Sunday, August 2, 2020

How to determine PXE mac address when booting illumos via PXELinux/iPXE

In illumos, if you need to determine the interface which was used for booting via PXE then it's possible to use "boot-mac" property:
# /sbin/devprop -s boot-mac 

c:c4:7a:04:ef:2c

But this property is set by illumos pxeboot. On some setup we use PXELinux to boot multiple illumos clients over PXE. For any illumos distribution "append" line in pxelinux.cfg looks like:
label omni PXE
kernel mboot.c32
append omni7/platform/i86pc/kernel/amd64/unix -B install_media=http://192.168.1.1/kayak.zfs.xz,install_config=http://192.168.1.1 ---omni7/miniroot
If you have small amount of clients, then it's possible to just add each client's mac address to the kernel line with -B boot-mac=<hardware-address>, but it doesn't work in case you have a hundreds of clients. 

Pxelinux menu has "ipappend 2" option, which appends "BOOTIF=<hardware-address-of-boot-interface>" to the kernel command line, but pxelinux puts BOOTIF exactly at the end of "append" line, after boot_archive, and kernel does not recognise this variable after boot. There are no any way to set something like -B BOOTIF dynamically here. 

Fortunately, we can boot iPXE from pxelinux menu. DHCP configuration was updated to allow iPXE boot when ipxe.lkrn boot:
...
if exists user-class and option user-class = "iPXE" {
        filename "menu.ipxe";
  } else {
        filename "pxelinux.0";
} 

pxelinux.cfg/default:
...
label omni7 
   kernel ipxe.lkrn
menu.ipxe:
#!ipxe

kernel  omni7/platform/i86pc/kernel/amd64/unix -B boot-mac=${netX/mac},install_media=http://192.168.1.1/omni7/kayak.zfs.xz,install_config=http://192.168.1.1/omni7
initrd  omni7/miniroot
boot
iPXE allows to get mac address with ${netX/mac} variable, so "boot-mac" will contain mac-address which was used for booting via PXE.

Tuesday, April 14, 2020

Nekoware build system for IRIX



Besides Solaris, I love IRIX and, as the owner of the Octane, I'd like to have modern versions of at least basic utilities. Almost all packages from http://nekofiles.irixnet.org/nekoware have been installed for a long time ago but time is running out and why not collect new versions yourself. Here you can find the initial scripts that allow you to build nekoware tardists. I have focused on "first-aid" stuff so far, like bash, awk, sed and grep but going to add more components later. If someone also wants to participate, just ping me with pull-request.

Friday, December 27, 2019

hwi: illumos hardware info utility, inspired by inxi

Тhere are a number of utilities to get hardware information in illumos  but none have a convenient or complete output. I liked the inxi output on Linux and I tried to reproduce something similar for illumos:


Saturday, June 15, 2019

Jenkins X: Monitor Tekton Pipelines deployments with Kibana


If something goes wrong, the first thing you do is look at the logs. For serverless Jenkins X it is a little problematic if some time has passed -  build pods have already died safely and jx get build logs only gives you:

error: no Tekton pipelines have been triggered which match the current filter

But what if you want to find the cause of some error or compare the current build log with yesterday?
There is a dashboard for Tekton which looks nice but persistent logs unfortunately are not supported yet (I hope this feature will appear in the future).



Happily there is an Elastic Stack. I installed the Kibana following the instructions from tekton-pipelines-elastic-tutorials.
Although there are an warning that it was tested on a Mac only, everything started and works fine on Ubuntu, for example.



Kibana allows not only to monitor Tekton Tasks or Pipelines (and not only) in real time but also to check one or another log for yesterday or any other day.



Wednesday, May 22, 2019

How To Install Jenkins X On Ubuntu VM

I hope these steps will be useful for those who want to try Jenkins X on a local VM without external IP (NAT). In my case this is VMware ESXi VM, Ubuntu 18.04.2 LTS, 10GB RAM.
For the Kubernetes installation, just follow the good instructions from here. 
My installation was different in that the to fix coredns Pending state, I’ve installed weave-net pod network instead of CALICO:


$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\ n')"


Few preparations were necessary before jx install: I killed much time getting ADDRESS column not empty in kubectl get ing output, using ClusterIP, NodePort and LoadBalancer in rotation, so I chose separate ingress install:

$ helm upgrade --install ingress --namespace=ingress --set \

  rbac.create=true,controller.kind=DaemonSet,controller.service.type=ClusterIP,controller.hostNetwork=true,controller.extraArgs.report-node-internal-ip-address=true stable/nginx-ingress

If you see:

Error: could not find tiller 

use these commands:

$ kubectl —-namespace kube-system create serviceaccount tiller

$ kubectl create clusterrolebinding tiller-cluster-rule —-clusterrole=cluster-admin —-serviceaccount=kube-system:tiller

$ kubectl —-namespace kube-system patch deploy tiller-deploy -p ‘{“spec”:{“template”:{“spec”:{“serviceAccount”:”tiller”}}}}’ 

$ kubectl taint nodes —all node-role.kubernetes.io/master- 

   Then I used nfs provider to get persistent volumes (nfs server is required):

$ helm install stable/nfs-client-provisioner --set nfs.server=NFS_SERVER_IP --set nfs.path=NFS_SHARE_PATH
       
Now it's ready for install:

$ jx install --provider=kubernetes --external-ip=YOUR_VM_IP --ingress-service=ingress-nginx-ingress-controller --ingress-deployment=ingress-nginx-ingress-controller --ingress-namespace=ingress --on-premise

Answer "no" when jx will ask "No existing ingress controller found in the kube-system namespace, shall we install one?"

After install, check that ADDRESS column is not empty in kubectl get ing output:

$ kubectl get ing
NAME                HOSTS                                    ADDRESS      PORTS   AGE
chartmuseum         chartmuseum.jx.10.2.20.46.nip.io         10.2.20.46   80      42h
deck                deck.jx.10.2.20.46.nip.io                10.2.20.46   80      42h
docker-registry     docker-registry.jx.10.2.20.46.nip.io     10.2.20.46   80      42h
hook                hook.jx.10.2.20.46.nip.io                10.2.20.46   80      42h
jx-jx-app-jenkins   jx-jx-app-jenkins.jx.10.2.20.46.nip.io   10.2.20.46   80      41h
monocular           monocular.jx.10.2.20.46.nip.io           10.2.20.46   80      42h
nexus               nexus.jx.10.2.20.46.nip.io               10.2.20.46   80      42h
tide                tide.jx.10.2.20.46.nip.io                10.2.20.46   80      42h

  Check the local hook ingress connectivity:

$ curl -S hook.jx.10.2.20.46.nip.io

Now you can import your local project to Jenkins X with jx import or add some predefined projects with jx create.  
Since VM does not have an external IP,  webhooks that Jenkins prescribed on a Github will not work. There are several solutions here - for example ultrahook.  Replace Jenkins X webhooks URL for Staging, Production and your Dev repositories on Github with ultrahook URL and run with an ingress hook URL:

$ ultrahook github http://hook.jx.10.2.20.46.nip.io/hook

To get Jenkins X console working (it only makes sense if you use Jenkinsfile in some project),  needs to install Jenkins App first (choose all required plugins):

$ jx add app jx-app-jenkins


and run it:

$ jx console

  Jenkins Console: http://jx-jx-app-jenkins.jx.10.2.20.46.nip.io

After opening this URL in browser, you'll see usual Jenkins login page. Surprisingly, the admin password you wrote down after installation is not suitable here. Maybe I missed something, but I had to run the following commands to find out the password:

$ go get github.com/mfuentesg/ksd

and then look for the jenkins-admin-password field:

$ kubectl get secret jx-jx-app-jenkins -o yaml | ksd

And you should see the familiar interface after login:










Tuesday, November 6, 2018

Building ripgrep on illumos

Last night I tried to build ripgrep (grep on steroids). Of course I used Nexenta, but everything below will work for any illumos distribution. ripgrep is written in Rust and we can get the latest Rust version with pkgin (many thanks to Jonathan Perkin):


$ pkgin search rust
 ...
 rust-1.30.0 =        Safe, concurrent, practical language
 ...
$ pkgin install rust
$ export PATH=$PATH:/opt/local/bin

Building ripgrep:


$ git clone https://github.com/BurntSushi/ripgrep
$ cd ripgrep
$ cargo build --release
  Updating crates.io index

   warning: spurious network error (2 tries remaining): no Content-Type header in response; class=Net (12)
   warning: spurious network error (1 tries remaining): no Content-Type header in response; class=Net (12)
   error: failed to update registry `https://github.com/rust-lang/crates.io-index

 Caused by:
   failed to fetch `https://github.com/rust-lang/crates.io-index

 Caused by:
   no Content-Type header in response; class=Net (12)

Bang! If you have such error:  clone crates.io-index git to the .cargo directory in your $HOME:


$ cd ~/.cargo
$ git clone --bare https://github.com/rust-lang/crates.io-index.git

Then create .cargo/config file:


$ cat .cargo/config
[registry]
index = "file:///home/alhazred/.cargo/crates.io-index.git"

Now build will successful:

$ cargo build --release
...
$ ./target/release/rg --version
ripgrep 0.10.0 (rev fb62266620)
-SIMD -AVX (compiled)
+SIMD -AVX (runtime)

Now you can compare the ripgrep speed and performance with usual grep. See Andrew Gallant's Blog for more information. .

Wednesday, October 31, 2018

New v9os iso and repository archive


Well, two years later, I decided to upgrade v9os. As a result, after the noise of the servers under my ear I have a little bad hearing at the moment :). But iso was rebuilt with spring changes from the illumos (unfortunately the system is panicking after later commits, I hope to solve this out later).
Some things were fixed, some components were updated, pkg and caiman were moved to python 2.7. I’ve a more powerful server now and I hope that further updates will be forthcoming in this winter.
Site design was also a bit updated.

Wednesday, June 27, 2018

Unleashed - an operating system fork of illumos


If someone looking for the operating system with ZFS, DTrace and other illumos-buns, system that has been a bit cleared from the some outdated SunOS-code, with modern utilities and libraries, and most importantly, with simple contribution process (hey, illumos-gate refugees) - here it is: Unleashed-OS.


Notes for the first release.

Sunday, December 18, 2016

How to reset Solaris 11 root password in a minute using kmdb

Following a bit outdated, ufs-based method from "Using kmdb to reset lost Solaris root password" article, we still use uiomove break point. Apply kmdb and single-mode options to the grub kernel line and boot the machine. Wait for the SINGLE USER MODE message,  type "root" for the user name. Now wait a minute until smf services run and then switch to kmdb prompt (F1-a) right after "Enter root password (control-d to bypass):" message.



































Set break point at uiomove+0xc and type :c to continue. You will need to step forward by pressing :u and :c two or three times and look for the state where zfs`dmu_read_uio_dnode calls zfs`dmu_read_uio_dbuf and finally uiomove:



































On the screenshot below we found "/etc/shadow" data in ffff810042207c00. Now all what we need is to change the first character of the root password to ":" and, after removing break point and continue, we get the root shell prompt:

































Now you can reset the password and reboot.

Saturday, July 30, 2016

Meet v9os, a minimalist illumos-based SPARC distro

This summer I decided то build something compact and modern for my two SunFire servers using IPS. Meet v9os - minimalist illumos-based SPARC distro.
On this stage, actually it's an OmniOS SPARC version, because the iso was mostly created using omnios-build, so I would like to express my deepest gratitude to OmniOS developers.

The iso was tested on SunFire v240. I would be grateful for any feedback on what works, and how it boots on other SPARC servers. I'm looking for the hosting for the IPS repository, for now you need to download packed IPS repo from the sourceforge and put it somewhere on installed system. I forgot to fix timezone installer issue in this iso, so please just type “Continue” on timezone screen while installing. Root password is solaris. This is a beta release and it lacks yet some packages like java, gcc 5. 

Special thanks to Martin (I used OpenSXCE on the first step) and Igor for the SPARC support in illumos.

Friday, April 29, 2016

Firefly failsafe image was updated

The following changes have been made:

  1. smf removed completely
  2. freebsd bootloader from the illumos loader project
  3. busybox provides init and many others commands
  4. network configuration script (/etc/init.d/netconfig) is included
  5. it's a possible to copy files over network using scp
  6. console has white background color
  7.  image size now is 58 MB


How to determine PXE mac address when booting illumos via PXELinux/iPXE

In illumos, if you need to determine the interface which was used for booting via PXE then it's possible to use "boot-mac" pro...