Saturday, August 28, 2010

Success - ESXi 4.1.0 installed!

It took a bit of experimentation but ESXi 4.1.0 is now running on an ancient (4 year old) HP.

A direct install of ESXi 4.1.0 on my old HP kept erroring out (couldn't access the SATA storage). An attempt to build a custom install disk, reusing the oem.tgz file, didn't work. Building yet another oem.tgz file was obviously going to be the method-of-last-resort because it's been a year since the last time and that involved two days of trial and error.

So, finally, I broke down and started reading the forums.  Surprise!  VMware has an upgrade bundle for moving from 4.0 to 4.1.  I downloaded the zip file, put the test system in maintenance mode, and ran the esxupdate tool on the command line.  It installed without a hitch.

Same for the house server.  It's now running 4.1.0.  I was anxious that it'd replace all of the drivers (the house server was built using last year's custom install disk) but it appears that it didn't touch any of those.  The hypervisor can still see both datastores and can still access the network.

Note to self: If you have to install this again, remember that the system needs to be put in maintenance mode BEFORE attempting to run esxupdate.

Note to Dave: I think that the 4.0 custom disk is the same one that we used to build your system.  This should be a quick upgrade to your system, too.

Thursday, August 26, 2010

Going virtual

With the purchase of the Acer Revo, I believe it's time to virtualize the house server.  Running a single instance of Ubuntu on the current hardware is a bit underkill in that it has 4G of memory and 2+ TB of storage, most of which isn't employed.

It is painful to stop using MythTV but it frees up the display that I was using with it.  This blow is softened by my wife having acquired a DVR to act as a replacement.

Another reason is that the third class on virtualization (actually storage for virtualization) is about to start and I want a system at home so that I can keep up with the class.

Things to do first:
  • back up everything!
  • figure out what a 4.0 to 4.1 upgrade will break
  • install the new drives (upgrade to 4 TB)
  • break it gently to Sparks that I'm going through yet another system upgrade (he gets annoyed that I do this every two months or so), though it'll minimize future down-times as VMs can be built before others are taken offline
  • determine if 4.1 can be modified to include needed drivers (the 4.0 install did) (my NICs are older)
  • get FreeNAS installed

The tricky part is going to be efficiency.  While I could build a single server VM which runs everything, it makes backups difficult.  I think it'll be easier to manage if I can create a number of very small servers, dedicated to specific tasks (Icecast, Squid, etc.).

Ideally, they should be started and stopped on demand.   I need to do a bit more research on this. I think the problem is going to be that VMware has limited the command line functions to "read only" for the free versions of ESXi.  I'll keep you posted.

Wednesday, August 18, 2010

Getting LDAP running on Ubuntu 10.4

Everyone and their sister has a howto for getting LDAP running on Linux.  Unfortunately, most of them are either outdated or just plain crap (with a nod to the Linux Outlaws).  Fortunately, just last week, AlbanianWizard has posted a script and a mini-howto for getting LDAP running on Ubuntu 10.4.

I'll post my notes in the wiki shortly.  The one thing that I'd add to AW's work concerns the installation of phpLDAPAdmin.  He left out that, if you change the container, you'll need to edit /etc/phpldapadmin/config.php.  Basically, look for the uncommented lines which contain "dc=example,dc=com" and change the values to whatever you used in building your directory.  If you don't, phpLDAPAdmin will always try to access and will error out, even if you change the domain on the login screen.

Tuesday, August 17, 2010

Ntop on Ubuntu 10.4 (revisited)

Dave reminded me of one other issue that we were having in getting Ntop up and running: Initially, we couldn't get the web browser to connect to the service.

The issue turned out to be the firewall (the ufw service). You'll need to allow port 3000 (or whatever port you used for Ntop if you didn't use the default). Tell ufw to allow TCP packets on port 3000 via:

  sudo ufw allow 3000/tcp

The above, and other ufw commands, can be referenced on the Ubuntu Community ufw page.


Saturday, August 14, 2010

Ntop on Ubuntu 10.4

The online docs for getting Ntop to run on Ubuntu 10.4 are a bit messy.  In truth, installation involves only a few simple steps:

1) Install ntop via "sudo apt-get install ntop"

2) Set the admin password via "sudo ntop --set-admin-password"

3) Start the ntop service via "service ntop start"

4) Point a browser at http://localhost:3000

Monday, August 9, 2010

Shooting self in foot?

Just tried out the free Windows Live Web tools and ran across something odd.  Up front, let me state that I'm running Google Chrome on Ubuntu 10.4.

Getting an account was easy, as was accessing the main page.  However, with the default settings in Chrome, I cannot access any of the tools (Word, Excel, etc.).  The browser keeps complaning that the certificate for the web site has been revoked.  In looking at the certificate, the CRL is hosted on a Microsoft server.

Has anyone else noticed this?  Is it a new thing?

Oh, and yes, I can access the tools if I turn off CRL checking (not a good idea for the security concerned).

Sunday, August 8, 2010

Moving status

The majority of the 757 blog has been taken down.  There's still a few functional pages there.  I'll leave them up while I finish transcoding the wiki from MediaWiki to PmWiki.

Friday, August 6, 2010

Why, Best Buy? Why?

Hmm... For some reason, Best Buy thinks that this site is associated with malware.  I went in to look at the iPad.  They had a couple demos going.  I picked one up, typed in the address for this blog, and promptly received a "Blocked.  Site is associated with malware" error.

At one point, this blog was associated with malware analysis (the posts are in the archive).  I've been too busy (for years) to touch much on the topic.  I wonder if I'm a victim of my own nosey-ness, anywhere else...

Wednesday, August 4, 2010

Shmoocon 2011

(*sigh*) I haven't finished recovering from Shmoocon 2010, not-so-closely followed by SELF 2010, and they're announcing Shmoocon 2011 already!?!

Monday, August 2, 2010


Managed to get two IRCd-Hybrid servers talking to each other.  Lessons learned:

  • DNS entries (forward and reverse) are a must.  Host table lookups weren't working.
  • The OPER password has a not-safe-for-production work-around (ask me sometime).
Hint: The second issue gave me headaches for days, until I downloaded the source tarball and looked at the sample config file.