All posts by Mooky Desai

Chakros.com

Completely fraudulent website. Dont order anything from this place. I was looking for a winch for my UTV, it showed on in a Google shopping search at a great price. I ordered it using PayPal and it never showed up but my bank account was charged. All the information in the PayPal transaction had foreign characters (Chinese?), the email address never responded and the tracking information showed that it was delivered on a date BEFORE the ship date. I have filed a claim through PayPal but not holding my breath. Again, http://www.chakros.com…looks like they primarily sell jewelry…TOTAL FRAUD.

Terraform on Windows 101

Create a folder called “bin” in %USERPROFILE%

Start–>Run–>%USERPROFILE%–>create a folder called “bin”

Download Terraform

https://www.terraform.io/downloads.html
Save the .exe in the “bin” folder you created

Set Windows “PATH” Variable

System Properties–>Environment Variables
Highight PATH
Click “Edit”
Click “New”
Add %USERPROFILE%\bin

Create a user in AWS for Terraform

In AWS, go to IAM
Create a user called “terraform”
programmatic access only
Attach existing policies directly
Administrator access (proceed with caution!)
Copy the Access Key ID (save to credentials store like KeePass or an excel spreadsheet for now)
Copy the Secret Access Key (save to credentials store)
Or download the .CSV and grab the values

Create a folder called .aws on your PC

Make sure to add a “.” at the end of the folder name or it will throw an error

Create a credentials file

Create a new file called “credentials” in the .aws directory (remove the extension)
Using the ID and Key from above, make it look like this:
Line 1: [default]
Line 2: aws_access_key_id=your_key_id_here
Line 3: aws_secret_access_key=your_access_key_here
Save the file (again, make sure to remove the .txt extension or it wont work)

Download and install Git for Windows

https://gitforwindows.org

Create a folder called TF_Code for your working files

I created mine on my desktop

Open Git Bash, navigate to your working directory

cd desktop
cd TF_Code

Make the directory a Git repository

git init

Create a new file with VI

vi first_code.tf
Line 1: provider “aws” {
Line 2: profile = “default”
Line 3: region = “us-west-2”
Line 4: }
Line 6: resource “aws_s3_bucket” “tf_course” {
Line 7: bucket = “tf-course-uniqueID”
Line 8: acl = “private”
Line 9: }

Commit the code

git add first_code.tf
git commit -m “some commit message”

Try Terraform! (in Git Bash)

terraform init
Downloads and Initializes plugins

Apply the code

terraform apply
yes (to perform the actions)

Check your AWS account (S3), you should see a new S3 bucket!

Delete the bucket

terraform plan -destroy -out=example.plan
terraform apply example.plan

Your bucket will now be deleted!

To recreate the bucket, just run the ‘terraform apply’ command again, say yes, and…BOOM, your bucket is created again!

Hope that helps. Good luck and happy computing!

SSH from PuTTY to GCP Compute Engine

First off, if you are trying to securely connect to your enterprise production network and instances, there are better (safer) methods (architectures) to do this. OSLogin or federating your Azure AD for instance, might be more secure and scalable. I run a pointless website (this one) with nothing to really lose across a handful of instances. This is a hobby.

Second, I recently got a dose of humble pie when trying to use PuTTY on Windows to connect to a Ubuntu instance in GCP. I was generally using gCloud command-line for getting my app running but I got a wild hair up my ass this morning to try and just use PuTTY to avoid the step of logging into Google Cloud (via Chrome) for administration. I am fairly use to AWS where I just create an instance, download the .pem file, convert it to a ppk with PuTTYgen, and then use that along with the default login (ec2-user or ubuntu) to connect to my minecraft and web servers. GCP was a little different.

Once I read a few docs from Google searches, it became much more apparent vs reading the GCP docs. Here is how I did it.

Download PuTTYgen if you dont have it already.

Launch PuTTYgen.

Click on “Generate“. I used a 2048 bit RSA key.

Move your mouse around the box to generate a key.

In the “Key comment” field, replace the data there with a username you want to use to connect to your Compute Engine instance (highlighted)

Copy the ENTIRE contents of the public key (the data in the “public key for pasting…”) box. It should end with the username you want to connect with if you scroll down.

Click on “Save Private Key” and select a location/path that is secure (and one that you will remember!).

Create a new Compute Engine instance or go to an existing instance. From the VM instances page, click on the instance name. In my case it was “minecraft001”.

At the top of the page, click on “Edit“.

Scroll almost all the way to the bottom and you will see an “SSH Keys” section.

Click on “show and edit

Click on “+ Add Item

Paste in the key data you copied from PuTTYgen from the step above.

  • You will notice that it extracts the username from your key on the left. This is the username you will use from PuTTY.

On the same page, click on “Save” at the bottom of the page.

On the VM instance details page, find the “External IP” section and copy the IP address (the cascaded window icon will add it to your buffer).

Now open or go back to your PuTTY client (not PuTTYgen).

Paste the IP address into your PuTTY client.

On the left side of the PuTTY client, scroll down to the “Connection” section and click the “+” to expand it

Click the “+” next to the “SSH” section

HIGHLIGHT the “Auth” section. Dont expand it.


Click on “Browse…

Find the Private Key file you saved from earlier (should have a .ppk file extension). Double click to select and use it.

Scroll back up and highlight the Session category.

From here you can either name your connection and Save it under “saved sessions“…or just click the “Open” button.

It should make a connection to your Compute Instance and ask for a username. Supply the username you specified in the step above and voila! I used “jonny” in my example.

That’s it! Happy computing!

Pushing Docker Containers to GitHub

I recently went through the process of building a dockerfile from scratch. I wont get into the details of that process but I did come across an error when trying to publish my package to GitHub Packages.

I tried to do a sudo docker push docker.pkg.github.com/mookyd/mymooky/mymooky:latest (my repo) and was thrown the error:

unauthorized: Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.

Its pretty clear what needed to happen but I thought my credentials would be enough since I wasnt using a script per se. I used docker login and provided my username and password and tried the command again. Same error.

After doing some reading, I discovered that you need to pass a “Personal Access Token” as a password. I generated a PAT under Settings–> Developer Settings –> Personal Access Tokens. I gave the token the access to the repo and to read and write packages. I then used docker login and passed the token string to login. After that, I was able to use docker push to upload my image.

Minikube on VirtualBox on Ubuntu on VirtualBox

I recently needed a small lab environment to sharpen my Kubernetes skills. I setup Minikube on an Ubuntu VM running 18.04.4 LTS (bionic). This VM was created on my Windows Desktop in VirtualBox. Confused yet? Some of the commands can leave your environment insecure so do not do this in your Production Internet facing environment.

To get started, I downloaded and installed VirtualBox onto my Windows PC. I then created an Ubuntu 18.04 VM and make sure the number of vCPUs on your VM is greater than or equal to 2.

First step is to update your VM.

  • sudo apt-get update
  • sudo apt-get install apt-transport-https (if using 1.4 or earlier)
  • sudo apt-get upgrade

Install VirtualBox on your Ubuntu VM

  • sudo apt install virtualbox virtualbox-ext-pack

Download Minikube

  • wget https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64

Make it executable

  • sudo chmod +x minikube-linux-amd64

Move it so its in path

  • sudo mv minikube-linux-amd64 /usr/local/bin/minikube

Download kubectl

  • curl -LO https://storage.googleapis.com/kubernetes-release/release/curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt/bin/linux/amd64/kubectl

Make it executable

  • chmod +x ./kubectl
  • sudo mv ./kubectl /usr/local/bin/kubectl

Check that its working properly

  • kubectl version -o json

I received an error saying docker wasn’t in $PATH. You may or may not see this error.

Install docker

  • curl -fsSL https://get.docker.com/ | sh

Start Minikube

  • sudo minikube start –vm-driver=virtualbox

Start the Kubernetes Dashboard

  • minikube dashboard
  • minikube dashboard –url

If you want to view the dashboard remotely, you will need to run the following commands:

  • sudo kubectl proxy –address=’0.0.0.0′ –disable-filter=true

You will get a message saying “Starting to serve on [::]:8001”

Hopefully this helps. If you get stuck or have a way to optimize this, please comment below.

Kudos to https://computingforgeeks.com/how-to-install-minikube-on-ubuntu-18-04/ for helping me get started.

Valves vs Diverters

Ignorance is bliss.

Valve – the thing that opens and closes to let the water start flowing to your bathroom.

Diverter – the thing that reroutes your flowing water from your bathtub spigot to the shower head. Remember that little thing you used to pull up on and the shower would come on? That’s a diverter that diverted the water from your bathtub faucet to your shower.

Valve with integrated diverter – Allows you to turn on water and send it from the tub to the shower all in one fancy unit.

Trim – The actual KNOBS. The actual VALVES and DIVERTERS go in the wall and you never see them after the tile is on (rough in). The trim is the pretty shiny piece that makes the valves and diverters move. Dont confuse these with escutcheons. Escutcheons are the big plates that cover the ugly holes in the tile. You usually have one over the shower arm as well. They are sometimes referred to as flanges too (or cover plates).

Settings – The Shower, The bathtub faucet, The handheld shower…are all “settings”. If you want to run the shower and the handheld together, that is considered another “setting”.

I am in the process of renovating my house. While we are planning on doing the entire house, we started with our guest bathroom. It has a traditional bathtub with shower design. I wanted to give my daughters a little bench seat and a hand shower to use so they have a safe bathing environment as they grow up and learn about female hygiene. Adding a hand shower seemed like a straight forward thing to do.

I took a quick trip to Pacific Sales and the salesman was super helpful. He helped me piece together a kit that would accommodate my requirements. It was like 9 different pieces. I thought I needed like 3.

What was all this stuff I came home with? It turns out, while it was a good kit, I could have streamlined my design if I had some better knowledge of how this stuff works. Hopefully this post helps someone else in the same boat.

Valves vs Diverters. I called my plumber once my bathroom was demo’d and he looked at all the parts and said, “you want to do WHAT?”. We had a few colorful conversations after he told me I had the wrong parts. It turns out, I didnt. That super helpful sales guy was right…kinda.

He had sold me 2 little “thingies” I had to “turn”. One would open the water, and the other would tell it where to go. When I got everything, there were 2 handles on one of them and another knob handle thingie. 3 knobs. WTF!?

It turns out, I had bought a fancy new “ThermoStatic” valve with “Volume Control”. Thermostatic just means you can turn the dial to the temp you like and leave it there for the rest of your life. Every time you get back in the shower, you dont have to worry about temperature knob…just how much water (volume) you want to come out (the other knob). Two separate “thingies” to turn. One for temp, one for volume. Much unlike the one handle we are used to that you turn all the way to the left for hot water and keep in the middle for warm. With that, you get full blast water whether you like it or not. Or maybe a trickle of cold if you need that sort of thing.

While this thing was cool, I found out after the fact, that I could have had something cooler! I could have just got a valve with an integrated 3 setting diverter, This would have allowed me to just have one control in my shower instead of 2! Proving again, ignorance is bliss.

Good luck with your remodel.

Cisco Hyperflex – #700-905 – Notes

Intro to Hyper-Convergence

Started out with local storage

Couldn’t expand

Moved to centralized storage

Server availability issues

Moved to virt and converged for clusters

FlexPods, VersaStacks…chassis had limitations

Back to local storage

Scales similar to cloud

No limits

Intro to HX platform

Based on C-series

Wizard-based installer

Converged Nodes – Disk, network, cpu, memory

Data Platform

StorFS – Distributed File System

Springpath is underlying backbone

Ensures copy data is always there

High performance networking is used by StorFS log structured FS

Communication channel for VMs and management etc

FIs are hardware management platform

HX Software is not supported on C-Series

HX Installer is a VM (OVA) – requires existing vCenter

Expansion is easy and non-disruptive

Cloud Center

Intersight

Cisco Container Platform

HX Flavors and use cases

HX Edge

2-4 Nodes (ROBO) – No FI needed

HX

Converged

Compute-Only

Up to 32 converged nodes with up to an additional 32 compute only nodes

SFF Drives

Either all flash or 2.5 spinning drives

LFF Spinning – 6 or 8TB

HX240 M5

6-12 of LFF in one server

Caching and housekeeping drives are still SFF Flash in back

HK – 240GB Flash

Caching – 3.2 TB SSD

HX 3.5 introduced stretch cluster for LFF drives

HX Edge 3 node HX 220 based connected directly to ToR switches with no FI

Managed through a centralized vCenter

Central backup site (LFF Cluster) with Veeam

3.0 introduced Hyper-V support

3.5 introduced LFF Drives support but no stretch or edge for Hyper-V

Scaling and Expanding a Deployment

Scales from 3 – 64 nodes

Node – Additional memory and compute

Converged Node – includes storage

3.5 added Hyper-V supprt and stretch clusters

Node must be compatible

Storage type

Size

Generation

Chassis size

Similar in ram and compute

You can introduce M5 to M4 but not vice versa

Use HX Installer to expand

Use config file

Provide creds

UCSM/Hypervisor/vCetner

Select cluster to expand

Select unassociated server from list

Provide IP info

Provide Name

Add VLANs

Start install

Go to HX Connect

View added node

Data is automatically distributed to new disks on new nodes

You can leverage numerous platforms for compute only node

Must be connected to same domain

Must have HX Data Platform installed via Installer

Mounts HX storage via NFS

Disks are not added to shared pool (for datastore creation)

CVM on compute only require

1 vcpu

512 MB RAM

Software Components Overview

StorFS – Distributed Log-structured file system

Writes sequentially, uses pointers – increases performance

Index has references to blocks for files across the distributed log

New blocks are written, old are deleted and housekeeping occurs.

File system index is stored in memory of  a controller VM.

Runs on every node in HX cluster

Logs caching compression duplication

Disks are passed through to CVM

Space is presented as NFS

HX220

CVM needs 48 GB RAM and 10.8 GHz

HX240

CVM needs 72 GB RAM and 10.8 GHz

HX 240 LFF 78 GB RAM and 10.8 GHz

CVM is doing cluster management

HX management

HX Connect management interface

HTML 5 GUI

Monitoring capability/Utilization monitoring

Replication

Clone

Upgrades

CVM CLI – not all commands are supported through GUI

CVM CLI is ubuntu VM – connect via SSH

stcli command

IOvisor (vib) – responsible for data distro

captures data and sends to any available node for caching

Not dependent on CVM so if CVM fails, fs ops will be directed to appropriate node

VAAI is used in CVM and Hypervisor

Allows direct FS ops on a Datastore (StorFS ops)

Allows for snaps and clones (much faster) using FS

Distributed File System

StorFS

When deploying

Select RF2 or RF3

Caching Tier

In all-flash systems

Not used for read cache

In all systems

Write cache works the same way

All flash

Hybrid

Caches writes as it gets distributed

De-stages writes

Split between active and passive

Active – caches fata

Passive – moves data to capacity drives

Number of cache level segments depends on RF factor

2 for RF 2

3 for RF 3

Hybrid systems

Write cache still works the same

Caching drive is ALSO use for read caching

Frequently used

Recently used

VDI mode

Only caches most frequently accessed

Not most recently accessed

Hardware component Overview

3 tier storage

Memory Cache – volatile

Controller VM, File system metadata

Cache Drive

SAS SSD, NVMe SSD or Optane

Capacity tier

All spinning or all flash

Hybrid (blue bezel) or all flash (orange bezel)

2 chassis types

HX220 (1U) M5 (Dual Intel Skylake Platinum’s)

10 Drives

Min6 max 8 capacity

Cache drive is front mounted

M.2 drive installs esx (internal)

Housekeeping (logs, storage)

HX240 (2U) M5 (Dual Intel Skylake Platinum’s)

Cache is on back

Capacity and housekeeping on front

Min 6 up to 23 capacity drives

Up to 2 graphics cards

Memory channels

6 per proc

2 sticks per channel

Max 128 per stick

16, 32, 64, 128

6 or 12 sticks per CPU for optimal performance

If M type procs, 1.5TB per CPU (total 3TB)

1.2TB

1.8 TB for hybrid

(cost effective)

960 and 3.8 TB for all flash (performance/density)

Network:

VIC1227

Dual 10G

VIC 1387

Dual 40G

Fis

6248s, 6296, 6332, 6332-16UP

UCSM

Other Notes:

Can you install HX without network?

No

Can you use install software as NTP server?

No. 2.0 and 2.1 disables it after 15 mins

Can I install vCenter on HX?

Yes. With 4 nodes with earlier versions.

Should storage VLAN be layer 3?

No

Can you setup multiple VLANs in UCSM during install?

Yes but you have to rename them

Are jumbo frames required?

No but enable them

HX Tech Brief – An App, Any Cloud, Any Scale

ROBO – HX Edge/Nexus

Private – HX/ACI (private cloud)

Intersite federates management

Edge leverages Intersite as cloud witness

Public – Cisco Container Platform on top of HX for Kubernetes aaS with HX in Prem

Cloud center – model apps/deploy consistently

App dynamics – performance/application transaction visibility

CWOM – optimizes resource utilization for underlying infra

Tetration – workload protection – enforce versions at the host level

HX Edge 2-4 nodes (up to 2000 sites) – Intersight can deploy in parallel to multiple sites

HX – 32nodes –> 32 more compute nodes

Installation Notes:

Deploy/Launch Data platform installer – OVA – can be on a SE laptop

Root:Cisco123

Create new:

Customize your workflow

Run UCSM config (unless you have edge (no Fis)

Check everything else

Create cluster

Cluster expansion:

In UCSM, validate PID and make sure its unassociated/no profile

In installer:

Supply UCSM name/creds

vCenter creds

Hypervisor creds

Select cluster to expand

Select server

Provide VLAN configs

Use ; for multiple VLANs

Enable iSCSI/FC if needed

For mgt VLAN and Data VLAN

Provide IP for esxi host

Provide IP for storage controller

Recovery Gear

After a few outings in the Jeep, its become quite apparent how critical it is to have the right recovery equipment. One friend just slid sideways in the snow into the mountain, one popped a tire off the bead from a tree stump in the mountain, and even out in the middle of the sand dunes, I had to winch my friends RZR up a good 80′ dune after hitting a witches eye.

I have started building up my gear collection and I am listing the components here for easy reference.

  • Warn Zeon 10-S Winch – 10,000 Pounds
    • Factor 55 ProLink – 16,000 Pounds
    • Factor 55 Hawse Fairlead
  • WARN Snatch Block – 12,000 Pounds
  • Gator-Jaw PRO Soft Shackles – 52,300 Pounds
  • ARB Tree Saver – 26,500 Pounds
  • Bubba Rope Recovery Rope – 7/8 x 30ft – 28,600 Pounds
  • Factor 55 Hitchlink 2.0 (Jeep) – 9500 Pounds
  • Factor 55 Hitchlink 2.5 (F-250) – 18,000 Pounds
  • 7/8″ Galvanized Steel Shackle (F-250) – WLL 6.5T

GrubHub

Had a strange interaction with GrubHub this evening. My wife called and ordered some food. They took our order, charged our card, and we waited. Patiently. Until it was “a while”. My wife called the restaurant to find out the status of our order. They said they didnt have the order…

My wife logged into her GrubHub account and the order wasnt there either. I started to question her at this point. This was bizarre. She called GrubHub in front of me and they told her that the order was “blocked” and if we wanted an explanation, we could have one delivered via email and the funds would returned in 3-5 business days.

That’s right…they charged our card, didnt get us our food, and didnt even let us know that our order had been blocked at any point. Theft in my eyes.

An hour later, we are ordering food again. Im going to pick it up and Ill never use GrubHub ever again. Those are some questionable business practices. I could see a business doing that if there was an issue with the credit card or negative feedback on the account or something similar as to where the end user isnt being upstanding. What happened here is beyond me. Ill update this when I get an explanation.

I use GrubHub for business meetings from time to time. I cant even imagine how upset I would be if this had happened under those circumstances.

Rattlesnake Canyon/Mottino Wash

I was invited by a long time friend out on a Jeep run this past weekend. I knew it was with a group of people, I didnt know it was with an official Jeep Club. We took the 210 East to the 15 and exited Bear Valley. It turned into the 18 until we got to El Coyote Loco. We had some good breakfast there with the group and headed out to the start of the trail off the 247 (aka Old Woman Springs Road). Make a right onto Rattlesnake Canyon Road and off you go. (34.355566, -116.664733). You will eventually get to the wash. Make a left and get ready for some difficult trails with lots of big rocks in the way. You will scratch your rims, you will scratch your sliders and you will definitely scratch your under belly skids. But you will have fun doing it. This isnt for the mall crawlers trying to keep their Jeep immaculate. Its a pretty difficult trail so make sure you go with another vehicle and have your recovery gear in working order.

I made a short video of my adventure. You can view it here…

Cheers!