Sat, 22 Apr 2023

11:29 AM - VMWare 8.0U1 buggy AF

Attempted to update to VMWare 8.0U1.? There are a lot of bug fixes for race conditions and a few CVEs patched since 8.0.? It won't install.? Every time it boots, a new failure happens.? One time it couldn't extract something. Another time it failed to detect the NIC.? I tried burning the image again after confirming the md5 hash.? Same thing.

()

Fri, 21 Apr 2023

9:45 PM - VMWare esxi 8 and Intel 11th gen CPUs

I had an issue where VMWare esxi wouldn't boot on my new motherboard + cpu.? Come to find out, it's incompatible with two BIOS settings.? Disable Turbo Boost 3.0 tech and Intel Speed Shift Technology.

VMWare incorrectly checks a register and assumes it will always have the same value.? This causes a crash.? It appears they added this check in 7.0U3.? Any version after that including 8.0 esxi will fail to boot.

()

Fri, 23 Sep 2022

6:48 PM - GPS on Ubuntu

Purchased a USB gps device to play around with on Ubuntu 22.04.  Device is https://smile.amazon.com/dp/B00NWEEWW8?ref=ppx_yo2ov_dt_b_product_details&th=1

The device is recognized as /dev/ttyACM0.  You can cat it to see it's working. 

Setup for ntpd

sudo apt-get update
sudo apt-get install gpsd gpsd-clients  ntp 

sudo vi /etc/defaults/gpsd
DEVICES="/dev/ttyACM0"
GPSD_OPTIONS="-n"

n flag is required for NTP to work. 

sudo vi /etc/ntp.conf

gps

server 127.127.28.0 minpoll 4 maxpoll 4 prefer
fudge 127.127.28.0 time1 0.000 refid GPS stratum 15

Test lock with:
cgps -s

ntpq -p
...and you'll see a line in the resulting text that looks something like this:
*SHM(0) .GPS. 15 l 14 16 377 0.000 3.505 3.556
If "poll" and "reach" are zero it's not working.

()

Sun, 19 Dec 2021

1:49 AM - Setting up an OpenGrok server on FreeBSD

FreeBSD has OpenGrok in the ports tree. You can install it two ways.  One is to use the devel/opengrok port which will also pull down tomcat85 and java 8 currently. The second is the py38-opengrok-tools which includes utilities to install an opengrok instance via the opengrok-deploy script.

This post assumes you went with the first opengrok port.  

Once it's installed, (1.3.x release) you will find that the port is partially broken.  You need to hand edit the /usr/local/bin/opengrok script to remove the -w opengrok flag and change extags to uctags. 

Next, you will want to enable the tomcat instance to startup via sysrc tomcat85_enable=YES  

Based on recommendations, you likely want to tune RAM usage although it can run on less than the recommended 8GB if you don't have big codebases. 

Before you start tomcat, there are a few more things to do.  You need to edit the WEB-INF/web.xml file in the /usr/local/apache-tomcat-8.5/webapps directory to point at the correct config file location.  We assume /var/opengrok/etc/configuration.xml

Next you must run the indexer!  This part is confusing because if you try to run the app first, it will blow up and possibly show a 404 in tomcat. 

Make sure you have some code checked out in /var/opengrok/src  (make it a subdirectory) 
Also make sure all the directories exist and can be accessed by the www user tomcat runs under

Example command line for that:
/usr/local/bin/opengrok -r on -O on -s /var/opengrok/src -P -d /var/opengrok/data -H  -U http://localhost:8080/opengrok -W /var/opengrok/etc/configuration.xml
 -c /usr/local/bin/uctags

It should generate a default config file although that doesn't always seem to work.  It's supposed to overwrite this every time you run it.

()

Thu, 16 Dec 2021

9:38 AM - log4j2 vulnerability

It's been a crazy week trying to deal with the log4j2 vulnerabilities with all my apps. Just had thought I got it done when I find more things impacted.  Now we get another version to patch  2.16.0.

()

Thu, 2 Dec 2021

4:46 PM - No more macs

I gave up using macOS this year after 21 years of use. I was really into apple computers for a long time. There have been many negative changes to the OS and the products in the last decade since Tim Cook took over. I just finally took the hint I'm not their customer.  

Some folks think it's weird with M1 macs.. thing is I went through a CPU transition once with PPC->Intel.  I knew what they were going to do to intel users. When no viable macs showed up on the market for me this far into the transition, I just gave up on the whole thing.  I don't want a throw away computer that isn't repairable. I like to hand-me-down macs to my mom as she can't afford computers on her own.  The way I use a computer, I need to replace the SSD before giving it to her.  I just do too much disk IO and hit the wear level on SSDs. 

macOS also has some problems. For instance, it's now quite locked down for security purposes which also means it's getting harder and harder to install third party software, compile apps, use macports or similar tools, use X11, etc.  Apple killed OpenGL, OpenCL.  They killed my game library.  They made big sur painfully slow on fusion drives.  It was never fixed. 

My transition plan was to setup an ubuntu box for day to day stuff.  I'm hoping to switch this to a BSD box next year.  Working on some missing software and figuring out what i need to virtualize to pull it off.  The system also boots MidnightBSD on another SSD for testing.  It's so much faster than the mac.  It's like going from a 486 to a p4.  I mostly blame macOS disk I/O for this and the upgrade to a m.2 drive from a fusion drive.   Granted the CPU is faster (i7-10700 vs i5-7600). 

I'm finding that without a mac, a lot of the apple ecosystem is no longer appealing though. At this point, it might be easier to go to android for example.  There's still no decent replacement for the apple watch though.

()

4:38 PM - Resident Alien

I've just rewatched the first season of the series for 3rd time. Some of the jokes don't work on that many rewatches anymore but there are a few episodes that are still quite funny.  I'm rather excited about the new season.

()

4:37 PM - Smart Vent Hell

I've been running keen home smart vents for a few years.  Initial setup on the vents wasn't bad, but they have a few problems. 

First, the vents go through batteries like crazy.  This doesn't seem to be entirely based by distance from the repeater or bridge either.  The worst one in my home was actually very close to the bridge.  Sometimes the batteries leak and it's difficult to clean the battery compartment at the bottom due to the design.  I found that I had to take the smart vent apart and then had to clean it with a cotton swab and even gently scrape them a few times to clean up the contacts. 

Second, the integrations with thermostats original advertised are no longer valid.  Granted Google pulled the original nest integration, but many companies have since fixed their integrations or added them.  Samsung smartthings has nest support now for example.   The intelligence of the system, even with temp sensors isn't as good as one would hope either. 

One has to tweak settings on each vent for winter and summer configurations.  

The vents would get things stuck in them sometimes, debris, cat litter in one room.  

The height of the vent cover on top was tall enough that you could hit your toe on it and it would also cause problems for robot vacuums. It wasn't quite high enough to avoid it, so they would often try to go over it and get stuck.  This happened with neato, samsung and roomba models.  With roomba, the virtual wall was a good solution in one room where the couch was near the vent and the vacuum would wedge. 

They did regulate temperature in some rooms well.  It worked great on the first floor.  The second floor had uneven heating and we were trying to help with some of the bedrooms. It just didn't have enough flow even with the vents to keep it regulated.  We would have been better off to spend the money on a in duct fan/blower. 

The vents did work with smartthings, but they lost a lot of functionality.  We could open or close them.  We could try to manually make rules to do that for each vent based on temp sensors. It wasn't clear if they would open under pressure with smartthings.  it was much worse on batteries and not as adaptive during one cycle as their own hub.  With smartthings, we'd replace batteries every few weeks.  Some vents could go a few months with their own hub.  A few rooms even longer. 

The last straw though was the lack of new vents. During the last year, they've been sold out.  We had two eventually fail due to battery issues and connectivity issues.  I was able to replace one from a third party seller but the company effectively has had no stock for some time. It started to concern me they would close up because they just don't have vents.  They don't have revenue with no vents. 

Some of the other brands look more promising now like flair but the downside is the puck cost and the lack of integrations with other smart home products.  In the end, we decided to go back to traditional vents because the hassle of maintaining them far outweighed the benefits.

()

Wed, 20 Oct 2021

11:09 AM - The problem with M1 Macs

I think a lot of folks aren't seeing the segmenting issues with M1 Macs, particularly the new pro/max variants. Let's talk about that for a minute. 

First, the good. Apple did make an extremely fast laptop processor. They've got a fast ultrabook part in the M1 that's as fast as a ryzen 2700 desktop chip.  They've also got this new CPU line that is some value faster with a nvidia mobile class GPU equivalent minus all the nvidia features.  (well we should really compare these to amd parts) 

Apple did add most ports back except ethernet. 

Where's the problem? 

First, there's the RAM issue. Now M1 fans will be quick to tell you the M1 laptops will hit swap so fast you barely notice it's happening.  They love the swap speed.  The problem of course is that swap use kills SSDs.  Apple tends to ship fairly decent SSDs, but they're not enterprise grade. They will wear out eventually.  Most consumer SSDs are rated for 5 years for the average person.  This is often based on the size of the drive and being written multiple times. Many drives are sold with TBW values where we know when it should roughly wear out.  Apple doesn't release this information.  We have no idea when the drive will fail.  On an M1 that is fatal due to the SoC design.  Sure there are some EE folks who think they can possibly solder a new one on but most of us can't do that.  It's effectively dead and when EOL apple won't replace/fix it either.  The original M1 macs biggest problem aside from monitor support and ports was the lack of RAM. 1 6GB is fine for casual computer users who use facebook, office and even entry level youtube content types or front end web developers who only use node and vscode.  It doesn't work for folks that need VMs or run a lot of docker containers and do backend development in java or other languages.  They need a bit more.  

Corporate developer specs are often now requiring 32GB or 64GB of RAM depending on the environment. My current employer requires 32GB for devs and my last job was 64GB. Many other folks I talk to are in the same boat. That means the original M1 was useless for most companies that needed dev systems.  Enter the max/pro chips. They offer 32GB and 64GB variants that fit this problem.  The issue there is the PRICE.  When you really only need M1 performance plus 32GB of RAM, it hurts to go up to 2900 dollars to get it.  Large companies will just suck it up and pay if they want macs of course. For smaller shops, you're better off buying an amd or intel laptop though. 

Let's talk chip performance.  From a laptop perspective, apple knocked it out of the park.  We can all pretty much agree with that.  In a desktop context, apple has failed so far.  Granted they haven't release the higher tier iMac or Mac Pro yet. They are still working on this.   The entry level iMac is useless for the same reasons mentioned above.  It's a ryzen 2700 speed wise and no ram.  It's fine for folks that don't do software development or other pro tasks.  It's not an Intel or AMD killer though.  It can't be at ryzen 2700 speed.  The new chips are likely to get used in the iMac 27" or whatever replacement we're going to get.  If they aren't overclocked or given extra cooling, they're likely to beat out the current intel parts shipped in iMacs but certainly not going to touch higher end alder lake parts coming from Intel or 5000 series ryzen.  Apple would need to 3x the performance of the original M1 part to get to current AMD specs.  2x gets them past most of the 3000 series, with the exception of the 3900x and 3950x.   in short, apple has likely beat amd's older 8 core parts but not their current parts.  Now folks are thinking... but apple did kill it on performance per watt.  That metric doesn't matter in this discussion because we're talking about actual performance.  If you need X performance, a part that can't hit it doesn't matter even if it barely sips electricity.  It failed to hit it.   In a laptop context, battery life is helpful up to a point.  Apple went way past what's needed. 4-8 hours is really the sweet spot for most people. 8 is basically "all day" for most workloads.  Anything past that, and they should have overclocked the CPU a bit and used some extra juice.  Back to desktop workloads. Apple should be competing with AMD, not Intel right now. That's who to beat.  If Apple released a desktop faster than a 5950x, that would certainly be a huge deal.  It's also needed to get past that performance for the mac pro anyway.  That's the goal for apple, to scale up to xeon/threadripper territory for pro use. Apple is not hitting that goal right now. They may in the future, but right now it looks like their content making something as fast as a 10th gen intel chip.    You might be thinking I'm being unfair because apple hasn't released that yet.  Perhaps, but remember Tim Cook likes to reuse parts. The M1 iMac and MacBook Pro use the same chips. He'll likely do that with the new iMac 27/30 too.  

Why is it a big deal if apple catches up to AMD? Well Apple has a process node ADVANTAGE right now.  They're on 5nm. AMD is still kicking their butt on an older process node.  Intel is still competitive on desktop with their older process node and have 10nm parts coming (well pre rebranding)  with alder lake as well as big.little.  If Intel and AMD can stay ahead of apple with a process node deficit, it means that either Apple is too fixated on mobile to ever make a performant desktop part or that they simply can't do it with their tech yet. 

Apple has 5nm locked up. They should be destroying everyone with ARM + 5nm.  Instead, we just get fast laptops. That's great for people who love laptops exclusively. it sucks for people who want the fastest SYSTEM possible regardless of form factor.

()

Mon, 16 Aug 2021

4:51 PM - AMD RX 6900XT

So I bought a 6900 XT at the end of june.  It replaced a 1080ti.  I decided to write a brief review for folks who haven't gotten cards yet.  

The short version is I have regrets.  The GPU is really great in some titles and performs better than expected. Doom Eternal gets 250+ FPS with raytracing at 3440x1440.   Control gets 60 FPS with raytracing.  Farcry 5, Dirt 5, and many other games run well and are usually much better than my old 1080ti.   But there's a problem.  My favorite games are Blizzard titles like Overwatch and Starcraft II.  Both of these titles run like crap.  With maxed-out settings, starcraft II starts around 114FPS at the beginning of a 1v1 match but drops to 55FPS by late game and averages around 60FPS according to the AMD software.  Lowering some of the effects only improved the FPS by a few.  Not significant.  CPU usage is around 6% during game play on a 3950x.  GPU utilization is below 50% according to windows. 

Overwatch is similarly a problem.  The game is certainly playable on high settings can even peak around 300FPS if the cap is raised. On ultra settings, it struggles to hit 70FPS.  With a 144hz display, this is a big let down.  The 1080ti could do that well but would overheat after an hour or so on ultra settings. The higher textures seem to kill performance.

My GPU is not using SAM and is not overclocked.  A minor overclock does help a bit in overwatch but the power draw isn't worth the gain.   I can't enable SAM due to the CSM setting in the bios needing to be off.  With that config, I can't dual boot. 

When the GPU does well, it blows out the 1080ti but haivng several older games choke or even do worse than the 1080ti is rediculous on a GPU that cost me $1700.  I bought the 1080ti used on ebay with a waterblock for $500 about 2 years ago. 

My wife has a 6800 XT and it does fine in world of warcraft. Not all blizzard games are hot garbage with AMD cards but several are.  I recommend nvidia GPUs if you like blizzard titles. 

In retrospect, I probably should have gotten a 3080 instead.

tags: amd radeon gpu

()

Sun, 7 Mar 2021

12:14 AM - NVD feed

Apparently, they created a REST API 2 years ago and set a date for deprecating the feed in the past.

https://csrc.nist.gov/CSRC/media/Projects/National-Vulnerability-Database/documents/web%20service%20documentation/Automation%20Support%20for%20CVE%20Retrieval.pdf

This is a bit of a problem for the security advisory app.  The design was always pretty terrible but a workaround for the nvd json feed being in YEARS.  The firewall seems to block a lot of the requests and they don't give useful error messges or even a proper error code when it doesn't work.

()

Wed, 1 Apr 2020

Tue, 31 Mar 2020

12:16 AM - Stuck at home

Not loving this lockdown for coronavirus.  I understand why we need to do it, but it's starting to get to me.

()

Sun, 22 Mar 2020

2:36 PM - TLS fun

So older TLS versions are deprecated including TLSv1.1.  Started working on changing apache configs to exclude them with -TLSv1.1

(1 comment | )

Fri, 1 Nov 2019

9:26 AM - Turning on brotli in apache

Enable mod brotli using a LoadModule line and then add this configuration

<IfModule mod_brotli.c>

BrotliCompressionQuality 6

# To enable globally 

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript application/json application/x-font-ttf application/vnd.ms-fontobject image/x-icon

BrotliFilterNote Input brotli_input_info

BrotliFilterNote Output brotli_output_info

BrotliFilterNote Ratio brotli_ratio_info

LogFormat '"%r" %{brotli_output_info}n/%{brotli_input_info}n (%{brotli_ratio_info}n%%)' brotli

CustomLog "/var/log/brotli_log" brotli

#Don't compress content which is already compressed

SetEnvIfNoCase Request_URI \

\.(gif|jpe?g|png|swf|woff|woff2) no-brotli dont-vary

#Make sure proxies don't deliver the wrong content

Header append Vary User-Agent env=!dont-vary

</IfModule>

()

Fri, 12 Oct 2018

1:10 AM - Woo hoo

In august, I completed my masters degree. Now I'm nearly completion on 1.0 of my operating system.  A lot of bad things have happened this year as well but it's nice to reflect on the positive for a change.

()

Thu, 13 Jul 2017

8:20 PM - Flyway

I've been looking at Flyway, a tool to manage database migrations. It can correct the database version at startup and has a standardized way to manage deltas via standard SQL scripts.

https://flywaydb.org/getstarted/how

tags: flyway

()

8:18 PM - Spring Cloud Netflix

I've been looking into Spring Cloud Netflix lately. It looks pretty cool. There are libraries for proxy of micro service calls (zuul), service discovery (eureka), and circuit breaker functionality (hystrix) to help with high availability.

https://www.todaysoftmag.com/article/1429/micro-service-discovery-using-netflix-eureka

https://github.com/Qkyrie/spring-boot-netflix-example/tree/part1_eureka

https://dzone.com/articles/the-netflix-stack-using-spring-boot-part-2-hystrix

https://github.com/Netflix/zuul

https://spring.io/guides/gs/service-registration-and-discovery/

https://spring.io/guides/gs/circuit-breaker/

https://spring.io/guides/gs/client-side-load-balancing/

()