Building a large storage for SoC

Someone once told me a interesting quote – “data grows to encompass all storage”. Although drives are getting bigger, things we store gets bigger too. For home users, this is probably fine – a 3TB external USB drive just sets you back a $100 or so. However, for enterprise storage, the growing storage is not so simple. We can’t just simply hook up 1000s of USB external drives, and hope for them to work.

Enterprise storage is crazily expensive, probably 10 to 20 times more expensive than commodity USB storage. With that in mind, and future requirements coming in (dropbox anyone?), we have decided to roll our own distributed storage to enable us to meet the computing requirements of the near future.

Our basic idea is simple. Run a distributed file system that provides the backend storage. Multiple services can layer on top of it to provide different services, e.g. NFS, SMB, volume and block storage.

We have decided to go with Ceph, as it can provide both object, block and filesystem storage. Ceph also integrates nicely with OpenStack, providing the block storage layer for OpenStack volumes. This means that a user on SoC cloud can spin up a VM, and attach a separate (bigger) volume (e.g. /dev/vdb) to it. The OS of the VM still remains on the physical machine, which the (bigger) volume is in the more redundant large storage, insulated from any single machine failure.

openstack_ceph

Centos openstack + cinder + ceph

If you are looking to run OpenStack with ceph as the backing storage for cinder, you will need the following.

  1. yum -y install openstack-cinder
  2. Follow the instructions at http://ceph.com/docs/master/rbd/rbd-openstack/
  3. Create the firewall rules to allow compute nodes to connect to cinder-volumes
  4. You might run into the following error while attaching
    internal error unable to execute QEMU command '__com.redhat_drive_add': Device 'drive-virtio-disk1' could not be initialized
    This is because qemu in CentOS does not have rbd build in by default.
  5. To solve this problem, download qemukvm and qemu-img from http://ceph.com/packages/ceph-extras/rpm/.
  6. Install the packages, e.g.
    rpm --oldpackage -Uvh qemu-kvm-0.12.1.2-2.355.el6.2.x86_64.rpm qemu-img-0.12.1.2-2.355.el6.2.x86_64.rpm

Building CentOS images for OpenStack

Here’s an easy way to roll your own images for OpenStack. The build machine runs CentOS 6.

  1. Install EPEL repository if you haven’t already
  2. Install oz
    yum -y install oz
  3. Create a kickstart file. Download example.
  4. Create a tdl file. Download example.
  5. Run oz-install
    oz-install -p -u -d1 -a centos6.ks centos6.tdl
  6. Convert the image to qcow2
    qemu-img convert /var/lib/libvirt/images/centos6_x86_64.dsk -O qcow2 centos6.qcow2
  7. Import the newly create image into glance
    glance image-create --name centos6 --disk-format=qcow2 --container-format=ovf < centos6.qcow2</li>
  8. Boot it up to see whether it works!
    nova boot --flavor 1 --image centos6 --key_name sshkey centos6

4000 km on my bike

Last year, I got a new bicycle and started commuting to work on it. Yesterday, I hit 4000 km, just shy of the 1 year mark. I cycle about 2-3 times a week, 20km each way. It takes about 1hr 15mins, through Park Connectors, some pavements, and as little road as possible.

I love this particular way of commuting to work – no traffic jams, no human jams, 1 hour of me time. I can cycle fast to get a good workout, or slowly to take in the scenery. I love cycling, and it never fails to get me into a good mood by the time I end.

However, as I cycled back last night, it was with a heavy heart. I can’t help thinking about the most recent death on the road. Just 2 days ago, two little boys cycling home were killed immediately after being hit by a cement truck.

Actually, the fact that an accident happened is not so surprising. What really hit me hard was that these are two young boys, who probably died because they did not understand the dangers on the road. As I cycle everyday, I see many, many risky behaviours and quite a few near misses. Faults comes from both sides, inconsiderate cyclists and drivers alike. The past year of cycling has really taught me a lot, things that this two young boys will never have a chance to learn. Oh well, maybe putting it down here will help someone else.

Riding across junctions

The main danger about riding across junctions, is that drivers are not prepared for the higher speed of cyclists compared to pedestrians.

An example – have you ever seen cars turning left/right across pedestrian crossings, while the green man is on and there are people still crossing from the far side of the road? In Singapore, drivers do that. They anticipate the time taken by a pedestrian to cross, and use that to gauge whether they need to give way. If you are riding across the road, you will  pass the lead pedestrian and reach the turning car much faster. And most probably give the driver a shock. Or cause an accident, if he is not prepared to give way.

In addition, there are all sorts of blind spots that you can be in, which is probably what happened to the two little boys. I have driven big Class 4 vehicles before, and I can tell you that the blind spots on those vehicles are pretty large.

So what should you do? Most important of all, is to LOOK. Look for vehicles, and anticipate accordingly. If there are turning cars, slow down to pedestrian speed. Look at them slow/stop, then cross before them. And get ready to brake if they don’t stop.

LOOK for vehicles that are in a position to hit you. If you don’t give them a chance to hit you, they never will.

Riding across zebra crossings

The main danger with this is (again) the speed of the cyclist. The distance from pavement to zebra crossing is barely 1 metre at some places, which a cyclist can cover in less then 1 second. So one second the driver is not seeing anyone at the junction, the next moment a cyclist has swerve out onto the zebra crossing. There are many, many forum posts from irritated drivers about cyclist suddenly appearing out of “nowhere”. Folks, this is not Harry Potter. The driver was not looking at the correct place, as he is used to pedestrian traffic.

As a cyclist, slow down to pedestrian speed. Watch out and make eye contact with drivers. You can also signal your intention by holding out your hand.. And as always, get ready to brake.

Cycling against traffic

Don’t be crazy. Enough said.

Cycling on road

Cycle on the left, but out of the yellow lines. The yellow lines have lots of debris, drain covers, cracks and holes that can throw you off easily.

Take the lane, if you are approaching a pinch point or at merging lanes. It is far better to get horned at for delaying a driver 2 seconds, then to become a permanent statistic because some idiot misjudged the distance needed to pass you safely.

Signal with your hands. It helps ALOT in telling drivers your intentions.

Cycling on road, at junctions

Most traffic accidents happens at junctions because of turning vehicles. NEVER, EVER, EVER go to the left of any turning vehicles, especially large trucks and long vehicles. Like I say, their blind spots are pretty large. In addition, their turning radius is HUGE – this means that the back wheel of the turning vehicle will cut much closer to the kerb then the front. If you overtake them on the left, you WILL get trapped and then pancaked by the back wheels.

Cycling on road, at slip roads

In my opinion, slip roads are the most dangerous. Drivers coming out from slip road can misjudge your speed, causing a collision. Even worse, they can see you, but not register. I have so, so many near misses with vehicles coming out of slip roads. I’m pretty sure not all of them meant to cut me off, but their mistake could be my death.

If you see a vehicle approaching you on the slip road, decrease your speed to NOT ALLOW him to hit you. Brake if necessary.

———————————————–

TL;DR: Do not let vehicles have a chance to hit you. Cycle like you are invisible. There is no right-of-way, only life, and death.

Ingress Review (Singapore)

Just got the invitation to one of the most secretive games recently launched! If you haven’t heard of Ingress, it is basically a augmented reality game where you go around the real world looking for “portals”. Such portals can be hacked for items, and can be linked up to form a “field”. Two fractions battle each other for controls of such portals.

There are already quite a few reviews to Ingress, so I shall not cover that. Do take a look at this excellent CNET article to find out about the gameplay.  In this post, let’s just talk about how well it works for Singapore.

Fun with locals

ingress-chat

<Note to all Enlightened: I’ve already vetted through this chat to make sure that there’s nothing top secret in it, ok? I just want everybody to know how great and local this game is, where strangers from same fraction can make friends easily. 🙂 Feedback is appreciated, still.>

Since this is an augmented reality game, you will be playing with people in Singapore. It is kind of interesting and fun, to be talking to somebody in your own region, even planning a “lim kopi” session to raid some portals. It can be a great way to go out, meet new friends, or explore new places in a group!

Portals

ingress map

As you can see from the map, most portals in Singapore resides in the CBD. Given that almost all actions happen around portals, this will be fun if you are working there. Sadly, I don’t, so I do not have any playtime. However, new portals can be submitted to Niantic Labs and will appear over time, so this will change for the better.

Green is leading

As you can see, Green is like totally owning the Singapore map. Game will be only fun if it can be balanced out. Maybe more portals will help.

Sustainability

The game seems to be skewed toward “attacking” portals rather then defending them. An opposing group can always organise a get together session to take over portals, but it is quite unrealistic to defend against such attacks 24/7. Nobody wants to do guard duty in real life.

I also find it to have a lack of depth, which might result in it being a very grindy type of game as time goes by. Let’s hope there will be “missions” or sorts.

Bicycle FTW

Given that you need to travel to multiple portals to “hack” and “link” them, I think a bicycle will really help in this game. It’ll probably be quite fun to cycle around CBD hacking portals, then to the nearest kopitiam to chill out. Walking around in the Singapore heat seriously takes the fun out of any game.

Security Questions are Stupid

Had to register on some sites recently, and Security Questions were mandatory. That triggered my rant mode, so now I’m going to tell everyone why Security Questions are stupid.

  1. I don’t have a favourite song, movie, poem, etc.
  2. Neither do I like to watch sports, have favourite artist or athlete.
  3. In the era of Facebook, relying on (assumed to be) private information knowledge is stupid. This includes Mother’s maiden name, pet name, or brand of car.
  4.  The favourites questions are particularly dumb because they assume your favourites don’t change over time.
  5. Ditto for dream job. Let’s see… when I was 3 I wanted to be a soldier. Then a doctor. Then a lawyer. Now I’ll do anything that earns me lots of money. Soon I’ll be happy I even have a job.

That is all I can think of for now. Any other thing you can think of?

Linux Malware

Lots of users getting malware on their linux computers lately. Most of the time, the infection vector is due to a weak password. That aside, let’s look at a typical malware.

Below is a print out of the particular malware that resides in /var/tmp

var/tmp/ /.m/
var/tmp/ /.m/LinkEvents
var/tmp/ /.m/1.user
var/tmp/ /.m/Makefile
var/tmp/ /.m/.m.tar.gz
var/tmp/ /.m/2.user
var/tmp/ /.m/m.set
var/tmp/ /.m/m.help
var/tmp/ /.m/genuser
var/tmp/ /.m/src/
var/tmp/ /.m/src/com-ons.c
var/tmp/ /.m/src/combot.c
var/tmp/ /.m/src/channel.c
var/tmp/ /.m/src/config.h
var/tmp/ /.m/src/defines.h
var/tmp/ /.m/src/function.c
var/tmp/ /.m/src/link.o
var/tmp/ /.m/src/combot.o
var/tmp/ /.m/src/dcc.c
var/tmp/ /.m/src/Makefile
var/tmp/ /.m/src/xmech.c
var/tmp/ /.m/src/link.c
var/tmp/ /.m/src/xmech.o
var/tmp/ /.m/src/dcc.o
var/tmp/ /.m/src/main.c
var/tmp/ /.m/src/cfgfile.o
var/tmp/ /.m/src/h.h
var/tmp/ /.m/src/cfgfile.c
var/tmp/ /.m/src/userlist.o
var/tmp/ /.m/src/parse.o
var/tmp/ /.m/src/userlist.c
var/tmp/ /.m/src/structs.h
var/tmp/ /.m/src/mcmd.h
var/tmp/ /.m/src/socket.o
var/tmp/ /.m/src/vars.o
var/tmp/ /.m/src/parse.c
var/tmp/ /.m/src/gencmd.c
var/tmp/ /.m/src/global.h
var/tmp/ /.m/src/debug.o
var/tmp/ /.m/src/Makefile.in
var/tmp/ /.m/src/text.h
var/tmp/ /.m/src/com-ons.o
var/tmp/ /.m/src/main.o
var/tmp/ /.m/src/trivia.c
var/tmp/ /.m/src/gencmd
var/tmp/ /.m/src/usage.h
var/tmp/ /.m/src/socket.c
var/tmp/ /.m/src/trivia.o
var/tmp/ /.m/src/debug.c
var/tmp/ /.m/src/vars.c
var/tmp/ /.m/src/function.o
var/tmp/ /.m/src/commands.c
var/tmp/ /.m/src/commands.o
var/tmp/ /.m/src/config.h.in
var/tmp/ /.m/src/channel.o
var/tmp/ /.m/checkmech
var/tmp/ /.m/bash
var/tmp/ /.m/configure
var/tmp/ /.m/3.user
var/tmp/ /.m/go
var/tmp/ /.m/r/
var/tmp/ /.m/r/raway.e
var/tmp/ /.m/r/rversions.e
var/tmp/ /.m/r/rkicks.e
var/tmp/ /.m/r/rsay.e
var/tmp/ /.m/r/rsignoff.e
var/tmp/ /.m/r/rpickup.e
var/tmp/ /.m/r/rinsult.e
var/tmp/ /.m/r/rtsay.e
var/tmp/ /.m/r/rnicks.e
var/tmp/ /.m/mkindex

As you can see. they have cleverly hidden it by using a directory name with 2 spaces. Some interesting files are

$ cat 1.user
handle Santo
mask *!*@91.210.81.78
prot 4
aop
channel *
access 100

handle Ciao
mask *!*@Ciao.users.undernet.org
prot 4
aop
channel *
access 100

$ head src/cfgfile.c
/*
EnergyMech, IRC bot software
Parts Copyright (c) 1997-2001 proton, 2002-2003 emech-dev

The malware looks to be an IRC bot, which is quite typical for linux. Anyway, at this point in time I lost interest. If you want a closer look at this thing, feel free to email me. 🙂