Category: Uncategorized

Changing Sway bar settings on S2 Exige

The default setting from Lotus is to use the central hole (out of 5). My Lotus came (from the PO) with the sway bars on the hardest setting (the hole closest to the bend).

You will need

  • Stands – jack stands or quickjack. I got my stands from Harbor Freight.
  • A 17mm open wrench to keep hold of the lock nut. Lowes stocks these.
  • A 17mm wrench, or socket. Lowes stocks these.
  • A long lever (breaker bar) to break the nut loose initially

The key thing is to have the car on stands – both wheels need to be in the air at the same time to avoid putting load on the sway bar.

To set the bar back to default:

  • Lift the car, so that you can get access. You will need to lift both sides of the car equally – else the sway bar will be under load and it will be difficult to remove the bolts
  • Using a 17mm socket and 17mm spanner/wrench – remove the bolt. The connection is likely to be a bit rusty – some WD40 helps here. I needed a breaker bar to get leverage.
  • Remove the bolt from the old position and move it to wherever you want.
  • Tighten the bolt back up. I used 33 ft/llb – the manual states 45NM
  • Repeat for the other side.

Desktop Customization – Theming

  • Arc Theme top-level https://github.com/horst3180/arc-theme
  • Arc Icon Theme https://github.com/horst3180/arc-icon-theme
  • Arc Firefox Theme https://github.com/horst3180/arc-firefox-theme

My current terminal “Terminator” does not seem to adhere to the theming – or anything much for that matter, but gnome-terminal does.

Terminator’s use of tiling is probably redundant with i3 and tmux, so will switch to gnome-terminal (by changing i3-sensible-terminal to gnome-terminal in ~/.config/i3/config.

gnome-terminal inherits the font and themeing from gtk.  Apparently (u)rxvt is more customizable/has plugin ecosystem, but I don’t think I need a plugin-ecosystem.  Such things are probably best left to vim and shell.

fontawesome – unicode cut/paste.
http://fontawesome.io/cheatsheet/

Desktop Customization

Worked through this video tutorial, which had some great hints for making nice fonts appear in Linux.  Previously, I could only seem to get decent fonts in Ubuntu, and for other reasons (primarily Nutanix CVM is based on CentOS) I wanted to use CentOS as my desktop.

The two things which had most impact on font appearance were

  1. Adding font that claims to be same as used in OS-X
  2. Installing a tool named infinality, which improves randering.
  3. Using lxappearance to set the default font for all GTK based  applications.

Both are described in the Tutorial

  • Installing OS-X Fonts : https://www.youtube.com/watch?v=ARKIwOlazKI&t=130s
  • Infinality Section : https://www.youtube.com/watch?v=ARKIwOlazKI&t=580s

Another nice idea from the series is to match, or at least give some thought to the Browser (Firefox)  window manager (i3) and GTK “Themes”.  The tutorial uses a single colorscheme across all elements to achieve a nice coherent look and feel.  Doing so has given me the ability to customize/use a lightweight window manager, but still retain nice fonts in the applications, browser and Windowing environment.

Forensic recovery of formatted SSD on MacBook Pro OS X

On a MacBook Pro, with OSX, after installing a 3rd party SSD, there is no option to issue a “Secure Erase” and only “Format” is offered.  After formatting the drive (prior to selling the MacBook) – I was able to recover hundreds of photos and other documents using this freeware tool. Test Disk. Run the tool as “photorec” to access the Photo Recovery features.

To get around this I overwrote the partition with /dev/random.  Since the /dev/random device is bounded by CPU – you’ll want to stop the Mac from sleeping during the process by issuing

sudo systemsetup -setcomputersleep Never

Before formatting, there are lots of personal family photos that are recoverable by anyone who goes looking.  After formatting, the only images available are the default graphics put onto disk during OS-X install.

Building an experimentation platform Part 3: Creating and instantiating a guest VM

Inception-Top

Examine an existing VM

Before looking into how to create and startup a guest VM – let’s examine one that’s already up and running to see where we are trying to get to.

From the command line, issue “virsh list –all” to see what VM’s are installed.:

[root@arches current]# virsh list --all
 Id    Name                           State
----------------------------------------------------
 -     vm1-ubuntu                     shut off

Which file is being used as the virtual disk for the VM?  The configuration file that describes how the Virtual machine is put together is contained in an XML file.  One part of that XML file describes which linux file is pretending to be the hard-disk of our VM.

[gary@arches current]$ sudo virsh dumpxml vm1-ubuntu | grep 'source file'
      <source file='/var/lib/libvirt/images/vDisk0.img'/>

If this is just a regular file, what does linux knoq about this file? It recognizes it as a disk image owned by root…

[gary@arches current]$ sudo file /var/lib/libvirt/images/vDisk0.img
/var/lib/libvirt/images/vDisk0.img: x86 boot sector; partition 1: ID=0x83, active, starthead 32, startsector 2048, 497664 sectors; partition 2: ID=0x5, starthead 59, startsector 501758, 20467714 sectors, code offset 0x63

[gary@arches current]$ sudo ls -l /var/lib/libvirt/images/vDisk0.img
-rw-------. 1 root root 10737418240 Dec 13 11:47 /var/lib/libvirt/images/vDisk0.img
[gary@arches current]$

Now we have seen how the VM is described (in XML) and seen that the VM “Hard Disk” is jsut a file – let’s start the VM.

[gary@arches current]$ sudo virsh start vm1-ubuntu
 Domain vm1-ubuntu started

[gary@arches current]$ sudo virsh list --all
 Id    Name                           State
 ----------------------------------------------------
 2     vm1-ubuntu                     running

We will see that our VM is just a process in Linux that happens to be owned by the user qemu.

[gary@arches Downloads]$ ps -ef | grep ubuntu
qemu     18619     1  1 21:08 ?        00:00:22 /usr/libexec/qemu-kvm -name vm1-ubuntu -S -machine pc-i440fx-rhel7.0.0,accel=kvm,usb=off

Now we can connect to console:

[gary@arches current]$ sudo virsh console vm1-ubuntu
Connected to domain vm1-ubuntu
Escape character is ^]
Ubuntu 14.04.1 LTS ubuntu-vm1 ttyS0

ubuntu-vm1 login: gary

What does the filesystem look like within the guest?

gary@ubuntu-vm1:~$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/ubuntu--vm1--vg-root 7.6G 1.3G 5.9G 18% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
udev 991M 4.0K 991M 1% /dev
tmpfs 201M 980K 200M 1% /run
none 5.0M 0 5.0M 0% /run/lock
none 1002M 0 1002M 0% /run/shm
none 100M 0 100M 0% /run/user
/dev/sda1 236M 37M 187M 17% /boot

Notice that the underlying image file (from ls output is 10G, but the root fs is only 7.6G)

fdisk shows us what’s going on.

gary@ubuntu-vm1:~$ sudo fdisk -l

Disk /dev/sda: 10.7 GB, 10737418240 bytes
255 heads, 63 sectors/track, 1305 cylinders, total 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000a03fd

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048      499711      248832   83  Linux
/dev/sda2          501758    20969471    10233857    5  Extended
/dev/sda5          501760    20969471    10233856   8e  Linux LVM

Disk /dev/mapper/ubuntu--vm1--vg-root: 8329 MB, 8329887744 bytes
255 heads, 63 sectors/track, 1012 cylinders, total 16269312 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Disk /dev/mapper/ubuntu--vm1--vg-root doesn't contain a valid partition table

Disk /dev/mapper/ubuntu--vm1--vg-swap_1: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders, total 4194304 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Disk /dev/mapper/ubuntu--vm1--vg-swap_1 doesn't contain a valid partition table

One last thing

The disk image file reports 10G from the “ls” output, but is it really 10G in size?  Let’s use “du” to tell us if this is  the case.

[root@arches current]# du -h /var/lib/libvirt/images/*
1.9G /var/lib/libvirt/images/vDisk0.img

No! It’s only 2G – how can this be?  It must be a sparse file that has only 2G of actual data.  That figure lines up with the “usage” column of “df”.  In unix land we call these “sparse files” in Virtualization and storage realm this is called “thin provisioning”.

Reproducing this image

OK, so we would like to reproduce that same image from scratch.  An Ubuntu guest VM with 10G of disk space using “thin provisioning”.

1) Start by creating a sparse file (as root)

[root@arches current]# truncate –size=10G /var/lib/libvirt/images/ubuntu2.img

2) Start the VM and attach the installation CDROM to the VM.

[root@arches current]# virt-install -r 1024 –accelerate -n vm2-ubuntu -f /var/lib/libvirt/images/ubuntu2.img –cdrom /var/lib/libvirt/images/ubuntu-14.04.1-server-amd64.iso

3) Install the guest OS as usual.

From a GNOME desktop, the virt-install command will throw up a window representing the console in the “Virt Viewer” application. Use this console to go through the installation process of ubuntu.

Screenshot from 2016-01-18 11-05-07

Finally

Screenshot from 2016-01-18 11-13-37

Screenshot from 2016-01-18 11-15-20

4) See that the new VM is running.

[root@arches current]# virsh list –all
Id Name State
—————————————————-
2 vm1-ubuntu running
4 vm2-ubuntu running

5) Connect to the VGA  console

 [gary@arches current]$ sudo virt-viewer vm2-ubuntu

6) Connect to the serial console

You will need to create/edit /etc/init/ttyS0.conf  (note the capitalization of the “S”) and reboot the guest in order to get the console to work correctly with “virsh console ….” otherwise virt-viewer works just fine.

( The /etc/init/ttys0.conf file does not exist by default, so copy it from /etc/init/tty1.conf and made changes to the last line to reflect the working copy as below)

gary@ubuntu-vm1:~$ sudo cat /etc/init/ttyS0.conf

# tty1 - getty
#
# This service maintains a getty on tty1 from the point the system is
# started until it is shut down again.
start on stopped rc RUNLEVEL=[2345] and (
 not-container or
 container CONTAINER=lxc or
 container CONTAINER=lxc-libvirt)

stop on runlevel [!2345]

respawn
exec /sbin/getty -8 115200 ttyS0 xterm


[gary@arches Downloads]$ sudo virsh console vm2-ubuntu
Connected to domain vm2-ubuntu
Escape character is ^]

Ubuntu 14.04.1 LTS ubuntu-vm2 ttyS0

ubuntu-vm2 login:

All done!  VM is created and running.  Relax and have a cup of tea.

Building an experimentation platform Part 2: Installing Virtualization tools.

Inception-Top

Rationale and Options

I want to become more familiar with KVM and the related technologies, so I’ll be using KVM as the basis of running my VM’s

Installing the required packages

My CentOS install was pretty minimal, partly so that I would be able to understand what’s required for the various services that I will be setting up.

I pretty much followed the instructions on this site : http://www.tecmint.com/install-and-configure-kvm-in-linux/  I’ll add my own comments here to describe what’s going on under-the-covers.

1) Check for the ability to run hardware based virtualization

INTEL ONLY
Run this grep command, and ensure that some output is generated.  If there is no output, then the CPU does not support hardware based Virtualization.

grep vmx /proc/cpuinfo

What’s being done here?

Linux supports querying the hardware using a special filesystem type called /proc  The reason to use a filesystem interface to hardware is that it allows users to use their familiar commands like cd, grep,cat to work with the hardware.

The cpuinfo “file” contains information about the CPU itself.  A snipped of output looks like this

sh-4.2# cat /proc/cpuinfo 
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 45
model name : Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz
stepping : 7
microcode : 0x710
cpu MHz : 1298.250
cache size : 10240 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
bogomips : 7204.22
clflush size : 64
cache_alignment : 64
address sizes : 46 bits physical, 48 bits virtual
power management:

The ‘vmx’ string that we’re grepping for is included in the “flags” line.  The flags tells us what sorts of things the CPU supports.  Among other things this CPU (and Intel Core i7) supports sse2 and vmx.  The SSE2 instructions are not related to VIrtualization (https://en.wikipedia.org/wiki/SSE2) but the VMX ones are.  Somewhat confusingly, “vmx” is reported by cpuinfo – but these instructions are often called “VT-x” (https://en.wikipedia.org/wiki/X86_virtualization#Intel_virtualization_.28VT-x.29)

If the vmx flag is not shown, it might be disabled in the BIOS.

2) Check to see that the kvm kernel module is loaded

sh-4.2# lsmod|grep kvm
kvm_intel             148081  0 
kvm                   461126  1 kvm_intel

What’s happening here?

We’re checking to see that the kernel has a “module” called kvm installed and running.  Kernel modules are pieces of code that execute in the kernel address space and interact closely with the kernel.  Other modules are things like IP,nfs or disk drivers.  kernel modules allow developers to extend the functionality of the kernel without having to re-compile the “main” linux kernel.  Some kernel modules are dynacmically loadable, meaning that the running machine does not need to be rebooted in order to install and run a module.

The kvm module provides extra virtualization support in the linux kernel.  It is part of the set of tools that we need to make virtualization work, but not the only part.  The kvm module specifically it allows the QEMU “virtual machine emulator” to directly access the special hardware support (VT-X) on the CPU.  See also KVM FAQ

3) Update “yum”

sh-4.2# yum update
Loaded plugins: axelget, fastestmirror, langpacks
repomd.xml                                                                                                      | 3.6 kB  00:00:00     
base/group                                                                                                      | 729 kB  00:00:01     
base/primary                                                                                                    | 2.5 MB  00:00:02     
base/primary_db  
.....
 vte291                                             x86_64          0.38.3-2.el7                             base                311 k
 xcb-util-image                                     x86_64          0.4.0-2.el7                              base                 15 k
 xcb-util-keysyms                                   x86_64          0.4.0-1.el7                              base                 10 k

Transaction Summary
=======================================================================================================================================
Install   16 Packages (+58 Dependent packages)
Upgrade  772 Packages

Total size: 976 M
Total download size:

What’s happening here?

yum is the default package manager for CentOS.  Package managers enable users to update their running software without having to download source code and compile it.  Another function of package managers is to ensure that dependencies are met.

Issuing yum, update ensures that the latest packages are installed on the system.  Generally speaking, we hope that the latest software fixes more bugs than it introduces.

Yum will connect over the internet to pull down the latest versions and install them.  The operation may take several minutes depending on how many packages are installed, how many are out of date, the speed of internet connection and how fast the local storage is.

4) Disable selinux

[root@arches current]# setenforce 0
setenforce: SELinux is disabled

What’s happening here?

SELinux… who knows?… If in doubt, I tend to turn it off.

5) Install qemu tools for kvm

[root@arches current]# # yum install qemu-kvm qemu-img

What’s happening here?

qemu is the main software that actually enables virtualization/emulation.  KVM is really just a kernel module that allows user-land processes (the virtual machines) to access the virtualization instructions/support on modern x86 hardware.  Without KVM, QEMU would still work, but would not be able to use the hardware assistance from things like VT-X.

The qemu-kvm package contains kvm specific files for qemu.  For instance bios.bin, drivers for NICs and VGA drivers.  Use the command rpm -ql qemu-kvm to see the list of files in that package.

The qemu-img package contains 3 binary files and two manpages (qemu-img, qemu-nbd).  These files provide support for virtualization specific functions on files. such as snapshot, thin-provisioning, converting image formats etc.

6) Install virtualization tools

The above packages (qemu-kvm, qemu-img) provide the infrastructure to run a virtual machine – but do not contain any way to create, or manage them.  That’s the job of the libvirt and virsh software suite.

[root@arches current]# yum install virt-manager libvirt libvirt-python libvirt-client
[root@arches current]# yum groupinstall virtualization-client virtualization-platform virtualization-tools

What’s happening here?

Installing more support packages that make working with VM’s and guest OS easier…

libvirt : rpm -ql says “Contains no files”
libvirt-client  :  virsh, 
virt-manager :  Tools in python
libvirt-python :  Python examples, python-objects (.pyo), compiled shared object (.so)

Use yum group info <groupname> to get list of packages in the group

virtualization-client : virt-install,virt-manager, virt-viewer, virt-top
virtualization-platform : libvirt, libvirt-client, libvirt-cim, libvirt-java (others)
virtualization-tools : libguestfs, libguestfs-tools

7) Restart libvirtd

[root@arches current]# systemctl restart libvirtd
[root@arches current]# systemctl status libvirtd

What’s happening here?

libvirtd is the daemon that manages virtual machines and can also migrate VM’s between hosts.

A working libvirtd should return status similar to this:

[root@arches current]# systemctl status libvirtd
● libvirtd.service - Virtualization daemon
   Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2016-01-17 09:56:54 EST; 1min 45s ago
     Docs: man:libvirtd(8)

 

 

Building an experimentation platform Part 1: Rationale and Customi[s|z]ation

Inception-Top

Motivation

For the longest time I had been planning to build a kick-ass workstation to experiment with  virtualization, storage benchmarking and modern devops tools.  I had started with some success using vmware ESXi but this not only required licensing, but also a second machine to act as a head which seemed cumbersome and wasteful.  With KVM gaining ground as a virtualization host, I decided to try Linux/KVM/QEMU.

Distribution CentOS-Small

Since the Nutanix CVM is based on CentOS distribution AND most enterprises use RedHat Enterprise  Linux (AKA RHEL)  I decided to go with CentOS 7.

First Steps (first detour).

I wanted this to be a comfortable home environment, and so I started the first steps to some very slight customization.  Coming from Mac OS, I expected this to be pretty trivial, but of course it was not.  All I wanted was to have my username appear on the login sreen, along with a custom icon.

Who manages the login screen?  Answer, gdm.

In Linux land, the login screen is managed by “gdm”  regrettably users need to know this because, of course nothing works without tweaking a few things.  GDM is the “GNOME Display Manager”  confusingly, this is used pretty much regardless of whether the user wishes to use KDM or GNOME as the desktop manager.  Setting an icon with one of the supplied images is trivial – using a custom icon – less so.

Of course there are hundreds of articles on customizing CentOS, but Centos 7 uses gdm V3. Lots of articles on the www seem not to work as expected with this version. Here’s what did work.

[gary@arches ~]$ gdm --version
 GDM 3.8.4

Setting “Faces” in the login screen. Ninja Style.

Ninja

Copy a png to the directory /usr/share/pixmaps/faces/ Then set this image as the “User image” using the GUI tool “Settings/Users”. Images that are copied to that directory will automatically appear in the Image browser which appears when the users Icon is clicked. Specifically I was NOT able to have the icon recognized when the SAME image was named ~/.face  despite all the articles claiming that it should.

In this case I added the images “hoff.png” and “Ninja.png”.  Both worked fin.

hoff.png: PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced
Ninja.png: PNG image data, 151 x 151, 8-bit colormap, non-interlaced

Creating a login “Banner”.

A text message can be made to appear once the User has selected their icon, and the password box appears in the login screen.  Create a file called 01-banner-message in /etc/dconf/db/gdm.d like this

[root@arches gdm.d]# cat 01-banner-message
[org/gnome/login-screen]
banner-message-enable=true
banner-message-text='~=~=~= Welcome to Arches =~=~=~'

Creating “a logo”.  WarGames – Naturally.

WarGames-Small

A small “logo” image can be made to appear on the login screen (after user has selected their username, and appears at the same time as the banner message, but at the bottom of the screen. Create a file called 01-logo in /etc/dconf/db/gdm.d

[root@arches gdm.d]# pwd
/etc/dconf/db/gdm.d
[root@arches gdm.d]# cat 01-logo
[org/gnome/login-screen]
logo='/usr/share/pixmaps/WarGames-Med.jpg'

Removing unwanted “system” accounts from the login page.

In my case a single system user “openvpn” appeared in the login dialog box, even though the login shell was set to /sbin/false. I removed the encrypted password from the /etc/shadow file, and replaced it with “!!” which is what the other system were set as. Obviously this user can no longer login, but that should not be a problem.

qemu:!!:16529::::::
sssd:!!:16704::::::
openvpn:!!:16740:0:99999:7:::
openvpn_as:!!:16740:0:99999:7:::
gnome-initial-setup:!!:16741::::::