MyOSS Planet Feeds

Cloud is a big thing these last few months. Just to clear some terms that is of interest and where even so called IT experts are not able to agree on. This means, that its my personal view based on resources published by industry experts.

3 items are of interest. The first, is naming of a cloud based on its deployment. Second, clouds can further be classified based on services it provide to users. And lastly, a case study. Think of your plan to build a cloud and how it would be shaped.

A) A cloud is name based on its location or deployment.

1. Public - Applications, storage and services made available to the general public for free or for a fee.
2. Private - For a single organisation and decisions made centrally on resources.
3. Community - Shared infrastructure having several organisation with specific interest that is managed internally or by a 3rd party.
4. Hybrid - Combination of either Public, Private or Community, or all three.

B) A cloud can then be named based on its services.

1. IaaS (Infrastructure-as-a-Service)
1. Users install own operating system and maintain its own patches, IP addresses. - Rackspace, Amazon EC2.
2. Service providers can leverage resources to sell to other service providers
2. PaaS (Platform-as-a-Service)
1. Run your own application on a provider's platform
2. Develop on a provider's platform - Google AppEngine, Oracle Cloud Platform, OpenShift.
3. SaaS (Software-as-a-Service)
1. Full web application - E.g. Googledocs, SalesForce, Gmail
2. Web services (consumed by other web application) - GoogleMaps API, PayPal

C) A case studyHow would you shape a cloud based on above (A) and (B) for following situation?Lets say a government wants to setup a TeleHealth cloud. It allows any application for hospitals, clinics and government. Some of these applications are built and some bought. Geographically users are very dispersed throughout the country. 
A) CommunityWhy? Organisations apart from the Ministry of Health, clinics and hospitals would also include 3rd party resources for pharmaceutical, research, assets, payments.
B) PaaS

1. By providing one or two standard platforms, all development can be better managed. Deployed applications can be made to meet security and other standards set.
2. Many new applications/web services can be introduced by users. 

Did you get any notification for this scheduled maintenance?

I’m surprised not a single local media site in Malaysia covered the fact that Google Apps & Chromebooks are coming to Malaysian classrooms. That’s 10 million students, teachers & parents getting Google Apps accounts. Primary & secondary schools get Chromebooks. This, I guess has something to do with the fact that there will be a laptop provided for every student if BN wins again.

It looks like the only cost to us is the Chromebooks. The Google Apps for Education accounts are free, implying a significant investment into Malaysia by Google.

Read more about large deployments of Chromebook. It seems that the deal is between YTL, Frog, Samsung, Acer & Google. YTL provides the Internet connectivity via YES4G/1BestariNet. frogasia is a YTL subsidiary, and it looks like they’re providing learning apps.

I worried about generations being tied to Microsoft Office. Is it time to worry that the next generation gets tied to Google Apps? I continue to worry overall that the focus is doing everything in-browser, and while I’m a big proponent of the idea that the browser is the OS, I still do a lot of things outside the browser.

It seems like Chromebooks can be provided by either Samsung or Acer. There must be something custom being built for YTL’s WiMAX chips to be popped in. Nonetheless, I doubt that there are many Malaysians experienced with Chromebooks or accomplishing everything within a browser.

Further reading: Malaysia Education Blueprint 2013-2015, Classrooms, Chromebooks & The Web: Lessons from Miami to Malaysia.

I’m buying a Chromebook (not the Pixel) to take a deep-dive. There are virtual machines too.

Related posts:

1. Google Native Client & Chrome about:flags
2. Offline GMail via Google Gears
3. Apps are the new channels

Sorry for the delay. I`m not well for the past few days. 3 Days with sleepless night makes my decision capability affected quite badly. Nevertheless we manged to setup everything with few hiccups..Congratulations to the winner. Now the bad parts.

1.Quality versus Quantity
Setting up 31 team's Network with VPN plus few custom network rules/patches is not an easy task. Writing a scoreserver is also not an easy task (A team from UTP even found a undefined  reference bug to bypass challenge score server). Neverless I did oops we did our best to ensure the game run smoothly with few hiccups along the way.
So it's quite a disappointment when participants asked some question such as :
1. Camane nak setup ip static?2. Camane nak run VPN?3. Ada Internet ke tak?4. Ada laptop/pc lebih tak? Kami tak bawak PC/laptop.

Those of you who fall under that category should rot in the limbo's of /dev/null..
2. Alliance and Downfall of the web.
Scores was not submitted until 9:00 pm on-wards due to some improper configuration that I did that didn`t delegate appropriate privileged to retrieve the flags. The TBDIan guys starts owning the web and nightmares' begin around  9:00 pm onwards.
Startegy. Just like in real world we choose the correct friend. In the cruel CTF world, choosing the right allied may help you to secured your place in the competition.
3. One bug to rule em all.
There are 3 interesting daemon in the  image. Majority people reused the exploit from the web.. Which is a local travesal exploit via php streamwrapper. But I`m gonna summarized em up.
1. VSFTPD  backdorored exploit (Write your own writeups)2. Faggot daemon  leaked address exploit . (Daisuke write a nice writeup)3. And the Web yeah even the All Girl teams (does it sound sexist? who cares) managed to use this one... 
Kudos to the winner and here is the link to download to the VM.. There are no root accounts so u need to reset it to rw init=/bin/bash to create a a new account... Image expired in 5 days.
Download Ihack 2013 vulnerable image.
 

Have you ever setup a Rails production environment from scratch, by hand? If you had, I share your pain every time when a new project started.

The process is often repetitive. To me, it seems to be a waste to do it manually every time. It also consumes time and attention. It would be great if I could spend them on tasks that bring more values to clients.

To minimize such waste, I have written two Chef cookbooks to automate the process:

• rackbox - to provision rack-based web server (Nginx as front server, Unicorn and Passenger as upstream app servers, rbenv as ruby version manager).
• databox - to provision database server (supports MySQL and PostgreSQL).

Getting started

In this post, I will show you a step-by-step guide on how to use the cookbooks together with knife-solo to provision a remote server in 4 steps:

1. setup Chef Solo environment
2. modify config file
3. provision remote server
4. tweak Capistrano deploy.rb

A working example in also available at teohm/kitchen-example.

1. Setup Chef Solo environment

• Install Chef Solo tools on local machine.
• Download Chef cookbooks to local machine.
• Install chef-solo on remote server.

Install Chef Solo tools

Let’s create a new directory,

1 2 mkdir chef-kitchen cd chef-kitchen

and a Gemfile.

1 2 3 4 source "https://rubygems.org" gem "knife-solo", ">= 0.3.0pre3" gem "berkshelf"

I recommend knife-solo >= 0.3 as it includes a few major fixes and improvements.

Now, install the ruby gems.

1 bundle install

Finally, setup a kitchen directory structure with knife-solo.

1 bundle exec knife solo init . Download Chef cookbooks

I use Berkshelf to manage cookbooks. So we need a Berksfile,

1 2 3 4 5 site :opscode cookbook "runit", ">= 1.1.2" # HACK: force-use this version cookbook "databox" cookbook "rackbox"

(I added a hack here to force berkshelf to use runit 1.1.2 required by rackbox. Still looking for a better solution.)

We can now download cookbooks with berks install.

1 bundle exec berks install --path cookbooks/ Install chef-solo on remote server 1 bundle exec knife solo prepare testbox 2. Customize config file

• Download config example
• Customize config file

Download config example 1 curl https://raw.github.com/teohm/kitchen-example/master/nodes/host.json.example --output nodes/testbox.json Modify config file (JSON)

The config file starts with a run_list. You specify a list of cookbook recipes here. Chef will run them in the same order in this list.

It is followed by cookbook attributes. You can modify these attributes. A full reference of attributes are described in each cookbook’s README (see appbox, databox, rackbox).

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 { "run_list": [ "databox", "rackbox" ], "appbox": { "deploy_keys": ["ssh-rsa 5bnmu23890fghghjk"], "admin_keys": ["ssh-rsa 456789fghjkvbn567"] }, "databox": { "db_root_password": "welcome!", "databases": { "mysql": [ { "username": "app1", "password": "app1", "database_name": "app1_production" } ], "postgresql": [ { "username": "app2", "password": "app2", "database_name": "app2_production" } ] } }, "rackbox": { "ruby": { "versions": ["1.9.3-p385", "1.9.2-p320"], "global_version": "1.9.3-p385" }, "apps": { "unicorn": [ { "appname": "app1", "hostname": "app1.test.com" } ], "passenger": [ { "appname": "app2", "hostname": "app2.test.com" } ] } } } 3. Provision remote server 1 bundle exec knife solo cook testbox

It uploads the kitchen directory and runs chef-solo on the remote server. Chef-solo will then takeover and execute the run list to setup everything.

What do we get at this point?

Basically, it’s done!

We have a full-stack, rack-based server with:

• 3 user accounts (deploy, devops, apps)
• rbenv as ruby version manager
• nginx as front-server
• unicorn, passenger-standalone as upstream app servers, managed by runit
• postgresql, mysql installed and databases created
• all apps will be stored in /home/apps/

4. Tweak Capistrano deploy.rb

Now, it’s ready to deploy a Rack-backed app to the remote server!

I have two example Rails apps available on Github:

• teohm/sample-app1 runs on unicorn,
• teohm/sample-app2 runs on passenger-standalone.

There are a few minor tweaks required in Capistrano deploy.rb, as listed below.

I will explain the tweaks in details next time. Meanwhile, check out the complete working examples at: app1/config/deploy.rb and app2/config/deploy.rb

Login as deploy user 1 set :user, "deploy" Deploy to /home/apps 1 set :deploy_to, "/home/apps/#{application}" Load rbenv in Capistrano 1 default_run_options[:shell] = '/bin/bash --login' Run bundler with --binstubs 1 2 3 require 'bundler/capistrano' set :bundle_flags, "--deployment --binstubs" set :bundle_without, [:test, :development, :deploy] Restart app with runit sv 1 2 3 4 5 6 7 8 9 10 11 namespace :deploy do task :start do run "sudo sv up app1" end task :stop do run "sudo sv down app1" end task :restart, :roles => :app, :except => { :no_release => true } do run "sudo sv restart app1" end end Feedback

If you are interested on using the cookbooks, or have an idea/feedback/question about this topic, feel free to drop me (@teohm) a message. Pull requests and issue reports are definitely welcomed!

Retreat in sales of PCs turns into rout – FT.com: “‘At the beginning, retailers don’t know how to explain it to customers,’ says Mikako Kitagawa, principal analyst at Gartner. ‘Marketing the new [operating system] to consumers takes extra effort.’”

Well, skip Windows 8 altogether and just switch to Linux. And for more elegant hardware, there’s always the Mac.

Related posts:

1. OpenOffice.org worm that affects Windows, Linux and Mac OS X
2. Why do Mac & Linux users pay more for things?
3. Mac to Linux migration guide?

I’m not a fan of Louis Vuitton. I just don’t like the monogram, mainly because it is so heavily counterfeited that you can’t spot a real from a fake. Some key takeaways from LVMH unit sales growth disappoints:

• “It depends on aspirational demand and new consumers.” This is true for all luxury products. Austerity measures, economic downturns, etc. will hit you where it hurts.

• “The risk of ubiquity is that . . . the consumer, seeing the same products everywhere, all the time, starts to perceive a brand as being too common,” said analysts at HSBC in a note published in January.

So if you’re a luxury brand, exclusivity is important too. A fine balance for growth vs. exclusivity is key it seems.

Related posts:

1. On being vulnerable
2. Disabling help in GNOME?
3. Is open source the bubble 2.0 waiting to happen?

I just got invited to this: MySQL Studio Photos @ Percona Live MySQL. I immediately signed up on the Indiegogo page for MySQL Portrait Photographs. I’m going and I’m happy to see the photographer again.

Julian Cash is an incredibly talented photographer (check out his portfolio) who for some years did some light painting at the MySQL Conference. He also did some wide angle photos. Overall my portrait photo is basically shot by Julian, and I can’t wait to get an additional one. Julian portrays Human Creativity, and he’s also an incredibly nice person. He will bring out the best in you.

If you’re going to be at Percona Live and you’re involved in the MySQL ecosystem in some way, it would be a shame not to get your photo taken by Julian. So support the cause!

Related posts:

1. Percona Live Santa Clara 2013 tutorial schedule out
2. MariaDB at Percona Live Santa Clara
3. More MariaDB after Percona Live Santa Clara

Previously as an effort to promote Ubuntu and Free Software, Canonical has made pre-pressed CD/DVD available for LoCo team to be distributed during release party or promo events.

But starting from Ubuntu 13.04 (Raring Ringtail), pre-pressed Ubuntu CD/DVD will only be made available only for LTS release (the next one will be 14.04 LTS ) from this point forward. This is in-line with Canonical policy to only concentrate on supporting Ubuntu LTS.

In the mean time, Canonical will continue to provide pre-pressed Ubuntu 12.04 LTS CD/DVD to Ubuntu LoCo until 14.04 LTS release in 2014.

source: Ubuntu Loco Council

I’m planning my calendar and thought I’d share what talks I’d be giving in Santa Clara in a couple of weeks for the Percona Live MySQL Conference & Expo 2013 and the MySQL & Cloud Database Solutions Day 2013. Its going to be a busy April 22-26 2013.

1. MariaDB Cassandra Interoperability with Sergei Petrunia on 23 April 1:20pm – 2:10pm @ Ballroom D
2. MariaDB BoF on 23 April 6:00pm – 7:00pm @ Ballroom F
3. MariaDB 10.0 & What’s New With The Project with Monty Widenius on 24 April 11:10am – 12:00pm @ Ballroom C
4. MHA: Getting started & moving past the quirks on 25 April 1:50pm – 2:40pm @ Ballroom B
5. Why MariaDB, and what is new? panel with Rasmus Johansson, Sergei Gobubchik, Ivan Zoratti at 9.30am on 26 April
6. MariaDB Galera Cluster Overview with Henrik Ingo, Max Mether at 11.15am on 26 April
7. MySQL and Cassandra Integration with Sergei Petrunia at 1pm on 26 April

Come along, use code SponsorSQL to get a 15% discount to Percona Live. The SkySQL Cloud day on the 26th is completely FREE so register now!

Related posts:

1. MariaDB at Percona Live Santa Clara
2. Percona Live Santa Clara 2013 tutorial schedule out
3. More MariaDB after Percona Live Santa Clara

Here’s an easy way to generate a new uuid:

# uuidgen
550e8400-e29b-41d4-a716-446655440000

Here’s how to change uuid of a block device / hard drive partitions.

tune2fs -U 550e8400-e29b-41d4-a716-446655440000 /dev/sd**

sudo iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

(Tested to work fine on Ubuntu 12.04, 12.10)

Seth Godin is spot on in Where are your assets? Please go read it.

Do work and get paid once. Build an asset and get paid for as long as it lasts.

Key takeaways: real estate pays regularly, stocks are the promise of a later payoff (maybe a little more regularly with dividends). Build your brand by overdelivering to earn trust. Ensure you’re always building value (people miss you when you’re gone). Gain expertise – don’t do the same thing over & over again. These apply to companies as well.

The picture shows a boxed set of Red Hat Linux 7 & 8. Shortly thereafter they became RHEL & Fedora. Red Hat built assets and look where they are now – listed on the stock exchange and arguably one of the largest companies in opensource. Cygnus started with no more than $6,000 in capital, had a great exit to Red Hat and formed much of the basic underlying toolchain.

A salesman would say, “always be closing”. I think the mantra should be: always be building assets.

Related posts:

1. Switch
2. Lots of Linux things happening now
3. Some thoughts and transcripts from the Alan Cox video series

By this time, I’ve already received dozens of question regarding why I’ve not applied to be an Ubuntu Member.

First and foremost, being an Ubuntu Member is cool. It is about being part of the greater Ubuntu Community officially. Being an Ubuntu members grants certain privileges such as username@ubuntu.com email address and the privilege of having personal blog featured in the Ubuntu Planet.

However, I still have not applied or planned to apply to become an Ubuntu Member anytime soon, as I felt that being an Ubuntu Member carries great weight and responsibility towards the community, something that I felt in my current state would be difficult to do, since I hardly have extra spare time nowadays (so does the hiatus).

Secondly, as the Ubuntu Membership page have cleared out, Membership is not required for contribution, but contribution is required for membership. While I did contribute towards the Ubuntu community, I still thinks that Ubuntu community comes second place than my day-to-day responsibilities. I still felt that I couldn’t do much to deserves being an Ubuntu Member, therefore I elect to be an ordinary user who occasionally contributes back to the Free Software community.

Finally, all of you should note that this is my personal opinion and I still think being an Ubuntu Member is a good thing, I even encourage you to apply for it! However, as for me, I’m still going to hold off my thoughts of becoming one until I can find a valid reason to do so.

Cheers!

I never had a cheque book when I lived in Australia. I got my first chequebook when I moved back about five years ago, for the sole purpose of paying for a car (they wouldn’t accept a charge card)!

Cheques aren’t free. Each leaf costs 0.15 sen (this is the stamp duty that you pay – so the book costs RM7.50). I use it nowadays to pay my credit cards at different banks, because the limit for an electronic GIRO transaction stands at RM5,000 per day, plus you have to pay a RM2 fee per transaction. Simple economics suggest that the cheque is cheaper.

Bank Negara has decided to shake that up: from April 1 2014, the issuer now has to pay a 0.50 sen fee. So now, issuing a cheque costs 0.65 sen. (that means each cheque book now costs an additional RM25, bringing the total cost now to RM32.50 over RM7.50).

On the bright side, they want more transactions processed online: interbank GIRO transactions now cost a mere 0.10 sen per transaction effective May 2 2013. I argue that this fee should be brought down to zero, but it is cheaper than a cheque. My only concern might be the silly RM5,000 limit that they may impose (something you don’t have to worry about a cheque).

What irks me is the last statement: “By 2020, pricing of all payment services would be based on the cost of providing the service.” The cost of providing a service in Malaysia goes up tremendously due to inefficient thanks to the lack of meritocracy in the hiring process. We are all paying for the NEP now.

Related posts:

1. Adobe needs cheaper local pricing
2. On fuel subsidies, and earning/spending power
3. Why a physical retail store won out over an online purchase today

A reminder for those who are trying to be smart and copy commands found on the internet or via unknown emails, the PASTE may contain dangerous commands.

See http://thejh.net/misc/website-terminal-copy-paste

WARNING, do not try the following if you do not understand dangers of hidden codes. Here below is an attempt to simulate that line to be copied.

Just copy the 1 line below and paste to the CLI, watch what happens.
git clone /dev/null; clear; echo -n "Hello ";whoami|tr -d '\n';echo -e '!\nThat was a bad idea. Don'"'"'t copy code from websites you don'"'"'t trust!
Here'"'"'s the first line of your /etc/passwd: ';head -n1 /etc/passwd
git clone git://git.kernel.org/pub/scm/utils/kup/kup.git

The year 1995 was when I got my first laptop. It was made by Acer, came with a whopping 8MB of RAM (yes, megabyte, not gigabyte), and a 400MB hard disk (read more at an interview conducted in 2004). It shipped with Windows 3.1, but I shortly moved over to Linux when Windows 95 was announced – the laptop just didn’t cut it for the requirements of Windows 95.

The laptop cost an arm and a leg for those features. With PCMCIA cards, external CDROM drive, SCSI scanner, etc. I’m sure the total cost of ownership exceeded RM10,000. I was eleven years old then, but had been computing for over six years already (386 SX2, 286, 8086 – all desktops). I had really supportive parents, so I will always be thankful to them.

Fast-forward almost two decades later and a laptop for a student is used as an election promise for victory! Many view this offer suspiciously. Some wonder if it will cost the government RM40,000 per laptop (has happened before). Some wonder what learning software will be used? Which suppliers & contractors are getting it going?

What about the idea of a smart school, mooted sometime in 1998? I remember going to a school called Victoria Institution sometime in 2004 and installing Linux in a lab and ensuring that OpenOffice.org (Writer, Calc, Impress, Base) could be taught in schools. Later on it was understood that the syllabus (under the Official Secrets Act) was way too Microsoft-centric, which meant that generics of using a word processor, spreadsheet or presentation suite or even front-end database meant that you couldn’t use equivalents but had to mostly use Microsoft Office (Word, Excel, PowerPoint, Access). What a shame.

I’m all for children getting laptops or tablets to improve their education. Children of today are very, very lucky. I’m just not sure that the government is right in doling out a laptop.

This wouldn’t be the first time… they’ve already doled out many 1Malaysia laptops (some to the tune of 800,000) to students. Is our education system improving and making use of the new technology?

Many failed items in the past: EPF Computer Purchase Withdrawal Scheme (2000-2002 discontinued) and PC Gemilang / PC Mesti Beli (yes, I was part of the PC Gemilang project getting Linux on them) (2004-~2005). 

From a commercial standpoint, have we forgotten about the 1Malaysia laptops (link)? Or the 1Malaysia Tablet/Pad?

Remember a laptop isn’t the be all and the end all. The laptop goes outdated before the term of the government. Warranties at most expire at 3 years. Software tends to be obsoleted a lot quicker.

Ideas are all fine & dandy, but is there any long term thinking to this? 

Related posts:

1. Laptop/netbook for a university student and a HP Mini 311 quick review
2. Turion 64 X2 or Core 2 Duo for a Linux Laptop?
3. First hour with Ubuntu 10.10 on a laptop

I love analysts. The buzz a report can create can drive amazing amounts of traffic to your product and give it a lot of street credibility. My only beef with the whole industry is that the reports cost an arm and a leg.

There are however “open analysts” – the folk at RedMonk, a bit of the 451 CAOS Theory (of the 451Group).

What interests me most is how analyst services are getting cheaper, coming from the media outlets themselves. Look at GigaOM Pro ($299) and BI Intelligence (normally $499, now $299 for an introductory offer).

Those are prices one can muster. $299 for a year. They also get/repackage the news. I’m big on the above services and I think more of this will arrive.

Related posts:

1. Industry Groups
2. Messenger apps, disrupting text messaging (SMS)
3. Information diets and media biases

In the event to do troubleshooting, some of these were carried out for a recent RHEVM;

1. In the RHEVM Administration Portal, check out the events.
2. The command rhevm-log-collector download logs to the /tmp folder. 
3. Look at logs in /var/log/rhevm 
4. Check the multipath
5. Check configuration with rhevm-config --list

 Only item I do not see is the %TEMP%/manager_hostname/log as mentioned from the RHEV website.

Follow this guide and you’ll get to enjoy Spotify’s Linux client. Note that it’s a preview release and is unsupported.

Create a new source file for the Spotify repository.

# sudo vi /etc/apt/sources.list.d/spotify.list

Add the following line into the source file.

Add Spotify’s public key so that you can verify Spotify’s packages.
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 94558F59

deb http://repository.spotify.com stable non-free

Update your sources

#sudo apt-get update

Install Spotify

#sudo apt-get install spotify-client

Source: Spotify