Compile a (CentOS) Kernel And IPTables With TPROXY Support

A default (CentOS) kernel doesn’t have TPROXY support, which is needed if you want to it to behave as a transparant proxy. This is useful if you have a cluster set-up with one or more loadbalancers, but you still want each underlying node to see the original source IP from the request.

Without transparant proxy (TPROXY), all request would appear to come from the load balancer’s IP address, instead of the actual client (which can mess up your logging, scripts, …).

This article is derived from the “How To Compile a Kernel – The CentOS way” pages at howtoforge.com, and the guides at LoadBalancer.org. Continue reading

Posted in Devops | Tagged | Leave a comment

Increase A VMware Disk Size (VMDK) Formatted As Linux LVM

To increase the size of your VMware Virtual Machine, you need to do 2 major steps. First, you need to increase the disk’s size in your vSphere Client or through the CLI. This will increase the “hardware” disk that your Virtual Machine can see. Then, you need to utilize that extra space by partitioning it. If you’re interested in just resizing your Linux LVM, please proceed to step 2.

In this example, I’m increasing a 3GB disk to a 10GB disk (so you can follow using the examples).

I would advise you to read the excellent documention on Logical Volume Management on tldp.org.

Just a small note beforehand; if your server supports hot adding new disks, you can just as easily add a new Hard Disk to your Virtual Machine. Doing so, would mean you can increase your LVM’s size without having to reboot. If you increase the size of your currently attached disk (like the example below), you’ll need to reboot your server at least once to re-read your partition table. Continue reading

Posted in Devops | Tagged , | Leave a comment

Compiling, Running and Cursing on Chromium OS – Getting It To Work

Here’s how to get started on compiling Chromium OS from source, and running the operating system inside a virtual machine. The cursing part is mainly to set it all up, as it’s quite cumbersome.

In order to inspire you to try the same (ahum), here are some screenshots of the developer build made at Thursday, August 26th 2010.

There are still some nasty bugs in the OS (especially in a VMware environment) which drop your screen/video from time to time to a black image, and there don’t seem to be any apps available yet. So errr …  it’s only a quick-booting (8 seconds!) crashing “browser”, but hey – it’s cool, amiright?!

Continue reading

Posted in Devops | Tagged , , , | Leave a comment

Exclude Local Networks Via Juniper NetScreen-Remote VPN

If you’ve configured your Juniper NetScreen-Remote VPN to route all your traffic through your VPN tunnel, you’ll find you get stuck when accessing local IPs on your (home) network, such as a NAS, printers, computer shares, …

This is usually how it’s configured in the Security Policy Editor.

NetScreen-Remote: IP Subnet/Mask 0.0.0.0

If you want to keep having access to your local IP range(s), create a new connection under “My Connections” and add it as follows.

NetScreen-Remote: Local Network Exception(s)

Choose the following configuration settings.

  • Connection Security: Non-secure
  • ID Type: IP Subnet
  • Subnet: 172.16.0.0
  • Mask: 255.255.255.0
  • Protocol: All
  • Interface Name: Any

It goes without saying you you replace “172.16.0.0″ with the IP range you want to have direct access to. Credits to David Geens for pointing it out!

Posted in Devops | Tagged , | Leave a comment

WordPress v3.x: Don’t Replace Double Dash (--) With Single Dash

WordPress has a built-in feature that will replace a double dash (noted as “--”) with a single, but slighly longer, dash. This is great if you’re a writer or reporter, but it’s damn annoying if you’re trying to write Linux commands, or any other form of code, where you need the -- characters to remain in place.

So, let’s fix that. Continue reading

Posted in Devops | Tagged , | Leave a comment