I slapped together an SELinux presentation for the BozemanLUG and some people said they wished they could have attended it but missed it, so I decided to record a quick screencast.
Please note, that I do not claim to be an expert on SELinux but I do present the basics. If anyone with more SELinux knowledge notices any mistakes, please let me know.
You can find it here:
91.2MB, ~34 minutes
It is an Ogg Theora .ogv file that I recorded with gtk-recordmydesktop. Right-click and "Save as..." to download. Or if you have a newer version of Firefox with .ogv support, watch it in your browser. The better experience is probably to download it. If your preferred media player can't play .ogv files, I recommend you check out VLC Media Player.
Win One, Give One?
When I got home from work last night, my 17 year old son (Bryan) demanded I watch something on TV he had found. Wielding the TiVo remote he played for me a commercial aired during SpongeBob SquarePants. In the commercial I kid got a package in the mail that contained two OLPCs one of which the kid picks up and walks out of his house with, journeying until he is in a village in Africa where he gives a village kid the OLPC. At the very end it is revealed that it is a contest being run by General Mills with chances to win provided with some of their products. They appear to have a website for the contest.
According to the official rules, they are giving away 230 OPLCs valued at $42,550. They put a value on them of $185 but I'd assume that with the Give One part of the deal that actually translates into 460 OLPCs valued at $85,100 plus whatever shipping would be. Given the fact that they are airing television commercials, it seems that the figure spent on promotion would be many times that of what is being given away... but I guess that is how such promotions go.
I have yet to find a digital copy of the commercial online so I made a cheesy cam version off of my SD TV. I also made an ogv version.
Sugar on a Stick Blueberry
A new version of SoaS was released early last month but I found a video interview with Walter Bender talking about it that I thought I would share.
Red Hat actually opened up the SPICE protocol yesterday during their Virtual Experience 2009 event. Somehow I missed that. Have a look at the press release if you are interested... as well as their site to house the new open source project - spice-space.org.
This seems to have caused some buzz in certain corners of the virtualization websphere (does anyone still use that word?) but so far no one has said what it could mean for us run-of-the-mill Linux users looking for a good, fast remote desktop protocol. I asked a couple of questions on the fedora-virt mailing list and received some informative replies. I haven't had a chance to actually check out the SPICE website in depth yet though. For those wanting technical documentation, I've attached their spice_for_newbies and spice_user_manual PDFs.
I did want to share with you my response to one of the articles about the SPICE release that I ran across. You can go there and see the context this came from but it is pretty self explanatory.
Red Hat held the Red Hat Virtual Experience 2009 today and it was awesome. What was it? It was a completely online conference that offered everything you'd find at a traditional face-to-face show like the annual Red Hat Summit.
I was hoping Red Hat would use this event to introduce / announce RHEV for Desktops but no such luck. I guess we'll have to continue to wait until January.
- Conference Center - 15 presentations in three tracks with live video, audio and slides including chat submitted questions from the audience
- Exhibition Hall - 3 regions, US region had 14 vendors with staffed booths offering public and private chat
- Resource Center - 15 background items (PDF and Flash videos)
- Birds-of-a-Feather - 4 Topics
- Networking Cafe - Chat center with presenters and guests
- Help Desk - Section for help with the virtual experience usage
I originally wrote this as a comment on LWN in response to a feature article Jon Corbet did entitled, "Between Fedora 12 and 13". It was basically Jon's review of his upgrade experience from Fedora 11 to Fedora 12 in which he claims that features don't matter, only the upgrade experience does. I felt compelled to comment.
- - - - -
I started writing a review of Fedora 12 a while ago but put it on the back burner as things came up... thinking the longer I wait to finish it, the more time I will have had with it... the more complete of a review I can do.
I don't really recommend upgrading to anyone... except under certain conditions. On servers where the package count is fairly low and the possibility of third-party add-on packages is low, upgrading has been painless for me for the last 5 or 6 releases I've been doing them.
On desktops where there is a large number of packages as well as a greater potential for third-party packages to be installed (think RPM Fusion for certain verboten media codecs and apps)... I don't upgrade.
Red Hat released Red Hat Enterprise Virtualization for Servers on November 3rd. A couple of weeks before the release, I emailed Red Hat media relations contact Kerrin Catallozzi and asked for an interview with some Red Hat employees regarding Red Hat Enteprise Virtualization.
It took a several weeks to get the answers back mainly because the official product release happened... and after I had the chance to download, print and read the documentation, most of my questions had been answered... and I ended up coming up with all new questions. Kerrin found Andy Cathrow (Product Marketing Manager) and Jim Brennan (Senior Product Marketing Manager) of Red Hat to provide the answers. Andy Cathrow will be referred to as "AC" and Jim Brennan will be referred to as "JB".
Jim Brennan serves as Senior Product Marketing Manager for Desktop Virtualization at Red Hat. He is responsible for the market strategy and positioning of Red Hat Enterprise Virtualization for Desktops. Jim has over 12 years of experience in the development, management, and marketing of technology products.
Prior to joining Red Hat, Jim spent eight years with Internet Security Systems (now part of IBM), where he held positions in research and development, product management, and product marketing for various information security products and technologies.
Andy Cathrow serves as Product Marketing Manager at Red Hat and is responsible for Red Hat's virtualization products. Andrew has also managed Red Hat's sales engineers.
Prior to joining Red Hat in 2006, Andy worked in product management for a configuration company, and also for a software company that developed middleware and messaging mainframe and midrange systems. Earlier in his career, Andrew held various positions at IBM Global Services.
[Update: - Dec. 9, 2009 - I got a chance to chat with Andy and Jim in real-time and ask several additional questions at the Red Hat Virtual Experience 2009 online conference. See the comment below the main interview for a transcript.]
I wrote a comment to an LWN news blurb referring to a story about the future of Linux was in Google Chrome OS. The post was so long that I decided to cross post it here. :)
- - - - -
I assume you (the person on LWN who wrote the comment I was replying to) were being sarcastic when you said that 10-20 million Linux desktops don't count. I'd argue that the numbers are actually larger than that (probably by as much as 2x) but let's stick with a medium number of 15 million... for my discussion below.
Some people want commercial software on Linux, some don't. I attended the Utah Open Source Conference 2009 in Oct. and attended a presentation by a big wig from Adobe where he talked about FLOSS and Adobe. Of course the usual question came up about when will we get Photoshop and various other Adobe products for Linux and the answer was something like, "when there are enough Linux users to guarantee sales of at least 50 million copies". That is a rather high hurdle. Seriously, you have to sell 50 million copies of something before it becomes profitable? What a poorly run company you must have.
Shorewall and Proxmox VE Cluster Configuration
This is a follow up article describing how to use Proxmox VE and Shorewall together. This article focus on using Shorewall within your Proxmox cluster. If you have not read the first article I recommend that you do so, it will aid your understanding with what is going in this one.
Network Layout and Shorewall Configuration
We are going to be using a bridging configuration. This is what Proxmox VE uses with by default. Bridging allows for easy migration of hosts without having to re-configure the firewall each time a machine is migrated.
I haven't seen it mentioned on Slashdot or LWN yet... and I even emailed LWN informing them... but Red Hat released Red Hat Enterprise Virtualization for Servers and the accompanying Red Hat Enterprise Virtualization Hypervisor products today. There are a slew of press releases and demo videos. They even had a webcast press conference. Oh, and hey, they also released all of the manuals too.
Didn't we see this coming?
Those who have been paying attention were expecting these releases... but I must admit that once I learned the details, I was shocked. Why? Because the Management side of the product requires Microsoft Windows products. What products? Windows Server 2003 is needed to run the management server. What services is the Windows Server running? IIS, Microsoft SQL Server, and it'll need to be connected to a Microsoft Active Directory Server for authentication and management.
Then of course once you have the proper Windows environment established you can actually install the RHELfS management app provided by Red Hat. Oh, if you don't have your own Microsoft SQL Server setup already, they can install the Express edition for you.
The Management server software includes a local management client app you can run on the management server but it also has a web-based version of the management app for remote management. Yeah, at last open standards! Not so fast. What browsers are supported by the web-based management app? Microsoft Internet Explorer 6 and up. Other browsers (according to the docs) are "untested". What? They haven't even tested them? What, you aren't curious if Firefox works? To clarify it appears as if the web-based management app sends Active-X based content to the web client... and that .Net technology is also used.
Ok, after reading those last few paragraphs, I'm guessing you are shocked too.
Proxmox VE does not come with a firewall by default there are several solutions to this problem but the most flexible and robust is integrating the Shorewall firewall. This document assumes a basic knowledge of the Shorewall program and will not cover all of Shorewall capabilities but will give you a good working model to get you started. For more advanced topics check out the Shorewall documentation.
Shorewall will have 3 zones: 1) the fw zone which is the Proxmox host, 2) the net zone which is the Internet and 3) the dmz zone which is where the virtual machines will reside. The hardware just has one network interface card; vmbr0 is a just a bridge interface.