I finally got a CentOS 5 domU running under Debian.
The xen-tools xen-create-image method didn’t work. I managed to find an appropriate build script for centos5, but it was pretty badly out of date, trying to install RPM versions that don’t exist on the mirror servers any more. Trying to bring it back up to date would have been a PITA. It has the RPM versions hard-coded in the script.
However the instructions at http://wiki.kartbuilding.net/index.php/Create_Centos5_DomU_on_Debian_Etch_Dom0 worked a treat.
After following those steps, I converted it from a file-based image, to an LVM, with the following steps:
Manually create logical volumes for the filesystem and swap. I use 40G filesystem LVs and 128M swaps.

# mkdir /mnt/loop
# mkdir /mnt/cenots
# mount /home/andrew/centos.5-0.img /mnt/loop -o loop
# mount /dev/mapper/ember-centos5–disk /mnt/centos
# cd /mnt/loop
# cp -Rp bin boot dev etc home lib media mnt opt root sbin selinux srv sys tmp usr var ../centos
# cd
# umount /mnt/loop
# umount /mnt/centos

Then edit /etc/xen/domains/centos.cfg and change the following lines:

kernel = “/boot/vmlinuz-2.6.18-4-xen-686″
ramdisk = “/boot/initrd.img-2.6.18-4-xen-686″
vif = ['bridge=xenbr0']
disk = ['file:/xens/name_of_new_server_to_be/centos.5-0.img,sda1,w','file:/xens/name_of_new_server_to_be/centos.swap,sda2,w']

To:

kernel = ‘/boot/vmlinuz-2.6.18-6-xen-686′
ramdisk = “/boot/initrd.img-2.6.18-6-xen-686″
vif = [ 'ip=192.168.1.13' ]
disk = [ 'phy:ember/centos5-disk,sda1,w', 'phy:ember/centos5-swap,sda2,w' ]

Then “xm create centos”. Boom! Centos 5, running as a domU on a Debian Etch dom0, from a logical volume.
And I still have the original centos5 image file for creating fresh domUs.

Originally published at /dev/zero. You can comment here or there.

Aught to be a good title for a book on Xen, no?

Anyway, while discussing Xen with the COO (and it just occurred to me, really this project should be the CTO’s, not the COOs… odd how the COO does all this stuff…) he came to the conclusion that, like openVZ and Virtuozzo, Xen guest systems shared the kernel with the Host. That didn’t sound right to me, but I couldn’t disprove it with my Xen server, where every DomU had an empty /boot.

So I updated the kernel in Dom0, but didn’t reboot. I now have a newer kernel installed than the one it’s currently running.
I then tweaked the /etc/xen-tools/xen-tools.conf and built a new DomU, to use the new kernel. Everything went without a hitch. I now have a Dom0 running 2.6.18-4-xen-686, with a domU running 2.6.18-6-xen-686. So it would seem that while they all “share” a kernel in the sense that they share a single install on the hard drive (all pulling from the dom0 /boot directory), they aren’t sharing a single instance of the kernel in memory.

I then tried to get a working CentOS 5 domU running, but ran into some snags. That will be another post.

Originally published at /dev/zero. You can comment here or there.

Just a personal note so I can find how to install Debian on a DomU again

Originally published at /dev/zero. You can comment here or there.

Last night I’m on my DoD clan’s Ventrillo server just before a scrimmage and yakking with teammates waiting for the game to begin.
I apologized for getting home and logging on only minutes before the game is due to start as I had to work late and only just got home.
One of them asks what I do for a living, I explain that I work for CI Host, one of the larger Internet server hosting companies and he asks if that means I know about networking. I explain that I’m more of a Unix guy than a Network guy, but that does come with having to know a little about networking. He mentions that since the clan switched servers, he and his wife (who also plays) have noticed quite an increase in his ping time. He did a trace to the server and saw the route go from Houston (where they live) out to California, bounce around a while, then back to Dallas (where the server is located).
I tell him to send me a copy of his traceroute and I’ll take a look.
I logged onto the clam forum site and see he sent me a private message.
Did he cut and paste the traceroute into the message?
Nope. He made a screenshot of the DOS window and attached the .bmp file.

Dunno what to say about a guy who knows how to do a traceroute, but not a cut’n'paste.

Not making the assumption that my gentle readers know what the hell I’m talking about…
Day of Defeat, a WWII simulation in the First Person Shooter genre.
A VoIP application popular amongst gamers, that creates something akin to a conference call.
A game that is more than a standard public “for fun” free for all but not as formal a league “match” that counts towards a team/clan’s standing in a game season.

Originally published at /dev/zero. You can comment here or there.

This is the first I’ve heard of this, but this is the first trailer release of a new movie being produced entirely on Open Source software, under a Creative Commons license.

Big Buck Bunny - Official Trailer on Vimeo

Originally published at /dev/zero. You can comment here or there.

Weird. Posts made with kblogger never show up in my blog. They’re “published”, they get a post ID, I can see them in the database and all fields are the same as posts that do show up (well, with the exception of things I expect to be different. Date. Title. GID, etc.) I even see my to “test” posts made it to twitter, but they don’t show up in the blog. Not even in the management interface where I should see ALL posts, published, draft or otherwise.

OK, WP is working. I can post just fine from the web interface.

Originally published at /dev/zero. You can comment here or there.

Does Youtube simply not grasp RSS?

Viewing any RSS enabled web site in Firefox or Konquerer, I get a little button in my browser that allows me to add that RSS feed directly to my RSS agregator. In Firefox, this defaults to it’s own “Livemarks” system, in Konquerer the default is the Kontact/Akregator application, but both have a mechanism to define another reader.

Click on this little button when viewing any page on Youtube and you get… a broken RSS feed.
In Firefox it takes you to, not the RSS feed, but a page EXPLAINING HOW TO GET THE RSS FEED. If I need an explanation I would look for a link ON the page that says “about our RSS feeds” or something similar. If I click the “subscribe” button, which is generated by the “link rel=’alternate’ type=’application/rss+xml’”, I expect I’ll get an RSS feed, not human-readable page ABOUT rss feeds.

On top of this, they don’t offer a feed of something simple like, say, all of my “subscribed” channels. No, I can get a feed of MY vides (videos I’ve uploaded. Useless to me since I don’t upload videos. I’m a consumer, not a producor.), all new videos (The last thing I want is an RSS feed of every new video posted to Youtube), etc.
Even viewing the page for one of my subscriptions, there’s no link to subscribe to the RSS feed. Sure, the “about” page tells me what URL syntax to put in my RSS reader to GET that page, but why don’t they just put the simple header IN the html page so I can use the tools just about every browser provides to subscribe to the RSS?

Apparently for Youtube, Really Simple Syndication means “you do the work”.

Originally published at /dev/zero. You can comment here or there.

On the heels of my raving about Gentoo, I find that while from and administrative perspective I like it, from a user perspective? Not so much.

I have two workstations at work. One is a Celeron 1.7ish, 1.5GB of RAM, running Windows XP. The internal web sites we use tend toward lots of javascript, plus another application that sucks up resources. Thus Firefox, when viewing our ticket system, our order database system and our server locator / user database system was running very sluggish.

I managed to acquire a second desktop, a P4 1.8Ghz, 1GB RAM system, on which I intended to install Linux. When I got that far, I installed Gentoo, running Xfce4, as a learning exercise. Everything went beautifully. Once I got Firefox and Thunderbird installed, I moved all my work that that system, using the Windows box only for the non-web based application that only has a Windows client. And since the speakers are hooked up to that system, I left Pidgin there as well.
The performance of Firefox on the Linux box is barely a marginal improvement.

My personal laptop, however, a Centrino 1.6 with 512MB of RAM running Ubuntu 7.10 and Gnome, running all the same web sites is at least 3x more responsive.
I even made sure I had exactly the same addons installed on the two Linux systems. By all lights, the Gentoo box should be smoking the laptop.

It’s got a faster (model) processor.
It has a faster (clock rate) processor.
It has 2x the RAM.
It’sToques, Imagens, Jogos, vídeos E é compativel com http://www.toques1.com/baixar-toques-mp3-para-celular-ofertas-especiais.html de graça no iPhone.Beruhmte casino tropez. got an “optimized” OS installed.
It’s running the light-weight Xfce4 window manager, compared to Gnome’s (and all the other bells and whistles I’ve installed) bloat.
The only thing I can figure is there’s something about the default compile settings Gentoo uses when building Firefox.

I must remember to reboot the Gentoo box and check if Hyperthreading is turned off in the BIOS. I’m running an SMP kernel but only seeing one CPU. I also need to check if a P4 1.8 has HT support…

Originally published at /dev/zero. You can comment here or there.

I’m quickly becoming a fan of Gentoo.
I don’t think it will be replacing Ubuntu on my laptop, but I’m finding that for a “source based” system, it’s very easy to use. It doesn’t install anything you don’t absolutely need until you specifically ask for it, but when you do, it’s pretty painless. You just have to put up with it taking a little longer than other distros to get installed, since it has to download the source, then compile it.

Originally published at /dev/zero. You can comment here or there.

While I get back into the swing of blogging from a fairly long hiatus, I thought I’d start with something useful I discovered a while back, but that has recently shown just how really cool and useful it is.
With ssh connection mastering, you can open multiple sessions to a single host. Once you have satisfied all the authentication / authorization requirements of the host to log in the first time, as long as you have a master connection open, logging in additional times not only doesn’t require going through authentication again, it’s much, much faster.

For example, where I work, we SSH to a single server, we’ll call it jupiter, a “bastion host” if you will, from whence we can make ssh connections to any of our client’s servers. All our client’s servers have our public key in the root authroized_keys file, and all technicians on jupiter can ssh using the private key associated with that public key. To log into jupiter the technician must enter his RSA SecureID pin and rolling key.

If you’ve never used SecureID, it is a “two factor” authentication system. Two factor authentication basically means to log in, you must present both something you know (thus it can’t be taken away from you by force, though you can be coerced into revealing it) as well as something on your person. In this case the “something you know” is your PIN, which doesn’t change. The “something on your person” is the 6 digit number displayed on the SecureID token. This is more secure than a simple password or PIN in that you must have both that and a physical device that displays a constantly changing number. Either one by itself is insufficient authentication to log in.

So getting back to jupiter, to ssh to this server we use SecureID authentication. This means we must ssh to the server, wait while ssh negotiates keys and does any DNS foo the server wants to do, type our PIN, then dig out our token and enter the displayed number, then wait while jupiter checks with our SecureID server to verify the numbers entered.

Using the ssh connection mastering technique I’ve linked to, you only have to do this once. As long as that original connection is open, you can open another terminal window, or even a virtual terminal, and ssh to the server and be in, instantly. No delays for ssh key exchanges, DNS lookups SecureID. You don’t have to enter your PIN and token again. You’re just in. This is very useful if you have to log into multiple client servers at once.
Just don’t tell the security admin.

For some reason the trackback link isn’t showing up in the blog. The link referred to above is
http://www.newartisans.com/blog_files/ssh.connection.mastering.php

Originally published at /dev/zero. You can comment here or there.

What fucking MORON designs a telephone so that you can’t replace the CORD????
I have an important phone call to make in half an hour. I don’t trust a mobile phone in this house to not drop in the middle of the call, so I went out and bought a basic land-line phone and a 25-foot phone cord so I don’t have to stretch one across my office to my desk.
I take the phone out of the box, unravel it’s cord to remove it and plug in the 25-footer… and you can’t detach it! I’m stuck with the 6 feet or so of cord that comes with it and not enough time to go buy another one. And any other I buy is likely to have the same issue, since the store only stocks the one brand (GE. GE for crying out loud! Who would think GE would be that stupid?)

Edit: And to top that off, to call from 817 area code to 972 area code (across town) the phone company considers this “long distance”. Since I didn’t get long distance service with my land line (I only got it for the DSL) I can’t make the call.

Originally published at /dev/zero. You can comment here or there.

Recently the network connection on my Ubuntu (7.04 “Feisty Fawn”) desktop failed. It had been working perfectly for weeks when suddenly it just couldn’t connect to my home network. Everything worked fine in Windows.
During boot, it would properly detect the device, load the driver, the networking init script would run without errors, and but for the fact that it couldn’t talk to the network, and thus couldn’t get a response from it’s DHCPDISCOVER probes, no errors.
A static IP configuration worked just fine, but still wouldn’t talk to the network.

Read the rest of this entry »

Originally published at /dev/zero. You can comment here or there.

Useful for those unix users in the US (and possibly Canada). Not so much for everyone else.

[andrew@ratbert ~]$ alias telco=”whois -h whois.telcodata.us”
[andrew@ratbert ~]$ telco 972-783
Telcodata.US Whois Server
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Access from 64.92.166.187 was logged
Your command was: 972-783
Data for 972 - 783 follows:
Area-code: 972
Exchange: 783
State: TX
Company: SOUTHWESTERN BELL
Type: RBOC
Ratecenter: DALLAS
Switchtype: WECO 5ESS (Digital)
CLLI: DLLSTXRNDS0
By using this service, you agree to use it for low volume occasional use,
and agree to not use any sort of mechanized or automated query methods,
or any other high volume methods.
Violation of this TOS will result in blocking.

Easy way to look up what city a given areacode / prefix goes to. (Among other interesting data.)

Originally published at /dev/zero. You can comment here or there.

Somehow, someone managed to alter my post about finding an Indian cooking vlog on Youtube into a spam.
Looks like I’m going to have to track down an exploit in WordPress. I suspect one of my plugins. For the time being I’ve disabled one the one my gut tells me caused this.

<noscript>Online</noscript><noscript><a href=”http://www.thetaxihq.org”>penis enlargment</a> - good erection.
</noscript> you can find <a href=”http://www.snjpc.com”>online casino
</a> that offer freeroll tournaments.