Dustin Larmeir's tech blog.
Archive for March, 2010
Setting up a simple NFS share
Mar 27th
I migrated to Citrix Xenserver yesterday and needed an ISO storage point for my custom OS installs – the easiest solution for this? NFS ( Network File System ) This awesome tool is way to mount other machines across the network as if it was a local file system. In this case I am using an internal backend network that is non-internet facing to share these files with my Xenserver host from a vm. In a nutshell here is a quickway to get a simple share up and running.
This information assumes that 10.8.126.83 is the NFS server and that 10.8.126.82 is the NFS client.
With CentOS/RedHat – NFS and everything needed comes pre-installed by default. You may need to install the nfs-utils packages as shown below:
[root@dev ~]# rpm -qa | grep nfs nfs-utils-1.0.9-42.el5 system-config-nfs-1.3.23-1.el5 nfs-utils-lib-1.0.8-7.6.el5
and you will need to make sure it is configured to start at boot time:
[root@dev ~]# chkconfig --list | grep nfs nfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off
Server configuration:
In my example here I created a directory called /export/iso for my xenserver iso repository. In order to get this properly shared you will need to create an /etc/exports entry like what shown below:
[root@dev ~]# cat /etc/exports /export/iso (insecure,no_root_squash,rw)
Now we will use exportfs to get the NFS server to start serving this directory:
[root@dev ~]# exportfs -ra exportfs: No host name given with /export/iso (insecure,no_root_squash,rw), suggest *(insecure,no_root_squash,rw) to avoid warning
This gives us a warning based on my config but does not affect the operation. You can set this to serve off a specific hostname if you wish.
Now you will need to add the NFS client ip/hostname to the /etc/hosts.allow config of the NFS server:
[root@dev ~]# cat /etc/hosts.allow # # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # portmap: 10.8.126.82/255.255.255.0
From here it is now just a matter of mounting the share from the other system. In xenserver there is a storage addition gui for this but we will run through how to mount it from another Linux system as this is what most people will do with it anwyay:
[root@www ~]# mount 10.8.126.83:/export/iso /mnt/
and the end result is:
[root@www ~]# mount | grep mnt 10.8.126.83:/export/iso on /mnt type nfs (rw,addr=10.8.126.83)
and everything now works great!:
[root@www ~]# ls /mnt/ 8.0-RELEASE-i386-disc1.iso ubuntu-9.10-server-i386.iso Fedora-12-i386-netinst.iso
There are tons of options for setting up NFS – my configuration is just for a very basic share.To learn more advanced usage I would check this site out http://nfs.sourceforge.net/ . I hope someone out there finds this useful.
Setting up a pptp vpn server on Debian and Ubuntu
Mar 20th
Yesterday I decided to setup a vpn server so a friend and I could play some coop mode on call of duty 5. This was so easy to setup I thought I would share it with the rest of the world:
Step 1. Installing pptpd – the pptpd is the daemon that runs the pptp server. To install this just use apt-get:
$ apt-get install ssh pptpd -y
Step2. Next you will need to modify the pptpd.conf
$ vi /etc/pptpd.conf
Then scroll down to the bottom and modify the following lines with the subnets you would like assigned:
# (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or localip 192.168.2.0 remoteip 192.168.2.2-238,192.168.2.245
Step 3. The vpn server is now configured and now you must setup authenticated users:
$ vi /etc/ppp/chap-secrets
The config file is very straight forward and I have an example of a user included:
# Secrets for authentication using CHAP # client server secret IP addresses clown pptpd bigshoes "*"
Step 4. When pptpd was installed it started automatically so we will need to restart it to apply the changes:
$ /etc/init.d/pptpd restart
Then just to make sure all is good lets check to make sure the service is listening:
$ netstat -anp | grep pptpd tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7565/pptpd unix 2 [ ] DGRAM 15781 7565/pptpd
If you see a listen on port 1723 you are ready to connect.
Optional: Now, if you would like to add internet access over this vpn, you can do this:
$ vi /etc/sysctl.conf
and find the line for ipv4 forwarding and make sure it = 1:
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
The use iptables to get the net forwarded:
$ /sbin/iptables -P FORWARD ACCEPT $ /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
Optionally you can install bind9 and have a DNS resolver you can use for the vpn connection:
$ apt-get install bind9 -y
Then start it:
$ /etc/init.d/bind9 start
The configuration of the vpn client that is connecting can be modified to use this DNS resolver now to allow for more control.
Connecting to the vpn from a Windows 7 client ( Click images to zoom in):
Step 1. Open the Network and Sharing center
Step 2. Set up a new connection or network
Step 3. Connect to a workplace
Step 4. No create a new connection if other connections exist
Step 5. Use my internet cconnection:
Step 6. Enter the internet address and name of the vpn connection
Step 7. Enter the username and password:
Step 8. Connect!!
This should pretty much cover all you need for the installation of a basic Debian or Ubuntu PPTP vpn server. Enjoy!
Switched to good ole’ Debian Lenny
Mar 13th
Last night in my zombified state I migrated from RHEL 5 to Debian Lenny as I need to brush up on my Debian skillz. This was alot easier than expected thanks to my good friend rsync. Since we are on this topic lets touch on how to rsync over ssh. The easiest way to do this is shown below:
# rsync -avz -e ssh /localdirectory username@yourdomain.com:/remotedirectory/
This command will connect to the other server via ssh, and copy the directory of /localdirectory to the root of /remotedirectory leaving all permissions and file attributes intact. The optimal way to use this in a backup scheme would be to implement ssh keys on the servers to allow for passwordless logins. This way you can execute a simple backup script via cron during any interval of your choosing. It is important to note that you should never use root on the backup server side when using keys as if this box gets compromised, you would not want the backup server to get rooted as well.
Inside the generation 2 ps3 80gb model and how I fixed it.
Mar 12th
A week ago my PS3 started locking up, crashing games and generally being unstable. It eventually reached a point where the system was unusable so I decided to take it apart and see what I could do to fix it. It turns out that the the PS3 uses cheap silicon thermal compound and has a cheap heat sink with a minimal amount of copper but alot of aluminum. Having spent $500.00 on this thing when I bought it I would think Sony could have dispersed heat a little better by placing a full copper heatsink in the system. As it would turn out, the silicon evaporated off of the cell processor leaving my system begging for mercy. I applied silver thermal compound for better conduction and it now works great! My model is the generation 2 80gb listed here http://en.wikipedia.org/wiki/PlayStation_3
Let’s take a look inside:
The PS3 has about four million screws ( just kidding) Actually it was really easy to take apart once the initial case cover was removed. On the bottom there is a little plastic piece where the warranty sticker is, you pop that off and remove the warranty stick and unscrew it and viola, you slide off the cover and can get to all of the screws that hold the case together. This is a picture of the major components.
This is the motherboard metal enclosure with the heatsink still attached, notice that it is made of aluminum 
In the middle you will see copper leads to the heatsink.
The cooling fan is pretty big and seems sufficient. The design for cooling is good, it is just the parts that are cheap.
Here is the bottom of the heatsink with the copper leads. I had already wiped one side off but notice that the right side has the thermal compound running off to the edges, this signifies two things – one that they applied too much thermal compound, two that the cooling was not sufficient to prevent evaporation and runoff.
This is the heart and soul of the system, the Cell processor. This was the component that caused my system to crash due to overheats. I applied silver compound directly to it and runs much cooler now.
The blue ray drive is shown here – lately this has been flaky and I may need to replace it soon. As you can see there is nothing fancy about it.
The PSU ( Power Supply Unit) This component appears to be very well built. It is also well grounded into the chassis.
Several of the screws and the hard drive inside. The drive is simply a laptop sata drive easily purchased from the store and very easily upgraded.
In summary:
I love my PS3, but opening it up makes me sad! I must say the system has been pretty reliable and after 2+ years of constant operation has given me little trouble – but Sony really should explain that routine maintenance is needed on these systems as with any PC or Computer type system. I hope you enjoyed this – Dustin
