Installing ExpressVPN on Manjaro

The title of this post is deliberately misleading, but that’s for a good reason.  The likelihood is, you are an ExpressVPN subscriber (the worlds most popular VPN service provider and arguably the best) and have just switched from Linux Mint to Manjaro, only to find that Fedora and Debian based distributions are always well catered for, but Arch Linux based distributions like Manjaro, well not so much.

The title is misleading since the solution to this immediate brick wall you’ve come up against, is to not install ExpressVPN at all – but still use it.

Enter OpenVPN.  Installed already in Manjaro, and just waiting for you to perform a manual configuration.  (Cue the groans)

In fact it is no more taxing that installing the regular fedora or debian pre-compiled packages and then entering your subscription code obtained by logging onto ExpressVPN’s website using your email address and password set up when you originally subscribed.

On the page where you can download the packages for many different devices and operating systems (except Arch Linux), there is a Manual Config option too.  You can use this with OpenVPN.

Ensure OpenVPN is selected in the right-hand pane and expand your region at the bottom and choose from a list of ExpressVPN Servers for say, Europe and download the .ovpn file.

Now you can configure OpenVPN to use the ExpressVPN Server of your choice, with the following command…

You will be immediately prompted for your VPN Username and Password which you can copy and paste from the same ExpressVPN Manual Config page shown above.

You should see that a connection has been established.   Just be sure to leave the terminal window open (maybe move it to a different workspace to keep it out of harms way if you’re a habitual window-closer like I am).

To close the VPN connection, just CTRL-C it in the Terminal window.

That’s it.  But I’m always keen to give that little bit extra value, so I’ll continue, describing how you can also configure it using your Network Manager

Right-click on your network icon in the bottom right hand corner (or ‘systray’ as the Windows folks would call it) and you’ll see there is an option to Add a VPN connection.

Select Import a saved VPN configurationnot OpenVPN!

Select your preferred .ovpn file downloaded from ExpressVPN’s site.

Copy and Paste the username and password from the ExpressVPN page…

Next, click on the Advanced… button.

Under the General tab, make sure to following boxes are checked:

Use custom gateway port: 1195
Use LZO data compression
Use custom tunnel Maximum Transmission Unit (MTU): 1500
Use custom UDP fragment size: 1300
Restrict tunnel TCP Maximum Segment Size (MSS)
Randomize remote hosts

Under the Security tab…

Under TLS Authentication tab…

Click OK to finish.

You may need to reboot the computer at this point.

To connect to the ExpressVPN Server, simply select it from the Network icon on the bottom right-hand corner…

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail

DevOps in a Nutshell

 What is DevOps?

DevOps is the application of the Development life cycle to your Infrastructure Operations, Datacentre and Cloud computing environments beneath.

Yes, the Developers are coming over the hill and are taking the SysOps jobs! Everything will be managed a single grand unified way.  Sysadmins look out!  They’ll automate you out of existence with self-serve apps!

Now that servers run in VMWare and in Containers of isolated UNIX and Linux software stacks sharing a common underlying kernel, servers that were once hardware, are more often-than-not, now software entities or “microservices”.

As such, development processes can be applied to the management of their lifecycle, coining the term “Infrastructure As Code” and not just to the upper Application Layer in the OSI Model.

Processes

DevOps means doing better and proper processes.  The first thing to know is what processes exist and then to check if and how you implement them in your organisation/IT department.

  • Development Process
  • Requirements Engineering
  • Testing and QA
  • System Integration
  • Release Management
  • Change Management
  • Deployment
  • Configuration Management
  • Update Management
  • Incident Management
  • System Provisioning
  • Installation Automation
  • Security Policies
  • Monitoring
  • Learning and Training

Solutions per Process

Development Process:    Scrum, Kanban, IBM Rational Suite …
Testing:   QA Jenkins, Selenium, …
System Integration:   Mozilla Tinderbox, …
Release Management:   Redmine, Trac, SourceForge, Bugzilla…
Change Management:   idoit, itop, project-open
Deployment:   Fabric, Garnison, YADT, ..

Configuration Management:   Trebutchet, …
Update Management:   lpvs, debsecan
Incindent Management:   idoit, itop, …
Installation Automation:   puppet, chef, cfengine, ansible
Security Policies:   FIXME
Monitoring:   Nagios & Co, Munin, Cacti, NewRelic, Splunk, Netflow, …
Learning and Training:   any spreadsheet

Commercial Solutions

Documentation

  • Atlassian Confluence: Good for startups due to small user licensing, but beware the 30 and 100 user steps!

Ticketing

  • Atlassian Jira: Classical ticketing, same licensing advantages and disadvantages as Confluence
  • Jira Greenhopper Plugin: Scrum Board for Jira

Suites

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Linux Cheatsheets

The following post is for convenience where solutions and answers to your everyday IT challenges are not found in the many posts published on the site.

It serves as a single point of download for many useful cheat sheets freely published by other linux systems admins – not me.

The original authors are credited on each cheatsheet.

Redhat Linux 5 6 7

Regular Expressions

Centos

Linux Command Line

Bash

Bash and ZSH

Basic Systems Admin

Linux Cluster

Pocket Guide Linux Commands

Linux Network Commands

Things I Forget

Linux Systems Admin

Users and Groups

Vim Editor

Fstab and NFS

Puppet

Shell Scripting

Metasploit

Rsync

Yum

LVM Logical Volume Manager

Awk

Logrotate and Cron

Wget

Bash Script Colours

Docker

Git

SSH

Find

Aircrack

DevOps and SecOps

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Ping a list of hosts

The following shell script automates a ping test across a list of hosts.  The format of the expected host-list file is…

<hostname1> <ipaddress1>

<hostname2> <ipaddress2>

<hostname3> <ipaddress3>

…etc

You can easily tailor the script to suit your list if you only have  a list of hostnames or ip addresses.

The hosts that respond are logged to a file, ping_log.

Note that the script was written in Bash on a Red Hat Linux server, and the syntax may differ from a fully POSIX compliant script written in Ksh on HPUX, where variables are encapsulated in {} brackets and tests are double [[ ]] bracketed.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Protect your privacy with a VPN

Protecting your privacy doesn’t need to be as complicated as using all manner of CIA-beating tech to hide yourself and your computer from the evils that lurk on the interwebs these days, where literally nobody is to be trusted.  It’s fun setting all that stuff up, if that’s what you’re into, but for most of you, you just want a nice, easy solution that works and doesn’t affect your day-to-day online experience.

Frankly, everyone should be using a VPN, whether they realise it or not and whether they think they have anything to hide or not.

My personal favourite service (there are a few very good ones) is ExpressVPN.

Sign up for a small monthly fee and download the software for your given operating system – in my case Linux Mint (so I downloaded the Ubuntu 64bit .deb package).

The commands to install it, activate it using the code supplied when you subscribe, and connect to it are shown below….

Does it get any easier than that?  I don’t think so.

Once it’s installed and running, you should add it to your startup applications, so that it starts automatically when you log in for convenience.

Lastly and for completeness, you can add the extension for Firefox (not essential but why wouldn’t you?).

You can activate up to 3 devices with your subscription.  All major operating systems and phone operating systems are supported.

It just works.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Fix Windows 10 Slowness/Lag

Windows 10 Slowness seems to bug most users, with a constant degree of lag when flicking between tasks.  It can be stressful and disruptive to your reaching a productive, flow state.

Most modern mid-range laptops are more than capable of running multiple operating systems simultaneously, rocking Intel core i5 processors with vPro technology just like their floor standing, desk based or rack mounted workstation and server brethren so why then, is your laptop slow when all it has to do is run a single instance of Windows 10, – often on a SSD (Solid State Drive) that claims to be faster than it’s mechanical, spinning counterpart?

Many users have reverted to Windows 7 seeing as Windows 8 was such an abomination (Windows 10 is a long way from winning me over too, tbf) and are left wondering what the future holds for them from here on in, in terms of upgrade path and acceptable snappy performance.

Aside from the mammoth processors and supercharged block storage devices inside the modern affordable laptop, there is also the huge amount of RAM too.  Large RAM requirements have arisen out of the desire to run multiple applications simultaneously and flick between them, but also as a result of a widespread transition from 32-bit operating systems and applications to 64-bit – a move that in itself warrants double the amount of physical RAM in order to match the performance.

And just look at all that %Idle time?  HOW CAN IT BE SO SLOWWW?!!

Back in the 32-bit 1GB RAM days when RAM was expensive, page files were used to write pages of memory to disk, to free up precious, fast volatile RAM (You can still run many light weight distributions of Linux on that spec with very little to no slowness and minimal to no swapping to virtual memory too.  Same is true of 64 bit with 2GB RAM.)

The size of the pagefile defaulted to the amount of RAM.  This was due to the assumption that if the amount of pagefile needs to be any bigger than that, then you really do need more physical RAM as your system would have undoubtedly ground to a snails pace already.

And that is still the default.  The problem with that, is that in a laptop with a single partition, a single 8GB file used for regularly paging the chosen contents of 8GB physical memory out to it, puts a fair bit of strain on the IO subsystem – and it’s unnecessary strain.  With 8GB RAM, you’ll not need much if any page file at all, for most tasks.

So with that in mind, change your virtual memory settings from being “system managed”, so a fixed size pagefile set at the “Recommended” size.

In Control Panel, System…

These settings will need a reboot to take effect.  You should notice snappier performance as a result.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

vCenter Server Appliance installer fails on Linux

If you’ve downloaded the vCenter Server Appliance .iso file, unpacked it to a folder on your Linux workstation, then hit a problem during installation reading the .ovf file during deployment to your VMWare ESXi hypervisor

./vcsa-ui-installer/lin64/installer

The end of the installation log will read something like this

There were a couple additional steps I had to do in order to get it to run from my filesystem, rather than from a mounted .iso.

firstly, chmod -R 777 the whole lot, e.g. if you’ve unpacked the iso into a folder called /vCentre-deployment then chmod -R 777 /vCentre -deployment

You will likely have to chmod +x the  ./vcsa-ui-installer/lin64/installer file too.  I didn’t need to run it using sudo since the installation is to a remote ESXi host on the network, not the local machine.

Upon re-running the installer, you should progress past the point where the installer throws the error shown above and see the following screen.

Note that even for a “tiny” deployment, 10GB of RAM is required on the ESXi host.  A frankly obscene minimum requirement and hence where this blog post subsequently ends.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Separate IP Address Octets in Excel

If you find yourself with a spreadsheet containing hundreds of servers, and there’s an IP Address Column, you may want to create 4 additional columns, each containing each of the four octets of the IP Address.

This may be useful for grouping large numbers of hosts in a spreadsheet by subnet.

And this may be useful in grouping together servers in legacy infrastructure by application where that information doesn’t exist, since deployments of solutions across multiple servers are often grouped together in a range of IP addresses allocated to the projects by the Network admin.

These formulae are used to separate out each of the four octets.

A2:=LEFT(A1,FIND(".",A1)-1)
A3:=MID(A1,FIND(".",A1)+1,FIND(".",A1,FIND(".",A1)+1)-FIND(".",A1)-1)
A4:=MID(A1,FIND(".",A1,FIND(".",A1)+1)+1,FIND(".",A1,FIND(".",A1,FIND(".",A1)+1)+1)-(FIND(".",A1,FIND(".",A1)+1)+1))
A5:=MID(A1,FIND(".",A1,FIND(".",A1,FIND(".",A1)+1)+1)+1,LEN(A1)-FIND(".",A1,FIND(".",A1,FIND(".",A1)+1)+1))
Facebooktwittergoogle_plusredditpinterestlinkedinmail

PS4 Won’t log in to PSN

A major annoyance with the Sony Playstation 4 is that intermittently the PS4 won’t log in to PSN.  And unless it successfully logs into the PlayStation Network, pretty much all your apps are useless.    It’s really annoying that the PSN needlessly gets in the way of my ability to watch a programme on All4 or BBC iPlayer etc that have no dependency on the PSN whatsoever.

This is extremely frustrating when you know its connected to the internet and iPlayer or All4 service is operating normally, but you can’t do what you want to do, because you have a stupid (No)Play Station.  GRRRR!!!  It’s so Sony to do this too.  Not a fan.

If it wasn’t for my Gran Turismo addiction, I’d bin it.

So.  To improve matters, you need to set up your network connection again, only this time do it a little differently, specifying the DNS and MTU settings manually.

Primary DNS: 8.8.8.8

Secondary DNS: 8.8.4.4

MTU: 1473

Settings, Network, Set Up Internet Connection

Choose Wi-Fi or Cabled connection

Choose Custom

Automatic should be fine but I find it connects to the internet faster using a static IP Address.   If you do specify an address make sure it an address outside the scope on the DHCP server to prevent a potential IP address conflict on the network.  You may need to log onto the router and reduce the default DHCP scope accordingly, or set a reservation for the PS4.  Make sure your subnet mask is 255.255.255.0 unless you know better and your gateway likely looks like 192.168.x.1 where x is either 0 or 1.

Manually set the DNS addresses to those of the Google DNS Servers

Leave DHCP settings alone unless you want to receive an IP address from a DHCP server on your LAN other than the one on your wifi & router supplied by your ISP.

Set the MTU manually.  This pertains to the message transfer unit size on the network.  The default is 1500, but 1473 works better.

That’s it for the networking config.

Make sure it’s set to connect to the Internet

Something else you can check is in Settings, Users, Login Settings for your User, make sure the check box “Automatically log in to PS4 automatically” is checked.

Reset PSN Account Password

The thing that ultimately made the difference for me, was in Settings, Account Settings, Re-enter your PSN Password.  I don’t know what happens “behind the scenes” when you do this, but boom!  it logged straight into the PlayStation Network no problem and my apps all work perfectly.

Facebooktwittergoogle_plusredditpinterestlinkedinmail