Getting started with Docker on Linux
Docker containers are all the rage these days. However, if you’ve used Linux for a while you’ve come across LXC. For FreeBSD users, docker containers will remind you of jails. Docker is essentially the same, but with a better tool chain that makes it easy to build system images and move them around different environments. Docker is also lightweight and very fast when compared to LXC for example.
With traditional office servers increasingly being moved to the cloud, it is easy to see why docker is popular. The ability to deploy and scale easily, makes docker a must-learn tool for IT administrators.
Here are a few notes to get you started with docker. For a detailed instructions, see the official docker user guide.
Getting started with docker
Install docker
yum install docker-io
(On Red Hat based systems)
Start the docker service
systemctl start docker
Pull docker image from the repository
docker pull fedora
(Ensure your Internet speed can handle the size of this image)
List all images available
docker images
Run docker image (interactive mode)
docker run -i -t fedora /bin/bash
(Type exit, to get out and leave container running)
Show containers current running
docker ps
To reconnect to the docker instance after exiting:
docker attach [CONTAINER ID]
To start an existing docker container:
docker start [CONTAINER ID]
To stop a docker container
docker stop
How to ship your first container
Reconnect to the container as shown above.
Show all the changes that were made since initial creation
docker diff [CONTAINER ID]
Commit your changes
docker commit [CONTAINER ID] [TAG]
Then to see the newly created image, run
docker images
You can now share your image. Please note that for the public docker repository, you need to follow the proper naming conventions when picking a tag for your image. Then push the image as follows:
docker push [USERNAME]/[TAG]
As you begin to create images using docker, you may want to read documentation on dockerfiles and how to use them to quickly deploy your containers.
Toggle between two or more Digital TV channels that are simultaneously playing
With the advent of Over-the-Air (OTA) Digital TV in Uganda, I have found myself watching two or more TV channels simultaneously. This is true especially during the 9 O’clock hour when most local TV stations in Uganda broadcast the evening news (OK, now you know: I am a news junkie).
While recording TV shows solves this itch as is the case with an upcoming media product I have been working on, it is still great to watch the news live. You could manually mute a currently audible TV channel, and unmute the next desired one – but that’s no fun.
A while back, I whipped up a script that helps you toggle between all the available audio sources you are listening to. It essentially switches between all the available sound sinks. In my case, I use VLC to watch OTA digital channels with podcasts on some occasions. What is neat, is that you can bind this script to any key on your keyboard, remote, or even Bluetooth device.
If you are using a Linux based device and you are interested, I am making this tool available at: my Github repository
Customize your Linux desktop using the command line
With most Linux distros now using GNOME 3.10+, here are a few commands on changing the look and feel of your desktop using gsettings. Other CLI methods exist such as the popular GNOME tweak tool and Dconf.
Add apps to favorites bar
$ gsettings set org.gnome.shell favorite-apps "['google-chrome.desktop', 'evolution.desktop', 'nautilus.desktop', 'libreoffice-writer.desktop', 'libreoffice-calc.desktop', 'firefox.desktop', 'gnome-terminal.desktop', 'vlc.desktop', 'jitsi.desktop', 'gedit.desktop', 'gcalctool.desktop']"
Change show date and clock format
$ gsettings set org.gnome.desktop.interface clock-show-date true
gsettings set org.gnome.desktop.interface clock-format '12h'
Change background picture
$ gsettings set org.gnome.desktop.background picture-uri 'file:///usr/share/backgrounds/gnome/Sandstone.jpg'
Those are just but a few of the settings available for you to tweak. To see all of them, type:
$ gsettings list-keys
Easily convert from VirtualBox to KVM in Linux
I have been converting some of my old VirtualBox images to KVM, which is the virtualization standard in Linux.
Its really easy, although, if you run into booting issues of the converted image, the last tip here will save you some time.
To convert from VirtualBox to KVM, look for your VDI images.
qemu-img convert -f vdi -O qcow2 [VBOX-IMAGE.vdi] [KVM-IMAGE.qcow2]
e.g. qemu-img convert -f vdi -O qcow2 FreeBSD-7.2.vdi FreeBSD-7.2.qcow2
You can now import the converted image using virt-manager or the CLI tool virt-install.
In Virtual Machine Manager, go to Disk 1 >> Advanced options and change ‘Storage format’ to qcow2.
This prevents boot errors like ‘boot failed: not a bootable disk’ when you launch the VM.
WebRTC – Why Skype will become less dominant
If you know me, then you know that am not much of a Skype fan. If I have to make Internet based calls, my go to app is Jitsi, which uses my own managed Asterisk server as its proxy. Asterisk allows for all types of calls including SIP-to-SIP, and international calls terminated by regular phones.
But that’s me. For most people Skype is the dominant app for Internet calls. So when people ask me whether I am on Skype, my answer in most cases is ambivalent. While I have a Skype ID, I rarely use it. Why you ask? It is a long story. Really – its a long story. Bottom line, I no longer use Microsoft software, and most of my work is done using open source software.
It is important to note that Skype data and calls are handled via proprietary channels and routed to servers we really don’t know about. Also, keep in mind that while it might not matter to you, Skype has become a surveillance tool for many Governments. Take a look at this article. And yes, the NSA is also in on it.
Google Hangouts
The current popular alternative to Skype is Google Hangouts. Hangouts is really good and does a good job when you need to do one-to-one voice and video calls, and even conferencing. The only requirement is that all the participants must be signed into the Google ecosystem. The latter statement kind of points to why, I still have a hard time using Hangouts. What’s the problem, you may ask? Well, for one, you are still tied to Google’s infrastructure. Just like the Skype situation, all calls go via Google’s servers. Also, Google has a very terrible record of axing services – Take the example of Google Reader, Google Buzz/Wave, Google Voice’s XMPP implementation to name but a few.
Open source VoIP software
Currently, there’s no open source software that perfectly replaces Skype. OK, may be it exists, but may not be as simple to use as Skype. In the open source world, traditionally, you’d use PBX systems such as Asterisk (See my previous article on setting up asterisk). These servers would bridge internal and external calls.
The problem though is that most networks are heavily militarized (i.e. firewalls) – Most block the commonly used Voice over IP (VoIP) protocol of SIP. So if I have to setup a video or voice conference for four company users, assuming two are in Nairobi, and the other two are in Kampala, I would have to ensure that the company’s PBX server they will use to connect is on a network that has SIP ports open. For a techie, this is not hard to setup, as you only need to ensure that port forwarding for VoIP services is enabled. However, this process tends to be cumbersome.
The other hurdle is that the four users each have to install a SIP client on their PCs (in case they are not using hard phones). Skype solves this issue, by simply having users install from a central repository, and then users sign up all in one place. In the open source world, its not as simple as that, as users need to first pick a SIP client. Many examples exist, but my favorites are Jitsi and Linphone. Then, the server administrator needs to provide the users with a username/password or extension. Again, for the savvy, there are always ways to automate and make this simple, but not for the typical user.
I believe, this is why Skype has been the go to place for VoIP services. However, things are about to change with the recent introduction of a technology known as WebRTC
WebRTC – Real-Time communications
WebRTC, is a free and open source project that allows real time communication using web browsers. That’s right – You can now make calls using your web browser! It enables peer to peer audio, video and data communications between web browsers. Recent versions of Chrome, Firefox, and Opera now support WebRTC.
WebRTC solves the challenges of open platforms I mentioned above by allowing the web browser to act as a sip client during video and voice calls. In fact, the original server is needed only during the initialization stage, thereafter, the client browsers, will communicate with each other directly.
So here’s how it would work: My four users in Nairobi and Kampala would go to a website URL that I would send to them, and simply sign in and immediately start the conference. No drama, No fuss.
WebRTC, while a very young technology, promises to revolutionize the way we communicate. For one, the communication will no longer rely heavily on middle men.
It is now possible to have ‘Call or Chat with us’ links on web pages allowing for website visitors to directly talk to the web managers. Think of it as a kind of support desk.
WebRTC, also means users do not need to be bothered with installing software or plugins on their PCs or mobile devices in order to chat or talk. Just use the existing web browser where most users already spend most of their time on the Internet.
Of course, Skype will continue to be with us for some time, but the proliferation of mobile platforms will see more and more software vendors turn to WebRTC to do cool things on these devices.
Why SystemD will start your next Linux system
For a long time, the default boot and initialization mechanism in Linux was the System V (SysV) init daemon. Along the way, many Linux distributions have attempted to move away from this primitive form of booting. Why you ask? For one thing, it makes the boot process a lot slower, since processes have to be started one at a time. It is also a nightmare to maintain the scripts that Administrators write to manage these start processes, as each package maintainer or administrator, does ‘their own thing.’
So Ubuntu, one of the most popular Linux distributions moved to upstart in late 2006, but this init daemon they adopted, was not widely embraced. Debian, OpenSuse, Fedora, and Red Hat at some point in the last five years supported upstart. Red Hat Enterprise Linux (RHEL) version 6 and derivatives such as CentOS still use upstart. But all of them are ditching upstart for something better, i.e. SystemD. In fact, the Debian technical committee recently voted and they will switch to SystemD in upcoming releases, leaving Ubuntu no choice but to follow.
It now looks like SystemD will be the default initialization and boot method for Linux systems for many years to come. But what does systemD do different?
What is SystemD?
SystemD, is a system and services manager for Linux that was developed by a team from Red Hat, spearheaded by Lennart Poettering, the creator of pulseaudio, and Avahi. SystemD makes Linux systems boot faster since processes are ran in parallel. Once started, processes are monitored, and restarted if they crash. SystemD also reduces the dependency on shell scripts to do much of the work.
Other systemD features, include a cron-like job scheduler, an integrated login manager, which offers ‘multi-seating’ functions. It also has a new an improved logging mechanism called the journal, that will likely replace syslog, the current logging facility on Linux systems.
Below is some technical information to get you as the administrator started with systemD. Please note that there are several manuals and online resources available that will help you understand systemD, I will mention a few at the end of this post.
How to get started with systemD
SystemD is installed by default on recent versions of Fedora, and Arch Linux. For other distributions like Debian and Ubuntu, you might have to wait a bit for systemd to be packaged as the default init system. It is actually recommended that installation is done by the distribution vendors. But if you are the brave type, you can of course install it from source.
Pick up the source tarball and follow the instructions contained in the README file included with the sources.
After installation is completed, you will need to start converting your old startup scripts to systemD. At this time, only SysV init scripts for commonly used services, have been ported to systemD. So you will need to know how to write a service file for rarely used daemons or for that program you are developing. Below is an example of a systemd service file. By the way, these are what those files in “/etc/init.d” used to be.
How to write a systemD service file
Open up your favorite editor such as vim as follows:
vim /tmp/squid.service Am using squid here as an example, so replace it with the name of your service. Enter the following snippet:
[Unit]
Description=Squid caching proxy
After=syslog.target network.target nss-lookup.target
[Service]
Type=forking
EnvironmentFile=/etc/sysconfig/squid
ExecStartPre=/usr/libexec/squid/cache_swap.sh
ExecStart=/usr/sbin/squid $SQUID_OPTS -f $SQUID_CONF
ExecReload=/usr/sbin/squid $SQUID_OPTS -k reconfigure -f $SQUID_CONF
ExecStop=/usr/sbin/squid -k shutdown -f $SQUID_CONF
PIDFile=/var/run/squid.pid
[Install]
WantedBy=multi-user.target
At a minimum, you will need these three sections; unit, service, install.
Unit definitions
Description: A string describing the service and what it does.
After: If service depends on another one, then indicate that it should come after those targets. Notice in my example that one of the pre-requisites for this service is the network service. You will see that often, as most services expect the network to be already running, so always include it.
You can also add ‘Before’ which does the opposite and starts this service before units listed.
Hint: You can read more about unit definitions by calling up the manpage: man systemd.unit
Service definitions
Type: You must always have a type, which can either be forking, simple, oneshot, dbus, or notify. For most daemons, forking should suffice, as it forks the processes by putting them in the background after start.
EnvironmentFile:This is the file which contains the options used by your service daemon. This can be omitted, but can be a life saver occasionally
ExecStartPre: This is the command that is called before the main process – see ExecStart
ExecStart: This is the command that the daemon runs. You can also point to a script on your system e.g. =/bin/sh -c “/usr/sbin/my-cool-script.sh”
ExecStartPost: This is the command that is called after the main process – see ExecStart
ExecReload: This is the command that is called in order to reload the daemon’s configuration file.
ExecStop: This is the command that is used to stop your service.
PIDFile: Enter the file path containing the process ID of your service. SystemD reads this file after startup.
Hint: You can read more about service definitions by calling up the manpage: man systemd.service
Install definitions
This section is optional, but can be used to set the target level
WantedBy: Set a target where this service will be grouped. Like run levels in SysV language.
Hint: You can read more about various special targets by calling up the manpage: man systemd.special
Activating your systemd service
When you are done writing the service file, copy it to: /usr/lib/systemd/system/
cp -v /tmp/squid.service /usr/lib/systemd/system/
You will need reload the systemd daemon:
systemctl --system daemon-reloadIn order for the service to start automatically at boot time, enable your systemd service as follows:
systemctl enable squid.service
Now when you want to start, stop, reload or check the status of this service; do the following:
systemctl COMMAND squid.service ; where COMMAND is either {start|stop|reload|status}
This how-to barely scratches the surface. There are lots of neat tricks you can perform with systemD that your old dog SysV and upstart could not. So take the time to learn it.
Resources:
SystemD website: http://www.freedesktop.org/wiki/Software/systemd
Lennart’s Blog: http://0pointer.de/blog(Look for the SystemD series for Administrators)
Mailing List: http://lists.freedesktop.org/archives/systemd-devel
Man pages: systemd- (Use tab completion to see all available man pages)
Uganda’s Digital TV migration: Still a messy, on and off affair
With the June 2015 international deadline for TV migration only a year away, Uganda’s digital TV migration process is still very much a messy affair. Very few Ugandans know that in a few months, they could find themselves not able to watch their favorite TV programs.
The pilot testing phase in the greater Kampala area continues to be an on and off affair. Not all TV stations currently broadcasting in analogue format are on board the digital train. For example, only the following are currently being transmitted via DVB-Terrestrial.
Bukedde2
EATV
LTV
NBS
NTV
Record
UBC
Urban
WBS
For all channels broadcasting, the reception has somewhat degraded when compared to last year. The audio and video quality is also generally poor. For a complete status, please check out the Digital TV in Uganda Status page.
As for consumer awareness, there are very few Ugandans who are aware of the migration process. Uganda Communications Commission(UCC) (UCC), the body in charge of steering the digital TV migration, has in the past few months been running Ads on local TV, but it looks like even those Ads, have not had a change in the awareness and preparedness of the masses.
Compounding the problem is the lack of Analogue-to-Digital TV converter boxes (or decoders) on the market. As of today, the only providers of these boxes have been the pay TV providers such as Star Times and Go TV. Yet, these providers require you to subscribe to their services on a monthly basis. It seems the providers, have ignored the call by UCC, that they de-scramble the Free-to-Air channels on their boxes. This effectively means that for the ordinary Ugandan, moving to digital TV today means subscribing to a pay TV provider.
It is hoped that in a few months, the decoders will be available on the market. This after five firms were approved to import and sell these devices.
My advice to early migrants, is that while not available locally, take a look at hardware known to work on the Digital TV Uganda site. We’ll continue to update the list as more people come on board.
How to setup a 3G Wireless Hotspot using Linux
The prevalent and most used type of Internet in Uganda currently is 3G via a USB modem or dongle. Have you found yourself somewhere; may be on travel, or at home, and you need to share your Internet connection with a friend or family members via WiFi? Do you wish you could just plug in your laptop, and just use your WiFi-enabled phone or tablet to surf? Are you a Linux user? Well its very easy to setup a WiFi hotspot for yourself using free and open source software.
There are several ways to do this, however, if you use Linux say on your laptop (or server), what you need is an application called hostapd. It is already installed in most Linux distributions like Redhat/Fedora, CentOS, Ubuntu, Debian, etc. If not simply install it as follows:
yum install hostapd (or use apt get for Debian based systems like Ubuntu)
Of course, you will need to have a Wireless device enabled on your laptop (or server box), and the chipset should support AP (Access Point) mode. To test this:
iw list (Look for modes section to see if AP mode is supported on your Wireless device
Also, you need to setup the Wireless interface device. In this post I am using an IP address of 172.16.0.1 for my Hotspot and ‘wlan0’ as the device name e.g.
ifconfig wlan0 172.16.0.1 Please remember that the above will not survive a reboot, so you need to permanently add it to your network configuration. On Redhat based systems:
vim /etc/sysconfig/network-scripts/ifcfg-wlan0Add these parameters:
TYPE=Wireless
BOOTPROTO=static
IPADDR0=172.16.0.1
NAME=”wlan0″
ONBOOT=yes
Now edit the configuration file for hostapd to suit your needs.
vim /etc/hostapd/hostapd.conf A typical hostapd.conf file looks like this:
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=AVERYSECRETPASSPHRASE
interface=wlan1
ssid=MY-HOTSPOT
hw_mode=g
channel=6
driver=nl80211
The most important changes to make in the above file are:
ssid: The name you want your hotspot to be called
wpa: The encryption type. Use WPA2 and above always
wpa_passphrase: the password users will need to access your hotspot
After you have modified and saved the above file, enable hostapd services, so they also start during boot time.
systemctl enable hostapd.service or chkconfig hostapd on (old way)
systemctl start hostapd.service or service hostapd start (old way)
You will need some facility to dynamically offer IP addresses to clients of your hotspot. One very useful tool is called dnsmasq. Dnsmasq is a lighweight DHCP and DNS server. You can install it using your package manager e.g.
yum install dnsmasq Once installed, edit the configuration file for dnsmasq to suit your environment:
vim /etc/dnsmasq.confThe most important changes to make in the above file are:
interface=wlan0
domain=example.com
dhcp-range=172.16.0.10,172.16.0.199,12h
dhcp-option=3,172.16.0.1
Enable dnsmasq to start now and at boot time:
systemctl enable dnsmasq.service or chkconfig dnsmasq on (old way)
systemctl restart dnsmasq.service or service dnsmasq restart (old way)
The next step is to dial your ISP using either the GUI (NetworkManager) or the CLI tools like the ones I wrote about earlier. If you use the GUI tools, you will need to allow the laptop (server) to act as a gateway. This can be achieved simply:
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE (NOTE: This assumes you are connected using a 3G modem with an assigned interface node of ppp0)
Once you are connected, and gateway has been setup, your clients should be able to connect to your Hotspot using the SSID and passphrase you setup above.
That’s it. Happy New year!