Category Archives: Linux

ipcalc on Fedora

Linux No Comments

One of the most handy utilities I’ve used for a long time is ipcalc. It basically gives you all sorts of information on IP addressing, subnets, etc. The output looks like this:

ipcalculator output

It seems the RedHat engineers have a bit of their own mind and so they come up with a different version which doesn’t resemble anything at all on the above picture but looks like this but uses the same name:

ipcalc output

So in case you still want the above do a “yum install ipcalculator” and add an ipc alias for abbreviation in your .bashrc file.

ipc x.x.x.x/xx give then the above shown output.

Cheers,
Erwin

tcsd service failed to start

Linux No Comments

With Fedora comes an option to have tcsd installed. Well, its not really an option. It installs by default apparently. This got me a bit baffled to see failed services on an almost brand new PC.

So what is exactly this tcsd service?

It turns out that the tcsd is a user space daemon to interact with the TPM kernel module in which is needed by hardware provided encryption services. For this you will need to have this TPM chip and since I don’t have this (nor likely to have the need for such in the near future) I’m fine to turn this off with “systemctl disable tcsd.service.

The tcsd service is a small section in the overall Trusted Computing Platform stack of solutions. The over goal is to have a piece of hardware covering encryption services to all levels of the computing stack. The idea is to have a separate bulletproof section in the system providing a trust chain not relying on memory and storage. This prevents rootkits and other type of malicious stuff infecting you system. By system I don specifically mean PC or sever since the stack is meant to be open for all sorts of equipment. If you need to secure your toaster you could potentially do so. You’ll also find the TPM architecture used by companies like Hitachi, Boing, Cisco and Microsoft. From a storage perspective TPM also plays a role in the SNIA Storage Security Industry Forum.

The overall specification is outlined by the Trusted Computing Group. A fairly large group of companies who define and contribute to the specification and develop products for this specific purpose.

Many opensource resources exist on the web but for a best start go to the above mentioned link. The Trousers libraries are the Linux opensourse interfaces mainly developed by IBM with help from many around the world.

See http://trousers.sourceforge.net

This page provides an short overview of what sits were in the TCG stack.

What I don’t know (yet) is where this all might play in the UEFI discussion Microsoft started off a while ago.  It either seems to complement each other or you’ll have conflicts. Don’t know yet. Might be worthwhile investigating.

Cheers,
Erwin

NVIDIA card and Nouveau

Linux No Comments

So with the new box I ordered a NVidia GeForce GT 640 Grafx card. I need some desktop realestate and thus a very high resolution card. This one came very good in the middle from a price and performance perspective.

Since a couple of kernel version ago Linux comes with the OpenSource nouveau drivers which are the alternative for the official NVidia drivers which are still closed source. I’m not that kind of guys who buys a very good piece of machinery to let it cripple by incomplete drivers. (No offence to the Nouveau developers. It’s not their fault NVidia doesn’t play nice with the open-source world.) So I do want to use the official drivers but that lets you run into some problem since the Nouveau drivers are loaded by default.

This calls for some blacklisting so you add in /etc/modprobe.d a new file called blacklist-nouveau.conf with a oneliner:

blacklist nouveau

This prevents the nouveau driver from being loaded at boot time. At least that’s what you think 🙁

Then install the official NVidia driver with “yum localinstall “.

It turns out that the nouveau driver is also statically compiled into the kernel boot image so you have to copy or rename that one and use dracut to create a new one which also takes your balcklisted nouveau driver into account:

#> dracut -f /boot/initramfs-$(uname -r).img $(uname -r)

Then reboot the system once more ad you’re done.

The lsmod shows you a line like this:
nvidia              11262717  41
and the nouveau driver is out of the picture.

Cheers
Erwin

Some disk settings I adjusted

Linux No Comments

Given the fact I now have an SSD drive running the /boot and root partition I do want to make the most of it. So in order to improve and keep this improvement over time I did the following:

I first reduce the amount of “swappiness” to the minimum. The box has 16G ram so I have enough headroom plus I move the swap partition to the spinning disk.

In sysctl -a:

vm.swappiness = 1
vm.vfs_cache_pressure = 100

I enabled the discard option on the ext4 filesystems to enable TRIM in order to free up block upon release

In fstab:
/dev/mapper/vg_monster-lv_root /                       ext4    defaults,discard        1 1
UUID=3de72813-da36-4a6e-89e1-4805b0fc03ea /boot                   ext4    defaults        1 2
/dev/sdb1             swap                    swap    defaults        0 0

So the vg_monster-lv_root sits on the SSD drive and the swap space + /home partition on the spinning rust.

There are two reasons for this.
1. I can monitor the rotating disk for increasing faults. By default any spinning disk has some spare blocks so it can either try and rewrite the failing block to a good one or just mark the block as bad so I would most likely lose just one block or sector.
2. SSD’s don’t have the option for marking a single block as bad. Most likely an entire cell fails which in general will brick the disk. I can rebuild an OS fairly quickly but my homedrive with all settings and data is a much larger piece of work. In addition it’s much easier to rsync a single directory that the entire box to another medium. 🙂

In addition I changed the default CFQ scheduler to deadline in other to get the optimum number of queues and timeout deadlocks on read/write operations. This scheduler prevents from processes having to wait for requests by other processes too long causing them to timeout.

[root@monster ~]# cat /sys/block/sda/queue/scheduler
noop [deadline] cfq
[root@monster ~]# cat /sys/block/sdb/queue/scheduler
noop deadline [cfq]
[root@monster ~]#

I added some udev rules to sort this out on boot:

[root@monster ~]# cat /etc/udev/rules.d/60-disk-scheduler.rules
# set deadline scheduler for non-rotating disks
ACTION==”add|change”, KERNEL==”sd[a-z]”, ATTR{queue/rotational}==”0″, ATTR{queue/scheduler}=”deadline”

# set cfq scheduler for rotating disks
ACTION==”add|change”, KERNEL==”sd[a-z]”, ATTR{queue/rotational}==”1″, ATTR{queue/scheduler}=”cfq”

Some more to come when I figure some stuff out.

Cheers
Erwin

dot desktop in Gnome

Linux No Comments

OK so this one got me going for a while. Yes, did not read the Developers and Administrator guides. Maybe I should have.

This week I received a new PC with some serious grunt. Boot time takes on Fedora 17 +- 4 seconds including a shitload of daemons.

I also did not want to lose an of my settings and data so I rsync-ed the entire ~ folder from my old PC to this one. Beside the usual packages that are installed I also have some serious modified settings but one of the most annoying things I could not figure out was that many icons in the Gnome grid were reporting these square boxes and I also was missing some other icons I would have expected to be in the grid. On any normal interface you do a right-click and you get presented with a dialogue-box which lets you add/remove/muck-up these icons. Not so in Gnome-shell. It turns out you have to do this my hand by adding so call “xxx.desktop” files in the ~/.local/share/applications folder. Most app packages provide this file and yank it it there but if you have some which don’t then just copy and modify an existing one.

I do seriously hope the Gnome devs will sort this out asap since this looks like going back to the stone age.

Cheers
Erwin

Is there anything Linux does not have??

Linux No Comments

I’ve been using Linux since 1997 and back in the “good old days” it could take weeks to have a proper setup which actually had some functionality in it beyond the Royal Kingdom of Geekness.It was a teeth-pulling exercise to get the correct firmware and drivers for a multitude of equipment so if it didn’t exist you were relying on the willingness of hardware vendors to open up their specs so you could work on this yourself.


So much has changed over these last 15 years in the sense that even my refrigerator and phone is running Linux as well as the largest hadron collider and even space stations run on Linux. The vast amount of manufacturing consortium’s are actively developing on and for linux and it looks like the entire IT industry shifts from proprietary operating systems to this little opensource project Mr. Torvalds kicked of almost two decades ago. His fellowship in the IT Hall of Fame is well deserved.

One area were Linux is hardly seen is still on the regular desktop at peoples home office desktops and this is one of the big shortfalls that linux still has. All of the above mentioned examples are really specialised and tailored environments where Linux can be “easily” adopted to suite exactly that particular need and it does an incredible job at it. The people who use Linux have either a more than average interest in computing or fall into the coke and chips/pizza category (Yes, Geeks that is). Just walk into a computer store and ask for a PC/laptop (whatever) for a PC but have them remove the windows operating system, subtract the MS license fee from the invoice and ask for a Fedora/Ubuntu/”you name one of the 100’s of distro’s” to be installed instead. Chances are fairly high you get some glare eyes staring at you. This is the big problem Linux faces.

From a hardware support level most of it if fairly well covered. Maybe not under open-source licenses but from a usability perspective this doesn’t really matter.

Although the Linux foundation does a good job in promoting and evangelizing Linux it will never have the operational and financial power companies like Microsoft have so a commercial heads-on attack is doomed to fail. The best approach, i think, although perceived long term thinking, is via the educational system. make sure young children get in touch with different operating systems so they have the choice of what to use in the future. I recently knocked off windows from my somewhat older laptop and installed Ubuntu. My kids are now using this one for all sorts of things. My son discovered the command line and he’s getting curious. (He thinks he’s smart so I use SELinux, pretty annoying for him :-))
The thought behind this all is they also get another view of what computers can do and that there is more than MS.

As for day to day apps I think Linux still falls short on office automation. Regarding functions and features they still can’t compete with MS but the catchup game has begun.

Cheers
Erwin van Londen

Open Source Storage

Storage No Comments

Storage vendors are getting nervous. The time has come that SMB/SME level storage systems can be build from scratch with just servers, JBOD’s and some sort of connectivity.

Most notably SUN (or Oracle these days) has been very busy in this area. Most IP was already within SUN, Solaris source code has been made available, they have an excellent file-system (ZFS) which scales enormously and has a very rich feature set. Now extent that with Lustre ** and you’re steaming away. Growth is easily accomplished by adding nodes to the cluster which simultaneously increases the IO processing power as well as throughput.


But for me the absolute killer app is COMSTAR. This way you can create your own storage array with commodity hardware and make your HBA’s fibre channel targets. Present your LUNS and connect other systems to it via a fibre channel network. Better yet even iSCSI and FCOE are part of it now. Absolutely fabulous. These days there would be no reason to buy an expensive proprietary array but use the kit that you have. Ohh yes, talking about scalability, is 8 exabyte enough on one filesystem and over a couple of thousand nodes in a cluster. If you don’t have these requirements it works one a single server as well.

The only thing lacking is Mainframe support but since the majority of systems in data-centres have Windows or some sort of Unix farm anyway this can be an excellent candidate for large scale Open Source storage systems. Now that should make some vendors pretty nervous.

Regards,
Erwin

**ZFS is not yet supported in Luster clusters but on the roadmap for next year