* Posts by Robert T

13 publicly visible posts • joined 8 May 2007

I want to play with VMs

Robert T

Re: I want to play with VMs

I guess that you want to learn by playing, and you don't have a specific purpose in mind. I'm very familiar with Linux and KVM, and work with reasonably large clusters.

Virtualisation itself is a commodity nowadays. There are minor differences between the different hypervisors, but all in all, they require compute, network, and storage and they spit out VMs. For your purposes, any compute unit with virtualisation extensions should be fine, and pick a hypervisor that you can easily script against (ie. there's an API). For most purposes, standard networking setups suffice - you will want to learn about VLANs and bridges in Linux; at some point you might want to look into the Software-Defined-Networking software, but this is usually only relevant for public cloud deployments. Storage is the most interesting, as virtualisation adds more layers into the mix and introduces mixed usage patterns - for a very simple setup, store VMs on local disks or on an NFS mount, and provide NFS as extra storage for VMs. Later, you might want to invest time exploring Ceph/Rados, Sheepdog, GlusterFS, or similar. In my opinion, iSCSI is more trouble than it's worth - too many vendors do things too differently (and storage folks don't like you messing with their kit), so you usually end up running your own iSCSI targets if you want the most flexibility, which introduces more points of failure and a lot of work to do it right.

The real interesting parts of virtualisation and where most effort is being invested nowadays is around the supporting management infrastructure. If you have hundreds or thousands of virtual machines running across many independent clusters, you need a way to manage them. You need to know which VMs are running on which servers; you need to have sensible VM allocation (and reallocation) algorithms; you need good monitoring; you need DHCP and DNS servers; you need some kind of CMDB storing metadata; you need user access control; you probably want to use image-based deployments, so you'll want a management solution for that which the VM-deployment-scripts can make use of; and you'll want to support PXE installations (at least for the physical servers, if not for the VMs); you'll want full lifecycle management of the infrastructure and VMs, from initial resource allocation and creation through to migration and recovery from failures and finally to decommissioning.

On top of that comes the management of applications and services on individual servers, and the orchestration of deployments using the IaaS-APIs and configuration tools (such as CFEngine, Chef, Puppet, Ansible, SaltStack, etc.). At the very least, you'll want a reproducable way to configure your physical servers and keep them up to date and consistent.

For KVM, you might want to look at http://www.linux-kvm.org/page/Management_Tools for some tools other people and companies have written.

If you really want to understand with a bottom-up approach, I recommend starting by setting up redundant DNS & DHCP servers with support for PXE, and using virt-manager to create VMs on remote servers using a single VLAN and bridged networking using local disks or NFS backed storage. Once you've managed that, start automating things yourself, but evaluate different tools as you go along. For KVM, there is no one standard, and every software solution manages things their own way. There are lots of moving parts, and any full solution will be necessarily complex (or simple but inflexible). Oh, and don't forget to design monitoring into your solution: Make sure you have the possibility to extract metrics at every step (no need to collect them all from the start - you'll figure out what's important as you go along).

When you're done with this, you may then decide that virtualisation itself is not that important for your situation, and the same management and orchestration toolbox can be applied to general application and resource management where you'll get much better performance/better ROI by deploying smarter software stacks running on bare metal, in containers like LXC, or using external IaaS providers.

Good luck!

'Non-compulsory' ID cards poised for a makeover?

Robert T

Uh, so can I get one if I live outside the UK?

.. and will they want me to update my foreign address whenever I move? I really just want the wallet-sized passport substitute!

Dear Obama: Please consider open-source a waste of your time

Robert T

Open Source? Open Standards, baby!

I think that it's far more important for Governments and large organisations to settle on patent free Open Standards* rather than a particular product or ideology. I also think that the best open standards are those which have a freely available source code reference implementation (even if it sucks). If a commercial venture invests the effort to make a better implementation, and it is chosen by some organisation, then that's great! If there's enough demand, an open source implementation will also arise (and if not, nobody can whine about it), or at least other commercial options (thus maintaining competition).

* It's not an open standard if nobody can make heads or tails of the documentation.

How the BBC plans to save your ISP

Robert T

Why should the BBC pay?

Isn't it in the interest of the ISPs to reduce bandwidth? How about if the BBC just provided the software (already a substantial investment) to provide cached streaming of content and left it up to ISPs to implement it (within contractual agreements) and pay for it, since it will in effect save the ISPs significant bandwidth and therefore money to implement it. Combine that with some DNS based service discovery in the software to identify the closest servers (and a way to temporarily circumvent the broken server, in case the server has issues) and I think the BBC could save a whole lot of money.

I think that most ISPs (who do not have conflicting agreements regarding content) would gladly provide caches for P2P applications also, if it would save them money. The biggest issue is that most P2P protocols aren't easily cacheable, and P2P architects who don't cater for this should be beaten.

French telecoms chief says 'non' to EU-wide regulation

Robert T

How about mandating an Ombudsman to stop the little guy being screwed?

As an Australian, I really appreciated the office of the Telecommunications Ombudsman, who would promptly and professionally deal with legitimate complaints. Telcos must have their own internal procedures for dealing with complaints, but where these are unsatisfactory, the Ombudsman would chase the telcos up, at their own expense. It meant a higher quality of customer service, more openness, and less deceptive practices.

Maybe Ofcom in the UK serves this purpose, but some other EU countries don't have the concept, and a customer must take (usually expensive and personally risky) legal action against a huge company for the €7 they overcharged you on dialed but non-connected roaming calls. (ok, in my case, they compensated me, but they probably overcharge millions of € per year with the same scam, and nobody polices that)

Ban booze in supermarkets, says health adviser

Robert T
Dead Vulture

How about developing a cafe culture?

I much prefer the European cafe culture approach.. even at my local Irish pub in Germany, there's table service and individual payment.. everybody can drink at their own pace, order what they want, and enjoy themselves. Getting into rounds of drinks leads to people drinking far more than that should, and makes responsible service of alcohol obligations a joke.

Of course, getting Brits out of their binge drinking habits may prove a bit more challenging..

BitTorrent busts Comcast BitTorrent busting

Robert T

ISP Bittorrent caching

I've said it before and I'll say it again. ISPs should be caching bittorrent traffic for the benefit of all their users. They can capture the downloaded packets anonymously, and force feed them to future requesting users of theirs.

Let's face it - at a large ISP, users are probably downloading and uploading the same single file thousands of times, and costing a lot. A few Linux/Unix boxes and a few TBs of storage are nothing compared to the ongoing bandwidth costs. My guess is that they could reduce their traffic by up to 40% overnight with an effective system. Frankly, I think it's irresponsible of the likes of Bittorrent the company to not have included easy support for caching proxies from the start.

Additionally, caches are almost always exempt from legal responsibility for copyright infringement because they are indiscriminate about their content, service only their customers, and are for network performance reasons.

I'd also like to see end user dumb indiscriminate caches & proxies, to provide reasonable deniability in the event of lawsuits. As a point: Onion router users don't normally get successfully prosecuted, unless they're poorly represented or the law of the land is specifically against these kind of services, which most aren't (law enforcement loves onion routers, too!).

Of course, this potential windfall benefit will not eventuate if most bittorrent traffic starts to be encrypted. They're shooting themselves in the foot in the long term.

There is one proprietary BT cache that I know of, but they claim to only cache legitimate content...... I don't like the implications of such a statement, even if it is just marketing. But it shows that the technology is out there.

Microsoft! snuggles! with! Yahoo! on! OpenID!

Robert T

Methinks people miss the point...

Do a bit of reading about OpenID, people..

This is not Passport or Yahoo or a similar centralised service. If you want to be your own OpenID provider (and you have some webspace with CGI support), you can be. The whole point of OpenID is that it's distributed. Anybody can be a provider. It provides authentication and only authentication - if X was X yesterday, X is almost certainly X today; where X could be little Jimmy, a convicted criminal, or a dog sitting behind a keyboard.

Personally, I have one common insecure password for almost every website, and a handful of others for websites and services that I consider strategic. It's far more likely that one of these small poorly written websites leaks my password than a security conscious OpenID provider will.

As mentioned before, it also needn't be one OpenID - if you want multiple OpenID's, you can also have that. There's also support for logging into one site with multiple OpenIDs at the same time.

And a great feature will be web browsers with special support for OpenID, so I needn't even visit the website of my OpenID provider to authenticate or allow a website access to some of my OpenID info.

Brits split on ID cards

Robert T

I want an optional ID card for travel in the EU!

I don't want fingerprints, DNA, or retina information on my card (although if it's there, I don't want it stored in a central database). I want something with traditional security measures that serves the same purpose as a passport within the EU. Many EU countries dictate that you must carry your passport or passport equivalent with you at all times, which is of course a ridiculous requirement for us manly men who don't carry handbags or bum bags. I want a card that will fit in my wallet along with bank cards, health cards and travel tickets.

Brown will 'scrap ID cards' for UK citizens, claims paper

Robert T

Optional photo-only EU-recognised ID cards, please!

As a british citizen living on the mainland, I am expected to carry my passport with me at all times as it is the only suitable form of identification available to me. I of course break the law on a daily basis because carrying a passport is such a nuisance. All I want is a basic ID card that would let me travel around the EU without needing my passport. I don't want biometric extras. I just want the necessary information as accepted by the EU. I don't care if it's compulsory or not in britain - just give me a damn ID card for the EU.

Skype hangs up on users

Robert T


"SIP, the session intitation protocol, is the IETF protocol for VOIP and other text and multimedia sessions, like instant messaging, video, online games and other services."

"SIP offers all potentialities of the common Internet Telephony features like: * call or media transfer * call conference * call hold"

Basically, VOIP with SIP is a non-proprietary Skype alternative, with a multitude of outbound (and inbound) voice providers to choose from. Combined with a 3rd party service called Voxalot, I use multiple outbound providers (sipphone.com, voipbuster/smsdiscount, & voxalot itself for some free and Internet-based calls) to call at the cheapest rate possible depending on the destination. Using a SIP supporting ATA, I make all my calls (except emergency calls) through the Internet using my standard handset - I don't have to pay any more than I must to the incumbent Telco!! I could also purchase a WiFi-enabled SIP phone and make cheap phone calls from other lightly-firewalled WiFi enabled locations. Or I could just use a computer and a headset, like millions of people do.

Can I call Skype? No. Can they call me? No. Do I care? No, because I get 300 unbilled minutes per week to dozens of countries (landline) and much cheaper rates than Skype provides. I just call my family and friends in Australia, the Netherlands, and Germany on their landlines for free* or mobiles at reduced rates. There are some really great offers out there for VOIP calls.

(*) Using smsdiscount.com, so long as I have a positive account balance

UK firms contest 'absurd' software patent ruling

Robert T

Doesn't copyright already handle this?

The right "to control the distribution of computer disks and internet downloads of the programs which configure an apparatus to perform a patented process" is something adequately handled by copyright law, not patent law, I would imagine. They should be able to stop verbatim copying of the software, but they shouldn't be able to stop someone implementing their own version of the software.

EU postpones roaming cap decision

Robert T

Propping up profits

It's a tragedy. Germany should be pulled into line. They are holding competition back in Europe and will be the cause of a lot of grief for consumers of Telco services and many Telcos themselves.

The German Government is very lax about their Telcos, price and quality regulation, and isn't working for their people, because they like the idea of German telcos (in particular Telekom) being the most profitable in Europe, in order to buy other companies outside of Germany. The Telekom-Fiber deal currently under scrutiny by the EU is one but instance. Germany not having any telecommunications ombudsman or simple complaint mechanism also means that the only recourse for telco abuses within Germany is the courts, and keeps all but the most serious abuses from the media's and consumer's scrutiny.

It's time to beat telco's into line with enforced legislation that encourages competition, and punishes monopoly and cartel behaviour. Short term consequences be damned - it's for the common good.