tag:blogger.com,1999:blog-19709532275160015982024-03-06T01:05:55.076-08:00ktower's kontemplationsKevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-1970953227516001598.post-55784924664334911102014-08-12T21:53:00.000-07:002014-08-12T21:53:26.443-07:00Wreck Diving ClassIt has been entirely too long since I have posted here; let's see about fixing that.<br />
<br />
Over the previous weekend, I took the <a href="http://www.padi.com/scuba-diving/PADI-Courses/Course-Catalog/wreck-diver-Course/">PADI Wreck Diver Specialty</a> class from <a href="http://www.tlsea.com/">TL Sea Diving</a>. The vast majority of the class was spent diving a couple of wrecks up in Nanaimo, BC. It was an incredible amount of fun, although admittedly a little nervous for me.<br />
<br />
The wrecks we dove were the <a href="http://www.vancouver-island-dive-sites.com/hmcs-cape-breton.html">HMCS Cape Breton</a> and the <a href="http://www.vancouver-island-dive-sites.com/hmcs-saskatchewan.html">HMCS Saskatchewan</a>. Both of these wrecks are not only wreck dives, but they are deep dives, with the decks of the ships at somewhere around 100 fsw. I actually haven't done very much deep diving, with my deepest dive to date being 112 ft, so triple-digit depths don't make me entirely comfortable. Combine that with the fact that access to these dives was via a fairly small, motion-sickness-inducing boat, and I'm more used to simple shore dives (or better yet, the diving platform at the Aquarium!), the whole environment made for a bit of discomfort.<br />
<br />
Despite all this, I had a wonderful time. The visibility was fantastic on all of these dives (I'd say typically 50 feet or more), and there was a ton of life growing on the boats. Various species of rockfish, lingcod, cabezon were among the fish representing themselves, and just about every surface of the boats were covered with giant plumose anemone, sponges and hydroids.<br />
<br />
Of course, we didn't just explore the exterior of these ships, as full of life as they were. The class also teaches skills necessary to safely penetrate a wreck (for the non-divers reading this, any environment that prevents you from having direct access to the surface, otherwise known as an "overhead environment" is generally a Bad Thing unless you have the proper training). The skills we did were:<br />
<br />
<ol>
<li>Swim-through a 3-walled environment. The Cape Breton has partially enclosed hallways/decks that are enclosed on 3 sides (top, bottom, and one side). We swam through this just to get used to the feeling of having something over our heads and practice good finning technique in a safe environment (a poor kick wouldn't silt up the area).</li>
<li>Limited penetration without a line. These ships are great for this because before they were sunk, large access holes were cut out of the hull, meaning that you can swim through many of the hallways and always have an exit easily within view. We swam into the Saskatchewan's bridge and through a few different rooms, including the location where the ashes of Raymond Goode, a former crew member of the HMCS Saskatchewan, are kept.</li>
<li>Penetration on a line. Again on the Saskatchewan, we wandered into the interior, but following a line strung by our instructor.</li>
</ol>
<div>
On the fourth wreck dive, we ended up doing a full-length penetration of the Saskatchewan, starting from the aft munitions bay and swimming through the halls until just before the bow. It was a little spooky, but also very cool.</div>
<div>
<br /></div>
<div>
And finally, while it wasn't a wreck dive, we were also given a chance to dive a nearby site named <a href="http://www.vancouver-island-dive-sites.com/snake-island-wall.html">Snake Island Wall</a>. This was another spectacular dive, with tons of life to see (probably the largest cabezon I've ever run across), and amazing visibility.</div>
<div>
<br /></div>
<div>
Unfortunately, I didn't get any pictures or video of any of these dives. I decided that I didn't need the additional task loading of taking pictures and opted instead to focus on the skills. I wish I had some pictures, though, because the views were really spectacular. I guess that just means I'll have to go back. In the mean time, though, here are a couple of videos that someone else has taken of their dives on the sites.</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/v5mkNiLCGX0?feature=player_embedded' frameborder='0'></iframe></div>
<div style="text-align: center;">
(Courtesy of Youtube user <a href="https://www.youtube.com/user/wolfeeldiver">Michael Meagher</a>)</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://ytimg.googleusercontent.com/vi/YL_X14YZF9I/0.jpg" height="266" width="320"><param name="movie" value="https://youtube.googleapis.com/v/YL_X14YZF9I&source=uds" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="https://youtube.googleapis.com/v/YL_X14YZF9I&source=uds" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<div style="text-align: center;">
(Courtesy of Youtube user <br />
<a href="https://www.youtube.com/channel/UC60yZTdOp-F4lMpXewmLXpw">Jack Beslanwitch</a>)<br />
<br />
<div style="text-align: left;">
Finally, if you care to look, as is my practice, the dive logs for these dives are available <a href="https://sites.google.com/a/towerfamily.org/ktower/dive-logs/2014">online</a> as well.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
All in all, this was a fantastic trip. I will definitely need to revisit at some point so I can take a closer look at what is there.</div>
</div>
Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0Nanaimo, BC, Canada49.215919314895736 -123.8902829006835949.195174814895736 -123.93062340068359 49.236663814895735 -123.84994240068359tag:blogger.com,1999:blog-1970953227516001598.post-67264299311705121362013-07-08T22:52:00.001-07:002013-07-08T23:00:21.833-07:00ROV CompetitionRecently, I had the pleasure of being able to assist at the <a href="http://www.marinetech.org/rov-competition/">International MATE ROV competition</a>, held at the King County Aquatic Center in Federal Way, WA this year. My function was a diver -- I helped set up the underwater "courses" for the student teams to run their robots through, and then spent one day at the competitions assisting.<br />
<br />
<a name='more'></a><br />
During competitions, divers have the following functions:<br />
<ul>
<li>reset the course after a team has completed their run</li>
<li>act as the judges' eyes if there is a question about the state of the course ("did the team properly insert the widget into the slot?")</li>
<li>untangle the team's ROV if it gets stuck on something (but only after receiving permission from the judges, as this results in a penalty to the team).</li>
</ul>
<div>
While the teams were preparing and running their ROVs, there wasn't a whole lot for us divers to do, so I spent a lot of the time taking pictures and video. Finally tonight I have posted these online, mostly un-curated (I removed the out-of-focus pictures but otherwise didn't do much to post-process them):</div>
<div>
<br /></div>
<div>
<ul>
<li><a href="https://plus.google.com/photos/103701444336768946958/albums/5891789643441953425">Photos at Picasa/Google+</a></li>
<li><a href="http://www.flickr.com/photos/ktower/sets/72157634243388294/">Photos at Flickr</a> (slightly higher quality)</li>
<li><a href="http://www.youtube.com/playlist?list=PLyzuimOJqIEBzLH6djnQ9BAvLAqgwIoku">Video playlist at YouTube</a></li>
</ul>
</div>
Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0Federal Way, WA, USA47.295530827419483 -122.3432350158691447.290146327419485 -122.35332001586914 47.300915327419482 -122.33315001586914tag:blogger.com,1999:blog-1970953227516001598.post-54924363898659169122013-02-22T11:20:00.001-08:002013-02-22T11:20:50.095-08:00Redhat Enterprise Linux, IPv6, and SLAACIf you are just starting to get into IPv6, you might notice in your researching that there are a very large number of web sites out there that "solve" IPv6 issues by describing how to outright <i>disable</i> the IPv6 protocol on a host entirely. With the pool of IPv4 addresses having been exhausted for quite some time now, I feel this is a very short-sighted approach. In the end, it is better to understand the problem and solve it rather than simply sweeping it under the carpet. What follows is a description of a problem I spent the better part of a day investigating, namely trying to get a RedHat Enterprise Linux (RHEL) server to properly stop auto-assigning its own IPv6 address.<br />
<br />
<h3>
Disclaimer</h3>
I should mention that I am by no means an "expert" on the topic. Most of what I have learned has been by piecing together bits of information from various sources that were either vague, incomplete, or outdated (as is much of the IPv6 information out there, sadly), and by brute-force experimentation on my own RHEL systems. What I write here is completely of a "it worked for me, but YMMV" nature.<br />
<br />
<h3>
IPv6 Addressing Primer</h3>
<div>
IPv6 is still "new" enough to many people that I feel a quick primer is warranted.</div>
<br />
If you have a RedHat Enterprise Linux host on a network and haven't taken any of these steps to disable IPv6, you will probably observe that out of the box, it will have a "<a href="http://en.wikipedia.org/wiki/Link-local_address">link-local</a>" address assigned to every network interface. These addresses start with "fe80", are automatically generated based on the interface's MAC address, and provide connectivity only on the local network segment.<br />
<br />
As soon as global IPv6 connectivity is added to a connected network, you will likely see another address pop up on the interface associated with it. This will be a globally routeable address that is automatically determined via "<a href="http://en.wikipedia.org/wiki/IPv6#Stateless_address_autoconfiguration_.28SLAAC.29">Stateless Autoconfiguration</a>" or "SLAAC". Like the link-local address, it is "self-assigned" by the client system, and is typically based on the interface's MAC address (unless <a href="http://en.wikipedia.org/wiki/IPv6#Privacy">privacy extensions</a> are enabled). However, the client needs to know information, such as the IPv6 subnet and router information. These are provided via periodic "router advertisements" or RAs that are ICMPv6 broadcast packets containing these data. These RAs are periodically broadcast by a router (typically about every 10 minutes), but can also be explicitly requested by the client via a "Router Solicitation" ICMPv6 request.<br />
<br />
There are other ways of accomplishing this, such as via DHCPv6, but for the purposes of this article, SLAAC is what we care about. Plus, my impression is that DHCPv6 is still rather new and isn't used as much.<br />
<br />
<h3>
The Problem</h3>
<div>
This stateless auto-configuration works great for client systems -- systems where a user is typically sitting at a keyboard and interacting directly with the computer. Much in the same way a client system frequently receives an IPv4 address automatically via a DHCP server, SLAAC provides a way to automatically assign IPv6 addresses: turn on IPv6 on the network and things "just work."</div>
<div>
<br /></div>
<div>
The same can't necessarily be said for IPv6-connected <i>servers</i> however. Just as it is fairly uncommon to let your servers auto-assign an IPv4 address via DHCP (yes, I know it can be done in a perfect world. Perhaps I'm just old fashioned), you probably don't want an IPv6 address to auto-assign either. You may not be ready to offer IPv6 services on the system, or you aren't prepared to support IPv6 because you don't have a firewall configuration ready to support it. No matter what your reason, you probably don't want a server to obtain a globally-routable IPv6 address until you are ready to support it, so you don't want SLAAC.</div>
<div>
<br /></div>
<div>
One way to accomplish this is to simply turn off router advertisements for the entire network. However, this leads to its own problems -- what if you have some systems that need IPv6 and others that don't? Or, in some cases this may lead to reduced functionality of the network as a whole (for example, I'm told by the network engineers at work that disabling RAs on a subnet will break VRRP for the subnet, effectively eliminating router redundancy).</div>
<div>
<br /></div>
<div>
The better solution would be to simply configure the server to ignore router advertisements, effectively disabling SLAAC. Then you can add an IPv6 configuration when you are ready to support it.</div>
<div>
<br /></div>
<div>
Googling will tell you that on a Linux system the way to do this is to set some kernel tunables in /etc/sysctl.conf and restart your networking stack:</div>
<div>
<br /></div>
<blockquote class="tr_bq">
<span style="font-family: Courier New, Courier, monospace;">net.ipv6.conf.all.accept_ra = 0<br />net.ipv6.conf.default.accept_ra = 0</span></blockquote>
<div>
<br /></div>
<div>
However, on a Redhat Enterprise Linux (or any of the various clones), you might be in for a bit of a surprise. Despite these settings being in sysctl.conf, upon a reboot, you may find a nasty surprise:</div>
<div>
<br /></div>
<div>
# sysctl -a | grep "accept_ra ="</div>
<div>
<div>
net.ipv6.conf.default.accept_ra = 1</div>
<div>
net.ipv6.conf.all.accept_ra = 1</div>
<div>
net.ipv6.conf.eth0.accept_ra = 1</div>
<div>
net.ipv6.conf.lo.accept_ra = 1</div>
</div>
<div>
<br /></div>
<div>
The active configuration still has the settings enabled! And if you look at your network interfaces, you'll note that they do in fact still have globally routeable IPv6 addresses. What goes on?</div>
<div>
<br /></div>
<h3>
The Solution</h3>
<div>
The key lies in the <span style="font-family: Courier New, Courier, monospace;">/etc/sysconfig/network </span><span style="font-family: inherit;">file. The following lines need to be present:</span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">NETWORKING_IPV6=yes</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">IPV6_AUTOCONF=no</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: inherit;">After the lines have been added, you can make the configuration active via a standard network stack restart via "</span><span style="font-family: Courier New, Courier, monospace;">/sbin/service network restart</span><span style="font-family: inherit;">". If all goes well, you should see the SLAAC-assigned v6 address disappear, and the kernel tunables are changed to more desirable values.</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
Without these lines, RHEL seems to actively revert to the default case of enabling SLAAC, as seen above. Also, both lines are required. Unless the first is present and enabled, any other IPv6 directives appear to be ignored.</div>
<div>
<br /></div>
<div>
Once you are ready to actually support IPv6 on your server, you can then proceed to manually assign an IP address in the appropriate /etc/sysconfig/network-scripts/ifcfg-* file (using the IPV6ADDR and IPV6_DEFAULTGW variables). Or, you could turn on SLAAC again by setting IPV6_AUTOCONF=yes I suppose, but I wouldn't recommend it.</div>
Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0tag:blogger.com,1999:blog-1970953227516001598.post-18381663969343914972012-11-28T09:58:00.000-08:002012-11-28T09:58:41.092-08:00XenServer Management and Jumbo FramesIn a word, don't do it.<br />
<br />
Perhaps some additional background would help. :)<br />
<br />
We maintain many XenServer pools, most of which consist of four "compute" servers attached to a shared storage array. Each server has two ethernets acting as a management network bond, as well as two ethernets acting as a bond for VM traffic. The VM traffic is VLAN-tagged, the management traffic is not.<br />
<br />
We had recently upgraded all of our pools to XenServer 6.1, a little faster than we typically would have so that we could gain access to some of the cool, new features (e.g., inter-pool VM migration). Life is good, everything works fine. Until it came time to apply a couple of patches. After applying a patch I would reboot the server, at which point it would momentarily re-contact the pool and then disappear. The Xapi services on the host would not respond, and the pool master would not acknowledge the node's presence. SSH connectivity to the node worked, however.<br />
<br />
This issue proved to be pre-existing, as in the patches were not what caused the problem. I tried rebooting a node that had vanilla XS 6.1 and it exhibited similar symptoms. It was just coincidental that the servers had not been rebooted until it came time to apply patches.<br />
<br />
After some experimentation and trial and error, I was able to [reliably] get the node back online by performing an "emergency network reset" and rebooting. However, the node would rejoin successfully only until the next reboot, whereupon it became a case of rinse, lather, repeat.<br />
<br />
Further trial-and-error showed that if I removed the management bond entirely and ran all management traffic through a single interface, reboots worked properly and as expected (i.e., the system would seamlessly rejoin the pool). Recreate the bond and the problem re-manifested.<br />
<br />
Hrm.<br />
<br />
After a period of tearing out my hair over this, I noticed the MTU setting. We typically configure our VM traffic bonds with an MTU of 9000 so that customers can use so called "jumbo frames" within their VMs. Without putting too much thought into it, we had also been configuring our management bonds with MTU=9000 as well. On a hunch, I re-created the management bond, but this time with a default MTU of 1500. Rebooted the node and....SUCCESS! It correctly re-joined the pool after a reboot.<br />
<br />
So, the moral of the story seems to be that if you have XenServer 6.1 installed on a system with a bonded management interface, ensure that bond has the default MTU of 1500. Jumbo frames seem to make it unhappy for reasons unknown to me. We've had these bonds enabled for quite some time -- this behavior seems to be new with version 6.1. I haven't yet contacted Citrix to see if they are aware of the issue or not, but I thought I would at least document the issue here, in case someone else out there runs into similar problems. I know that my many, many google searches on the matter ended up being fruitless.<br />
<br />
The silver lining in this particular cloud is that throughout all this mess, all of our virtual machines stayed online and had no issues whatsoever, so our customers were never even aware there was a problem! That has to count for something...Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com1tag:blogger.com,1999:blog-1970953227516001598.post-8987126311266167552012-06-30T23:51:00.000-07:002012-06-30T23:51:28.570-07:00Linux Kernel and Leap SecondsWe had several systems at $WORK tonight become somewhat unresponsive. CPU usage was pegged, and interactive response times were typically abysmal, sometimes waiting several seconds and/or minutes for keystrokes to be acknowledged.<br />
<br />
In addition, some systems were responding well enough, but had <i>very</i> high context switch rates. The lowest rate I saw was about 500,000 context switches a second, but the highest I saw was over 2.8 <i>million</i> switches a second!<br />
<br />
Almost all of the poorly-performing systems were virtual servers, and the performing-okay-but-high-context-switch-rate systems were all physical servers. I hypothesized that the problem was the same one, but the physicals had more CPU power available to them -- most of our VMs don't have more than 2-3 vCPUs, whereas the physicals have upwards of 16 in some cases, if you count hyperthreads.<br />
<br />
As it turns out, it was being caused by some weird (sorry, I'll try to keep from adding any more of this technical jargon...) kernel interaction when it processed the <a href="http://en.wikipedia.org/wiki/Leap_second">leap second</a> that occurred today. For more details, I turn you now to the blog entry that helped me narrow the problem down and provided me with a simple fix:<br />
<br />
<a href="http://blog.mozilla.org/it/2012/06/30/mysql-and-the-leap-second-high-cpu-and-the-fix/">http://blog.mozilla.org/it/2012/06/30/mysql-and-the-leap-second-high-cpu-and-the-fix/</a>
<br />
<br />
For the record, should this link ever stop working, he said:<br />
<br />
<blockquote class="tr_bq">
<div style="color: #303030; font-family: 'Lucida Grande', Helvetica, Arial, sans-serif; font-size: 13px; line-height: 19px; margin-bottom: 1.5em; padding: 0px;">
The fix is quite simple – simply set the date. Alternatively, you can restart the machine, which also works. Restarting MySQL (or Java, or whatever) does NOT fix the problem. We put the following into puppet to run on all our machines:</div>
<div style="color: #303030; font-family: 'Lucida Grande', Helvetica, Arial, sans-serif; font-size: 13px; line-height: 19px; margin-bottom: 1.5em; padding: 0px;">
<code style="font-size: 1.07em;">$ cat files/bin/leap-second.sh </code><br />
<code style="font-size: 1.07em;">#!/bin/bash</code><br />
<code style="font-size: 1.07em;"># this is a quick-fix to the 6/30/12 leap second bug</code><br />
<code style="font-size: 1.07em;"></code><br />
<code style="font-size: 1.07em;">if [ ! -f /tmp/leapsecond_2012_06_30 ]</code><br />
<code style="font-size: 1.07em;">then</code><br />
<code style="font-size: 1.07em;">/etc/init.d/ntpd stop; date -s "`date`" && /bin/touch /tmp/leapsecond_2012_06_30</code><br />
<code style="font-size: 1.07em;">fi</code></div>
</blockquote>
<br />
His solution was a lot more elegant than mine, which was to simply reboot the system. :) It was also a lot easier to apply prophylactically to our entire fleet.<br />
<br />Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com3tag:blogger.com,1999:blog-1970953227516001598.post-18807008443625864152012-03-14T19:25:00.000-07:002012-03-14T19:27:11.280-07:00Piecaken for Pi DayAwhile ago I ran across <a href="http://www.flickr.com/photos/ludiecochrane/6632108835/">a flickr picture</a> of a "piecaken." For the uninitiated, a piecaken is a cake with one or more pies baked into it. The version in the link is a two-layer variety, but I realized that a single layer wouldn't actually be too difficult. I also made the mistake of mentioning it at the office shortly after the announcement of the annual <a href="http://en.wikipedia.org/wiki/Pi_Day">pi day</a> celebration where we bring in pies of all shape to share with each other in celebration of this well known mathematical constant. Unfortunately, I mentioned it within earshot of my director, who also happened to be the organizer of this party, and she virtually insisted that I had to bring one. Despite my trepidations, not only in my rather lacking skill-set in this area (I'm not exactly the world's greatest baker), but also whether or not it would taste any good, I set forth to create one.<br />
<br />
<a name='more'></a><br /><br />
The actual process was a bit problematic, but mostly due to my own stupid mistakes -- such as turning the mixer to the high speed setting instead of the "off" position while extracting it from the batter, and misreading the instructions ("Why is this batter so thick? Wait -- <i>how</i> much water was I supposed to add?"). I tried to make it as simple as possible and got everything store-bought:<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9tuazBWE0fO-k2sRF-NBG2NsKCiVaIm4qDMeMRTsEKjskpERM2gWUQGr_d9LR7XJbbPkrdHHHqKygY1TlJhYW6HuV5pCz4YdnGxvAtXmEOGit0FG4iy43KaH69dwL5971QeMw_sRBpsnB/s1600/20120312-P1000862.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9tuazBWE0fO-k2sRF-NBG2NsKCiVaIm4qDMeMRTsEKjskpERM2gWUQGr_d9LR7XJbbPkrdHHHqKygY1TlJhYW6HuV5pCz4YdnGxvAtXmEOGit0FG4iy43KaH69dwL5971QeMw_sRBpsnB/s320/20120312-P1000862.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The supplies</td></tr>
</tbody></table>
<ul>
<li>pre-made cherry pie </li>
<li>chocolate cake mix </li>
<li>can of chocolate frosting </li>
<li>jar of maraschino cherries (optional) </li>
</ul>
At that point it was pretty simple process:<br />
<ol>
<li>Mix the batter as per the instructions on the box</li>
<li>Pour a little bit of batter into a round baking pan (I used about 1 1/3 cups)</li>
<li>Place the de-tinned pie on top of the poured batter</li>
<li>Pour some more batter on top </li>
<li>Bake as per cake instructions. I found it took a little longer to fully bake than what the instructions indicated.</li>
</ol>
I made a mistake in step 4 by pouring too much batter -- it ended up "boiling over" during the baking process, so I don't know how much is an appropriate amount to add. However, it actually came out okay, especially after I added the frosting and a few cherries for garnish:<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBbQsYfZddxRM0yPq_O43ZrEyPGcmuNX_PgBQB_ndfPE1iB909EqDOhH6B_mBnaOz0DwEeSlcOcFZ7yRrOeldKd9TYwK00E3OgMyyiluLYTHbhCBI67rWDOVw8ZqQ8b-oFI_vor0lmzJeW/s1600/20120314-P1000873.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBbQsYfZddxRM0yPq_O43ZrEyPGcmuNX_PgBQB_ndfPE1iB909EqDOhH6B_mBnaOz0DwEeSlcOcFZ7yRrOeldKd9TYwK00E3OgMyyiluLYTHbhCBI67rWDOVw8ZqQ8b-oFI_vor0lmzJeW/s320/20120314-P1000873.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The finished product</td></tr>
</tbody></table>
It actually tasted pretty good, although very rich. And if the empty plate after our celebration finished was any indication, others apparently agreed with me!<br />
<div>
<br /></div>
<div>
I only worry about what sort of precedent I've now set for <i>next</i> year's pi day celebration...</div>
<div>
<br />
<br />
<br />
<center><embed flashvars="host=picasaweb.google.com&captions=1&hl=en_US&feat=flashalbum&RGB=0x000000&feed=https%3A%2F%2Fpicasaweb.google.com%2Fdata%2Ffeed%2Fapi%2Fuser%2F103701444336768946958%2Falbumid%2F5719933335004966689%3Falt%3Drss%26kind%3Dphoto%26hl%3Den_US" height="192" pluginspage="http://www.macromedia.com/go/getflashplayer" src="https://picasaweb.google.com/s/c/bin/slideshow.swf" type="application/x-shockwave-flash" width="288"></embed></center>
</div>
<div>
<br />
<br /></div>Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0tag:blogger.com,1999:blog-1970953227516001598.post-37881985643392870522012-02-22T09:44:00.001-08:002012-02-22T09:44:54.775-08:00Goodbye Cable TV...AlmostI've been working for the past few weeks to prepare for the severing of relationships with our current cable TV provider -- signing up for Hulu, building a HTPC (Home Theater Personal Computer, for the uninitiated), etc. Last night, I completed the last few steps -- powered down the TiVo and removed the CableCARDs in it. Then, this morning, I called to cancel my account.<br />
<br />
Except I didn't do it.<br />
<br />
As I had expected, I was passed over to the "retentions" department and I was given a few options to entice me to stay. What I wasn't expecting, however, were the plans that didn't have any promotional pricing, and pretty reasonable prices at that. I ended up scaling us back to the "bare bones minimum" plan that only gives us the network channels plus a smattering of basic cable channels (Discovery being the only one he listed that we watch with any frequency). This plan is about $21/mo (probably $25 after taxes), which compared to the $98 we had been paying before (plus the $13/month going to TiVo, which is also going to get cancelled in favor of the HTPC), is still a pretty reasonable savings -- about $86 per month, or just over $1000 a year!<br />
<br />
I'm not viewing this as "caving in" to their attempts to retain me as a paying customer, and part of me was expecting this to be the end outcome anyway, for the following reasons:<br />
<br />
<br />
<ul>
<li>While I have managed to locate online alternatives to almost all of our shows, the ones we like from Discovery do not really seem to be online anywhere, other than paying per episode from Amazon. Plus, Discovery can be one of those great put-it-on-and-forget-about-it channels, for example when I'm sick on the couch.</li>
<li>Part of my plan had included getting the network stations "OTA" (over the air) with an antenna. Unfortunately, I don't yet have an antenna in place, nor do I have the structured cabling installed yet to get the signal from it to the TV. Since this new cable plan has no commitment period, this can act, if nothing else, as a stop-gap until we can get the antenna set up.</li>
</ul>
<div>
So, we shall see how this works....</div>
<div>
<br /></div>Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0tag:blogger.com,1999:blog-1970953227516001598.post-19897191448103204462012-02-09T20:27:00.000-08:002012-02-09T20:27:58.569-08:00XenServer Network BondingI've just had a bit of a learning experience with respect to Citrix XenServer and what it refers to as network bonding, and thought I would share here.<br />
<br />
All of what I am about to say comes with the disclaimer that I am not a network engineer, but rather a server engineer, so my networking terms may not be 100% accurate.<br />
<br />
I've been working to deploy a new XenServer pool here at $WORK recently, and we've been working under the assumption that we would connect it to our new datacenter networking standard, which we refer to locally as a "virtual chassis" -- two in-rack switches "stacked" together connected independently via 10GE to two stacked aggregator switches and network traffic tagged with standard <a href="http://en.wikipedia.org/wiki/802.1q">802.1q</a> vlan tags. In order for this to work as a fault tolerant configuration, each server must have a connection to each of the in-rack switches. On our normal, non-virtualized linux server deployments we have been using standard <a href="http://en.wikipedia.org/wiki/Link_aggregation">link aggregation</a> (otherwise known as bonding or NIC teaming) with LACP (Link Aggregation Control Protocol).<br />
<br />
According to the documentation, XenServer, which is really just Linux under the hood, supports network bonding, so this should be the same, right?<br />
<br />
Wrong.<br />
<br />
Rather than using LACP, XenServer actually uses something called "Source Level Balancing," which is based on the standard Linux "Adaptive Load Balancing" method of bonding (See Citrix's KB article <a href="http://support.citrix.com/article/CTX124421">CTX124421</a>). The really cool part of this bonding mode is that it requires no knowledge on the switch side of the connection to make it work. Instead, the hypervisor migrates VM network traffic from port to port by sending a "gratuitous ARP" through the new port with the MAC address of the VM to be moved. In an active-active configuration, XenServer monitors the traffic for each of the running VMs, and will rebalance as needed every few seconds (according to the manual, 10 seconds).<br />
<br />
So, don't do what I did and configure the switch ports that XenServer uses as LAG groups. Otherwise you'll end up with a bonding mismatch and waste time trying to figure out why you are having weird networking issues.<br />
<br />
<br />Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com1tag:blogger.com,1999:blog-1970953227516001598.post-57826294407578953042012-01-24T18:24:00.000-08:002012-02-09T20:21:53.395-08:00Fixing a Galaxy Tab 10.1 "Infinite Reboot" StateI've had this documented in my personal notes for awhile, but it dawned on me today that perhaps others out there may benefit from my experience, so I am going to post this publicly.<br />
<br />
Last year Google provided attendees of Google I/O a very nice tablet -- the <a href="http://www.samsung.com/global/microsite/galaxytab/10.1/index.html">Samsung Galaxy Tab 10.1</a>, not to be confused with the retail version of the 10.1, this edition has the "army of androids" on the back, and has a slightly different version of Android on it. Unfortunately, it also seems to have a habit of occasionally getting stuck into an "infinite reboot" state. The tablet will freeze, restart, run through the initial startup animation, pause, and then restart again. Repeat ad nauseam until the battery dies. I've had my tablet get into this state twice since I got it. Rumor has it, if you report the problem to Samsung, it is a ship-back-to-the-manufacturer type of problem, but if you have a few technical skills, this may not be necessary.<br />
<br />
<a name='more'></a><br />
<br />
<b>Prerequisites</b><br />
<br />
<ol>
<li>USB cable and the power brick for the tablet.</li>
<li>A computer with the <a href="http://developer.android.com/sdk/index.html">Android SDK</a> and the <a href="http://www.samsung.com/us/support/downloads">Samsung USB</a> driver installed, and at least one available USB port. <b>EDIT:</b> It would appear that the SDK is not sufficient for this process to work. It is a bit of a bodge to get it to work, but apparently installing <a href="http://junefabrics.com/android/">PdaNet</a> will install the necessary drivers.</li>
<li>A broken Galaxy Tab 10.1 tablet (obviously)</li>
</ol>
<div>
<b>Process</b></div>
<div>
<ol>
<li>If your tablet is still stuck in a reboot loop, plug it into a power source and then hold down the power button until a battery icon displays on the screen. If you don't have much of a charge, you might consider letting it store a few electrons before continuing.</li>
<li>Bring the tablet into "fastboot" mode. This can be done by pressing and holding both the power button and the "volume down" button (the button closest to the power button). Continue to hold these buttons until you see a screen showing a yellow USB logo and a flashing Android icon (apparently known as "odin"). Highlight the USB icon by pressing the volume down key once, then select by pressing volume up. You should be in fastboot mode now.</li>
<li>Plug the tablet into your computer. With luck, it will recognize the tablet.</li>
<li>Change into the "platform-tools" directory of your SDK (on my PC, it was in c:\Program Files (x86)\Android\android-sdk\platform-tools)</li>
<li>Run "<span style="font-family: 'Courier New', Courier, monospace;">adb start-server</span>"</li>
<li>Verify that your tablet was successfully recognized by running "<span style="font-family: 'Courier New', Courier, monospace;">fastboot devices</span>". (NOTE: The fastboot command is actually in ..\tools, but it may need to be run from the platform-tools directory. When I didn't, I received an error about a missing library/DLL).</li>
<li>The all-important step: Run "<span style="font-family: 'Courier New', Courier, monospace;">fastboot -w</span>" to "w"ipe the userdata and cache areas. This took about 20-30 seconds for me.</li>
<li>Reset the tablet and remove the USB cable. The initial boot will take awhile (I'm guessing it is reformatting filesystems and the like).</li>
</ol>
<div>
<b>References</b></div>
</div>
<div>
<br /></div>
<div>
I am not an Android developer, so this process was largely developed after doing several Google searches. Some places that were particularly helpful to me were:</div>
<div>
<br /></div>
<div>
<ul>
<li><a href="http://www.galaxytabforums.net/forum/galaxy-tab-10-1-help/885-my-google-io-boot-loop.html">http://www.galaxytabforums.net/forum/galaxy-tab-10-1-help/885-my-google-io-boot-loop.html</a> (to put the tablet into fastboot mode)</li>
<li><a href="http://groups.google.com/group/Android-DevPhone-Updating/browse_thread/thread/f0e1ac5c9c42cc2d?pli=1">http://groups.google.com/group/Android-DevPhone-Updating/browse_thread/thread/f0e1ac5c9c42cc2d?pli=1</a> (explained the library error mentioned in step 6)</li>
<li><a href="http://marakana.com/forums/android/general/364.html">http://marakana.com/forums/android/general/364.html</a></li>
</ul>
<div>
<br /></div>
</div>
<div>
Hopefully this text will prove useful to someone else out there.</div>Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com4tag:blogger.com,1999:blog-1970953227516001598.post-21893231194622861692012-01-22T23:01:00.001-08:002012-01-22T23:01:18.504-08:00Mobile blogging<div><p>Huh, look at that. Mobile blogging.</p>
</div>Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0tag:blogger.com,1999:blog-1970953227516001598.post-1002256662460512572012-01-22T22:17:00.001-08:002012-01-22T22:17:54.335-08:00Trying this againIt seems like every few months I get the idea that it might be handy to have a blog. This is just the latest iteration.Kevin T.http://www.blogger.com/profile/08603836772506369417noreply@blogger.com0