So, yeah, PyOhio was all kinds of awesome. So awesome, in fact, that it was tool damn cool for 2010. What you say? I mean to say that according to the handout, we were actually in 2011. You had to be there to believe it. Sucka.

This is only the second PyOhio I have been able to attend, although I’ve managed to be involved in the most minuscule way since it’s inception. First of all, I love the venue, The Ohio Union. I found it to be accessible, convenient, and appropriate for our needs. The Round Room seating situation could be improved, but I think that’s already on the agenda for next year.

The first talk I caught on Saturday was one that really piqued my interest. Scott McCarty talked about log analysis and demod a tool named petit, a pretty awesome log analysis tool written in Python. It basically gives some really practical ways to help your logs get you the info you need in less time, with less pain.

To entertain her, I sat in on Sarah’s talk, which is a really nice introduction to Python for .Net developers. Pretty sure that’s at least the second time I’ve seen that talk ;).

The evening after was great. Columbus has a decent night life! The wife and I strolled around the Arena District and the Short North on High St. We had dinner at The Black Olive and then The Burgundy Room for a drink and Tapas.

Also hung out with a crowd of folks from the conference for a few drinks at the Surly Girl.

Conclusion? Both of the districts are very cool, I’d go back any time for a night on the town.

On Sunday I presented my talk. Initially I had planned to speak on how to use the Splunk Python API/SDK. Sadly, that didn’t work out so well. I started out writing my own interface to the RESTful API that they provide/publish. Then, I discovered that Spunk had done all that already. The problem is that the code doesn’t feel Pythonic to me, and the documentation is just aweful (see this).

While I’m on the subject, I’ll take a moment to rant. One of my peeves in software design is that programmers don’t make clean interfaces. There’s nothing overly hard or complicated about talking to a RESTful service, but they have abstracted it in such a way that it takes digging to figure out WTF is going on under the hood. I would have tried to write the code with an interface that was abstracted, but didn’t leave you wondering what kind of magic Unimacorn dust was thrown in to make it all work. Am I wrong to think that way?? No.

Here is what I have to do for a basic search with Splunk

from splunk import auth, search

if __name__ == '__main__':
    # First of all; MOTHER FUCKING CAMEL CASE
    # Lastly, you call getSessionKey BUT it caches
    # the key, so you don't need to call it again.
    # Therefore, this method name feels like a lie.
    auth.getSessionKey('username', 'password')

    # Because the kw argument list is fucking huge.
    args = {'search': 'search sourcetype="syslog"',
            'latest_time': 'rt',
            'earliest_time': 'rt'}

    # Monolithic method to "dispatch" things.
    # I am not a fucking trucker, or police officer.
    search_job = search.dispatch(**args)

    # Pandas are now crying bloody tears
    if search_job.isDone:
        for index, event in enumerate(search_job.events):
            print event

Were I the developer responsible for the Splunk interface, I would have designed it something like this:

from splunk import Auth, Search

if __name__ == '__main__':

    auth = Auth()
    auth.authenticate('username', 'password')
    restful_search = Search()
    search_job = restful_search.basic_search(realtime=True,
                     sourcetype='syslog')

    # I like generators..
    while True:
        try:
            print search_job.events.raw.next()
        except StopIteration:
            break

Anyway, I’m over that now, moving on.

So, my talk went pretty OK. Like I started to say earlier, the Splunk part didn’t pan out. I still touched on the basics of the Splunk API and what I didn’t like. Most of the slides I wrote, however, were before I started seeing things I didn’t like about the code, so people were likely confused.

I also talked briefly about a suite of tools we use internally at AGI for managing ~1k servers. It’s called cf and is loosely based on cfengine, but built in Python with a bias toward flexibility and decoupling from the build process. Parts of the system are open source, but the goal is to open it completely and release a stable version.

In contrast, I also spoke about Fabric to basically show how simple application deployment can be.

After my talk, I stuck around for calvinhp’s talk about Supervisord, one of my favorite Pythonic unix tools. One I’ve even contributed back to!

You can find my slides here: Splunking With Python and my code here: pyohio_talk on bitbucket

So in a nutshell, PyOhio is awesome, and you should go every year.

I’ve been on a major self improvement kick lately. I’ve kicked several crazy habits including, but not limited to:

• Smoking
• Biting my nails
• Soda
• Sugar (practicing moderation)

Next on my self improvement quest, I decided to start monitoring bandwidth usage and tracking it on my blog so I(and you!) can follow how much I’m using, and try to trim it down to a reasonable level. I’m not going to play around, I am seriously addicted to the internet. It is one of my oldest, hardest to moderate addictions EVER. I figured if I kept track of how much I actually use on a daily basis that it would help me moderate myself.

So, this morning I downloaded and installed vnstat and initialized the database for my single interface like so:

sudo vnstat -u -i eth0

Where eth0 is the interface all my network traffic routes through. To track multiple interfaces, run the above command again, swapping out eth0 for the other interface.

Next I fired up the following cron:

*/5 * * * * if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi

It samples usage on any interface you specify every 5 minutes and creates awesome statistics from it. So, whenever I have a quick break between tasks, I run vnstat and get a glimpse at my usage.

Now, this is the part that scared me a bit.. I never really thought about how much I use. I fired all of this up at ~9:00AM, the snapshot below was taken at 10:45AM.

bsmith@bsmith-desktop [10:47:06 (0.17)] ~ 
-> vnstat
Database updated: Tue Jan 26 10:45:01 2010

    eth0

       received:      40.68 MB (81.6%)
    transmitted:       9.89 MB (18.4%)
          total:      50.57 MB

                    rx     |     tx     |  total
    -----------------------+------------+-----------
        today     40.68 MB |    9.89 MB |   50.57 MB
    -----------------------+------------+-----------
    estimated        89 MB |      20 MB |     109 MB

I, um, yeah I use the internet, a lot..

There are lots of other fun things you can do with vnstat, but I’ll mainly just look at incremental snapshots, and the money shot: daily usage.

Daily output looks like this:

bsmith@bsmith-desktop [10:47:41 (0.09)] ~ 
-> vnstat -d

eth0  /  daily

day         rx      |     tx      |  total
------------------------+-------------+----------------------------------------
26.01.     42.19 MB  |   10.35 MB  |   52.53 MB   %%%%%%%%%%%%%%%%%%%%:::::
------------------------+-------------+----------------------------------------
estimated       92 MB  |      22 MB  |     114 MB

As said previously, I’m going to post my bandwidth usage daily, either here, or on my Posterous for the next month. I don’t really have a goal here, just want to be able to trim my usage to hopefully stave off some of my internet “dependency” issues..

Stay Tuned!

I’ve been on a major self improvement kick lately. I’ve kicked several crazy habits including, but not limited to:

• Smoking
• Biting my nails
• Soda
• Sugar (practicing moderation)

Next on my self improvement quest, I decided to start monitoring bandwidth usage and tracking it on my blog so I(and you!) can follow how much I’m using, and try to trim it down to a reasonable level. I’m not going to play around, I am seriously addicted to the internet. It is one of my oldest, hardest to moderate addictions EVER. I figured if I kept track of how much I actually use on a daily basis that it would help me moderate myself.

So, this morning I downloaded and installed vnstat and initialized the database for my single interface like so:

sudo vnstat -u -i eth0

Where eth0 is the interface all my network traffic routes through. To track multiple interfaces, run the above command again, swapping out eth0 for the other interface.

Next I fired up the following cron:

*/5 * * * * if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi

It samples usage on any interface you specify every 5 minutes and creates awesome statistics from it. So, whenever I have a quick break between tasks, I run vnstat and get a glimpse at my usage.

Now, this is the part that scared me a bit.. I never really thought about how much I use. I fired all of this up at ~9:00AM, the snapshot below was taken at 10:45AM.

bsmith@bsmith-desktop [10:47:06 (0.17)] ~ 
-> vnstat
Database updated: Tue Jan 26 10:45:01 2010

    eth0

       received:      40.68 MB (81.6%)
    transmitted:       9.89 MB (18.4%)
          total:      50.57 MB

                    rx     |     tx     |  total
    -----------------------+------------+-----------
        today     40.68 MB |    9.89 MB |   50.57 MB
    -----------------------+------------+-----------
    estimated        89 MB |      20 MB |     109 MB

I, um, yeah I use the internet, a lot..

There are lots of other fun things you can do with vnstat, but I’ll mainly just look at incremental snapshots, and the money shot: daily usage.

Daily output looks like this:

bsmith@bsmith-desktop [10:47:41 (0.09)] ~ 
-> vnstat -d

eth0  /  daily

day         rx      |     tx      |  total
------------------------+-------------+----------------------------------------
26.01.     42.19 MB  |   10.35 MB  |   52.53 MB   %%%%%%%%%%%%%%%%%%%%:::::
------------------------+-------------+----------------------------------------
estimated       92 MB  |      22 MB  |     114 MB

As said previously, I’m going to post my bandwidth usage daily, either here, or on my Posterous for the next month. I don’t really have a goal here, just want to be able to trim my usage to hopefully stave off some of my internet “dependency” issues..

Stay Tuned!

I constantly forget that I already have screen sessions available when I log in on Monday mornings. I don’t like that because it’s wasteful, but I’m just lazy enough that the thought alone isn’t enough to make me do something about it until now. So, to combat this, I whipped the script below as a reminder to use one of them, or get rid of them.

This will only fire when you are not already in a screen session, courtesy of the $WINDOW environment variable.

Add this to your ~/.bashrc

function list_screens() {
    if ! test $WINDOW;
    then
        echo
        echo "Current screen sessions available"
        screen -ls
    fi
}

list_screens

Yay! Now I can continue to be lazy!

You can find this and other junk over in my dotfiles at bitbucket: https://bitbucket.org/benjaminws/dotfiles/

At the office I recently upgraded a machine to CentOS 5.2 from CentOS 4.7 (filesystem stayed intact). Everything was cool until I ran into a bit of an issue when attempting to update and regen the yum cache. I got a python traceback that looked like this:

# yum update
base      : ################################################## 2458/2458
update                    100% |=========================|  951 B    00:00
primary.xml.gz            100% |=========================| 242 kB    00:00
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.main(sys.argv[1:])
  File "/usr/share/yum-cli/yummain.py", line 105, in main
    result, resultmsgs = base.doCommands()
  File "/usr/share/yum-cli/cli.py", line 289, in doCommands
    self._getTs()
  File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 85, in _getTs
    self._getTsInfo()
  File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 91, in _getTsInfo
    self._tsInfo.setDatabases(self.rpmdb, self.pkgSack)
  File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 537, in <lambda>
    pkgSack = property(fget=lambda self: self._getSacks(),
  File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 392, in _getSacks
    self.repos.populateSack(which=repos)
  File "/usr/lib/python2.4/site-packages/yum/repos.py", line 242, in populateSack
    sack.populate(repo, mdtype, callback, cacheonly)
  File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 168, in populate
    dobj = repo_cache_function(xml, csum)
  File "/usr/lib64/python2.4/site-packages/sqlitecachec.py", line 42, in getPrimary
    self.repoid))
TypeError: Can not prepare packages insertion: table packages has no column named location_base

Eeek! Got the same error when running yum makecache. Quick look at the traceback is somewhat obvious, the DB schema changed, but the DB didn’t get upgraded! Easy fix is to clear out your yum cache like so:

# cd /var/cache/yum
# rm -r *

And then you’ll want to regenerate your cache like so:

# yum makecache

Hope this helps anyone else who runs into this issue!

Since upgrading to Ubuntu 8.10 (Intrepid) I had been having trouble with my SSL VPN connectivity. Rather than sit down and figure it out I chose to fire up a virtual box instance of 8.04 and use it to get work done. Finally, tonight, I hit the tipping point and decided to figure this out. First I discovered debug mode with the SSL client. You can enable it on the command line by running

# startct -d

That will put a log in /var/log/AvConnect.log with lots of debugging goodness. The first thing I noticed was a fun error that looked kinda like this:

XGSSL::Connect() DoHandShake Failed!!!

Obviously enough, this led me to believe that this was a problem with the ssl handshake.

So, I decided at this point to inspect the guts of the Aventail client. Seemed simple enough, a few shell scripts (startct,stopct,uninstall) and some perl (cctel.pl) and then there’s this mysterious binary, AvConnect. I decided to look deeper and found this..

# file /usr/local/Aventail/AvConnect 
/usr/local/Aventail/AvConnect: setuid ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), stripped

Looks like it uses shared libs, let’s see where it’s linking..

# ldd /usr/local/Aventail/AvConnect 
linux-gate.so.1 =>  (0xb8008000)
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7fd4000)
libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0xb7e93000)
libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0xb7d3c000)
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0xb7d16000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7bb8000)
/lib/ld-linux.so.2 (0xb8009000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7bb4000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7b9e000)

Did a bit more digging by running some tests with OpenSSL.

# openssl version
OpenSSL 0.9.8g 19 Oct 2007

# openssl s_client -CAfile /etc/ssl/certs/Entrust_Root_Certification_Authority.pem -connect <myvpnhost>:443 -showcerts

Which seemed to work fine..

So, puzzled I compared the openssl package on my 8.04 VM to what I had installed, shockingly they matched.

# openssl version
OpenSSL 0.9.8g 19 Oct 2007

Taking a shot in the dark I decided to upgrade my local install of openssl from source. Fairly run of the mill install..

# wget http://openssl.org/source/openssl-0.9.8i.tar.gz

# tar zxvfm openssl-0.9.8i.tar.gz

To get the shared objects, you’ll want to run configure like so:

# cd openssl-0.9.8i
# ./config shared

Now, do the magic..

# make && make test

Install it in the default location /usr/local/ssl

# sudo make install

Then, you’ll want to update your links in /usr/lib to point at the new shared objects.

# sudo ln -s /usr/local/ssl/lib/libcrypto.so /usr/lib/libcrypto.so

# sudo ln -s /usr/local/ssl/lib/libssl.so /usr/lib/libssl.so

# sudo rm /usr/lib/libcrypto.so.0.9.7

# sudo ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.0.9.7

# sudo rm /usr/lib/libssl.so.0.9.7

# sudo ln -s /usr/lib/libssl.so /usr/lib/libssl.so.0.9.7

Then test it out by running startct and you should be able to connect as usual. I have yet to figure out why the ssl handshake fails with the packaged version of openssl, so if anyone has any clue about that or has a smarter work around, please let me know :)

This is, of course, not the recommended action for people new to Linux/Ubuntu and I provide no guarantee that it will work for you. I just wished to provide a possible work around for anyone having the same issue googling around aimlessly.

Enjoy

EDIT: More comprehensive shuffling of lib links per comments and observations below. Thanks devodl and js!

I’ve recently decided to evaluate other shell’s and ran across one that looked interesting: fish.

You can read more about fish: here and here

Based on what I’ve seen I’ve decided to try it out. Before I dive in too deep with fish, does anyone have any opinions, caveats, issues to mention about it?

If I don’t like it I’ll keep trying out zsh but most likely end up back in bash :)

I’d love to go into detail about how I hacked together this awesome way to install wubi from the loopback mount onto it’s own partition. Truth be told, save for a quick boot loader edit, I did almost nothing.

Take a look at this site: http://lubi.sourceforge.net/lvpm.html for a complete, visual step-by-step on how to install your wubi instance directly to your hard drive.

The only issue I ran into was with booting into Parted Magic. The DEB I was instructed to install pointed at the wrong disk for root() in the GRUB line. It was as easy as editing /boot/grub/menu.lst to point it at the right place.

In /boot/grub/menu.lst search for ubninit. Change the root line above where you landed to look like this:

root(hd0,)

Rather than this:

root(hd1,)

Enjoy!

Today I had to yank a line from my ~/.ssh/known_hosts file on my jump box here at the office and I noticed that I had a lot of known hosts! I’d be interested to see how many you have.

My work jump box:

bsmith@ops654 [09:06:04 (0.00)] ~/.ssh 
-> wc -l known_hosts 
1155 known_hosts

My desktop:

AGCOM\bsmith@bsmith-laptop [09:07:21 (0.22)] ~/.ssh 
-> wc -l known_hosts 
65 known_hosts

Here is a fun command we use at the office that makes extracting hardware info from a remote machine easy as pie. It’s called dmidecode and it can be quite useful. Here is one section of the information it can provide, extracted from one of my servers(some bits removed):

Handle 0x0100
    DMI type 1, 27 bytes.
    System Information
            Manufacturer: Dell Inc.
            Product Name: PowerEdge 1950
            Version: Not Specified
            Serial Number: XXXXXX
            UUID: XXXXXXXXXXXXXXXXXXXX
            Wake-up Type: Power Switch

You are, unfortunately, at the mercy of the hardware manufacturer for accuracy of the hardware information, but thus far I’ve found it to be accurate.

Enjoy.