Thursday, August 7, 2014

Some notes about testing network block devices

I tested another random thing: network boot options short of iscsi. The first thing I tried was mounting the root filesystem from the startup environment over network block device. That was extremely simple and worked fine. There is a likely shutdown glitch, but if the root filesystem is synced the effect should be relatively minor. I am using xfs and it recovers quickly from that kind of incomplete shutdown relatively easily; well, at least it did in my limited tests. Another interesting idea for testing is to check if it is somehow possible to mount the root filesystem using ssh+nbd. That introduces some extra complications for the root filesystem, but it could definitely be adapted to encrypt traffic for another mount point, such as /home. I guess this may become practical for those who have fiber optic connections. The technique I tried is similar to sshfs, but uses only the the default tools.

Here is a rough idea of how to do this. First, login at the computer hosting the image that is to be mounted somewhere in the filesystem. Start the network block device accessible only locally. Add more local security here, if necessary.

ssh -K douglas.mayne@somecomputer
losetup -f somefile.img
nbd-server  127.0.0.1@2000 -C /root/non /dev/loop1

Then setup the connection back at the computer that would like to use this network disk:

modprobe nbd
ssh -K douglas.mayne@somecomputer -n -L 2500:localhost:2000
nbd-client localhost 2500 /dev/nbd0
mount /dev/nbd0 /home

For the encrypted traffic for the root filesystem, I am wondering if a strategy based on pivot_root might work.

On Friday, I tested this a bit more. I missed the obvious solution for encrypting the root filesystem using network block device. The obvious answer is to use device mapper on top of a network block device. I tested this and it works in the standard way.

dm-live issue and fix. Also debugging with kexec

I noticed that successful bootup to a root filesystem connected via USB was broken on certain hardware. I initially assumed that the failure might be associated with a kernel bug, or perhaps to do with specific motherboard chipsets, or a flaw in my understanding of udev. I was stumped and invested some time to figure out what was wrong. This screenshot shows a typical bootup failure. Googling the failure shows others are experiencing the same troubles, perhaps for similar reasons. I didn't see any obvious solutions. For the last while I have mostly been working around the problem by using a root filesystem connected directly over SATA.

I stumbled on the solution by chance:

Include the ehci-pci module among those that are loaded at boot. That ensures the best performance for the external drive, be it a flash disc or a magnetic disc.

Because booting to a root filesystem on USB is the heart of a live USB install, it's good to know that it was a case of PEBKAC and not something more endemic.

With that fix out of the way, there are some other changes to my dm-live startup environment including following along with the stable kernel releases in the 3.10.x series. Currently, I am testing with kernel 3.10.51.

By the way, in the debug phase of this problem, I was pointed to kdump. I played around with the kexec utility to see some of the basics of kernel debugging and how it is designed to work. I found right away that the basic kernel configuration that I have been using, which is extremely similar to the basic default Slackware kernel, is configured to not generate symbols, enable boot-time reservation of memory using the parameter crashkernel=, or be arbitrarily relocatable. To use kdump there are a few changes, including adding the full compiler symbols the compiled objects. In general, I agree with Slackware's decision not to include the symbols because they increase the size of the resulting compile by a factor of 5 or 6 times. In the end, throughout my attempt to debug the above problem, I wasn't able to generate the right kind of crash, i.e. one that actually writes its crash data. I was pretty sure I was doing it right because kexec -l and kexec -e were working as expected. The panic code when loaded with kexec -p just wasn't tripped for whatever reason. It was too hard of crash, I guess.

Sunday, April 13, 2014

The following table details some of the hardware I have used in the PC era. It begins with the venerable Compaq luggable that launched the "clone" wars. I've seen a lot of hardware along the way. In the early era these brands come to mind: Everex, ALR, Northstar, Gateway 2000. Each row in the table shows what were compelling upgrade points along the path. At each step, the blazingly fast new designs left previous generations in the dust. Somehow, what had been a pleasure to use now seemed to be a chore, or too slow to bootup. What had been fast, was now painfully slow. I hope I can add benchmarks to put a mathematical value on each row. Perhaps, by comparing the next row to the previous, or some other baseline.

The genesis for making this table was XP's expiration. That didn't turn out to be as big of a deal as I thought it would. The heartbeep SSL bug made bigger news. XPs overall worldwide usage is estimated as low as 10% currently. The same estimates peg all Linux at 5%. Of course, I use Slackware Linux as my daily OS. XPs expiration forced many to upgrade to marginally better hardware, at least, for those using the Windows platform. I rolled out just over a dozen machines that use i5 CPUs. They have 16G RAM typically. That is a factor of 8 times more over the standard amount that I had incorporated at the previous level (i.e. at Core 2 E6600)

As I was finishing the rollout of the latest generation of PCs with the evolutionary step in operating systems, I had two main thoughts. First, would this be the last hurrah for desktop PCs? Will everyone demand tablets? Will Android and iOS eclipse the Microsoft juggernaut that lasted for a generation? My guess is that the days of PCs as we have known them are limited. Second, I thought how the Windows interface has gotten progressively worse. These are subjective opinions, I know. But I find that Windows 8 is not an evolutionary step that is better than Windows 7. Likewise, Windows 7's interface was worse than XP. I may be an old fogey, but give me consistency for the best productivity. These upgrades have pulled the rug out from under users for no go reason. Again, just my opinion.

8088 clocked @ 4.77 MHztyp. less than 640k8-bit compromise of 16-bit 8086; 8087 math coprocessor optional. Used in the Compaq "Luggable".
80286typ. 1MB, OS limited use beyond 640kIBM "AT." These machines typically had sockets for 1 MB RAM.
80386 DX @up to 20 MHz1MB designs still prevalentincluded virtual 8086 mode; first to use 32-bit mode; still required a coprocessor for fast math functions; a very important chip. Motherboards could support 1+4MB RAM on proprietary buses.
80486 DX4 to 8 MB RAMupgrade to 80386 included on board math coprocessor. Rolled out in Gateway 2000 desktops.
PentiumFirst machine outfitted with 32 MB RAMOS: Windows NT 3.51
dual Pentium Pro @200 MHz32 to 512 MBdual CPUs in the "686" era kicked the Pentium's ass. OS: Windows NT 4.0
Celeron w/ 128k L1 cache @800 MHz128 - 512 MBbudget chip in the "686" line disabled support for multi-CPU in hardware. Motherboard chipset support for SDRAM. These boards were plagued by a bad capacitor problem that caused premature failure.
Celeron single CPU upgrade, w/ 256k cache @1300 Mhz512 - 1.5 GBMotherboard offered supported for SDRAM clocks and ecc memory
Pentium 4Ran hot compared to predecessors
dual Pentium III each w/ 512k cache @up to 1400 MHz1 - 2 GBdual chip configuration was good at keeping the machine responsive to the user. Path to memory was showing its age when compared to P4 designs.
Pentium M @up to 1870 MHz1 - 2 GBFirst single core chip to do better than P4. Dell D610 used this chip.
Core Duo2 - 4 GBDual core CPU with good mobile potential. Dell D620 used the T2400.
Core 22 - 8 GB64-bit CPUs spurred the move to 64-bit OSs. E6600, E6750, etc.
i34 - 8 GB22nm architecture saves power on mobile platform. i3-3227U has 4 cores @1900 MHz
i516 - 32 GBi5-3570k, i5-4670k. XP's premature expiration spurred a hardware upgrade to Windows 7, 64 bit at many offices committed to using the Microsoft platform.

Sunday, October 20, 2013

dm-live boot environment updated for pending Slackware 14.1

Slackware 14.1 RC Kernel: 3.10.17
BusyBox v1.20.2 (2013-06-22 00:26:51 CDT) multi-call binary.
Copyright (C) 1998-2011 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2.
Packages:
  • a/aaa_base-14.1-i486-1.txz
  • a/aaa_elflibs-14.1-i486-3.txz
  • a/aaa_terminfo-5.8-i486-1.txz
  • a/bash-4.2.045-i486-1.txz
  • a/bzip2-1.0.6-i486-1.txz
  • a/coreutils-8.21-i486-1.txz
  • a/cpio-2.11-i486-2.txz
  • a/cryptsetup-1.4.3-i486-1.txz
  • a/devs-2.3.1-noarch-25.txz
  • a/dialog-1.2_20130523-i486-1.txz
  • a/e2fsprogs-1.42.8-i486-2.txz
  • a/elvis-2.2_0-i486-2.txz
  • a/etc-14.1-i486-2.txz
  • a/findutils-4.4.2-i486-1.txz
  • a/glibc-solibs-2.17-i486-7.txz
  • a/grep-2.14-i486-1.txz
  • a/gzip-1.6-i486-1.txz
  • a/kernel-firmware-20131008git-noarch-1.txz
  • a/kmod-15-i486-1.txz
  • a/lvm2-2.02.100-i486-1.txz
  • a/mdadm-3.2.6-i486-1.txz
  • a/mkinitrd-1.4.8-i486-1.txz
  • a/pkgtools-14.1-noarch-2.tgz
  • a/procps-3.2.8-i486-4.txz
  • a/sed-4.2.2-i486-1.txz
  • a/tar-1.26-i486-1.tgz
  • a/udev-182-i486-7.txz
  • a/util-linux-2.21.2-i486-6.txz
  • a/which-2.20-i486-1.txz
  • a/xfsprogs-3.1.11-i486-1.txz
  • a/xz-5.0.5-i486-1.tgz
  • l/readline-5.2-i486-4.txz
  • n/gnupg-1.4.15-i486-1.txz
  • n/libgcrypt-1.5.3-i486-1.txz
  • n/libgpg-error-1.11-i486-1.txz

Friday, September 20, 2013

dm-live boot environment updated for pending Slackware 14.1

Slackware 14.1 beta Kernel: 3.10.12
BusyBox v1.20.2 (2013-06-22 00:26:51 CDT) multi-call binary.
Copyright (C) 1998-2011 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2.
Packages:
  • a/aaa_base-14.0-i486-5.txz
  • a/aaa_elflibs-14.1-i486-2.txz
  • a/aaa_terminfo-5.8-i486-1.txz
  • a/bash-4.2.045-i486-1.txz
  • a/bzip2-1.0.6-i486-1.txz
  • a/coreutils-8.21-i486-1.txz
  • a/cpio-2.11-i486-2.txz
  • a/cryptsetup-1.4.3-i486-1.txz
  • a/devs-2.3.1-noarch-25.txz
  • a/dialog-1.2_20130523-i486-1.txz
  • a/e2fsprogs-1.42.8-i486-2.txz
  • a/elvis-2.2_0-i486-2.txz
  • a/etc-14.1-i486-1.txz
  • a/findutils-4.4.2-i486-1.txz
  • a/glibc-solibs-2.17-i486-7.txz
  • a/grep-2.14-i486-1.txz
  • a/gzip-1.6-i486-1.txz
  • a/kernel-firmware-20130912git-noarch-1.txz
  • a/kernel-generic-smp-3.10.12_smp-i686-1.txz
  • a/kernel-modules-smp-3.10.12_smp-i686-1.txz
  • a/kmod-15-i486-1.txz
  • a/lvm2-2.02.100-i486-1.txz
  • a/mdadm-3.2.6-i486-1.txz
  • a/mkinitrd-1.4.8-i486-1.txz
  • a/pkgtools-14.0-noarch-2.tgz
  • a/procps-3.2.8-i486-4.txz
  • a/sed-4.2.1-i486-1.txz
  • a/tar-1.26-i486-1.tgz
  • a/udev-182-i486-6.txz
  • a/util-linux-2.21.2-i486-6.txz
  • a/which-2.20-i486-1.txz
  • a/xfsprogs-3.1.11-i486-1.txz
  • a/xz-5.0.5-i486-1.tgz
  • l/readline-5.2-i486-4.txz
  • n/gnupg-1.4.14-i486-1.txz
  • n/libgcrypt-1.5.3-i486-1.txz
  • n/libgpg-error-1.11-i486-1.txz
I also tweaked the installed packages to save some space:
  • kernel itself manually removed from this image (boot element specified separately.)
  • compressed the kernel modules with gzip (and depmod)
  • compressed the kernel firmware into an txz archive
  • compressed the /usr/share/locale directories into an txz archive.
If the locale or firmware directories are needed during the boot process for whatever reason, they can be expanded from within the working environment. The basic initrd uses about 134M when expanded with these optimizations. Expanding the locale and kernel firmware requires 189M.

Thursday, September 19, 2013

Install Windows 7 from USB

I wanted to bookmark this post that I found online.

Friday, January 11, 2013

Monitor your UPS using a raspberry pi: apcupsd works under Slackware 14.0

This is very easily done using tools built by others. Simply compile the program using the standard drill using this Slackbuild. Install the package and modify the apcupsd config file to match the cable/communication settings to the device. You can also make an entry in /etc/rc.d/rc.local to start the service automatically at boot up, and you're good to go. Well, at least, it worked for me. I hope it works for you!

Here's the output from the command line utility:

root@rp-1:~#: apcupsd status

APC      : 001,036,0903
DATE     : 2013-01-11 09:39:55 -0700  
HOSTNAME : rp-1
VERSION  : 3.14.10 (13 September 2011) slackware
UPSNAME  : rp-1
CABLE    : USB Cable
DRIVER   : USB UPS Driver
UPSMODE  : Stand Alone
STARTTIME: 2013-01-11 09:38:58 -0700  
MODEL    : Back-UPS XS 1200 
STATUS   : ONLINE 
LINEV    : 120.0 Volts
LOADPCT  :  12.0 Percent Load Capacity
BCHARGE  : 100.0 Percent
TIMELEFT :  99.8 Minutes
MBATTCHG : 5 Percent
MINTIMEL : 3 Minutes
MAXTIME  : 0 Seconds
SENSE    : Medium
LOTRANS  : 097.0 Volts
HITRANS  : 139.0 Volts
ALARMDEL : 30 seconds
BATTV    : 27.1 Volts
LASTXFER : Automatic or explicit self test
NUMXFERS : 0
TONBATT  : 0 seconds
CUMONBATT: 0 seconds
XOFFBATT : N/A
SELFTEST : NO
STATFLAG : 0x07000008 Status Flag
SERIALNO : JB0609014887  
BATTDATE : 2006-02-22
NOMINV   : 120 Volts
NOMBATTV :  24.0 Volts
NOMPOWER : 780 Watts
FIRMWARE : 8.g1 .D USB FW:g1 
END APC  : 2013-01-11 09:39:55 -0700