Last year I happened to stumble up on some videos of electric RC cars. I watched couple of those and started reminiscing about the time I had spent back in ~2004 when me and a friend ordered couple of Traxxas Revo’s with the TRX 3.3 engine. It was a blast, but the bad thing about living on this lovely island we call Iceland is that the temperature here is pretty low, and the engine settings really often need some modifications so we spent the better half of all sessions doing tuning before we could start bashing.

But watching those videos of those electric cars was pretty interesting as you could just charge up and start to bash right away! I started researching and ended up ordering a Traxxas Maxx v2. I had a blast bashing it couple of times, but a little later I got the chance to get my hands on a Traxxas TRX4 crawlers (Bronco 2021 body). Now….this is where things started to get interesting. I took it along with me when the family went on a hike and man….I realized I had so much more fun crawling then I did bashing.

So – since then I have built a Vanquish Phoenix VS4-10, and I just finished a Axial SCX10 Pro build (well, I still need to do some work on it, but it is in a driveable condition). Building those kits has been the best hobby I can think of. I’ve searched for a hobby to spend my free time on for a long long time and I think I have finally found it.

There are two issues though. Number 1 – this hobby is a money dump!…..however I am pretty sure that this is a lot cheaper than if I had gone into hobbies like fly fishing or hunting. Number 2 – living on a island in the middle of nowhere with a population of ~400.000 means that access to crawler parts that are not made by Traxxas is very much non-existent. So I need to order pretty much everything except original parts for my TRX4 from abroad. But even if I can find cheap stuff then shipping along with the duty fees always adds a premium to every part so I have to think carefully before making any orders.

But never the less I am lucky enough that there are stores in Germany and Asia that do ship things pretty cheap (and some even ship things pretty fast, thank god for cheap Fedex shipping!) so if I make sure to put together a sizeable order it won’t be anything crazy. I am going to create a page here sharing the stores I primarily use along with a list of my parts just for fun if it helps anyone that is in a similar situation.

Yet another summer is coming to an end…

First post in long time!

Yet another summer is coming to an end. Work starts again tomorrow and things get back to normal.

During the summer I saw that I needed to rebuild a small SMB environment for a friend and I decided on using Mikrotik for the networking (switches, routers), SuperMicro for the servers and Proxmox for the virtualization layer. I’m going to document my process here and find out the good, the bad and the ugly around those three vendors. Can’t wait to get that started but I expect to get the equipment in my hands in the next ~4 weeks or so.

This is going to be somewhat over-designed environment but I am excited to see how those vendors stack up against the enterprise vendors I work with most of the time.

On-premise Kubernetes

For the better part of the year I have been playing around with Kubernetes on-premise. While testing random solutions I didn’t realize what can of worms I just opened! ……Don’t get me wrong – the whole Kubernetes ecosystem is extremely fun to “play” in.

But after trying multiple solutions a colleague of mine pointed me to a project called Rancher. This project is pretty cool!

The project makes the installation extremely easy (yes yes, I sound like a sales person) but this was the most straight-forward product I had seen (and yes, I have seen a few) in this space.

Out of the box the project offers multi-cluster management, support for AKS, EKS and support for other managed solutions as well as a on-premise installation using either RancherOS (a custom Linux distro for running Kubernetes) or using roll-your-own VMs/bare metal instances (using for example CentOS). It can integrate with vSphere to spin up instances…..and they have a decent Active Directory integration for authentication/authorization.

Rancher is deployed on a dedicated Kubernetes cluster (if it is set up for HA) that should just be used for Rancher. Then you can go ahead and add your own clusters from AKS/EKS or on-premise. It is a nice single pane of glass for operating your Kubernetes clusters. If you have environments all over the place it can help you gain better control of the environments as well as offer a single place to interact against for things like deployments.

While I won’t go into details (the documentation simply speaks for itself) I recommend you take a look at this project if you plan to start using Kubernetes for your organization, or even just to play with your own stuff.

And the best part? The project is fully open source. Rancher are also working on a persistent storage solution (Longhorn) and they offer professional services/support if you need some help along the way.

They also have a mini Kubernetes distro called K3s – it is a (very) small instance of Kubernetes that you can run on pretty much anything that can boot Linux and be managed in the same way.

Simply put, this is an amazing project! 🙂

Openconnect and GlobalProtect VPN!


Just tried the globalprotect support in openconnect 8 (8.02 in Fedora 29).

Very simplified version:

sudo openconnect --protocol=gp your.vpn.gw.com

Worked liked a treat! Hopefully I can stop using the offical Linux client now.

Now – hopefully NetworkManager-openconnect drops in support for connecting to globalprotect VPN soon! 🙂


Palo Alto GlobalProtect on Fedora

After spending some serious time trying to get GlobalProtect 4.1.2 to work on Fedora 28 (and probably 27 earlier this year) I finally managed to get it working. It is almost embarrassing how easy it was…

  1. Replace /etc/redhat-release and /etc/os-release with info from RHEL 7 or CentOS 7
  2. Profit.

Yep….it’s sucky….but at least it shows that this works. Maybe it is possible to modify some file that lists supported operating systems……will have to look into that later on.

Always read the release notes….and the supported OS lists…..and the error logs. Even better if you do it all in the same evening to puzzle this amazing solution together……

FYI: The error I was getting was: Error: Gateway my.gateway.hostname: The server certificate is invalid. Please contact your IT administrator.

Cisco UCS: vHBA bandwidth

I never really understood how Cisco UCS vHBA are configured in regards to bandwidth (coming from a FC background).

Finally I got it spelled out for me like I was five…..IT IS JUST A ETHERNET PORT (yes yes…I knew that. But I really thought there was some more magic involved). IT JUST SYNCS ON THE SAME SPEED AS THE FEX PORT IT IS CONNECTED TO. That would mean if you have a blade with a VIC, a 6332 FI and a 2304 FEX and you do not have the port expander it will be configured as a 20Gbit port (2x10Gbit) with a single flow maxing out at 10Gbit/s (to the FI…not taking into account break out speeds to your ethernet and storage network from the FI). If you have the port expander for the VIC you get native 40Gbit/s if you are using the 2304 FEX and the 6332 FI (single flow can reach 40Gbit/s from the FEX to the FI).

I had a real duh! moment there.

Now it is out there! Hopefully this can help some poor soul out there. I googled my life away for couple of days and did not find a real answer.


Trying out an iPad Pro 12.9″ for sketching and drawing….but it is awesome!

I recently got my hands on a iPad Pro 12.9″ which I wanted to use for drawing sketches when I am working on some issues or just designs since I always seem to have the need to visualize stuff when I am working (and attaching them into OneNote). My desk often looks like there has been a mass-murder of post-its or notebooks. And those end up in the trash and I end up having to hammer down a drawing in Gliffy (or I don’t…..which isn’t exacly a good thing since I often would like to remember what I was sketching later on).

So – I got an iPad Pro 12.9″, Apple Smart Keyboard and a Apple Pencil.

Now I guess I have to admit I might have laughted histerically of those crazy people buying into the iPad Pro + Apple Pencil hype. More the once. Probably more then three times even….I have owned a iPad in the past (think it was the iPad 3) but I mostly used it for watching TV episodes before going to sleep. And Skype couple of times.

So I spent last night setting everything up. Sat down in my La-Z-Boy and got down to business – getting the iPad enrolled in our MDM, installing the apps I normally use on my laptop (SSH client, RDP client, Outlook, Word, Excel, Powerpoint, VPN client etc). Played around with the pencil.

My SO was sitting in her chair with her Surface Pro 4, doing her nightly surfing. She has been using the SP4 for two years if I remember correctly. She loves that thing. Probably more than me. But less than her cats.

After playing with the iPad for like an hour I start to realize how cool device this actually is. And how useful it is (I had my doubts it would actually be this useful). Start mumbling something about how awesome it is to be able to sketch with the pencil (which is better then any pencil I have tried before). Keep using the iPad. Keep mumbling about how awesome it is. She suddenly looks at me and says: “I told you multiple times – having a tablet with a pencil is extremly useful”. While I have thought about getting a Surface I never acted on that – they are pretty expensive here in the land of ice and snow.

I guess I have to eat my words. The iPad Pro is actually one of the most useful devices I have used for work-related computing. And I can even use it to do more then I actually thought I could do on a iPad. Which is a lot of researching, hammering at those pesky SSH terminals and replying to emails. I might even stop taking my laptop to meetings. And let me tell you – Before last night I would never have told you I would replace my laptop for any task.

Don’t get me wrong – This device will not replace my laptop. But I will probably use it less then before.

Hopefully I can pair a bluetooth mouse with it and use it with my RDP client. Haven’t tried it yet. If that works then I don’t think I will take my laptop with me when I am going on short trips over weekends etc.

I just have to say it. Apple might have created a market of devices that we don’t really need – but the iPad Pro is one brilliant device. While iOS is a little bit limited as a desktop OS it has couple of things going for it LInux and Windows can’t keep up with. The battery life is awesome (at least on this thing and so was the battery life on my old iPhone 6s Plus). I am still on the first charge on this bad boy. And I probably have OST of 8 hours already.

My Lenovo T460s laptop chews through the battery in just 3-4 hours. And that thing is just a year old. But I can probably blame Chrome + Extensions for that 🙂


UniFi Network kit – awesome stuff!

Recently I got fed up with yet another router (with integrated wireless) provided by my ISP. In the last 5-6 years or so I have gone through like 6 of those – having horrible experience with each and all of them. Well…..to be fair – they all worked as expected as a router but the wireless function was just a joke. Most of these were different versions of Thomson provided by Siminn (my ISP at the time). Before all this I had always been using a Linux based router (and even OpenBSD and FreeBSD at some point!) along with a standalone access point but due to limited time and other things going on I didn’t feel like spending time building yet another one (and my second trusty WRT54G had just died) so I just started using the router from my ISP to get things going again.

I moved to another apartment in November and got yet another router from my ISP (but this time I finally got a fiber connection!). Again – the wireless signal was horrible in some of the rooms so I started checking out some new equipment.

My friends have been raving about the stuff from UniFi – the EdgeMax routers and the UniFi APs. So I decided to try it out.

This stuff is brilliant! Luckily I have an old Linux box hooked up in a corner where I can run the UniFi software for the wireless access point. The configuration is very simple and the pricing of those APs (and the routers) is a joke. I got a single UniFi AP-AC-LR and it just rocks.

Then I configured the EdgeRouter….for a kit that only costs 99$ (or something like that) this thing is just awesome. I’m late to the game but this little dude can route 1 MPPS which you don’t normally find in such a small box (or at least when it was released). Guess I won’t have to worry about that on my 100Mbit connection 😉

The GUI is pretty self explanatory and if you have ever worked with a Cisco/Juniper kit you will find your way around the CLI quickly as well.

So – for around ~200$ I finally have a home network that I don’t have to worry about!

For the next phase I am thinking about getting a NGFW…..still debating if I will go with a small Fortigate, Juniper, Palo Alto or just a UniFi Security Gateway – it would be awesome to be able to inspect SSL!



My experience with Nimble Storage in a POC I did nearly 9 months ago

About this time last year I was part of a project where we were looking at replacing the primary storage systems in our infrastructure.

While we did not end up going with Nimble Storage at the time we did do a POC of the CS700 arrays (which has now been replaced by the more powerful CS7000).

Since we live on a small island in the north Atlantic, companies do not normally ship out a fully configured solution so when the Nimble reps actually asked me if I wanted to do a POC before I even asked them about availability of such a program I was pretty amazed. And when they were actually willing to ship a fully configured solution (two CS700 arrays) to us without any commitment I was even more amazed. Of course, since Nimble is a small company in the storage world this is probably the only way for them to get the larger companies to give them a chance when competing against the big dogs (EMC, HPE, NetApp).

When we were considering storage vendors we did not even think of Nimble Storage. I actually saw them at a VMMUG meeting here in Iceland where they had a presentation about the solution. The presentation was on a Thursday evening and I spent the days after wondering if the claims they laid out were actually true (X IOPS per array with 11 NLSAS disks and 4 SSDs).

I sent the sales guy who was at the presentation couple of emails over the weekend asking him questions about the solution. He got me in touch with a pre-sales technician who was able to answer my questions quickly and gave me lot of stuff to think about.

Well, long story short – we ended up testing the CS700 arrays with ~200TB usable space and ~7TB of SSD cache. The technician came on a Tuesday morning at ~09:00 and about 2 hours after we started installing the array in the first datacenter we were actually done installing both arrays in two different sites and could start migrating data to the arrays. The technician went through the basic stuff but since the interface is so simple (and well, the solution it self is just amazingly simple as whole) so he left us at ~14:00 if I am not mistaken. Nimble Storage shipped the arrays to us (and back) free of charge.

We moved loads of dev and test databases (and even some production ones later in the POC) on the system and started having some fun. It was obvious that even though the system only uses NLSAS drives as the backend storage they are capable of pushing some extreme IOPS/throughput in comparison to the traditional array with the Adaptive Flash/CASL secret sauce. Performance was pretty good. However – since our workload is not only IOPS based but also throughput based we did actually hit a small wall (please note that this was with the older CS generation, they have newer arrays out now that fix this somewhat). We actually have a window in our environment where we push more then ~1.6GB/sec (gigabytes) for quite a while (however, we were just maxing out the FC interfaces in the hosts/arrays – we later found out that we could push ~3GB/s on a faster array/faster network). And while the solution actually powered through things nicely we were not happy with the max throughput available at the time.

While we were doing the POC I interacted with the support team often, especially when we were looking at the throughput issue. I had access to Infosight during the POC and the information gathered there was very helpful. First we had a small latency issue – and the Nimble tech was able to point out that the issue was not in the Nimble array but in our VMware hosts. This ended up being a driver issue – so we got that fixed. After that the support technicians went through a lot of data analysis (we had multiple phone meetings with support during this case) and they helped us understand where the bottlenecks we were hitting and why the system did not perform in the way we were expecting.

After finding out that the product wasn’t a fit for us at the time they were understanding and didn’t hold any grudge against us, even thought they spent quite a lot of time trying to get things working. We packed the systems in the packaging they arrived in and got things shipped out.

The saddest part was that while the solution didn’t work out for us I have never had as pleasant support experience as I did during this ~30 day POC (and I have sadly had to deal with the support of multiple vendors and most of the time it can be quite tedious). When we were debugging the host (latency) related issue they never tried to argue that this was not there problem (but of course this was a POC and maybe they were just being extra nice, I don’t really know) but I never got the feeling they were trying to push the problem over to anyone else.

Thumbs up for Nimble – I hope they will keep up the good work!