auf.suno
Connector, investor, futurist, geek, software developer, innovator, sportsman, libertarian, business enabler, cosmopolitan, autodidact, funny finch, tech evangelist,
purist, agnostic, Kärnten fan, foodie, artist, globetrotter, social liberal but fiscal conservative, Schöngeist... elegantiorum litterarum amans oder studiosus...

This is the website of Markus Gattol. It is composed, driven and secured/encrypted exclusively by Open Source Software. The speciality of this website
is that it is seamlessly integrating into my daily working environment (Python + MongoDB + Linux + SSH + GIT + ZeroMQ) which therefore means it
becomes a fully fledged and automatized publishing and communication platform. It will be under construction until 2014.

Open Source / Free Software, because freedom is in everyone's language...
Frihed Svoboda Libertà Vrijheid เสรีภาพ Liberté Freiheit Cê̤ṳ-iù Ελευθερία Свобода חרות Bebas Libertada 自由
auf.suno
Website Sections
Home
FAQs
About Me
Tweets by @markusgattol
Hardware and related Stuff
Status: This page is work in progress
Last changed: Saturday 2015-01-10 18:32 UTC
Abstract:

Hardware is a general term that refers to the physical artifacts of a technology. In the electronics and especially computer industries, computer hardware specifically means the physical or tangible parts of the equipment, such as circuit boards, keyboards, monitors etc., in contrast to non-physical software running on the computer or other device. Most computer hardware is not seen by normal users. It is in embedded systems in automobiles, microwave ovens, electrocardiograph machines, compact disc players, and other devices. Personal computers, the computer hardware familiar to most people, form only a small minority of computers. This page not just focuses on mainstream enterprise and of the shelf hardware but might also cover some special hardware as I come along it -- may it be with robotics or outside the civil sector.
Table of Contents
Enterprise/Scientific Computing - Random Minds
Virtualization/Isolation
Micro and Macro
Booting
Computing Power
Storage
I/O
Management
Efficiency - Time, Costs, Energy, etc.
Redundancy
Resilience
Vendor Support and Expertise
Networking
Networking Equipment
D-Link DGS-1216T - Layer 2 Switch
Linksys WRT54GL
Linksys WRT600N
Servers / Enterprise Hardware
3U Single Socket Rack Server
Intel Modular Server
IBM BladeCenter
Storage
Adaptec 31205 RAID Controller
Workstation / Notebook / Gadgets
Workstation
Subnotebook
Audio
Images / Videos
Boys and their Toys
Digital Laser Rangefinder
Digital Infrared Thermometer
Sound Level Meter
Digital Multimeter
Clamp Meter
Charge Manager Station
Maintenance/Repair Tool Kit
19-inch self-made Rack@home


Caution: The reader might get the feeling that this page is mostly about IBM (International Business Machines Corporation) related solutions1 — this is just true for now because after decent evaluation I found myself mostly dealing with IBM solutions. However, the fact that every decision is preceded by looking at the market and what fits my requirements best on the short as well as in the long-term implicitly states that every possible solution/vendor is considered. In essence, this page is about common non-vendor specific knowledge although I do have an IBM background I must say — IBM, HP, Sun, Dell, Supermicro, Intel, AMD etc. dealing with the same issues and trying to solve the same problems anyway...

IBM fanboy...
IBM fanboy...

Enterprise/Scientific Computing - Random Minds

This section looks into specifics but his vendor-agnostic i.e. it does not focus on the portfolio of specific vendors but is tend to provide a big picture view on issues that emerge whenever modern IT (Information Technology) should be deployed with long-term goals like investment protection, high availability, security, TCO (Total Cost of Ownership) and other things, critical to keep the heart (IT) of modern businesses beating 24/7/365. However, this page also provides a vendor specific section further down this page (just IBM BladeCenter for now (October 2007)).


Some keywords that this section is going to discuss
  • Complexity Encapsulation
  • Support
  • Costs (asset, TCO (Total Cost of Ownership, etc.)
  • Maintenance
  • Vendor lock-in
  • Scalability
  • Load-balancing
  • Mission-critical Services (how to identify them?)
  • Redundancy (no Single Point of Failure)
  • High Availability
  • Virtualization and Isolation
  • Storage and Data warehousing

Virtualization/Isolation

sa@pc1:~$ apt-cache show redhat-cluster-modules-2.6.18-4-xen-686
Package: redhat-cluster-modules-2.6.18-4-xen-686

Micro and Macro

Micro = one physical machine serving many virtual machines

Server Consolidation — Move multiple servers onto a single physical host with performance and fault isolation provided at the virtual machine boundaries.

Macro = one virtual machine served by many physical machines

Booting

  • http://www-03.ibm.com/systems/bladecenter/bootdisksystem/

Computing Power

Storage

Distributed Filesystem

- Lustre: by using Lustre, a heavy NAS/SAN setup can be avoided;

however, a SAN/NAS might be used as a Lustre OST (Object Storage Target) in order to provide data redundancy within a Lustre file system; as of now Lustre does not provide redundancy for data stored on its OSTs

  • http://www.mail-archive.com/[email protected]/msg02093.html
  • http://en.wikipedia.org/wiki/GlusterFS
  • http://www.gluster.org/docs/index.php/GlusterFS_Features
  • http://www.howtoforge.com/distributed-storage-across-four-storage-nodes-with-glusterfs-on-debian-lenny
  • http://www.howtoforge.com/creating-an-nfs-like-standalone-storage-server-with-glusterfs-on-debian-lenny
  • http://www.howtoforge.com/high-availability-storage-with-glusterfs-on-debian-lenny-automatic-file-replication-across-two-storage-servers
  • http://www.howtoforge.com/distributed-replicated-storage-across-four-storage-nodes-with-glusterfs-on-debian-lenny
  • http://www.howtoforge.com/striping-across-four-storage-nodes-with-glusterfs-on-debian-lenny
    • GlusterFS has no single point of failure. Completely distributed. No centralized meta-data server like Lustre.
    • Aggregates on top of existing filesystems. User can recover the files and folders even without GlusterFS.
    • GlusterFS automatic-file-replication translator does the job.
    • Aggregation: The Unify feature in GlusterFS allows the aggregation of various storage bricks (servers) into one large volume. It does distribution at the file level. Distribution policy is decided by the chosen I/O scheduler.
    • Undelete: The Trashcan module provides undelete functionality by transparently moving all deleted/modified files into a /trash directory.
    • http://www.gluster.org/docs/index.php/GlusterFS_cookbook#.27emacs.27_mode
  • http://www.danga.com/mogilefs/
  • http://en.wikipedia.org/wiki/MogileFS

Tiered Storage

Create a tiered storage environment: Using virtualization technology, SVC enables customers to match the cost of the storage to the value of their data. For example, mission-critical data can be stored on high-performance, highly available Fibre-Channel disks while non-mission-critical data can be stored on serial-ATA disks. Data can easily be moved from one tier to another without application disruption.

I/O

Management

Efficiency - Time, Costs, Energy, etc.

Redundancy

Wie schon die vorige Chipsatz-Generation fuer Server mit vier Xeons (Truland-Plattform, Twin Castle/E8501) bietet der Speichercontroller Funktionen zur Verbesserung von Zuverlaessigkeit, Verfuegbarkeit und Wartbarkeit (Reliability, Availability, Serviceability, RAS). Dazu gehoeren etwa Memory Mirroring (eine Art RAM-RAID), Hot-Spare DIMMs und Hot-Plugging.

Resilience

Vendor Support and Expertise

Interoperability

  • http://www-03.ibm.com/servers/eserver/bladecenter/alliance/interop.html

Networking

There is a dedicated page on this website/platform about networking with regards to computer networks.

Networking Equipment

As already stated above, there is a dedicated page on this website/platform about networking with regards to computer networks. This section will look into some of the equipment I play/work with. I will do that by just looking at what hardware is it, what are the specs and how I use it.

I am not going much into detail here since the one interested can use the presented information to dig deeper for himself if he feels the need.

D-Link DGS-1216T - Layer 2 Switch

A while ago, I acquired a 16 port layer 2 switch for my rack@home. The D-Link DGS-1216T is a layer 2 switch with 16 gigabit Ethernet ports providing full-duplex gigabit switching speeds on all ports. Also, in addition to the 16 Ethernet ports, the switch has 2 SFP (Small Form-Factor Pluggable) expansion slots.

Aside from the layer 2 switching, the switch comes with a variety of built-in capabilities for smart network management e.g. support for virtual LANs with support for IEEE 802.1Q] create/handle/relay SNMP (Simple Network Management Protocol) trap information, handle jumbo frames, port trunking also known as as link aggregation which actually comes hand in hand with VLAN trunking, port mirroring, several security enhancing features etc. Managing the switch can be done in various ways e.g. via a web browser like Iceweasel for example.

The link and the screenshot below...

Linksys WRT54GL

Around a year ago I bought myself a wireless access point/router/firewall/whatnot in order to integrate it into my LAN (Local Area Network) at home. Now, a year later I finally found the time to put it into action.

The link and the screenshot in case the page vanishes over time

As many Linksys models from the same series, the WRT54GL v1.1 (serial number written on the bottom of the device starting with CL7B which is hardware version v1.1) can be equipped with another firmware than it is shipped with. The original Linksys firmware is nice

but nice is not enough (at least not for me). Because of that, I went on to replace the original firmware with OpenWRT and X-WRT, a sister project to OpenWRT aiming to provide a fully featured web interface among other things. Of course, both are FLOSS (Free/Libre Open Source Software).

What Firmware should I chose?

Since I always tend to evaluate the situation, available solutions and their impacts, I also considered DD-WRT and Tomato but finally decided to go with OpenWRT. I would suggest to either go with DD-WRT or Tomato for those who want a easy to install as well easy to use firmware solution that can be managed via web interface.

The reason I decided to go with OpenWRT is that, as of now (December 2007), OpenWRT is the most extensible, flexible and feature rich flavor. It provides stuff the normal user would never need plus it is mainly targeted to CLI (Command Line Interface) folks which actually makes it hard to deal with for the novice user or those who are not fond using the CLI.


In short, those are not very skilled with Unix-like OSs (Operating Systems) or short in time respectively do not want to spend a lot of time should go with DD-WRT. DD-WRT is very good since it also provides dozens of features plus it is really easy to handle (install and manage via web interface).

On the other hand, those who are skilled and want to put a ridiculously manifold solution into place that behaves depending on what packages one puts on it and how he configures it, those should definitely go with OpenWRT + X-WRT as I did. I guess, what finally made me shift to OpenWRT was its package management with ipkg and the whole CLI approach.

Install OpenWRT and X-WRT onto the WRT54GL v1.1

Installing OpenWRT plus X-WRT onto the WRT54GL is easy. We just have to download an image file and select it for firmware update via the current web interface. Although installing/configuring is very easy (but then I am not a novice) I strongly recommend to at least read the FAQ before one continues.


At the current moment, the directory http://downloads.x-wrt.org/xwrt/kamikaze/7.09/brcm-2.4/ contains all the things needed. In particular what we need is

1  sa@pc1:~$ cd /tmp/
2  sa@pc1:/tmp$ curl -O http://downloads.x-wrt.org/xwrt/kamikaze/7.09/brcm-2.4/openwrt-wrt54g-2.4-squashfs.bin
3    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
4                                   Dload  Upload   Total   Spent    Left  Speed
5  100 1924k  100 1924k    0     0   215k      0  0:00:08  0:00:08 --:--:--  242k
6  sa@pc1:/tmp$ pi bin
7  -rw-r--r--  1 sa   sa   1970208 2007-12-02 09:12 openwrt-wrt54g-2.4-squashfs.bin
8  sa@pc1:/tmp$

I used curl (line 2) to download the new firmware but one can use any other method that suits him well e.g. via his web browser, wget, etc. As can be seen in line 7, the image is ~1.9 MiB in size (it must of course fit into the flash memory of the WRT54GL which is 4 MiB as we already know). Those who wonder about the pi in line 6... that is just an alias in my .bashrc.

The new firmware image we just downloaded contains everything that is needed (current development Release also known as Kamikaze plus the X-WRT part also known as webif^2).


Now that we have all we need, we want to install the new firmware onto the WRT54GL. That is a piece of cake... We use the web browser to navigate to the page (using the web interface to the WRT54GL) which allows us to chose a firmware image for updating the WRT54GL. We then select the just downloaded openwrt-wrt54g-2.4-squashfs.bin and wait a bit (~3 minutes or so) until the upgrading process is done. It is important, that this upgrading process IS NOT suspended since that would leave us with just a partial installed firmware which in turn would render the WRT54GL unusable.

After a few minutes, when the new firmware is installed, we use the default IP address (192.168.1.1) to log onto the WRT54GL via X-WRT's web interface also known as webif^2. The two screenshots below show the initial log on screen on the left and one of several possible real-time graphs on the right (try this with standard firmware :).

The Current OpenWRT Release

The current (December 2007) OpenWRT release is 7.09 also known as Kamikaze. This marks the third official release of Kamikaze. What is ew in Kamikaze?

Build system
The build system (aka buildroot) has been completely rewritten since the whiterussian releases. There is tons of new packages, and adding support for new packages has never been easier.
Platforms
There are 10 supported architectures listed below, with support for many more in progress. Almost all of these platforms are based on 2.6 Linux kernels with the exception of Broadcom — the is no stable wifi connection for 2.6 so Broadcom still has a 2.4 kernel.
Configuration
A radical change toke place i.e. the NVRAM based configuration has been phased out in favor of a more robust set of config files in /etc/config/.
Supported Hardware Platforms
amcc-2.6 AMCC Taishan
atheros-2.6 Fon Fonera, Ubiquiti LiteStation 2/5, Ubiquiti PowerStation2 Atheros AR231x/AR5312 based devices.
au1000-2.6 Access/Meshcube (aka 4G Systems MTX-1)
avr32-2.6 Atmel AVR32
brcm-2.4 Broadcom devices requiring Broadcom wifi (everyone migrating from Whiterussian)
brcm47xx-2.6 Netgear WGT634U, Broadcom Devices without Broadcom wifi (you can use this instead of brcm-2.4 but wifi won't work)
ixp4xx-2.6 Adi Engineering Pronghorn Metro, Compex NP18A, Compex WP18, Gateworks Avila, Iomega StorCenter, Linksys NSLU2* (NSLU2 avaiable via http://www.slug-firmware.net/)
magicbox-2.6 Magicbox v1.1 / v2.0
rb532-2.6 Mikrotik RouterBoard 532
x86-2.6 x86 based devices (eg. WRAP)

There exits many devices based upon the above platforms e.g. the WRT54GL.

Configuration

All of the configuration data is now kept within the filesystem, under the /etc/config directory. This means that when installing or reflashing, the configuration will be reset to default values as the filesystem is replaced.

    LAN: 192.168.1.1/24
    WAN: DHCP
   WIFI: Disabled

 Telnet: Enabled until root password set
    SSH: Used after setting root password

The new configuration files are built in sections, each section begins with a config keyword defining the section, followed by one or more option keywords defining values for that section.

  config <type> <name>
     option <name> <value>
     option <name> <value>
    ...

Configuration can be done either by editing the configuration files directly or by using the uci tool in a manner similar to the previous nvram util.

  uci show
  uci show <config file>
  uci show <config file>.<config name>
  uci get <file>.<config>.<option>
  uci set <file>.<config>.<option>=<value>
  uci del <file>.<config>.<option>
  uci commit

Example:

  root@OpenWrt:~# uci show network.lan
  network.lan=interface
  network.lan.ifname=eth0.0
  network.lan.proto=static
  network.lan.ipaddr=192.168.1.1
  network.lan.netmask=255.255.255.0

  root@OpenWrt:~# uci set network.lan.ipaddr="192.168.1.20"

  root@OpenWrt:~# uci get network.lan.ipaddr
  192.168.1.20

  root@OpenWrt:~# uci commit

  root@OpenWrt:~# /etc/init.d/network restart
Packages

Additional features or utilities can be added via the ipkg system.

ipkg update
ipkg list
ipkg install <package>
ipkg remove <package>

Note, there are two compressed filesystems, squashfs and jffs2. The squashfs partition is readonly and contains all the files shipped with the firmware. The jffs2 partition is writable, and stores changes to squashfs.

  • Reinstalling or upgrading packages contained on squashfs is not recommend — the old package will simply be hidden, not deleted.
  • Because the filesystems are compressed, ipkg cannot determine if you have enough free space, and consequently may run out. If this happens you should try to manually delete files.

Basic Setup

The screenshot of the above real-time traffic graph on eth0 could not have been made if I would not have configured the WRT54GL in order to connect my computer to the Internet using the WRT54GL in between. With this subsection, I am now going to show how I configured the WRT54GL to at least fulfill basic needs e.g. entering the WRT54GL via the CLI (Command Line Interface) and set up a connection to the Internet.

Mandatory Basic Knowledge

CLI (Command Line Interface) basic skills and basic knowledge about h Unix-like OSs (Operating Systems) e.g DebianGNU/Linux is required to configure OpenWRT. In other words, with the help of the information provided below, one who is ~1 year into the Unix-like OS universe should be able to configure OpenWRT via the CLI.

Basically what we are going to do is to enter the WRT54GL via SSH (Secure Shell) and then edit a variety of text files with some text editor. Because of the obvious fact that hardware like the WRT54GL is not as powerful as a common personal computer running some Unix-like OS, there are some things that need to be different. One such thing is that OpenWRT ships with Busybox instead of GNU Core Utilieties.

 1  pc1:/home/sa# ssh [email protected]
 2  [email protected]'s password:
 3
 4
 5  BusyBox v1.4.2 (2007-11-05 23:35:33 CST) Built-in shell (ash)
 6  Enter 'help' for a list of built-in commands.
 7
 8    _______                     ________        __
 9   |       |.-----.-----.-----.|  |  |  |.----.|  |_
10   |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
11   |_______||   __|_____|__|__||________||__|  |____|
12            |__| W I R E L E S S   F R E E D O M
13   KAMIKAZE (7.09) -----------------------------------
14    * 10 oz Vodka       Shake well with ice and strain
15    * 10 oz Triple sec  mixture into 10 shot glasses.
16    * 10 oz lime juice  Salute!
17   ---------------------------------------------------
18  root@OpenWrt:~# help
19
20  Built-in commands:
21  -------------------
22          . : [ [[ alias bg break cd chdir command continue echo eval exec
23          exit export false fg getopts hash help jobs kill let local pwd
24          read readonly return set shift source test times trap true type
25          ulimit umask unalias unset wait
26
27  root@OpenWrt:~# busybox
28  BusyBox v1.4.2 (2007-11-05 23:35:33 CST) multi-call binary
29  Copyright (C) 1998-2006  Erik Andersen, Rob Landley, and others.
30  Licensed under GPLv2.  See source distribution for full notice.
31
32  Usage: busybox [function] [arguments]...
33     or: [function] [arguments]...
34
35          BusyBox is a multi-call binary that combines many common Unix
36          utilities into a single executable.  Most people will create a
37          link to busybox for each function they wish to use and BusyBox
38          will act like whatever it was invoked as!
39
40  Currently defined functions:
41          [, [[, arping, ash, awk, awx, basename, bunzip2, bzcat,
42          cat, chgrp, chmod, chown, chroot, clear, cp, crond,
43          crontab, cut, date, dd, df, dirname, dmesg, du, echo,
44          egrep, env, expr, false, fgrep, find, free, grep, gunzip,
45          gzip, halt, head, hexdump, hostid, httpd, id, ifconfig,
46          init, insmod, ipkg, kill, killall, killall5, klogd,
47          length, less, ln, lock, logger, logread, ls, lsmod,
48          md5sum, mesg, mkdir, mkfifo, mknod, mktemp, mount, mv,
49          nc, netmsg, netstat, nslookup, passwd, pidof, ping,
50          ping6, pivot_root, poweroff, printf, ps, pwd, rdate,
51          reboot, reset, rm, rmdir, rmmod, route, sed, seq, sh,
52          sleep, sort, strings, switch_root, sync, sysctl, syslogd,
53          tail, tar, tee, telnet, telnetd, test, time, top, touch,
54          tr, traceroute, true, udhcpc, umount, uname, uniq, uptime,
55          vconfig, vi, watchdog, wc, wget, which, xargs, yes,
56          zcat
57
58  root@OpenWrt:~#

The above screendump shows how I use ssh to enter the WRT54GL (lines 1 to 18; note the password request in line 2) and then poked busybox to reveal its secrets i.e. what CLI utilities are packaged with busybox v1.4.2 (lines 40 to 56). Of course, if the reader followed with his installation so far he is not able to ssh into his WRT54GL as of now as I did above (line 1) since we need to take a few more steps from the current point to do so. I just put the busybox information into place to show what we are talking about.

Entering the WRT54GL the usual way

The current status of our WRT54GL is that we have installed the new firmware image but nothing else was done so far. What we want to do next is to re-establish connectivity to the Internet. In order to do so, we need to edit some configuration files onto the WRT54GL but that in turn requires us to gain access to the WRT54GL.

Pragmatically speaking, there are two choices to do so. We can either use the web interface since we have X-WRT running on top or OpenWRT or we can use the more powerful and flexible CLI to configure OpenWRT. Either ways, in both cases we want to change the root password and allow for ssh log on to the WRT54GL.

Now, make sure there is at least the cable connection between the WRT54GL and your computer and the WRT54GL is turned on. Then enter telnet 192.168.1.1 which means we connect onto the WRT54GL via telnet. Thereafter we issue passwd in order to change the root user password (pick a strong passphrase). Then, after the pass phrase has been entered twice exit disconnects us again.

Right now we have not just changed the password of the user root but also disabled log in via telnet and enabled log in via SSH (Secure Shell) which is a good thing since SSH is considered secure whereas telnet is not since it provides no encryption.


Now we can log in as root user via SSH

sa@pc1:~$ shh [email protected]
bash: shh: command not found
sa@pc1:~$ ssh [email protected]
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
RSA key fingerprint is 91:b0:83:95:e0:db:5a:d3:6a:68:19:43:a9:c3:ba:93.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.
[email protected]'s password:


BusyBox v1.4.2 (2007-11-05 23:35:33 CST) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 KAMIKAZE (7.09) -----------------------------------
  * 10 oz Vodka       Shake well with ice and strain
  * 10 oz Triple sec  mixture into 10 shot glasses.
  * 10 oz lime juice  Salute!
 ---------------------------------------------------
root@OpenWrt:~#

The first time we log on to the WRT54GL, the ssh service asks us if the fingerprint of the WRT54GL should be added to the list of known hosts on our local system. We answer with yes RET (RET, in Emacs speech means to press the return button).

When using the SSH client from OpenWrt, I get the following message: no auths methods could be used

The message no auths methods could be used is related to the following utilization: dropbear as SSH client and openssh as sshd server, basically, activating this option in /etc/ssh/sshd_config works:

PasswordAuthentication yes
Entering the WRT54GL with GNU Emacs Powers at our Fingertips

This subsection is totally optional. One can just ssh into the WRT54GL (as I showed above) and be fine with it. I just mention things here because, over the years, I got used to traveling at hyperspace speeds (Emacs) and whenever I drop out of hyperspace, back to sublight speed (CLI) I get this fizzling noise in my left ear. It gets even worse if I have to go on a planetary surface mission and move around on foot (GUI).

There are basically two choices when it comes to edit files remotely and using GNU Emacs to do so. We can either use TRAMP or SSHFS. In both cases, we are making use of the SSH (Secure Shell) protocol. Whereas TRAMP works on a per file basis, sshfs mounts a remote file system locally so it can be accessed like any other local file system. All actions (copy, remove, etc.) taken on the sshfs are then reflected to the remote location via SSH. More on secure methods for remote file access and/or editing can be found onto the dedicated security page on this website/platform.

TRAMP (Transparent Remote Access Multiple Protocol)

TRAMP requires perl and uuencode on the remote machine in order to function properly. This however is not the case with the out of the box OpenWRT installation since the WRT54GL is simply limited in hardware resources so I went on to give sshfs a spin.

SSHFS

This subsubsection just shows how to use SSHFS (Secure SHell FileSystem) in order to use GNU Emacs to edit the files on the WRT54GL remotely. More detailed information about SSHFS and similar methods for securely editing files remotely can be found on a dedicated security page.


As we know (or not) for using sshfs we need to have a few things in place. On our local machine we need to have the sshfs package installed. sshfs is a filesystem client based on the SSH File Transfer Protocol.

Since most SSH servers already support this protocol it is very easy to set up i.e. on the server side there is nothing to do (well that is not exactly true for the WRT54gl since it runs dropbear which has no sftp server which is mandatory. More on that further down).

On the client side mounting the filesystem is as easy as to log into the server with ssh. sshfs is based on FUSE (Filesystem in User-space), thus we will either have to prepare a fuse kernel module or compile it into the kernel to be able to use. Well, we are lucky since if we use a standard Debian kernel as I currently do then FUSE is already in place (as kernel module).

sa@pc1:~$ uname -a && lsmod | egrep "^Module|^fuse"
Linux pc1 2.6.23-1-686-bigmem #1 SMP Sat Dec 1 08:09:30 UTC 2007 i686 GNU/Linux
Module                  Size  Used by
fuse                   42644  7
sa@pc1:~$

At first we need to install a few things on our local machine i.e. not on the WRT54GL but on our workstation, notebook, etc.

 1  sa@pc1:~$ su
 2  Password:
 3  pc1:/home/sa# apt-get install sshfs
 4  Reading package lists... Done
 5  Building dependency tree
 6  Reading state information... Done
 7  The following extra packages will be installed:
 8    fuse-utils libfuse2
 9  The following NEW packages will be installed
10    fuse-utils libfuse2 sshfs
11  0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
12  Need to get 171kB of archives.
13  After unpacking 467kB of additional disk space will be used.
14  Do you want to continue [Y/n]? y
15  Get: 1 ftp://ftp.de.debian.org unstable/main libfuse2 2.7.1-2 [121kB]
16  Get: 2 ftp://ftp.de.debian.org unstable/main fuse-utils 2.7.1-2 [15.7kB]
17  Get: 3 ftp://ftp.de.debian.org unstable/main sshfs 1.7-2.1 [34.6kB]
18  Fetched 171kB in 2s (61.1kB/s)
19  Reading package fields... Done
20  Reading package status... Done
21  Retrieving bug reports... Done
22  Parsing Found/Fixed information... Done
23  Selecting previously deselected package libfuse2.
24  (Reading database... 165449 files and directories currently installed.)
25  Unpacking libfuse2 (from.../libfuse2_2.7.1-2_i386.deb)...
26  Selecting previously deselected package fuse-utils.
27  Unpacking fuse-utils (from.../fuse-utils_2.7.1-2_i386.deb)...
28  Selecting previously deselected package sshfs.
29  Unpacking sshfs (from.../sshfs_1.7-2.1_i386.deb)...
30  Setting up libfuse2 (2.7.1-2)...
31  Setting up fuse-utils (2.7.1-2)...
32  creating fuse device node...
33  udev active, devices will be created in /dev/.static/dev/
34  creating fuse group...
35  Adding group `fuse' (GID 119)...
36  Done.
37  Starting filesystem in userspace: fuse.
38  Setting up sshfs (1.7-2.1)...

In lines 3 to 38, we are working on our local machine where we install sshfs.


In lines 39 to 56 we log on to the WRT54GL in order to install the server side software needed to mount the WRT54GL file system into our local file system tree using sshfs.

39  pc1:/home/sa# ssh [email protected]
40  [email protected]'s password:
41
42
43  BusyBox v1.4.2 (2007-11-05 23:35:33 CST) Built-in shell (ash)
44  Enter 'help' for a list of built-in commands.
45
46    _______                     ________        __
47   |       |.-----.-----.-----.|  |  |  |.----.|  |_
48   |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
49   |_______||   __|_____|__|__||________||__|  |____|
50            |__| W I R E L E S S   F R E E D O M
51   KAMIKAZE (7.09) -----------------------------------
52    * 10 oz Vodka       Shake well with ice and strain
53    * 10 oz Triple sec  mixture into 10 shot glasses.
54    * 10 oz lime juice  Salute!
55   ---------------------------------------------------
56  root@OpenWrt:~# cd /etc
57  root@OpenWrt:/etc#

Per default OpenWRT ships with dropbear. dropbear is a lightweight SSH2 server and client designed to be small enough to be used in small memory environments, while still being functional and secure enough for general use. However, it is missing the sftp server which is why we are going to install a few things on the server side.

58  root@OpenWrt:/etc# ipkg list | grep ssh
59  autossh - 1.4a-1 - Autossh client
60  openssh-client - 4.5p1-1 - OpenSSH client
61  openssh-client-utils - 4.5p1-1 - OpenSSH client utilities
62  openssh-server - 4.5p1-1 - OpenSSH server
63  openssh-sftp-client - 4.5p1-1 - OpenSSH SFTP client
64  openssh-sftp-server - 4.5p1-1 - OpenSSH SFTP server
65  rssh - 2.3.2-1 - restricted shell for use with OpenSSH
66  root@OpenWrt:/etc# ipkg install openssh-server
67  Installing openssh-server (4.5p1-1) to root...
68  Downloading http://downloads.openwrt.org/kamikaze/packages/mipsel/./openssh-server_4.5p1-1_mipsel.ipk
69  Installing libopenssl (0.9.8e-1) to root...
70  Downloading http://downloads.openwrt.org/kamikaze/7.09/brcm-2.4/packages/./libopenssl_0.9.8e-1_mipsel.ipk
71  Installing zlib (1.2.3-4) to root...
72  Downloading http://downloads.openwrt.org/kamikaze/7.09/brcm-2.4/packages/./zlib_1.2.3-4_mipsel.ipk
73  Configuring libopenssl
74  Configuring openssh-server
75
76  adding group sshd to /etc/group
77  adding user sshd to /etc/passwd
78  Configuring zlib
79  Done.
80  root@OpenWrt:/etc# ipkg install openssh-sftp-server
81  Installing openssh-sftp-server (4.5p1-1) to root...
82  Downloading http://downloads.openwrt.org/kamikaze/packages/mipsel/./openssh-sftp-server_4.5p1-1_mipsel.ipk
83  Configuring openssh-sftp-server
84  Done.
85  root@OpenWrt:/etc# cd
86  root@OpenWrt:~# exit
87  Connection to 192.168.1.1 closed.
88  sa@pc1:~$

In lines 58 to 65 I simply list what packages are available with regards to ssh. Then, in line 66 I issue the command to install openssh-server and in line 80 openssh-sftp-server. After that we are done on the server side so we leave the WRT54GL in line 86.


Now we can use sshfs to enter the WRT54GL via sshfs and thus use mighty GNU Emacs which means we go from sublight speeds to hypspace travel again ;-]

 1  sa@pc1:~$ mkdir -p re/wrt54gl
 2  sa@pc1:~$ ll re/wrt54gl/
 3  total 0
 4  sa@pc1:~$ su
 5  Password:
 6  pc1:/home/sa# sshfs [email protected]:/ re/wrt54gl/
 7  [email protected]'s password:
 8  pc1:/home/sa# ls -l re/wrt54gl/
 9  total 36
10  drwxr-xr-x 1 root root 508 2007-11-26 23:48 bin
11  drwxr-xr-x 1 root root   0 1970-01-01 01:00 dev
12  drwxr-xr-x 1 root root   0 2000-01-04 00:23 etc
13  drwxr-xr-x 1 root root   0 2000-01-01 00:02 jffs
14  drwxr-xr-x 1 root root 431 2007-11-06 05:55 lib
15  drwxr-xr-x 1 root root   3 2007-11-06 05:34 mnt
16  dr-xr-xr-x 1 root root   0 2000-01-01 00:00 proc
17  drwxr-xr-x 1 root root 145 2007-11-06 05:51 rom
18  drwxr-xr-x 1 root root 348 2007-11-26 23:48 sbin
19  drwxr-xr-x 1 root root   3 2007-11-06 05:34 sys
20  drwxrwxrwt 1 root root 380 2000-01-04 00:24 tmp
21  drwxr-xr-x 1 root root   0 2000-01-04 00:24 usr
22  lrwxrwxrwx 1 root root   4 2007-11-26 23:48 var -> /tmp
23  drwxr-xr-x 1 root root 148 2007-11-26 23:48 www
24  pc1:/home/sa# cd re/wrt54gl/
25  pc1:/home/sa/re/wrt54gl# echo "I am now operating on the remote file system"
26  I am now operating on the remote file system
27  pc1:/home/sa/re/wrt54gl# cd ..
28  pc1:/home/sa/re# fusermount -u wrt54gl/
29  pc1:/home/sa/re# ls -l wrt54gl/
30  total 0
31  pc1:/home/sa/re# exit
32  exit
33  sa@pc1:~$

If we want to mount a remote file system into our local file system we need to have a mount point (line 1). As can be seen it is empty (lines 2 and 3). The magic happens in line 6 — we mount the remote file system (the one of our WRT54GL) into our local file system using SSHFS. Now we can see the difference it makes (lines 8 to 23) since before (line 2) the mount point was not occupied. The ll in line 2 is just an alias in my .bashrc.

In line 24 I am entering the remote file system as if it were a local file system. Line 28 shows how to unmount the file system formerly mounted with sshfs. Then, as in line 2, lines 29 and 30 show that the mount point is unoccupied again.


Well, what we did so far is great but where is mighty GNU Emacs? There he comes, playing the dired card err swinging the magic hypspace stick. For more information on dired please see here and here. Maybe a look at my .emacs would also be a good idea to see how I configured some bits of dired (especially Image Dired).

We either need to be root in order to enter the WRT54GL file system or work with sudo like crazy. I decided not to pull out the sudo bat but to simply become root and work as root since we are going to perform root tasks anyway e.g. installing/removing packages using ipkg. Of course, we all know that normally working as root should be avoided whenever something can be done as normal user e.g.

sa@pc1:~$ whoami
sa
sa@pc1:~$

in my case.


Dired allows to either visit/edit files as the one user who started Emacs in the first place which would be sa in my case or one can also visit/edit files as any other user. Now, that we decided to go into the WRT54GL as root we need to tell Dired to do so.

In my case C-x C-f invokes

,----[ C-h k C-x C-f ]
| C-x C-f runs the command find-file-at-point
|   which is an interactive compiled Lisp function in `ffap.el'.
| It is bound to C-x C-f.
| (find-file-at-point &optional filename)
|
| Find filename, guessing a default from text around point.
| If `ffap-url-regexp' is not nil, the filename may also be an URL.
| With a prefix, this command behaves exactly like `ffap-file-finder'.
| If `ffap-require-prefix' is set, the prefix meaning is reversed.
| See also the variables `ffap-dired-wildcards', `ffap-newfile-prompt',
| and the functions `ffap-file-at-point' and `ffap-url-at-point'.
|
| [back]
`----

When I am in a dired buffer, I use C-x C-f to open the directory ~/re/wrt54gl where we mounted the remote file system. Well, I not simply tell dired to open ~/re/wrt54gl but I also tell dired to open it as root. After C-x C-f dired prompts for a path in the minibuffer, I then enter /su::/home/sa/re which is the short for /su:root@pc1.:/home/sa/re. The left screenshot below shows this in the left window (note the path at the top).

The right screenshot above shows a few things so folks might start getting a notion of what it means travelling in hyperspace. I movded further down the path to ~/re/wrt54gl, used dired-maybe-insert-subdir bound to i in order to include more than just one directory into a single dired buffer. Next thing I did was to move down into the subdirectory and use o on the file ipkg.conf which opens the file for editing within the buffer in the lower right corner as can be seen.

Well, that is just a tiny prise of hyperspace travelling up your noses but there is more... a lot more... check out the GNU Emacs manual for more e.g. (Info-goto-node "(emacs) Dired"). Also for the /su::/re/wrt54gl thing, we actually used a little TRAMP magic (Info-goto-node "(tramp) Default Method"). You guys know the trick — place point behind form and then C-x C-e. Hehe, yes, do not be surprised... Hyperspace ;-]

Setting up the PPPoE Connection

Information beyond what I am going to tell can be found in the official documentation (go here and here) for Kamikaze. Let us recap. We can now access the WRT54GL either via the CLI (Command Line Interface) or via GNU Emacs respectively dired.

The PPPoE (Point-to-Point Protocol over Ethernet) configuration data is stored in /etc/config/network which for our current case (I am using dired) means the path is /su:root@pc1.:/home/sa/re/wrt54gl/etc/config/network. This file contains seveal stanzas (a stanza is a block or subsection of a human-readable configuration file). One of them is responsible to connect the WRT54GL to the Internet via PPPoE.

#### WAN configuration
config interface        wan
        option ifname   "eth0.1"
        option proto    pppoe
        option username "<your_username>"
        option password "<your_password>"
        option keepalive 10
        option mtu      1492

After altering this stanza according to ones individual values i.e. your_username and your_password the first of two steps in order to connect local computers/devices to the Internet is accomplished. The next step is to make the WRT54GL the gateway for the LAN (Local Area Network). This LAN might either be a whole bunch of devices or in the most trivial case just one computer e.g. Internet <--> WRT54GL <--> Computer.


If your provider only accepts CHAP (Challenge-handshake authentication protocol) authentication, you will also need to add the username and password to /etc/ppp/chap-secrets. If your password is empty, use two double-quotes "". This might then look somewhat like the code below. In my case, as with most others, it is not necessary to fiddle with /etc/ppp/chap-secrets i.e. I just had to edit /etc/config/network.

#USERNAME  PROVIDER  PASSWORD  IPADDRESS
<your_isp_login>  ""  <your_isp_password>  *
Setting up DHCP (Dynamic Host Configuration Protocol)

The dnsmasq program acts as DNS and DHCP server in OpenWRT. By default it hands out IP addresses from 192.168.1.100 to 192.168.1.250. This can be changed by editing /etc/config/dhcp.

root@OpenWrt:~# cat /etc/config/dhcp
config dhcp
        option interface        lan
        option start    100
        option limit    150
        option leasetime        12h

config dhcp
        option interface        wan
        option ignore   1
root@OpenWrt:~#

The defaults are just fine so there should not be the need to alter them. However, if there is the need to do so then we need to restart dnsmasq which is done with killall -9 dnsmasq; /etc/init.d/dnsmasq.


Now the second step after PPPoE in order to have connectivety to the Internet is to get a dynamic IP address from the DHCP server (dnsmasq). Therefore we need to configure our computer to ask the local DHCP server for an IP address. This is done by editing /etc/network/interfaces on our local machine i.e. not the WRT54GL. Note that in case the is not just a single computer connected to the WRT54GL but a LAN consisting of several other computers/devices, the all need to be set up to ask the DHCP server to hand out IP addresses to them. Also, in such case one should make sure that there is only one DHCP server in his LAN otherwise that would cause confusion the the overall network integritiy and even more the human(s) administering the LAN.

sa@pc1:~$ cat /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
sa@pc1:~$

The dhcp leases can be shown with cat /dhcp.leases on the WRT54GL. The defaults are also just fine here so there should be no need to alter them. Finally, if the local machine is configured (i.e. /etc/network/interfaces) and the WRT54GL is configured, after an ifdown -a followed by an ifup -a on the local machine, the command ifconfig should show us something like this

 1  pc1:/home/sa# ifconfig
 2  eth0      Link encap:Ethernet  HWaddr 00:85:f3:65:28:27
 3            inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
 4            inet6 addr: fe95::485:f569:fef0:128/64 Scope:Link
 5            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 6            RX packets:11776426 errors:0 dropped:0 overruns:0 frame:0
 7            TX packets:12487430 errors:0 dropped:0 overruns:0 carrier:0
 8            collisions:0 txqueuelen:1000
 9            RX bytes:955243876 (910.9 MiB)  TX bytes:3933396118 (3.6 GiB)
10            Interrupt:10 Base address:0xa400
11
12  lo        Link encap:Local Loopback
13            inet addr:127.0.0.1  Mask:255.0.0.0
14            inet6 addr: ::1/128 Scope:Host
15            UP LOOPBACK RUNNING  MTU:16436  Metric:1
16            RX packets:229158 errors:0 dropped:0 overruns:0 frame:0
17            TX packets:229158 errors:0 dropped:0 overruns:0 carrier:0
18            collisions:0 txqueuelen:0
19            RX bytes:74175578 (70.7 MiB)  TX bytes:74175578 (70.7 MiB)
20  pc1:/home/sa#

Note the IP address (line 2) the eth0 interface on the local machine got assigned. It is the first one out of 150 addresses (see /etc/config/dhcp contents above). Now we have connectivity to the Internet as can be seen

sa@pc1:~$ ping -c 3 google.com
PING google.com (64.233.167.99) 56(84) bytes of data.
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=1 ttl=241 time=67 ms
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=2 ttl=241 time=58 ms
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=3 ttl=241 time=71 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1203ms
rtt min/avg/max/mdev = 147.853/161.315/185.035/16.829 ms
sa@pc1:~$

Advanced Configuration and Setup for the WRT54GL

I mentioned before why I had chosen OpenWRT over some other, also good pieces of software. Now, with this subsection, I am going to take a deeper look into OpenWRT and what it can do for us. This subsection will tell about networking, firewalling and some other really nifty stuff that can be done with OpenWRT.

Package Management

First and foremost one needs to be skilled with the package management system that ships with OpenWRT. It is called iPKG (Itsy Package Management System).

There are a few commands everybody should know. Issuing ipkg --help when logged into the WRT54GL shows all the help

root@OpenWrt:~# ipkg --help
BusyBox v1.4.2 (2007-11-05 23:35:33 CST) multi-call binary

Usage: ipkg [options]... sub-command [arguments]...

ipkg is an utility to install, remove and manage .ipk packages.

Sub-commands:

Package Manipulation:
        update                  Update list of available packages
        upgrade                 Upgrade all installed packages to latest version
        install <pkg>           Download and install <pkg> (and dependencies)
        install <file.ipk>      Install package <file.ipk>
        configure [<pkg>]       Configure unpacked packages
        remove <pkg|regexp>     Remove package <pkg|packages following regexp>
        flag <flag> <pkg>...   Flag package(s) <pkg>
         <flag>=hold|noprune|user|ok|installed|unpacked (one per invocation)

Informational Commands:
        list                    List available packages and descriptions
        list_installed          List all and only the installed packages and description
        files <pkg>             List all files belonging to <pkg>
        search <file|regexp>            Search for a package providing <file>
        info [pkg|regexp [<field>]]     Display all/some info fields for <pkg> or all
        status [pkg|regexp [<field>]]   Display all/some status fields for <pkg> or all

[skipping a lot of lines...]

root@OpenWrt:~#

As can be seen, I skipped a lot of lines from the above screendump. What remains is what I consider basic knowledge in order to operate ipkg. One example of ipkg usage was shown above when we installed openssh-server and openssh-sftp-server.


A package management system needs to have a repository in order to obtain meta information as well as data (packages). In case of OpenWRT, the repository information for ipkg is located in the file /su:root@pc1.:/home/sa/re/wrt54gl/etc/ipkg.conf respectively /etc/ipkg.conf. The dired screenshot above shows it opened in the lower right window. I am fine with the default so I will not add new repository URLs (Uniform Resource Locators).

Firewall

3.2. Where should I put custom firewall rules?

They go into the file /etc/firewall.user. This file has a few examples in it as well. Don't forget to rerun the /etc/firewall.user scirpt to activate your changes.

/etc/firewall.user gets called from the /etc/init.d/S45firewall script on each reboot.

Since OpenWrt uses the standard Linux iptables for firewalling a good starting point for documentation is http://www.netfilter.org/documentation/.

note: RC6 seems has a more easier way of configuring firewall rules. Instead of editing /etc/firewall.user, you can edit /etc/config/firewall. This seems to be used by X-wrt as well.

TIP: If you install qosfw-scripts then it is easier to configure port forwarding.

WDS (Wireless Distribution System)

3.11. Wireless Distribution System (WDS) / Repeater / Bridge

This is an ASCII art for what WDS can be useful.

                / - - - Wireless Clients
               |
INTERNET-----WRT54G_1- - - - - -WRT54G_2 - - - - - Wireless Clients
             | | | |            | | | |
            4 clients          4 clients
----- Cable link
- - - Wlan link

With WDS you can connect wireless clients to all APs. In client mode this is not possible.

For connection of two AP together, both machines have to be set up.

nvram set wl0_lazywds=0 nvram set wl0_wds=aa:bb:cc:dd:ee:ff nvram commit ifup wifi; /sbin/wifi

Replace aa:bb:cc:dd:ee:ff with the MAC address of the router you would like to connect via WDS. On WRT54G_1 set MAC of WRT54G_2 and on WRT54G_2 set MAC of WRT54G_1.

If the other router is running OpenWrt too you can get the MAC address from output of:

iwconfig eth1

/!\ IMPORTANT: Use the correct network interface name for your hardware.

See OpenWrtDocs/Configuration for details.

Linksys WRT600N

I am planning to acquire that thingy sometime around late 2008 or so. A prerequisite is of course OpenWRT and X-WRT support for it which is not available so far (December 2007).

The link and the screenshot in case the page vanishes over time

Servers / Enterprise Hardware

This section is about enterprise hardware i.e. stuff that goes into a datacenter.

3U Single Socket Rack Server

During summer 2007, I decided to buy myself a new 3U server, powerful enough to consolidate a bunch of my private stuff spread across several machines across the globe, onto this machine for ease of maintenance and thus overall time savings.

Front with 12 hot swap HDD (Hard Disk Drive) bays and controls.
Front with 12 hot swap HDD (Hard Disk Drive) bays and controls.
Some possible inside i.e. a variety of motherboards etc. possible.
Some possible inside i.e. a variety of motherboards etc. possible.

Go here for more photos...



The ~3 leased servers I used before to host my private stuff were off the shelf consumer hardware respectively one of them was a virtual server with, well pretty limited hardware resources. Also, there were no real redundancy in place with any of the leased servers which gave me headaches from the beginning but then I could simply not afford state of the art 19" rack-mounted hardware and its hosting at a DC (Data Center) back then — I started with those servers when I was still a student with pockets full of nothing else but lints ;-]

Usage

I am going to use this server for private stuff only i.e. there will be no commercial service running on this machine nor will I use this machine to generate some income whatsoever. That has some benefits in terms of I am completely immune against any sort of insanity from crazy/toxic people I find myself observing from time to time. In short, my party, my rules... I like that, not because I like wearing the ruler hat but because it makes life easier because I can simply ignore dump people without any aftermath issues. Also, having my own hardware saves me a lot of time since I do not have to ask for permission or wait for approval... Amen!

FLOSS (Free/Libre Open Source Software)

Well, as we know, FLOSS is not just a hobby of mine or a job, it rather is one of my obsessions. Because of that, I will use the server to help with some tasks I do in the course of my involvements (for example, my involvements with Debian) with FLOSS e.g. providing Debian repositories to the public, hosting this website, etc.

Remote Backup

I backup data from my workstation and several other computers several times a day. The backup location is not just locally onto some other storage media but also to some remote places (to be save in cases when a local disaster strikes e.g. flooding). I will thus also use this server as a save haven for my data not matter of my current location on this planet.

Archive

Next to cyclic backups, the server will be used as an archive. The data in this archive will mainly consist of private stuff like family photo albums/videos etc. I will probably also put all my music and movie collection into the archive. Well, there is a lot of stuff that comes in mind that should be put into the remote archive just in case something bad (a fire, housebreaking, etc.) happens.

Website

Last but not least, I will host this website/platform using the new server.

Communication

I will but a mail system and instant/group messaging software (ejabberd) on the server.

Software running on the Server

With regards to software there is not much to say. There is the OS (Operating System) and a bunch of services I have running.

OS (Operating System) / Virtualization

The OS is Debian. Kernels will be Linux/OpenBSD. Virtualization is done with OpenVZ.

Application / Services

Well, the usual shebang i.e. some httpd, some Python magic, Postfix, a prise of PostgreSQL and a little bit of Django.

Hosting Location

The server will not just finally be put into a DC (Data Center) for colocation once set up but I will, as usual, start from scratch when the server is already in colocation. I will therefore use so called out-of-band management also known as remote management to install the kernel and OS (Operating System) environment remotely (from a couple of thousand miles away from the server), set up the RAID (Redundancy Arrays of Independent Disks) and configure the BIOS (Basic Input/Output System).

From my point of view, putting a server into colocation is the only way that really makes sense (but then I am a little biased because of my background I guess).

Aside from the current focus on this particular server, I am going to cover the hosting subject on its own as well.

Specifications

I guess this is the subsection which will be of most interest so I will detail things here. For the most part, I will simply provide links to either vendor but most likely producer websites of various components which of the server is made of.

As it may have already come into mind for most of the readers, I chose this server with the idea in mind that I do not need a multi socket machine since a shortage in computing power is quite unlikely to happen — as I said, all the machine will be used for is to host a few of my private services e.g. this website/platform.

However, I put emphasis on the storage part — the machine will run a fully encrypted RAID 6 array made up of up to 12 HDDs driven by a high-end RAID HBA (Host Bus Adapter) controller card. Next to the emphasis on the storage part, I always find it very important to take care about redundancy for the most critical components which is why the server features a triple redundant power supply nest to the RAID 6 array.

Also, there is the importance of RAM (Random Access Memory). It is common sense that, with regards to the overall system performance, the amount of RAM is vital — in most real-world scenarios it is higher prioritized than the amount of available computing power i.e. RAM is seen more important than the CPU part. Since I am going to have this server running common applications and services it is true in my case as well and this is why I have chosen to put in the maximal amount of non-persistent storage (RAM) which in this case, for this motherboard, as of now (November 2007), is 8 GiB.

Motherboard

There is a link to the original page plus I also took a screenshot since as time goes by, such pages tend to disappear.

CPU (Central Processing Unit)

Again, the link and in case this page may disappear over time the screenshot as well

RAM (Random Access Memory)

2x4 GiB Kit respectively 4x2 GiB DIMMs (Dual In-Line Memory Modules) i.e. 8 GiB in total:

4GB 667MHz DDR2 ECC CL5 DIMM (Kit of 2)
Standard 256M X 72 ECC 667MHz 240-pin Unbuffered DIMM (SDRAM-DDR2, 1.8V, CL5)

i.e. its an even number of DIMMs and therefore I am leveraging the dual-channel option.

Power Supply

The power supply is a triple redundant (N+1, with N = 2) power supply with hot-swap units which means one out of three units may fail (but not more) and can then be replaced on the fly i.e. while the machine is up and running. Again, the link and the screenshot below:

Remote Management

Basically we are talking about managing hardware one level below the usual SSH (Secure Shell) actions taken. Wikipedia has the details. Only thing left to me is to tell about the how and why I use it.


The Why: Anybody who has ever compiled a new kernel, rebooted and then waited... [Here goes the story of you calling the data center staff, pegging them to reboot your server]. Also, think about the most ugliest weather possible and then, out of nowhere, you are presented with two choices:

  • The funky one: Sit down, preferably at home, and install a new OS on some server within a DC (Data Center) on the other end of the city while watching the rain going horizontal towards your windows. All spiced up with some nice lightnings.
  • The not-so-funky one: Search the house for your Army combat 100% waterproof clothing stuff. Grab some install CDs, your suitcase with some tools and some food (this will take a while... of course). Then... several hours later [You write an email to you superior that you got stuck in traffic jam for 5 hours because of severe flooding etc. and could not even make it to the DC.] Finally

    ... lucky you, still 2 hours time left to get some seep until you have to head to the office anyway.... 9am, there are 754 humans at the office plus one zombie, hitting the coffee machine every 40 minutes or so.

Those scenarios are the amusing point of view but of course, there is the pragmatical one too. I am talking about TCO (Total Cost of Ownership), Manageability, etc.


The How: Everything needed is a common web browser and connectivity to the net. Most of the remote management hardware choices come with easy to use GUI (Graphical User Interface) software to connect to remote hardware and carry out management task from any place as long as one can establish communications.


eRIC express: eRIC express is a KVM-over-IP PCI card that provides browser-based remote, unblocked, BIOS (BasicInput/Output System) level access and control my server. It allows administrators to perform a variety of remote management tasks (e.g. set passwords, rename servers, turn the server on/off, reboot, change IP address, etc.)

eRIC express requires no client software on the remote user side and supports standard browsers such as Firefox, Iceweasel, Internet Explorer and Safari. Since it operates at the BIOS level, server access is available even if the server OS (Operating System) fails. An integrated modem allows emergency access when the network or Internet is unavailable. Its combination of KVM encryption, 256-bit SSLv3/TLSv1 and certification protects servers from unauthorized access.

What is the eRIC express?
eRIC express is a PCI card that enables IT administrators to remotely access and control a server over the IP network with BIOS level functionality. It is completely hardware and OS independent and allows users to troubleshoot and reconfigure servers even when servers are down.
How does eRIC express differ from remote control software?
Because eRIC express is not a software but a hardware solution, it is much more powerful:
  • OS and hardware independent eRIC express can be used to manage any type of server running any OS, whether Intel, Sun, PowerPC running Windows, Linux, Solaris, Novell, etc.
  • State-independent / Agent-less eRIC express does not require the managed server OS to be up and running, nor does it require any special software to be installed on the managed server.
  • Out-of-Band Even if the managed servers own network connection is unavailable, it can still be managed through eRIC express.
  • BIOS-level access Even if the server is hung at boot up, requires booting to safe mode, or requires system BIOS parameters to be altered, eRIC express still works flawlessly to enable these configurations to be made.
Can multiple people look at the same server at the same time?
Yes, eRIC express allows up to 15 people to view the same server at the same time.
What hardware, software, or network configuration is required to access eRIC express?
eRIC express requires no proprietary software to be installed on clients for access. It is accessible via any major web browser including: Internet Explorer, Netscape, and Firefox. Currently, eRIC express requires a Java-enabled browser. With eRIC express, administrators can perform a variety of remote management tasks (set passwords and security, rename servers, change IP address, etc.).

The link and the screenshot plus a few images from that beloved controller card of mine.

Storage

I put emphasis on this particular part as I already mentioned above. I simply needed some remote place where I could drop all my private data (photos, music, documents etc.) and have it available all the time.

Also, once I dropped some data there it should be secure i.e. not get lost or be tampered with. The not get lost part can be established with common high availability measures like redundant power supplies but especially redundant, fail tolerant storage.

HDD (Hard Disk Drives)

The server may be equipped with up to 12 3.5" HDDs (Hard Disk Drives) which are all hot swappable and thus, even when some disk drives fail, the machine always remains operational. The disk drives in question are all of the same type (Seagate Barracuda ES SATA 3.0/Gb/s 400-GB Hard Drive ST3400620NS).

As of now (November 2007), depending on the chosen RAID (Redundancy Arrays of Independent Disks) level, I could theoretically store up to 12 TB (there is a difference between TiB and TB) of data — current state of the art HDDs store up to 1 TB of data each.

I do not have the need for that much storage right now but that might change in the future and so I have still space to grow. My current determination is that I will probably use only ~6 out of 12 available bays and use 400 GB HDDs which leaves me with 1.6 TB of available storage capacity since I am going to use RAID level 6.

Maybe I will also add some more HDDs, for hot standby, to the 6 other actives in the RAID 6 array. Although my RAID HBA (Host Bus Adapter) would allow for several arrays, each one independent from the others, I am just going to have one featuring RAID 6. In this case it does not matter, if I assign a dedicated hot standby disk drive to just this array or if I declare is as global hot standby HDD.

The latter one would get picked up by the HBA and assigned to any array that just suffered a disk failure. The former one (the array dedicated hot standby) is dedicated to a particular array i.e. even when a disk within another array fails, the HBA would not assign this hot standby disk to the other array but keep it on stock for the particular array it was initially assigned to.

Another benefit of putting more disks into the server than needed for the active array is that I might grow the array remotely without the need to get in touch with the DC (Data Center) staff and ask them to put in some more HDDs that I send them. In general, I hate the idea someone else fiddling with my IT (Information Technology) stuff! Of course, I took measures to avoid such situations.

Yet another benefit of putting in a few more HDDs than needed for the active array is that I just have to run my errands once... it is simply easier and saves me time as opposed to acquire them 2 or so years later, send them to the DC etc. Of course, this is a no go in enterprise environments but then this is just one little server and we are talking private affairs.

All in all I think I am fine with this setup — I do not need virtualized storage and SAN (Storage Area Network) powers for my private affairs... not yet ;-]

SATA (Serial ATA) / SAS (Serial Attached SCSI) Backplane

The server chassis and backplane comes as one unit manufactured by Chenbro. All the other components i.e. motherboard, CPU, power supply, etc. are then added to the mix.

The backplane/chassis I acquired was the RM31212B. As can be seen above, the HDDs are loaded/unloaded using the 3.5" bays. In conjunction with the RAID HBA (Host Bus Adapter), what I get is a situation where I can exchange/add/remove HDDs while the server is running in operations mode i.e. hot swapping. Same goes for the power supply — also hot swappable as I mentioned above.

Since, statistically shown by several independent studies, HDDs (Hard Disk Drives) and power supplies are those components that cause ~76% of overall system downtimes, having made those two failure tolerant means a lot. The number of 76% is off head — no prove here — I just remembered a paper I skimmed across the other day, telling about single server (not SAN, no Blade stuff, etc.) environments and the causes for downtimes.

RAID Host Bus Adapter Card

Please go here.

Intel Modular Server

WRITEME

IBM BladeCenter

This section is about IBM's BladeCenter line in general. It is not just about how to figure what are the requirements for oneself, for a customer who hired you or for the company you work but it is also about how to buy and what to consider by doing so. It is then of course also about deploying, setting up and running the whole shebang.


In the end, what counts can be expressed briefly

  • Modern IT (Information Technology) solutions must allow to run and provide mission critical services to oneself and others (not just in theory but also in practice) i.e. it does not help if a vendors website or the sales represantative promotes a product with a bunch of high availability, virtualization etc. solutions3 and fancy stuff if it is too complicated to handle for humans.
  • Investment protection and cost savings in the long-term. One has to be realistic. The initial costs for BladeCenters are enormous compared to usual 19inch rack hardware. For example, a I/O (Input/Output) module for a blade chassis might cost as much as two complete 19inch rack servers together. Fact is, that in the long run blade hardware in general does not have the same worse impact on TCO (Total Cost of Ownership) than usual rack hardware because of time savings for the IT staff who runs it.
  • Time savings. Blade solutions or any modern IT solution in general must save humans time. Plain and simple. If it does not then, no matter how fancy its features are, just forget it...
  • Complexity encapsulation. Complexity with modern IT solutions is growing at a rate that is almost exponential for any new service that is added to some existing infrastructure. Modern IT solutions need to help keeping this rate to at least a linear rate or even better make it vanish. Plain and simple. If it does not then, no matter how fancy its features are, just forget it...
  • Scalability. It must be possible to scale services i.e. no matter if a service gets 5 requests per second today and 50000 tomorrow (ever been slashdotted? fun!), and a week later it again drops down to say 100 requests for the time being, modern IT has to handle that otherwise just forget it.
  • Resource consumption. We have to take care of the habitat we are living in thus modern IT has to be spare with resources like electricity etc.

One thing I cannot stress enough is the fact that CTOs (Chief Technology Officers) or CIOs (Chief Information Officers) should really make it clear that the procedure of writing down ones requirements, discussing them with various vendors and folks in general (also non technicians) as well as talking to others who have already gone to this process is vital!

Do not hurry during this step. Take your time even if management starts bitching. Tell them about the importance and include them in the process. If you tell them that the wrong decision might cause stocks to fall or even worse (just imagine what happens if say all IT services are unavailable for ~2 business days i.e. no email, no website, no VoIP (Voice over IP), no CRM (Customer Relationship Management) no nothing... nuclear winter at anybodies desk) and that modern IT is the heart and brain of your company, the might start listening and understand things better4. It is possible to live with just one arm or leg but take the brain or heart... end of the road!


However, the situation is as it is — good or not, I do not know — fact is if you are dealing with IT then you are dealing with heart and brain. CEOs (Chief Executive Officers) and friends are toes, fingers, arms and such — customers will not notice if they are sitting behind their desks for two days or not. Try this with mister DC (Data Center) ...

IBM's Website

Disclaimer: Skip this subsection if easily offended since it demonstrates what bad designed IT (Information Technology) solutions can do to peaceful, well-balanced people.

Even though I love IBM solutions and their hardware I must say (and I say this although I am normally not the emotional guy), that from my point of view, IBM's website is crap2 — I hate it!
Why? Because there is just dumb marketing speech all over the place and it is so damn slow that you could go for lunch while the site you want to visit loads. And yes, the performance matter is not local — all other things work fast here.
You can surf this stupid site for hours and still, you would not have an answer to the question that initially brought you there. What were they thinking? Was their intention to make people feel uncomfortable? ... I doubt it. I simply do not know why this site is in place but they should definitely fix that mess. For example, surfing a Django site instead is pure joy and even the marketing people can be happy since they get their so damn-nerdy-overall-important-shiny-message out.
IBM's website must have been made by marketers and self-declared world-class web-designers but clearly not by someone who has a technical background and wants to find answers to questions as fast as possible. Well, most probably, as it happens way to often, the marketers-business-breed was in powers and the technicians had to obey ... now, we all have to suffer for that fact.
What is wrong with the marketers, lawyers and business folks nowadays? This breed should be told that it does not rule the world. I am used to refer to the current state as a phenomenon of mass-narcissism. Of course, I also know sane, very grassroots business/lawyer folks as well. Funny thing is, even they agree on that point of view...

Whatever... the only thing I wanted to say here is: Do not think you are stupid because you are already surfing this website for hours but you still have not found what you were looking for... It is this website, not you!

And just to make that clear. I was just talking about IBM. It is the same for Hewlett Packard, Dell, Sun, Intel, AMD etc. although I think IBM has the worst site in senses of search time/information retrieval ratio. For anything aside dumb marketing speech please contact a sales representative who will try to... IBM, thank you for stealing my time with your website. I consider that a crime against humanity. And it is not just me — many folks I know say the same about your site.


What I would like to do with this page (the one you are currently on not IBM's bad joke) is to really provide worthy information on a technical level in order to install, configure and manage IBM hardware and software bundles in as less time as needed to get from A to B and without information redundancy.

If however, you are more the kind of guy who likes sites like I talk a lot but actually say nothing please just go to IBM's website... you are wrong here.

Type S

Type H

Storage

As we know, the representative of information with modern IT is called data. Therefore this section is about storing data respectively information and what it takes to enable fast, secure and reliable access to it at all times. Another very important aspect with storage is to keep information from degrading or even worse, from being lost.

Adaptec 31205 RAID Controller

This one is an Adaptec series 3 RAID HBA (Host Bus Adapter) card. Series 3 is the second-best right after Series 5 HBAs which target the high-end enterprise market exclusively. The 31205 is an 8-lane PCIe HBA controller supporting RAID levels 0, 1, 1E, 5, 5EE, 6, 10, 50, 60, JBOD. I use this controller in a few of my servers as well as with my workstation.


My experience over the years is that Adaptec HBAs work excellent with Linux out of the box. All drivers are GPL (General Public License) and part of mainline Linux since Linux version 2.4. I also dealt with high-end 3ware, Intel, HP and Areca gear but I must say, that from my point of view, Adaptec always was the better choice not just in terms of HBA performance and the included features but also in terms of OS (Operating System) support and management utilities provided to manage the storage attached to the HBA.

Before we move on, here is the link, a comparison plus a the images below. For more information take a look here. For linux support see here.

Installation and Configuration

Installing the RAID HBA into a computer case, connecting all cables and HDDs (Hard Disk Drives) is beyond this section. Information about this is available on http://www.adaptec.com plus any controller ships with manuals and guides anyway.

Management Ulitities

In order to install and/or manage storage space with the Adaptec 31205 RAID HBA (and others of the same controller family), four utilities are provided by Adaptec:

AFU (Adaptec Flash Utility)
Is a text-based DOS utility which can be used to update, save, or verify our RAID controller's firmware BIOS and NVRAM (non-volatile Random Access Memory). As we will see later, we do not need it since its functionality is also part of ARCCONF as well as ASM which makes updating the firmware a lot easier instead of fiddling around with the AFU.
ACU (Array Configuration Utility)
On the lowest level we have a BIOS configuration utility called ACU. It is used for quick and easy local setup without the involvement of any OS (Operating System) i.e. this is what can be used to install a system from scratch. We will use this one to initialize the array and make it bootable i.e. this is the task that happens before any OS gets installed. Once the array is set up and build plus made bootable we can proceed installing DebianGNU/Linux as usual e.g. using a Netinstall ISO image.
ARCCONF (Adaptec RAID Controller Configuration)
This one provides roughly the same (a little less) features as does the ASM. Its main distinction to the ASM is that it is a CLI utility (which I normally prefer). The real difference from a practical point of view is, the ASM provides all the remote management features, the notification features (email notifications etc.) plus the ASM can be used to schedule a bunch of tasks to monitor all sorts of things.
ASM (Adaptec Storage Manager)

One-view GUI (Graphical User Interface) utility which centralizes management of all Adaptec RAID products. ASM enables local as well as remote (see storage space below) RAID management, monitoring, and configuration through secure, encrypted communication. Aside from using the ACU for initial setup and installing the storage as well as ARCCONF for all CLI actions, the ASM is probably the most important tool.

The ASMA (Adaptec Storage Manager Agent), part of the ASM, can be thought of being identical to the ASM except for not including any sort of software that provides us with some GUI. A combination of the ASM and the ASMA is used to build a storage space across two or more machines which is then also known as SAN (Storage Area Network).

ARCCONF

This one is a very handy tool, especially if we want to do things quickly via the CLI, possible even remote:

wks:/usr/StorMan# type pi; pi arcconf
pi is aliased to `ls -la | grep'
-rwxr--r--  1 root root  1694258 2008-02-06 08:02 arcconf
wks:/usr/StorMan# ./arcconf -h

  | UCLI |  Adaptec uniform command line interface
  | UCLI |  Version 5.30 (B17509)
  | UCLI |  (C) Adaptec 2003-2008
  | UCLI |  All Rights Reserved

 COPYBACK      | toggles controller copy back mode
 CREATE        | creates a logical device
 DATASCRUB     | toggles the controller background consistency check mode
 DELETE        | deletes one or more logical devices
 FAILOVER      | toggles the controller autotomatic failover mode
 SNAPSHOT      | creates a copy of a logical device
 GETCONFIG     | prints controller information
 GETLOGS       | gets controller log information
 GETSTATUS     | displays the status of running tasks
 GETVERSION    | prints version information for all controllers
 IDENTIFY      | blinks LEDS on device(s) connected to a controller
 KEY           | installs a Feature Key onto a controller
 MODIFY        | performs RAID Level Migration or Online Capacity Expansion
 RESCAN        | checks for new or removed drives
 ROMUPDATE     | updates controller firmware
 SETALARM      | controls the controller alarm, if present
 SETCONFIG     | restores the default configuration
 SETCACHE      | adjusts physical or logical device cache mode
 SETNAME       | renames a logical device given its logical device number
 SETPRIORITY   | changes specific or global task priority
 SETSTATE      | manually sets the state of a physical or logical device
 TASK          | performs a task such as build/verify on a physical or logical device

wks:/usr/StorMan# ./arcconf GETVERSION
Controllers found: 1
Controller #1
==============
Firmware           : 5.2-0 (15753)
Staged Firmware    : 5.2-0 (15753)
BIOS               : 5.2-0 (15753)
Driver             : 1.1-5 (2456)
Boot Flash         : 5.2-0 (15753)


Command completed successfully.
wks:/usr/StorMan# ./arcconf GETSTATUS 1
Controllers found: 1
   Current operation              : None

Command completed successfully.
wks:/usr/StorMan# ./arcconf GETCONFIG 1
Controllers found: 1
----------------------------------------------------------------------
Controller information
----------------------------------------------------------------------
   Controller Status                        : Optimal
   Channel description                      : SAS/SATA
   Controller Model                         : Adaptec 31205
   Controller Serial Number                 : 7D2210C1707
   Temperature                              : 59 C/ 138 F (Normal)
   Installed memory                         : 256 MB
   Copyback                                 : Enabled
   Background consistency check             : Enabled
   Automatic Failover                       : Enabled
   Global task priority                     : Medium
   Defunct disk drive count                 : 0
   Logical devices/Failed/Degraded          : 1/0/0
   --------------------------------------------------------
   Controller Version Information
   --------------------------------------------------------
   BIOS                                     : 5.2-0 (15753)
   Firmware                                 : 5.2-0 (15753)
   Driver                                   : 1.1-5 (2456)
   Boot Flash                               : 5.2-0 (15753)
   --------------------------------------------------------
   Controller Battery Information
   --------------------------------------------------------
   Status                                   : Optimal
   Over temperature                         : No
   Capacity remaining                       : 98 percent
   Time remaining (at current draw)         : 3 days, 0 hours, 31 minutes

----------------------------------------------------------------------
Logical device information
----------------------------------------------------------------------
Logical device number 0
   Logical device name                      : array0
   RAID level                               : 6 XOR
   Status of logical device                 : Optimal
   Size                                     : 953495 MB
   Stripe-unit size                         : 256 KB
   Read-cache mode                          : Enabled
   Write-cache mode                         : Enabled (write-back)
   Write-cache setting                      : Enabled (write-back) when protected by battery
   Partitioned                              : Yes
   Protected by Hot-Spare                   : Yes
   Dedicated Hot-Spare                      : 0,5
   Bootable                                 : Yes
   Failed stripes                           : No
   --------------------------------------------------------
   Logical device segment information
   --------------------------------------------------------
   Segment 0                                : Present (0,0)             9QG4F3MG
   Segment 1                                : Present (0,1)             9QG405C4
   Segment 2                                : Present (0,2)             9QG41WFC
   Segment 3                                : Present (0,3)             9QG43SS4
   Segment 4                                : Present (0,4)             9QG4393C


----------------------------------------------------------------------
Physical Device information
----------------------------------------------------------------------
      Device #0
         Device is a Hard drive
         State                              : Online
         Supported                          : Yes
         Transfer Speed                     : SATA 1.5 Gb/s
         Reported Channel,Device            : 0,0
         Reported Location                  : Connector 0, Device 0
         Vendor                             : ST340062
         Model                              : 0NS
         Firmware                           : 3.AEG
         Serial number                      : 9QG4F3MG
         Size                               : 381554 MB
         Write Cache                        : Enabled (write-back)
         FRU                                : None
         S.M.A.R.T.                         : No
      Device #1
         Device is a Hard drive
         State                              : Online
         Supported                          : Yes
         Transfer Speed                     : SATA 1.5 Gb/s
         Reported Channel,Device            : 0,1
         Reported Location                  : Connector 0, Device 1
         Vendor                             : ST340062
         Model                              : 0NS
         Firmware                           : 3.AEG
         Serial number                      : 9QG405C4
         Size                               : 381554 MB
         Write Cache                        : Enabled (write-back)
         FRU                                : None
         S.M.A.R.T.                         : No


[skipping a lot of lines...]


      Device #5
         Device is a Hard drive
         State                              : Hot Spare
         Dedicated Spare for                : logical device 0
         Supported                          : Yes
         Transfer Speed                     : SATA 1.5 Gb/s
         Reported Channel,Device            : 0,5
         Reported Location                  : Connector 1, Device 1
         Vendor                             : ST340062
         Model                              : 0NS
         Firmware                           : 3.AEE
         Serial number                      : 5QH04LA1
         Size                               : 381554 MB
         Write Cache                        : Enabled (write-back)
         FRU                                : None
         S.M.A.R.T.                         : No


Command completed successfully.
wks:/usr/StorMan# ./arcconf GETLOGS 1 EVENT tabular
Controllers found: 1

   ControllerLog
      controllerID..................... 0
      type............................. 6
      time............................. 1241695120

      eventlog

         event
            Date............................. 1241695120
            eventType........................ FSA_EM_ENHANCED_BATTERY_CHANGE
            eventCode........................ 0x8000000
            capabilities_bits................ 0
            event_bits....................... 32768
            status_bits...................... 0
            temperature...................... 0
            current.......................... 0
            designCapacity................... 0
            fullCapacity..................... 0
            remainingCapacity................ 0
            DramCurrentDraw.................. 0
            nextReconDate.................... 0
            lastReconDate.................... 0
            tabStatusRegisterBits............ 0
            tabControlRegisterBits........... 0
            rombStatusRegisterBits........... 0
            rombControlRegisterBits.......... 0
            max_temperature.................. 0
            voltage.......................... 4070
            batSubSysColdStartedDays......... 0
            batSubSysColdStartedHours........ 0
            batSubSysColdStartedMinutes...... 0
            batSubSysColdStartedSeconds...... 0
            controllerID..................... 0


[skipping a lot of lines...]


Command completed successfully.
wks:/usr/StorMan#

I think the above is self-explanatory. What is easy to see is that I have 6 HDD's connected to the controller, setup as RAID 6 whereas one HDD is used as hot spare.


Obviously, that setup is targeted at preventing data loss rather than maximal speed — I would have made a RAID 5 without a hot spare HDD if I would have opted for maximum speed. Anyway, below is a statement about the current setups speed parameters — firstly the Bash script I put together

 1  wks:/usr/StorMan# cat /home/sa/0/bash/test_raid_controller_speed.sh
 2  #!/bin/bash
 3  shopt -s extglob
 4
 5  get_kernel_info ()
 6  {
 7    echo -e "Current kernel is: $(uname -a)\n\n"
 8  }
 9  get_release_info ()
10  {
11    echo "Debian release information:"
12    [[ -x /usr/bin/lsb_release ]] && lsb_release -ric || cat /etc/debian_version
13    echo
14  }
15  raid_controller_speed ()
16  {
17    declare -i _counter
18    declare -i _repetions
19    _counter=0
20    _repetions=4
21    _controller_path=/dev/sda
22
23    echo "Pseudo speed test for the Adaptec 31205 with 6 HDDs in RAID 6 setup"
24
25    while [[ $_counter -Lt $_repetions ]]
26    do
27      echo "------------------------------Running test: $_counter..."
28      hdparm -tT $_controller_path
29      _counter+=1
30    done
31  }
32
33  get_release_info
34  get_kernel_info
35  raid_controller_speed
36
37
38  #_ emacs local variables
39  # Local Variables:
40  # mode: shell-script
41  # allout-layout: (0 : 0)
42  # End:

and secondly the results it delivers:

43  wks:/usr/StorMan# /home/sa/0/bash/test_raid_controller_speed.sh
44  Debian release information:
45  Distributor ID: Debian
46  Release:        unstable
47  Codename:       sid
48
49  Current kernel is: Linux wks 2.6.26-2-openvz-amd64 #1 SMP Fri Mar 27 05:10:50 UTC 2009 x86_64 GNU/Linux
50
51
52  Pseudo speed test for the Adaptec 31205 with 6 HDDs in RAID 6 setup
53  ------------------------------Running test: 0...
54
55  /dev/sda:
56   Timing cached reads:   10752 MB in  2.00 seconds = 5381.87 MB/sec
57   Timing buffered disk reads:  380 MB in  3.01 seconds = 126.44 MB/sec
58  ------------------------------Running test: 1...
59
60  /dev/sda:
61   Timing cached reads:   15916 MB in  2.00 seconds = 7967.75 MB/sec
62   Timing buffered disk reads:  408 MB in  3.01 seconds = 135.72 MB/sec
63  ------------------------------Running test: 2...
64
65  /dev/sda:
66   Timing cached reads:   14074 MB in  2.00 seconds = 7044.32 MB/sec
67   Timing buffered disk reads:  464 MB in  3.01 seconds = 154.29 MB/sec
68  ------------------------------Running test: 3...
69
70  /dev/sda:
71   Timing cached reads:   15832 MB in  2.00 seconds = 7925.55 MB/sec
72   Timing buffered disk reads:  490 MB in  3.01 seconds = 162.85 MB/sec
73  wks:/usr/StorMan#

Note that we make four runs (line 20) in order the get a mean of the results from lines 57, 62, 67 and 72. For more information take a look at man 8 hdparm.

As I said, those numbers are not really through the roof in terms of speed but then it is only a series 3 controller (not series 5, which is the fastest line Adaptec has as of now (May 2009)) and there are only 6 SATA (Serial ATA) HDDs attached — a setup that is not opted for maximal speed but rather safety against data loos and cost effectiveness. A series 5 controller with a high number of SAS (Serial Attached SCSI) HDDs would make things look very differently — so differently that in fact it may only be topped by exchanging the SAS HDDs with SSDs (Solid State Drives).


A Geek having Fun
However, once this is done, the storage is not the systems bottleneck anymore but probably the CPU — in which case we would have to invest in a new CPU and motherboard i.e. make the transition from a one socket CPU setup to at least two sockets — of course, that would require a bigger case and way better cooling.
Afterwards we would need to eliminate our new bottleneck... the graphic card that is... no problem, we make it a 3-ways SLI setup. At some point and thousands of euros later we might again find out, that now, the weakest link is yet again the storage ;-]
After several iterations, and tens of thousands euros later we may have end up building our own datacenter... that is way more fun than gardening anyway ;-]

ASM (Adaptec Storage Manager)

Usually I tend to choose the CLI over any GUI but in this particular case it is the GUI that I find is a way better choice to get the job done. As an example, try to figure the current status of some SAN (Storage Area Network) with say around 520 HDDs with the ARCCONF and then with the ASM... With the ASM we can get an overview of very much and complex information pretty quick plus we can drill down on any details we are interested in.

With the ASM we do not just get a GUI to manage a local system i.e. a computer with an Adaptec RAID HBA (Host Bus Adapter) build in but a lot more. The ASM can be used to manage a whole SAN (Storage Area Network). The ASM also includes an agent, which when installed on some system, allows us to manage this system remotely with the ASM from some other host over the network. Therefore the ASM is a GUI to manage one or more controllers and all their attached storage, may that be remotely or/and locally attached to the machine running the ASM GUI in order for some human to carry out tasks on the storage space.
The ASM also provides us with fine-grained permission sets in order to do user management e.g. to only allow senior administrators to carry out the most risky operations on the storage while junior administrators might be allowed to set up and configure monitoring tasks and notifications only.
Speaking of, the ASM allows us to set up monitoring for various things regarding the storage e.g. HDD status and notification (e.g. via email) if anything happens e.g. a disk failure. We can also use the built-in task manager to for example schedule tasks to for example run consistency checks, health checks on hot spare disks, RAID level migration or for example capacity expansion (scheduled for the nights when there is the least I/O (Input/Output) on the storage), etc.

I will now explain how to acquire, package into a .deb, install and finally use the ASM on DebianGNU/Linux with the Adaptec 31205 RAID HBA (actually it is the same for all controllers of Adaptec's series 3 and 5 controllers plus very akin for other SAS/SATA HBAs made by Adaptec).

Acquiring the latest ASM

Although the ASM is the same for family 3, 5 and other Adaptec controllers, in the current case we navigate to the download area for the 31205 and get the URL for the ASM which we then use with wget or curl in order to download the latest ASM. Since I am on DebianGNU/Linux 64bit, I am going with Adaptec Storage Manager Ver. 5.30.17509 for 64-bit Linux which is the most current one as of now (October 2008).

 1  sa@wks:/tmp/asm$ ll
 2  total 0
 3  sa@wks:/tmp/asm$ curl -O http://download.adaptec.com/raid/storage_manager/asm_linux_x64_v5_30_17509.rpm
 4    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
 5                                   Dload  Upload   Total   Spent    Left  Speed
 6  100 46.8M  100 46.8M    0     0  1711k      0  0:00:28  0:00:28 --:--:-- 1716k
 7  sa@wks:/tmp/asm$ ll
 8  total 47M
 9  -rw-r--r-- 1 sa sa 47M 2008-10-29 14:42 asm_linux_x64_v5_30_17509.rpm
Create a Debian Package and install it

Adaptec distributes the ASM as .rpm only (see line 3) which means we are going to transform it into a .deb (Debian package) so we are able to ensure a clean and quick handling once we have a Debian package of the ASM available i.e. installation and removal is a one-liner on the CLI plus it scales way better because it may be distributed to numerous machines over the net as well.

10  sa@wks:/tmp/asm$ mkdir asm_linux_x64_v5_30_17509
11  sa@wks:/tmp/asm$ mv asm_linux_x64_v5_30_17509.rpm asm_linux_x64_v5_30_17509/
12  sa@wks:/tmp/asm$ cd asm_linux_x64_v5_30_17509/
13  sa@wks:/tmp/asm/asm_linux_x64_v5_30_17509$ su
14  Password:
15  wks:/tmp/asm/asm_linux_x64_v5_30_17509# alien --scripts asm_linux_x64_v5_30_17509.rpm
16  storman_5.30-17510_amd64.deb generated
17  wks:/tmp/asm/asm_linux_x64_v5_30_17509# ls -la
18  total 95844
19  drwxr-xr-x 2 sa   sa         77 2008-10-29 15:00 .
20  drwxr-xr-x 3 sa   sa         38 2008-10-29 14:56 ..
21  -rw-r--r-- 1 sa   sa   49084641 2008-10-29 14:42 asm_linux_x64_v5_30_17509.rpm
22  -rw-r--r-- 1 root root 49053838 2008-10-29 15:00 storman_5.30-17510_amd64.deb

Lines 10 to 14 are self-explaining. In line 15 we make use of alien which is designed to make the transformation from .rpm's into .deb's. What is exactly happening in line 15 is that we are also converting the scripts which handle the installation and removal of a package from RedHat's format into Debian's format. That works but we have to adjust a little bit manually because the Debian package that was just created (line 22) contains some paths in its pre- and post-install scripts that do not exist on a Debian-based system, therefore they must be removed.


23  wks:/tmp/asm/asm_linux_x64_v5_30_17509# mkdir -p storman_5.30-17510_amd64/{debian,DEBIAN}
24  wks:/tmp/asm/asm_linux_x64_v5_30_17509# ls -lR storman_5.30-17510_amd64/
25  storman_5.30-17510_amd64/:
26  total 0
27  drwxr-xr-x 2 root root 6 2008-10-29 15:31 debian
28  drwxr-xr-x 2 root root 6 2008-10-29 15:31 DEBIAN
29
30  storman_5.30-17510_amd64/debian:
31  total 0
32
33  storman_5.30-17510_amd64/DEBIAN:
34  total 0
35  wks:/tmp/asm/asm_linux_x64_v5_30_17509# dpkg --extract storman_5.30-17510_amd64.deb storman_5.30-17510_amd64/
36  wks:/tmp/asm/asm_linux_x64_v5_30_17509# dpkg --control storman_5.30-17510_amd64.deb storman_5.30-17510_amd64/DEBIAN/

Now, in order to carry out our manual changes to the just created Debian package from line 22, we are going to create a few new directories as can be seen in line 23. Then we extract the Debian package into those directories (line 35) and also explicitly extract the control file of it as can be seen in line 36. Above I mentioned that we need to alter the post-install and post-removal respectively. So we visit those files with some editor (I used dired as can be seen below) and change the stuff that needs to be changed i.e. in postin we remove/uncomment chkconfig --add stor_agent and in postrm we remove/uncomment chkconfig --del stor_agent.

37  wks:/tmp/asm/asm_linux_x64_v5_30_17509# rm storman_5.30-17510_amd64.deb
38  wks:/tmp/asm/asm_linux_x64_v5_30_17509# dpkg --build storman_5.30-17510_amd64/ storman_5.30-17510_amd64.deb
39  dpkg-deb: building package `storman' in `storman_5.30-17510_amd64.deb'.
40  wks:/tmp/asm/asm_linux_x64_v5_30_17509# ls -la
41  total 95844
42  drwxr-xr-x 3 sa   sa        108 2008-10-29 15:49 .
43  drwxr-xr-x 3 sa   sa         38 2008-10-29 14:56 ..
44  -rw-r--r-- 1 sa   sa   49084641 2008-10-29 14:42 asm_linux_x64_v5_30_17509.rpm
45  drwxr-xr-x 5 root root       42 2008-10-29 15:00 storman_5.30-17510_amd64
46  -rw-r--r-- 1 root root 49054140 2008-10-29 15:49 storman_5.30-17510_amd64.deb

In line 37 we remove the old .deb and then rebuild it from our just adapted version in line 38. We are done i.e. the package from line 46 can now be installed on our system with dpkg --install storman_5.30-17510_amd64.deb in a clean and quick manner. Of course we might also redistribute it for installation on other Debian boxes as well. In order to check if all went well, we can take a look

47  wks:/tmp/asm/asm_linux_x64_v5_30_17509# exit
48  exit
49  sa@wks:/tmp/asm/asm_linux_x64_v5_30_17509$ cd
50  sa@wks:~$ type dpl
51  dpl is aliased to `dpkg -l'
52  sa@wks:~$ dpl stor* | grep ^ii
53  ii  storman                                    5.30-17510                 Adaptec Storage Manager
54  sa@wks:~$ dpkg-query -s storman
55  Package: storman
56  Status: install ok installed
57  Priority: extra
58  Section: alien
59  Installed-Size: 59424
60  Maintainer: markus.gattol <sa@wks>
61  Architecture: amd64
62  Version: 5.30-17510
63  Depends: libc6 (>= 2.7-1), libgcc1 (>= 1:4.1.1), libstdc++5 (>= 1:3.3.4-1), libx11-6, libxext6
64  Description: Adaptec Storage Manager
65   Adaptec Storage Manager
66   .
67   (Converted from a rpm package by alien version 8.72.)
68  sa@wks:~$

and to no surprise it did went well as we can see from line 52 and lines 55 to 67.

Start the ASM

After the installation of the ASM is complete we can start it. Before we can do so however, since the ASM is a Java based Application, we might need to edit the ASM launcher script.

As can be seen, the changes I made to /usr/StorMan/StorMan.sh are highlighted in the image above. What I did was simply to tell the launcher script where to find my local Java installation i.e. I altered JAVA_HOME="." into JAVA_HOME=/usr/lib/jvm/java-6-sun. Then another quick shell alias, put into /root/.bashrc, and we are ready to launch as can be seen below.

wks:/home/sa# alias | grep asm
alias asm='sh /usr/StorMan/StorMan.sh >& /dev/null &'
wks:/home/sa# source /root/.bashrc
wks:/home/sa# asm
[1] 7075
wks:/home/sa#

After issuing our alias asm, the ASM starts (left image) then we have to provide some user credentials (remember what I told about fine-grained permissions and thus user management above). Since I log in as root on my local system (currently being my workstation), I use my root password (middle image) and then I end up on the ASM instance installed on my workstation with currently 6 HDDs installed locally and no other storage attached remotely. What that means is that my workstation is not part of any storage space (also known as SAN (Storage Area Network)) which is typically constructed of two or more boxes with Adaptec RAID HBA's installed, each running either the ASM or the ASMA (Adaptec Storage Manager Agent). It is just my workstation with the 31205 installed running the ASM.

Use the ASM

Adaptec provides a great guide to the ASM which can be downloaded here.

Remove the ASM

In case we want to upgrade to a new version of the ASM with an earlier version already installed, we need to remove the old one first. dpkg --remove storman_5.30-17510_amd64 does the trick. After we removed it, we build, install and configure the new version as shown above.

ASMA (Adaptec Storage Manager Agent)

When ASM is installed on a system, the ASMA is also installed automatically. The ASMA is like a service that keeps our storage space running. It is designed to run in the background, without user intervention, and its job is to monitor and manage system health, event notifications, tasks schedules, and other on-going processes on that system. It sends notices when tasks are completed successfully, and sounds an alarm when errors or failures occur on that system. In short, the ASMA can be thought of being identical to the ASM except for not including any sort of software that provides us with some GUI (Graphical User Interface).

The ASMA uses less memory than the full application (ASM). If our storage space includes systems that will not be connected to display devices, we can choose to run the ASMA only on those systems instead of the full application. We may want to do this if system resources are limited, or simply if we want more system resources available for other tasks.

In a real-world scenario where we would have for example 3 computers, two of which are servers with no display device attached and one being a workstation with an attached display device, the two servers would be running the ASMA and only the workstation would be running the ASM (which includes the ASMA as we know).
From our local system (workstation) we could then use the ASM to not just manage the local storage within the workstation but also the remote storage within our two servers. This scenario is a SAN (Storage Area Network) already i.e. a decentralized storage space with means of arbitrary management opportunities across the whole storage space from any of its attached systems.
Installing the ASMA

Nothing to do here — the ASMA is part of the ASM so if we did as pointed out above, the ASMA is installed already. The only thing left for us to do is to configure the ASMA.

Configure the ASMA

This depends whether or not we want the ASMA running in background continuously or not. For setups that involve more than one machine, all need to either run the ASM or ASMA. Usually the machine used to manage a storage space has the ASM running. All machines not used to manage the storage space will have the ASMA running as a daemon process.

It is also important to mention that we may use several instances of the ASM to manage the storage space if we do a little synchronization. Also, a machine used to manage the storage space must not necessarily have an Adaptec RAID HBA installed and some storage attached to it. It only needs to have the ASM installed i.e. we might for example use a subnotebook to manage a storage space of dozens of servers.


What we actually need to accomplish is that the ASMA is started at boot time and stopped when the system is shutdown. Above we have altered /usr/StorMan/StorMan.sh, the ASM launcher script. Now we need to alter /usr/StorMan/StorAgnt.sh (the ASMA launcher script) plus we need to put /usr/StorMan/stor_agent (the System-V style init script for the ASMA) into /usr/init.d/ and also modify it. The image below shows that in fact, the changes made to /usr/StorMan/StorAgnt.sh are the same as we already made them to /usr/StorMan/StorMan.sh above.

After we set JAVA_HOME to the correct path (which, in my case happens to be /usr/lib/jvm/java-6-sun) we can now ensure that the ASMA is started at system boot respectively stopped at system shutdown.

sa@wks:~$ su
Password:
wks:/usr/StorMan# cp stor_agent{,_orig}
wks:/usr/StorMan# chmod 755 stor_agent
wks:/usr/StorMan# mv stor_agent /etc/init.d/
wks:/usr/StorMan# ls -l | grep agent
-rw-r--r-- 1 root root     1667 2008-11-02 17:52 stor_agent_orig
wks:/usr/StorMan#

As can be seen, I created a copy of the System-V style init script for the ASMA (stor_agent) to work on, made it executable and moved it to /etc/init.d. Next I modified stor_agent to comply with Debian guidelines i.e. I for example adapted the runlevel settings. I also set the PATH variable plus I altered the overall code to be a bit more ... well... professional. The result can be seen below — once as images and once the screendumps for easy copy and paste ;-]

sa@wks:~$ cat /usr/StorMan/stor_agent_orig /etc/init.d/stor_agent
#!/bin/bash
#chkconfig: 35 99 99
# description: stor_agent
# MPD, 11/9/2003'
### BEGIN INIT INFO' # Provides: stor_agent
# Required-Start:   $local_fs $network
# X-UnitedLinux-Should-Start:
# Required-Stop:    $local_fs $network
# X-UnitedLinux-Should-Stop:'
# Default-Start:    3 5
# Default-Stop:     0 1 2 6
# Short-Description: Storage Management Agent
# Description:      Storage Management Agent
### END INIT INFO'

PATH=$PATH:/usr/StorMan/jre/bin
export PATH

start() {
  echo "starting Adaptec Storage Manager agent..."
  kill `ps axwww | grep java | grep StorMan | grep ManagementAgent | cut -b0-6` 1>/dev/null 2>&1
  sleep 2
  kill -9 `ps axwww | grep java | grep StorMan | grep ManagementAgent | cut -b0-6` 1>/dev/null 2>&1
  sh /usr/StorMan/StorAgnt.sh >/dev/null 2>&1 &
  sleep 1
  echo
}


stop() {
  echo "stopping Adaptec Storage Manager agent..."
  kill `ps axwww | grep java | grep StorMan | grep ManagementAgent | cut -b0-6` 1>/dev/null 2>&1
  sleep 2
  kill -9 `ps axwww | grep java | grep StorMan | grep ManagementAgent | cut -b0-6` 1>/dev/null 2>&1
  sleep 1
  echo
}

case "$1" in
  start)
      start
  ;;
  stop)
      stop
  ;;
  restart|reload)
      stop
      start
  ;;
  *)
      echo $"Usage: $0 {start|stop|restart}"
      exit 1
  esac
exit 0



#!/bin/sh -e
### BEGIN INIT INFO'
# Provides:                      stor_agent
# Required-Start:                $local_fs $network
# X-UnitedLinux-Should-Start:
# Required-Stop:                 $local_fs $network
# X-UnitedLinux-Should-Stop:'
# Default-Start:                 2 3 4 5
# Default-Stop:                  0 1 6
# Short-Description:             ASMA (Adaptec Storage Manager Agent)
# Description:                   System-V style init script for Adaptect ASMA in order to
#                                manage storage space build of several RAID controllers
### END INIT INFO'

JAVA_HOME=/usr/lib/jvm/java-6-sun
JAVA_BIN=$JAVA_HOME/jre/bin
PATH=$PATH:$JAVA_BIN
export PATH

start() {
  echo "starting ASMA (Adaptec Storage Manager Agent)..."
  pkill -u root -f /usr/StorMan/RaidMan.jar >/dev/null 2>&1 &
  sleep 1
  pkill -9 -u root -f /usr/StorMan/RaidMan.jar >/dev/null 2>&1 &
  sh /usr/StorMan/StorAgnt.sh >/dev/null 2>&1 &
  sleep 1
  renice -1 $(pgrep -u root -f /usr/StorMan/RaidMan.jar) >/dev/null 2>&1 &
  echo
}


stop() {
  echo "stopping ASMA (Adaptec Storage Manager Agent)..."
  pkill -u root -f /usr/StorMan/RaidMan.jar >/dev/null 2>&1 &
  sleep 1
  pkill -9 -u root -f /usr/StorMan/RaidMan.jar >/dev/null 2>&1 &
  echo
}

case "$1" in
  start)
      start
  ;;
  stop)
      stop
  ;;
  restart|reload)
      stop
      start
  ;;
  *)
      echo $"Usage: $0 {start|stop|restart|reload}"
      exit 1
  esac
exit 0
sa@wks:~$

Finally we have to make sure that all the default System-V style init script links are set for /etc/init.d/stor_agent. We do this by issuing the command update-rc.d stor_agent defaults which will make links to start the ASMA in runlevels 2, 3, 4, 5 and to stop the service in runlevels 0, 1, 6. By default all the links will have the sequence number 20 which is just fine for us.

Firmware

Adaptec constantly improves the firmware for its controllers, allowing us to update our controller's firmware. This can be done in two ways. The first one would be to use the AFU (Adaptec Flash Utility) which means we would fiddle around with some DOS command line. No thanks but thanks! The second way is to use the ASM (Adaptec Storage Manager) and therefore a fool-proof way to do it. All we have to do is to download the firmware for our controller do some trivial modification to it and then use the ASM to flash the controller's NVRAM (non-volatile Random Access Memory) with our new firmware.

 1  sa@wks:~$ cd /tmp/
 2  sa@wks:/tmp$ mkdir adaptec_31205_firmware
 3  sa@wks:/tmp$ cd adaptec_31205_firmware/
 4  sa@wks:/tmp/adaptec_31205_firmware$ ll
 5  total 0
 6  sa@wks:/tmp/adaptec_31205_firmware$ curl -O http://download.adaptec.com/raid/asr/fw_bios/31205_fw_b15753.exe
 7    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
 8                                   Dload  Upload   Total   Spent    Left  Speed
 9  100 1603k  100 1603k    0     0   184k      0  0:00:08  0:00:08 --:--:--  213k
10  sa@wks:/tmp/adaptec_31205_firmware$ ll
11  total 1.6M
12  -rw-r--r-- 1 sa sa 1.6M 2008-10-30 20:48 31205_fw_b15753.exe
13  sa@wks:/tmp/adaptec_31205_firmware$ mv 31205_fw_b15753.exe 31205_fw_b15753.zip
14  sa@wks:/tmp/adaptec_31205_firmware$ unzip 31205_fw_b15753.zip
15  Archive:  31205_fw_b15753.zip
16    inflating: A3120501.ufi
17    inflating: A3120502.ufi
18    inflating: A3120503.ufi
19    inflating: A3120504.ufi
20    inflating: acusas.exe
21    inflating: afu.exe
22    inflating: Relnotes.txt
23  sa@wks:/tmp/adaptec_31205_firmware$ ll
24  total 6.1M
25  -rw-r--r-- 1 sa sa 1.6M 2008-10-30 20:48 31205_fw_b15753.zip
26  -rw-r--r-- 1 sa sa 629K 2008-09-07 01:45 A3120501.ufi
27  -rw-r--r-- 1 sa sa 1.4M 2008-09-07 01:45 A3120502.ufi
28  -rw-r--r-- 1 sa sa 1.4M 2008-09-07 01:45 A3120503.ufi
29  -rw-r--r-- 1 sa sa 629K 2008-09-07 01:45 A3120504.ufi
30  -rw-r--r-- 1 sa sa 256K 2008-09-07 07:57 acusas.exe
31  -rw-r--r-- 1 sa sa 196K 2008-09-07 07:57 afu.exe
32  -rw-r--r-- 1 sa sa 3.8K 2008-10-01 18:13 Relnotes.txt
33  sa@wks:/tmp/adaptec_31205_firmware$

The tricky thing here is that as we see from line 6 for example, that Adaptec seems to only distribute the firmware as a .exe. Well, I got no Windows around to somehow extract the contained .ufi files which are the firmware. So what do we do?

No problem. All we need to know is this little trick from line 13 and 14 i.e. we rename the .exe into a .zip, unpack it and go to our ASM where we pick up the files in lines 26 to 29, wait for a few minutes while the ASM flashes the new firmware onto the controller and be done. Please note that it is important NOT to interrupt the firmware installation because that might render the controller unusable.

Below are three images which show, in chronological order, how to use the ASM to install the new firmware onto the Adaptec RAID HBA (Host Bus Adapter) card. If we compare the BIOS version number from the third image below (which was taken after flashing the new firmware onto the controller) with the one shown in lines 6 etc. we can see that it worked. Afterwards we can see that the current firmware images are kept in /usr/StorMan/images/<some_id> by the ASM itself as well.

BBU (Battery Backup Unit)

I also installed a BBU onto my 31205 so I can enable the write cache without being concerned of any potential data loos in the event of some power outage.

Drive Failure

This subsubsection shows how a drive fails which means the array gets degraded. After replacing the failed drive, the rebuild starts.

Degraded Array

Update, 2009-06-01, Degraded Array: Loooooooooooud beeeeeEEEEEEP coming from the RAID HBA... what just happened?... HDD vs. Reaper ... guess who was the last one standing... Let me show you how it looks like when a HDD goes over the cliff ;-]

And yes, meanwhile I exchanged the 31205 with the 51245 (the metadata is stored within the array so we can just switch the controller and it will recognize the existing array, import it and all operations continue as if nothing happened) and online migrated to RAID 5 without hot-spare (which is dangerous but then I had my temporary reasons).

Anyway, I just ordered new HDDs and will make it a RAID 6 plus hot-spare again once they arrive. Right now I am a bit nervous... if another HDD fails right now (array is in degraded state) it is happy-backup-time all over the place... totally, from scratch ;-]

Rebuild

Update, 2009-06-02, The Rebuild: The new HDDs arrived, I exchanged the failed one with a new one and the rebuild starts immediately as can be seen:

Of course, I did not even have to reboot while this whole drama happened, the OS did not even recognize it...

wks:/home/sa# date; uptime
Tue Jun  2 11:33:54 CEST 2009
 11:33:54 up 3 days,  4:47,  8 users,  load average: 0.10, 0.09, 0.06
wks:/home/sa#
Optimal Array State

Update, 2009-06-02, Optimal Array: The array rebuild just finished. It took around 100 minutes. Now I have a fully working RAID 5 array again as can be seen:

Next thing on my todo list is to add a few more HDDs, switch back to RAID 6 again and also add a dedicated hot-spare again. However, that task is not super-urgent anymore because the array is fine now i.e. not in degraded state anymore which means I will probably postpone the task of creating the RAID 6 and adding the hot-spare for 3 days or so. I am simply to busy right now...

Disposing the HDD

So what do I do with the failed HDD? The fact it failed does not mean it could not be a huge security breach followed by a public relations disaster — the HDD platters are still intact, it is only the read-and-write head that died. Intact platters means intact data which means with the right skills and equipment, the data could be retrieved.

The UK government for example is notorious for such security breaches like for example when they loose data (medical records, social security number, address, bank account numbers, etc.) of tens of thousands of it citizens every now and then. Modern-age IT criminals find that very good of course...


I could go on with crazy stories here that I got to know myself (99% of which the public never came to know and we were not allowed to tell because of our NDA contracts) but let me cut it short... I have never seen a governmental agency, medical complex, company or any other entity dealing with sensitive data that we could not penetrate or get data from while we where paid to run penetration tests against their whole setups. Most of the time it takes us less than a week to open them up like a can of beans... at which point we stop, for others, that is just the beginning ^^

Back to our current problem, disposing of the failed HDD. The only thing we can be sure nothing sensitive or secret leaks out or falls into wrong hands is if we are using block-layer encryption, which is what I do and thus I can dispose of the failed HDD without any concerns.

Growing the Storage

Once in a while we might want/need to grow the storage i.e. grow the array and all layers (e.g. partition, LVM, dm-crypt, etc.) on top of it. In case we have the 31205 (or any other series 3 or 5 controller) running, then growing the storage works like this:

  • Using the either ASM (Adaptec Storage Manager) or ARCCONF, we grow the RAID array by either adding HDDs, online migrating from one RAID level to another (e.g. RAID 6 to RAID 5), replace the existing HDDs with bigger ones, integrate a hot-spare into the array, etc.
  • Reboot
  • Use fdisk or a similar utility to grow the partition provided by the array e.g. sda2. We do so by deleting it and creating it anew with the same starting point in block size and the now elevated upper barrier also in block size (use u with fdisk to switch from cylinders to block units0, we check and finally safe the partition table — with fdisk this is pretty much only hitting u, p and RET to go with the automatically computed values that fdisk provides us with... piece of cake...
  • Reboot (actually this reboot is optional; sometimes fdisk and friends give us a warning (no error!) that syncing the partition table might not work properly)
  • In case we setup our system the Debian way, the next layer on top the partition is the dm-crypt/LUKS layer. However, if we move the partition table as we did during the former step, then there is no need to explicitly call cryptsetup resize <name_of_logical_block_device> again since growing the partition with fdisk also grows the dm-crypt container because the metadata for dm-crypt container is at the beginning of the underlying partition and we only elevate the upper boundary.
  • Next we grow LVM (Logical Volume Manager) layer by
    • growing the PV (Physical Volume) inside the dm-crypt container using pvresize /dev/dm-0 whereas /dev/dm-0 might differ from setup to setup (go here for a more verbose example)
    • grow LV (Logical Volume) e.g. vg0-root in /dev/vg0/root using lvresize -l +100%FREE vg0/root
  • Finally, the top layer, the filesystem — we grow the filesystem using xfs_growfs / in case we are using XFS for example — this step/syntax is pretty much the same for any filesystem that can be grown/shrunk.

Workstation / Notebook / Gadgets

This section is about computing equipment I use to get things done like for example write/manage this website/platform, do what I do, be what I am, have fun, experience excitement stay in contact with family/friends all over the globe, write a weblog, organize my life and finally to get filthy rich ;-]...

Money can't buy happiness, but neither can poverty.
      — Leo Rosten (1908 - )

I have ways of making money that you know nothing of.
                — John D. Rockefeller

Money isn't everything — but it's a long way ahead of what comes next.
                — Sir Edmond Stockdale

Most importantly, I use this gear to gain more and more skills, knowledge and competence which ultimately gives self-determination, liberty and autonomy.

Lack of money is no obstacle. Lack of an idea is an obstacle.
      — Ken Hakuta

Every great advance in natural knowledge has involved the absolute
rejection of authority.
      — Thomas H. Huxley (1825 - 1895)

All men by nature desire knowledge.
      — Aristotle (384 BC - 322 BC)

In particular it is about my workstation, subnotebook and some gadgets I use in order to create/modify multimedia contents, write software (a wonderful art), administer computers all over the globe, etc. This sections is NOT about gear provided by someone else i.e. I had notebooks/computers/gadgets provided by the companies I worked at/with but then those are mostly so-called business notebooks/desktops/gear which tend to suck out of the box — even more so if they come with Windows and all the other preinstalled crap... Only a few companies I worked at so far already figured that, letting people decide on their own, really makes happy and thus productive employees...

Workstation

I had a desktop replacement (fat notebook that is) which I used for the last 8 years. It died in summer 2008. At around the same time, some company had problems, contacted me and after around three hours of remote work via SSH (Secure Shell) they where happy which in turn made me happy... got this bundle in return.

Pre-Current-Workstation Live

Why do people own things they do not actually need? No idea, but now I am one of those nutters. Why? Well, because the last 8 years I had one notebook — some dirty-old piece of trash which I pretty much used 24/7, which I threw down a few times, dropped cake onto, cat slept on, cat used its claws on, cat jumped around at (muddy paws included), cat spit onto, I flooded with water/tea/wine/whiskey/coffee... the usual ...

What happened?

As I said, my old desktop replacement somehow made it into its 8th year before a few capacitors went off in smoke and darting flames plus the screen went from disco stroboscope light to moving-light-ball to black... not sure who triggered that, me or my tomcat — at this moment however, the notebook scared the shit out of me and my tomcat ... bitch-ass-notebook! It served me well but now it is gone. The replacement is a 30" screen, a desktop box (some crazy overclocked thingy) and two high-end products from Logitec which I got in return for some rescue mission...

Short Specs

  • Screeen: SyncMaster 305Tplus / 30" / 16:10 / 2560x1600 native screen resolution
  • Mouse: Logitec MX Revolution
  • Keyboard: diNovo Edge / US Layout
    • I recommend removing the bluez package so it does not block the bluetooth synchronization
  • Desktop:
    • Casing: Lian Li TYR PC-X2000
    • Cooling: Zalman Reserator 1 v2 (aside from the built-in fans with the casing)
    • Motherboard: ABIT IX38 QuadGT
    • RAM: 8 GB RAM (Random Access Memory) / 800 MHz / DDR-2
    • CPU: Intel Core2 Quad Yorkfield Q9550 4x3600 MHz (overclocked)
    • Graphics: nVidia GeForce GTX 280 PCI-Express x16 2.0 / 1024 MB DDR-3 / TV-out / dual-DVI
    • RAID: same RAID HBA (Host Bus Adapter) as I have in one of my servers.
      • Battery Module also known as BBU (Battery Backup Unit): 2248000-R
    • HDD:
      • 6x400 GB HDDs in RAID6 setup (actually 5 and 1 hot spare) / SATA2 / Seagate Enterprise Edition / 16 MB cache / 7200 rpm
    • PSU: LC-Power Arkangel / 850 watts peak performance (750 watts for continuous operations)
    • DVD/CD: LG H22LP20 LightScribe (I do not need that stuff but then the bundle come with it...)
  • OS: DebianGNU/Linux

Price: Around 5600 USD for the whole bundle if I had to pay which I did not. Actually, I helped some company with some serious problem they were facing and got this bundle in return. Not bad for ~3 hours of work ;-]

Knowledge is power.
      — Sir Francis Bacon (1561 - 1626)

Images, Screen{shots,dumps} etc.

WRITEME

Benchmarks respectively an Inside

This subsection shows some benchmarks and insides on my workstation.

Mainboard
wks:/home/sa# dmidecode --type baseboard
# dmidecode 2.9
SMBIOS 2.5 present.

Handle 0x0002, DMI type 2, 10 bytes
Base Board Information
        Manufacturer: http://www.abit.com.tw/
        Product Name: IX38 QuadGT (Intel X38-ICH9R)
        Version: 1.0
        Serial Number:

wks:/home/sa#
CPU

Intel Core2 Quad Yorkfield Q9550. Overclocked, as mentioned

wks:/home/sa# dmidecode --type 4
# dmidecode 2.9
SMBIOS 2.5 present.

Handle 0x0004, DMI type 4, 40 bytes
Processor Information
        Socket Designation: Socket 775
        Type: Central Processor
        Family: Other
        Manufacturer: Intel
        ID: 77 06 01 00 FF FB EB BF
        Version: Intel(R) Core(TM)2 Quad
        Voltage: 0.0 V
        External Clock: 423 MHz
        Max Speed: 4000 MHz
        Current Speed: 3596 MHz
        Status: Populated, Enabled
        Upgrade: ZIF Socket
        L1 Cache Handle: 0x000A
        L2 Cache Handle: 0x000B
        L3 Cache Handle: Not Provided
        Serial Number:
        Asset Tag:
        Part Number:
        Characteristics: None

wks:/home/sa#
Graphics
sa@wks:~$ glxgears -info
GL_RENDERER   = GeForce GTX 280/PCI/SSE2
GL_VERSION    = 2.1.2 NVIDIA 177.80
GL_VENDOR     = NVIDIA Corporation
GL_EXTENSIONS = GL_ARB_color_buffer_float [skipping a lot of stuff...]  GL_SGIX_depth_texture GL_SGIX_shadow GL_SUN_slice_accum
74887 frames in 5.0 seconds = 14977.397 FPS
66753 frames in 5.0 seconds = 13350.573 FPS
73297 frames in 5.0 seconds = 14645.445 FPS
74972 frames in 5.0 seconds = 14989.846 FPS
^C
sa@wks:~$
Disk Usage

The 10 biggest directories on my workstation are

sa@wks:~$ du -mS * | sort -nr | head
36726   mm/di/series/lost
32189   mm/di/series/house
24234   mm/di/series/battlestar_galactica
23675   mm/di/series/prison_break
22583   mm/di/series/the_l_word
22567   mm/di/series/veronica_mars
19910   mm/di/series/heroes
17872   mm/di/series/my_name_is_earl
12795   mm/di/series/dexter
12782   mm/di/series/weeds
sa@wks:~$

Using gnuplot to visualize it, that is

what it looks like. So now I know where to fire the rm -r gun should I ever run out of diskspace ;-]... Na, just kidding. Should I ever run out of storage space, then I am going to grow my storage as mentioned above i.e. either by replacing the 400 GB HDDs with bigger ones or adding more HDDs — currently I got still 6 more HDDs to go on the 31205 because as of now (November 2008) I have only 6 in place where there could be 12. However, no need to be worried as can be seen

sa@wks:~$ di -h
Filesystem         Mount               Size     Used    Avail %Used fs Type
/dev/mapper/vg0-ro /                 886.1G   398.5G   487.5G  45%  xfs
/dev/sda1          /boot             227.9M    36.4M   179.4M  21%  ext2
udev               /dev               10.0M    96.0k     9.9M   1%  tmpfs
tmpfs              /dev/shm            3.9G       0      3.9G   0%  tmpfs
tmpfs              /lib/init/rw        3.9G       0      3.9G   0%  tmpfs
sa@wks:~$

Subnotebook

WRITEME

Will happen during fall 2010, probably the Dell Adamo Onyx

Audio

This section is about my equipment with regards to audio i.e. equipment used to play and record audio.

IPod

I had an iPod but stopped using it. Actually I pretty much stopped using portable music players at all. That might change in the future. In those rare occasions where I desire to use portable music players, I now go with my Miniket Photo (see below).

Wireless Headset

I got myself the Sennheiser RS 140 which I use to listen to music, watch movies, news... actually, all sorts of audiocasts and videocasts. I do this either on my subnotebook and/or workstation depending on my mood, type of media and current situation — I also got an audio switch to switch among the headphone and the audio high fidelity set...

Headphones Specs:

  • Transducer Principle: Dynamic, closed
  • Frequency Response: 18-21000Hz
  • Weight without cable: 280g
  • Characteristic Spl: at 1 kHz 110 dB
  • Ear Coupling: Circumaural
  • Distortion: < 0.5%
  • Power Supply: 2.4 V – 3 V via 2 AAA size NiMH batteries (LR 03)
  • Operating Time: headphone batteries last for approximately 23 hours

Receiver:

  • Modulation: FM stereo
  • Carrier Frequency: 864 MHz
  • Operating Time: 23 hours

Transmitter:

  • Modulation: FM stereo
  • Carrier Frequency: 864 MHz or 927 MHz
  • Signal To Noise Ratio: > 68 dBA
  • Broadcast Distance: up to 150 m (RS 140 864 MHz)
  • Jack plug: 3,5mm / 6,3 mm stereo (864 MHz), cinch (927 MHz)

Images / Videos

This subsection is part of my photography page.

Boys and their Toys

This is about some of my toys (hardware I own) in order to... well, do what handicraft enthusiasts, folks curious about technology / science / nature need to do. Human senses are neat but not enough — I need to know more about my environment. For example, one might check if sound emissions in his office are healthy or not. This is fun! Scares the heck outta employers ;-]

Or you might be interested if the values reported by some hardware monitoring software (e.g. some server IPMI system) are correct. For example you might check HDDs (Hard Disk Drives) temperatures with an digital infrared thermometer and then compare the values to what some software reports to you — surprise surprise...

Digital Laser Rangefinder

WRITEME

Digital Infrared Thermometer

Sound Level Meter

Digital Multimeter

  • Multimeter

Clamp Meter

  • Clamp Meter

Charge Manager Station

Maintenance/Repair Tool Kit

19-inch self-made Rack@home

Just some photos for now...

WRITEME

1. Note, I am talking about solutions. It is okay for private affairs like the one-server environment to talk explicitly about hard and software i.e. acquire the hardware and software from different sources and care for one selves how it fits together. Maybe it also works for mid-sized businesses to work that way although it is already asking for nightmares. A solution on the other hand scales (take different parameters e.g. computing power, storage capacity, network I/O, etc. — can you scale them independent from each another with the one, two, four or eight etc. socket server solution from your current vendor?) and expertise is provided by the vendor in order to meet good TCO (Total Cost of Ownership), investment protection and other vital key-points when it comes to provide mission critical services to fuel the knowledge cycle of businesses, the military, NGOs (Non Governmental Organizations) etc.

2. I am pretty sure that a whole division of people from different areas gained their PhDs in the course of creating this mess — well done!

3. I have become pretty immune for the term solutions. It seems to be anything is a solution nowadays... whatever that means... As usual, I blame marketing and Hollywood.

4. Ideally, that should not be an issue anyway. Good teams work seamlessly together in order to archive common goals... However, in practice it is sometimes a real problem when business folks think they understand technical matters better than the tech staff does.

Creative Commons License
The content of this site is licensed under Creative Commons Attribution-Share Alike 3.0 License.