All posts by Fawcs

The author is working as an IT-Systems Engineer for an Austrian company and has spezialiced on Linux (RHEL), Deployment and Monitoring but is also working with VMware, Windows, Cisco, ...
Hardware, Raspberry, Tools

Flashing NextThing C.H.I.P. with a Raspberry Pi

Leave a comment

Today I somehow bricked my CHIP (I think it wasn’t the wised idea to set the system-target to network_online) as I didn’t get access via serial connection or ssh.
It wasn’t that much of a problem as I wanted to set up the CHIP as a headless system.
So the journey begins (http://docs.getchip.com/chip.html#installing-c-h-i-p-sdk) with setting up Virtual Box + Extension pack and installing vagrant on my Windows 10 (Git was already installed).

After everything was installed I started the VM wich was setup by vagrant and ran the chip-update-firmware.sh script to start the upgrade, but it failed with “Waiting for fel……………………………TIMEOUT”.
The reason was, that regardless of the USB-rules in the Vagrantfile, the CHIP was not available in the VM. Easy to check with “lsusb”. No Big deal – As the VM is available in the VirtualBox Manager we can boot it up from there and just attach the CHIP-USB-Device to the VM.

waiting for fel…OK -> 🙂
BUT:
waiting for fastboot……………………………TIMEOUT
-> 🙁

So, it seems that after the reboot of the CHIP windows is not recognizing it the right way and also has some problems to pass it through to the VM.

I dind’t find a fix for that problem, but reportedly a physical Ubuntu installation should would (regarding to some forum post on the NextThing BBS). Too bad I only have Fedora on a laptop, but no Ubuntu – but I had a Raspberry which i was currently not using, so I gave it a try and it worked out quite nice.

I used a “Jessy lite” and installed the following packages:

[pastacode lang=”bash” manual=”sudo%20apt-get%20install%20android-tools-fastboot%C2%A0u-boot-tools%20u-boot%20cbootimage%C2%A0uuid-dev%20libacl1-dev%20liblzo2-dev%C2%A0libusb-1.0-0-dev%20libusb%2B%2B-dev%20libusb-1.0-0%20libusb-dev%20git%0Agit%20clone%20https%3A%2F%2Fgithub.com%2FNextThingCo%2FCHIP-SDK%0Acd%C2%A0CHIP-SDK%0Asudo%20.%2Fsetup_ubuntu1404.sh%0Acd%C2%A0CHIP-Tools%0Asudo%20.%2Fchip-legacy-update.sh%20-f%20-s” message=”Install packages and flash the CHIP” highlight=”” provider=”manual”/]
(I don’t think that all the packages are needed, but i got some errors and hence installed everything I thought fix those errors)
After that & a reboot of my CHIP i was able to access it again with:

screen /dev/ttyACM0 115200

 

Uncategorized

Next Thing – C.H.I.P – Driver cant be installed

Leave a comment

UPDATE – 20181203:

or just use the microsoft driver as described on reddit – https://www.reddit.com/r/ChipCommunity/comments/5hndoj/setting_up_the_chip_under_win10_walkthrough/  

 

Today I got my new CHIP (https://nextthing.co) dev board/mini pc and tryed to set it up, but as I found out thats quite tricky to do.

Regarding to the documentation the chip only needs to be connected to a pc with a micro USB cable and is automatically installed as  serial device. After the installation the chip should be accessible via a COM-port with putty or any other program for serial communication.

So far so good, BUT … as I had to find out, the driver didn’t got installed and so it wasn’t accessible …

By default Windows should identify the device automatically and install the CDC Composite Gadget driver out of the box. But in my case it didn’t work.
It seems that the identfier canged from A4A7 to A4AA:
cdc-hw-id

After some some googleing I found a driver on kernel.org which nearly worked.
https://www.kernel.org/doc/Documentation/usb/linux-cdc-acm.inf

But it would have been too easy if it worked out of the box. So I had to adapt the *.inf-file to match my HW-ID.
Change the follwoing lines

[pastacode lang=”python” manual=”%5BDeviceList%5D%0A%25DESCRIPTION%25%3DDriverInstall%2C%20USB%5CVID_0525%26PID_A4A7%2C%20USB%5CVID_1D6B%26PID_0104%26MI_02%2C%20USB%5CVID_1D6B%26PID_0106%26MI_00%0A%0A%5BDeviceList.NTamd64%5D%0A%25DESCRIPTION%25%3DDriverInstall%2C%20USB%5CVID_0525%26PID_A4A7%2C%20USB%5CVID_1D6B%26PID_0104%26MI_02%2C%20USB%5CVID_1D6B%26PID_0106%26MI_00%0A” message=”” highlight=”” provider=”manual”/]

to

[pastacode lang=”python” manual=”%5BDeviceList%5D%0A%25DESCRIPTION%25%3DDriverInstall%2C%20USB%5CVID_0525%26PID_A4AA%2C%20USB%5CVID_1D6B%26PID_0104%26MI_02%2C%20USB%5CVID_1D6B%26PID_0106%26MI_00%0A%0A%5BDeviceList.NTamd64%5D%0A%25DESCRIPTION%25%3DDriverInstall%2C%20USB%5CVID_0525%26PID_A4AA%2C%20USB%5CVID_1D6B%26PID_0104%26MI_02%2C%20USB%5CVID_1D6B%26PID_0106%26MI_00%0A” message=”” highlight=”” provider=”manual”/]

 

In short: replace A4A7 with A4AA 😉

Afterwards the driver could be installed and the chip should work (as long as you do not have Windows 10).
If you try to install the driver on a Windows 10 machine, Windows will complain about the unsigned driver and will not install the driver.
To get it work on Windows 10, the OS needs to be rebooted in option mode:
shutdown.exe /r /o /f /t 00

When Windows starts up again the driver signature check could be disabled for this start and after the system is up again it’s possible to install the driver.

Continue reading Next Thing – C.H.I.P – Driver cant be installed

Network, VMware

VMware Workstation Player – No Bridge Adapter available

Leave a comment

Lately Microsoft convinced me to upgrade my Windows 7 @ home up to Windows 10. When I upgraded my Windows I checked all the installed tools for Upgrades and also upgrade my old VMware Player 6 to the new VMware Workstation Player 12.
Today I was playing with MDT at home and wanted to set up a test VM to check if everything is working, but I was not able to get the bridged interface working.
I was able to selct it, but I didn’t get an IP from my DHCP so I thought I’ll disable all adapter except the LOM which is connected to my Router, but there were no adapters. 🙁

VMwareWokrstationPlayerBridge

 

After a little bit of investigating I found out, that my LOM didn’t have the VMware Bridge Service installed. VMwareBridgeService

After installing the service I was able to set up the bridge adapter for the VM.

 

 

Linux, Monitoring, Tools, Zabbix

Zabbix – Clear hosts from untemplated items

Leave a comment

Sometimes you run into the problem, that you have a host which had a template attached but somebody wanted to replace the template or something like that and unfortunately hit just “Unlink” instead of “Unlink and Clear” and all the items are still in the host.

If you have only one host it’s normaly no problem to delete all items per hand, but if you have multiple of those hosts it’s quite some work do remove the old items.

Solution nr. one would be tu use the filters to select all items in a specified host group and delte those items, but the applications, discovery rules and so on will still remain in the hosts and have to be deleted in a 2nd/3rd step.

See the Screenshot below:Zabbix Host configuration - item filters

 

My preferred solution for this problem is a simple regex based find/replace with Notepad++.
Herefor an export of the affected hosts is needed. The xml-file could be opend with NPP and the following regexes are needed for find/replace (CTRL+H) to remove the unwanted items.

[pastacode lang=”markdown” manual=”Find%20what%3A%20(%3Cdiscovery_rules%3E%5B%5Cs%5CS%5D*%3F%3C%5C%2Fdiscovery_rules%3E)%7C(%3Ctriggers%3E%5B%5Cs%5CS%5D*%3F%3C%5C%2Ftriggers%3E)%7C(%3Cinventory%3E%5B%5Cs%5CS%5D*%3F%3C%5C%2Finventory%3E)%7C(%3Citems%3E%5B%5Cs%5CS%5D*%3F%3C%5C%2Fitems%3E)%0A%0AReplace%20with%3A%20(%3F1%3Cdiscovery_rules%20%2F%3E)(%3F2%3Ctriggers%20%2F%3E)(%3F3%3Cinventory%20%2F%3E)(%3F4%3Citems%20%2F%3E)” message=”” highlight=”” provider=”manual”/]

In the above example multiple regexes with multiple replace-patterns are used to replace the items, discovery rules, triggers an inventory and reset it.

Linux

Remove Oracle ApEx from the database

Leave a comment

Because Nessus seems to dislike Oracle ApEx we needed to remove it from the database.  Oracles manual regrading the removal is pretty straight forward (https://docs.oracle.com/database/121/HTMIG/trouble.htm#HTMIG270), but I wanted to do it in a single none intreactive line which makes it easier to do de removal automated.

so – here it is:

[pastacode lang=”bash” manual=”echo%20quit%20%7C%20sqlplus%20-S%20%22sys%2Fsys%20as%20sysdba%22%20%40%24ORACLE_HOME%2Fapex%2Fapxremov.sql%0A” message=”” highlight=”” provider=”manual”/]

Linux, Zabbix

Zabbix 1.8 to 2.2 Upgrade

Leave a comment

Lately I was asked to help to upgrade Zabbix from 1.8 to 2.2 in a project. It wasn’t a problem to upgrade the templates – that was easily done with a xml-export/import but the hosts where kind of a challenge because the exported xml-files for the hosts itself pretty differs between 1.8 and 2.2.

Because i already had the PhpZabbixApi (https://github.com/confirm/PhpZabbixApi/blob/master/README.md) installed on the tared system i decided to write a little script which pareses the 1.8-host export and creates the hosts in 2.2. The script inc. the lib is attached at the end of the post.

I tested the script with Zabbix 1.8.6->2.2.10 and everything worked fine. Currently the script is capable of creating the hosts (with Zabbix-agent & SNMP-interface), creating the host groups and adding the hosts to the correct host group and also linking the correct templates to the host. However, the templates need to be already available on the target system to be linked correctly.

After extracting the script on the target Zabbix server the xml-import from the old system needs to be uploaded into the same directory as the script (scp) and the login data for Zabbix need to be adapted in the script. Afterwards the import can be started from a bash via:

[pastacode lang=”bash” manual=”” message=”” highlight=”” provider=”manual”/]

Zabbix1.8_2.2_upgrade

 

Monitoring, Powershell, VMware, Windows

Powershell/PowerCLI very slow execution Time

Leave a comment

Sometimes a PowerCLI-script can take quite some time till everything is executed. For example the PowerShell scripts used by Zabbix to gather the vCenter alarms into Zabbix (BlogPost) need some tuning to run fine.

So why are scripts running slow in some cases?
It seems to occur primary on systems which do not have a connection to the internet. As a matter of fact – most of the systems I’m setting up “lose” internet connection sooner, or later. :/

What exactly causes the problem?
While investigating that problem i found an interesting feature which seems to cause the problem – certificate checks!
There is an IE-setting which is named “Check for publisher’s certificate revocation ” and can be found at: Intenet Options -> Advanced -> Section: Security ->Disable: Check for publisher’s certificate revocation.

Disabling the certificate checks improves the execution time by about 60%.

certificate-check enabled:

Days              : 0
Hours             : 0
Minutes           : 0
Seconds           : 41
Milliseconds      : 536
Ticks             : 415369143
TotalDays         : 0.000480751322916667
TotalHours        : 0.01153803175
TotalMinutes      : 0.692281905
TotalSeconds      : 41.5369143
TotalMilliseconds : 41536.9143

 

certificate-check disabled:

Days : 0
Hours : 0
Minutes : 0
Seconds : 16
Milliseconds : 262
Ticks : 162628208
TotalDays : 0.000188227092592593
TotalHours : 0.00451745022222222
TotalMinutes : 0.271047013333333
TotalSeconds : 16.2628208
TotalMilliseconds : 16262.8208

 

If the script is run from a normal user account everything should be fine and we have an improved execution time, BUT …

… if the script is run from an Service (and as a matter of fact I’m using the Zabbix agent service to run the script) we got a problem.
With default settings the Zabbix Agent is installed to run as nt authority\system, so if the IE-setting is changed for the current user, its working for this user, but not for the system user. 🙁
So a quick and dirty workaround could be to disable the setting for the system user.
ATTENTION: Running the Zabbix Agent as a system user is OK for a DEV-environment, but should not be used in an production environment. For production a dedicated service user should be used.

I disabled it by becoming a system user with

[pastacode lang=”bash” message=”” highlight=”” provider=”manual”]

PSEXEC -i -s -d CMD

[/pastacode]

and launching the IE from the command prompt. Afterwards I was able to disable the setting via the above method.

Otherwise the Key could also be found in the registry at:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
0x00023e00 / 146944 Check OFF
0x00023c00 / 146432 Check ON

A simple PS-Script to disable the setting would be:

[pastacode lang=”bash” message=”PowerShell to disable Publisher certificate checks” highlight=”” provider=”manual”]

Write-Host "Disable Check for publisher’s certificate Revocation"
set-ItemProperty -path "REGISTRY::\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\" -name State -value 146944

[/pastacode]

 

Linux, Monitoring, VMware, Zabbix

Get vCenter alarms into Zabbix via poll-method

Leave a comment

Some time ago i wrote a post on how to forward vCenter alarms to Zabbix ( https://blog.fawcs.info/2015/05/getting-vcenter-alarms-to-zabbix/) and I have to admit, that this solutions is kind of a pain in the ass. I’m getting the alarm info from environmental varaibles which are automatically set by the vCenter when an alarm changes its status, but it seems that there is a “littel” problem with “overlapping” alarms. For example if there are occuring multiple alarms within a short period only the first alarm will be forwarded to zabbix, but non of the follwoing alarms. Besides that this is not an ideal solution I personally do not like my former approach because it’s an event driven approach. So if one event goes missing we have an inconsistent system :/

It’s quite some time since I wanted to redesign the solution and now I’m finally having some time ( and the pressure) to do so. 🙂
The new approach is based on using userparameters to execute a powershellscript on the vCenter to discover all active alarms and create items in Zabbix. At the moment I’m creating three item prototyes. One for the Timestamp when the alarm became active, another item for the acknowledged-state of the alarm and the last one for the severity of the alarm.

There are two userparemeters which run two powershell scripts. The first one (vcenter.alarm.polling.discovery.ps1) does the discovery and the second one (vcenter.alarm.polling.itemdata.ps1) is to get the data for the discoverd items.
There are also three triggers (one for each severity gray, yellow, red) which will be active als long as the alarm is not acknowledged.

You can download the scripts, userparameters and the template down below:
vCenterAlarmPolling

 

Additional findings:
Ther can occure problems if there are different addresses used to connect to the vcenter (eg. 127.0.0.1, loclahost, vcenterhostname, …)
It seems that the vCenter creates a sperate datacenter instance for every connection, so if you use the three examples from abovve you will end up creating three instances and mess up the script.

 

If special characters want to be passed to the powershellscript (e.g. special chars in passwords ord login with administrator@vsphere.local) the “UnsafeUserParameters=1” – parameter from the zabbix-agent.conf needs to be set to 1. (default value is 0)

Cisco, Deployment, Network, Tools, Uncategorized

Cisco Deployment Guide

Leave a comment

Today I received an useful link regarding Cisco L2 Access Switch-deployments with some interesting settings I wasn’t aware of till know.
The document is available via the following Link.

http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Oct2015/CVD-Campus_LAN_L2_Access_Simplified_Dist_Deployment-Oct2015.pdf

Uncategorized

VMware RVC not working after Update – Error 193: %1 is not a valid Win32 application

Leave a comment

Today I once again upgraded a vCenter installation and afterwards I wanted to use the RVC, but I always got the following error when trying to open the RVC:

C:/Program Files/VMware/vCenter Server/ruby/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require’: 193: %1 is not a valid Win32 application. – C:/Program Files/VMware/vCenter Server/ruby/lib/ruby/2.1.0/x64-mingw32/zlib.so (LoadError)
…..

So … hm … fubar. It seems that there still remain some old files on the FS when upgrading and those old files seem to cause some trouble.

To fix the problem you could try to uninstall just the vmware-ruby.msi and vmware-rvc.msi (I uninstalled both, maybe it’s enough to uninstall only the rvc-package) and reinstall. After uninstalling the file there will still be an folder rvc at “C:\Program Files\VMware\vCenter Server” – rename it before reinstallling the MSI-packages to get a clean installation!
Attention – VMware passes some parameters to the MSI-files . If you just doubleclick on the files, they will get installed, but not under:
C:\Program Files\VMware\vCenter Server

I used the parameters from the upgrade which were:

F:\vCenter-Server\Packages>msiexec /i VMware-ruby.msi ALLUSERS=1 ARPSYSTEMCOMPON
ENT=1 INSTALLPATH=”C:\Program Files\VMware\vCenter Server\” APPDATAPATH=”C:\Prog
ramData\VMware\vCenterServer\”

F:\vCenter-Server\Packages>msiexec /i VMware-rvc.msi ALLUSERS=1 ARPSYSTEMCOMPONE
NT=1 INSTALLPATH=”C:\Program Files\VMware\vCenter Server\” APPDATAPATH=”C:\Progr
amData\VMware\vCenterServer\”