Live Migrate, Non-Shared Storage, with Destination Storage Pool Change

I had an issue where I needed to change the storage pool location on the doing a live block-copy-all migration.

The solution is to dump the xml and edit it to point to the change file location. This edited xml is passed to the virsh command --xml [file.xml].

A Quick Issue
Ensure CPU compatibility (I did it with Virt-Manager), it required a reboot, I actually changed it to “clear CPU configuration” but upon reboot it changed it to “Hypervisor Default”.

Change the xml to reflect the Changed Storage Location

In my case I had a larger RAID pool under /mnt/

Final Command Sequence
To finally migrate, with --storage-copy-all, with --undefinesource, with --persistent, and finally --xml [dump.xml]

virsh migrate --copy-storage-all mail qemu+ssh://kvm2/system --undefinesource --persistent --xml mail.xml

Additionally, Watch the Progress
As a means to watch the progress, I found running watch du -h [incoming-image-name] this will show you a continually updating file size so you can see how much of disk images has transferred.

Posted in Technical | Tagged , , | Leave a comment

BeEF from git Fails on SQLite Gem Install

You need ruby-dev as a package.

sudo apt install ruby-dev

When running:

Traceback (most recent call last):
4: from ./beef:44:in `

'
3: from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require'
2: from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require'
1: from /opt/beef/core/loader.rb:17:in `'
/opt/beef/core/loader.rb:17:in `require': cannot load such file -- xmlrpc/client (LoadError)

Need xmlrpc installed (used to be included).

sudo gem install 'xmlrpc'

Posted in Technical | Leave a comment

Serial Console connection FROM pfSense

So I have a configuration where I have pfSense running on a server and a single Cisco Switch. I thought it would be convenient to use the serial port on the server (pfSense) to console into the Cisco Switch for remote configuration (as an alternative to SSHing into the switch, in case it is down).

After enabling SSH access, SSH to the pfSense box. Press 8 for shell access.

So the key is just to install some terminal tty console application, I chose screen. Install using the built in package management system:

pkg update
pkg install screen

Now to connect to the Cisco Switch (u0 was the first (and only) serial, 9600 is default baud rate on Cisco Console Ports:

/usr/local/bin/screen /dev/ttyu0 9600

Interestingly, screen didn’t work without the full path (despite /usr/local/bin being in my path). I may have needed to relog, or it may be a security feature. More investigation needed.

Posted in Technical | Tagged , , | Leave a comment

Moving from ESXi to KVM (vmdk to qcow2, specifically)

I have several VMs that I want to decommission, but feel like an open source “just in case we need it” VM dumped to a disk is a good idea.  Mainly since we pay RAM-hours on our ESXi licensing and I have old servers lying around that I can install Ubuntu Server on for the KVM.

The primary thing to grab is the .vmdk and the -flat.vmdk file (the flat is the actual disk while the former is the header information about the disk).

Once grabbed, easy peasy:

qemu-img convert -f vmdk -O qcow2 source.vmdk destination.qcow2

note: you point it to the text file: vmdk not the huge -flat.vmdk.

Now create a new VM and pick this disk as primary.  No issue moving/booting Windows or Linux machines.  I do have an old RedHat 5 machine that won’t boot (kernel panic) but that is a problem for another day.

Posted in Technical | Tagged , , , , , , | Leave a comment

Backup WordPress HTML (well any html really).

So I’m having an issue updating another plugin on a different WP site.  So I tried manually installing the plug by navigating to:

cd /var/www/html/wp-content/plugins/

and deleting the theme directly then installing the replacement in the admin panel.

Before I did that I tarball’d the existing html folder pwd: /var/www/:

tar caf ~/site-backup.tar.xz html [create autodetect-compression file]

My manual install didn’t work (well it did, but that wasn’t what I needed).  So rather than troubleshoot I reverted back:

rm -R html
tar xvJf ~/site-backup.tar.xz -C /var/html/ [extract verbose J-xz-compresed file]
chmod -R 755 /var/www/html

All is well.

Back to fixing the theme.

Posted in Technical | Tagged , , , , | Leave a comment

XMLRPC [Symptom: WordPress on iOS not working on Self-Hosted Site]

I ran into an issue with my new hosting of WordPress with my WP iOS app not detecting my self-hosted site as a WordPress site.

We’re sure this is a great site — but it’s not a WordPress site, so you can’t connect it to with this app.

First note the grammar issue: “connect it to” should be “connect to it”.  Haha, I emailed them.

On to the issue:

Troubleshooting led me to test RPC:

https://www.grid18.com/xmlrpc.php

This is the correct behavior (a browser typically sends a GET request rather than POST).

Let’s test POST:

https://www.grid18.com/xmlrpc.php?rsd

Correct behavior as well. Why the error?

Enabled debugging in wp-config.php:

WP_DEBUG was already there, just had to change false to true.  This creates a debug.log in the wp-content folder of the site’s root.

cat wp-content/debug.log

Aha!

I took the minimum-attack-surface approach to installing the software on my host. I didn’t get the PHP-XML package when I installed originally.

sudo apt install php-xml

Success!

Reset (comment out WP_DEBUG_LOG) and set WP_DEBUG back to true.

 

References:

https://snapcreek.com/blog/wordpress-error-log-friend/

Posted in Technical | Tagged , , , , | Leave a comment

Let’s Encrypt powered by Certbot on Self-Hosted WordPress Site

Adding SSL (Well, TLS) to a website has never been easier. I recently started hosting 3 different WordPress sites (this being one of them).

With the use of Let’s Encrypt’s support for SNI I don’t need multiple public IPs… awesome.

I did this on Ubuntu 16.04.3:

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache 

sudo certbot –apache

(when prompted, added all sites including www.) I did this twice, first time I was using all default sites in apache, this gives the error about unable to determine domain name, when I did it on the vHosts version, it populated the sites automatically.

sudo certbot renew --dry-run

This was just to test the renewal process (that it works).

crontab -e
0 0 * * * certbot renew

Success!

On a side note, I did have to go in and in a couple of key places on in WordPress, change the domain to include the https:// rather than http://. If I hadn’t, the encrypted lock has the warning that some of the media (specifically uploaded before the SSL add-on) will permanently have the http:// on the embedded address.

Futher Reading:

https://certbot.eff.org/
https://letsencrypt.org/

Posted in Technical | Tagged , , , , | Leave a comment

Robocopy to Sync a Drive

I have a need to P2V a server, it currently has an 11.1TB drive (via spanned disks).  I need to shrink it down before the move.  My solution is to drop the disk entirely, P2V just the OS Drive (a more manageable 480GB) and attach a new data disk.  I need to move the data (~4TB) to an interim location (a NAS) then copy it to the newly attached disk once the P2V is complete.

robocopy /MIR /FFT /w:0 /r:0 /z D:\ \\nas\scratch\D-Drive\

/MIR Mirrors the directories (deletes at the destination as well as empty directories).

/FFT Fat File Time, I’m copying to a BSD NAS, the time formats aren’t as granular.

/w:0 Wait 0 seconds on a failure, keep the sync going, hung up on $RECYCLE.BIN files.

/r:0 No retries when it can’t copy.

/z Restart mode in case of interupptions.

Posted in Technical | Tagged , , , | Leave a comment