91d437f0fb56cfb5b64de81b60bd6738

Archive for cloud

Enable L2TP/IPSec VPN on Ubuntu

October 5, 2011 at 9:20 pm · Filed under android, cloud, linux

I use China Unicom 3G on my Android phone in China. To get rid of #GFW in China, with Richard guidance, I set up L2TP/IPSec VPN on Ubuntu, hosted @ http://Linode.com. Simply document the steps.

IPSec

sudo apt-get install openswan

Use Pre- Shared Key. Change /etc/ipsec.conf

version 2.0
 config setup
     nat_traversal=yes
     virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
     oe=off
     protostack=netkey

conn L2TP-PSK-NAT
     rightsubnet=vhost:%priv
     also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT
     authby=secret
     pfs=no
     auto=add
     keyingtries=3
     rekey=no
     ikelifetime=8h
     keylife=1h
     type=transport
     left=YOUR.SERVER.IP.ADDRESS
     leftprotoport=17/1701
     right=%any
     rightprotoport=17/%any

and change /etc/ipsec.secrets to

YOUR.SERVER.IP.ADDRESS %any: PSK "YourSharedSecret"

Apply the following change

for each in /proc/sys/net/ipv4/conf/*
 do
     echo 0 > $each/accept_redirects
     echo 0 > $each/send_redirects
 done

Verify IPSec configuration, then restart the daemon

sudo ipsec verify

sudo /etc/init.d/ipsec restart

L2TP

Install xl2tpd

sudo apt-get install xl2tpd

Change /etc/xl2tpd/xl2tpd.conf

[global]
 ipsec saref = yes

[lns default]
 ip range = 10.1.2.2-10.1.2.255
 local ip = 10.1.2.1
 refuse chap = yes
 refuse pap = yes
 require authentication = yes
 ppp debug = yes
 pppoptfile = /etc/ppp/options.xl2tpd
 length bit = yes

PPP

sudo apt-get install ppp

Change /etc/ppp/options.xl2tpd

require-mschap-v2
 ms-dns 8.8.8.8
 ms-dns 8.8.4.4
 asyncmap 0
 auth
 crtscts
 lock
 hide-password
 modem
 debug
 name l2tpd
 proxyarp
 lcp-echo-interval 30
 lcp-echo-failure 4

Add a test user in /etc/ppp/chap-secrets

# user      server      password            ip
 test        l2tpd       testpassword        *

Restart xl2tpd

sudo /etc/init.d/xl2tpd restart

Apply iptables firewall rules

iptables --table nat --append POSTROUTING --jump MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward

Automate ipsec and xl2tpd daemons when system boots

chkconfig ipsec on

chkconfig xl2tpd on

And add the following into /etc/rc.local

iptables --table nat --append POSTROUTING --jump MASQUERADE
for each in /proc/sys/net/ipv4/conf/*
do
echo 0 > $each/accept_redirects
echo 0 > $each/send_redirects
done
/etc/init.d/ipsec restart

Permalink Comments off

Apply VirtIO for KVM over KVM (Day 2)

January 31, 2011 at 7:07 pm · Filed under cloud, hypervisor, kvm, linux, opensource, virtualization

I talked w/ David Ke Zhu @ dev team and confirmed that VirtIO is a mandatory plugin driver to apply in order to improve the IO performance of disk + network. HSLT depends on this driver. (Thanks to David).

Good > the install step is simple on host OS. Bad > all Windows VM need patched as well! (not Linux VM)

Apply the latest kernel on host OS. Supposed >= 2.6.31 and latest KVM associating to such level of kernel

Download virtio-win.iso package from supplemental disc

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/…Installing_the_KVM_Windows_para_virtualized_drivers

Install package onto Windows VM @ step: Procedure 12.1. Using virt-manager to mount a CD-ROM image for a Windows guest -> this step should update VM xml conf with appropriate param needed before VM system boot.

I can bet this would fix the issue as The virtio-win package contains the para-virtualized block and network drivers for all supported Windows guests.

Permalink Comments off

Apply VirtIO for KVM over KVM (Day 1)

January 31, 2011 at 6:45 pm · Filed under cloud, linux, opensource, virtualization

We received a complaint regarding KVM performance issue today. Customer reports the performance is poor when copying files from native bare- metal Windows box to Windows 2003 VM created over KVM on CentOS 5.5 host box.

Searching @ RHEL KVM doc >
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/chap-Virtualization-KVM_restrictions_and_support.html

It reads Windows 2003 32 or 64bit is supported as fully virtualized guest on RHEL5, but requires “optimized with para- virtualized drivers”

To install para- virtualized driver is detailed @

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/chap-Virtualization-KVM_Para_virtualized_Drivers.html#sect-Virtualization-KVM_Para_virtualized_Drivers-Installing_the_KVM_Windows_para_virtualized_drivers

Additional info on KVM limitation
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/sect-Virtualization-Virtualization_limitations-KVM_limitations.html

We’d consider to apply this. It should fix the performance issue.

If CentOS5.5 is installed, the similar solution > http://www.centos.org/modules/newbb/viewtopic.php?topic_id=23513&forum=37
mkinitrd –with virtio_pci –with virtio_blk —with virtio -f /boot/initrd-$(uname -r) $(uname -r )

Permalink Comments off

Post- install Packages after Ubuntu Desktop Setup

January 13, 2011 at 11:55 pm · Filed under cloud, linux, virtualization

After default install of Ubuntu 10.04 LTS, here are the additional dpkg to apply:

network-manager-vpnc ubuntu-desktop p7zip gimp imagemagick seamonkey chromium-browser pidgin kvm libvirt-bin ubuntu-vm-builder bridge-utils acroread sun-java6-bin sun-java6-jdk ubuntu-restricted-extras scim-pinyin skype usb-modeswitch rcconf ssh openconnect

Permalink Comments off

IBM Service Delivery Manager (ISDM) Download from eXtremeLeverage

October 3, 2010 at 6:33 pm · Filed under cloud

ALL file downloaded from eXtremeLeverage are good. The files naming reference + md5 checksum for verification:

ISDM_for_System_x_6of12_V721.tar CZK1BML > icbtivsam_part01.tar 278b95932fdb8405acbb1d6c11ea019a
ISDM_for_System_x_7of12_V721.tar CZK1CML > icbtivsam_part02.tar f665c8b7dd5a6ea8b2b78fc5b07b341f
ISDM_for_System_x_8of12_V721.tar CZK1DML > icbtivsam_part03.tar f68225a101fdf9a529870c5f4120b075
ISDM_for_System_x_9of12_V721.tar CZK1EML > icbtivsam_part04.tar d2a0222f7422ca9b1b3ac2005132e565
ISDM_for_System_x_10of12_V721.tar CZK1FML > icbtivsam_part05.tar d40cdf1c1d497180cba5b358fde7684e
ISDM_for_System_x_11of12_V721.tar CZK1GML > icbtivsam_part06.tar 8b2b0eb70d8ba5e9a4a57e976812db95
ISDM_for_System_x_12of12_V721.tar CZK1HML > icbtivsam_part07.tar ea6eb6d14c52de4fcdfc665cf1be9dc3

Cat all above 7 files overall tar, after merging the pieces: f511d9e075eb953ea962db7f720dea2b

Permalink Comments off

Enable WCDMA 3G Wireless @ Ubuntu 10.04

July 22, 2010 at 5:48 pm · Filed under cloud, linux, misc, mobile, opensource

WCDMA 3G Wireless: Huawei e1750

Service Provider: China Unicom

Install USB driver then reboot
sudo apt-get install usb-modeswitch
Go to nm-conntion-editor > Mobile Broadband > Add … >

Configure
APN: uninet
PIN: 1234

Permalink Comments off

Twitter buys analytics company

July 10, 2010 at 1:56 am · Filed under cloud, innovation, social network, twitter, web2.0

Twitter, which recently announced its Promoted Tweets advertising program, has acquired the maker of a cloud-hosted Web analytics application, Twitter said Thursday.Smallthought Systems’ Trendly lets Web site owners dig deeper into the usage and traffic data that Google Analytics collects about their sites.

The Smallthought staff has become part of Twitter’s analytics team, where they will integrate Trendly features and technology into Twitter’s existing systems, as well as help develop new products.

In April, Twitter launched with a limited number of partners like Starbucks and Best Buy the Promoted Tweets program, which is designed to let companies market their products and services on the popular microblogging and social-networking site.

As with all advertising services, a key to the success of Promoted Tweets will be Twitter’s capacity to analyze the popularity and effectiveness of these ads so that campaigns can be evaluated and optimized.

The analytics for Promoted Tweets may be more challenging than for other online advertising programs for a few reasons, including the fact that the ad format for Promoted Tweets will be the same as the format for regular “tweets” and that Twitter’s usage is going through the roof, with 2 billion “tweets” posted in May, according to Web monitoring company Pingdom.

“Every day millions of people use Twitter to create, share and discover information, and as we grow, analytics becomes an increasingly crucial part of improving our service,” reads Twitter’s announcement of its Smallthought acquisition.

Credit & Resource: http://www.networkworld.com/news/2010/061010-twitter-buys-analytics.html

=-=-

How Trendly helps your web marketing

Google Analytics does a great job of collecting your data, but it does a bad job of helping you understand it. For example, at Dabble DB, we are very interested in how many people come to us after searching for online database. Here’s what that keyword’s traffic looks like for the first few months of 2009:

Google Analytics keyword traffic example

It’s definitely going up and down a lot, but we don’t really care about daily fluctuation, we care about the trend. On average, how many people should we expect each day? And is that changing?

Trendly uses a statistical model to answer that question for us. It assumes that our traffic is going to stay the same for days, weeks, or even months at a time, but every once in a while something is going to change — like our ranking for “online database” improving, sending more people our way. The red line shows how Trendly sees this keyword over the same time period:

Trendly interpretation of keyword traffic

According to Trendly, our daily visitors from “online database” went up from 24 to 40 in early January, and then again up to 50 in early February. It reports these changes as items in a news feed:

By boiling several months of data down to a couple of items in a news feed, Trendly helps us keep on top of many different things at once. For example, this same feed actually tracks all of our search keywords:

You can see that our traffic from searches for co-founder Avi Bryant had a bump at the end of January (around the time he gave a talk at CUSEC), but went back down again. The sparklines beside each news item show those patterns concisely.

The news feed is continuous, and shows up to three years of history. If we want to see the earlier change to “online database”, we just scroll down a few weeks:

The news feed does a great job of showing what’s changed, but it’s nice to put those individual keywords into a wider context. A chart running down the left provides the big picture:

The chart is locked to the same timescale as the news feed — and so, unlike most charts, time runs vertically. Each colored layer in the chart represents a single keyword. For example, the big green layer represents visits from “online database”. If I click on either the chart or the news item, the layer will pop out:

You can see how the green layer gets wider at the same time as the news item appears. The wider the layer, the more visits we get each day. The wider the chart as a whole — the sum of all the layers — the more visits we get in total from search. You can also see that Trendly tries to make things more meaningful by clustering similar keyword phrases together: The popup for “online database” shows that, while most (86%) of the searches in this cluster are for exactly “online database”, there are less frequent similar phrases that are also being included here, like “make an online database”.

Trendly isn’t just for tracking keywords. It has feeds for many of the reports you’re used to from Google Analytics: referrals, content, ad campaigns, and more. If you use goal tracking or ecommerce, Trendly also helps you track those: