Thursday, January 12, 2017

Monitoring the Network

Network Monitoring with collectd

Scattered around campus is a few thousand network ports. Most of the ports I don't care what they are doing so no alerting needed but, occasionally when there is an issue and it is nice to have an idea of what the network looked like historically. Enter the SNMP plugin for collectd. I chose collectd because of the vast number of plugins available for it, the fact that its config is file based and that it can be scaled horizontally. Having a file based configuration allows me to check my changes into version control allowing easier auditing and disaster recovery.

Installing collectd and related tools is as simple as enabling the EPEL repository and doing a:
yum install collectd-rrdtool collectd-snmp httpd php git

That  installs everything you need to start graphing your network ports. We will use Collectd Graph Panel to view the pretty graphs that collectd makes.

Simple collectd Configuration

FQDNLookup true

LoadPlugin rrdtool
<plugin rrdtool>
       DataDir "/var/lib/collectd/rrd"
       CacheTimeout 120
       CacheFlush   900

LoadPlugin snmp
<plugin snmp>
   <data std_traffic>
       Type "if_octets"
       Table true
       Instance "IF-MIB::ifDescr"
       Values "IF-MIB::ifInOctets" "IF-MIB::ifOutOctets"
   <host "">
       Address ""
       Version 2
       Community "public"
       Collect "std_traffic"

Collectd Graph Panel Installation

To install the Collectd Graph Panel just clone the git repository into your web root and it works pretty much out of the box.
git clone


That's it! Really that is all that is needed to start graphing your network ports. This provides a basic system that can easily be expanded and tweaked based on your needs.

Monday, April 6, 2015

Stupid Yo! tricks with Spark Core


Yo made a huge splash when it first came out. It was all over the tech news sites and of course I had to download the app and see what the hype was. Like all the tech news sites said it was dead simple to use push a button and send a Yo. After a while I found some services via the Yo store. A Yo would be sent when a new post was made or something happened that you cared about (a package delivered, your favorite instagramer uploads a new photo, etc.).

My local ski mountain Yo's whenever 6" of new snow falls, this was pretty much the only reason I kept Yo. It was my killer app for Yo but I wanted more, enter Spark. I have a Spark Core and it is perfect for internet of things (IoT) projects. I wanted a light to turn on whenever 6" of snow fell on the moutain, so I would know even if I didn't have my phone close to me.

Yo provides a simple callback to a webpage whenever a Yo is received which is pretty awesome. The callback includes the username and location if it was included as a GET variable. The setup is fairly simple and straight forward, Yo calls back to a webpage that does some basic checks and then uses the Spark cloud to activate the light on the Spark Core.


Wednesday, July 30, 2014

Android Studio on Fedora 20 x86_64

Android Studio is an IDE made by Google for developing Android applications. It is an alternative to Eclipse with the Andriod plugin installed. It works quite well under Fedora 20 as long as you install the required dependencies. Android studio requires some i386 libs to be installed that aren't on x86_64 systems by default. To install them:

yum install glibc.i686 zlib.i686 libstdc++-devel.i686

Once that is completed finish installing Android Studio using Google's directions.

Tuesday, June 4, 2013

Using GitHub with Saltstack

Salt Master with GitHub

I have started using a better work flow with my salt. Mainly integrating GitHub as my file backend. This isn't a new feature as the git backend in salt has been available for a while now but I finally started using it. It simplifies making changes when I am not at my desk as I can just clone the project make the changes and push it back out. Not to mention having a record of what was changed when is great for when things break.

The Setup

Setting up the salt master is easy only a few lines are needed to enable it. In your salt master config file (typically /etc/salt/master) add the following lines.

  - git
  - git+ssh://

Replace the git+ssh:// line with your repository information.

Make sure you add a deploy key to your repository and test the key. Information on setting up deploy keys can be found on GitHub's site. After the key is tested restart the salt master and check your logs to make sure no errors pop up.


Salt is now powered by a GitHub repository, giving you all the nice stuff that git provides and the ability to work with others easily through GitHub.


Wednesday, February 6, 2013

Enable Nested KVM Machines with Fedora 18

KVM on top of KVM

Nested KVM allows you to run a KVM virtual machine on top of an already virtualized machine (yo dawg). Why would you want to do this? Well for me it is simple I want to test some KVM tools out without using actual hardware. Another use case might be for somebody who purchases a beefy "cloud" machine and wants to split that up into smaller pieces.

How To Do It?

Some configuration needs to happen on the Fedora 18 physical host. You need to enable kvm nested if you are using an Intel processor (AMD has it enabled by default). To do that create or edit /etc/modprobe.d/kvm-intel.conf. Add the line "options kvm-intel nested=1" (without quotes) and reboot your machine. Once the machine has rebooted check to make sure the change took by "cat /sys/module/kvm_intel/parameters/nested". That should return "Y", once you see that you are good to go. Edit your KVM machine and add "vmx" to your CPU features. Bam! virtual machines inside your virtual machines.

Tuesday, February 5, 2013

My New Way to Manage Passwords

Keeping Passwords Secure

So like most everybody I have a bunch of passwords. Unlike most everybody I use unique passwords per site as much as possible to limit the damage if one gets compromised. Since I am not good at remembering crazy long passwords I use a tool called Keepass to keep everything organized. Keepass is available for Linux, Windows, Mac, iPad/iPod and Android. It stores everything in a encrypted database.

The Setup

I use Fedora on my desktop computers and Android on my mobile devices. I also use Dropbox to store files. You can probably guess where I am going with this... store your Keepass database on your Dropbox share. Now that allows you to get to your passwords anywhere you have internet access. However that wasn't quite what I was looking for. There is one more piece of magic that makes this system just awesome. A program called Dropsync for Android. This program automatically downloads your password database from Dropbox and keeps it synced on your mobile device. This allows for offline access to your passwords as well as the ability to add stuff from your mobile device and have it sync to your desktop devices.

One Last Hint

Dropbox offers the ability to share folders with other Dropbox users. A password database can be put in a folder and shared with somebody. That allows for a password database to be used by multiple people. A way to use feature is to keep your root passwords in the database and have the folder shared across the administrators in your organization. This allows other people to get to the root passwords if the world is crashing down and normal login methods in no longer work.


This system works really well for me. Even if the password database were to get released Keepass has done a lot to prevent it from being decrypted by an attacker. Disagree with me? Let me know in the comments.

Friday, December 21, 2012

Raspberry PI and GPIO Quick Start

Simple Start to Using the GPIO Pins

The Raspberry Pi is a small single board computer aimed at the hobby and education markets. It comes in two flavours, model A and model B. Model A has only one USB port and no Ethernet jack, it retails at $25. Model B is the more popular board includes 2 USB ports and an Ethernet connection. It retails at $35. Both include the GPIO pins so this post will apply to them both, although you will need to do additional work to get the required libraries installed on the model A since you can't download them from the Internet.

Getting Started

I will be using Arch as my distribution of choice and will be programming in Python 3. If you are using Raspbian most of this will still apply, just some translation of the install commands will have to happen. After installing Arch and booting up your Pi you will need to install some software. To do that we will be using pacman.

As root:
pacman -S gcc python python-pip
pip install RPi.GPIO
Once that completes you can then write your test program. Create a new file named and type in the program below.

import time
import RPi.GPIO as GPIO


GPIO.setup(11, GPIO.IN)
count = 0

while True:
        if not GPIO.input(11):
                count += 1
                print ("button pushed", count)
Let's walk through exactly what this program is doing. We import the needed libraries at the top, then we set the GPIO mode. The mode allows use to choose whether to  use the Raspberry Pi GPIO number scheme (GPIO.BOARD) or the BCM chip GPIO numbering scheme (GPIO.BCM). I have chosen to use the Raspberry Pi's scheme as it will hopefully be more future compatible. Traditionally when working with microprocessors the microchips numbering scheme is used. In this case we are using GPIO 17 so if we wanted to go that route we could just change the mode to be BCM and line 12 to look like:
 if not GPIO.input(17):
The rest of the program is simple. We set our pin to input mode and initialize a counter. It then goes to an infinite loop checking if the button is pushed. If it is it increments a counter and displays that count then it sleeps for a short time and does it again. The sleep is there to provide for some rudimentary button de-bounce and also to give you a chance to get your finger off the button before the counter is incremented another time.

Circuit Layout

The circuit we are going to build is simple when the button is pushed the LED will light and if the program is running you should see the counter increment. When you get tired of this just hit control C to end the program.

Parts List:
  1. 10K Resistor
  2. 1K Resistor
  3. SPST NO momentary switch
  4. LED of some kind
The circuit should look like what is pictured below.

Remember to use the 3.3v output of the GPIO as the Pi is not 5v tolerant. To test your circuit turn on the Pi and push the button, if everything goes right you should see the LED light up.

Putting it all together

Once you have the LED lighting up it is time to test your program. To do this simply run as root. Every time you push the button you should see the counter increment. This simple example should hopefully give you a good idea on how to get started using the GPIO pins on your Raspberry Pi.