Thursday, August 3, 2017

Replacing Android device with a new one

So.... TILLW, if you have a new android phone, the very first thing you want to do is tell it you want to copy an existing phone you have in your possession. There appears to be no way (other than resetting the phone back to factory defaults) after the first screen to have one phone be setup like another. This is inane.

TIL it ain't so easy to enable root login in ubuntu

So... TIL today. You can enable root login in sshd_config. You can set a password for the root as well of course. However, you can't actually ssh into the box if you have any keys (or at least "some" keys) in your ssh-agent. So, by running ssh-agent bash and then logging in as root to target, I get asked for a password. If I alternatively have an ssh key you get the message that
Please login as the user "ubuntu" rather than the user "root".

Sunday, June 5, 2016

Android Tap & Go... Almost as Easy as It Sounds

I had one teensy-weensy little problem with Android's Tap & Go feature for new phone set up. Although the NFC portion works fine, it is also VERY IMPORANT to enable Bluetooth PRIOR to running the sync. The sync code will temporarily turn on the bluetooth but it won't actuall work. Just enable bluetooth on the OLD phone prior to trying the Tap and Go and then it truly will be Tap and Go.

I had no luck googling for this issue or solution so noting it here for others to find. The phrase, "Sorry, Something Went Wrong" will appear on your new phone shortly have making the sync chime.

Wednesday, May 11, 2016

TIL From Users Today

I learn something about OpenStack each and every day and one of my broadest sources of OpenStack knowledge comes from my customers, the users of Time Warner Cable's OpenStack implementation.

Today, users' taught me, passively, by using it, about Shelving an instance. 

Suspending an instance puts it to sleep (via CPU suspension states) but the instance (virtual machines) is still using all of the memory and disk and cpu resources it was before (though the actual host CPU usage in this case is very very minimal.) Subtly different yet similar seems to be Pausing an instance. (I've never used this myself but am now checking to see if my users are using this.)

Stopping an instance still has the instance assigned to a hypervisor (essentially a compute host) and still "sort of" consumes resources on that host, most notably the ephemeral disk.

Shelving an instance makes a glance image snapshot of the instance and then removes all reference from the original hypervisor and compute host. It is consuming glance snapshot space in so doing but nothing on the hypervisor or compute host. So it is using the most minimal amount of resources possible.

Now to make this a real blog, I need to go add some links so that this is more shiny.

Monday, July 27, 2015

Time Warner Cable (TWC) OpenStack Summit Talks in Tokyo -- Vote Now

(Using my soapbox to pitch some Time Warner Cable proposed talks for Tokyo.)

Many of these are our experience running an OpenStack Cloud in production at Time Warner Cable. Others are particular areas of interest. And one is just for fun....

Click the shiny link to vote up or vote down, however you feel.

Abstract Author
More Info... Voting (link to abstract on
Duct Tape, Bubble Gum, and Bailing WireEric Peterson, TWC,
GoDaddy and others
Fernet Tokens: Why They're Better and How to SwitchMatt Fischer and the Frenet teamOps
Moving a Running OpenStack CloudMatt Fischer
Eric Peterson
Customer Pain Points Revealed in TWC's OpenStackKevin Kirkpatrick
David Medberry
Building the right underlay, lessons learnedSean Lynn
Darren Kara
Monitoring OpenStack with Monasca -- Totally Worth the EffortBrad Klein
Ryan Bak
Overcoming the Challenges. LBaaS in practice at TWCJason Rouault
Sean Lynn
Upgrading OpenStack Without Breaking Everything (Including Neutron!)Clayton O'Neill
Sean Lynn
Integration & Deployment Testing of an OpenStack CloudClayton O'Neill
Matt Fischer

OpenStack TriviaDavid Medberry
Kevin Kirkpatrick

Owls, Cats, Toads, Rats: Managing Magical Pets - VM persistenceDavid Medberry
Craig Delatte
Enterprise IT Strategies
Other Ways to ContributeDavid Medberry
Eric Peterson
How To Contribute
LibVirt: Where are we today?David Medberry
Sean Lynn
Related OSS Projects
OpenVSwitch: Where are we today?David Medberry
Sean Lynn
Related OSS Projects

Monitoring: How to get the outcomes you want and want the outcomes you get!Steve Travis
Ryan Bak
Brad Klein
Monitoring / Operations
An all SSD Ceph cluster: Tips, Tricks, and lessonsBryan Stillwell
Craig Delatte
The evolution of Openstack Storage Services at TWCAdam Vinsh
Craig Delatte
Enterprise IT strategies
Building a self-repairing cloud with AIRyan BakMonitoring / Operations
Configuring Swift Using Puppet-swift: considerations and examples.
Adam VinshOPS

Thursday, May 28, 2015

Request for Reviews from Online Stores

Dear googlemonopriceamazon, please don't ask me to do reviews for items delivered via slow delivery. If I request slow delivery, there is a REALLY GOOD CHANCE I'm not going to use the item right away. So, don't ask me to review it when I haven't even taken it out of the package. You should only ask for reviews when things are shipped overnight. (Though arguably, if you are in that kind of hurry you don't have time to do reviews.) So I guess, I'm just saying, stop asking for reviews altogether.

And if I could have expressed this in a brief way, it would have been a tweet.

And, no, don't file a patent for this. I freely grant this info to the world....

Sunday, May 17, 2015

OpenStack, a really big deal

Okay, most folks know I've spent the last 4 years involved with OpenStack and have been attending summits since Boston. This is the first time however I've been overwhelmed with the number of other folks attending the summit and we aren't even there yet.

I'm at 36,000 feet over NW USA headed to Vancouver from Denver on United UA 323. By sight alone, I've identified 10 different companies sending folks to OpenStack (and I'm sure there are many more companies represented on the flight that I don't know.) About 30 folks that I know (or at least know of) are on this very flight for a week of design, operations notes exchange, and marketing. WOW. I'm expecting more than 6,000 folks in YVR this week--maybe 7-8K.

Friday, March 27, 2015

Cinder Multi-Backend GOTCHA

When making puppet changes to handle OpenStack Cinder with multi-backends, we created a really painful problem. The multi-backend basically moves our Cinder (with ceph backend) from basically a default name of our cluster (like cluster01) to a backend specific name (cluster0@ceph) so that we can add additional backends (like cephssd and solidfire and 3par).

Unfortunately, this had the really bad side-effect of dropping the "host" that was providing just "cluster01" service. All attached volumes continued to work fine. However, it became impossible to launch new instances with these volumes, terminate (properly) instances with these volumes, or delete these older volumes.

The fix (once you understand the problem) is very straightforward:
cinder-manage volume update-host --currenthost cluster01 --newhost cluster01@ceph

NOTE: Don't do this unless these are really the same services. Presumably safe if you have a single cinder backend and are prepping for multi-backend.

Wednesday, March 11, 2015

OpenStack Clients on Mac OS Yosemite

Clearly I haven't written a blog post recently enough. That must explain the negative karma behind running into a tricky problem.

As we all know, "pipin' ain't easy". I held off upgrading to Yosemite for a long time so as not to break my functioning Mac with OpenStack clients. However, I found time and reason to upgrade last weekend and had helped several others through the Mac client solutions a week prior.

Alas, it was not to be a sweet journey for me. I endedup with the dreaded xmlrpc_client issue. Some coworkers determined that you could resolve this by uninstalling "six" and then reinstalling "six". Unfortunately that doesn't really work. A "sudo -H pip uninstall six" did do the right thing, but "easy_install six" never succeeded. And I should note the reason that six in pip doesn't work in the first place is that the Mac OS Yosemite itself has a downrev version of six installed.

The trick, at least in my case, was to "type -a easy_install" and note that there are two versions of easy_intall. Pick the second one and you are off to the races. Here's the steps if you are still reading:

dmbp:~ dmedberry$ sudo easy_install six #fails
Traceback (most recent call last):
  File "/usr/bin/easy_install-2.7", line 7, in
    from pkg_resources import load_entry_point
  File "/Library/Python/2.7/site-packages/pkg_resources/", line 3020, in
    working_set = WorkingSet._build_master()
  File "/Library/Python/2.7/site-packages/pkg_resources/", line 616, in _build_master
    return cls._build_from_requirements(__requires__)
  File "/Library/Python/2.7/site-packages/pkg_resources/", line 629, in _build_from_requirements
    dists = ws.resolve(reqs, Environment())
  File "/Library/Python/2.7/site-packages/pkg_resources/", line 807, in resolve
    raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: setuptools==1.1.6
dmbp:~ dmedberry$ type -a easy_install
easy_install is /usr/bin/easy_install
easy_install is /usr/local/bin/easy_install
dmbp:~ dmedberry$ sudo /usr/local/bin/easy_install six

Friday, December 12, 2014

Ubuntu Sound Gotcha - Missing Devices

I was laid up at home for a day so instead of using my laptop as a laptop, I went ahead and "docked" manually to my dual screen gear (that has largely been attached to my "work" Macbook Pro.) I used the thunderbolt and hdmi connectors on the side of my Spectre XT (and it was the first time I've ever gotten video to work out of the t-bolt. WIN.) The monitors are Acers with DVI connectors so I'm using some monoprice cabling to convert to T-bolt and HDMI.

That setup will probably explain to some of you what went wrong... but sadly it did not initially to me. I was using the setup and listening to music/youtube etc. After some point in time (and crucially, I'm not sure when exactly), I lost my audio output. The sound notify/menubar/whatever device was still present and still indicated I had sound output, but nothing was being produced.

I entered into the sound settings and lo and behold, there was no device listed in the "Play Sound Through" panel of the output setting. (And I didn't even notice that right away as my eyes were laser focused on the completely zeroed out volume indicator at the top that wouldn't move. Of course it wouldn't move as there was no output device.)

I gradually pieced together what may have happened--I suspect at some point AFTER connecting the monitors, I either suspended/resumed or actually rebooted. It appears that something in the audio detection algorithms determined I should be using HDMI audio (however, these Acer monitors have no speakers.) And by gradually pieced together, I mean I futzed around with this for a couple of hours.

Once it dawned on me that the only thing that I had really changed was the monitors, I went ahead and removed them (which I had done several times during the futzing around) and shutdown entirely and rebooted. VOILA. "Built-in Audio" device reappears and I'm another happy camper.

Sunday, November 10, 2013

Missing USB devices in KVM or QEMU with Ubuntu Saucy?

I've been a long time user of Fitibits. These are small devices you wear on your person to track activity. For instance, the Fitibit Ultra can track steps taken and stairs taken among other things. The device integrates with an application and has a nice webapp to display your history.

Setup on the Ultra was done with a Windows machine as there is (well was) no Linux client. I borrowed my wife's machine (as she already had the software installed as she too had an Ultra.) Once the device was setup, some guys at Canonical created a library for Ubuntu that would allow you to sync the device properly from Ubuntu (without running Windows.) Windows was only needed at setup time.

Fitbit continued to develop new monitors and I recently ordered the Fitbit Force. The Force is essentially a smartwatch. It has a superset of features of the Ultra. It also requires setup via Windows (or Mac) and I still don't own one of those. I figured I'd just use KVM and a Windows guest image.

I'm running Ubuntu Saucy with

libvirt-bin 1.1.1-0ubuntu8
qemu-system 1.5.0+dfsg-3ubuntu5

these versions of libvirt and qemu.

Fitbit Force comes with a small dongle you plug into your usb port. (Essentially, this is a bluetooth 4 device but it is single purposed, pairing only with the Fitbit Force.) 

So I added the USB device info to my virtual machine description (using the GUI). This allows for specific usb hub and device passthrough. However, the device was never showing up in Windows (as near as I could tell.)  I spent hours debugging this, changing perms on the usb device tree, running as root, etc, to no avail.

To troubleshoot, I used a USB device lister, USBDeview, from Nirsoft. It's freeware (free as in beer). It did a nice job of listing my past and present USB devices by walking the USB tree and the registry entries of past devices. Nope, no Fitbit Force.

A bit of googling and debugging led me to this gem:
"Apparmor blocks usb devices in libvirt in Saucy" bug #1245251. By using the work around in comment #1, my Fitbit Force (and any other USB device I requested) were now available in the guest.

(I had previously tried the apparmor settings mentioned in the Managing KVM page, to no avail. Those instructions pre-date Saucy.)

Hopefully by the time anyone stumbles on this particular post, this bug will already be fixed in Saucy and Trusty, but I like to publish these lessons learned Just In Case.

Oh, and one other note, once the initial setup is done, you can pair your smartwatch to your android phone... once they add the type of android phone you have. The Nexus 5 is apparently slightly too new..... :( so I'll be using that Windows image a bit more than I planned.

Monday, August 5, 2013

Using kdump on Ubuntu in Azure

This is another of my occasional posts that may help the next guy. I call them YAHTNG, yet another helping the next guy,t blog entry...


kdump is a tool that allows you to capture (in a file) the linux kernel state when it crashes (oops). It uses the kexec functionality that's long been part of the linux kernel (since 2004 if memory serves.) In order to use this on linux, you install the linux-crashdump metapackage that in turn depends on the right bits and pieces.

apt-get install linux-crashdump

On different versions of Linux, different bits and pieces get installed. Prior to Raring, 13.04, you get one set of packages and Raring and newer, you get a different set. In either case, on Microsoft's Azure cloud and elsewhere under the hyper-v hypervisor, you will get a hang if  you just install the linux-crashdump package and then experience a crash. This is due to some Azure-specific kernel modules that get loaded in the kexec/kdump kernel. You need to exclude these modules, i.e., blacklist them. Here's how.

Older Ubuntu Releases including Precise

In 12.04 (Precise) and 12.10 (Quantal) you want to edit /etc/init.d/kdump (this is the script that runs at boot time to configure the kdump kernel. The kdump kernel gets loaded into memory and configured via this script.)

--- /etc/init.d/kdump 2013-06-28 00:09:22.400504335 +0000
+++ kdump.nohyperv 2013-06-28 00:16:48.903733116 +0000
@@ -48,6 +48,7 @@ do_start () {
  # Append kdump_needed for initramfs to know what to do, and add
  # maxcpus=1 to keep things sane.
  APPEND="$APPEND kdump_needed maxcpus=1 irqpoll reset_devices"
+ APPEND="$APPEND ata_piix.prefer_ms_hyperv=0 modprobe.blacklist=hv_vmbus,hv_storvsc,hv_utils,hv_netvsc,hid_hyperv"

  # --elf32-core-headers is needed for 32-bit systems (ok
  # for 64-bit ones too).

As you can see, we are simply prohibiting the Azure kernel modules hv_vmbus, hv_storvsc, hv_utils, hv_netvsc, and hid_hyperv from loading in the kdump kernel. They still get loaded in the regular Azure kernel (and you will want to keep them there for performance and behavior reasons.) However, if they load in the kdump kernel, they won't actually work and will "hang" the kdump kernel while they try and connect to the Azure services (or hyper-v services.) Additionally, we  prefer NOT to load the hyper-v module setting for ata_piix by setting it to zero.

After you modify this init script, you will want to reboot. (But take note and read the last section on the crashkernel as you will likely want to make that change as well, prior to rebooting.

Newer Ubuntu Release (Raring and the upcoming Saucy)

The newest releases of Ubuntu include an additional package that handles kdump configuration called kdump-tools. This package manages the kernel modules in a simple config file /etc/default/kdump-tools. You can edit that file to blacklist the appropriate modules:

    67 #KDUMP_CMDLINE_APPEND="irqpoll maxcpus=1 nousb"
    68 KDUMP_CMDLINE_APPEND="irqpoll maxcpus=1 nousb  ata_piix.prefer_ms_hyperv=0 modprobe.blacklist=hv_vmbus,hv_storvsc,hv_utils,hv_netvsc,hid_hyperv "

In addition to preferring to NOT use the ata_piix for hyperv, it also blacklists the same kernel modules as previously mentioned.

Smaller Images

Low memory (extrasmall, small) Azure instances (well, really any small images including small physical machines) unfortunately run into bug #1206691, default crashkernel setting rarely works on a system with little memory. You will need to modify /etc/grub.d/10_linux and set the crashkernel to 128M for any size instance. Do this by simply altering the range here:

   74 # add crashkernel option if we have the required tools
    75 if [ -x "/usr/bin/makedumpfile" ] && [ -x "/sbin/kexec" ]; then
    76     GRUB_CMDLINE_EXTRA="$GRUB_CMDLINE_EXTRA crashkernel=384M-2G:64M,2G-:128M"

    74 # add crashkernel option if we have the required tools
    75 if [ -x "/usr/bin/makedumpfile" ] && [ -x "/sbin/kexec" ]; then
    76     GRUB_CMDLINE_EXTRA="$GRUB_CMDLINE_EXTRA crashkernel=384M-700M:64M,700M-:128M"

Once you have made this change, be sure to update grub:

sudo update-grub

so that the chnage will take effect. You will also want to reboot. Then you can validate that change by inspecting the boot command line:

cat /proc/cmdline

and see that the new value is now shown.

ubuntu@bug1195328-1210:~$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-3.5.0-36-generic root=UUID=39eb48d3-958a-48e0-896e-b6b03cc2342a ro crashkernel=128M console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300

Reference Material

The official references for configuring Ubuntu for kdump are here:

and you should refer to them for procedures for testing and verifying your crashdump setup.

Micosoft Azure has some notes on the kernel modules here:

Sunday, July 14, 2013

Fun with QR Codes

In honor of xkcd's cartoon today, I thought I'd make myself a qr code--a self portrait.

Be sure to follow the QR code in xkcd a couple times and then come back and try this self-portrait. Oh, and you can do your own QR code art at

Tuesday, July 9, 2013

OpenStack Programs Core Developers

It seems to be something I look up fairly regularly: A listing of OpenStack core developers--either so I can get a +2 or just because I need to know if someone is on or not-on a given list.

I found the Canonical list by initially proposing in this blog the wrong list--and apparently that's a fairly common problem. So I'll link to the real list and explain how you might also be referring to the wrong list as well.

Official OpenStack Programs
OpenStack Technical Committee
Lastly, I ran across OpenStack Planet Core Developers when I was creating this list. They may be an aggregator team (ie, bloggers who get aggregated).  And hopefully, this blog will show up in the planet soon.

Now for the wrong list. Not so long ago, much of OpenStack was managed in Launchpad. Consequently, there are also a somewhat correlating list of -core projects in Launchpad. However, I'm not going to reproduce them herein in order to avoid perpetuating them. I will mention the bug that has been posted to help clean them up though: and it is listed as in progress and did see some activity last month. If you happen to stumble onto this blog post and have some ownership over those dangling -core teams or other defunct/obsolete launchpad teams, go ahead and clean them up (pretty please).

Oh and one other editorial footnote: OpenStack now refers to the individual areas of development as programs, not projects as it used to. You might want to update your mental model to that terminology. Many thanks to ttx for the review of this document (though all errors and faux pas are mine.)

Friday, July 5, 2013

VirtualBox Host-Only Networking

VirtualBox allows one to configure a VM with host-only networking. This can be useful if you are connnecting a number of VMs together and need to put them on the same switch/bridge.

However, it's darn frustrating to figure out how to enable it as all of the googling and manuals indicate you just enable it by selecting settings within the VM.

What they fail to mention though (but is covered in the built-in help in VirtualBox), is that you must first create a device for this host-only networking to use. From the main VirtualBox window, choose Preferences (below the File) menu. That will bring up the global preferences for the VirtualBox hypervisor. Click "Network" and then the "+" sign to add a host-only network device (typically vboxnet0).

It's possible that some versions of VirtualBox create one of these at install time, but on Ubuntu, such is not the case. Now you can create a number of virtual machines and put them on the same nic. Your host OS will also now show that same nic. Here's an example from my laptop's OS:

medberry@handsofblue:~$ ip a show dev vboxnet0
6: vboxnet0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet brd scope global vboxnet0
    inet6 fe80::800:27ff:fe00:0/64 scope link 
       valid_lft forever preferred_lft forever

and that same vboxnet0 is now an option when you select host-only networking in the vm:

Wednesday, June 26, 2013

Talk Like a Spy Day

There really ought to be a "Talk Like A Spy Day", something of a corollary to talk like a pirate day (tlapd).  tlasd would involve things like jamesbondisms, smileyisms, coldwarisms, etc.

Wednesday, January 30, 2013


I just wonder how many folks will be, like me, googling "magnificient" today after reading xkcd. I certainly did. I'm still undecided if it is a word or just artistic license.

Friday, November 30, 2012

Juju environment in the HPCloud

I've been an HPCloud user a long time. They rocked the cloud world as one of the first OpenStack deployments open to the public.

And I work at Canonical, so Juju is key to my cloud usage. There are some "howtos" for getting the hpcloud to work with Juju but I was just missing a few things... not sure if it was out of date or what, but the following worked fine.

Create an "environment" within your ~/.juju/environments.yaml that looks like this:
default: hpcloud
# Get api-keys here:  
# after you have a valid hpcloud account and login
    access-key: **************:****************
# from the api-key page use the access key 
#     with a central colon (:)
    secret-key: *************************************
# secret-key is just below the access-key you used above, 
# typically hidden/obscured by default
    juju-origin: ppa
# This was the most important line.
# juju-origin defaults to "distro" and the ubuntu in hp cloud
# currently is precise without an upgraded juju, so without
# setting this to ppa, you have a catch-22
    control-bucket: make-your-own-bucketname-cb
#make this up
    admin-secret: make-up-your-own-admin-secret
#make this up
    region: az-1.region-a.geo-1
    default-image-id: 8419
# use an appropriate image number from the selected region
#  you are using in the next line
#  8419 is valid for az-1
# This is shown as the tenant name.
#  yours may look more like
    default-instance-type: standard.medium
# This value while required, is ignored since Juju added constraints
# you can set it to any arbitrary string
# use "juju set-constraint instance-type=standard.medium" 
# to actually set a default instance type after you bootstrap
# and you can set the default at bootstrap time
# with "juju bootstrap --contraint "instance-type=standard.medium"
    auth-mode: keypair
    type: openstack
    default-series: precise

By default, your ~/.ssh/ will be injected into the instances. You can pass an alternative in by adding an:

 authorized-keys: ssh-rsa AAAAPUBLIC_KEY_TEXT_HERE

in the hpcloud environment stanza.

Monday, September 24, 2012

A little issue with nova keystone and cacert.pem

I was having a bit of trouble with OpenStack as I was setting up a demo. The demo included the normal essex bits and pieces: nova, keystone, horizon, glance, rabbitmq, mysql, and swift. Most of the way through the setup, I came to this step:

cd /home/ubuntu/creds
. ./openrc
nova x509-get-root-cert

and got a curious error:

ERROR: string indices must be integers, not str

which is correct, but not all that meaningful. I'll jump to the solution now. Somehow I had glossed over the step to create the nova user in keystone. Once I did that the get-root-cert worked.

Various error messages about this (and askubuntu answers) abound and include helpful suggestions like check your endpoints. (My endpoints were all fine.) And other suggestions (though I've only seen it once--as I was writing this blog post after I had a solution) to "Check that your service users can authenticate against keystone."

That was the actual issue--my "nova" user was never created (as I've said). And although the openrc file I had created doesn't reference this user, it is used by keystone to get the information.

I was able to troubleshoot this (on a multihost system with nova controller on node B and keystone on node A) by simultaneously tail -f /var/log/**ALLTHENOVALOGS** and tail -f /var/log/keystone/keystone.log where I plainly found:
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] ******************** REQUEST BODY ********************
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] {"auth": {"tenantName": "service", "passwordCredentials": {"username": "nova", "password": "novapassword"}}}
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi]
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Matched POST /tokens   
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': }
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Match dict: {'controller': , 'path_info': '/tokens'}
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Matched POST /tokens   
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': }
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Match dict: {'controller': , 'path_info': '/tokens'}
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Matched POST /tokens   
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Route path: '/tokens', defaults: {'action': u'authenticate', 'controller': }
> 2012-09-24 19:26:47    DEBUG [routes.middleware] Match dict: {'action': u'authenticate', 'controller': }
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] arg_dict: {}
> 2012-09-24 19:26:47  WARNING [keystone.common.wsgi] Invalid user / password
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] ******************** RESPONSE HEADERS ********************
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] Content-Type = application/json
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] Vary = X-Auth-Token 
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] Content-Length = 89 
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi]
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] ******************** RESPONSE BODY ********************
> 2012-09-24 19:26:47    DEBUG [keystone.common.wsgi] {"error": {"message": "Invalid user / password", "code": 401, "title": "Not Authorized"}}
> 2012-09-24 19:26:47    DEBUG [eventlet.wsgi.server] - - [24/Sep/2012 19:26:47] "POST /v2.0/tokens HTTP/1.1" 401 248 0.030605

Once the nova user was created properly, the cacert.pem is created.

Sadly, this user/password is created many many steps earlier (and typically on another node) during the keystone config and only tested near the end of an install.

Monday, August 6, 2012

Hangout How To

I found myself googling how to make Google Hangouts follow speaker. Sometimes I click on a specific speaker to put their webcam centermost in my display. However, switching back to "focus follows speaker" mode was not obvious. Simply click on the speaker (at the bottom) that you already have selected and a green outline around the speaker will turn off. This "toggles" the focus follows speaker mode (off or on). Clicking on a different speaker will just move "permanent" focus to the other speaker, so you must select the current speaker (which is more like a "de-select".)

Tuesday, May 29, 2012


Yet Another Helping The Next Guy

I bought my son a shiny new Ivy Bridge based Asus laptop from dealnews for high school graduation. Of course, he only runs Ubuntu, but I wanted to keep the Win 7 64 around for flashing BIOS and related reasons (and someday he may need to run some Windows program....)

It's pretty straight-forward to install Ubuntu alongside windows in a dual-boot fashion as the Live installer knows how to do this. But apparently not on some UEFI based systems--or that's what I thought. It turns out, the installer knows how to work with UEFI systems as well. It just doesn't know how to do it on a system with a broken/corrupt/obscured GUID Partition Table (gpt).

I've used gpt for years as I used to work in HP's Itanium Linux lab. And I've seen some GPT tables corrupted before. The ASUS (at least this one) ships with the secondary GPT corrupted. The last partition (I think 5th) somehow extends INTO the secondary GPT. (Think of the secondary as a backup table in case the primary gets corrupted--a failsafe.) This corrupt secondary table makes the partition table unreadable or possibly unusable to Ubuntu (and moreover, to the underlying libparted and the parted utility.)  The installer just "determined" that the disk was unformatted so it kindly offered to just install Ubuntu to this blank disk (destroying all the existing partitions in the process.) Not so good.

I downloaded gdisk (from Universe) as it seems to be designed from the ground up for GPT tables and it was able to read the partition table and show me the partitions. These matched up with what /proc/partitions was showing me (which seemed to be right all along.) It also matched up with what I was seeing in Windows 7. ASUS ships with a C drive, a D drive, and a recovery drive along with the normal EFI system partition (ESP) and a Microsoft Reserved Partition (MSR). So the layout looked something like this:

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048          411647   200.0 MiB   EF00  EFI system partition
   2          411648          673791   128.0 MiB   0C01  Microsoft reserved part
   3          673792       339511295   161.6 GiB   0700  Basic data partition
   4       339511296       925575167   279.5 GiB   0700  Basic data partition
   5       925575168       976773167   24.4 GiB    2700  Basic data partition

Where 3 is C (OS) drive, 4 is D (DATA) drive, and 5 is the ASUS Recovery partition. It is partition 5 that seemed to be the source of the error:

Warning! Secondary partition table overlaps the last partition by
33 blocks!
You will need to delete this partition or resize it in another utility.

To resolve this issue, I simply deleted partition 4 and recreated it from the same start point but smaller and ending sooner. Then I dd'd partition 5 to another disk, deleted it and recreated it (same size) but now it ended before the end of the disk. I then restored it via dd.  (The partition Warning! went away as soon as 5 was deleted and did not reappear when it was recreated at a new start sector.)

I failed to grab a snapshot of the final partition table entries but I basically shortened 4 by a couple GiB (and didn't try to "nail" it to exactly 33 blocks shorter.)

Once the GPT table had a functioning secondary GPT, the Ubuntu installer was able to find it without problems. I just used gdisk to make the D partition into a Linux format partition (8300). (There was nothing on the D drive.) The installer did create a GRUB entry for the Win 7 but that doesn't really work. However, using ESC, I can select the Windows partition from the UEFI boot menu and it dual boots just fine.  After the installation was done, I upgraded from the Precise install release bits to the latest bits (including newer kernel) and the grub update worked fine as well--so it seems to be a rock solid dual boot machine now.

Holler if this helps you or if you know more about why ASUS formats the disk this way--there could be an underlying reasons. Oh, and one more thing, I actually did make the Win 7 recovery disks PRIOR to doing any Ubuntu at all and I've not tried to do anything since with the recovery partition.

You can reach me via the comments below or email me at asus DOT dowdberry AT medberry DOT net.

And some final words: Ubuntu Live Installer makes an awesome detective kit and this Ivy Bridge notebook truly rocks.

Monday, January 2, 2012

Helping the next guy

Just a bit of IRC discussion I thought I'd share. A friend was looking for a way to disable X on an Ubuntu install converted to be a mythtv backend. After a web discussion, another friend suggested passing "text" in on the cmdline. That's a darn good suggestion.

This works in both gdm and lightdm as they both search for this in their startup script (/etc/init.d/gdm and /etc/init/lightdm). Lightdm is the default display manager in Ubuntu 11.10 Oneiric and gdm was the default display manager in prior versions.

Friday, July 15, 2011

Read Later Fast aka Diigo

Just checking to see if RLF is really all it is cracked up to be (by forcibly changing the content of my blog.)

Thursday, May 19, 2011

Flickr Uploading from Ubuntu

As a linux user, I've long been frustrated with the tools available for uploading pix or vids to Flickr. I thought I'd give using Wine a shot with the Windows uploadr today. No luck. It gives an error "No XPCOM".

I was stumped and frustrated at this point. Sadly, if I had really been paying attention at UDS-O in Budapest, I would have immediately tried the winetricks hacks. (Winetricks were shown as a way to get performance measures during Wednesday's plenary session.) But no, I wasn't that swift.

Fortunately, someone else was... even swifter: Thank you  Sandip Bhattacharya. Your blog post Using the official Flickr uploadr on Ubuntu made my day. Kudos Sandip!

Saturday, March 12, 2011

Chroot Setup

Another in a series of notes to help me find and remember things. When setting up a chroot, immediately after, examine and if necessary rectify the /etc/resolv.conf settings. A Debian debootstrap chroot will use a default of but you might want something other than that. The first clue will be when you can't ping or apt-get something.

Sunday, November 28, 2010

Another rant -- Colorado Public ... Radio? is not a site dedicated to cardio-pulmonary resuscitation. No, the letters stand for Colorado Public Radio. RADIO, yes, RADIO. However, I challenge you to find their radio broadcast frequencies on the home page. Or even an obvious link. FAIL.

A search for frequency will bring you to the Station Map where you will find that in and around Denver, the classical music station is 88.1 and the news (and news talk) is on 90.1.

Now you may be asking why in the world I'd be looking up an FM transmitter in this day and age. I still have analog radios. Really. And my ogg music player has one built-in and I regularly have it with me when exercising. And it's the holiday season here in the states... and I need to exercise. And yes, I can exercise to classical music.

Friday, November 5, 2010

FBReader full-screen feature

Let's get this out of the way first: This is a totally self-serving post.

FBReader, an e-book reader that can handle EPUB, has a feature to go full-screen. This is very useful--but also quite confusing. None of the menubar buttons seem to enable/disable this feature. Yet, it's fairly easy to accidentally turn on or off--and completely baffling when it happens. A quick google turned up nothing really obvious about how to enable/disable/toggle fullscreen mode. Thus, this blog entry.

Without further ado, here's the shortcut key: <RET>. Yes, the return key or enter key is the way you toggle fullscreen, full screen, full-screen off and on. And this does make some sense. The return key is pervasive on most PDAs, handhelds, and certainly on the author's laptops. So, it is nearly universally available (and moreover the enter key makes little sense in the body of a more-or-less read-only document format like EPUB.)

I've intentionally loaded this blog entry with searchable terms so that others trying to figure this out can easily find the information. That's why keyboard shortcuts and the word fullscreen appears several times with various spellings. Likewise, FBReader appears repeatedly. FBReader, which has nothing to do with FaceBook and does not predate FB, was certainly something I was aware of prior to my knowledge of facebook.

I don't yet own a Kindle, Nook, Sony Reader or any other dedicated ebook reader. Moreover, I don't have an iPhone, Android phone, Palm or other smartphone. I do have a Nokia that can apparently also run FBReader and I may try that out at some point but I have not yet done so. And no, I've never owned the original FBReader device, Sharp Zaurus.

Friday, June 25, 2010

Undocumented ILO2 Settings

There appear to be some undocumented ILO2 settings, as a google search for:


turns up zero hits as of this date.

However, by logging into a DL380 G62 ILO-2 CLI console, you can see this setting:
hpiLO-> show /map1/config1  

    oemhp_timeout=30 minutes
    oemhp_serialclispeed=115200 bits/sec
    cd version exit show set oemhp_loadSSHkey

And as you can plainly see,
oemhp_rawvspport appears therein.

Mentioned Elsewhere

Okay, I was reading scrollback from a chatroom at work and saw this phenomenally cool video (that kind of makes me wish I was still 20 y.o.) Probably best viewed with volume off, there's just the camera operator's commentary and a few honks from passers-by.

Props to Vinsh for sharing.

Sunday, June 20, 2010

Uncle's Day -aka- Cub Lake Trail

Originally uploaded by MERLIN08
My neice Jessica invited our family along with part of hers for a pre-Father's Day hike in RMNP. We hiked along the Cub Lake Trail which starts in the meadow and works its way up to Cub Lake. I'm now calling the day before Father's Day Uncle's Day in commemoration (though there probably already is an Uncle's Day according to Hallmark.)

Saturday, May 29, 2010


Today was glorious, warm, sunny, and summery. It was so nice out when I got up, I went out to "flush" the backyard of canine detritus. That was quick as it had been done recently. This was prep for mowing. However, it looked like string line trimming needed to happen, so I grabbed my trusty B&D whacker and went to work... After cutting for a couple minutes, it dawned on me that 6am* might be a bit early for the fam and the neighbors... :^) So I set down the whacker and had some breakfast. But it does illustrate how glorious today was.

As I was eating breakfast, I noticed birds retrieving dog hair from the back deck welcome mat. I grabbed some video equipment to record this (as last summer there was quite a pecking order established between a few birds competing for materials that was hilarious.) Unfortunately, by the time the gear was gathered and aimed, the birds had given up.... Maybe tomorrow.

I did ultimately get five hours of yard work completed before lunch. And followed that up with a high school graduation (air conditioned!) And then a bit of tool shopping to replace the worn out string trimmer. I picked up another B&D trimmer. I went for battery operated this time so that we don't have to string power cords all over the yard. (I don't think gas-powered are all that good for the air.)

And now, blogging from the coffee shop during a thunderstorm. Northern Colorado, late May, delightful.....

*I regularly wake up before 5:30 a.m. to feed the spoiled rotten Shih Tzu.

Friday, May 28, 2010

Presidential Memorial Day Observance

I found this nugget:
[President] Obama is not retreating on Memorial Day. Instead of visiting Arlington cemetery, Obama and the first lady will participate in a Memorial Day ceremony at Abraham Lincoln National Cemetery in Elwood, Ill., about 50 miles south of Chicago. Moreover, not every president has spent Memorial Day at Arlington. In 1983, President Reagan was at a summit meeting, and the deputy secretary of defense -- not even the veep! -- placed the wreath. Nine years later, President George H.W. Bush passed off the wreath to Vice President Dan Quayle. And in 2007, Vice President Dick Cheney took on the wreath mission, while President George W. Bush was in Texas.

References: list of National Cemeteries (why not visit one near you?) includes the info on President Obama's visit to Lincoln National Cemetery

Fort Logan National Cemetery
4400 W. Kenyon Avenue
Denver, CO 80236