It was pointed out recently that I haven’t written anything here in almost a full year… well, as you might expect a fair bit has changed:
Firstly, I bought a house and moved ~400 miles. There was a lot to this decision, clearly. I don’t speak a word without thinking through the repercussions, so something of this magnitude was carefully considered.
My two oldest offspring (the ones living with me full time) have graduated high school, and moved on to their own lives, mostly.
It’s been a while, but I haven’t found anything interesting to write about lately. Until last week, when I got this message in Mattermost PM from our CTO guy:
“I’m about to create a ticket that I think will be fun for you (and its something strategic we need within the next several weeks). Go start looking at Terraform”
I’d already looked at Terraform some two years ago when I was evaluating automation tools for use at the day gig, things to help with the increasing tedium of recurring tasks on a growing number of systems in various locations around the world.
I’ve come to amend a lot of my previous thoughts about Microsoft, especially since Win10/Srv2016 came about and undid a lot of the buggery that previous iterations spawned, to say nothing of the newfound love for various Linuxes by Azure etc.
But the news that Microsoft is buying GitHub is… concerning. Fresh in my mind still is the long history of vitriol from Microsoft’s mouth about the open source world; a world that has massive roots in GitHub’s clusters; even entire code languages whose package management depends entirely on GitHub.
“And in the fullness of time, on the last day of the promised Q1 2018, lo did Olivier deliver unto the world the primal release of XCP-ng.
And the sysadmins at large saw, and said “It is good.””
The promised day has come and gone, and left us with the first release of XCP-ng! I was a little late to the game to be on the “official” mirrors for this initial drop, but I’ve also got the .
or Shitty City; bang, bang.
Like a lot of sysadmin type folks machines are fascinating to me, including the ever controversial firearm. Shooting sports has always been an interest of mine, my family were outdoorsy types and always had them for both food gathering and defense. Living in Texas enables, nay encourages (almost requires) this hobby, as does having lived / worked in remote or sketchy enough places that your life might literally depend on them from time to time.
In part one of this little series, I covered in some detail my investigation of oVirt as a potential replacement for XenServer in my environments. While I feel it is a very robust product, the lack of functional .ova import / export is a deal breaker for most of my use cases, since the day job has a lot of developers that depend on that.
Today, we’re going to look at Proxmox VE, another KVM/LXC based platform but based on Debian this time instead of CentOS.
Regular readers will remember that I’m still pissed at Citrix for some of their recent product feature level decisions; and I’m not alone. I’ve updated my last post with some early info on XCP-ng already, but it’s very early days there, so there’s no real certainty of when it will come about.
To that end, I’ve been re-visiting some of the various other platforms I’ve used over the years for headless server virtualization.
Update Dec 30 2017
The open-source world has responded to this egregious action by re-awakening the old XCP program under a new name, XCP-ng.
I'm all for this, and will be watching closely and helping them out any way I can. Anyone else that has the personal bandwidth is encouraged to do so as well.
After using the open-source Xen hypervisor for a while, I moved to XenServer and loved it for years.
As I digressed in my last post, virtualizing pfSense wasn’t as difficult as I expected. From what I’d read online I was afraid it would have some adverse affect on network performance, especially considering most of my “infrastructure” is reclaimed, second-hand, or otherwise cast-off from production use.
It fully appears, however, that these fears were unfounded (standard Spectrum cable, don’t judge):
Physical 32bit Xen Virtualized 64bit Barely noticeable, and honestly well within the standard variance of such types of throughput tests.
In my last post, I briefly rambled about my early hands-on with FreeBSD. Today I’m going to expound a bit, and maybe show some pictures. Saucy!
Since my early experiments in VirtualBox showed such ease and promise, I found some physical hardware to continue with:
That’s TrueOS installing all right, on the powerhouse that is the Acer AspireONE Netbook. This mighty beast has a quad-core Atom CPU, with a full 2GB of RAM.
For lots of reasons, lately I’ve been pretty interested in the various BSD variants, notably FreeBSD. This has a lot to do with my current choice of firewall software (pfSense) being based on it, which thanks to recent changes I’m looking at virtualizing instead of running dedicated hardware for. More on that later, I think.
I’ll admit, I’ve always seen the BSD family as better suited to embedded-type applications, probably largely due to pfSense being my primary exposure to it.
Like many around this time of year, I tend to become more introspective. This is, I suspect, due mainly to my family’s history of alternative religious beliefs as well as the general human tendency to review, reflect on the past year as it draws near a close.
This personal review process involves reading things I’ve meant to read, and in general catching up on filling my soul (for lack of a better word) instead of my technical portfolio.
I’ve spent a long time (feels like a really, really long time), ultimately making cash for someone else, in exchange for a very small fraction of the same. I’ll admit, what I do doesn’t directly make money for any company; rather I create and streamline processes and tools that let those direct earners and producers do their jobs, thus making measurable monies.
Sometimes, I tell myself I do it so I can feel busy.
Giving Boston a real chance When we first got to actual Boston a couple of days ago, we drove around a little to check out the city and get a feel for things.
That kinda sucked. Narrow streets, being tired from the drive up, other terrible drivers, and unfamiliarity with the layout combined to make it pretty stressful.
Today however we decided to give it a real chance, and went to find some bits of the Freedom Trail.
Yale is impressive… Connecticut is beautiful, no doubt. We drove along a river, through little towns with hillside homes and restaurants that are so very different from what we’re used to in Texas. As an added bonus, it wasn’t 100+ degrees, so we could (and did) drive with windows open and arms poked right out, literally touching this New World.
We spent the night in a hotel right on a small inlet off of Long Island Sound, and had the smell of the salt water and the sound of boats all night.
Road Trip, part the first
We started by passing through the familiar territory of East Texas, and Arkansas, which was pretty uneventful. Then, we crossed the Mississippi river to our first overnight stop in Memphis, including some Beale street BBQ for dinner and a little sight-seeing:
Many, many, many miles of Tennessee later, including stopping to pick up a rock that a roadside cliff-face discarded as a souvenir, our second overnight was in Roanoke, VA; against the advice of several family members that think it’s dangerous somehow, because of a TV show and because it mysteriously vanished at least once in its history… we were fine though.
I run Archlinux on most of my workstations, including the trusty Lenovo t420 that I carry around. It’s been an amazing little tool, and remarkably functional for close to 6 years now. Try that with a freakin’ Macbook.
Anyway, recently I noticed that it would occasionally freeze right after waking up from suspend to RAM, but only the second time I suspended it after a cold-boot. The first suspend/resume cycle would work just fine, but on the second resume it would wake up the display then immediately freeze, no mouse movement, no TTY switching, nothing.
Building out an InfluxDB host for metrics collection is pretty straightforward, even piping things into it from various sources isn’t difficult, thanks to the multitude of plugins available out of the box, including some very handy SNMP gathering that I’ll likely go into later when the mood strikes and I have more time. I did exactly this at the day gig not long ago to replace the bulky, somewhat cumbersome check_mk based monitoring I initially set up when I started here (they had nothing in place, except for a few broken zabbix clients, no collection point).
So long, involved story about an offspring getting invited to some thing and overspending quite a bit to cover things short; I’m gonna drive from Dallas to Boston this summer.
I haven’t taken a real vacation in years. I don’t know if I remember how. It’s all been work for the last three years at least; before that it’s honestly hard to remember. Probably should get that checked out.
Anyway, once I get past Little Rock I’ll be in unknown territory.
It’s been a hell of a start to the week.
As I was getting ready this morning, about to head out the door to the day job, I got perhaps the worst slack message a systems guy can get:
Hey… the wired network is down.
Some quick testing showed that most of the office was dead in the water. No internet access (except WiFi, weirdly), which meant that VPN for remote workers as well as our fancy new SIP phone system was completely useless.
As some may have noticed, I’ve completely re-done my consulting website and blog. This comes some three years after I was first introduced to the concept of a static site generator, or SSG, by a former coworker that set up a now apparently un-maintained personal blog with one of the earliest iterations of Octopress. Better late than never, eh?
Not only are both on much more mobile-friendly layouts, but more excitingly (to me, at any rate) the underlying tech driving the site is no longer the twice-migrated and somewhat natively vulnerable Wordpress blog and custom landing page (which looked particularly shit on mobile devices).
UPDATE Oct 20, 2017
As pointed out in the comments below, most of this is no longer needed since the official release of the telegraf package for pfSense 2.4 and above.
I’m still leaving it up for posterity.
If any of the pfSense folks read this, some extra configuration options on the settings page for the plugin would be nice to see; but otherwise works like a charm.
If you’re like me, a sexy looking dashboard is a difficult thing to look away from.
Update Jan 31, 2018
This is verified (by me, at least) to work on both the official XenServer 7.2, and with the experimental xcp-ng. I've also semi-automated the process with these Ansible bits for new hardware / pool upgrades.
Don’t get me wrong, XenServer 7 is a huge improvement over previous versions, and still my product of choice for those that don’t want to pay a literal fortune for vmWare licensing.