Joyent SmartOS network monitoring

My free trial period of my Smart Machine ended, so now I was trying to find a way to monitor my bandwidth usage on my Smart machine. There isn’t a “easy” way of doing (like logging in to the portal to look at your account) so I devised a way to do it on my own.

The first part of it will be discussed in this post, and I will do another about how to actually view the results.

First off the easiest way I have found to “watch” network traffic is using the kstat command. On my SmartMachine, I have 2 network interfaces, one that has the public interface on it, and one that has the private interface on it. For my purposes I am only currently watching “net1” which is the external interface.

So the small script I have runs every 10 minutes, and logs the information in to a MySQL table. That table is defined like this:

CREATE TABLE `vmnet` (
`interface` char(10) DEFAULT NULL,
`time` bigint(20) DEFAULT NULL,
`obytes` bigint(20) DEFAULT NULL,
`rbytes` bigint(20) DEFAULT NULL,
`htime` datetime DEFAULT NULL,
KEY `tidx` (`time`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

 

The columns are as follows:

  • interface: which interface we are getting the stats from, right now everything just says net1. But if I were to add net0 it would fit right in.
  • time: time in seconds since the epoch
  • obytes: bytes leaving the interface
  • rbytes: bytes received on the interface
  • htime: human readable time. (Yes i realize I am storing the time twice, and that I can do everything with just time, but what the heck, it is just an extra little storage ;-)…

 

Now that the table in the DB is defined, set the permissions on it. In my case I created a database just for the “netstats”  and there is just the one table in it called vmnet. I created 2 users that have access to the vmnet table. One just for writing the data in from the script, and another for reading the data for part 2 of this.

 

Now for the script, it is pretty simplistic:

#!/bin/bash
#Use kstat to grab interface stats
#Define the interface to look at:
INTF="net1"
VALUES="`kstat -c net -n ${INTF} | egrep \"(obytes64|rbytes64)\"`"
SNAPTIME="`perl -e \"print(time());\"`"
OBYTES="`echo ${VALUES} | grep obytes64 | awk '{print $2}'`"
RBYTES="`echo ${VALUES} | grep rbytes64 | awk '{print $4}'`"
echo "insert into vmnet values ('${INTF}',${SNAPTIME},${OBYTES},${RBYTES},NOW());" | /opt/local/bin/mysql -uUUUUUU -pPPPPPPPPP netstats

 

In the most simplest form, the script runs the kstat command on the requested interface ${INTF} and then uses egrep to grab the obytes64 and rbytes64. It then takes those to values and creates a sql insert and piles that in to mysql command where UUUUUU is the username and PPPPPPPP is the password for the insert use on the netstats database.

I then run this every 10 minutes. And what you end up with is data in the table that looks like this:

+-----------+------------+------------+------------+---------------------+
| interface | time       | obytes     | rbytes     | htime               |
+-----------+------------+------------+------------+---------------------+
| net1      | 1388373702 | 3123241114 | 3977125001 | 2013-12-29 22:21:42 |
| net1      | 1388374200 | 3123381303 | 3977326242 | 2013-12-29 22:30:00 |
| net1      | 1388374457 | 3140146411 | 3977725426 | 2013-12-29 22:34:17 |
| net1      | 1388374800 | 3140170245 | 3977843340 | 2013-12-29 22:40:00 |
| net1      | 1388375400 | 3140526526 | 3978051264 | 2013-12-29 22:50:00 |
+-----------+------------+------------+------------+---------------------+

Next time I will show how to take the data and make something out of it:

graph of network traffic
netstat output

A logging we shall go

Today I have 2 quick tips for logging, one for Oracle WebGates with OAM and another for Convergence in Glassfish with OAM SSO.

 

If you use Oracle Access Manager and perhaps their Oracle Web Tier (webgate, etc) you may have found that the webgates (Oracle HTTP Server, aka Apache) don’t log usernames in the access logs if you are using SSO with OAM. This sort of sucks if you want to pull the webgate access logs in to a cool log program like Splunk. Well a quick way to fix this is make sure that you have the mod_log_config module loaded in your httpd.conf for the OHS server. Next either modify the common or combined CustomLog definition or create a new one where you replace the %u with a %{OAM_REMOTE_USER}i  (Or what ever you named your OAM User header variable.) What this will do is now log the OAM_REMOTE_USER header variable in the place of the %u (which is for http auth style usernames). The one caveat is it will only log that value if it exists. If it doesn’t exist it doesn’t get logged. So you may miss a couple of pages until the header is created, but everything after that should be logged.

 

The second tip is closely related to the first and is assuming that you are using a custom SSO module to single sign on a user in to the Convergence web mail application. When this happens, like the webgates, you won’t get a username field in the access logs (if you even have them enabled, as they aren’t by default.) To log the OAM_REMOTE_USER in Glassfish, go to the server and where the access logging is defined, add a %header.OAM_REMOTE_USER% in to the logging definition. It takes affect immediately and you don’t have to restart Glassfish.

 

I looked all over the interwebs for this, so hope this helps you out.

Comcast vs TiVO Roamio

As most of the world knows TiVO released their new DVR called the Roamio. Which in all shapes and forms appears to be the most awesome DVR yet. With the ability to do 6 tuners and stream live TV to the TiVO Mini, it alone will save me hundreds of thousands of dollars in stupid hardware rental fees from Comcast. So before I put down nearly $1000 for the new Roamio and a lifetime subscription I decided to ask Comcast if their Morgantown, WV system would support it. (I had seen some people on the interwebs saying there were issues with some cable systems not supporting all 6 tuners yet.)

So the first place I went was to twitter to ask them (@comcastcares) if they supported it and if there were any hoops I had to jump through to switch it from my Premiere to the Roamio. Well they wrote back and said to contact comcastcares_support@comcast.com. So I sent them an email asking about the support for the Roamio and whether it was required for a tech to come out to do the install.

So I got the typical boiler plate email back saying they would review my concerns.. Pretty typical.

Today I got a call from their Executive relations group while I was at work. So I called them when I got home and here is roughly how the conversation went:

ER: Hello, I was calling to address the email you sent us.

ME: Ok, well I am looking at getting a Roamio and was wanting to make sure it was supported before buying it.

ER: Well does it support 3 cable cards? We only have cable cards that support 2 tuners, so if it doesn’t have 3 cable card slots then it probably won’t work.

ME: No it only has one slot for a M-CARD. (Thinking to my self, yeah if I had to get 3 cards that is extra money to you.)

ER: Oh, ok. well we didn’t even know that TiVO had a DVR that did 6 tuners. (Thinking well, they have had a 4 tuner one for a couple of years now.) I have some calls in to our warehouses to verify if we have a cable card that supports that many tuners, but right now the only thing we support is 2 tuners.

ME: Ok, well from what I was reading it is just a firmware issue.

ER: Hmm, hmm, hmm, ok, ok, ok (don’t have a clue what he was doing) {he then repeats about checking with the warehouse people}

 

He then addressed my issue with doing a self install and said yes you can do it, but you have to call them to activate it. (Which I knew but was confirming it again.)

I then brought up the issue where the website says that for each customer owned piece of equipment you should get a $2.50 credit to your bill. I told him I had 2 TiVO’s and therefore I should see a $5.00 credit on it. To which he explained that I do get the credit but it isn’t reflected on the bill. He then told me that the cable card fee is actually the same as the other box fees ($9.95), but they subtract the $2.50 from it (which is the “cost of the box”)  to make it $7.45 (which is the cost of the “service”).  I told him that the Comcast website doesn’t say that and even the paper that comes with the bill doesn’t show that the Cable cards are $9.95..

The funny thing was that I told him that my friend sees the $2.50 credit on his bill. He immediately said “well different parts of the country does billing a different way.” I sort of laughed and said “well, he lives 2 miles away from me. So your hypothesis doesn’t work.” He couldn’t figure out why mine didn’t show it but others did.

He ended the call with saying he would call me back once he hears back from the warehouse and whether they would or ever support a TiVO with 6 tuners. I said “well I sure hope you do as it is going to save me hundreds of dollars a year in rental fees.” He didn’t really say anything after I said that.

 

So long story short, TiVO has released something that is far superior to anything Comcast could ever offer their own customers. So now they are going to probably give out false information to make sure that customers don’t purchase the new Roamio. Just another reason why Comcast is evil, and making billions a year from people from hardware rental fees. Shit I have had 2 Scientific Atlanta 3100 standard def boxes since 2001. The interface is slow, they put ads on the guide screen, and I have paid probably close to $1,500 in rental fees on them since then.

New server

So the server that I bought back in April of 2006 to host this site died Wednesday September 18th, 2013.. I am not sure exactly what happened,  but found it unresponsive around 22:00. I went over to where it was hosted and it was still running, but the ethernet card lights were both on solid. After trying to get it to boot and show something on both the video card or the serial port for about an hour, I finally turned it off and got a screw driver out and removed it from the rack.

I had been expecting this day for a while, since the server was 7+ years old. So I brought it home and left it on the floor. The next night I tried to boot it and see if I could get in to it. No go, something was hosed in it. As soon as I plugged in the power the fans all went to 100% and no output on the video again. Great… So I pulled one of the drives out, and attached it to a SATA/USB adapter and mounted it to a Solaris VM on my Mac. Awesome, all the data was still there. After spending close to 8 hours copying the data off, there was a hunt for a new place to host my site.

The three “ideas” I had were the following:

  1. Joyent – They run servers running SmartOS (nee Solaris). So this would be my primary choice, cause hey, I love Solaris, and really hate Linux.
  2. Amazon Web Services – They only support Linux and Windows. So I would have to switch to Linux or Windows (not really wanting to do that)
  3. Host it at home and upgrade my cable modem to a business class one.

 

So I set out to look at the cost. Both the Joyent and AWS were pretty close for the “same” amount of “hardware”. Comcast Business class was going to be WAY more than hosting it some place else.. Now it was between Joyent and AWS.

Free Trials Away….

Amazon Web Services will let you use a one of their “micro” instances for free for a year. So I decided to set one up and see how it would go. I chose to do a SUSE Linux instances, since they didn’t support Solaris. About 15 minutes after clicking the “go” button, I had a SUSE “VM” on the Internet and root access to it.

While the Amazon VM was being provisioned I went to Joyent.com and decided to sign up for one of their free 2 month trials. Unfortunately it wasn’t as smooth as the Amazon sign up. While doing the registration process, it requires a phone to call to give you a PIN number to type in to finish the registration (I assume to stop hackers from spawning machines automagically). Well I put in the phone number and it called, but it only rang barely once and then hung up. It then changed the status page to an “invalid account” and locked it so I couldn’t do anything.

I tried calling them, and they said I had to submit a support request through the Internet. I did and some emails went back and forth, and then it was time to go to bed. The next day I received an email saying that the account had been updated and to try to log in. I also received an email from an account exec asking how it was going. (More than I received from Amazon…)

After work I logged in and tried to create my first “SmartMachine”. Well that sort of failed since I had not finished the registration part the night before. So I added my CC number to the billing info, but it still would not let me create one as it said I had no billing info set… Ha! I logged out and back in and it was much better, it let me pick the size of machine I wanted to create and a way it went. About 10 minutes later I had a root account on a zone on the machine.

So the work began on trying to get my site back up and running between the AWS SUSE VM and the Joyent SmartOS Zone. Surprisingly the SmartOS machine I had picked, had Apache, PHP, MySQL, etc already installed. BUT PHP did not appear to have been compiled with MySQL support. So I just decided to do my own compilation of Apache+PHP+MySQL.

As you can see, it is all up and working now.

So here is my quick comparison of Joyent (standard 64) and AWS (micro T1) given the 1 day of use now:

  1. Easy of signing up:
    • Amazon: Pretty painless. No issues that I had to contact some one for.
    • Joyent: Minor issue, and it may not be their fault, but it did take extra time to get it fixed
  2. OS Selection:
    • Amazon: They have a variety of Linux (7 different Distro’s) and Windows (2003,2008,2012) instances. However neither would be my first choice of OS for my site. Decided on SUSE Linux in the end.
    • Joyent: They offer 3 different OS’. Linux, Windows and SmartOS. SmartOS is a fork of Solaris when it was “open sourced”. Therefore I chose SmartOS, as I would much prefer it over Linux.
  3. Speed of provisioning
    • Amazon: Roughly 15 minutes from start to when I had root access
    • Joyent: Roughly 15 minutes from start to when I had root access.
  4. Processors:
    • Amazon: 1 Processor (Intel Xeon CPU E5-2650 @ 2.00GHz)
    • Joyent: 24 Running at 2.4GHz, 1vCPU
  5. Memory:
    • Amazon: 658Mb
    • Joyent: 2GB
  6. Disk Space:
    • Amazon: 10GB
    • Joyent: 66GB
  7. Networking:
    • Amazon: 15GB out
    • Joyent: First GB out free, each additional up to 10TB is $0.120

 

Right now the cost of both of these VPS’s is roughly around $47 a month. But will see how that works out with the network costs..

I will update in a month after seeing how they both perform.

RIP Sun Ray

Checking the daily tech news, I see tonight that Oracle is axing their ‘desktop virtualiaztion’. What this really means is the end of the Sun Ray. Such a sad day for those “Sun” people who worked on that and brought the “Network is the Computer” to reality. I remember getting my first Sun Ray (Sun Ray 1) from some Sun guys in Texas. It was awesome, hooked it up to a Sun Blade 100 and now had 2 “heads” on it. I then went on to recommend it for the rest of my group and then the rest of the office. It was nice when I figured out how to make them work from home before Sun made them work with DNS. Once they did that, we got them for the rest of our office to take home as well.

How awesome was it to start something at work or home, and pull the card out and go to the other office and your desktop was there. Same with going between datacenter’s. It truly was the best Thin Client I have ever dealt with. It is not a “chubby” client, but a true Thin Client. You will be missed, but not forgotten. If Oracle know what they have, they should open source the software so that it can be kept up and enhanced by the community of die hard Sun Ray enthusiasts.

sun ray fw rip