Jast Another (VMware) Backup Script (JABS) public release
I finally convinced my friend Toccio to release JABS in the public. JABS, Jast Another Backup Script, is a very handy backup script for VMware ESX and VI3 (I’ve not yet tested on 3i, dunno if it will work).
I’ve worked for severals years with VMBK from Max Daneri, but Max is not developing his script any more, and it has been written before the VCB era (in the old ESX 1.x and 2.x funny days 
).
I’ve also tried another good script, VISBU, from Alex Mittell, but setting up different backup sessions was not so simple as with JABS.
JABS is a Bash script to schedule backups of Virtual Machines, mainly to be exported to NAS folder. The nice feature of Jabs is that you can define different”sessions” in the configuration files, using for example some pattern of the “display name” of the VM, and JABS will prepare all the necessary vcb* commands for you, sending a nice email report.
You can find more on Jabs here on Toixland.
((enjoy))
SVN LDAP Authentication on Apache
Thanks to this link I’ve successfully implemented the LDAP Authentication against a Microsoft Active Directory LDAP for Subversion Access via Apache2.
Thanks to the power and flexibility of Apache the configuration is really straightforward.
Install and configure Apache to serve the URL of the repository you want, for example https://svn.mydomain.com/ (SSL is preferable to clear text http).
Enable the DAV modules and the authnz_ldap extension.
Create an account in your AD to get access to the Directory (in this example ldap.svn). Create a Group in your AD (in this example SVNAllowed) where place the SVN-enabled users.
Add to the configuration of the Virtual Host this block:
<Location "/">
LDAP Auth
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "My SVN Repository"
AuthLDAPURL "ldap://dc.mycompany.com:389/DC=mycompany,DC=com?sAMAccountName?sub?(objectClass=*)" NONE
AuthLDAPBindDN "ldap.svn@mycompany.com"
AuthLDAPBindPassword XXXXXXXXXXXXXXXXXX
require valid-user
</Location>
<Location /svn>
DAV svn
SVNParentPath /svn
SVNListParentPath On
# Check if the user is in this LDAP Group:
require ldap-group CN=SVNAllowed,CN=Users,DC=mycompany,DC=com
</Location>
And you are done!
Now every access to https://svn.mycompany.com/ will be authenticated against the AD backend. Access to https://svn.mycompany.com/svn/YourProject will be accessible only by the users in the group SVNAllowed.
You can also define fine-grained access to some repository (not included in this example).
Beware that Apache’ mod_ldap will cache the user credentials for a default value of 600 seconds. See the manual page of the module for more options.
((enjoy))
Ubuntu 8.10 on HP EliteBook 8530p
Back to posting some useful stuff with my new PC, an HP EliteBook 8530p (model number FU617AW).
Ubuntu 8.10 64 bit is working like a charm on it.
My configuration is the following:
- Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
- 4 GB of DDR2 RAM
- 250GB SATA HDD at 7200 RPM (the model from hdparm -i is ST9250421AS)
- Screen 15.4” WXGA & WSXGA+ Widescreen
- ATI Mobility Radeon HD 3650
- Ethernet, 802.11abgn. Bluetooth
The only small quirks are the following:
- in the BIOS you *MUST* switch off “Fan Always on while on AC Power”, otherwise the kernel will not boot. Upgrade to the latest firmware version F.06.
- to make work Skype I followed this excellent guide. The configuration of the Sound Device is: Sound in=HDA Intel, Sound Out=pulse,Ringing=pulse
- VMware Workstation 6.5 64 bit works very fine, be sure to invoke “vmware-modconfig –console –install-all” if you upgrade the kernel. Besides, put this line “xkeymap.nokeycodeMap = true” in your ~/.vmware/config file to make work the keyboard inside the VM in Windows XP.
- if you experience annoying Video flickering while playing videos with Totem or VLC, run “gstreamer-properties” from a shell, and in the Video Tab select ‘X Window System (No Xv)’ for the Default Output Plugin, click Test and all should be well.
I’ll update this post for any relevant news.
((enjoy))
Smart and Simple Mail to SMS Gateway
This is a simple guide for configuring a simple (but smart ) Mail to SMS gateway. It is based on the FOX BOX platform for sending out SMS. You will need a Linux server with the Postfix MTA configured. Besides, you will need at least the following additional packages:
- mimedecode
- lynx
- URLENCODE.sh shell script by Heiner Steven ( heiner.steven@odn.de) to perform TEXT to URL encoding transforms
- formail which is part of the procmail package
You will be able to send an email to an address like smsto+YOURNUMBER@smsgw.yourdomain.com and it will be automagically converted as an SMS containing the sender e-mail and the subject. This implementation is partially derived from this article.
The destination number must be in the form CCNNNMMMMMMM, with the country code (CC) explicit.
Configure your mail system in order to deliver mail for the smsgw.yourdomain.com through the Postfix box (dedicated server, virtual domain, what ever you prefer).
On the Postfix server make sure that it is configured to use procmail as MDA and that you have the recipient_delimiter defined like this (in /etc/postfix/main.cf):
mailbox_command = procmail -a "$EXTENSION" recipient_delimiter = +
Next create a normal Unix account named “smsto”. Next configure procmail for this account with the following recipe:
PATH=$HOME/bin:/usr/bin:/bin:/usr/local/bin:.
MAILDIR=$HOME/Mail # You'd better make sure it exists
DEFAULT=$MAILDIR/mbox
LOGFILE=$MAILDIR/log.`date +%y-%m-%d`
LOCKFILE=$HOME/.lockmail
VERBOSE=yes
SMSDEST=$1
:0
{
:0 c
| formail -c -X From: -X Subject: | \
mimedecode | $HOME/bin/convert2sms.sh $SMSDEST
:0
received
}
Next prepare the following Bash script in $HOME/bin of the smsto user:
#!/bin/bash
# for debugging
# set -x
if [ $# -ne 1 ]; then
echo "$0: Please specify the destination phone number (39XXXYYYYYYY)"
exit 1
fi
# Path to urlencode.sh script
URLENCODE=$HOME/bin/urlencode.sh
# Path to Lynx
LYNX=/usr/bin/lynx
# Where we save the output read from Formail
TEMPFILE=/tmp/smsto.$$
# Clean up when done
trap "/bin/rm -f $TEMPFILE" 0 1 2 3 15
# TODO: check the right pattern of the number
PHONE=$1
while read line; do
echo "${line}" >> $TEMPFILE
done
# In $TEMPFILE we expect something like this:
# From: some1@somewhere.org
# Subject: the mail subject
# With tr we strip the " char (bug in FOX BOX UI)
# With cut we trim down the size of the field
# We want to stay in the 160 char limit of SMS messages
FROMLINE=`grep -i ^From: $TEMPFILE | tr -d '42' | cut -b -40`
SUBJLINE=`grep -i ^Subject: $TEMPFILE | tr -d '42' | cut -b -117`
logger -i -t SMSTO "$FROMLINE"
logger -i -t SMSTO "$SUBJLINE"
MESSAGE=`echo $FROMLINE \| $SUBJLINE | $URLENCODE`
logger -i -t SMSTO "$MESSAGE"
# Prepare the URL
SENDURL='http://srv-sms/source/send_sms.php?username=Admin&pwd=PASSWORD\
&from=smsgw@yourdomain.com&nphone='$PHONE'&testo='$MESSAGE
CMDS=`$LYNX -dump $SENDURL >/dev/null`
exit 0
Substitute your SMS BOX Admin password in the SENDURL variable. It is still rudimentary since some sanity checks are missing, but it works for me. YMMV.
((enjoy))
VMark on 16 cores: AMD vs Intel
At least AMD has released its Quad-Core Opteron CPU and we also have a comparison in term of VMark.
It seems that 16 cores AMD Opteron 8360 SE @2.5 Ghz have a better overall score than 16 cores Intel X7350 @3.0 Ghz (both on DELL Platform R900 and R905).
The VMark Results are here.
((enjoy))
VMware Virtual SMP: the more not always is the better
An interesting post from vmware.com performance blog about the scheduler of VMware ESX and the so called “Simultaneous scheduling”.
It’s an ineresting proof of the fact that adding more vCPU to a VM not always take you the expected benefit.
As an aside note, in this post there are interesting considerations about the scalability in term of performance of Web servers.
((enjoy))
Neo FreeRunner and OpenMoko: a new phone era?
The Neo FreeRunner is going live for production in these days and will be distributed in Europe in the next weeks. I’m very happy about this!
There is an enthusiastic post on the OpenMoko Announce list from Sean Moss-Pultz, the title is “Let us impact the material world”, it’s really worth reading.
I wish a big success to this project, it will be the next Linux based device on my wish-list 
If you’re italian and you are interested to get this device in your hand, you can get more info here:
((enjoy))
SAN Migration and Linux Storage Device issues
The scenario is the following:
- SAN migration from an old EMC Clariion CX-500 to a new CX3-40
- 2 Linux RedHat 3.0 AS and Oracle RAC 9.2 with OCFS 1.x
The goal is to migrate all the Oracle Data partition (1 LUN in this case) to the new SAN using EMC SAN Copy.
All the host will be powered off (yes we can live with this…).
The main issues are the following:
- PowerPath will mess up the device naming. If your device on the old SAN was seen as /dev/emcpowera, when you connect the hosts to the new SAN it will probably see the LUN as /dev/emcpowerb. To correct this problem the trick is the following:
- Stop PowerPath
- cd /etc
- mkdir /etc/EMC_BACKUP
- /bin/mv emcp_devicesDB.dat emcp_deviceDB.idx powermt.custom /etc/EMC_BACKUP
- Restart PowerPath (this will recreate the files you have moved above)
- powermt config
- powermt check
- powermt display dev=all (here you should see your LUN again as /dev/emcpowera)
A really strange issue that happened to us, is that we have to force the link speed on the new 4Gbps FC switch to 2Gbps, otherwise the lpfc Linux Driver was unable to correctly detect all the I/O devices (the HBAs are quite old Emulex LP9002). May be that some lpfc_* parameter to the module was missing, but there wasn’t the time to investigate further (and documentation about this is lacking IMVHO…).
((enjoy))
SAN Migration and VMware issues
The scenario is the following:
- SAN migration from an old EMC Clariion CX-500 to a new CX3-40
- Several Vmware ESX 3.x nodes all with 2 HBAs
The goal is to migrate all the VMware LUNs to the new SAN using EMC SAN Copy.
All the host will be powered off (yes we can live with this…).
The main issue is that when we connect the ESX host to the new SAN, the ESX hosts will see all the LUN as snapshots and will disable access.
The message in /var/log/vmkernel should be similar to this:
Jul 1 12:58:59 esxnode00 vmkernel: 0:01:00:22.568 cpu15:1045)ALERT: \ LVM: 4903: vmhba2:0:6:1 may be snapshot: disabling access. \ See resignaturing section in SAN config guide.
This seems to be the Right Way to solve the problem:
- Be sure that only 1 node has access to the LUN and no other node is writing to the LUN involved
- From 1 node, in the Advanced Settings enable LVM.EnableResignature
- Rescan all HBA
- All the LUN will be renamed to /vmfs/volumes/snap-NNNNNNNN-ORIGNAME
- Reset LVM.EnableResignature to 0 (this is REALLY IMPORTANT, you risk to get corrupted VMFS data)
- You have to register again all the VM since the UUID is changed
You can also use the option AllowSnapshot, but in this way you will keep the old UUID, and I dont like this; I think that this option should be used on a DR site.
A really interesting document (PPT) about all this is here.
((enjoy))
Postfix Maildir Procmail Quick Ref
[Quick Reference]
To enable Maildir support with the Postfix MTA:
/etc/postfix/main.cf home_mailbox = Maildir/ mailbox_command = procmail -a "$EXTENSION"
then:
/etc/procmailrc DEFAULT=$HOME/Maildir/
Obviously you must have a good POP3/IMAP4 Server (dovecot, Courier, it’s your choice .
Enjoy
La fibra che ride
