Running Windows containers in Docker

Microsoft Windows Server 2016 now supports containers, this means we can now isolate windows applications and share the underlying kernel of windows much like we have been doing in Linux for years with OpenVZ or more recently LXC (linux containers).

On January 4, 2017 Rancher announced experimental support for Windows containers (link below).

Official Microsoft documentation on containers.
Rancher v.1.3 has implemented experimental windows container support.

This is a good reason to spin up a Windows Server 2016 node and experiment in a lab. I’ll be looking forward to trying this when I get some time.

A comprehensive list of hypervisors and cloud platforms

In my last post I discussed Proxmox and SmartOS as possible alternatives to ditching vmware ESXi for my homelab.

Given the amount of information that is out there on the internet and that I spent quite a few hours trying to find other open source projects / cloud platforms that could be other alternatives, I thought why not make a post linking to all the platforms I have come across during my search, this way it will help someone else to simply click thru opening new tabs.
Continue reading

Virtualization hypervisor and containers all in one

I’m a big fan of virtualization, the ability to run multiple platforms and operating systems (called guests) in a single server (called host) is probably one of the best computing technologies of the past 10 years.

Personally, I have been using virtualization circa 2004. It all took off after 2006 when chip manufacturer’s started bundling virtualization technologies in their processors (Intel VT-x or AMD-v). The reason why “cloud” computing is so popular can also be attributed to virtualization.

In a container world…

However, in the past couple of years a new technology has been making making the rounds everywhere, the words “containers”, “docker”, “orchestration” is picking up steam in the past year. They say that containers are changing the landscape for system administrators and application developers.

Claims that containers can be built and deployed in seconds, share a common storage layer and allow you to resize the container in real-time when you need more performance or capacity are really exciting concepts and I think the time is now for me to jump in and learn a thing of two about this new technology when its hot a new. Continue reading

Configure Webstorm to use Github Desktop for Windows git-bash

If you have installed Github Desktop on Windows, you may have noticed that the application itself comes with a “Git Shell” which is basically a linux terminal emulator running on windows and its very useful for developers or linux users that are familiar with bash.

The problem I recently encountered was trying to find the executable PATH of the git-bash.exe so that I can configure my Webstorm IDE to use it. All the documentation on the internet seems to point to C:/Program Files/Git folder but Github may have changed this as in the latest release I downloaded (v 3.3.3.0) the files reside elsewhere and I will share where to find them.
Continue reading

Fix Webstorm “Plugin ‘Go Lang Plugin’ is incompatible with this installation

If you are running Webstorm IDE (my version as of writing is 2016.3.2) and you are trying to ‘install from disk’ the Golang plugin and get this error:

You may have tried to upload a .zip version 0.171.XXX and got this error. To fix it:

  1. Download plugin version (0.13.xxx) just download the latest one that begins with 0.13 (disregard the top of the list that has a version 0.171.xx as they are incompatible with Webstorm.
  2. Go-0.13.1924.zip is the latest one as of writing.
  3. After loading the .zip file into the program it should ask to restart Webstorm.
  4. You should now have successfully installed the Golang plugin on Webstorm IDE… confirm by going to Settings > Plugins


That’s all folks  🙂

My LASIK research for hyperopia and astigmatism

This will probably be part 1 of my research into getting LASIK surgery to correct my hyperopia (also called hypermetropia or farsightedness) combined with some mild astigmatism. Continue reading

Plex mediaserver on FreeNAS allowing anyone to stream without login

I’ve been a user of Plex mediaserver for over two years, I set this up on a FreeNAS jail a long time ago and in the past few days I noticed something funny.

Out of nowhere there were two additional streams going on in my server onto the internet, I usually share my library with friends and family but what was curious about this traffic was that Plex was claiming that these two streams were “on my local network”
Continue reading

cPanel DNSonly bind recursion

In case you may be running into issues with named/bind domain service on cPanel DNSonly not responding to DNS queries recursively, I have a fix for you.

In older versions of named/bind9 used by cPanel if you wanted to allow anyone (or if you wanted security you could have setup an ACL, let’s assume you want to allow all) you could simply edit the configuration file and change “recursion no;” to “recursion yes;” to allow anyone to make queries to your DNS server for those domains or records that are not kept in your local server (ie: resolve yahoo.com)
Newer versions of BIND9/named changed their past behavior and now require a more specific configuration, just add these under “options” section

options {
...
allow-recursion { any; };
allow-query { any; };
allow-query-cache { any; };
...
};

I found a detailed explanation on why bind/named dns server changed its behavior, on the next page  a copy of the support bulletin from July 2007:

Overriding Google Compute Engine hostname from getting reset

On my last post, I explained how I am experimenting with Google Compute Engine (GCE) to host my backup DNS service and my post about configuring mailjet as an exim mail relay.

I have run into a few issues on Google Compute Engine, it looks like every time the instance gets a DHCP offer the hostname of the machine will get reset to the internal hostname, overriding whatever setting you may have set… this is bad news for a server that needs to respond to DNS settings.

After a few hours of digging and testing out different approaches, including trying to setup a DHCP hook to run the “hostname” linux command I came across documentation from Google talking about “custom metadata”.

How to setup Mailjet on exim for cPanel dnsonly on Google Cloud

I have been experimenting with Google Compute Engine (GCE) for the past few days. I wanted to migrate a slave DNS server to Google as an experiment and this blog post will talk about the shortcomings, my workarounds, configuration and tips to achieve the goal of having cPanel DNSonly installed and setup using Google’s infrastructure.

What is Google Compute Engine?

Google Compute Engine (or “GCE”) is Google’s answer to Amazon’s AWS, it basically offers you the ability to deploy Virtual Machines (VMs) at Google’s datacenters. In the most simplistics of setups you would use a single VM or “compute instance” and if you wanted to have a more complex setup you could deploy multiple instances in different geographic locations spread across different datacenters in the United States to achieve a more redundant setup or to provide you with better capacity for large traffic workflows.

It all depends on what your goals are, myself I am just starting out with a simple requirement. I would like to use a single compute instance running CentOS linux that runs cPanel DNSonly (proprietary control panel/dns clustering solution for cPanel servers).

The goal is not to host websites or any critical services on this instance, but rather only keep a copy of my DNS zones. If my experiment fails or my instance goes down or gets destroyed there won’t be any losses or damages for this experiment as my primary server is still running on Proxmox PVE.

The limitations of GCE… What I learned so far

GCE instances run behind Google’s firewalls and depending on the datacenter you decide to host your instance your VM will have an internal IP within that datacenters network scope/range (for example: us-central1 datacenter zone has a 10.128.0.0/20 range for all VMs).

This means that assigning a IPv4 public static IP, which is needed to allow anyone to query the DNS server we’ll be hosting inside this instance will actually have to forward packets to the instances internal network. Not really a big deal unless your application can’t be behind a NAT firewall like it is the case here.

For our intensive use and purposes it is fine. One important issue that I found is that doing any kind of e-mail server related activities on GCE is prohibited (source). You won’t be able to use SMTP (Simple Mail Transfer Protocol) port 25, 465 or 587 to send or receive email.

Now for a DNS server that will not be a mailserver this is not a blocker, but it is really a pain in the ass. Why? because monitoring scripts running on the server need to email the administrator to notify me of issues or errors so they can be investigated.

Continued on the next page.