Several months ago I bought my first SLR. I decided on the Canon Digital Rebel XTi. Since then I have taken several pictures (over 2800) and have now decided to begin doing a Photo of the Week project to get me taking pictures and hopefully increasing my photography ability. So strap in and prepare yourself!
Photo of the Week
October 29th, 2008VServer in Xen
January 14th, 2008I had heard of it being done. I have a friend doing it. So I decided I would too. It is an interesting idea to run virtualization in virtualization. One argument I have heard for running VServer in Xen is a best of both worlds scenario. VServer uses very little resources for each virtual instance thus allowing for many, many virtual instances to be started. Xen has the ability to perform live migration. The scenario would then be that physical server A has X number of Xen virtual machines running each with Y number of VServer instances. We want to migrate one of the Xen virtual machines to physical server B for load purposes. With Xen that migration is possible and the Y number of VServer instances go with it without skipping a beat.
Xen currently ships with kernel version 2.6.18. I noticed that there was a Debian package for a Xen 2.6.22 kernel which would allow me to use the latest stable code of VServer. I downloaded that package and extracted the three patches it included for patching a vanilla 2.6.22.9 kernel for Xen. I downloaded the VServer patch for 2.6.22.10 and the vanilla kernel 2.6.22.9. I then extracted the kernel and patched it with the VServer patch. That went smooth without any “gotchas.” I then proceeded to patch the kernel with the three Xen patches from the Debian package. There were a few segments that the patch utility was unable to do automatically so I went through and performed them manually. There were relatively simple and straightforward. (Note: There was a one set of segments in ecryptfs that I did not attempt to merge.) After that I configured the kernel to include both the Xen extensions as well as the VServer extensions. Booted the new kernel and was up and running. I tested the VServer extensions by creating and starting a VServer instance running SSH. It all worked like a charm.
I am comtemplating creating a single patch of Xen and VServer for the 2.6.22.9 kernel and posting it here if for no one else but myself. Happy virtualizing.
Ubuntu/Debian Dependency Tree
December 31st, 2007The Debian package system has some pretty sweet tools written for it. I came across one of these tools that makes visualizing package depenencies possible. apt-rdepends. You can pass a list of packages to it and it will provide all the dependencies for the packages.
This is cool by itself, but apt-rdepends has an option to output the tree in dotty format. Then using dot, you can create a graphical representation of the tree. I’m included an example image of the LVS dependency tree from my custom Ubuntu image. Read the rest of this entry »
Using a VM to add iptables support to Windows
August 30th, 2007I began playing around with this idea after looking at how Sieve Firewall manager to achieve this. I could never understand how to use Sieve and I also wanted to add web filtering into the mix. Thus I began to develop and try this out. I started out with setting up a VM in VMware Server. I added two nics to the VM. One nic was setup to bridge with the physical nic and the other was setup on one of the unused vmnets (I used vmnet2). You need to be sure to disable the DHCP server for that network device.
From there, I followed this tutorial on freshmeat.net to setup the bridging, ebtables and iptables to setup a blind proxy. Once that was setup I disabled TCP/IP on the physical NIC. I changed the vmnet2 nic to obtain and address via DHCP. In this setup the vmnet2 will be our gateway to the internet (it obtains and IP address from the router’s DHCP server not from the VM). Since vmnet2 obtains it’s access to the internet via our VM, we can then do what we want to the traffic with iptables. In my case I wanted to redirect ports 80 and 443 to a Dansguardian/Squid proxy setup on the VM.
One catch about this method is that you’ll most likely need to have your computer behind a router. The reason for this is that your PC actually will require two IP addresses from the DCHP server. One for the VM and one for the physical PC. Many ISPs won’t hand out multiple IPs for the same household.
There is another way around that problem if you aren’t able to give your PC two IPs for whatever reason. You can setup the VM to be a NAT router instead of bridging. The Windows setup is the same. The VM will need a DHCP server and a DNS relay. It’s a little more overhead, but it’ll work. In my setup I setup iptables to send all incoming requests from outside to the physical PC so that it could be used as it was used before.
The first method I would say is the preferred method but to each their own.
Asterisk + Exchange 2007 != Unified Messaging
August 3rd, 2007So, in my last post I praised Microsoft. In this one I’m going to a little bit of bashing. Hold your applause. 
Those familiar with Exchange know that in previous version, an Exchange Admin user could log into another mailbox via POP3 or IMAP using the Domain\Username\Mailbox Alias. I was hoping to use this to then setup a IMAP storage for voicemails in Asterisk without having to know each users password. Alas, this is not possible with Exchange 2007. I don’t understand why they removed this feature. I have suspicions that it might be related to their own Unity Messaging solution (but I think that just because it thwarted my attempts of getting some of the same functionality without using their solution).
Asterisk + sipX + Exchange 2007 Unified Messaging
July 26th, 2007Now most of the things I discuss on this blog are related to open source. I love open source but I also think that Microsoft has some amazing offerings (thank goodness comments are turned off 
). Today I downloaded the Exchange 2007 virtual machine offered from Microsoft for evaluation purposes. My purpose was to try integrating Asterisk voicemail with Exchange using IMAP for unified messaging. While becoming familiar with 2007 (used 2000 and 2003 previously) I came across the Unified Messaging part of 2007. It is simply amazing. Asterisk’s voicemail is on par with it, it is the auto attendant that I can see some nice value with (if you are running an environment based on Exchange anyway). There is a how to on integrating Exchange 2007 with Asterisk. A SIP proxy is needed since Exchange 2007 only talks SIP over TCP and Asterisk only does SIP over UDP.
chan_mobile…Continued
June 10th, 2007Well, I finally got around to trying out the new chan_mobile channel for Asterisk. To start off, I’ll explain my hardware in use. My phone is a Nokia 6133. I’m using the trunk versions of Asterisk and asterisk-addons (which contains the chan_mobile module). My bluetooth “host” adaptor is a Trendnet TBW-105UB.
The first step (besides compileing Asterisk) was to pair my phone with my Asterisk server. This proved to be quite difficult. I am using Ubuntu Dapper for my OS. Here is my hcid.conf in case anyone had the same troubles I had. Once paired I started Asterisk. I used the mobile search command to find the Bluetooth Address and port for my phone. I then exited Asterisk, added my phone to mobile.conf and restarted Asterisk. Lo and behold, it worked. Asterisk was the “headset” for my phone. Read the rest of this entry »
chan_mobile
May 29th, 2007Not quite two weeks ago a new channel type was added to asterisk-addons. This new channel is called chan_mobile. It allows a user to connect their Bluetooth enabled cellphone or headset to Asterisk. When a cellphone is connected to Asterisk, Asterisk will then handle incoming calls and can also use the cellphone to make outgoing calls. When a headset is connected, Asterisk can send calls to it and possibly originate calls.
I personally find this to be very cool. I just ordered a Bluetooth USB device so that I can try this out for myself. I’ll report back with the results in the near future, hopefully.
Configuration Settings for the LVS Clusters
May 7th, 2007In my last post I suggested that I might find time to post the configurations I used for the test run. Well, I hope to be able to do that this time. I’ll go over the kernel settings I used, the settings for the DHCP server, how the initrd was setup, the settings for PXELinux, and the packages I had installed for the root filesystem.
For the kernel, I used the 2.6.15.7 kernel. I needed to patch it with SquashFS and UnionFS. I turned off support for modules as I was only going to compile the drivers needed for the system. So my network driver and the filesystem drivers were all compiled into the kernel. I also needed to enable DHCP support in the kernel. The actual config file I used is in the ZIP file available at the end of this post.
For the DHCP server, I simply needed to define a subnet to hand addresses out for and then configure options in DHCP. This was simple to accomplish. For the DHCP server, I used dhcpd but almost any DHCP server will do. For my setup, I used the subnet of 192.168.201.0/24. I then set two options in the subnet configuration that tells the PXE client what to download and where to download from. These options are “filename” and “server-name”. The DHCP server config is also in the ZIP file.
I have limited experience with initrds. I did a couple things for the one I used for this one. First was that I needed a way to download the rootfs from the TFTP server. I decided to use curl but didn’t want to have to worry about the libraries for it, so I compiled curl with static linking. I created my own linuxrc that would be run on boot. The linuxrc handles downloading the rootfs, setting up the root with unionfs and then initiating the init process on the newly mounted rootfs. It could probably be more robust, but it works for my purposes. I’ve attached the entire initrd I used.
For PXELinux to be usable, I needed to install a TFTP server. I used the tfpd-hpa server and left it will default settings. I downloaded PXELinux and copied the file pxelinux.0 to the TFTP server root location. Also note, that the kernel, initrd and rootfs need to be copied here as well. I created a default config file for PXELinux and placed it in the TFTP root location in a directory called pxelinux.cfg.
The last thing to finish up is to create the root filesystem. I used a stripped down version of Ubuntu for my filesystem. I started by using debootstrap. I then customized it to reduce the size. Once I had that completed, I used mksquashfs to then create my “image” for the rootfs. I’ve placed a list of packages in the ZIP file for those interested.
Here is the ZIP file I promised. Have fun.
LVS (IPVS) Clusters Continued…
March 19th, 2007Okay. So it’s been a while since I’ve written about my idea of how to manage and LVS cluster, but with good reason. That pesky thing called school came around and detracted from the project. Now that I’m graduated, I’m starting back into my old projects. While not a whole lot has progressed with this project from when I last wrote, I did have to go and relearn what I had learned before. With that in mind, I decided that I should write some of the details so that I don’t have to do it all over again. Read the rest of this entry »