Build your own “compute cloud”

In the recent Linux Journal, there was an article about “Eucalyptus”. 

EUCALYPTUS – Elastic Utility Computing Architecture for Linking Your Programs To Useful Systems – is an open-source software infrastructure for implementing “cloud computing” on clusters. The current interface to EUCALYPTUS is compatible with Amazon’s EC2 interface, but the infrastructure is designed to support multiple client-side interfaces. EUCALYPTUS is implemented using commonly available Linux tools and basic Web-service technologies making it easy to install and maintain.”

So if I have some time left… I’m going to take a look at it ;-)

More information can be found on http://eucalyptus.cs.ucsb.edu/

Apache – Access based on an IP or Username/password

Recently I came along the need of having access to some intranet site based on IP or if the IP was outside the LAN apache should prompt for a username/password.

It took me some time to figure out, but this can be done by the satisfy
option. So I now have in my apache-config the next configuration:

<Directory “/usr/local/www/intranet”>
  Options Indexes FollowSymlinks MultiViews
  AllowOverride None
  order deny,allow
  deny from all
  # Allow LAN Location A
  allow from 172.16.2.0/24
  # Allow LAN Location B
  allow from 172.16.3.0/24
  # Allow VPN-subnet
  allow from 172.16.250.0/24

  # Username/password request
  AuthType Basic
  AuthName “Example.Com Intranet”
  AuthUserFile /usr/local/etc/intranet/webusers.pwl
  require valid-user

  # Allow or require must be satisfied
  Satisfy any
</Directory>

And it is working well, if you’re from outside the defined subnets… you need to enter your username/password.

NSCD speeds up 4.1 times fetching user information from LDAP

At this moment I am setting up LDAP in a test environment, for usermanagement. One of my collegues suggested to use nscd together with LDAP to increase performance. So I did a small test with nscd turned off and nsdc turned on:

# service nscd stop
Stopping nscd: [ OK ]
# time for x in `seq 1 10000`; do X=`id pieter`; done
real    1m39.024s
user    0m19.467s
sys     0m40.919s
# service nscd start

Starting nscd: [ OK ]
# time for x in `seq 1 10000`; do X=`id pieter`; done
real    0m23.735s
user    0m4.645s
sys     0m18.829s

As you can see… nscd speeds up 4.1 times the lookups. There might be some other issues pop up with the use of nscd, but that’s what we will notice in the future.

The YubiKey

In the last issue of the Linux Journal, there is an article about the YubiKey. The YubiKey is providing One-Time-Passwords login, in a way Vasco and RSA do as well with their tokens. Although the YubiKey is working on (almost) any operating system…

Issues with connectivity on MORPHEUS

As you might have noticed, the last few weeks we had issues with the connectivity of morpheus.adslweb.net. We changed the contract (so we got physical connected to another network, but still from XS4ALL) and we installed a new ADSL-modem (a Fritz!…

Why is the script slow… (part 2)

In my previous post I wrote some about a script which was running slow. After a chat with a colleague he pointed me on the paging and there is a PERL module for LDAP-paging. So I implemented this in the script I was working on. See the next result…

Set up an open-wifi network…

Currently I use WEP encryption to secure my private WLAN. But WEP is little bit old… and hackable. So I tried to setup WPA on my Linux-laptop, but with no success I don’t know what I do wrong, although I don’t want invest a lot of time in it. …

No panic for the “Kernel Panic!”

Recently at work I had to migrate a physical server to a VMWare-instance. First I made a dump of the live (!!!) system using dd.

dd if=/dev/sda
| ssh [email protected]
‘cat – > /opt/vmware/oldserver/oldhd.dd’

When this was done, I had to create a VMDK-file, otherwise VMWare-server doesn’t understand (there is no support to add ‘raw’ images to an instance. You can create a VMDK-file using dd2vmdk :-P

After this, I added the virtual-disk to the virtual instance. :-)

So I powerup the vmware-instance… and guess what… A Kernel Panic occurs :'(

But… no panic… I started digging into the initial ramdisk. And I found that the SATA-module, which is required for booting a VMWare-SCSI disk, is not available in the initrd :-(

So, I had two options:

  1. Create a new ramdisk with the right modules;
  2. Change the type of the virtual disk into IDE.

I choose for the second option, the main VMDK-file is a plaintext file and all you have to do is change the entry:

ddb.adapterType = “lsilogic”

into

ddb.adapterType = “ide”

And after powerup the system again… It worked :-P