Once upon a time I setup my home network, I could access stuff from outside and all was well in the world. Over time this home network grew and I exposed more and I forwarded more ports from the router to the backend server apps. A few of which were as follows, each had their own port and own domain.
Read More
Category: Servers
CentOS 7 and OpenVPN 2.3.5 (Routed)
Decided to setup a openvpn server on a new CentOS 7 box and it was not exactly straight forward so below are the steps required, this should be enough to get started
On a (minimal) centOS 7 box:
yum -y install gcc rpm-build vim openssl-devel lzo-devel pam-devel wget
wget http://swupdate.openvpn.org/community/releases/openvpn-2.3.5.tar.gz
rpmbuild -tb openvpn-2.3.5.tar.gz
if using a seperate server for as the VPN server:
scp ./RPMS/x86_64/openvpn-2.3.5-1.x86_64.rpm server:/tmp
Flashing eeprom during imaging via PXE
I had a requirement to flash the eeprom on a FTDI chip while dropping a clonezilla image onto the system which is done via a PXE server
The 1st thing we need to do is get ftdi_eeprom tools on the clonezilla image, we do this by setting up an ubuntu system (I used ubuntu 12.04)
apt-get install squashfs-tools unzipwget -O Clonezilla-2.1.2-20_amd64.zip http://downloads.sourceforge.net/project/clonezilla/clonezilla_live_stable/2.1.2-20/clonezilla-live-2.1.2-20-amd64.zip?r=http%3A%2F%2Fclonezilla.org%2Fdownloads%2Fdownload.php%3Fbranch%3Dstable&ts=1373475093&use_mirror=heanet
mkdir clonezilla-src clonezilla-sqfs
cd clonezilla-src
unzip ../Clonezilla-2.1.2-20_amd64.zip
cd ../clonezilla-sqfs
unsquashfs ../clonezilla-src/live/filesystem.squashfs
cd squashfs-root/rootwget http://ftp.de.debian.org/debian/pool/main/f/ftdi-eeprom/ftdi-eeprom_0.3-2_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse0_2.7-4_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse-common_2.7-4_all.debrm *.deb
chroot ~/clonezilla-sqfs/squashfs-root
cd rootdpkg -i libconfuse-common_2.7-4_all.deb
dpkg -i libconfuse0_2.7-4_amd64.deb
dpkg -i ftdi-eeprom_0.3-2_amd64.debcat > ./eeprom.conf <<@
vendor_id=0x0403
product_id=0x6001
manufacturer="ME"
product="XXXXX"
serial="FTABC123"
@exit
cd ~/clonezilla-sqfs
mksquashfs squashfs-root filesystem.squashfs -comp xz -Xbcj x86 -b 1024k
Replace the Fields above with the values you want to use most important is the two _id fields as they tell ftdi_eeprom which device to attempt to flash, you can get these by running the command “lsusb” and identifying the device.
Copy the file “filesystem.squashfs” that has just been created and overwrite the one on the PXE server used to deploy the image. When you next PXE boot the target machines you will find ftdi_eeprom is available to use.
Now during the deployment run the command
ftdi_eeprom –flash-eeprom /root/eeprom.conf
Puppeteering with Puppet
So I’ve been a very naughty sysadmin recently, one of the things I intended to do early on in my new employment was setup some form of System Management as we have several Linux hosts. However truth be told I have never had a System Management system for Linux hosts (due to a lack of time to implement one) and due to a number of tight deadlines I’ve had to put this on the back burner and spin up servers for additional roles.
This road however will lead to ruin so I have put a stop to the random spinning up of hosts for anything other than testing until I get something in place to mange all the configurations centrally. The question for me was what to use, I’ve heard of both Puppet and Chef, but I have no experience of them. So after doing a bit of reading I figured I’d go with Puppet as it seems to have most of the bases I am interested in covered.
Setting up a Cisco network for video developers Part 2
Introduction
Welcome to Part 2, this part will provide the background and current topology that is to be replaced, the real fun will start in Part 3. I know you are all impatient to get started configuring switches, routers and servers but I think that the design and the reasons behind the design are as important (if not more so) than the actual configuration. As always I know I am not perfect and all knowing so if from the background and the following tutorials you think I have missed something or could have done something better then please speak up, send me a message via the contact page or leave a comment.
Background
NINet has grown since the last series and now has a floor of approximately 40 developers developing video solutions. The current solution was put together in bits and pieces and is resulting in poor performance and frequent outages. It must be stressed that this is a development network and as such cannot be locked down developers need to be able to connected unmanged switches (much to my irritation) and connect devices at will.
CentOS 6 authorized_keys bug
Thanks to the footnote here: http://blog.firedaemon.com/2011/07/27/passwordless-root-ssh-public-key-authentication-on-centos-6/
On centos systems that are refusing keybased authentication run the following command as root
#> restorecon -R -v /root/.ssh
Deploy Centos 6 from VMWare Template
This is just a quick gotcha that I found ages ago then forgot about and then had to figure out again. Before you convert the VM to a template.
rm /etc/udev/rules.d/70-persistent-net.rules
sed -i ‘/HWADDR*/d’ /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i ‘/UUID*/d’ /etc/sysconfig/network-scripts/ifcfg-eth0
Update:
This also applies to SLES 11 SP2 (use /etc/sysconfig/network/ifcfg-eth0)
Dell & HP Warranty Info from a CSV file of Tags
Updated: 2013-11-20 – Added User submitted version of script to downloads.
I have tweaked my powershell script for the SCCM Dell/HP tags due to popular demand so that it can be run on a single machine using a list of service tags as the source and then will output to a CSV file. The source CSV can have any number of columns however it MUST have the following three for the script to work “Name,Vendor,Tag” in its default state. You also need to edit the $infile & $outfile variables as required.
VMWare vSphere 5 License Validator
Deprecated – VMWare have release an official checker and there is a better script at http://virtu-al.net
This is a script I wrote to check vSphere 5 vRAM compliance.
Update Custom Attributes for VMhosts in vCenter
Yet another role added to my Job description, Now I am managing our Virtual Servers. So true to form I’ve dived headfirst into powershell / powercli to see what I can do. Some of the posts coming up on this will likely be similar to others around the web as I reinvent the wheel while I learn. But you never know one of you might find me 1st or I might do it in a way that suits you better.
First up is a simple script to read data from an xml file and then update custom attributes on the vmhosts.