP Subnet” and entered in the physical subnet’s information.
Edit Item
After that I hit Apply until I got back to the “Add Advanced Filter” page where I did the same for “Destination Address” and entered in the VM subnet information. Once I was back at the “Add Advanced Filter” page again I left the “Protocol” as “Any” and under “Operation” selected “Accept Packet” and finally hit Apply.
Inbound Rules
Next repeat the process for the VM subnet to the physical subnet and then create the same two rules under the outbound Network (Home/Office) Rules.
Outbound Rules
After that all traffic appears to be just fine between the two networks.
(In retrospect, if you want to do any even slightly complicated network setup with FIOS you’re probably better off switching the Actiontec into bridge mode and putting your own router that your comfortable with in its place. For a few reasons this option isn’t easilly available to me which is why I had to jump through these hoops. :-/)
P.S. Added some screenshots now.
November 22, 2008
VMware RCLI on amd64/x86_64
I’m running an x86_64 install for Fedora right now on my laptop and want to use the RCLI tools which fail to install on x86_64 (amd64) OSes.
[root@tomcat vmware-rcli-distrib]# ./vmware-install.pl
This version of "VMware VI Remote Command Line Tools" is incompatible with this
operating system. Please install the "x86_64" version of this program instead.
I found a patch here but it fails to fully apply with the latest version. In addition, when you do get it installed you end up with errors like this:
[tom@tomcat ~]$ esxcfg-vmhbadevs
Can't locate VMware/VIRuntime.pm in @INC (@INC contains: /usr/lib64/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/local/lib64/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/local/lib/perl5/site_perl/5.10.0 /usr/lib64/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl /usr/local/lib/perl5/site_perl/5.10.0 /usr/local/lib/perl5/site_perl /usr/lib/perl5/site_perl .) at /usr/local/bin/esxcfg-vmhbadevs line 10.
BEGIN failed--compilation aborted at /usr/local/bin/esxcfg-vmhbadevs line 10.
I’ve updated the patch to fix these problems for anyone interested.
November 11, 2008
VMware ESXi on an HP Proliant ML115 G5
I recently decided to virtualize my computers here at home using VMware’s ESXi. When I moved I realized I had a little too much computer equipment. Not to mention when all of them were running my electric bill would get a little ridiculous while these machines mostly idled. I ended up purchasing an HP Proliant ML115 G5 which is HP’s entry level tower server. They’re not officially supported by ESXi but after some googling I found the ML110′s (Intel) and ML115′s (AMD) have become popular vmware hosts for small setups. The only problem I had which I knew before purchasing it was the Nvidia MCP55 SATA controller was a pain. Most of the instructions I found for working around it were for ESX and not relevant to ESXi. While ESX does not recognize the MCP55 and needs PCI ID and kernel module information, ESXi does recognize the controller but will not let you use it. The problem is ESXi only recognizes PATA interfaces and loads the ide module instead of sata_nv and the installer blocks installs on IDE connected drives. I found the following patch here in the comments section which works around this.
Just remember that you need to patch the file within install.tgz and can’t use oem.tgz on the installer image for this.
January 6, 2008
The people I hate most in open source
These people are possibly the biggest thing I hate about open source. Right now I split my open source time between my own work, my FreeBSD work, and for my job I’ll be starting to get a little involved in Fedora hopefully. Having used open source software since 1999 I’ve been around a few different open source projects. One of the things I’ve enjoyed the most about FreeBSD is the relatively small tinfoil hat crowd. FreeBSD isn’t about fighting some bogeyman but about creating a damn good Unix-like OS and I hope we continue to keep it that way.
June 14, 2007
SDF Public Access UNIX System Celebrates 20 Years!
“It was on June 16th, 1987 that the SDF-1 received its first caller at 300bps. This little Apple ][e BBS of the late 80s turned into a Public access UNIX System with the demise of “killer.dallas.tx.us” during the Operation Sundevil” raids. Since then it has grown to become the oldest and largest continually operating PUBNIX on the planet.
Over the years SDF has been a home to 2+ million people from all over the world and has been supported by donations and membership dues. SDFers pride themselves on the fact that theirs is one of the last bastions of “the real INTERNET”, out of the reach and scope of the commercialism and advertising of the DOT COM entities…”
(read more)
About five years ago I was out of college, my school email address was going to expire, and I didn’t have an ISP. I hate webmail and just wanted simple pop3 email access. I remembered back in high school having a free shell account from some system I couldn’t remember and went searching. Most of the google hits I found were service providers with monthly fees (I wasn’t paying $5 a month just for email) or had no email access. Eventually I stumbled on SDF. It was a $2 donation for a permanent account. A full unix shell account for $2! Just couldn’t beat that and it hasn’t been a bad decision. I’ve always liked the fact that SDF is a non-profit and is paid for by donations and while run by volunteers. It’s nice to know there still exists a place which just provides internet services for the sake of just providing those services to anybody that could use them. By the way, they’re also active NetBSD supporters.
May 12, 2007
Mono 1.2.4 in BSD# repo
It’s ports tree freeze time and Novel has yet to announce it but Mono 1.2.4 is in the BSD# CVS repo ready and waiting. If you’re interested in Mono on FreeBSD please use and test it to make sure the update goes smoothly and there are no surprises. You can see the BSD# homepage and instructions for using mono-merge to use the ports in the BSD# repo.
February 25, 2007
Mono 1.2.2.1 build crashes resolved
If anyone has had problems building or updating Mono because it crashes please update to 1.2.2.1_3 as this should solve the problem. Thanks to Phillip Neumann for suggesting the patch based on some LC environment issues he had sometime ago. Also thanks to kib@ and mux@ for testing changes for me repeatedly to narrow down the problem.