Ubuntu quick firewall configuration

Quick instructions for enabling firewall on Ubuntu using Uncomplicated Firewall (ufw). The resulting rules are quite obvious. Incoming traffic is denied, except for ssh, http and https (these refer to /etc/services) and outgoing is allowed.

These policies do not affect ICMP. Incoming ICMP remains allowed as per default ufw settings.

sudo apt-get install ufw
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw enable
Posted in Misc |

MongoDB as service on Windows

Quick install script for installing mongodb a service on Windows. Further instructions are available in official MongoDB docs.

Download appropriate version: http://www.mongodb.org/downloads
extract to your folder of choice, startup cmd.exe as Administrator and change to the MongDB folder.

REM -- Setup directories
set mongodir=%PROGRAMDATA%\mongodb
mkdir %mongodir%
mkdir %mongodir%\data
mongod.exe --dbpath %mongodir%\data --logpath %mongodir%\log.txt --install
REM -- Read the logfile, check install was ok
type %mongodir%\log.txt
REM -- Start the service
net start mongodb

If you run into “System error 193 has occurred. *** is not a valid Win32 application.” -error when starting the service, there is probably some error in the mongod.exe command line. The command like you use here is used when installing the service (you can check it via Windows Service Manager). For example omitting the .exe -extension or having some extra spaces in dir names can cause these problems.

Posted in Misc |

Refresh DHCP IP address in Ubuntu

Simple steps for getting new IP address via DHCP on Ubuntu (tested on Ubuntu 11.10, running under vmware with bridged network)

# Release existing
sudo dhclient -r
# Get new
sudo dhclient
# Restart networking
sudo /etc/init.d/networking stop
sudo /etc/init.d/networking start
Posted in Misc |

Using Dropbox to sync Sublime Text settings across Windows computers

Sublime Text stores settings and packages in %APPDATA%\Sublime Text 2 folder by default. Quick search did not reveal any way of forcing it use some other location. In order to sync the settings by using Dropbox, the files should obviously reside inside the Dropbox folder (eg c:\users\juhap\Dropbox)

The following instructions are written for Sublime Text 2 (beta) and Windows 7. Some older versions of Windows might not have the mklink -command that is used to create a symbolic link.

  1. Create a new folder inside your Dropbox folder, for example c:\users\juhap\Dropbox\apps\sublime
  2. Move Packages, Installed Packages and Pristine packages from %APPDATA%\Sublime Text 2 to the new folder
  3. Create symbolic links for the directories pointing from the Sublime data directory towards your Dropbox folder. In order to do this, you need start cmd.exe as Administrator. Navigate to %APPDATA%\Sublime Text 2 before executing the following commands:
    mklink /D "Installed Packages" "C:\Users\juhap\Dropbox\apps\sublime\Installed Packages"
    mklink /D "Packages" "C:\Users\juhap\Dropbox\apps\sublime\Packages"
    mklink /D "Pristine Packages" "C:\Users\juhap\Dropbox\apps\sublime\Pristine Packages"

And that’s it.

Posted in Misc |

Nokia’s smart future

Resent news tell that Nokia has already in November acquired Smarterphone, A norwegian company that makes a lightweight platform that turns feature phone
hardware into smartphone user experience. There’s not that much information available about their software which used to be called “Mimiria”, but it seems to play nicely with Linux.

Just day or two ago Eldar tweeted that Nokia executives will be meeting with people from Microsoft to set the final terms for selling Nokia’s smartphone business to Microsoft. This is not exactly the first time Eldar is informing us about this possibility. In Forbes interview he says the discussions started in May 2011, but stopped during the summer. According to Eldar the discussions started again in November after weak Lumia sales figures and negative feedback from carriers.

Analysts have hard time figuring out what Microsoft would actually achieve with this move. Nokia side is more clear. Smartphone business is not profitable for Nokia right now. It could be in future, but the future seems to be pretty uncertain. Selling it out would allow Nokia (or investors) to cash out immediately, instead of waiting for future profits. On the low end handsets Nokia still seems to shine and the future does not look that bad either. With Meltemi in the oven, Smarterphone acquired and Qt fully up and running, Nokia seems to be well equipped for ruling the low end spectrum of phones. Kicking out smart phone business would allow Nokia to focus and cut more costs.

Even if Nokia would sell out smart phones, it would not leave the smartphone business. The division between feature phones and smart phones is already very unclear and in future all mobile phones sold will be pretty smart. By focusing on cheaper end, Nokia would challenge Android and iOS in field they don’t already rule. There is lots of talk about Android entering the lower price categories but can it really match the user experience Nokia could provide with devices designed from ground up for more limited hardware?

Posted in Mobile |

The user specified as a definer does not exist when using LOCK TABLES

Encountered annoying MySQL problem when trying to dump database from a backup server.

MySQL kept complaining about
The user specified as a definer ('myuser'@'%') does not exist when using LOCK TABLES
when I ran mysqldump.

The database had been originally dumped from production server, then imported into a backup server. The production server and backup server have different sets of users. “myuser” only existed in production, not on backup. The problem was probably caused by some view that still referenced “myuser”.

A quick workaround was to create “myuser” on the backup server as well.

Posted in Misc |

Logging to Loggly from JBoss 5.1.0

Loggly is a fairly new cloud base log management service. You can think about it as lightweight and hosted version of Splunk. I find it pretty interesting, especially because it provides pay-as-go licensing model which I believe suits better to SaaS business than Splunk’s traditional licenses. I also love the idea that Somebody Else is responsible for keeping the service up and running..

Loggly provides few options for getting the logs into their system. You can use either syslog (tcp or udp) or HTTP. They also provide (or at least link to) some Ruby scripts that can take care of monitoring existing log files. In our case we needed to collect the logs from multiple Linux servers running JBoss. One issue that made things a little bit more complicated was that for certain reasons we only wanted to make changes to the JBoss configuration. The provided Ruby scripts did not feel a good solution as they required ruby & rubygems to be installed (and our servers did not have those).

A logical option was to start investigating how to get logs directly from JBoss to Loggly. JBoss 5.1.0 uses Log4j by default. There were few options. Loggly provide links to various projects that provide log4j appenders that work with Loggly HTTP API. Instead of using those, I decided to tryout syslog. Log4j comes with syslog appender, but there is one major drawback associated with it. The standard appender does not support TCP, only UDP. And sending the logs as UDP packets over the internets did not feel good solution. In my use case it is acceptable to lose some logging for example when server is shutting down, but otherwise I want to make sure all messages end up in Loggly.

Luckily I found http://www.syslog4j.org/ – a pure-Java syslog implementation that has bee around for some time. And even better – it comes with built-in Log4J appender. Syslog4j is very comprehensive solution. It provides support for TCP and UDP among many other fine things and does not require any third party jars for basic operations.

Getting JBoss to work with syslog4j turned out to be quite a challenge although it is actually really simple when you know what you should do. The main problem is that if something goes wrong, you probably don’t get any errors. The logging just does not work. There are two options for doing this. You can either set the configuration inside war/ear or you can use the main JBoss configuration, which affects all applications. In my case I wanted to use the JBoss wide configuration as I don’t want to be modifying the wars when they are deployed to production env where Loggly is used.

Steps on Loggly:

  1. Create a new syslog TCP input. Make a note of the server name (probably logs.loggly.com) and the port number (which varies) – you will need these when configuring JBoss.
  2. Make sure the input is in discovery mode. Discovery mode means Loggly will accept inputs from all IP addresses. The input will automatically stay in discovery mode for about 15 mins after it has been created. After that it will only accept traffic from hosts is already knows about.

Steps on JBoss 5.1.0:

  1. Download syslog4j binary jar from the website e.g. http://www.syslog4j.org/downloads/syslog4j-0.9.46-bin.jar and place it to $JBOSS_HOME/lib directory.
  2. Modify the $JBOSS_HOME/bin/run.sh script. Locate line that says:
    JBOSS_BOOT_CLASSPATH="$runjar"
    Modify it to:
    JBOSS_BOOT_CLASSPATH="$JBOSS_HOME/lib/syslog4j-0.9.46-bin.jar:$JBOSS_HOME/lib/log4j-boot.jar:$runjar"
    NOTE: This seems to be the important thing to get right. I believe the order of jars above can be significant.
  3. Modify the log4j configuration. This is located in $JBOSS_HOME/server//conf/jboss-log4j.xml
  4. Add new entry for Syslog4j appender that logs into Loggly into jboss-log4j.xml
    <appender name="LOGGLY" class="org.productivity.java.syslog4j.impl.log4j.Syslog4jAppender">
            <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
            <param name="Protocol" value="tcp"/>
            <param name="Facility" value="user"/>
            <param name="Host" value="<YOUR LOGGLY HOST, probably logs.loggly.com"/>
            <param name="Port" value="<YOUR LOGGLY PORT>"/>
            <layout class="org.apache.log4j.PatternLayout">
                    <param name="ConversionPattern" value="%c (%t) %m%n"/>
            </layout>
       </appender>
    

    The conversion pattern is also special. You can’t pass timestamps to Loggly (at least not right now). The messages the current time automatically, so there is no need to add them to log messages. Syslog4j appender also includes the priority so that is not needed either.

  5. Add references to the newly added appender. Locate this section at the end of the file and add reference to Loggly.
          <priority value="${jboss.server.log.threshold}"/>
          <appender-ref ref="LOGGLY" />
          <appender-ref ref="CONSOLE"/>
          <appender-ref ref="FILE"/>
    

After making these changes and restarting JBoss you should see some activity on your Loggly account.

Two things I haven’t yet investigated are the performance of this combination and how errors are handled.

The calls to Log4J are blocking by default. This means the application returns only after the message has been written to log file (or sent to syslog, in this case). This could slow down the application if log writing is taking time. Log4J comes with Async appender that partly solves this problem. Async appender maintains internal queue for log messages and a separate thread that takes care of calling the actual appender. This means the calls from application can return quickly, even if writing the log message takes time. If the internal queue becomes full, the calls to async appender either block or it starts discarding the messages.

A (not yet tested) example is below. If you try this, remember to change the reference at the end of Log4J configuration to ASYNC_LOGGLY (instead of LOGGLY).

   <appender name="ASYNC_LOGGLY" class="org.apache.log4j.AsyncAppender">
     <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
     <!-- How many messages can be kept in the queue -->
     <param name="BufferSize" value="100000"/>
     <!-- If buffer becomes full, drop log messages-->
     <param name="Blocking" value="false" />
     <appender-ref ref="LOGGLY"/>
   </appender>
Posted in Misc |

Nokia still loving Linux?

Job postings are always the best way to glance to a future of company, aren’t they? Maybe this reads as further evidence about the Linux future of Series 40.

According to the posting on Monster, Nokia is looking for (Senior) Linux SW Engineer to work with their mobile phones team. The work includes “development, integration and troubleshooting of Linux kernel and related low-level user space components.” There also seems to be some real hardware involved, since “Interaction with chipset suppliers is part of daily work”

Posted in Mobile |

Nokia bringing Linux and Qt to S40?

Rumours are saying that Nokia’s “Meltemi” project is about melting Linux and Series40 and adding some Qt magic in the process of doing it.

As you probably know, Series 40 is currently based on Nokia’s proprietary operating system. To my knowledge it is completely inhouse developed. So far this has worked, because the requirements for the OS have been quite modest. The only allowed platform for third party software has been JavaME. From the OS point of view Java makes things simple, because Java provides its own sandbox and runtime environment for the apps.

When Qt is added to the mix, things start to get complicated. With Qt people want to develop native software. It is possible to use Qt bindings with languages like Python or Java, but especially is resource limited devices this is not something you want to do. The problem with native 3rd party software is that suddenly you have native stuff running in your environment, written by people you can’t completely trust. Now this is nothing new, modern operating systems are good at keeping the software within its limits, protecting processes from each other, keeping programs from crashing the operating system and so on. Since all this is widely available in open source format (read: Linux kernel) it does not really make sense to rewrite your own wheel.

When Nokia scrapped Meego people widely thought they were also abandoning Linux. It looks like this was not the case. Almost immediately after that bad news, there was some leaked internal memos saying that part of the Meego developers could find a new project in project “Meltemi”.

If this Series40+Qt+Linux is true, it could be potentially huge thing. The combination is likely to power the Nokia’s “Next Billion” strategy. Nokia might be little bit challenged when it comes to high end smartphones, but nobody has questioned its capability of producing quality low cost phones for emerging markets. Android is the obvious competitor in lower price points, but the licensing problems can become a severa problem. It is not easy to produce competitive 100€ phone if you need to shell out 10-20€ per phone as patent license fees to your competitors. It will be also very difficult for others to match the capabilities of Qt platform. It is one thing to put together a new “mobile Linux OS”, like Samsung and Intel are doing. It is completely other thing to provide good environment for 3rd party software developers and right now there does not seem to be some many such environments available for Linux, except Qt. The trend is now to speak about HTML5 and Javascript. I believe this is mostly because the vendors have no choice. Qt is controlled by Nokia, Java by Oracle.

Posted in Mobile |

Red Hat OpenShift

Red Hat is the latest company to join the big happy cloud provider family and they have interesting stuff to bring. OpenShift is a “portfolio of cloud services for deploying and managing applications in the cloud”. Basically with OpenShift tools you can easily deploy for example JavaEE applications to Amazon cloud. OpenShift takes care of the difficult parts, like setting up and configuring the servers.

At least for me the most interesting aspect of OpenShift (Flex) is the support for running JBoss in the cloud. It is a little bit like Amazon Elastic Beanstalk, but instead of Tomcat you get JBoss (either v6 or v7). OpenShift provides ready made configuration with clustering support. You can also choose number of other components, like memcached, Infinispan or MongoDB. By the default you will also get Apache to act as a front end server. Common configuration parameters like web server settings (logging, url rewriting) and JVM settings can be tuned via the web user interface.

In the beginning OpenShift only supports Amazon EC2 as the cloud provider, but they mention that other providers (probably Rackspace Cloud) are being certified. During the developer preview you can only create clusters with max four nodes, but that limitation will go away once they lauch the commercial service.

Posted in Cloud |