24 October 2016

CloudAtCost - performance update

The sage continues regarding CloudAtCost VM. In the earlier post, I detailed the the DNS response sluggishness, VM console performance and dial-up-speed like feeling when downloading updates from a Debian mirror.

Fast forward a few months, and my VM has been unresponsive almost every day with the sole option of rebooting it from the console. I opened a ticket on 12th of Oct and no response whatsoever from them till now!

6 June 2016

Buying a real Japanese knife

Recently, I was looking for a Japanese knife made of VG-10 carbon steel, santoku or gyuto, 7"-9", and preferably damascus steel. I had bought one a few years ago as a present from Paul's Finest website and it was a good purchase. This time I was looking around at different websites and as I'm not a chef, I didn't want to spend too much on a knife.

I found an interesting series of knives labeled Japanese knives. The prices were very attractive along with VG10 steel, multiple layers, and pakkawood handles. However, these knives are not "Made in Japan" by a master knife craftsman. The details indicate that they are made with Japanese top grade steel (imported from Japan)!

So, when choosing to buy a real Japanese knife, it is very important to do your research as a good knife made by a Japanese master craftsman will stay with you for life (provided you sharpen the edge regularly). A good knife is an investment, so budget accordingly. Good places to go and learn about Japanese knife for beginners: Reddit Cooking, Reddit knifes, GlobeandMail article, blade types, about steels, knife sharpening basics.

PS: I'm waiting for the Hattori san's Santoku or Gyuto to become available.

5 June 2016

CloudAtCost - VM performance pathetic

I had bought a VM (with one-time billing) last year in October. The price was the main attraction, $28. Also, it was not really for any kind of serious work.

However, over time the conclusion has been that the performance in general is pathetic. SSH login prompt takes about a minute or so to ask for password. This could be due to other issues, e.g. DNS response, so I thought it might be a one-time think i.e. at login only. However, the minute you are logged in to the console, simple commands like ls, uname, hostname, etc. take a few 10s of seconds to provide any kind of output.

Today has been the worst though. An apt update command took several minutes to get the updates from a us.debian.org repository, and apt upgrade command downloaded files at almost "dial-up era" speeds.
Get:24 http://http.us.debian.org/debian/ stable/main libxapian22 amd64 1.2.19-1+deb8u1 [983 kB]
Get:25 http://http.us.debian.org/debian/ stable/main openssl amd64 1.0.1t-1+deb8u2 [664 kB]
Fetched 49.7 MB in 12min 9s (68.2 kB/s)
Reading changelogs... Done
Preconfiguring packages ...


To top it all, was the error message below:
Message from syslogd@cacVM at Jun 5 17:07:31 ...
kernel:[2320366.614749] BUG: soft lockup - CPU#1 stuck for 22s! [mandb:1286]


SSH connection started at: 16:08:36
APT update and upgrade staus now 17:37:00
Progress: [ 52%] [###########################.........................]

Update:
Here are three commands run on the clouldatcost(CAC) VM compared to the same commands run on a VM on a homebrew Xenserver host.



CommandCAC VM outputxen VM output
~$ time dateSun Jun 5 23:06:11 EDT 2016

real 0m3.468s
user 0m1.296s
sys 0m2.136s
Sun Jun 5 23:12:15 EDT 2016

real 0m0.002s
user 0m0.000s
sys 0m0.000s
~$ time uname -aLinux cacGuest 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-1 (2016-03-06) x86_64 GNU/Linux

real 0m6.387s
user 0m1.372s
sys 0m4.360s
Linux xenGuest 4.5.0-2-amd64 #1 SMP Debian 4.5.5-1 (2016-05-29) x86_64 GNU/Linux

real 0m0.002s
user 0m0.004s
sys 0m0.000s
~$ time host google.comgoogle.com has address 172.217.2.142
google.com has IPv6 address 2607:f8b0:400b:80b::200e
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.

real 2m9.744s
user 0m8.400s
sys 0m51.124s
google.com has address 172.217.3.142
google.com has IPv6 address 2607:f8b0:400b:806::200e
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.

real 0m0.550s
user 0m0.024s
sys 0m0.008s

2 June 2016

Waiting for pfSense appliance

Can't wait for the in-development μFW appliance for pfSense. It is expected to be out in 2016 Q3 i.e. as early as July! Here is a image of the product that pfSense devs have been teasing with.

Highlights

  • Runs pfSense on ARM
  • Size 74mm x 43mm, smaller than a credit card
  • 2 GbE ports (not on USB 2.0!)
  • 4GB eMMC and microSD card support
For full details head on to the product page at ADI Engineering. Also, initial version of manual for the μFW.

29 May 2016

Extending LVM volume

An LVM setup on a physical disk helps to increase the logical volume size in case it is almost full. Steps to be able to extend a logical volume, when there is free space on the physical volume:

  1. Unmount the volume
  2. Check if there is free space on physical volume (if no, need to add physical volume and extend group first)
  3. Extend logical volume using $> sudo lvextend -L+10G /dev/gp02/virtual
  4. Run fsck on logical volume: $> sudo e2fsck -f /dev/gp02/virtual
  5. Extend the file system on the logical volume: $> sudo resize2fs /dev/gp02/virtual
  6. Mount the logical volume: $> sudo mount -t auto /dev/gp02/virtual /virtual
Where:
/dev/gp02/virtual - is the logical volume
-L+10G - adds 10 GiB to the logical volume

In case there is no free space left on the physical volume, one needs to add a new physical volume to the group and then extend the logical volume.

References:
LVM HowTo [tldp.org]
Debian LVM [debian.org]
Working with LVM [debian-administration.org]

18 May 2016

pfSense 2.3.1 available.....almost

Warning: Upgrade your firewall after having a proper plan and back out option. As a minimum a snapshot before starting work and backup of the firewall configuration is recommended.


Did a Xenserver setup in the last few days with a pfSense 2.3 instance running on it. After finishing another VM and configuring the setup, what appears on pfSense administration page?


All issues marked for the 2.3.1 release had been closed recently, but didn't know that the update will appear out of the blue without any announcement on the pfSense blog!

Update 1


Tried to upgrade pfSense to 2.3.1.....
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
pfSense-core repository is up-to-date.
Updating pfSense repository catalogue...
pfSense repository is up-to-date.
All repositories are up-to-date.
>>> Upgrading pkg... failed.
Failed

Need to wait a bit I think...

Update 2

Seems things are not ready yet
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
pkg: http://pkg.pfsense.org/pfSense_v2_3_0_amd64-core/meta.txz: Connection reset by peer
repository pfSense-core has no meta file, using default settings
pkg: http://pkg.pfsense.org/pfSense_v2_3_0_amd64-core/packagesite.txz: Connection reset by peer
Unable to update repository pfSense-core
Updating pfSense repository catalogue...
pkg: http://pkg.pfsense.org/pfSense_v2_3_0_amd64-pfSense_v2_3_0/meta.txz: Connection reset by peer
repository pfSense has no meta file, using default settings
pkg: http://pkg.pfsense.org/pfSense_v2_3_0_amd64-pfSense_v2_3_0/packagesite.txz: Connection reset by peer
Unable to update repository pfSense
Failed


Update 3

Still got the first error above when trying to upgrade via console. Blog has a detailed post about the release now.

Update 4

Went to pfSense forums and noticed others are having similar issues. Need to wait for mirrors to synchronize as one of the packages is not there yet!

root: pfSense-upgrade -d
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
pfSense-core repository is up-to-date.
Updating pfSense repository catalogue...
pfSense repository is up-to-date.
All repositories are up-to-date.
>>> Upgrading pkg...
Updating pfSense-core repository catalogue...
pfSense-core repository is up-to-date.
Updating pfSense repository catalogue...
pfSense repository is up-to-date.
All repositories are up-to-date.
New version of pkg detected; it needs to be installed first.
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
        pkg: 1.6.2 -> 1.7.2_2 [pfSense]

The process will require 91 KiB more space.
2 MiB to be downloaded.
pkg: http://pkg.pfsense.org/pfSense_v2_3_0_amd64-pfSense_v2_3_0/All/pkg-1.7.2_2.txz: Not Found

Final update

Apparently, pfSense was not looking in the right place and was looking in the 2.3.0 folders. Waited for another half an hour and tried again and it downloaded the correct information and was able to find all packages needed for upgrade. 2.3.1 is up and running. Verifying functionality before deleting snapshot.

15 April 2016

pfSense upgrade - "can't find kernel" error

I had pfSense 2.2.4 running as a virtual machine and noticed that version 2.3 was finally released. Broadly, pfSense 2.3 has a complete redo of the webGUI using bootstrap, and the backend system is completed based on FreeBSD. The new web interface is clean, modern and "easier" on the eyes to say the least. Being based on FreeBSD, future upgrades will be much easier as individual packages can be upgraded. For more details about the new release: see the introductory video, or read the links in the release announcement.

In my virtual instance of pfSense, I have just 1 GB of disk space and was using 512MB RAM. On trying to do the upgrade via GUI, it ended up with an error:

Can't find 'kernel'
Error while including /boot/menu.rc. in the line:
Menu-display
\
Can't load 'kernel'


This happened primarily because of my choice of disk space. During the upgrade, the download of the new version was about 200 MB. After the downloaded ended the system was using close to 90% disk space and after reboot there seems to have been some data loss.

So, be careful, do a backup or a snapshot of the VM before attempting the upgrade (good practice for any upgrade). If your disk space is not enough, add some more before upgrading.

Happy firewalling.

6 January 2016

Fido! Fix your loop

Log-in in to a Fido account and you will see links to do a private chat if you have questions. On clicking, it takes you to a page with options to contact them depending on your relationship with them (see partial screenshot below):
 When you click on the "Customers" section, you end up on a page with different ways to contact them. What does the option for Live Chat say? It tells you to go back and login to your "My Account" i.e. back from where you started?
If this was going on for my car's gas tank, it would be so much different! But Fido, stop this run around. This is not the way to keep your current customers when there are better options available in the market!