JDPFu.com 2025

What I need:

1. Zimbra server running under Xen
2. Prefer Ubuntu 8.0x LTS as Dom0

The problems seen doing this so far are:

1. Prefer an Ubuntu-based DomU – <— couldn’t get the zimbra supported version to load
2. file: needs to be replace by aio:tap: for some reason in the cfg file
3. Tried CentOS-5 via bootstrap – didn’t work
4. Tried CentOS-5 via rinse – didn’t work – stuck at maintenance boot but didn’t know the root password
5. Replaced the CentOS image file with another … and got further after switching from hda2 into sda1 in the cfg file based on error. But the start up had many, many issues – missing modules – i.e. FATAL problems
6. Along the way, there have been numerous other issues to be solved (NIC drivers, vbd device limits, etc)

There needs to be an easier way and one that actually works with the scripts would be really nice too.

BTW, getting a xen hardy DomU installed is trivial. It will be nice when Zimbra supports the current 8.04.x LTS, which they have committed to do … someday.

Ok, someday seems to be TODAY! YIPPY! 8.04 supported!

10/18/2008 Update

It has been a few months since we started using Xen for our infrastructure. The jury is still out on whether it is a success or not. Two days ago, I would have said it was a complete success … until more of the MAJOR network issues happened yesterday – a Friday.

Some of the DomUs became really slow to access over both the network and by the console. The Dom0 became nearly impossible to access. Ping had 88% packet loss both from other machines and between DomU and Dom0 attempts (once I finally got a connection). Not good. Long periods of un-responsiveness to/from both Dom0 and DomU from other non-virtual machines got really, really bad. It is terrible this morning as I write this.
Last night, I implemented these changes:

1. to the /etc/network/interface file
   • DomUs: post-up /usr/sbin/ethtool -K eth0 tx off
   • Dom0: post-up /usr/sbin/ethtool -K eth0 tx on
2. to the /etc/rc.local
   • mv /lib/tls /lib/tls.disabled

So every reboot will reset tls to the desired value – gone. That last command is part of the server setup. It came back, probably due to an apt-get upgrade.

Neither of these changes appear to matter this morning.

How to install Zimbra on Ubuntu 10.04 LTS

The Pickens Plan
Picken’s says that if only 20% of wind power can be captured in the USA, then we’d have enough energy for 7x what we need. And that North Dakota can provide 20% of our nation’s energy requirements.

Nice sounding, right? Well, it is too good to be true. Here’s why.

• would you like your entire neighborhood covered with HUGE windmills? I wouldn’t even if where I lived was windy. Average speed in my area is 3 mph.
• I’ve lived in North Dakota and Nebraska. There’s wind there and we should use it, when the land owner agrees. The entire state won’t agree. There are wonderful areas where windmills won’t work and were the noise would be detrimental for wildlife. Let’s forget that occasionally wildlife get killed by windmills.
• Windmills are noisy and
• they break.
• Long distance transmission of electricity is problematic and is estimated to lose 7.2% of the power in the USA. Distance is critical to the amount of loss, so shipping electricity from ND isn’t likely. Think within the a tri-state area around your home as the practical distance limit.

Ok, I’m not anti-windmill. I’m a practical person. There will never be 20% of our land covered with windmills. It simply can’t happen. Even 1% would be impressive. I read somewhere that 20% of USA land is set aside for reserves and parks – imagine all that land covered in windmills. Now, we’ve eaten up 40% of the land in the USA for power and parks, not gonna happen.

In one of those videos, they stated that each windmill cost US$300,000 and running them is subsidized by local taxes. Each creates enough energy in 1 hour to power an average home for a month. My electric bill is less than $1,000/yr (2500 sq ft home). Let’s break this down a little using simple math – it will be close enough.
|cost of windmill |$300,000 |
|annual power 1 home |$1,000|
|years for 1 home to
equate to 1 windmill |300 yrs|
|Payback years for 30 homes |10 yrs|

Ok, so this can make sense assuming $0 maintenance costs in windy areas of the country. These devices have a 12-25 year lifespan. I’ve seen newer cost estimates with much lower costs, around $40K, but also, much lower generation capacity, so the formulas used above don’t work.

Ok, the idea that natural gas powered cars should be much more popular in the USA is perfectly correct. I agree with Pickens. When in Buenos Aires last spring, I saw cars, trucks and fueling stations for CNG. It works.

10-19-2008 Update

The Dirty Jobs tv show did an episode on maintaining the large wind power. Twice a week, someone climbs them, monitors them for maintenance needs and performs a 2 hour cleaning effort. It seems that there’s lots of dirt and dust that interact with the grease and oil needed to allow the generation of power. Wasps, crickets, and other “items” were found on that episode.

That takes away the idea that these are maintenance free.

In the grocery store today, the checker asked what a vegetable was – an Acorn Squash. I love them.

Here’s how I prepare them:

1. Select an acorn squash – not too large and preferably with a little yellow on the outside.
   
2. Cut the squash in half with a SHARP knife. I’ve had to stick the knife in to get the cut started on some squash.
   
3. Remove the seeds and other center parts, just like you’d do for a cantaloupe. I wash the seeds out and leave a tiny bit of water on the inside and outside of the squash. It helps steam it.
   
4. Place both sides into a microwave oven, face down on wax paper. The paper helps seal the moister inside. Cook 4 minutes on HIGH. Be careful, the squash is VERY HOT!
   
5. Turn over – the wax paper may rip, but just verify that it covers the top.
   Cook 4 minutes on HIGH.
   You may need to cook longer if the squash is large, or mature or has been picked more than a few weeks ago.
   Be careful, the squash is VERY HOT.
   
6. After cooking, I use a sharp knife and slice into the sides to help the pepper and butter soak in.
   Be careful, the squash is VERY HOT!
   

Yummy. Each half serves 1.

If you’ve heard of the GTD, Getting Things Done, Method, some of these tools will be helpful:

• PocketMod Stuff – a tiny, foldaway, organizer
  • Travel
  • Walkable Maps – didn’t work for me
  • GTD PocketMod I use this daily
  • Another GTD PocketMod
• GTD TiddlyWiki
• And perhaps the best tip is the DIY-Planner This is a larger day planner.

Beyond GTD, remember not to get bogged down with too much process and just do it.

Here’s a few more links:

• The Hipster PDA
• GTD-Introduction
• GTD with Emacs
• Learning GTD
• Notecase
  with a GTD outline
• Randy Pausch Time Management Talk

There are many, many MS-Word or MS-Excel templates out there. Also, some MP3 training sessions can be found fairly easily. These are the GTDF – Getting Things Done Fast recordings. Or you can always buy the book, but you’re probably too busy to read it anyway.

In the interest of full disclosure, I haven’t tried this, but for the cost of a sheet of cardboard, a little toner and foil, you can build a wifi signal booster.

Here are the original plans or you can use the better cleaner template.

I can’t take credit for this idea, but I read about it someplace over 5 years ago. Why is it possible to have altered photo IDs at all anymore?

Use PKI.

When you request an ID (Drivers License, Photo ID, Passport), the request includes a photo. That photo is converted to electronic form and used in the creation of public and private keys of 4K length. The photo and private key are placed onto a server with extremely limited access that is replicated to however many disks (SAN) and remote servers as needed. That data is also replicated to read-only media which can be located at the larger custom facilities in case there’s a communication fault, but is generally not used. A secure web service is setup to allow anyone in the world with a login/password and smartcard to perform remote queries by passing the public key and some nominal text to help speed the DB queries (Country, Name, ID#) and limit and duplicate record queries that need to be decrypted with the provided public key. Purely a web interface for tiny customs offices or DMVs everywhere.

The photo, e-photo and public key are placed onto the ID Card along with the trivial ID information listed above.

Ok, so you’re the customs guy at a terminal. The passport holder hands you his/her passport and you swipe it. That kicks off the remote query to the main server farm (with your login data and smartcard data for tracking who’s looking at what records). While that query is being processed, the electronic photo is read from the ID and displayed. The query returns and that information is displayed with another photo and more data about the person standing in front of him/her.

The person, and 3 photos aren’t identical? Arrest that person!!!

3 Photos?
1) E-photo on the ID card
2) E-photo returned from the central server
3) photo inside the ID that humans see

Any failure in any of these being images being identical? Humans have an innate ability to tell when faces don’t match?

The fail safe media would need to be replenished dependent on the rate of new/changed data. Cross overs in rural North Dakota don’t need the same level of connectivity as JFK or Atlanta Airports OR the San Diego border.

As a technical architect, I think I can design around those problems with redundant servers and networking and power feeds. Of course, all the data transferred is fully encrypted with the keys predetermined by the customs officer and central servers. It is the physical control of the read-only backup use media that concerns me most.

Of course, each country needs to provide a way for other countries to validate that an authentic passport is being presented. That’s just another 3rd party signed part to the electronic data on the passport. GPG has the idea of getting lots of people to sign your public key with their private keys, thus building a web of trust. Obviously, that signature for countries should only come from the UN or other non-corrupt international standards body.

Am I missing any thing with this solution besides the obvious communications failure or power outage risks?

US State Department guy is less than confident talking tech, but he does say PKI, unconvincingly.

How to connect a Bluetooth Keyboard and Cell phone to a Nokia 770: http://blip.tv/file/892343

This guy does a good job showing the major things that any of the Nokia Internet Tablets can do and how to tether them (connect) to Keyboards and cell phones. He mentioned that some kind of driver download was needed. I did not need to download any drivers or anything else to use either my cell phone (or those of my friends with unlimited data plans) or keyboard. It just worked.

He completely left of Maemo-Mapper – a free GPS application. Just tether a GPS Receiver ($34) and you’re good. You can have GPS, Keyboard, Cell Phone all tethered over Bluetooth at the same time. It just works.

I didn’t realize that the media player would playback almost anything, including OGG. Interesting. I only use it to play MP3 audio – which it does nicely – WHILE THE GPS APP IS WORKING. Linux is multitasking – the N800 is no different. No studdering or any other issues seen with either the GPS or Audio player application. An optimized video would probably work well too – I generally just copy the same file that my TiVo produces (after removing the DRM envelope) to the device. That’s a 480×480 video and it plays back.

iPhone, this. iPhone, that. Complete BS. I wouldn’t allow those devices on my business network. I believe in TNO policies. TNO? Trust No One.

The iPhone isn’t secure. That’s why corporations won’t allow it on their networks.

Blackberry is secure. It can be remotely wiped. Access to corporate email is fully encrypted – over the entire wireless data network, inbound & outbound. It doesn’t trust the already hacked encryption that the wireless carriers use for data. Yes, GSM encryption has been hacked.

That’s why iPhones won’t and shouldn’t be used in corporations. BTW, the same applies to Windows-Mobile based deviced. Too open, too insecure. Blackberry got this right when they released the Blackberry EDGE line. Their earlier products like the RIM950/957 didn’t have encryption or remote data wiping.

TNO – I don’t trust Apple, Microsoft, even RIMM. Which technologies work, encrypted, without having to trust? RIMM’s does. What does a lost or stolen device do to your corporate network or data? RIMM lets you wipe the device remotely and brick it so it is useless to whoever found it. iPhone/WM? I’m certain that MS is working on this. The corporate market is that large. Apple will let their users beat up security professionals until they get allowed on the network – insecurely. BTW, Nokia and Palm users - whether I trust them depends on the device. TNO still applies.

I love Georgia Tax Free Holidays.

On these 4 days, I plan a trip to the local Fry’s to see what’s available as a deal. This year was no different. Thursday a few ex-TIAs from AT&T met up and shopped.
I walked away with this booty:

1. Intel Core 2 Duo E6550 ($139 bundle with MoBo)
2. ECS junk MoBo,
3. PCIe x16 nVidia 7200GS card (free AR) and
4. 2×1GB RAM ($18 AR)
   All for about about $160 AR today! Life was good. Then I discovered that the Mobo only supports 1 IDE connections – which needs to be a DVD drive. I need to get 1 SATA disk to boot it. Back to Fry’s.

Friday at Fry’s – 2 ex-TIAs meet. The mobo/CPU combo has changed to a 50% faster CPU, E8400 – for the same price!. Must get deal.

1. Return the Thursday deal, get the Friday CPU/Mobo deal. There’s more to the story because the returns guy said they were sold out – they weren’t.
2. Need a SATA drive since the exact same cheap Mobo is used. 500GB for $87 – eh, not the best price, but I need it. I mention that sounds expensive since the ad had a hitachi 500GB for $69 (which I don’t recall then).

Go and check out. The E8400 CPU doesn’t come with a fan/heatsink … need one of those!

Return the Thursday Mobo/CPU, come back inside. Search for a heatsink/fan – found $9.90. See a cheap power strip for $1.99 – pick it up. Check the ad and see that Hitachi 500GB for $69 is the deal I wanted. Ask about it – yep – get it. Now I need to return the $87/500GB drive. Pay – they make me sign something that says the disk can’t be returned after 15 days. Guess these are really bad disks? Just the disk in an anti-static bag is provided – no cables. I decide that returning the other 500GB disk is too much hassle – I need to mirror them anyway.

CPU Performance Summary:
|=.CPU|=. SPECInt Rate|=.Relative Perf|
|Intel E6600|=.53.7|=.1.0|
|Intel E6550|=.52.7|=.0.98|
|Intel E8400|=.81.5|=.1.57|

Definitely worth the $9.90 added cost to get 50% performance improvement!

Yes, I spent more than the $200 that I intended. Yes, I got much more machine. Yes, it is much cheaper than buying a new machine anywhere else. Heck, it may be fast enough to run MS-Vista …. ok, maybe not – it only has 2 CPUs and 2GB of RAM.

On the good news side, we couldn’t tell the total amount of RAM this cheapo mobo supported – turns out 4GB with 2×2GB sticks. That’s perfect.

I had a need to upgrade from a 6.xx release of Ubuntu this week and decided to do that rather than perform a fresh install of the current distro. My server has 3 years of tweaks – I’d hate to have to recall what they are, much less attempt to reproduce them on a fresh install. Not gonna happen.

All the instructions online explain how to do this with a GUI. What do you do when the X/Server doesn’t come up? That happened on my test machine on 7.04 – well, that isn’t exactly true. X did come up, but nothing else did. No menu, no left or right click on the desktop. Nada. Networking was up – I’m glad that I bothered to get it working on the first install – this was just a test machine anyway.

So the shortcut for each upgrade 6.xx>7.04>7.10==>8.04 is:

1. sudo vi /etc/apt/sources.list
   1. edit edgy ==> feisty
2. sudo apt-get update
3. sudo apt-get dist-upgrade
4. sudo apt-get -f install
5. sudo dpkg —configure -a
6. sudo lsb_release -a

Ok, so if you lose your desktop, add in at the end and reboot.

1. sudo apt-cdrom add
2. sudo aptitude update
3. sudo aptitude install ubuntu-desktop
4. sudo /etc/init.d/gdm start

Output should show a new release.

Simple?