Cademuir

Recently out broadband usage seems to have gone up quite significantly. This, naturally, has been blamed on me. And the Mac. As Min put it “this only became an issue since the mac came into the house!”.

Now you can log into the web interface of the Voyager and get the bytes since it connected. You can also reset some network traffic counters in Status -> Traffic Stats, but none of these really give you a feel for whats happening over time. Enter MRTG. I’ve been using MRTG to monitor traffic on interfaces since college and it’s very good at it. By default it will communicate with a device by SNMP, however the Voyager does not appear to have an SNMP daemon.

Thankfully MRTG can also execute a command to get its data.

You can log into the Voyager using ssh with the admin user and your admin password. This gets you to a very basic shell but one thing you can run is ifconfig which will report on the network interfaces in the box including their TX and TX byte counts.

There doesnt appear to be an easy way to set up public key authentication with the voyager so I fell back on some old school tricks for automating logins – perl & expect.

This expect script will log into the Voyager and get your ifconfig output:

#!/usr/bin/expect -f
spawn ssh admin@IP.OF.YOUR.ROUTER
expect "password:"
sleep 1
send "YOUR-PASSWORD\n"
expect "> "
sleep 1
send "ifconfig\n"
expect "> "
send "logout\n"

Next we need to grab the counters from there in a way that MRTG will understand. That is the recieved count on the first line, the transmitted count on the second, uptime is the third and the name is the fourth (mrtg docs). I just use the first and second. ppp_8_35_1 is the interface I need on my router, yours may be different. This perl script calls the expect script above to get the data.

#!/usr/bin/perl

my $flag=0;

@op=`/rusr/local/bin/bt.expect`;

foreach $_ (@op) {
    if ($_ =~ /ppp_8_35_1/ ){
        $flag=1;
        next;
    }

    if ($flag == 1 && $_ =~ /RX bytes:(\d+).*TX bytes:(\d+)/){
        print $1."\n";
        print $2."\n";
        print "0\n";
        print "0\n";
        last;
    }
}

Next we need a configuration file for MRTG. Mine is below. The various options are explained in the mrtg docs

EnableIPv6: no
WorkDir: /var/www/mrtg

Interval: 5

Title[ppp]: Network traffic (ppp)
PageTop[ppp]:
<h1>Network traffic (ppp)</h1>
Target[ppp]: `/usr/local/bin/gettraffic.pl`
Unscaled[ppp]: n
WithPeak[ppp]: ymw

It’s the just a matter of setting up a cron job for MRTG to get the data every 5 minutes:

0,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/bin/mrtg /usr/local/etc/bt.cfg > /dev/null 2>&1

Over the course of a few hours you’ll see the patterns in your usage:

At Home I run windows 7 on my laptop. And in order to run Opensolaris I use virtualbox. Virtualbox in case you dont know about it basically allows you to run an operating system within your main OS. You can also run windows on an opensolaris machine for example.
I had fallen behind a bit with my virtualbox and opensolaris versions so decided to upgrade everything over the past couple of days. First I upgraded virtualbox to 3.1.4 then Opensolaris to build 132. And my graphical login failed to work. Here’s the error from the X log:

(II) LoadModule: “vboxvideo”
(II) Loading /usr/X11/lib/modules/drivers/vboxvideo_drv.so
dlopen: ld.so.1: Xorg: fatal: relocation error: file /usr/X11/lib/modules/drivers/vboxvideo_drv.so: symbol resVgaShared: referenced symbol not found
(EE) Failed to load /usr/X11/lib/modules/drivers/vboxvideo_drv.so
(II) UnloadModule: “vboxvideo”
(EE) Failed to load module “vboxvideo” (loader failed, 7)

Alan Coopersmith helped me work out what was going wrong here. When you install the guest additions on virtualbox they create an xorg.conf file. The existing conf file I had from build 127 and VB 3.1.1 worked fine, and build 127 with vb 3.1.4 worked fine. But due to changes around Xorg 1.7 things broke when I upgraded opensolaris to build 132 – even though virtualbox has support for this.

The solution?

• Remove the guest additions package.
• Remove the xorg.conf file
• Re-install the guest additions
• Reboot

All works fine now!

I’ve just installed windows 7 on my laptop. Heres what else gets installed:

Firefox (and firebug and delicious plugins)

Virtualbox

Cygwin

Tweetdeck

itunes

picasa

Sony Vegas Movie Studio

Filezilla

AVG Anti Virus

GSAK

Garmin Mapsource

Gimp

Google Earth

And when I find the install disks (!) :

Canon Digital Photo Pro

Starry Night

We’ve had some eventful days. We had fun and we kicked butt as Scott would say. We changed the world. We were part of the greatest technology company the world has ever seen. We changed computing forever – repeatedly.

And in a few minutes we’ll learn what the future holds with Oracle. I hope Oracle is ready for Sun!

hello world

Opensolaris users may be familiar with browsing repositories in firefox. To look through the latest Develpoment repo for example you just open up http://pkg.opensolaris.org/dev in your browser.

Things are a little more complicated for the extras and support repos though.

Firstly you need to register to get access to these repos. Anyone can get access tot he extra repo, only supported customers can get access to the support repo. Go to http://pkg.sun.com/register and follow the instructions there to get your key and certificate and verify that you can connect to the repo through the pkg command.

To set up firefox to be able to browse the repo take a little more work. Danek Duvall from the IPS team provided these instructions on how to do it:

Run:

openssl pkcs12 -in /var/pkg/ssl/OpenSolaris_extras.certificate.pem \
-inkey /var/pkg/ssl/OpenSolaris_extras.key.pem -export > \
/tmp/OpenSolaris_extras.certificate.pkcs12

In the case of the support repo use the support key and cert in place of the extras ones above instead. That will prompt you for a password with which to encrypt the pkcs12 file.

Now in firefox add the  pkcs12 file: Edit -> Preferences -> Advanced -> Encryption -> View Certificates ->
Your Certificates -> Import -> choose file (/tmp/OpenSolaris_extras.certificate.pkcs1) -> enter password.

Then point your browser at https://pkg.sun.com/opensolaris/extra/ (or https://pkg.sun.com/opensolaris/support for the support repo).  There’s
a dialog box that pops up saying that the site has requested you identify
yourself with a cert, and gives you a list of possible certs to use.
Choose the right one, click OK, and then you can browse the repo.

I hit an interesting problem tonight with jumpstart. Or old timeserver has gone away and the jumpstart clients are now going into interactive installs asking for the user to set the time. We rely heavily on automated installs so this needed to be fixed.

The solution was obvious I thought. I’ll just set up one of our servers as a ntp server and tell the jumpstart clients to query that in the sysidcfg files.

The only problem is that jumpstart doesn’t query ntp. After snooping on the server for a while it was clear that the packets reqesting the time were not NTP, they were TIME.

Heres how I diagnosed it.

First snoop the install.

snoop -v -o /tmp/snoop.op clientname

Then once your install has gone interactive you can convert that to a readble format:

snoop -i /tmp/snoop.op -v > /tmp/snoop.op.as

Examining the file you can find the time request:

TCP:  Source port = 32773
TCP:  Destination port = 37 (TIME)

<snip>
TCP:
TIME:  ----- TIME:   -----
TIME:
TIME:  ""
TIME:

So, whats port 37 exactly? /etc/services tells us that the time server runs there. (duh!)

The service that runs this is in Solaris 10 svc:/network/time:stream

On solaris 10 you need to do

svcadm enable svc:/network/time:stream

To check that is working ok you can telnet to the server and see if you get any output; if its not running you will get connection refused. This is basically what your jumpstart client is doing.

$ telnet patchtest-231 37
Trying 129.156.231.103...
Connected to patchtest-231.
Escape character is '^]'.
���Connection to patchtest-231 closed by foreign host.

We are now back to fully automated jumpstart installs!

Recently I had a discussion with some folks about ways to identify
change in a workspace. In particular if there were ways where we could
judge the risk associated with changes without needing to know the
specifics of the changes or being told by the engineers.

In Opensolaris for example there are flag days. These coincide with
putbacks where a project team has identified major change and tells you
about it. We have something similar for Solaris Update releases.
Sometimes this is great, if there is a big zones or zfs change for
example we know to check patching extra carefully on systems using
zones or zfs. However this isn’t always enough. Every now and again
there will be a putack that causes a regression somewhere and catches
us all by surprise.

Before getting to involved in looking into this problem in detail we
did what all good engineers do. Go and see if someone else has solved
the problem already! And that’s when I got distracted. You see I started
wondering if there was some way to visualise the changes to a workspace
and literally see where risk was introduced.

That led me to Michael Ogawa’s page. There he has
several videos produced from code swarm. In the videos the names of the
engineers are displayed and the files that they are hanging are
represented by dots that swarm around them. Now while this isn’t really
what I started out looking for it does allow you to see the number of
files changed over time. More importantly Michael’s videos looked cool
so I thought I’d give it a go for Opensolaris.

Codeswarm is available from http://code.google.com/p/codeswarm . It will generate lots of png files which you can then use ffmpeg to make into a movie.

There was one problem though; it doesn’t work with mercurial workspaces
out of the box. However  Baptiste Lepilleur worked out a way to get a
compatible xml file from a mercurial repository.

Anyway here are a couple of videos I made. The first is of the Image
Packaging System. The music is from Dom The Bear (CC by-sa)

Image Packaging System Code Swarm.

Next up the ON gate! Music this time from Alexander Blu (CC by-sa). Vimeo will
only let me embed the SD version here – visit it’s Vimeo page if
you want to see the HD version; its worth watching in HD imo. While you are there you can search for
other code swarm videos – there are nearly 100 up there.

Opensolaris Code Swarm.

It started with a question: How can we inspire people to take action on climate change?

The answer: Ask the people of Sydney to turn off their lights for one hour.

On
31 March 2007, 2.2 million people and 2100 Sydney businesses turned off
their lights for one hour – Earth Hour. This massive collective effort
reduced Sydney’s energy consumption by 10.2% for one hour, which is the
equivalent effect of taking 48,000 cars off the road for one hour.

On
29th March 2008 we’re doing it again WorldWide! Friends of the Irish
Environment and the Irsh Light Pollution Awareness Campaign are asking
everyone to do their bit for the environment and turn their lights off
for one hour on March 29th.

In Ireland te event will take place from 9pm to 10pm
rather than from 8-9pm. This is because at Ireland’s latitude it won’t
really be dark by 8pm so in order to see the difference in the night
sky the event will start at 9. Astronomical Societies around the country will be holding events so please be sure to check for details at www.irishastronomy.org/boards.

We need all of you, across the world, not just Ireland, to turn non essential lights off for this hour. Do you really need your porch light on? Does your building really need to be floodlit? And longer term you can think about whether your security lighting is really efficient. Does it allow light to spill above the horizon causing light pollution? Is the bulb too bright for the purpose? Are you using a motion sensor to ensure the light  only goes on when needed? Have a look at the Institution of Lighting Engineers document on Domestic Security Lighting to see how best to use security lighting.

 Heres what the Lord Mayor of Dublin, Councillor Paddy Bourke, had to say about Earth Hour when he announced Dublin’s participation:

"Earth Hour is an international campaign and Dublin
is one of the latest cities to get behind this important event where on
March 29th all non-essential lights will be switched off for an hour. This
campaign is important and everyone from citizens up to Government has a
duty to do what they can against global warming. It is up to us all to
do what we can to reduce our CO2 emissions. Through one simple action,
turning off our lights for an hour, we can deliver a powerful message
about the need for action. I am thrilled that as
Dublin Lord Mayor I will be leading our capital city in its
participation in this international event. It was estimated during the
Sydney Earth Hour last night demand for electricity dropped by 10 per
cent. It would be fantastic if we could do the same in Dublin. I would urge businesses and homes to join in and take part in the campaign."

Earth Hour in Ireland is fully supported by the Irish Light Pollution Awareness Campaign. For further information on the project in Ireland please contact the Friends of the Irish Environment. For global information please visit www.earthhour.org.

Finally here is the promotional video for Earth Hour. Enjoy!

Recently my Manager started blogging. Despite my initial cynicism it’s actually turning out to be a pretty good blog, and the comments are great.

Communication about patches is an area that Sun could improve in. What they are, how they are created, how they can be installed, when they can be installed, and when and what you should patch are all areas that I’ve received customer queries about.

Patch Automation Tools is Gerry’s most commented post to date. And I’m not surprised. And to be honest I agree with most of the comments – pca is damn good. Hopefully Sun Connection Satellite will be a big improvement on previous offerings.