Once upon a time I setup my home network, I could access stuff from outside and all was well in the world. Over time this home network grew and I exposed more and I forwarded more ports from the router to the backend server apps. A few of which were as follows, each had their own port and own domain.
Read More
Category: Linux
Compile Raspberry Pi Kernel
update: 2015-02-10: Removed folder sync as was causing builds to fail
Decided to play about with the Raspberry Pi Kernel but setting up the toolchain for a cross compile was a bit of pain not to mention remembering to download everything.
So I put together a Vagrantfile that should auto do it.
Following Variables can be edited at the top of the Vagrantfile:
Read More
CentOS 7 and OpenVPN 2.3.5 (Routed)
Decided to setup a openvpn server on a new CentOS 7 box and it was not exactly straight forward so below are the steps required, this should be enough to get started
On a (minimal) centOS 7 box:
yum -y install gcc rpm-build vim openssl-devel lzo-devel pam-devel wget
wget http://swupdate.openvpn.org/community/releases/openvpn-2.3.5.tar.gz
rpmbuild -tb openvpn-2.3.5.tar.gz
if using a seperate server for as the VPN server:
scp ./RPMS/x86_64/openvpn-2.3.5-1.x86_64.rpm server:/tmp
Flashing eeprom during imaging via PXE
I had a requirement to flash the eeprom on a FTDI chip while dropping a clonezilla image onto the system which is done via a PXE server
The 1st thing we need to do is get ftdi_eeprom tools on the clonezilla image, we do this by setting up an ubuntu system (I used ubuntu 12.04)
apt-get install squashfs-tools unzipwget -O Clonezilla-2.1.2-20_amd64.zip http://downloads.sourceforge.net/project/clonezilla/clonezilla_live_stable/2.1.2-20/clonezilla-live-2.1.2-20-amd64.zip?r=http%3A%2F%2Fclonezilla.org%2Fdownloads%2Fdownload.php%3Fbranch%3Dstable&ts=1373475093&use_mirror=heanet
mkdir clonezilla-src clonezilla-sqfs
cd clonezilla-src
unzip ../Clonezilla-2.1.2-20_amd64.zip
cd ../clonezilla-sqfs
unsquashfs ../clonezilla-src/live/filesystem.squashfs
cd squashfs-root/rootwget http://ftp.de.debian.org/debian/pool/main/f/ftdi-eeprom/ftdi-eeprom_0.3-2_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse0_2.7-4_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse-common_2.7-4_all.debrm *.deb
chroot ~/clonezilla-sqfs/squashfs-root
cd rootdpkg -i libconfuse-common_2.7-4_all.deb
dpkg -i libconfuse0_2.7-4_amd64.deb
dpkg -i ftdi-eeprom_0.3-2_amd64.debcat > ./eeprom.conf <<@
vendor_id=0x0403
product_id=0x6001
manufacturer="ME"
product="XXXXX"
serial="FTABC123"
@exit
cd ~/clonezilla-sqfs
mksquashfs squashfs-root filesystem.squashfs -comp xz -Xbcj x86 -b 1024k
Replace the Fields above with the values you want to use most important is the two _id fields as they tell ftdi_eeprom which device to attempt to flash, you can get these by running the command “lsusb” and identifying the device.
Copy the file “filesystem.squashfs” that has just been created and overwrite the one on the PXE server used to deploy the image. When you next PXE boot the target machines you will find ftdi_eeprom is available to use.
Now during the deployment run the command
ftdi_eeprom –flash-eeprom /root/eeprom.conf
Puppeteering with Puppet
So I’ve been a very naughty sysadmin recently, one of the things I intended to do early on in my new employment was setup some form of System Management as we have several Linux hosts. However truth be told I have never had a System Management system for Linux hosts (due to a lack of time to implement one) and due to a number of tight deadlines I’ve had to put this on the back burner and spin up servers for additional roles.
This road however will lead to ruin so I have put a stop to the random spinning up of hosts for anything other than testing until I get something in place to mange all the configurations centrally. The question for me was what to use, I’ve heard of both Puppet and Chef, but I have no experience of them. So after doing a bit of reading I figured I’d go with Puppet as it seems to have most of the bases I am interested in covered.
Setting up a Cisco network for video developers Part 2
Introduction
Welcome to Part 2, this part will provide the background and current topology that is to be replaced, the real fun will start in Part 3. I know you are all impatient to get started configuring switches, routers and servers but I think that the design and the reasons behind the design are as important (if not more so) than the actual configuration. As always I know I am not perfect and all knowing so if from the background and the following tutorials you think I have missed something or could have done something better then please speak up, send me a message via the contact page or leave a comment.
Background
NINet has grown since the last series and now has a floor of approximately 40 developers developing video solutions. The current solution was put together in bits and pieces and is resulting in poor performance and frequent outages. It must be stressed that this is a development network and as such cannot be locked down developers need to be able to connected unmanged switches (much to my irritation) and connect devices at will.
Setting up a Cisco network for video developers Part 1
Introduction
This series of tutorials will be similar to my posts on a wireless setup, where I take a real world requirement of mine and fit it to a tutorial about NINet.org.
Summary
This series will take an existing flat topology with mixed switches running in L2 and convert it to a Cisco Switch Topology mixing L3 and L2. Then we’ll take a bit of step into the sysadmin side of things where we setup infrastructure servers to support the end users. At the time of this writing, in the real world, this network is up and running however the supporting infrastructure is a lower priority than other work items so it may take a while to filter through to here.
CentOS 6 authorized_keys bug
Thanks to the footnote here: http://blog.firedaemon.com/2011/07/27/passwordless-root-ssh-public-key-authentication-on-centos-6/
On centos systems that are refusing keybased authentication run the following command as root
#> restorecon -R -v /root/.ssh
Deploy Centos 6 from VMWare Template
This is just a quick gotcha that I found ages ago then forgot about and then had to figure out again. Before you convert the VM to a template.
rm /etc/udev/rules.d/70-persistent-net.rules
sed -i ‘/HWADDR*/d’ /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i ‘/UUID*/d’ /etc/sysconfig/network-scripts/ifcfg-eth0
Update:
This also applies to SLES 11 SP2 (use /etc/sysconfig/network/ifcfg-eth0)
CPUInfo
Small shell script that returns the details in /proc/cpuinfo in a more human readable and relevant way.
Sample output
Processor seems to be quite old guessing number.
#######################################
# CPU Information #
#######################################CPU Architecture is: x86_64
CPU Manufacturer is: AMD
CPU Model is: AMD Opteron(tm) Processor 252
CPU Speed is: 1800 1800MHz
Number of physical CPUs: 2
Number of cores per CPU: 1
Number of logical CPUs (cores & hyperthreading): 2
Hyperthreading enabled (Intel only): N/A#######################################