Tuesday, March 30, 2010

UEC and Launchpad.net


Building on ssh-import-lp-id, you can now launch an instance in UEC (Ubuntu Enterprise Cloud) and have it seeded with one or more public keys securely retrieved from Launchpad.net!

Let's assume you have some registered Ubuntu 10.o4 LTS (Lucid) $EMI ...

Normally, you would need to first have the Cloud Controller (or Amazon) generate a public/private keypair. And personally, I don't like it when anyone other than me has seen my private key. To do this in UEC, you could run:

if [ ! -e ~/.euca/mykey.priv ]; then
touch ~/.euca/mykey.priv
chmod 0600 ~/.euca/mykey.priv
euca-add-keypair mykey > ~/.euca/mykey.priv
fi

And then you'd start an instance like this:

euca-run-instances -k mykey $EMI

And to access the instance:

ssh -i ~/.euca/mykey.priv ubuntu@10.1.1.100

I find this clunky, as I don't use this generated mykey business for anything else, and I can't very easily share access to this VM. The private key has already been known by the Cloud Controller (though it discards it). It's not a real security concern, but it bothers me on principle.

So we (Mathias Gug, Scott Moser, and I) thought we'd make this a bit more fluid for Ubuntu users who have Launchpad.net accounts. Launchpad.net actually provides a free, authenticated, SSL-served Public SSH key-server. You can register and share your Public SSH keys there without compromising your private key. We created a wrapper script called uec-run-instances that takes a new option -l|--launchpad-id, which is a comma-separated list of Launchpad.net id's. The tool will add a bit logic in the user-data that will have the instance retrieve and install the public SSH keys of each of the specified users at boot. The syntax looks like this:

uec-run-instances -l kirkland,mathiaz,smoser $EMI

And then you can just:

ssh ubuntu@10.1.1.100

How cool is that!?!

:-Dustin

Thursday, March 25, 2010

Introducing ssh-import-lp-id

ssh-copy-id is an incredibly useful utility for pushing your public key from your local machine to a remote server, such that you can use public key authentication thereafter.

Scott Moser and I wrote a similar utility for Ubuntu Lucid, called ssh-import-lp-id, for securely pulling one or more public keys from Launchpad.net and appending them to an account's ~/.ssh/authorized_keys file.

This can be incredibly useful in cloud environments, like EC2 or UEC.

For example, I just fired up an instance in EC2, and wanted to give shared access to me, Scott, and Kees:

ubuntu@ip-172-19-1-2:~$ ssh-import-lp-id kirkland smoser kees
INFO: Successfully authorized [kirkland]
INFO: Successfully authorized [smoser]
INFO: Successfully authorized [kees]


I can cat ~/.ssh/authorized_keys and see that all 3 were imported, and now any of the 3 of us can ssh into this instance and authenticate using public key authentication.

You can use ssh-import-lp-id against any user in Launchpad who has registered their public SSH keys. Nifty, huh?

For Lucid, the ssh-import-lp-id utility is provided by the ssh-import binary package (which comes from the cloud-utils source package). Ideally, I'd like to get the tool into upstream OpenSSH and in the openssh-server package. To do so, though, I would probably need to support other public SSH keyservers besides Launchpad.net. I did a bit of searching, but I couldn't find any other SSH public keyservers out there. Any pointers?

:-Dustin

Tuesday, March 23, 2010

Byobu and UTC


We're right in the middle of a really annoying time of the year, when the USA has switched to Daylight Savings Time (DST), but the rest of the world has not yet.

The only way to keep things straight when communicating and scheduling with people around the world is to use Coordinated Universal Time (UTC), which is basically a fixed reference point.

At the request of a Byobu user, I added a Byobu status plugin for UTC time ;-) It sits right next to your clock which shows your local time.

This is helping keep my meeting attendance straight, while I'm working in a timezone 2 hours off from my natural home timezone, in a country who's already on DST for 2010, but meeting with people 9 timezones away, in a country who's not. Woohoo!

:-Dustin

Friday, March 19, 2010

Wednesday, March 17, 2010

Server Bug Zapping: eucalyptus and euca2ools

So far, the KVM and Samba bug zapping weeks have been a success!

Next week, we will be focusing on Eucalyptus, Euca2ools, and UEC in general. In fact, Mathias Gug, Scott Moser, and I will be on-site at Eucalyptus Systems in Santa Barbara, California. We're going to spend the whole week working on UEC, ensuring that the Ubuntu 10.04 LTS Cloud offering is the best damn Linux hosted Cloud Computing platform in the industry.

Call For Participation

If you have any vested interest in the Ubuntu Enterprise Cloud, please give us hand next week!

Take a look at the open bugs against:
Help us reproduce those, or let us know if they're fixed. Come hang out in #ubuntu-server next week.

:-Dustin

Tuesday, March 16, 2010

Byobu - Preseeding Auto-launch


Do you always enable Byobu to auto-launch when you login to your Ubuntu servers?

If so, we have a neat new feature for you... Lucid's Byobu has a debconf question that will allow you to globally enable Byobu's auto-launch for all interactive accounts on the system. It's currently disabled by default. To toggle the value, just use:
sudo dpkg-reconfigure byobu
Each user, though, will still be able to override the global value with their own choice, to auto-launch or not to auto-launch. Users can overide this by either using the F9 Menu, or by touching ~/.byobu/disable-autolaunch.

Also, if you like to use preseed files and automate the installation of your Ubuntu machines, you can preseed this value like so:
d-i pkgsel/include string byobu
byobu byobu/launch-by-default boolean true
There are a couple of minor caveats... Enabling this feature will install a symbolic link to your /etc/profile.d directory. For this to work properly, your shell must support /etc/profile.d and the Z98-byobu.sh link must be the last file sourced by your shell.
/etc/profile.d/Z98-byobu.sh -> /usr/bin/byobu-launch*
Cheers,
:-Dustin

qemu-kvm daily builds, thanks Chuck!

Chuck Short (one of the unsung heroes of the Ubuntu Server) has been working hard to get daily builds from upstream source repositories into Ubuntu PPAs in Launchpad.

He recently added qemu-kvm to the list of daily built upstream projects. You can see Chuck's announcement here.

Thanks, Chuck!

:-Dustin

Tuesday, March 9, 2010

The Roomba Mod that Saved My Sanity


These two guys shed about 42 pounds of fur per day (it seems), and I like robots and automation, so a few weeks ago, I bought a Roomba.

Really neat...at least in principle.

However, the stock Roomba is simply incompatible with my house. 100% of the daily runs concluded prematurely with the Roomba inevitably stuck under my couch.


That sucks. And not in the vacuum cleaner sort of way that it's supposed to suck. Throw the automation out of the window if you have to un-wedge the machine from beneath your furniture every time, and it doesn't make it back to the recharging station.

Time for a bit of ingenuity...

I had unused four adhesive rubber "feet" that came with a wireless router (or something). I stuck these to the top of the Roomba sensor, adding about 2cm of additional required clearance, and poof--a working robot again!



Five days running now, and not a single wedging ;-)



:-Dustin

Monday, March 8, 2010

UEC at the Texas Linux Fest


Take a close look at this beautiful image by John Rogers of the Austin skyline ... Do you see some purple? Maybe some orange? How about a few clouds? Reminds me a bit of the new Ubuntu color scheme...

Well the Texas Linux Fest committee has accepted my proposal to demo the Ubuntu Enterprise Cloud!

So if you're interested in seeing a demonstration of the 10.04 LTS Ubuntu Enterprise Cloud in action, join me in Austin, Texas on Saturday, April 10, 2010 at the first ever Texas Linux Fest.

In my presentation, I will use:
  • One free Ubuntu Server ISO (10.04 Beta2 64-bit) burned to a USB stick
  • Two laptops, and
  • Twenty Minutes
And you will witness the ease of deploying an Ubuntu Enterprise Cloud (UEC), Canonical's open source implementation of an Amazon EC2-compatible cloud that you can run locally, in your own data center and on your own hardware.

In this presentation, you will learn about the UEC, Eucalyptus, Cloud topologies, the installation process, registering nodes, running and terminating instances in the Cloud, and the UEC Image Store.
Bring a blank 1GB+ USB key and I'll even burn you a copy of the same ISO I use in my presentation.
Cloud Computing is here, and Ubuntu is a phenomenal platform on which you can construct your private Cloud today. Since 2004, Ubuntu has revolutionized the Linux desktop. Attend this session and learn how Ubuntu is changing the landscape of the Linux server.

:-Dustin

Sunday, March 7, 2010

virt-manager: The Great Bug Triage


I checked my mail this evening to find a whopping 57 new messages in my Ubuntu-Virt-Bugs folder, which is a bit high for a Sunday night.

Why, pray tell, did I have 57 new messages?

Ah, well, this was the excellent work of Marc Deslauriers, one of Canonical's esteemed security engineers, evidently working hard on a Sunday afternoon triaging virt-manager bugs.

Thanks, Marc, you're the man!

Are you reading this post wondering "How can I get more active in the Ubuntu Community?" or "How can I give something back to the open source world?" Do you have an interest in helping ensure that Ubuntu 10.04 LTS's virt-manager package is a stable graphical virtual machine manager?

If so, pay a visit to Launchpad, and help try to reproduce any of the 57 remaining New and Incomplete bugs filed against virt-manager. If you help tell us what bugs have been fixed in Lucid, and which ones remain, it will greatly help Ubuntu developers focus on fixing the rest!

Cheers,
:-Dustin

Saturday, March 6, 2010

Forget the Mouse, Love Your Keyboard

When you find yourself inexorably drawn northeast, try these (in Gnome)...
  • Alt-F10 maximizes the current window
  • Alt-F9 minimizes the current window
  • Alt-F4 closes the current window
  • Alt-Tab switches between windows (forward)
  • Alt-Shift-Tab switches between windows (backward)
Forget the mouse. Love your keyboard!

:-Dustin

Friday, March 5, 2010

Server Bug Zapping: KVM in Retrospective

Big thanks to those who participated in this week's Ubuntu Server Bug Zapping effort on Ubuntu's KVM!

During the course of this week, we reduce the total number of open bugs against the qemu-kvm package in Ubuntu from 48 on Monday to 24 today. That's 24 bugs closed, slicing our open bug list in half!

Torsten Spindler was an all-star, helping triage, reproduce, and confirm fixes for quite a number of bugs, and thanks to Brian Thomason for the documentation patch. Also, thanks to Anthony Liguori (QEMU's maintainer) for meeting me at Opal Divine's and helping triage a bunch of the remaining open bugs.

I didn't get to spend quite as much time on this effort this week as I hoped, so I libvirt didn't get the love it deserves yet. I'll plan on working on libvirt in one of the next few weeks.

As for next week, stay tuned to Thierry Carrez' blog, as he's going to announce the next Bug Zapping target.

Cheers,
:-Dustin

Wednesday, March 3, 2010

Ubuntu's New Themes and Byobu

Jono Bacon, Alan Pope, and many others have blogged about the new Ubuntu Light and Dark themes.

I must say, I'm pretty excited. I think they look great! What a great time for a refresh of the Ubuntu Brand. I really like the orange and purple, and the black and gray look great.

You can easily configure Byobu to align with the new themes too! Just edit your ~/.byobu/color file, and set MONOCHROME=1, and then press F5 to reload.

Note: The theme is still very much still under development, and I'm not an artist on Canonical's excellent Design teams, so no guarantee from me that the desktop portion of these screenshots will look anything like the final Lucid desktop. These shots are meant to show that Byobu can be configured to work well with the new Ubuntu themes.






:-Dustin

Monday, March 1, 2010

Server Bug Zapping: KVM Day 1

Server Bug Zapping, Day 1, Week 1: KVM Triage .... Done!

See:
https://bugs.launchpad.net/ubuntu/+source/qemu-kvm

At the start of the day today, there were 48 open bugs against qemu-kvm in Ubuntu. And as of this post, there are now 31 open bugs.

I performed 2 qemu-kvm uploads today, fixing a configuration regression with alsa/pulseaudio and a broken manpage symlink (really low hanging fruit).

Most of the 17 bugs closed were bugs that we could confirm as fix-released, which is a huge compliment to the the upstream QEMU and KVM communities.

There are now 7 bugs in the triaged state, which means that we at least know exactly what needs to be done to solve the problem. If you think you can fix any of those triaged bugs in the next 24 hours, please assign the bug to yourself and come talk to us in #ubuntu-server. We'd love to have your contribution!

But even if you're not ready to start hacking on the qemu-kvm source code, you can still help. There are now 11 bugs in the incomplete state, and . Almost all of these need someone to try and reproduce the issue with the latest Lucid qemu-kvm 0.12.3 package. If you can lend a hand there and help confirm that these bugs are either fixed or still broken in Lucid, that would be very helpful too!

Finally, a big thanks to today's most active Bug Zappers: Torsten Spindler and Andres Rodriguez!

Cheers,
:-Dustin