Planet Apache

Syndicate content
Updated: 1 day 5 hours ago

Justin Mason: Links for 2014-09-16

Tue, 2014-09-16 18:58
Categories: FLOSS Project Planets

Noirin Plunkett: F Yeah!

Tue, 2014-09-16 10:10

TL;DR: Give The Ada Initiative $128 today (or $10/month), and you’ll get the coolest sticker I’ve seen in ages!

For a long time, I was afraid to use the F-word. I studied CS, linguistics & German at university, and got into open source as a user and documentation contributor, more than a decade ago. I pretty quickly moved on to more community- and event-organisational things in my hobby/open source work, while continuing as a tech writer in my professional work (which has been a mix of open source and not).

And throughout my education, and my early open source days, I really tried to be “one of the guys”. It was hard, but I got good at it. I was elected to the board of the Apache Software Foundation, and appointed Executive Vice President of the Foundation. I remain the only woman to have achieved either of those distinctions. And when I did, I was told–on a mailing list!–that whether or not I was comfortable with the choice of imagery, I had big balls.

By then, though, I had realised that something was broken. Why should I need to have balls, whatever their size, metaphorical or literal, to do something I loved and was good at? Why should I have to adapt myself to fit an environment that was built by and for people who weren’t like me?

The Ada Initiative was still just an idea, without a real shape, or even a name, at that time. But as that shape emerged, from the two awesome women who founded it, through the group of role models and inspirations who advise and continue to run it, to the innumerable supporters who make it possible, it has made real and lasting change. It has provided a welcoming environment of its own, and has given many other groups the tools they needed to adapt the environments they had built, to be inclusive of people who weren’t like them.

Right now, I’m working–and being paid!–to help organize AdaCamp Berlin. This is literally a dream come true for me: volunteer work is amazing, but it has to be singing in a choir or it very quickly leads to burnout. Seeing the huge demand for AdaCamp Berlin, as well as the interest from other folk in running similar events in the future, is incredibly rewarding. And being paid for the value I bring is an important act of feminism.

The Ada Initiative is doing amazing work, but it needs individual donations, not just ethical corporate sponsors, to keep it going. Donate today to help us run more AdaCamps and Ally Skills Workshops, and develop more programs like our Anti-Harassment Policy and our Impostor Syndrome Training.

And, if you give $128 (or $10/month), you can get an awesome sticker pack, including the F-Word sticker designed just for this campaign! Stick it to your laptop, or to the man–it’s up to you

Categories: FLOSS Project Planets

Bryan Pendleton: MRAP-a-tat-tat

Mon, 2014-09-15 20:57

What.

Just what.

The world is insane.

  • Bay Area police departments got millions in military surplus, records showAsked why Antioch police needed a mine-resistant personnel carrier weighing more than 30,000 pounds, Antioch police Captain Leonard Orman said the vehicle was critical to the department's ability to protect officers during a natural disaster or in incidents that require a SWAT team.

    "It's a defensive vehicle that provides the ability to be protected from gunfire, including high-powered rifles," Orman said. "If someone is barricaded in a home and there is an injured person on the ground, we can use it to rescue the person without exposing ourselves to fire."

    ...

    UC Berkeley's police department used the 1033 program to request about a dozen M-16 rifles, which it said would give officers firepower equal to that held by some of the criminals they encounter, said Lt. Eric Tejada, a department spokesman.

    "We feel that those specialists need to have a rifle that's capable of dealing with some incidents that can involve the modern-day weapons that you see now," Tejada said. "It's smart for us to utilize the resources that you can get for free."

  • Davis acquires mine-resistant war vehicle while some complain of militarization of policeChief Landy Black of the Davis police defended the acquisition of the MRAP, saying in a statement that its heavy armor “makes it the perfect platform to perform rescues of victims and potential victims during … active-shooter incidents, and to more safely deliver officers into an active-shooter incident.”

    ...

    “I can’t imagine why Davis needs a tank,” Davis Mayor Dan Wolk said Wednesday. “It’s in a city garage and I hope it stays there.”

  • Dozens of police departments suspended for losing US military-grade weaponryAccording to the media outlet Fusion, its independent investigation into the Pentagon’s “1033 program,” which equips state and local police departments across the US with excess military equipment, turned up an alarming trend: Not only did many law enforcement agencies fail to comply with the program’s guidelines, they routinely lost dangerous weaponry.

    Already, the investigation has found that police departments in Arizona, California, Mississippi, Missouri, Georgia, and others have lost or cannot account for various types of weapons. This list includes M14 and M16 assault rifles, .45-caliber pistols, shotguns, and even vehicles.

  • The Pentagon Is Giving Grenade Launchers To Campus PoliceDavid Perry, the president of the International Association of Campus Law Enforcement Administrators, told Politico that 1033 mostly funnels “small items” to college police forces for daily use. These could be anything from office supplies or uniforms or car parts, but it’s probably not all that tame. Campus Safety magazine recommends that universities take part in the 1033 program to cover a range of needs from storage units to grenade launchers. That is, after all, what the program was designed to achieve.
  • Finding Funds for Your Equipment, Programs and People (Part 2 of 2)Military surplus and contractors via the 1033 program, however, can be excellent sources of used equipment.

    The 1033 program (formerly the 1208 program) permits the secretary of defense to transfer excess U.S. Department of Defense personal property (supplies and equipment) to state and local law enforcement agencies. Anything from used grenade launchers (for the deployment of less lethal weapons) to trucks to boats to storage units may be available for a significantly reduced cost.

  • Ferguson aftermath: California city tells cops to get rid of armored vehicleDavis Police Chief Landry Black made the case for keeping the MRAP, saying the police department had confiscated much high-power weaponry in the last year. He said there were specific guidelines for its use, and that it is a necessary piece of safety equipment for the city.
  • Police Armored Vehicle Is Unwelcome in California College TownSheriff Brown of Santa Barbara County said there had been “a lot of misunderstanding about the program — in some quarters, even hysteria.”

    “The reality is that this is a great program,” he said. “It provides law enforcement with a lot of very valuable equipment that in many instances — in fact, most instances — could not be obtained or afforded, and allows us to do a better job of protecting our citizens and our own public safety personnel.”

  • Commentary: A militarized police force may see its citizens as the ‘enemy’Even college security forces are getting their share: A sidebar noted that nine out of 10 universities employ armed officers authorized to use deadly force.

    And in 2013, “the campus police at The Ohio State University procured a Mine-Resistant Ambush-Protected vehicle (MRAP), according to the Daily Caller website. The vehicle, which school officials noted was ‘acquired at no cost from military surplus,’ has a gun turret on the roof and is designed to stave off ambushes and roll over improvised explosive devices. OSU was also the first agency in the state to acquire an MRAP at the time.

"Campus Safety Magazine"? There is such a thing?

My head hurts. I am sad.

Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-15

Mon, 2014-09-15 18:58
  • The State of ZFS on Linux

    Linux users familiar with other filesystems or ZFS users from other platforms will often ask whether ZFS on Linux (ZoL) is “stable”. The short answer is yes, depending on your definition of stable. The term stable itself is somewhat ambiguous. Oh dear. that’s not a good start. Good reference page, though

    (tags: zfs linux filesystems ops solaris)

  • Screen time: Steve Jobs was a low tech parent

    “This is rule No. 1: There are no screens in the bedroom. Period. Ever.”

    (tags: screen-time kids children tv mobile technology life rules parenting)

  • CausalImpact: A new open-source package for estimating causal effects in time series

    How can we measure the number of additional clicks or sales that an AdWords campaign generated? How can we estimate the impact of a new feature on app downloads? How do we compare the effectiveness of publicity across countries? In principle, all of these questions can be answered through causal inference. In practice, estimating a causal effect accurately is hard, especially when a randomised experiment is not available. One approach we’ve been developing at Google is based on Bayesian structural time-series models. We use these models to construct a synthetic control — what would have happened to our outcome metric in the absence of the intervention. This approach makes it possible to estimate the causal effect that can be attributed to the intervention, as well as its evolution over time. We’ve been testing and applying structural time-series models for some time at Google. For example, we’ve used them to better understand the effectiveness of advertising campaigns and work out their return on investment. We’ve also applied the models to settings where a randomised experiment was available, to check how similar our effect estimates would have been without an experimental control. Today, we’re excited to announce the release of CausalImpact, an open-source R package that makes causal analyses simple and fast. With its release, all of our advertisers and users will be able to use the same powerful methods for estimating causal effects that we’ve been using ourselves. Our main motivation behind creating the package has been to find a better way of measuring the impact of ad campaigns on outcomes. However, the CausalImpact package could be used for many other applications involving causal inference. Examples include problems found in economics, epidemiology, or the political and social sciences.

    (tags: causal-inference r google time-series models bayes adwords advertising statistics estimation metrics)

  • Top 10 Historic Sites in Ireland and Northern Ireland — National Geographic

    Shamefully, I haven’t visited most of these!

    (tags: history neolithic ireland northern-ireland national-geographic tourism places)

  • Software patents are crumbling, thanks to the Supreme Court

    Now a series of decisions from lower courts is starting to bring the ruling’s practical consequences into focus. And the results have been ugly for fans of software patents. By my count there have been 11 court rulings on the patentability of software since the Supreme Court’s decision — including six that were decided this month.  Every single one of them has led to the patent being invalidated. This doesn’t necessarily mean that all software patents are in danger — these are mostly patents that are particularly vulnerable to challenge under the new Alice precedent. But it does mean that the pendulum of patent law is now clearly swinging in an anti-patent direction. Every time a patent gets invalidated, it strengthens the bargaining position of every defendant facing a lawsuit from a patent troll.

    (tags: patents law alice swpats software supreme-court patent-trolls)

  • Riding with the Stars: Passenger Privacy in the NYC Taxicab Dataset

    A practical demo of “differential privacy” — allowing public data dumps to happen without leaking privacy, using Laplace noise addition

    (tags: differential-privacy privacy leaks public-data open-data data nyc taxis laplace noise randomness)

Categories: FLOSS Project Planets

James Duncan: A Swift kickstart

Mon, 2014-09-15 17:00

My friend Daniel Steinberg has been busy at work since WWDC writing a book on Swift as the development releases of Xcode and Swift have come out of Apple over the Summer. I love how he developed this out in the open and has been pushing out releases as he goes. It’s a model way to make an eBook and perfect way to leverage the iBook Store for this subject. Plus, I love the name.

via permalink
Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-14

Sun, 2014-09-14 18:58
  • Platform Game

    I’m ambivalent about Microsoft acquiring Mojang. Will they Embrace and Extend Minecraft as they’ve done with other categories? Let’s hope not. On the other hand, some adult supervision and a Plugin API would be welcome. Mojang have the financial resources but lack the will and focus needed to publish and support a Plugin API. Perhaps Mojang themselves don’t realise just how important their little game has become.

    (tags: minecraft platforms games plugins mojang microsoft)

Categories: FLOSS Project Planets

Bruce Snyder: Discovering a New Normal :: Bruce Snyder's Status

Sat, 2014-09-13 18:36
I know it has been a while since my last blog post, but I've been rather busy lately trying to find my way again. I know I have said this before, but having such a traumatic injury has really changed my life. It's not only the physical changes of being in a wheelchair, but there are many other things have been affected about my life and my family. Because I have not blogged in a while (shame on me), this post is full of a variety of topic swirling around in my head right now. Family Leaving Since the accident back in April, my family was here in our house helping us with everything. My parents were here most of the summer and Janene's mom Susan was here for four months straight. We have had numerous other family members visit, but these were the mainstays. As of a couple of weeks ago, everyone has left including Susan. At first, I kinda felt like my safety net had been removed. She was always here for me since the accident, willing to help me with anything. But I have quickly discovered that although I do need help with tasks, if I take my time I can do many things myself. For example, yesterday on my way home I ran a bunch of errands and had to make five trips in and out of the house to get everything out of the car. Prior to the accident, I could have gotten it all in a couple of trips. It's just another adjustment. Air Travel Back in August, I was able to take my first trip involving air travel. I only went for one night to my company's office in Chicago. Everything went very well, but it was not easy to sit on the plane for two hours without moving much. Unfortunately I wound up with a middle seat so I wasn't able to easily get up and out of my seat, but I did shift around as much as space would allow and I made it successfully. It really made me realize how much I move around during the day what with standing, shifting around in my wheelchair, sitting in other chairs, etc. This was a good test as a first trip involving air travel. I'm certainly not ready to travel to my company's headquarters in Munich, Germany yet, but I will eventually need to build back up to making this trip. Driving Although Janene and I have always vowed not to buy our girls a car when they each turn 16, almost dying in a tragic accident can really change your perspective on life. While I was in the hospital recovering, Janene told me that I was going to need to buy a new car because our oldest daughter Jade was going to be driving my car now. My response was essentially, 'But what about what we talked about and agreed upon?'. To which she responded, 'Bruce, you were nearly killed in this accident. Life is too fucking short to hold back on such things.' This definitely gave me pause and has really shaped how I look at life now. This is not to say that we have thrown out all reasoned arguments and discussions, more that we believe as parents we should be developing an environment of trust for our kids rather than holding things back from them. Also, just to put this into perspective, my old car is a 2001 Nissan Maxima with ~150k miles on it. So we're not talking about a care that is even close to being new. 
Anyway, one thing that has really changed is the way I drive a car now. Being that I'm no longer driving my car and I still need to get a new one, in the meantime, we decided to have hand controls installed in Janene's car. When I was in the hospital I learned to drive with hand controls. After over 25 years of driving a car using the foot pedals for the accelerator and brakes, because I have no movement in my feet, I now have to use hand controls. It's a handle on the left side of the steering wheel and is easy to use, it just takes a bit to get your muscle memory to begin thinking in terms of the hand control vs. the foot pedals. Using the handle, you push to brake and pull down to accelerate -- it's really that simple. There's also a removable metal foot plate that keeps my feet from bumping the real accelerator and brake.

Since mid-July, I have been able to drive myself to work every day. The great thing about driving my wife's car is that it's Toyota Highlander, an SUV. This means that I can put my wheelchair in the back of the car without breaking it down (i.e., taking the wheels off of it, etc.). Because I'm lucky enough to be able to stand and I can now walk with the braces on my legs if I have something to lean on, I have taught myself to lift the wheelchair into the back of the car and then make my way along the driver's side by hanging onto the car and kinda shuffling along. It has been a liberating feeling to be capable of driving myself to work and running some errands around town.
The Fucking Health Insurance IndustryI know this is a bit off-topic, but it has been incredibly frustrating to navigate the insurance industry bullshit. In my life, I have been lucky enough to be a very healthy person and rarely ever needed to utilize my health insurance. Since this accident, I have been extremely grateful to have good health insurance. However, I have also discovered that there seems to be some super secret list of things that health insurance does not cover or that they are somehow required by some fucking insurance credo to give you a difficult time about. There's nothing quite like a hospital hounding you personally for a bill of nearly $400k because your health insurance keeps stalling. We had to chalk up the $2200 installation fees for the hand controls as an out-of-pocket expense -- and that's just one of the many costs that come out of own own pockets. I'm extremely fortunate to have a very good attorney to help me navigate the insurance industry. As he has explained to me, insurance companies get stuck between their own policies and the laws of different states. All I know is that without my attorney, I would be going mad right now.
Walking With Arm Crutches Several weeks ago, I got some new leg braces. This might not sound very exciting but for me it is because they allow me to balance so well that I can stand in place without holding on to anything. Taking off walking is still out of the question right now because I'm still weak from the muscle I lost from being stuck in a hospital bed and a wheelchair. So for now, I'm able to walk using leg braces and balance with arm crutches. I certainly won't win any races, but it is such a wonderful thing to be six feet tall again. I realized this before and even blogged about it, but because I'm six feet tall when I stand, I'm actually taller than many people. But having been in a wheelchair for a while now means that I have been much shorter than everyone around me. I can now be eye-to-eye with people again while speaking with them which is very liberating. I can also hug my girls and Janene again without the wheelchair being in the way. I'm not walking full-time yet but I'm pushing myself to do it more and more and have been standing up for longer and longer periods of time throughout the day. As nice as it is to be my full height again, it still sucks to rely on the arm crutches because I can't carry anything. Sure, I can wear a backpack and take, say, my laptop from room to room, but I can't just carry a glass of water or a dish of food to the dinner table. Hopefully one day.

At least now I can stand more easily and I'm getting stronger. This means that I can begin to cook some things again. Something that I have always prided myself on is cooking for my family. For years now, I have been the primary cook in our house just due to Janene's work schedule. I have really learned to love cooking for my family over the years and it is something that I have missed since my accident. I'm not able to cook a huge meal yet, but smaller things here and there. I'm hopeful that with increased strength, this will get easier. I'm also enlisting Bailey (11) and Jade (16) to help me with many things, especially cooking. Discovering a New Normal For those of you who have been following my blog posts, you already know that my spine is now crooked. To date, I have been able to alleviate much of this problem by putting a lift in my right shoe. But whenever I'm not wearing shoes I am crooked again which is rather frustrating because it throws me off balance entirely. I hope that as I continue to build strength that my body will learn to compensate more and more. But this is just one of many small things that I am learning to live with now.

I also have paralysis across my butt and down the outsides of my hamstrings. This paralysis affects all of the gluteal muscles so that I cannot even squeeze the muscles in my butt. The result is that I have no muscle tone in my butt and this makes it very difficult to sit on certain surfaces for very long. So I need to be very careful about the surfaces I sit on and I cannot sit on most chairs, even if they are soft. On my wheelchair, I have a special cushion that contains multiple chambers of air. I also have a thinner more portable cushion that I can use on standard chairs and in the car. Even if the movement of my feet does not return, I really wish that I could regain the feeling in my butt and the ability to squeeze the muscles so that I could build them back up again.

Another difficulty is the difference with my bladder and bowels. When you have a spinal injury, depending on the level of the injury, it's very common to have changes in the function of your bladder and bowels. My situation could be a lot worse, but still the nerve damage has affected both bladder and bowel control. Luckily I can feel when my bladder is full or when I need to go. This is great because many people with spinal cord injuries cannot. Unfortunately I cannot pee on my own, so I must use a catheter to drain my bladder. Furthermore, my bowels are just not the same as before the accident so I just need to be more conscious of when I need to go. So I have had to learn to manage this whole new set of challenges. 
Janene did a wonderful job of installing various ramps around the house so that I can get around on the main level of our home, but I'm still not able to easily climb stairs. So we had to move our bedroom to the main level until I recover enough to get upstairs. We have set a goal for end of the year for me to get back to our master bedroom and bathroom on the second level of our home. This goal is about gaining back enough muscle to be able to climb the stairs more easily than I do now. At the moment, it seems like a far off goal, but I have been surprised at the changes I have seen in the last three months.
To address the rebuilding of muscle, I'm also looking into some new rehab options now. I feel like I've been sitting and waiting, for what I don't know. So I feel that it's a good time to ramp up my physical therapy to focus on rebuilding the muscle mass that I have lost. Not only will more rigorous workouts encourage more healing of the nerves, but it will also prepare my body for the time when movement does return. Instead of having some movement return and still being extremely weak, my hope is to help my body rebuild itself to where it was prior to the accident and be better prepared for the movement to come back.

I think the most difficult thing for me has been the amount of help I need with so many things now. Previous to my injury, I enjoyed helping others with various tasks and I was extremely independent with anything I did. Now I'm the one who needs help. This has really been difficult because I went from such extreme independence to a fair amount of dependence. My family and friends are wonderful about providing me the help I need, but I have never been someone who needed help. I always enjoyed providing help to others. Now the shoe is on the other foot.

I still have some not so good moments when my emotions get the best of me. I guess I haven't been meditating as much as I did when I was hospitalized and I need to change this right away. I guess in the hospital I had the time to do so and now, being back to work I don't have so much time available. It has been amazing to me that having gone through such a life change you kinda go through a grieving process for the things you have lost. Anyone who knows me knows how physically active I tend to be -- cycling, running, hiking and general fitness was a big part of my life. Needless to say, this is all on hold right now until I determine if I will regain movement in my feet or not. It's really a wait-and-see situation because nobody can predict what will happen. Everyone's injuries are unique and everyone's body heals differently. I'm still very hopeful that I will regain movement.

There are many other small things involved in my new normal. Although my life is full of new challenges, I still feel very fortunate that my situation is not worse. I try to be as independent as possible and I continue working to rebuild the strength that I have lost. 
Categories: FLOSS Project Planets

Bryan Pendleton: Trinity: a very short review

Sat, 2014-09-13 09:39

Leon Uris's Trinity is generally considered to be one of the author's best works. For thematic reasons, it was one of my vacation readings.

Trinity is 900 pages long. The first 600 pages are superb, and just flew by. This is the portion of the book which covers the period, roughly, from the Great Famine through the Industrial Revolution, say, late 1830's through late 1880's. The characters were compelling, the storytelling was both exciting and colorful, and the book managed to be somehow intimate and sweepingly epic at once.

The genius of this part of this book is the way that Uris helps you understand why people behave the way they do, not by explaining it to you, but by showing you how it happens. People don't just wake up one day and do something dreadful to each other, it happens over a period of time, through untold zillions of tiny step by step actions and individual decisions, each of which seems simple and obvious and inevitable but they all add up.

The last 300 pages, covering roughly the first quarter of the 20th century, just didn't work for me.

Categories: FLOSS Project Planets

Edward J. Yoon: 우선순위

Fri, 2014-09-12 04:47
해야할 일들이 쌓여있는데 미래가치를 봐야할지 당장의 닥친 일이 우선인지 저울질하기 힘든 요새다. 아바타 조작하듯 제 3자 입장에서 생각하면 좀 더 과감해질지도!
Categories: FLOSS Project Planets

Rohit Yadav: How to install CloudStack with KVM host

Thu, 2014-09-11 19:00

This is a how-to guide on setting up CloudStack on Ubuntu and with KVM host in basic zone, basic networking but with security groups. You may do this on a VM or an actual host. This post covers setting up a CloudStack cloud on one box, which means we’ll install everything from CloudStack management server to agent to MySQL to NFS, all in one box. My motivation was to create a VM with which I can build, test Apache CloudStack (ACS) locally and show that one can do it in less than 30 minutes given ample bandwidth.

Note: this should work for ACS 4.3.0 and above. This how-to post may get outdated in future, so please read the latest docs and/or read the latest docs on KVM host installation.

First install Ubuntu 14.04 LTS x86_64 on a system that has at least 2G RAM, preferably 4GB RAM, and with a 64-bit CPU that has Intel VT-x or AMD-V enabled. I personally use VMWare Fusion which can give VMs CPU with Intel VT-x which is needed by KVM to do HVM. Too bad VirtualBox cannot do this yet, or one can say KVM cannot do paravirtualization (like Xen).

Next, we need to do bunch of things:

  • Setup networking, IPs, create bridge
  • Install cloudstack-management and cloudstack-common
  • Install and setup MySQL server
  • Setup NFS for primary and secondary storages
  • Preseed systemvm templates
  • Prepare KVM host and install cloudstack-agent
  • Configure Firewall
  • Start your cloud!

Let’s start by installing some basic packages, assuming you’re root or have sudo powers:

apt-get install openntpd openssh-server sudo vim htop tar build-essential

Make sure root is able to ssh using password, fix in /etc/ssh/sshd_config.

Reset root password and remember this password:

passwd root Networking

Ubuntu s**ks at configuring networking, you need to reboot everytime to apply changes, and they don’t have systemd yet. Though, its Unity feels more stable than Gnome3, but then again it’s the distribution that does not even say that it’s GNU/Linux (go ahead, read their website). For good or bad reasons, it’s one of the most popular distros. Enough of trolling, let’s configure some network.

We’ll be setting up bridges and not OpenVswitch because I like bridges and they seem to work for people for several years now. CloudStack requires that KVM hosts have two bridges cloudbr0 and cloudbr1 which is because these names are sort of hard coded in the code and on the KVM host we need to have a way to let VMs communicate to the host, between themselves and reach the outside world etc. Add network rules and configure IPs as applicable.

apt-get install bridge-utils cat /etc/network/interfaces # an example bridge configuration auto lo iface lo inet loopback auto eth0 iface eth0 inet manual # Public network auto cloudbr0 iface cloudbr0 inet static address 172.16.154.10 netmask 255.255.255.0 gateway 172.16.154.2 dns-nameservers 172.16.154.2 8.8.8.8 bridge_ports eth0 bridge_fd 5 bridge_stp off bridge_maxwait 1 # Private network auto cloudbr1 iface cloudbr1 inet manual bridge_ports none bridge_fd 5 bridge_stp off bridge_maxwait 1

Notice, we’re not using cloudbr1 because the intention is to setup basic zone, basic networking, so all networking going through one bridge only.

We’re done with setting up networking, just note the cloudbr0 IP. In my case, it was 172.16.154.10. You may notice that we’re not configuring eth0 at all, it’s because we’ve a bridge now and we expose this bridge to the outside networking using this cloudbr0’s IP. By removing IP from eth0 (static or dhcp), we get ubuntu to use cloudbr0 as its default interface and use cloudbr0’s gateway as its default gateway and route. Silly Ubuntu, you need to reboot your VM or host now.

Management server and MySQL

Setup CloudStack repo, you may use something that I host (the link is unreliable, let me know if it stops working for you). You may use any other debian repo as well. One can also build from source and host their own repositories.

We need to install the CloudStack management server, MySQL server and setup the management server database:

echo deb http://packages.bhaisaab.org/cloudstack/upstream/debian/4.3 ./ >> /etc/apt/sources.list.d/acs.list apt-get update -y apt-get install cloudstack-management cloudstack-common mysql-server # pick any suitable root password for MySQL server

You don’t need to explicitly install cloudstack-common because the management package depends on it. This is to point out that many tools, scripts can be found in this package, such as tools to setup database, preseed systemvm template etc.

You may put following rules on your /etc/mysql/my.cnf, they are mostly to configure innodb settings and have MySQL use the bin-log “ROW” format which can be useful for replication etc. Since we’re doing only test setup we may skip this, even though CloudStack docs say that you put only this but I think on production systems you may need to configure many more options (perhaps 400 of those).

[mysqld] innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 log-bin=mysql-bin binlog-format = 'ROW'

Now, let’s setup managment server database;

service mysql restart cloudstack-setup-databases cloud:cloudpassword@localhost --deploy-as=root:passwordOfRoot -i <stick your cloudbr0 IP here> Storage

We’ll setup NFS and preseed systemvm.

mkdir -p /export/primary /export/secondary apt-get install nfs-kernel-server quota echo /export *(rw,async,no_root_squash,no_subtree_check) > /etc/exports exportfs -a sed -i -e 's/^RPCMOUNTDOPTS="--manage-gids"$/RPCMOUNTDOPTS="-p 892 --manage-gids"/g' /etc/default/nfs-kernel-server sed -i -e 's/^NEED_STATD=$/NEED_STATD=yes/g' /etc/default/nfs-common sed -i -e 's/^STATDOPTS=$/STATDOPTS="--port 662 --outgoing-port 2020"/g' /etc/default/nfs-common sed -i -e 's/^RPCRQUOTADOPTS=$/RPCRQUOTADOPTS="-p 875"/g' /etc/default/quota service nfs-kernel-server restart

I prefer to download the systemvm first and then preseed it:

wget http://people.apache.org/~bhaisaab/cloudstack/systemvmtemplates/systemvm64template-2014-09-11-4.3-kvm.qcow2.bz2 /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt \ -m /export/secondary -f systemvm64template-2014-09-11-4.3-kvm.qcow2.bz2 -h kvm \ -o localhost -r cloud -d cloudpassword KVM and agent setup

Time to setup cloudstack-agent, libvirt and KVM:

apt-get install qemu-kvm cloudstack-agent sed -i -e 's/listen_tls = 1/listen_tls = 0/g' /etc/libvirt/libvirtd.conf echo 'listen_tcp=1' >> /etc/libvirt/libvirtd.conf echo 'tcp_port = "16509"' >> /etc/libvirt/libvirtd.conf echo 'mdns_adv = 0' >> /etc/libvirt/libvirtd.conf echo 'auth_tcp = "none"' >> /etc/libvirt/libvirtd.conf sed -i -e 's/\# vnc_listen.*$/vnc_listen = "0.0.0.0"/g' /etc/libvirt/qemu.conf sed -i -e 's/libvirtd_opts="-d"/libvirtd_opts="-d -l"/' /etc/init/libvirt-bin.conf service libvirt-bin restart Firewall

Finally punch in holes on the firewall, free ‘em ports, substitute your network in the following:

# configure iptables NETWORK=172.16.154.0/24 iptables -A INPUT -s $NETWORK -m state --state NEW -p udp --dport 111 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 111 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 2049 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 32803 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p udp --dport 32769 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 892 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p udp --dport 892 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 875 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p udp --dport 875 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p tcp --dport 662 -j ACCEPT iptables -A INPUT -s $NETWORK -m state --state NEW -p udp --dport 662 -j ACCEPT apt-get install iptables-persistent # Disable apparmour on libvirtd ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/ apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper # Silly ufw ufw allow mysql ufw allow proto tcp from any to any port 22 ufw allow proto tcp from any to any port 1798 ufw allow proto tcp from any to any port 16509 ufw allow proto tcp from any to any port 5900:6100 ufw allow proto tcp from any to any port 49152:49216 Launch Cloud

All set! Make sure tomcat is not running, start the agent and management server:

/etc/init.d/tomcat6 stop /etc/init.d/cloudstack-agent start /etc/init.d/cloudstack-management start

If all goes well, open http://cloudbr0-IP:8080/client and you’ll see the ACS login page. Use username admin and password password to log in. Now setup a basic zone, in the following steps change the IPs as applicable:

  • Pick zone name, DNS 172.16.154.2, External DNS 8.8.8.8, basic zone + SG
  • Pick pod name, gateway 172.16.154.2, netmask 255.255.255.0, IP range 172.16.154.200-250
  • Add guest network, gateway 172.16.154.2, netmask 255.255.255.0, IP range 172.16.154.100-199
  • Pick cluster name, hypervisor KVM
  • Add the KVM host, IP 172.16.154.10, user root, password whatever-the-root-password-is
  • Add primary NFS storage, IP 172.16.154.10, path /export/primary
  • Add secondary NFS storage, IP 172.16.154.10, path /export/secondary
  • Hit launch, if everything goes well launch your zone!

Keep an eye on your /var/log/cloudstack/management/management-server.log and /var/log/cloudstack/agent/agent.log for possible issues. Read the admin docs for more cloudy admin tasks. Have fun hacking your CloudStack cloud.

Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-11

Thu, 2014-09-11 18:58
Categories: FLOSS Project Planets

James Duncan: Nilofer’s first two months

Thu, 2014-09-11 17:00

Nilofer Merchant is spending a year abroad in Paris and is quickly finding out what it’s like to live somewhere rather than be a tourist. Something that joyfully takes you half the day as a visitor is annoying as a resident. All the shops obey rules you have no clue about. And even the act of getting nails is trickier than you expect because you have no ambient knowledge of the place. After more than six months in Berlin, I can totally relate.

via permalink
Categories: FLOSS Project Planets

James Duncan: The fadeout of the mileage run

Thu, 2014-09-11 17:00

The airlines are changing the rules of their loyalty programs. Instead of rewarding the act of putting your butt in a seat for a certain number of miles, they’re going to reward you based on—shocking concept—how much money you spend on them. This has been a long time coming and the airlines have been doing this slowly over a period of years, but the mileage game is over. For the segment of travellers that was getting benefits above their pay grade—and I’ve been one of them—it’s time to find a new game.

via permalink
Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-10

Wed, 2014-09-10 18:58
  • Apple: Untrustable

    Today, Apple announced their “Most Personal Device Ever”. They also announced Apple Pay (the only mentions of “security” and “privacy” in today’s event), and are rolling out health tracking and home automation in iOS 8. Given their feckless track record [with cloud-service security], would you really trust Apple with (even more of) your digital life?

    (tags: icloud apple fail security hacks privacy)

  • Not Safe For Not Working On

    Excellent post from Dan Kaminsky on concrete actions that cloud service providers like Apple and Google need to start taking.

    *It’s time to ban Password1*: [...] Defenders are using simple rules like “doesn’t have an uppercase letter” and “not enough punctuation” to block passwords while attackers are just straight up analyzing password dumps and figuring out the most likely passwords to attempt in any scenario.  Attackers are just way ahead.  That has to change.  Defenders have password dumps too now.  It’s time we start outright blocking passwords common enough that they can be online brute forced, and it’s time we admit we know what they are. [...] *People use communication technologies for sexy times. Deal with it*: Just like browsers have porn mode for the personal consumption of private imagery, cell phones have applications that are significantly less likely to lead to anyone else but your special friends seeing your special bits. I personally advise Wickr, an instant messaging firm that develops secure software for iPhone and Android. What’s important about Wickr here isn’t just the deep crypto they’ve implemented, though it’s useful too. What’s important in this context is that with this code there’s just a lot fewer places to steal your data from. Photos and other content sent in Wickr don’t get backed up to your desktop, don’t get saved in any cloud, and by default get removed from your friend’s phone after an amount of time you control. Wickr is of course not the only company supporting what’s called “ephemeral messaging”; SnapChat also dramatically reduces the exposure of your private imagery. [...] via Leonard.

    (tags: icloud apple privacy security via:lhl snapchat wickr dan-kaminsky cloud-services backup)

  • Inside Apple’s Live Event Stream Failure, And Why It Happened: It Wasn’t A Capacity Issue

    The bottom line with this event is that the encoding, translation, JavaScript code, the video player, the call to S3 single storage location and the millisecond refreshes all didn’t work properly together and was the root cause of Apple’s failed attempt to make the live stream work without any problems. So while it would be easy to say it was a CDN capacity issue, which was my initial thought considering how many events are taking place today and this week, it does not appear that a lack of capacity played any part in the event not working properly. Apple simply didn’t provision and plan for the event properly.

    (tags: cdn streaming apple fail scaling s3 akamai caching)

Categories: FLOSS Project Planets

James Duncan: How Matt’s machine works

Wed, 2014-09-10 17:00

I may not like using or hacking on WordPress—I’m a DIY kind of guy and am currently using Jekyll and hosting a static build of this site via Amazon S3 and CloudFront—but I respect what Matt and his company have done. I’m kind of in awe, really. I’m also in awe of how Matt manages to keep it all going. Well worth reading for those of us into the how flat, globally-distributed organizations can work.

via NextDraft via permalink
Categories: FLOSS Project Planets

Bryan Pendleton: A slimy subject

Wed, 2014-09-10 13:35

One of the things we noticed on our trip to Ireland was that, every time we explored the actual coastline (beaches, rocky cliffs, fishing piers, etc.), there were a surprising number of jellyfish.

I mean, a really surprising number.

Somebody mentioned that maybe this was actually a known and studied phenomenon, so I went searching.

Anyway, once you start reading this article in The New York Review Of Books you won't stop thinking about it: They’re Taking Over! .

Our changing climate is also having many impacts on jellyfish. As the oceans warm, the tropical box jellyfish and the Irukandjis are likely to extend their ranges, while other species will benefit from the lowered oxygen levels that warmer waters contain. Remarkably, jellyfish may have the capacity to accelerate climate change. This can happen in two ways. Jellyfish release carbon-rich feces and mucus (poo and goo) that bacteria prefer to use for respiration. As Gershwin puts it, “jellyfish blooms turn these bacteria into carbon dioxide factories.” But jellyfish also consume vast numbers of copepods and other plankton. These creatures migrate vertically through the water column, taking in carbon-rich food at the surface and releasing it as fecal pellets, which fall to the sea floor and are buried. The plankton are thus a major means of taking carbon dioxide out of the atmosphere and oceans. If their loss occurs on a large enough scale, it will hasten climate change.

Perhaps we will soon be seeing bumper stickers: "Save the plankton, eat a jellyfish!"

Categories: FLOSS Project Planets

Claus Ibsen: More metrics in Apache Camel 2.14

Wed, 2014-09-10 12:43
Apache Camel 2.14 is being released later this month. There is a slight holdup due some Apache infrastructure issue which is being worked on.

This blog post is to talk about one of the new functions we have added to this release. Thanks to Lauri Kimmel who donated a camel-metrics component, we integrated with the excellent codehale metrics library.

So I took this component one step further and integrated it with the Camel routes so we have additional metrics about the route performances using codehale metrics. This allows end users to seamless feed Camel routing information together with existing data they are gathering using codehale metrics.

Also take note we have a lot of existing metrics from camel-core which of course is still around.

What codehale brings to the table is that they have additional statistical data which we do not have in camel-core.

To use the codehale metics all you need to do is:

  1. add camel-metrics component
  2. enable route metrics in XML or Java code

To enable in XML you declare a as shown below:

  &;t;bean id="metricsRoutePolicyFactory"
        class="org.apache.camel.component.metrics.
               routepolicy.MetricsRoutePolicyFactory"/>

And doing so in Java code is easy as well by calling this method on your CamelContext

  context.addRoutePolicyFactory(new MetricsRoutePolicyFactory());

Now performance metrics is only useable if you have a way of displaying them, and for that you can use hawtio. Notice you can use any kind of monitoring tooling which can integrate with JMX, as the metrics is available over JMX. The actual data is 100% codehale json format, where a piece of the data is shown in the figure below.

Sample of the route metrics JSON dataThe next release of hawtio supports Camel 2.14 and automatic detects if you have enabled route metrics and if so, then shows a sub, where the information can be seen in real time in a graphical charts.
hawtio have detected that we have route metrics enabled, and shows a sub tab where we can see the data in real time
The screenshot above is from the new camel-example-servlet-rest-tomcat which we ship out of the box. This example demonstrates another new functionality in Camel 2.14 which is the Rest DSL (I will do a blog about that later). This example enables the route metrics out of the box, so what I did was to deploy this example together with hawtio (the hawtio-default WAR) in Apache Tomcat 8.

With hawtio you can also build custom dashboards, so here at the end I have put together a dashboard with various screens from hawtio to have a custom view of a Camel application.

hawtio dashboard with Camel route and metrics as well control panel to control the route(s), and the logs in the bottom.

Categories: FLOSS Project Planets

Justin Mason: Links for 2014-09-09

Tue, 2014-09-09 18:58
Categories: FLOSS Project Planets

Nick Kew: Carry On up the Union

Tue, 2014-09-09 18:42

Today the Scottish referendum debate has turned to pure comedy, as the preserve-the-status-quo political and media Establishment turn to blind panic and run about like headless chickens. All the Westminster leaders are belatedly running off to campaign, and stressing that You can vote No, because No will mean Yes in all but name. Though each party still seems to have its own flavour of NoMeansYes, so that’ll be another confused and horrible compromise agreement to thrash out, or alternatively no agreement and kick the issue into the long grass (and try to blame the Scots Nats).  They’ve even dragged the Royal Family in, with a well-crafted Denial that the Queen might plead for the Union, and a big Feelgood announcement from her grandson and his missus.

As I’ve said before, our constitution since Blair is hopelessly broken.  Disappointingly, none of his successors at Westminster show any inclination to fix it, so the only proposal on the table is Scottish independence.  That will leave both parties with some interesting problems, but I think much more political will to deal with them than has hitherto been in evidence.

There are of course some glaring problems in the Scots Nats programme.  I don’t think that’s actually a problem: a Yes vote is just the start of a process of negotiation in which everyone can drop their sillier and more outlandish ideas in pursuit of a mutually-acceptable agreement.  Unlike a No vote, which just gives the headless chickens a mandate to sink straight back into complacency.

Now it’s Jocks’ Choice.  Say Yes to independence, force the issue, end the bad marriage, and let’s be good friends, just as we are with other neighbours such as the Dutch or the Irish.  Endure short-term pain – for there will surely be quite a hiatus and disruption on both sides – for long-term gain.  Or say No, succumb to the bullying of the political class, and condemn us all to another generation of brokenness.


Categories: FLOSS Project Planets

James Duncan: Speculation on Apple’s event stream failure

Tue, 2014-09-09 17:00

Dan Rayburn attempts to dig into why the live stream of Apple’s event yesterday failed so miserably. Lots of people are saying that this speculation is off—read the comments for other thoughts on the matter. The bottom line is that the way things were put together looks to have made the whole setup un-cachable by the CDN.

via Daring Fireball via permalink
Categories: FLOSS Project Planets