Mark Hinkle : OSCON 2014 – Crash Course in Open Source Cloud Computing

July 20, 2014 11:16 PM

I’ll be presenting an updated version of my Crash Course on Open Source Cloud Computing presentation at OSCON 2014. I have some new material on Docker and SDN along with the latest updates on cloud software. Here’s the official excerpt:

The open source mantra is to release early and release often. That means software velocity can be difficult to keep up with. This discussion will expand on the latest open source software used to deliver and manage cloud computing infrastructure. Topics covered include virtualization (KVM, Xen Project, LXC), orchestration (OpenStack, CloudStack, Eucalyptus), and other complimentary technology.

Here’s the link to the slides on Slideshare.

Technorati Tags: , , , , ,

Scott Schulz : Tweet: Time for some more @scottsigler – Starting INFECTE…

July 20, 2014 06:28 PM

Time for some more @scottsigler – Starting INFECTED, bring it

Scott Schulz : Tweet: Pretty impressed that when I type TWC into iPhone…

July 20, 2014 12:35 AM

Pretty impressed that when I type TWC into iPhone it autocorrects to “Tax” – Couldn’t have said it better myself #TimeWarnerCable

Scott Schulz : Tweet: Really? ‘docker build’ fails if there are IPv6 nam…

July 16, 2014 11:37 PM

Really? ‘docker build’ fails if there are IPv6 nameservers in resolv.conf? What the heck…

Scott Schulz : Tweet: First annoyance with @overcastfm is the lack of la…

July 16, 2014 07:43 PM

First annoyance with @OvercastFM is the lack of last update time on the main screen when searching for podcasts by term.

David Cafaro : Hardware Hacking: Solar Panels and Battery Chargers

July 15, 2014 02:29 AM

I wanted to find a way to easily charge a couple of AA and AAA batteries from a solar panel for camping, hiking, and geo-caching.  Thought it would be nice to charge via the sun vs carrying around extra batteries charged up from the grid.  Turns out it wasn’t as easy as I had hoped, and yes, the solution involves pulling out the soldering iron, see below.

Finding a solar cell was actually pretty easy, doing some looking around I found this Anker 14W Portable Panel on Amazon:

Anker 14W Solar Panel

Cheap at about $70 and a full 14W with two USB ports.  All I needed to do was find a USB powered AA/AAA charger.

Yeah, sure, no problem…

So, after a LOT of searching turns out about the only good one I could find was the Guide 10 Plus charger by Goal Zero:

Goal Zero Guid 10 Plus Charger

One big draw back, it’s designed to work “best” with their own 7W solar panel, which costs more than the Anker for half the wattage.  They say that it will charge in 3-6 hours using their special connector to their solar panel, or 6-10 hours from a USB port.  It seems they put in a charging limiter on the USB in port (likely lower allowable current) vs the special solar port.

So what to do?  Build my own special solar cable that will allow USB to charge to the solar port on the battery charger instead of the USB port on the battery charger.  Two things to worry about, simulating the proper voltage and current on the solar port and having the right size adapter.  Taking some measurements I found that the solar port seemed to be a pretty standard 2.5mm x 0.7mm dc jack (High Speed USB 2.0 to DC 2.5mm Power Cable for Mp3 Mp4).  To handle the power issues I noticed that the box and literature stated that the solar port input specs were 6.5V at up to 1.1 to 1.3A (depending on which document of Goal Zero you read).  Standard USB is 5V at 2A (standard 2.0), so just needed to convert this to the required solar port specs.  To accomplish this I did some searching and found this:

Pololu Adjustable Boost Regulator - Converter

This boost regular can take in the 5V 2A from USB and using a small screwdriver I was able to adjust the trimmer potentiometer to a measured 6.5V ~1.1A output.  My cable looked like this after my soldering work:

Back of Converter Soldering Converter and USB Plug Front of Converter Soldering

With a little bit of electrical tape to cover up the sensitive parts I had this:

Finished Custom Cable

At this point there was only one thing left, to cross my fingers hook it up and give it a shot (oh and I did run this by an Electrical Engineering friend of mine first to make sure my plans were sound given how long it’s been since my college electrical engineering classes.  He approved and gave me an A- on the soldering job).

And it worked! Not only did it work, with the 14W panel and the regulated 5v 2A from that, I got faster more consistent charging times than the Goal Zero setup.  I know this because, shortly after buying the 14W panel and all my parts to build my own charger an incredible deal came up to buy the Goal Zero 41022 Guide 10 Plus Solar Recharging Kit
which included the 7W panel and another USB/Panel AA/AAA battery charger, plus mine came with the portable Rock Out speakers.  It was a VERY good deal or I wouldn’t have done it.  But it made for some great testing and comparison.

So happy and successful hardware hack!  And now I have two very effective portal solar powered battery charging systems.  The Anker based one for heavy lifting and fast strong charging of USB devices and batteries.  The Goal Zero for flexibility (USB, 12Volt, and Solar Port) and lightness (but slow charger).

The final Results:

Anker Solar Panel, Custom USB Cable, Goal Zero Guide 10 Charger

Warren Myers : apps on the network

July 14, 2014 12:30 PM

{This started as a Disqus reply to Eric’s post. Then I realized blog comments shouldn’t be longer than the original post :) }

The app-on-network concept is fascinating: and one I think I’ve thought about previously, too.

Hypothetically, all “social networks” should have the same connections: yet there’s dozens upon dozens (I use at least 4 – probably more, but I don’t realize it). And some folks push the same content to all of them, while others (including, generally, myself) try to target our shares and such to specific locations (perhaps driving some items to multiple places with tools like IFTTT).

Google’s mistake with Google+ was thinking they needed to “beat” Facebook: that’s not going to happen. As Paul Graham notes:

“If you want to take on a problem as big as the ones I’ve discussed, don’t make a direct frontal attack on it. Don’t say, for example, that you’re going to replace email. If you do that you raise too many expectations…Maybe it’s a bad idea to have really big ambitions initially, because the bigger your ambition, the longer it’s going to take, and the further you project into the future, the more likely you’ll get it wrong…the way to use these big ideas is not to try to identify a precise point in the future and then ask yourself how to get from here to there, like the popular image of a visionary.”

That’s where folks who get called things like The Idea Guy™ go awry: instead of asking questions, you try to come up with ideas – like these 999. And if you can’t/don’t, you think you’ve failed.

Social networks should be places where our actual social interactions can be modeled effectively. Yet they turn into popularity contests. And bitch fests. And rant centers. Since they tend towards the asymmetric end of communication, they become fire-and-forget locales, or places where we feel the incessant need to be right. All the time. (Add services like Klout and Kred, and it gets even worse.)

I would love to see a universal, portable, open network like the one Eric describes. All the applications we think run on social networks (like Farmville) don’t. They run on top of another app which runs on “the network”.

Layers on layers leads to the age-old problem of too many standards, and crazy amounts of abstraction. Peeling-back the layers of the apps atop the network could instead give us the chance to have a singular network where types of connections could be tagged (work, fun, school, family, etc, etc – the aspect of G+ that everyone likes most: “circles”). Then the app takes you to the right subset of your network.

Of course – this all leads to a massive problem: security.

If there is only One True Social Network, we all end up entrusting everything we put there to be “safe”. And while some of still follow the old internet mantra, “if you wouldn’t put it on a billboard, don’t put it on a website,” the vast majority of people – seemingly especially those raised coincident to technology’s ubiquitization – think that if they put it somewhere “safe” (like Facebook), that it should be “private”.

After all, the One True Social Network would also be a social engineer’s or identity thief’s Holy Grail - the subversive access to all  of someone’s personal information would be their nirvana.

And that, I think, is the crux of the matter: regardless of what network (or, to use Eric’s terminology, what app-atop-the-network) we use, privacy, safety, and security are all forefront problems.

Solve THAT, and you solve everything.

Or maybe you just decide privacy/security doesn’t matter, and make it all public.

Scott Schulz : Tweet: <— look at that idiot. He decides to mow th…

July 13, 2014 02:41 PM

<— look at that idiot. He decides to mow the lawn not realizing the humidity is 83%!!

Warren Myers : stir up waters to catch fish – law 39 – #48laws by robert greene

July 13, 2014 12:18 PM

Law 39

Anger and emotion are strategically counterproductive. You must always stay calm and objective. But if you can make your enemies angry while staying calm yourself, you gain a decided advantage. Put your enemies off-balance. Find the chink in their vanity through which you can rattle them and you hold the strings. –Robert Greene, The 48 Laws of Power (review)

Proverbs 14:29

He who is slow to anger has great understanding,
But he who is quick-tempered exalts folly.

Proverbs 16:32

He who is slow to anger is better than the mighty,
And he who rules his spirit, than he who captures a city.

Mark Turner : Solar has won. Even if coal were free to burn, power stations couldn’t compete | Giles Parkinson | Comment is free |

July 09, 2014 10:54 AM


Last week, for the first time in memory, the wholesale price of electricity in Queensland fell into negative territory – in the middle of the day.For several days the price, normally around $40-$50 a megawatt hour, hovered in and around zero. Prices were deflated throughout the week, largely because of the influence of one of the newest, biggest power stations in the state – rooftop solar.

“Negative pricing” moves, as they are known, are not uncommon. But they are only supposed to happen at night, when most of the population is mostly asleep, demand is down, and operators of coal fired generators are reluctant to switch off. So they pay others to pick up their output.

That’s not supposed to happen at lunchtime. Daytime prices are supposed to reflect higher demand, when people are awake, office building are in use, factories are in production. That’s when fossil fuel generators would normally be making most of their money.

via Solar has won. Even if coal were free to burn, power stations couldn't compete | Giles Parkinson | Comment is free |

Mark Turner : Segway Inventor Dean Kamen Thinks His New Stirling Engine Will Get You Off The Grid For Under $10K

July 09, 2014 10:53 AM

For the new issue of Forbes Magazine I wrote an article about David Crane, the visionary CEO of NRG Energy. When I met Crane for lunch a couple weeks ago, no sooner had we sat down than he began singing the praises of this new contraption he had in his basement. The machine — which can generate 10 kilowatts of continuous power, fed by Crane’s natural gas line — is a new iteration of an old creation, the Stirling engine. This version, called the Beacon 10, was created after a decade of engineering by famed inventor Dean Kamen.

With the Beacon 10, says Kamen, “you don’t have to feel guilty heating up the pool.” That’s because of the highly efficient nature of the Stirling engine. First conceived in 1816 by Scottish minister Robert Stirling, the device in its simplest form consists of applying an external heat source to a closed cylinder where the cyclical expansion and compression of air inside the cylinder drives the pistons up and down. Unlike your car, where fuel is combusted inside the engine, the Stirling is an external combustion engine; it can work with any external heat source.

via Segway Inventor Dean Kamen Thinks His New Stirling Engine Will Get You Off The Grid For Under $10K.

Magnus Hedemark : John Willis at Triangle DevOps, Hosted by Bronto

July 08, 2014 05:39 PM

Magnus Hedemark:

My latest contribution to the Bronto Engineering Blog is about a talk that John Willis delivered to Triangle DevOps on Software Defined Networking.

Originally posted on Engineering @ Bronto:

Here at Bronto, we’re very proud to support the local community in many ways. One of the facets of that spirit of community support is in hosting a number of meetup groups. One of the meetup groups that we’ve been hosting for over a year now is Triangle DevOps. We love this group so much that two members of our engineering team, Doug Hairfield and myself, actively help to keep the group running smoothly along with Mark Mzyk of Chef, Mark Imbriaco of Digital Ocean, and Nathan Walls of WebAssign. We often host the group’s meetings in our Thunderdome, which has a maximum capacity of 200 people.

Back in May, before this Engineering Blog was live, we were very proud to host John Willis who is the VP of Customer Enablement at Stateless Networks. John is an early adopter of DevOps, and has…

View original 461 more words

Jesse Morgan : muahahah

July 07, 2014 10:02 PM

Lets see if this cuts down on the random spam.

Mark Turner : 10 Words Every Girl Should Learn | Soraya Chemaly

July 06, 2014 01:37 AM

A friend posted this article on Facebook, generally agreeing with it. I, on the other hand, could only smirk at its premise that goes along the lines of “when women get interrupted by men it’s men being sexist.”

Baloney. The author says “ask any woman” if they’ve ever been interrupted. Well, no shit, they probably have. Men get interrupted all the damn time, too. Did she question if this was sexist?

It always irks me when someone wails about being oppressed: “they took my power away” and the like. No one can take you power away unless you let them. The key is to claim your power.

I think the author has a self-confidence issue that get overlaid onto a gender gap issue. If someone is interrupting her then perhaps she needs to learn to be more assertive instead of blaming someone else. Or she could simply be drawn to dumbshit men who like interrupting people, in which case she should ask herself why she likes to hang out with them. Either way, whining will get her nowhere.

And, oh, I say this as a father raising a fiercely self-confident daughter in complete control of her destiny who could kick anyone’s ass at anything she chooses.

I routinely find myself in mixed-gender environments life where men interrupt me. Now that I’ve decided to try and keep track, just out of curiosity, it’s quite amazing how often it happens. It’s particularly pronounced when other men are around.This irksome reality goes along with another — men who make no eye contact. For example, a waiter who only directs information and questions to men at a table, or the man last week who simply pretended I wasn’t part of a circle of five people I was the only woman. We’d never met before and barely exchanged 10 words, so it couldn’t have been my not-so-shrinking-violet opinions.

These two ways of establishing dominance in conversation, frequently based on gender, go hand-in-hand with this last one: A woman, speaking clearly and out loud, can say something that no one appears to hear, only to have a man repeat it minutes, maybe seconds later, to accolades and group discussion.

via 10 Words Every Girl Should Learn | Soraya Chemaly.

Scott Schulz : Tweet: Sad that when you filter out the ads & trackin…

July 04, 2014 10:13 PM

Sad that when you filter out the ads & tracking pieces of the @Target website, links and search no longer work. Okay, @amazon it is.

Scott Schulz : Tweet: July 4th cook out, or at least my part. #july4th -…

July 04, 2014 09:53 PM

July 4th cook out, or at least my part.


Scott Schulz : Tweet: Woohoo! Now that USMNT is out and I put lederhose…

July 04, 2014 05:56 PM

Woohoo! Now that USMNT is out and I put lederhosen back on, way to go #GER !! 1-0 vs France

Scott Schulz : Tweet: NC-JH-23 received 1.35 inches of rainfall, but it…

July 04, 2014 11:34 AM

NC-JH-23 received 1.35 inches of rainfall, but it sounds like OBX got hammered with water from Arthur #ncwx

Mark Turner : Feds raid CIA-connected air charter in Fort Lauderdale | MadCow Morning News

July 04, 2014 01:58 AM

I spent a little time learning from the Internet how to track planes, just ’cause I’m one of those meddling kids. I turned up an interesting report on a Miami-based drug investigation last year which has some ties (albeit tenuous) to a CIA “rogue operation.” The affidavit provided by the DEA agent in charge of the investigation reads like a “Breaking Bad” script.

Don’t know if I subscribe to every conclusion on the site but it makes for interesting reading.

They combed through the trash. They searched dozens of planes. And while TV cameras from all the Miami TV network affiliates looked on, they loaded box after box filled with aviation records into government SUV’s parked in plain sight on the tarmac in front of the office.

But today— more than two weeks after more than 100 Federal agents from the FBI, the Drug Enforcement Administration and Homeland Security descended on the headquarters of the infamous and notorious World Jet Inc. at the Fort Lauderdale Executive Airport—if you want to know why they were there or what they were looking for, you’re two weeks too late.

That’s because the detailed 35-page affidavit supporting the request for a search warrant of Don and Bill Whittington’s air charter company filed at the United States District Court in Grand Junction Colorado has been sealed.

But not, thankfully, before it was discovered and leaked onto the Internet in an exclusive story by reporter Joe Hamel from The Durango Herald in Durango Colorado.

via Feds raid CIA-connected air charter in Fort Lauderdale | MadCow Morning News.

Mark Turner : CIA rendition jet was waiting in Europe to SNATCH SNOWDEN • The Register

July 04, 2014 01:55 AM

When this story broke last month that the Feds had dispatched an extradition plane to fetch Edward Snowden, I followed it with interest. I have just begun tinkering with plane tracking through their ADS-B transponders.

There are plenty of aircraft who would prefer not to broadcast their position. These include, among others, the rendition/extradition planes used by our government. Rather than use the position-broadcasting ADS-B transmitters, these aircraft use Mode-S transponders which don’t include position.

Usually these planes can only be tracked by radar, however some enterprising folks have figured out the technology needed to triangulate these planes positions, using multiple ground-based receivers. Called multilateration, hobbyists using tools like PlanePlotter can combine their receiver data to plot the position of a mystery plane. This technique has been used by activists to “out” the black ops aircraft which would normally fly below the radar (well, technically above the radar above 45,000 feet). The same technique was used to get the approximate position of Malaysian Airlines Flight 370.

You can read how PlanePlotter uses multilateration here. I find it fascinating and would like figure out how to participate.

On the evening of 24 June 2013, as Snowden arrived in Moscow from Hong Kong intending to fly on to Cuba, an unmarked Gulfstream V business jet – tail number N977GA – took off from a quiet commercial airport 30 miles from Washington DC. Manassas Regional Airport discreetly offers its clients "the personal accommodations and amenities you can’t find at commercial airports"

.Early next morning, N977GA was detected heading east over Scotland at the unusually high altitude of 45,000 feet. It had not filed a flight plan, and was flying above the level at which air traffic control reporting is mandatory."The plane showed up on our system at 5:20 on 25 June," according to our source, a member of an internet aircraft-tracking network run by enthusiasts in the UK. "We knew the reputation of this aircraft and what it had done in the past."


via CIA rendition jet was waiting in Europe to SNATCH SNOWDEN • The Register.

Scott Schulz : Tweet: Here come That Dude Albert #ncwx…

July 03, 2014 05:59 PM

Here come That Dude Albert #ncwx


Scott Schulz : Tweet: Now these are bad to the bone!! #k9 #tombaker #Do…

July 02, 2014 06:35 PM

Now these are bad to the bone!! #k9 #tombaker #DoctorWho


Jesse Morgan : The Case of the Truncated Syslog Program Field

July 02, 2014 05:31 PM

The Problem

Data was going in to my logging server and getting mangled somewhere along the line. To complicate matters,  only the windows hosts were affected, and even then it was sporadic. The truncated data was in the middle of the string, which left me to believe logstash was trying (and failing) to parse it.

To fully grasp my setup, perhaps a diagram is in order:


My wonderful pocket logserver

The flow went something like this:

NXLog -> Rsyslog -> Logstash -> Redis -> Logstash -> Elasticsearch -> Kibana

When manifested, this was spit out of rsyslog into a temp logfile:

Jul 2 10:40:25 Microsoft-Windows-TerminalServices-RemoteConnectionManager[2272]: Remote Desktop Services: User authentication succeeded: User: jesse.morgan Domain: derp Source Network Address:

And this is what ended up in rediss (note the missing bold):

Jul 2 10:40:25 Microsoft-Windows-TerminalServic Remote Desktop Services: User authentication succeeded: User: jesse.morgan Domain: derp Source Network Address:

For some reason, the middle of the line was missing!

The Culprit

With the help up my trusty sounding board Will, “Logstash guru” thegreenrobot, and nxlog dev b0ti, I was able to figure out the root cause- the problem wasn’t with Logstash at all, it was broken when rsyslog handed it to logstash. Complicating matters was when rsyslog was munging it- when it wrote the entries to a temp file, they were fine, but when it passed them to logstash, it truncated them on the way out the door.


Why? Because they’re invalid in the first place!


NXLog (the logging forwarder on windows) was collecting eventlog data and shipping it out with the full program names despite it being too long. That’s right- Section 4.1.3 of RTF3164 states:

This has traditionally been a freeform message that
gives some detailed information of the event.  The TAG is a string of
ABNF alphanumeric characters that MUST NOT exceed 32 characters.

While you could (and I still do) consider this a bug in nxlog, b0ti pointed out that fixing this bug could potentially break many stable implementations to fix an edge case. While I don’t fault B0ti for not fixing it, I still needed to work around it.

The Fix

We need to shrink down that program name to 32 characters or less before it leaves nxlog… but there’s a catch.

It’s not *just* the program name, but the PID as well that gets truncated. So we have to adjust accordingly. The msdn documentation says the PID is a DWORD, which turns out to be an unsigned 32-bit integer, which can potentially be 10 characters.  Add on another two for brackets and one for a colon and you’re already losing potentially 13 characters of the 32 characters allowed.

To help stretch our remaining 19 characters, lets see what we can axe. Most of the Microsoft processes either begin with “Microsoft_” or “Microsoft-Windows-”, which we honestly don’t need on the program name.  By removing those, we get down to the nitty gritty of the actual program name.

Since it may STILL be too long (I’m looking at you Microsoft-Windows-TerminalServices-RemoteConnectionManager[2272]:), we need to strip those off the front, THEN take the 19 character substring of what remains. The result is an eventlog input in nxlog that looks something like this:


<Input eventlog>
 Module im_msvistalog
 Exec if ($Channel == 'Security') drop(); \
 if ($SourceName =~ /^Microsoft[-_]/) $SourceName = substr($SourceName, 10);\
 if ($SourceName =~ /^Windows[-_]/) $SourceName = substr($SourceName, 8);\
 $SourceName = substr($SourceName,0, 19);


And with that, rsyslog no longer truncates, logstash can parse the string, and all is right with the world (as far as I can tell.) A big thanks to everyone who’s helped me troubleshoot this issue.



If you found this useful, please let me know in the comments.




Eric Christensen : Wanted: A small crew for working on security bugs in Fedora

July 02, 2014 03:07 PM

Do you hate security vulnerabilities?

Do you want to help make Fedora more secure?

Do you have a little extra time in your week to do a little work (no coding required)?

If you answered yes to the questions above I want you for a beta test of an idea I have to help make Fedora more secure.  I’m looking for just a few people (maybe five) to sort through security bugs and work with upstream and packagers to get patches or new releases into Fedora and help make everyone’s computing experience a little safer.  If you’re interested please contact me ( 0x024BB3D1) and let me know you’re interested.

Mark Turner : Downtown summit? First things first

July 02, 2014 01:21 PM

The News and Observer wrote an editorial about the need for a downtown summit. I’ve been pondering it for a while and have a few comments.

Revitalization has been a success, to be sure. But with that success comes challenges the city now must address. Yes, the City Council is doing so in working on a “downtown plan,” but a broader effort is needed, because the boom has brought up some issues.

Therefore, council members can lead the way in calling for a downtown summit of sorts, bringing in not just the dedicated advocates from places like the Downtown Raleigh Alliance, but residents from North, South, East and West Raleigh, people who perhaps, even now, don’t come downtown all that much. Even with all the hoopla, it’s still not uncommon to meet North Raleighites who have never been downtown, period.

Actually, some people will never visit downtown and it doesn’t matter what you try to do to change this. There are suburbanites who don’t “get” downtown and likely won’t ever. And you know what? That’s okay. Raleigh is a big city now and offers something for everyone – for downtown fans and others. You can get by just fine if you never go downtown.

The challenges include: an increasing problem with what to do about trash pickups in the downtown area to ease the frequent sight, particularly on weekends, of big blue barrels on sidewalks or on the street. Perhaps it’s a matter of pickup times, or zoning rules to force new property owners to provide space to store trash. This much is certain: With more people actually living downtown, the city can’t be sending trucks out in the wee hours anymore.

This is the most perplexing issue the N&O raises. What to do about the unsightly blue barrels? You mean, like … I don’t know … maybe pick them up before anyone sees them??? Well, that would require trash trucks to roll before anyone is awake, meaning the wee hours. Or build a giant recycling pipeline and bury it under city streets. Or, we could simply suspend our recycling program around downtown and buy up the rest of Wake County property for new landfills. Barring any of that, though, a truck will have to pick up the recycling and that means it likely will be doing this in the morning.

People who move downtown expect an urban experience. They don’t expect solitude. Heck, my Indian coworkers are so accustomed to living in cities with noise that they are actually uncomfortable if its too quiet. So if trash trucks are out on the streets in the early morning, that’s part of the experience.

And it’s not like the trash trucks that serve my suburban neighborhood are any quieter. The difference is that I have better windows than many of the older buildings found in downtown. Yet there’s nothing keeping the builders of these new downtown condos and apartments from installing good, quality windows in their projects. Unless they’re cheapskates.

And what about parking? There are decks, and on-street parking, and city officials note it’s still possible to park for free on the evenings. But policies seem inconsistent, and the perception on the part of many people who don’t come downtown often is that it’s inconvenient and expensive. The city can change that.

There is plenty of parking downtown, and there always has been. There are parking decks galore. I have never had trouble finding a place to park. The only question is how much are you willing to pay.

I totally agree, though, that policies are inconsistent. Signs on city decks clearly say that parking is free on weekends and evenings, yet these decks are often charging $7 to park during these times. This drives me nuts, so much so that I will soon be scrutinizing the parking contract the city signed with McLauren Parking. If the city wants to charge for special events, it should explicitly tell the public when these fees are in effect – the $7 sign at the parking deck entrances should not be their first inkling. And the parking deck signs need to change to remove the “free on weekends” wording if the city doesn’t intend to honor it. More often than not, it seems when I want to spend an evening downtown I am faced with an unexpected charge for parking when I thought it would be free.

As for road races, I’m all for them. I’m writing a lengthy blog post which explains why. The tl;dr is that we’re a city on its way to 1,000,000 citizens. We are big enough to handle big events, and should be honored that we are attracting them. But more on that later.

Overall, though, the N&O editorial is pointing in the wrong direction. Downtown growth is fine, and it will be fine, because the city has plenty of stakeholders who care about it and because the city has solid development plans to guide its growth. Downtown will be fine.

On the other hand, the newspaper should be asking why the city spent millions of dollars and untold hours of staff and citizen time developing a Unified Development Ordinance that makes development predictable for everyone involved, yet some city councilmembers happily kick it to the curb when the first big development get proposed on Hillsborough Street. The paper might also question why its own stories seem to encourage this kind of behavior.

Our success is no accident – it comes not only from years of planning but from sticking with the plans! The News and Observer should be holding our elected leaders accountable for sticking with these plans and refrain from its recent “any development, anywhere” approach to reporting. Until then I’ll take the N&O’s development advice with a large grain of salt.

via Raleigh’s downtown needs a summit on its future | Editorials |

Magnus Hedemark : Homelab Update

July 01, 2014 06:31 PM

I’ve not been a generous blogger, and for that I apologize.

The homelab is still a work in progress. The Dell cabinet is in place, I’ve got all of one server for it (for now) which is racked up and running. There’s another server being built out now for it, which I’ll also break down for you.

The first server that is up and running is an HP Proliant DL160 G6. It’s got two Intel Xeon X5650 hex core processors running at 2.67GHz, 72GB of RAM, and a couple of small boot disks that came with it (which I’ve mirrored). I’ve also installed four 1TB SAS disks in a RAID 10 array for /var/lib/libvirt to be mounted. The whole point of this machine is to host virtual machines, and the point of many of the virtual machines will be for hosting Docker containers. This is not a toy; this is a tool by which I continue to learn and hone my craft.

The next server that is being staged is a Dell PowerEdge 1950 III, with dual E5410 quad core Xeons running at 2.33GHz, only 8GB of RAM, and (for the moment) a single 73GB disk. Another disk of identical specs will be added for RAID purposes. This machine is a utility server, meant to provide basic services to the virtual machines and containers. It will be responsible for dhcp, dns, ntp, Foreman, Puppet, etc.

There’s quite a lot going in here, which I’m sure will be fodder for future posts. I’ll also be writing for the new Bronto Engineering Blog about cool things we’re doing at work.

Mark Turner : The Day We Set the Colorado River Free

June 29, 2014 04:02 PM

This is a wonderful read in about this spring’s temporary unleashing of the Colorado River. Our food choices and environmental decisions have consequences, folks.

This story makes me want to strap on a backpack and head west.

Back in the era of massive dam building, farmers and city planners were only too happy to see the wild Colorado transformed into a domesticated delivery system. Denver, Las Vegas, Phoenix, Tucson, Albuquerque, Los Angeles, San Diego, Mexicali, and many more municipalities drink the Colorado every day.

As do you. Most of America’s winter veggies are grown in the irrigated valleys of Southern California and Arizona. Your fridge is filled with Colorado River greens. Your beef was fattened on Colorado River alfalfa. Even your milk may well be the Colorado transformed. We all nurse from the mother river.

via The Day We Set the Colorado River Free | Nature |

Scott Schulz : Tweet: Are the @twitter folks just trying to drive away u…

June 29, 2014 11:26 AM

Are the @twitter folks just trying to drive away users? Can’t add another of my accounts to a client?


Scott Schulz : Tweet: In what nightmarish hell does @rdio believe that E…

June 28, 2014 05:52 PM

In what nightmarish hell does @Rdio believe that E.S.G – Sangin’ and Bangin’ is even remotely interesting to an Evanescence listener? #fail

Scott Schulz : Tweet: Blog: Weather Unlocked – An Interesting API http:/…

June 27, 2014 07:34 PM

Blog: Weather Unlocked – An Interesting API

Scott Schulz : Tweet: Ooh, I want a @DLoesch “Dana Show” koozie!

June 27, 2014 06:31 PM

Ooh, I want a @DLoesch “Dana Show” koozie!

Jesse Morgan : rsyslogd-3003: error -3003 compare value property – ignoring selector

June 27, 2014 03:08 PM

If you ever come across this message:

Jun 27 10:52:52 detc6ut002 rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="30899" x-info=""] start
Jun 27 10:52:52 detc6ut002 rsyslogd-3003: error -3003 compare value property - ignoring selector [try ]
Jun 27 10:52:52 detc6ut002 rsyslogd: the last error occured in /etc/rsyslog.conf, line 65:":programname, regex, 'ASA-[65432]-' ~"
Jun 27 10:52:52 detc6ut002 rsyslogd: warning: selector line without actions will be discarded
Jun 27 10:52:52 detc6ut002 rsyslogd-2124: CONFIG ERROR: could not interpret master config file '/etc/rsyslog.conf'. [try ]

Make sure you’re using double quotes on your regex string.

:programname, regex, "ASA-[65432]-" ~


This took me far longer than it should have to figure out. Let me know if you find this helpful.

Warren Myers : think as you like but behave as others – law 38 – #48laws by robert greene

June 27, 2014 12:18 PM

Law 38

If you make a show of going against the times, flaunting your unconventional ideas and unorthodox ways, people will think that you only want attention and that you look down upon them. They will find a way to punish you for making them feel inferior. It is far safer to blend in and nurture the common touch. Share your originality only with tolerant friends and those who are sure to appreciate your uniqueness. –Robert Greene, The 48 Laws of Power (review)

Mark Turner : One Parks board meeting left

June 27, 2014 12:59 AM

Raleigh's Parks board at the Fred Fletcher awards, May 2014.

Raleigh’s Parks board at the Fred Fletcher awards, May 2014.

At last week’s Parks board meeting, I did some calculations and realized I have exactly one meeting left: July 17th. Has it been six years already? Where does the time go?

So much has been accomplished during my time with the board. I recall how contentious my early board meetings were, with lots of strong opinions and little sense of compromise. I contrast that to the last few years, where my fellow boardmembers have voted unanimously on nearly every issue. I don’t think that all votes should necessarily be unanimous but I’m so glad to have been on a board where the members try to work together.

I’m working up a speech to give for my two minutes of member comments at the end of every meeting. There’s a lot to cover for these six years so I’ll have to choose my words carefully.

While July 17th will be my last meeting, my term doesn’t officially end until September 5th. Thus I have one more dedication left to attend: the Mount Hope Cemetery dedication on September 4th. After that, who knows where life will lead me?

Here’s a photo from one of my earliest Parks board gigs: the Lions Park dedication of 2010:

Lions Park Playground Dedication

Lions Park Playground Dedication

Here’s one from my latest dedication, this week’s Halifax Community Center’s rededication:

Halifax Community Center Rededication, June 2014

Halifax Community Center Rededication, June 2014

Magnus Hedemark : Docker Meetup at Bronto

June 26, 2014 11:27 PM

Magnus Hedemark:

I’m blogging for Bronto now. Here’s my first published article for them.

Originally posted on Engineering @ Bronto:

The June 2014 Triangle DevOps meetup was once again hosted at Bronto. This particular event was one for the books; it’s not only the most highly attended Triangle DevOps event ever, but the largest event ever hosted in Bronto’s Thunderdome! Additionally, this was the official kick-off for the Docker Raleigh meetup group. If attendance and engagement were any indication, technology professionals in Raleigh and Durham are very ready to learn more about Docker and how to leverage it for their own benefit. We were very fortunate to have Aaron Huslage from Docker come to speak to us on this topic.

Aaron Huslage begins with a brief introduction to Docker

View original 388 more words

Scott Schulz : Tweet: Happy 10th Birthday to @dokuwiki – good stuff!

June 26, 2014 03:28 PM

Happy 10th Birthday to @dokuwiki – good stuff!

Scott Schulz : Tweet: How in the heck do you save a screen cap to a file…

June 25, 2014 09:53 PM

How in the heck do you save a screen cap to a file in @evernote Skitch? Save sends to Evernote

Warren Myers : who wants an “all-star team” anyway?

June 25, 2014 11:57 AM

A friend sent me this job listing recently, and I see it suffers from a wrong-headed (though well-intentioned) institutional fixation that hiring managers seem to have: that of wanting an “all-star team”.

“we are building an all-star team”

Sigh. This mentality is promoted by smart, successful people like Joel Spolsky:

“You’re going to see three types of people in your interviews. At one end of the scale, there are the unwashed masses, lacking even the most basic skills for this job. They are easy to ferret out and eliminate, often just by asking two or three quick questions. At the other extreme you’ve got your brilliant superstars who write lisp compilers for fun, in a weekend, in Assembler for the Nintendo DS. And in the middle, you have a large number of “maybes” who seem like they might just be able to contribute something. The trick is telling the difference between the superstars and the maybes, because the secret is that you don’t want to hire any of the maybes. Ever.”

What’s wrong with the premise? Easy – just watch any sports all-star game: they all, each and every one, stink. Why? There is rarely ever such a thing as an “all-star team”. Stars, by definition, are individuals.

Sure – you have the anomalies: the 1927 Yankees, for example. That one magical time when all the stars aligned, the wind blew in the right direction, the grass bent just so, and everyone did exactly what they needed to do every time. They had 6 future Hall-of-Famers on the roster – names you know (and some you don’t): Babe Ruth, Lou Gehrig, Earle Combs, Herb Pencock, Waite Hoyt, Tony Lazzeri. They won 110 games and only lost 44 (it was before the 162 game season).

But even the 1927 Yankees didn’t win every year. Just the next year they still won, but lost a player from tuberculosis. And the next year they only won 88 games.

In 1927, Lou Gehrig batted .375. In 1929 it was only .300.

In 1927 Babe Ruth hit 60 home runs. In 1929 only 46.

What happened? Other teams learned to adapt, the rosters changed, the weather was different, the grass grew differently … in short: the “magic” wasn’t a formula – it was just magic.

In baseball, the All-Star Game is ostensibly a show for the fans (though, given the shortness of each players’ appearance in the game, and how managers might be inclined to less-heavily (or more-heavily) use players from their own teams, you wonder how much of a “show” it really is). A bunch of excellent baseball players who normally play against each other are brought together for a few hours to play with each other… and then go back to being opponents two days later.

I saw this at Opsware: they had a hiring philosophy that you should “never hire someone dumber than yourself” (if you were an interviewer). Theoretically, this should have lead to a corporate environment of smart people. And it did – mostly (I’ll leave-out some of the less-than-stellar hires Opsware made while I was there). But it also lead to having a roomful of smart people – ones who weren’t necessarily really “smart” when it came to talking to other people .. a distinct problem. (Take a look at this Quora entry on things smart people do that are dumb.)

Smart people sitting in a room and solving ideas tend to lead to the architecture astronaut view of the world. (Ironically, the same Joel who only wants to hire the best-of-the-best also realizes that super smart people will tend to get so enamored of their own ideas that they’ll craft little silos where they can sit and happily yammer-on about their pet interest.

I’ve had the privilege of working with some scary-smart people. And I’ve had the horror of working with some scary-smart people.

Sadly, it is far more often the case that the super smart people I’ve known and worked with have been horrors and not privileges.

We all want to work in the best environments we can – we want good benefits, interesting work, quality family time, great coworkers, awesome bosses … We all like to think that the folks we work with are amazingly brilliant – among the best in their fields. But what is the statistical likelihood of that? Pretty small.

If IQ were the only guide for potential success, you’d think that everyone would want to gravitate towards places that have masses of high-IQ folks. Like Mensa. Like we think Google must be. Or like Dave Eggers’ fictional company The Circle.

But IQ isn’t the only determinant of success – we can see that clearly with some of our most famous politicians, business leaders, cultural influences, etc.

Putting a bunch of smart (or athletic or fast or whatever other term/factor you want to use to quantify “all-star”) folks together in one room to become a team isn’t really realistic. What makes a good team is complex – there’s shared vision, good interpersonal skills, knowing whom to contact for what, and more. It’s not merely having a bunch of people who are “the best” at what they do. It’s having people who can be [close to] “the best” together.

Scott Schulz : Tweet: Woot! @DLoesch is filling in for Glenn Beck tonig…

June 24, 2014 11:27 PM

Woot! @DLoesch is filling in for Glenn Beck tonight! This should be awesome.

Eric Christensen : YouTube, now with less RC4

June 24, 2014 01:45 PM

Eric Christensen:

This is awesome news. Passing it along.

Originally posted on securitypitfalls:

After everybody said not to use RC4 any more, Google finally enabled one additional cipher on Google video servers: TLS_RSA_WITH_AES_128_GCM_SHA256.Unfortunately, this cipher is not supported either by Firefox 30 nor by Internet Explorer on Windows 8.1 or earlier.

Users of Firefox will have to wait for the bug 1029179 to be fixed.

This cipher is though supported by Google Chrome and Chromium, so if you’re a user of those browsers, you can finally disable RC4 for everyday browsing. You can do it either by creating a wrapper script, or modifying the shortcut you use to run those browsers to have one additional option:

chrome --cipher-suite-blacklist=0x0003,0x0004,0x0005,0x0017,0x0018,0x0020,0x0024,0x0028,0x002B,0x0066,0x008A,0x008E,0x0092,0xC002,0xC007,0xC00C,0xC011,0xC016,0xC033

This will disable following cipher suites:

  • 0×0003 – TLS_RSA_EXPORT_WITH_RC4_40_MD5
  • 0×0004 – TLS_RSA_WITH_RC4_128_MD5
  • 0×0005 – TLS_RSA_WITH_RC4_128_SHA
  • 0×0017 – TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
  • 0×0018 – TLS_DH_anon_WITH_RC4_128_MD5
  • 0×0020 – TLS_KRB5_WITH_RC4_128_SHA
  • 0×0024 – TLS_KRB5_WITH_RC4_128_MD5
  • 0×0028 – TLS_KRB5_EXPORT_WITH_RC4_40_SHA
  • 0x002B – TLS_KRB5_EXPORT_WITH_RC4_40_MD5
  • 0×0066 – SSL_DHE_DSS_WITH_RC4_128_SHA
  • 0x008A – TLS_PSK_WITH_RC4_128_SHA
  • 0x008E – TLS_DHE_PSK_WITH_RC4_128_SHA
  • 0×0092 –…

View original 87 more words

Scott Schulz : Tweet: Now THAT’s the Jack Bauer we all know and love……

June 24, 2014 01:30 AM

Now THAT’s the Jack Bauer we all know and love… welcome back!

Jesse Morgan : And For My Next Trick…

June 24, 2014 01:16 AM

Presuming I get my Alston guitar properly set up and playable, I’d like to try building another kit. Before I do that however, I need to figure out what I’ll need.

  1. A painting booth. Lacking a proper garage, some type of enclosed booth to hang the guitar in would be ideal- This video demonstrates how to build a temporary paint booth for ~$50. That in addition to a stand of some sort that I can hang the guitar from should be sufficient.
  2. A proper painting mask. The flimsy mask I had was passable in a well ventilated area, but I should get something better before I paint again.
  3. A Drying space. I need to make preparations before hand to have a spot to let the paint dry after the initial painting.
  4. A timeline. x days for sanding, priming, painting, clear coat, assembly, etc.
  5. Sanding sealer. This will help make sure everything is smooth.
  6. Proper sanding tools. I cut too many corners rather than using a proper sanding block.

I’ll add to this list as I think of more.

The second half of the equation is finding a kit that I really want to do. With the *relatively* low prices, it’s feasible to do another once I get a place to work on it. Kits I’m currently looking at:

No favorites yet, but it’s all I could find.

Mark Hinkle : Keynote Devops Days Amsterdam – Hacking IT, Culture over Code Bringing Devops into your Organization

June 23, 2014 01:55 PM

The organizers at Devops Days Amsterdam asked me to give the keynote this year. It was a great event and got to meet a lot of cool people. Here’s the abstract of the talk and slides:

The term DevOps has crossover over from a culture movement around improved IT delivery to a buzzword co-opted by headline minded journalists and companies who want to reinvent their antiquated practices by acquiring new talent. This presentation will talk about DevOps the movement, desired outcomes from DevOps practices and how to bring those practices to your organization especially those with entrenched practices that lack the agility, automation and other benefits of DevOps.


Jesse Morgan : Thoughts on the Alston A830L Guitar Kit

June 23, 2014 02:23 AM

For Father’s day, the family picked up a guitar kit for me. Having attempted to make one from scratch (and failing miserably), this seemed right up my alley.

The Unboxing

More or less the full kit.

As you can imagine, I was quite excited when I found out what I was getting. When it arrived, it was triple boxed and well padded. Unfortunately, there were no instructions. The misc. parts were packaged in a bubble-wrap blister pack so that could count them without opening the packaging.

The wiring diagram that was included was nice, however it wasn’t very useful since the pickups and switches were pre-wired and fastened to the pickguard already. This made overall assembly much less error prone.

The mahogany body was in pretty good shape (as was the maple neck), but I wasn’t really fond of the coloration, so I decided to do a solid paint color on it. The maple neck was also in good shape, however the frets were crudely cut and very sharp.

The Sanding

I dislike sanding. It’s doubly boring on a guitar body where it needs to be super smooth AND you need to work around multiple routings. I started with 180, then up to 220. Part of the problem with Mahogany is that it has very large pores between the grains. To counter this, I used a water-based wood filler that I thinned down.

Mistake 1: The wood filler I used had “real wood fibers” in it- that may be great for other things, but for thinning and lightly brushing over a guitar I just sanded to fill the pores, it was horrible, leaving a mess of stray fibers everywhere.I did my best to sand it down, but it double the amount of sanding I needed to do.

As for the super-sharp fret edges, I surrounded each fret with painters tape and very carefully filed them down. the tape helped prevent me from accidentally marring the fretboard, which I definitely would have.

The Painting

The first coat of metallic blue- note the overspray…

Once everything was sanded down, I wiped it off with a moist cloth and laid it out for painting.

Mistake 2: I did not use an air compressor or can of duster to remove the dust; it stuck in the bottom of the routing, leaving a mess once it was painted.

Mistake 3: I did not prime it. I was looking for some “sanding sealer” that I’d seen in some of the tutorials on youtube, but neither lowes nor home depot had it.  Instead I just put bare paint on wood.

I was clever enough to lay down a dropcloth and move the cars before painting, so fortunately nothing important was caught by the overspray. I ended up choosing a metallic blue for the front and metallic black for the back. The First coat went very well.

Mistake 4: Drop cloth wasn’t spread widely enough, resulting in blue paint outline on the porch.

The Catastrophe

The first real catastrophe was when I tried to paint the back of the guitar; I had flipped the guitar over after several hours of drying and added a coat of black to the background. Ten minutes later, I moved the guitar a bit, then sprayed another coat. The problem breaks down like this:

  • Metallic paint has flecks of aluminium in it. This balls up when it hits sawdust (remember the dust in the bottom of the routing?) and leaves crusties all over the place on the sheet.
  • the first coat of black made the crusties sticky
  • when I moved the guitar to spray the other side, I put my pretty blue face on the wet, sticky crusties.

When I flipped the guitar over, I was heartbroken- the pristine blue face was ruined.  After moping for a few days while it rained, I found that I could sand those off with minimal rework. Over the next few day I was able to paint the neck and back of the guitar as well and things started to look better

Finishing it


The lower marr is my screwup, the higher one is from the capo while testing the action.

After sanding off the crusties, I put another coat of metallic blue on the front and let it dry. I was working in the back yard now to prevent getting paint on the porch or the car.

Mistake #5: While the guitar was inside, I rested it on a metal wire rack in the basement, which unfortunately marred the soft black paint on both the body and the neck.

Mistake #6: Either I had missed some pores with my filler, or the sun reacted with the paint, causing it to boil.  I ended up with little blue beads on part of the guitar. Unfortunately I didn’t notice until I was spraying the clearcoat, in which case it was too late. I sanded down the clearcoat after it was try, but ended up with pockmarks in the metallic blue below.

Mistake #7: The clearcoat on the black neck DEFINITELY reacted to the sunlight and bubbled like crazy. I sanded it down and tried again, this time keeping it in the shade; this turned out much nicer.

Mistake #8: Thinking 30 minutes would be enough, I flipped the neck over to do the front of the headstock. While the paint was dry to the touch, it was not hard, and the places where I had rested it to keep the headstock elevated ending up smearing the paint like bubblegum. The paint was too gooey to sand off, so I did the best I could before putting on another coat of black.

Mistake #9: I should have waited a few days and finished the painted after I could properly sand it- the result looks horrible and needs to be redone.

After continual issues with both using the spray paint and having a place to use it, I got aggravated and called it “good enough” despite the back of the body needing a clear coat still and the neck having severe paint issues.

The Neck Masking

One thing that did turn out right was the masking around the fretboard- there was zero bleedthrough, and it came out really nice. I was proud of this, and wanted to point it out as one of the few things that went right.


The Bridge Doesn’t Fit!


I had to rout around the two longer pegs as well as the lowest and highest back corners of the plate.

While I really wanted to put the guitar together before painting it, I refrained mainly because the bridge posts wouldn’t come out after being installed, and I didn’t want to risk getting paint on them.

In hindsight, I should have tried it; then I would have noticed that the string locking screws that poke out the back are too long and would mar the paint. I also would have noticed that the the faceplate of the bridge itself wouldn’t fit in the routed area due to the alignment of the posts.

I ended up routing out a good deal of wood to ensure that the bridge would fit properly, grinding off the one spot where the paint actually looked good.

Neck Doesn’t Fit

It’s one thing to paint a neck separately from the body, but had I been paying attention, I would have measured the overlap between the neck and the body, and masked off both before painting. Since I didn’t mask, I ended up sanding off the paint in that vicinity.


Added bonus- since it was such a tight fit AND the neck wouldn’t fit for measuring, I accidentally sanded off too much and now have an ugly bare spot near the joint. Since the neck was not predrilled, I had to pin the neck to the body with a padded clamp and screw it together. My gut tells me the angle is not correct, but there’s not a lot I can do about it now.



A better view of the routed areas. Also note that the bridge play is not level with the body.

This was my first experience with stringing a locking nut bridge and a floyd rose tremolo. I have to say, I’m not a fan. First you have to cut the ball off each string, then clamp the bare end into the tremolo.

Since the bridge is “floating,” the strings on one side are counteracted by springs pulling from the other side- the entire thing balances on the bridge posts, which act like a pivot. If the springs are already in place, it pulls the string locking screws below the surface of the guitar, making it difficult to actually insert and lock the strings in place. After much experimentation, the process goes like this:

  1. cut the ball off each string, and insert and lock it into place on the bridge
  2. Place the bridge on the posts
  3. Hook the springs to the bridge underneath
  4. run the strings through the locking nut to the posts and twist them up (make sure to leave plenty of slack!)

Note that this doesn’t cover tuning.


Prior to putting the strings and neck on, I screwed the pick guard down. I should point out that this was incredibly frustrating due to the shape of the routing and the number of wires that needed to fit along the routing- it took me 10 minutes of fussing to get it to fit properly.

With the wiring more or less complete, the only thing I needed to do was ground the anchor plate for the bridge springs and connect the input jack. It was only after I had the strings and everything on that I realized I didn’t know if the orange or the yellow wire was the ground (Hint, it was the other one). After getting it all together, I found that I’d miswired the plug and had to redo it, which was minimally annoying.

Truss Rod


Here you can see just how much action there is around the 8th or so fret.

The purpose of the truss rod to adjust the angle of the neck and hence the action(gap) between the strings and fretboard; there are several factors that fit into adjusting the action, and I’ll admit that I’m inexperienced; hence I don’t know if it’s set properly. On this guitar, the action is affected by:

  • Truss Rod (controls height of nut)
  • height of the bridge pivot screws (controls height of bridge)
  • depth of the anchor plate screws (controls height of bridge)

All of which also factor into…


Tuning is a pain in the ass. From what I’ve read, proper alignment of the floyd rose tuning bridge is to have it parallel, which means balancing the tension from the springs with the tension from the strings. Tightening the strings pulls the bridge upward, misaligning it; tightening the spring anchor screws lowers it.

Once it’s tuned, there is buzz from poor alignment against the frets, meaning the truss rod needs to be twisted back… so many different things to tweak. While I now have my guitar in tune, it’s currently unplayable due to the action being too high.

Misc Thoughts

  • Not having a dedicated workshop is a showstopper next time- without a place to sand, paint, and dry I’ll never be able to create a nice finish.
  • The floyd rose bridge is a pain in the ass. do not like.
  • While the overall product was not bad, I’m very unhappy with Alston guitars. They have no website, don’t respond on their facebook page, have no contact info, and don’t have their instructional PDFs posted anywhere.  I will avoid them in the future.



At two yards it looks pretty nice.

To be honest, I’m kinda disappointed with the way it turned out. I suppose it could be fixed with a fresh paintjob and proper tuning, but I’m not going to hold my breath. If I can find a workshop, I’d really like to try a second body style from a different kit company.

Scott Schulz : Tweet: So while @ussoccer players stroll around or lay on…

June 23, 2014 12:01 AM

So while @ussoccer players stroll around or lay on the ground making angels, Portugal ties it up with mere seconds left to play. Sad.

Scott Schulz : Tweet: So USA v Portugal comes on and the power goes out?…

June 22, 2014 10:16 PM

So USA v Portugal comes on and the power goes out?? What kinda sick joke is this ;-(

Scott Schulz : Tweet: #corolla #unitedstates – ht…

June 22, 2014 11:29 AM



Eric Christensen : Signing PGP keys

June 22, 2014 01:52 AM

If you’ve recently completed a key signing party or have otherwise met up with other people and have exchanged key fingerprints and verified IDs, it’s now time to sign the keys you trust.  There are several different ways of completing this task and I’ll discuss two of them now.


CA Fire and Forget (caff) is a program that allows you to sign a bunch of keys (like you might have after a key signing party) very quickly.  It also adds a level of security to the signing process by forcing the other person to verify that they have both control over the email address provided and the key you signed.  The way caff does this is by encrypting the signature in an email and sending it to the person.  The person who receives the message must also decrypt the message and apply the signature themselves.  Once they sync their key with the key server the new signatures will appear for everyone.

$ gpg --keyserver hkp:// --refresh-key

There is some setup of caff that needs to be done prior but once you have it setup it’ll be good to go.

Installing caff

Installing caff is pretty easy although there might be a little trick.  In Fedora there isn’t a caff package.  Caff is actually in the pgp-tools package; other distros may have this named differently.

Using caff

Once you have caff installed and setup, you just need to tell caff what key IDs you would like to sign.  “man caff” will give you all the options but basically ‘caff -m no yes -u ‘ will sign all the keys listed after your key.  You will be asked to verify that you do want to sign the key and then caff will sign the key and mail it off.  The user will receive an email, per user id on the key, with instructions on importing the signature.

Signing a key with GnuPG

The other way of signing a PGP key is to use GnuPG.  Signing a key this way will simply add the signature to the key you have locally and then you’ll need to send those keys out to the key server.

Retrieving keys using GnuPG

The first thing that you have to do is pull the keys down from the keyserver.

$ gpg --keyserver hkp:// --recv-keys ...

Once you have received all the keys you can then sign them.  If someone’s key is not there you should probably contact them and ask them to add their key to the servers.  If they already have uploaded their key, it might take a couple of hours before it is sync’d everywhere.

Using GnuPG

Signing a key is pretty straightforward:

$ gpg --sign-key 1bb943db
pub 1024D/1BB943DB created: 2010-02-02 expires: never usage: SC 
 trust: unknown validity: unknown
sub 4096g/672557E6 created: 2010-02-02 expires: never usage: E 
[ unknown] (1). MariaDB Package Signing Key <>
[ unknown] (2) Daniel Bartholomew (Monty Program signing key) <>
Really sign all user IDs? (y/N) y
pub 1024D/1BB943DB created: 2010-02-02 expires: never usage: SC 
 trust: unknown validity: unknown
 Primary key fingerprint: 1993 69E5 404B D5FC 7D2F E43B CBCB 082A 1BB9 43DB
MariaDB Package Signing Key <>
 Daniel Bartholomew (Monty Program signing key) <>
Are you sure that you want to sign this key with your
key "Eric Harlan Christensen <>" (024BB3D1)
Really sign? (y/N) y

In the example I signed the MariaDB key with my key.  Once that is complete a simple:

gpg --keyserver hkp:// --send-key 1BB943DB

…will send the new signature to the key servers.

Mark Turner : Ring Around Raleigh bike ride!

June 21, 2014 03:16 PM

Ring Around Raleigh

Ring Around Raleigh

Tomorrow morning I’ll be leading a number of my friends and neighbors on a Ring Around Raleigh bike ride using bike-friendly streets and greenways. It’s the same route my family has been riding over the past few weekends. I was inspired by a friend who posted about his ride around Raleigh and thought I’d try to do it, too.

My experiment proved easier than I expected. The streets taken are quiet neighborhood streets with little traffic and the vast majority of riding is along Raleigh’s beautiful greenways. It seems so easy and fun I thought I would help get the word out to my cyclist friends so they could begin riding it, too.

If you’d like to join us, be at Lions Park (1600-ish Bennett Street) at 8 AM Sunday morning. We’ll leave the park promptly at 8:15 AM and spend the next three hours or so working our way clockwise around the city. The weather’s shaping up to be great, too: with a sunny, breezy day and a high of only 84 degrees.

Hope to see you tomorrow at Lions Park!

Our Route:

  • We’ll take Dennis Ave to Raleigh Boulevard where we’ll get on the Milburnie greenway heading east.
  • We’ll turn right on Milburnie Ave. and then left onto N. Peartree Ln., being careful as we cross New Bern Ave.
  • Once we pass Raleigh Country Club and get to Poole Rd, we’ll turn right and then cross Poole at the intersection of Beverly Dr.
  • Near the end of Beverly Dr, we’ll turn right on to Little John Rd and then ride the Walnut Creek greenway.
  • We’ll take the Walnut Creek greenway to the Rocky Branch greenway, stopping by Pullen Park (for a pit stop if needed).
  • Rocky Branch will take us through N.C. State, after which we’ll follow Gorman Street up to Meredith College.
  • We will stop by the Hillsborough Street Ben and Jerry’s if anyone wants a snack. :)
  • From Meredith we take a fun downhill on the hills of House Creek greenway, taking us to Crabtree Valley Mall and Crabtree Creek greenway.
  • We’ll ride a few more quiet neighborhood streets: Alleghany Drive to Pasquotank Dr to Hertford St. to Northhampton St., passing by Root Elementary.
  • We’ll take another break at beautiful Lassiter Mill Falls park (one of Raleigh’s best-kept secrets) before returning to Crabtree Creek greenway.
  • Crabtree Creek will lead us back to Raleigh Boulevard where we’ll return to Lions Park about 11 AM.

Eric Christensen : SouthEast LinuxFest 2014 – Day One

June 20, 2014 11:00 PM

After a crazy cab ride from the train station I arrived at a hotel that is in the general area of SouthEast LinuxFest (SELF) but not co-located.  *sigh*  This side of Charlotte isn’t as pedestrian-friendly as it could be.

The first day (Friday) of SELF was pretty good.  I generally stayed close to the security track which included talks on DNSSEC, IPv6, and a history of information security.  All very interesting and, specifically the IPv6 talk, got my head going.  Being a former network guy I hadn’t had to think about the impact and possibilities of IPv6 on enterprise networks and the infrastructure that resides on those networks.  I also learned of a “new” firewall that deserves a closer look.

On the Fedora front, I was able to work on a few Docs Project pieces that needed some collaboration to get straight.  I’m also talking up my thoughts on implementing a process to help manage (and close) security bugs within Fedora.

I’m hoping day two is just as good as today was.