Automating running Debian in VirtualBox

I'm experimenting with service separation by having each service run in its own operating system, all of the sharing hardware though. Why ? Separation seems to be the only secure approach to running any software. Check Joanna's blog out. I went with VirtualBox on Debian 7 host, with, well, Debian 7 guests. First I've prepared template VM by creating a new VM and just proceeding with install. Then I tried spawning some clones of that, but having it done manually takes quite some time  and is error prone. Did somebody say automation ? Yes ! First, clone a VM, regenerating MAC addresses and making sure the resource caps are good:

vmrunner@storage:~$ cat prepare_vm
#!/bin/bash
set -e
if [ $# -ne 2 ] ; then
 echo "usage: $0 vm_name vm_number"
 exit 0
fi

VM_NAME="$1"
RAM_AMOUNT="128"
DISK_SIZE="2000"
VM_NUMBER="$2"
RDP_PORT=$(($2+3389))
EXECUTION_CAP="50"

VBoxManage clonevm fresh.cyplo.net --name $VM_NAME --mode machine --register
VBoxManage modifyvm $VM_NAME --vrde on
echo "setting RDP listening port to $RDP_PORT"
VBoxManage modifyvm $VM_NAME --memory $RAM_AMOUNT
VBoxManage modifyvm $VM_NAME --vrdeport $RDP_PORT
VBoxManage modifyvm $VM_NAME --nic1 bridged --bridgeadapter1 eth0
VBoxManage modifyvm $VM_NAME --pae on
VBoxManage modifyvm $VM_NAME --cpuexecutioncap $EXECUTION_CAP
VBoxManage modifyvm $VM_NAME --hpet on
VBoxManage modifyvm $VM_NAME --hwvirtex on
VBoxManage modifyvm $VM_NAME --pagefusion on
VBoxManage modifyvm $VM_NAME --dvd none
VBoxManage modifyvm $VM_NAME --autostart-enabled on
VBoxManage modifyvm $VM_NAME --macaddress1 auto
VBoxManage modifyvm $VM_NAME --macaddress2 auto
echo "vm set up, listing all VMs:"
VBoxManage list vms

Then run the VM and change it into Debian service host with new name and some software:

vmrunner@storage:~$ cat kickstart_debian
#/bin/bash
set -e
if [ $# -ne 2 ] ; then
 echo "usage: $0 new_hostname new_domainname"
 exit 0
fi

NEW_HOSTNAME="$1"
NEW_DOMAINNAME="$2"
NEW_FQDN="$NEW_HOSTNAME.$NEW_DOMAINNAME"
aptitude update
aptitude dist-upgrade -y
aptitude install vim atop sudo -y
hostname
ifconfig
set -v
echo "$NEW_FQDN" > /etc/mailname
echo "$NEW_HOSTNAME" > /etc/hostname
sed -i "s/dc_other_hostnames\='.*'/dc_other_hostnames='$NEW_FQDN'/g" /etc/exim4/update-exim4.conf.conf
sed -i "s/127\.0\.1\.1.*/127.0.1.1 $NEW_FQDN $NEW_HOSTNAME/g" /etc/hosts

rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
reboot

The script above needs to be run on guest, I'm using scp with known ssh keys to upload it and then run via ssh. This step is to be automated in the future. Points to improve:

  • updating all the guests at once [Chef?]
  • monitoring all guests at once [Nagios?]

Summarizing, I'm now running a Tor node, file server, caldav, carddav and some other services on my home server. All of them in separate VMs. And it's running quite well with 2GB of RAM. For more info on my home server build check its hardware and basic software.

How to remove multiarch in debian 7

Just a quick one, for me to remember and for you to enjoy.

dpkg -l | grep :i386 | cut -s -d ' ' -f3 | xargs apt-get remove -y
dpkg --remove-architecture i386
apt-get update

Building NAS - software

Operating system

I think my NAS box build is no longer in much flux, so I thought it'd be nice to describe it. I had some disks laying around, I had them installed and started playing with the software setup.

Disk /dev/sda:  60.0 GB,  60022480896 bytes
Disk /dev/sdb: 320.1 GB, 320072933376 bytes
Disk /dev/sdc: 160.0 GB, 160041885696 bytes
Disk /dev/sdd: 250.1 GB, 250059350016 bytes
Disk /dev/sde: 500.1 GB, 500107862016 bytes

First one is an SSD drive, I used it for OS installation.  I went for Crunchbang as I was already familiar with it, however now I'm thinking of just getting newest Debian there, as it's finally released. Nothing fancy about the OS, a regular install really.

storage# df -h
Filesystem                   Size  Used Avail Use% Mounted on
rootfs                        53G  2.4G   48G   5% /
/dev/sda1                    461M   31M  407M   7% /boot

As you can see / filesystem takes little amount of space, hence the next thing I plan on doing is actually move / to USB3.0 pendrive and then free the SATA drive from it's current duties. I'm reluctant to do so right now, as moving swap to pendrive might result in significant wear. I'm thinking of getting more RAM and then getting rid of the swap at all. These stats were acquired after reboot, there are some loads under which I saw swapping occur.

storage# free -m
             total       used       free     shared    buffers
Mem:          1636        282       1354          0         53
-/+ buffers/cache:        166       1470
Swap:         1903          0       1903

Software + configuration

NAS means SAMBA, right ? That's what I though. RAID5 + SAMBA for Win clients and NFS for others. After a while I got accustomed to this setup and started playing with my photo collection as it was laying on NAS. The problem ? I deleted one photo and wanted it back. It was nowhere to be found. RAID5, although having internal copies for resiliency, was visible as one drive only and happily deleted the data when asked to. What I really needed was a backup solution, not a NAS. My final answer to that:

storage# df -h
Filesystem                   Size  Used Avail Use% Mounted on
rootfs                        53G  2.4G   48G   5% /
/dev/md0                     294G   36G  243G  13% /mnt/array_back
/dev/sde1                    459G   35G  401G   8% /mnt/array_front

storage# cat /etc/fstab
#
/dev/mapper/vg_storage-root                /               ext4    errors=remount-ro 0       1
UUID=b9d32208-edc0-4981-ab74-5da1e7348a1a  /boot           ext4    defaults          0       2
/dev/mapper/vg_storage-swap                none            swap    sw                0       0

/dev/md0                                  /mnt/array_back  ext4    defaults          0       2
/dev/sde1                                 /mnt/array_front ext4    defaults          0       2

storage# mdadm --detail /dev/md0
/dev/md0:
        Version : 1.2
  Creation Time : Sun Apr 21 22:47:38 2013
     Raid Level : raid5
     Array Size : 312318976 (297.85 GiB 319.81 GB)
  Used Dev Size : 156159488 (148.93 GiB 159.91 GB)

    Number   Major   Minor   RaidDevice State
       0       8       17        0      active sync   /dev/sdb1
       1       8       33        1      active sync   /dev/sdc1
       3       8       49        2      active sync   /dev/sdd1

One disk [sde] serves as a front for all user operations. After a while, all changes except for deletions are being flushed onto [array_back] which is a RAID5 matrix.

storage# cat /etc/cron.daily/90_sync_front_to_back
#!/bin/bash
rsync -avr /mnt/array_front/ /mnt/array_back/back

Secret sauce

ownCloud. [array_front] is not directly exposed via SAMBA or NFS, it's governed by ownCloud instance, and then only ownCloud sync client on the computer or phone gets to mess with the data. By having such setup I get 3 copies of each file. One on device, one on the front array and one on the back array. What is also cool about ownCloud is that it also handles contacts and calendar storage for me. One more step towards getting all my data off google ! Points for improvement:

  • [array_front] is not an array now. It's just a disk. Make it an proper disk array.
  • encrypt the data from array_back and send it to S3 and then let it graduate to Glacier

Building NAS - hardware

For a long time I've wandered the voids of the intertubes in search for the parts for my NAS/backup/home server solution.

Online backup solutions are fine to some extent, however, someone else than you then is going through that cat picture collections of yours and other private stuff. Also the cloud tends to not be the cheapest option possible.

Case

Node304_nocover-top-view_lores

The need for moar virtual disk space calls for moar physical disk space. To build any reasonable RAID solution you need 4-5 disks at least, plus maybe one for system disk. That is a minimum of 6 disk slots in the computer case. As I have quite some variety of disks laying around I'd like this case to have an option for using either 3.5" or 2.5" disks. Ah, and the whole thing should not take big amounts of space. Hence "Node 304" by Fractal Design.

Although I intend my NAS to be fanless in the future, I couldn't resist to leave the  original fans connected. These are beautiful, supersilent, hydraulic bearing fans, all included in the Node's package.

There are really only two things that you need to be wary of: metal where the screwholes are is very soft and it is easy to damage - and that if you have a PSU without detachable cables you're going to have bad time fitting these inside.

By the way, other small but nice thing is a user manual for this case. Nice paper, nice clean print and friendly attitude. Attention to details !

Motherboard lkpq2whHjMbzUSAU_500

What board supports at least 6 SATA disks, has low power consuption and fits into miniITX format ? Easily obtainable in central Europe ? And not super expensive ?

It took almost 3 months for me to find it, I present to you Asus P8H77-I. All the usual stuff, most of it I don't need, frankly and not so low on power, but hey - 6 SATA in miniITX.

One caveat - it needs 2 power cables connected to function. The usual 24-pin EATX and also 4-pin ATX 12V also called P4. What if your PSU has only those fancy new EPS8 and EPS6 as mine do ? Fear not, connect half of the EPS8 into P4 port and everything shall be okay.

Assembling RepRapPro Mendel – days 7 & 8

Hot header installation, lots of wiring, tests and... it's alive !

image0 image1 image2 image3 image4 image5 image6 image7 image8 image9 image10 image11 image12 image13 image14 image15 image16 image17 image18 image19 image20 image21 image22 image23

Assembling RepRapPro Mendel – days 4,5 and 6

Featuring hotbed and plastic extruder !

image0 image1 image2 image3 image4 image5 image6 image7 image8 image9 image10 image11 image12 image13 image14 image15 image16 image17 image18 image19 image20 image21 image22 image23 image24 image25 image26 image27 image28 image29 image30 image31 image32

Assembling RepRapPro Mendel – day 2

Second day of building. Fun fact: you can see the daylight come and go ;)

image0 image1 image2 image3 image4 image5 image6 image7 image8 image9 image10 image11 image12 image13 image14 image15 image16 image17 image18 image19 image20 image21 image22 image23

Assembling RepRapPro Mendel - day 1

It was December, 3D printing fever struck me. Here is the first day of me building ReprapPro Mendel printer.

image0 image1 image2 image3 image4 image5 image6 image7 image8 image9 image10 image11 image12 image13

Erlang Tech night

I recently gave a two hours presentation on Erlang 101 along with Fabian. Because of the generous support from Infusion I was able to speak at Institute of Computer Science at University of Wroclaw. The event was a blast, and that is an opinion of the people other than me also ;) Thanks for everyone who was there and you can find the code and slides on github

Laptop I'd love to buy

  • support for 16GB of RAM
  • contact smartcard reader
  • ~2kg weight
  • 11-14" matte, non-glossy screen
  • good keyboard, with separate [home], [end], [insert], [delete] buttons
  • screen resolution of >=1440
  • HDMI
  • at least 2x USB2.0 and 1x USB3.0
  • no optical drive
  • no thunderbolt
  • no firewire
  • TPM
  • HSDPA modem

Is there something similar that you recommend for me to buy/build ?