Hello again, world!

0.00 avg. rating (0% score) - 0 votes

I’m just trying to get my old blog back online after neglecting it for a couple of years. And a disk crash. And no MySQL dumps, of course. Luckily I had the MyISAM data files so I was able to salvage most of it. Lot’s of stuff not working yet. Working on it.

Cloning Ubuntu 10.04 Server KVM guests efficiently

0.00 avg. rating (0% score) - 0 votes

If you need to create lots of similar virtual machine guests running on QEMU/KVM, it is a very good idea to prepare a template guest image from which to clone the other guests. You should do whatever customizations you like before cloning. For instance I like to configure LVM and file systems to my liking, install openssh-server, install nfs-common and configure NFS mounts, install all available updates, add users or set up authentication, copy ssh keys, and do many other things so that they will be working out-of-the-box after cloning a number of guests from the template.

After you have installed and set-up your template virtual server to your liking, and would want to start cloning multiple instances of it, some tricks are needed to make things work more automatically after cloning and starting up the final copy.

If you simply clone a vanilla Ubuntu server installation multiple times, you will face some problems:
Continue reading Cloning Ubuntu 10.04 Server KVM guests efficiently

Serial console for Ubuntu server 10.04 KVM guests

0.00 avg. rating (0% score) - 0 votes

The virt-manager VNC screen is fine for LAN connections, and good for running graphical sessions. X is not installed on Ubuntu server by default, and VNC is really bad over slow links even for text console. I like to configure serial console for all my virtualized guests, because with it, I can simply ssh into the virtual machine host, and run “virsh console <guest-name>” to get a working console. Very nice for fixing broken network connections or file systems, or any kind of boot problems. And I can do it using just my cell phone, ssh over 3G connection from anywhere!

Continue reading Serial console for Ubuntu server 10.04 KVM guests

N900 Scandinavic Letters from US keyboard

0.00 avg. rating (0% score) - 0 votes

My Nokia N900 has the US keyboard with four arrow keys but no diacritics, two of which are used in my native Finnish language. I actually like having the four arrow keys instead of two arrow keys plus dedicated diacritics. You can anyway get those from the on-screen keyboard, but it is better to remap some of the hardware keys to be able to punch them in quicker. Here’s how.

Continue reading N900 Scandinavic Letters from US keyboard

NIC bonding with Red Hat/CentOS

0.00 avg. rating (0% score) - 0 votes

Here are simple instructions on how to configure network interface bonding on Red Hat based distros. The thing I always forget. There’s also a little script which will create a bonding interface bond0 between eth0 and eth1 and migrate existing IP settings from eth0. You can find it in the bottom of this post.
Continue reading NIC bonding with Red Hat/CentOS

Redundant iSCSI storage for Linux

5.00 avg. rating (91% score) - 1 vote

Here’s how to set up relatively cheap redundant iSCSI storage on Linux. The redundancy is achieved using LVM mirroring, and the storage servers consist of commodity hardware, running the OpenFiler Linux distribution, which expose their disks to the clients using iSCSI over Ethernet. The servers are completely separate entities, and the purpose of this mirroring is to keep the logical volumes available, even while one of the storage servers is down for maintenance or due to hardware failure.

Ultimately the disks of the iSCSI target servers will show up as normal SCSI disks on the client (/dev/sdb, /dev/sdc, …). The data will be moved across the network transparently. It is preferable to use multiple gigabit network interface cards on both the initiator and the target, and bond them together for reliability and speed gain (or use Device Mapper Multipath). A separate VLAN for iSCSI traffic is recommended for security and speed. By default, the traffic is not encrypted so your disk blocks can easily be sniffed using tcpdump.

Continue reading Redundant iSCSI storage for Linux

OpenSSH public key authentication

0.00 avg. rating (0% score) - 0 votes

First, create a key-pair with ssh-keygen. This is a one-time operation.

It is good practice to enter a good password, but you may also leave the password empty. That will leave your private key vulnerable to local attacks, but if you need to login somewhere from a cron job, you probably need to do that.

Continue reading OpenSSH public key authentication

Ubuntu 8.10 on Thinkpad X300

0.00 avg. rating (0% score) - 0 votes

I upgraded my Lenovo Thinkpad X300 to Ubuntu 8.10 Intrepid Ibex today. My original installation notes for Hardy are here.

After the upgrade, sound was working without compiling an ALSA snapshot by hand. Also, 3G connections worked straight out of the NetworkManager applet, which is very nice. But WiFi was broken, as the nm-applet refused to connect to any SSID, encrypted or open. That seemed to be due to myself using the development networkmanager packages with Hardy. They were not upgraded correctly. The remedy was to remove all network-manager packages and reinstall them. Continue reading Ubuntu 8.10 on Thinkpad X300

SSH tunneling your way through multiple gateways

0.00 avg. rating (0% score) - 0 votes

Ths SSH protocol supports tunneling arbitrary ports from your local host to a remote network that is only reachable through a remote gateway machine. The typical situation is that you have a, say, web server in a network which is only accessible from inside the network. If you have an ssh gateway machine within the network, you can get to the web server using tunneling. Continue reading SSH tunneling your way through multiple gateways

Dynamic IPv6 routing with Cisco IOS and Quagga on OpenWRT

0.00 avg. rating (0% score) - 0 votes

Here’s how to make dynamic IPv6 routing work between a Cisco IOS router and an OpenWRT Linux Quagga router. I couldn’t find a similar howto anywhere, so I decided to write my own.

I am using OpenWRT Kamikaze 7.09 (kernel 2.4) on an ASUS WL-500gP wireless router. Any IPv6 enabled Cisco router should do.

I assume you have already installed the IPV6 kernel modules and userland tools, and set up static addresses for your interfaces (if you haven’t check out the OpenWRT IPv6 Howto).

I am using SixXS for tunneling an IPv6 /48 prefix over IPv4. Continue reading Dynamic IPv6 routing with Cisco IOS and Quagga on OpenWRT

Sendmail relay configuration on AIX

4.00 avg. rating (80% score) - 2 votes

This document describes how to set up a Sendmail e-mail gateway or relay which will be able to process incoming mail and route it to different mail servers based on domain information. The routing table is based on the Sendmail mailertable feature instead of the usual MX record based routing. This will come handy when there is a need to route mail internally in a different way than externally.

Continue reading Sendmail relay configuration on AIX