Category: Linux

*** Disclaimer: This is not supported by Rackspace. If it blows up, we can’t help you fix it. I’ve tested it a fair bit and it seems to be working fine, however if it does not work for you, you’re pretty much on your own. I would advise thorough testing before deploying this solution to a production environment. ***


After a long hiatus from writing articles, I found something interesting to tinker with again after a customer asked about VPN, I had never tried it so my answer was “It should be possible, but I’m not sure”. Now I can say that it is definitely possible, and give you a practical setup utilizing IPSEC to hook into your sweet Cisco ASAs in your corporate networks. This was tested using two cloud networks,  but it should work for cloud network to anything that supports IPSEC. You could also potentially do this with any other VPN solution, such as OpenVPN.

This guide will walk you through setting up an openswan ipsec tunnel that connects one network to another, as well as a dhcpd server to make it mostly automatic to anything on the network.  Read on after the jump.


View full article »

Creating the Kittynet

Have you ever wanted to just set up a wireless network that replaces pictures with cats?

No? What’s wrong with you. In this article we’re going to talk about making the Kittynet. So you can leave it unsecured and have your neighbors be annoyed by pictures of cats everywhere, like so –

The Kittynet is Live!
(note: don’t go to that site.)

Read more after the jump.

View full article »

You might have noticed by now that I really like Nginx. I’ve had an article for using it as a load balancer with SSL termination already, and eventually I’ll get around to setting it up as a web server as well. For this article, I’ll set a situation. You have some PHP application on apache, and have your mod_rewrite wizardry the way you want it, and everything is working -ok-. You’ve heard of this new Nginx thing and want to give it a shot, but don’t want to mess with testing everything on Nginx. So what you can do, is have Nginx listen and serve all your static content (Which it’s really good at), and pass your dynamic content(and whatever else) back to Apache to process. This article will go over the configuration of an Nginx reverse proxy, and modifying apache to work with it.

View full article »

This guide will walk you through installing a custom linux distro to Rackspace Cloud Servers without the need of taring up a file system from a donor box. This particular guide is specific to openSuse, but the same method can be used to install other distros that support automated/remote install.

This process is entirely unsupported by Rackspace.

First, some documentation before we get started:

View full article »

The majority of motherboard manufactures still only allow you to update your BIOS either from within Windows, from a USB stick within the BIOS itself, or from a floppy with DOS. The first option doesn’t work with a linux box for obvious reasons. While the second option is nice for updating one box, it quickly becomes a hassle when you have an entire rack you need to update. And the third option is antiquated by any meaning of the word… or is it? While the days of floppies are long gone, the reign of the floppy image is still going strong in the world of PXE boot.

The biggest limitation of a floppy image is easily its size. 1.44MB is almost useless in today’s world of terabyte hard drives. Since BIOS images take up about 1MB, that leaves room for not much else. Meaning no scripting, no fancy menus, just the flasher program and your BIOS image. One of the most common methods around this limitation is to offsite your BIOS images to a samba share and instead use the 1.44MBs of space for network utilities. While this does work fine, it brings back bad memories of networking in DOS that I’d rather not experience again. Instead, I’ll walk you through how to expand a floppy image to whatever size is comfy for you, and most importantly, keep it bootable.
View full article »

I wrote an article a while back about load balancing with HA Proxy. If you’re wanting to do SSL, it lets you do it, but SSL will terminate on each individual webhead. This works quite well for performance, and it is designed with performance in mind. Unfortunately there are some cases where you want the SSL to terminate on the load balancer (for instance if you’re making use of the X-Forwarded-For header). This article will explain how to setup Nginx as a load balancer with SSL termination. Read on after the jump for the howto.

View full article »

I’m a pretty big fan of two factor authentication, it lets you secure a server significantly without inconveniencing your users too much. I’ve used ppp-pam before, and use RSA SecurID for a few things as well, they’re great implementations. Today it came to my attention that Google had made an authenticator for Google apps account, but also made a PAM module. It works fairly close to RSA SecurID – you put in your password, after that works you give it the code that the app on your phone displays, it changes every 30 seconds or so based on it’s algorithm.

This article is going to cover how to set it up on your own Linux server. I’ll be doing this on a Debian 6 install, you may need to alter commands, so go ahead and read on after the jump for the how to.

View full article »

I see complaints across twitter and the feedback page, as well as various blog posts about how the Rackspace Cloud doesn’t support this OS, or that OS. With the introduction of PV-Grub, you should be able to run nearly any OS you want – with a bit of work.

Keep in mind, this process is entirely unsupported by Rackspace. If your OS breaks on you, and you’re using some OS no one has heard of, they’ll be hard pressed to support it.

For this process you will need the following:

  • A Tar archive of the filesystem for the OS you want to use, excluding /proc, /sys and /dev
  • The New Cloud Server
  • A good understanding of the OS you want to use.

For my example, I will be using Suse 11.3, it should work the same for other OSes. Let’s go ahead and get right into it.

View full article »

To compile kernel modules on a Cloud Server you need to complete the following steps, making sure to change the kernel version and directories where appropriate (–for example, extracts to linux-, whereas extracts to

View full article »

For the longest time, cloud servers has been limited to the hypervisor’s seeded kernels. They were patched for exploits, and generally worked well – but some people require specific things in their kernel. While you could compile modules before, you were never allowed to touch the kernel itself.

However recently, PV-Grub became available as an option for Cloud Servers. This loads your grub loader and lets you use whatever kernel you feel like. In order to get it, all you need to do is request it in a ticket and give permission to restart the server. However before that, you will need to set up your kernel and a grub stub.

View full article »