How-To – Fabian Dammekens

Add GitHub SSL Certificate to Jenkins Keystore

You might run into trouble if your Jenkins instance has to connect to external TLS enabled endpoints which use self-signed certificates. You could either add the CA or the individual server certificate to your java trust store.

On RHEL systems this seems to be pretty straight forward (README below)

Download the server certificate with openssl to /etc/pki/ca-trust/source/anchors/

openssl s_client -connect server01.local:8281 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/pki/ca-trust/source/anchors/server01.pem

Regenerate the java truststore

run the command: update-ca-trust

README: /etc/pki/ca-trust/source/README

This directory /etc/pki/ca-trust/source/ contains CA certificates and
trust settings in the PEM file format. The trust settings found here will be
interpreted with a high priority - higher than the ones found in
/usr/share/pki/ca-trust-source/.

=============================================================================
QUICK HELP: To add a certificate in the simple PEM or DER file formats to the
            list of CAs trusted on the system:

            Copy it to the
                    /etc/pki/ca-trust/source/anchors/
            subdirectory, and run the
                    update-ca-trust
            command.

            If your certificate is in the extended BEGIN TRUSTED file format,
            then place it into the main source/ directory instead.
=============================================================================

Please refer to the update-ca-trust(8) manual page for additional information.

Urbanairship tessera MySQL or MariaDB backend.

The Tessera project created by aalpern at Urban Airship is a graphite dashboard frontend.

Continue reading Urbanairship tessera MySQL or MariaDB backend.

Monitoring Cisco Ironport with Collectd

Collectd is a daemon which collects system performance statistics periodically and provides mechanisms to store the values in a variety of ways. Collectd gathers statistics about the system it is running on and stores this information. Those statistics can then be used to find current performance bottlenecks (i.e. performance analysis) and predict future system load (i.e. capacity planning)

You can’t run collectd directly on the Ironport so we needed to find some other way to pull useful data from Ironport. We could either use SNMP (less data) or some other way (more data). After some searching we found out you can also access your Ironport statistics using the web frontend. A logic choice was to use the cURL-XML plugin.

Another important functionality in our setup is the use of graphite, a tool that provides realtime scalable graphing. You can send your metric to graphite in stead of using a local RRD file. This is done via the AMQP plugin for which we provide packages at our yum repository.

You can access the ironport XML file containing more statistics manually: https:///xml/status?, which will result in:

<status build=”rls” hostname=”hostname” timestamp=”20130429193603″>

I’m only going to cover the gauges in this post, because those seem the most relevant.

<gauges>
<gauge name=”ram_utilization” current=”18″ />
</gauge>

You can pull data from this XML using XPath, it takes some time until you find the correct syntax to pull the data, so here is a small example:

<LoadPlugin curl_xml>
Interval 10
<LoadPlugin>

<Plugin “curl_xml”>
<URL “https://ironport.fqdn/xml/status”>
Host “ironport.fqdn”
Instance “ironport”
User “username”
Password “password”
VerifyPeer false
VerifyHost false
CACert “/etc/pki/tls/certs/ca-bundle.crt”

<xpath “/status/gauges/gauge[@name=\”ram_utilization\”]”>
Type “ram_utilization”
ValuesFrom “@current”
</xpath>
</URL>
</Plugin>

That’s about everything you need to do. Remember, if you want your data to be stored in graphite, you also have to configure the AMQP plugin. There are some fine blogposts about that matter, so I’m not going to duplicate this information. Check: Collectd to graphite.

Mobile internet

Introduction

Now a days lots of cellphone providers sell HSDPA USB sticks (eg: Vodafone K3806) that provide mobile internet for your tablet or pc. The cellphone provider delivers software with the stick that soft simlocks it. The software wont accept any simcards than the providers. Using Mobile partner you can bypass this “simlock” and use any of the Belgian mobile providers.

Prerequisuites

Drivers, those should come with your usb stick.

Setup Guide

Download Mobile Partner & the accesspoint list (right click & save as).
Start Mobile partner and insert the accesspoint list. Select your provider and you’re ready to go.

Mobile access points

Proximus
apn	internet.proximus.be
gebruikersnaam
wachtwoord

Mobistar
apn	iew.be
gebruikersnaam
wachtwoord

Base
apn	gprs.base.be
gebruikersnaam	base
wachtwoord	base

Mobile vikings
apn	web.be
gebruikersnaam	web
wachtwoord	web

(ref http://site.bramvandeperre.be/)

Voiis stereo wireless music gateway on windows 7

It was quite a pain to get this running on microsnot windows 7,
but in the end it’s just a matter of installing transparent bluetooth drivers for the A2DP stack.

First of all you’ll need the broadcom drivers, which I’ve put here for your convenience: btw_6.2.0.9700.rar

Follow these steps:

* Remove the Voiis device if you previously attempted to install it,
* Extract the archive and run setup.exe,
* Put your Voiis back in discovery mode (manual)
* Add a new bluetooth device in windows, if you notice that windows is trying to get drivers from windows update, please cancel that!! You should use the broadcom drivers.
* Your device should be ready with the correct drivers

Enjoy the music.. Cheers.

Suggestion: http://www.a2dp.info/Device-Reviews/Voiis-Stereo-Wireless-Music-Gateway.html