Codebox in Docker

This is a quick note log. I was able to setup a self-hosted web IDE for programming. Today I tested out codebox.io, but I also want to check out the open source Cloud9 IDE.

  • Codebox.io an open-source Web IDE for programming (in your browser)
  • Docker an open source container
  • Docker-Codebox. All I really want is this guy's Dockerfile.

I already have Docker installed, that's the easy bit.

Build the box:

git clone https://github.com/forty9ten/docker-codebox.git
cd docker-codebox
docker build -t ytjohncodebox .
# much building occurs

Run codebox in docker

This will run the codebox.io environment on port 8000 and you'll be editing files that are stored in a directory called workspace1. ~/workspace1 on the host gets mounted into /workspace1 in the container.

cd ~
mkdir workspace1
docker run -p 8000:8000 -v ./workspace1:/workspace1 -t ytjohncodebox -p 8000 run /workspace1
# many things happen
# I end up seeing this:
# Codebox is running at http://localhost:8000

Now, I can access my server on port 8000 (ie, http://192.168.1.32:8000/). This instance is unprotected, it just asks for an email to get started. But the part I skipped over is that I am actually using nginx to proxy and password protect this instance.

I can hit Ctrl+C on the terminal to cancel my instance and all my edited files are safely stored in ~/workspace1.

Interesting bits: I create a new file in the web browser and save it, I see this bit of json in the console output:

[events] watch.change.create : { change: 'create',
  path: '/irule.txt',
  stats: 
   { current: 
      { dev: 64513,
        mode: 33188,
        nlink: 1,
        uid: 0,
        gid: 0,
        rdev: 0,
        blksize: 4096,
        ino: 262847,
        size: 27,
        blocks: 8,
        atime: Wed Feb 26 2014 05:18:44 GMT+0000 (UTC),
        mtime: Wed Feb 26 2014 05:18:42 GMT+0000 (UTC),
        ctime: Wed Feb 26 2014 05:18:42 GMT+0000 (UTC) },
     old: null } }

One thing I really need is the ability to open a web terminal. When I do though, the terminal window appears for a few seconds, and then vanishes. In the console, I see this:

[log][shells.stream] new socket connected
[log][shells.stream] open shell  { shellId: 'term2020-44',
  opts: { rows: 80, columns: 24, id: 'term2020-44' } }
[log][events] shell.spawn : { shellId: 'term2020-44' }
[log][events] shell.attach : { shellId: 'term2020-44' }
[log][events] shell.open : { shellId: 'term2020-44' }
[log][events] shell.exit : { shellId: 'term2020-44' }
[log][shells.stream] socket disconnected
[log][shells.stream] socket disconnected
[log][hooks] use hook settings

I got this same issue going through my nginx proxy and connecting directly on port 8000. A bit of text flashes quickly on the "terminal" in the web browser, but closes too quickly for me to catch it. Perhaps it's attempting to run something that is not installed in the Docker instance. If I can fix that, then I just need to come up with a cool way to launch workspaces and tie them into my nginx setup (or switch over to hipache as my front-end webserver).

Anyways, just wanted to record these steps here and show how easy it could be to get your own self hosted IDE.

Tagged as:

C270 Review

Acer C270 Chromebook

Last week I picked up a Chromebook, specifically the Acer C270. One of my coworkers uses one and kind of convinced me that one would be worth checking. I compared what was out there and other than the Pixel, the C270 had the best specs, including battery life (8.5 hours). It's an Intel chipset, 16GB space, 2Gb of RAM, 1.4Ghz.

The good:

  • You get a lot of functionality for $200.
  • 7 seconds from power off to browser up and running.
  • Both an ssh client and vim are installed by default.
  • The keyboard is fairly responsive.
  • Runs forever without needing a charge.
  • You can install a real OS alongside ChromeOS (using Crouton) and switch between the two without rebooting.
  • It can do web pages and has a built in terminal shell.
  • With Ubuntu installed in a chroot environment, it does everything my regular computer does (and I almost never have to fire up the gui, which would be a battery drain).
  • This does Netflix, Amazon Prime, Hulu and
  • I haven't done this, but one could replace the drive with a 128GB SSD for $100.

The bad:

  • Unfortunately the SD card slot isn't very deep. Any SD Card you insert will stick out the side. I was hoping to drop a 64GB sdcard inside here and store videos/music/projects on this card. But since it sticks out so far, I might as well use a USB drive.
  • The trackpad requires an annoying amount of pressure to right click or click and hold (dragging/highlighting). It also makes a loud click when you do this.

After working on this for the last week, I decided that this Chromebook is exactly what I was hoping my Asus 904 netbook would be. A responsive, long lasting, carry anywhere type computer. It has made me regret purchasing my Nexus 7. I get a lot more daily use out o fthe 11" Chromebook.

So what am I using this for? A lot of things. Anything really. My primary use case for this was actually amateur radio. In my ubuntu chroot environment, I installed CHIRP to program my radios, flidgi for operating digital modes, xlog for QSO logging, and Wine+APRSISCE for APRS action. So far these programs seem to work without issue. I've been able to program radios, send PSK data to PSKDroid on my cell phone using acoustic coupling, and view APRS activity using APRSISCE. When I'm not doing ham radio activity, I leave the X-windows session shut down (and it only takes about 5 seconds to start it up again).

Beyond ham radio, I'm using it to browse the web (duh), ssh into my servers, write python code, and right now... writing this post. Earlier today I fired up a Jenkins server on AWS. I've been meaning to set one up for a long time, and I have a year of AWS's free tier currently. So from this chromebook, I selected a jenkins instance from the AWS market, SSH'd into and add pelican to it. Then I was able to setup a simple jenkins job that would publish my website from github. Then I went over to github and added a commit hook that calls my new jenkins job. Now, anytime I commit into my website's github repository (including editing it from github directly), jenkins will automatically publish it. Doing this on my tablet, even with the keyboard, would have been frustrating.

Basically, despite even Google's marketing, their Chromebook is NOT a web browser only type device. It is a full computer. If you're used to Linux desktops and servers, you can do anything on it that you can on your existing setup. Yes, the impressive battery life is obtainable by using ChromeOS and using X-Windows or other cpu heavy applications will bring that battery life down. But even when I left X-windows up for long periods of time (for instance, letting the linux side download updates) it only had a moderate impact on my battery life.

If you're looking for a "carry anywhere, do anything" computing device, the C270 is well worth the price.

Tagged as:

Foreman managed virtual datacenter

I ordered the KS2 from - $50/month, 3.4ghz, 16gb ram, and a 1TB software raid setup. My plan is to set this up as a single server virtual datacenter. They also have the SP2 with twice the ram and storage for $90, but I figured I'd test out the cheaper option first. I can always upgrade and migrate to a larger server later if I get into heavier usage. The prices are rather cheap and they have scripts that will automatically provision physical servers.

I had this installed with Centos 6. I tried first using the "ovh secure" kernel, but I could not get KVM working with that kernel, so I had it reinstalled with the "vendor" kernel. I allocated 20GB to "/" and the remainder (898GB) to "/data".

Installing kvm and libvirt is a simple yum command.

yum install kvm libvirt python-virtinst qemu-kvm

Then, on my workstation, I installed virt-manager, which allowed me to graphically create and install virtual machines (I can do this by hand on the server, but virt-manager is a nice way to get started). The connection is done over ssh, so it will either ask for your username/password, or it can use ssh-key authentication (preferred).

I created /data/isos and /data/vms to hold my installation isos and virual machines respectively. The trick I had to work out is that I couldn't just add "/data" as a directory-based storage volume, I had to make one for isos and one for vms. I also found that the default directory (/var/lib/libvirt/images) is rather difficult to remove. I disabled it and removed it, but it showed back up later. When creating through the dialog, virt-manager wants to put your vm image in "default".

Creating a new virtual machine using virt-manager and a downloaded ubuntu 12.04 iso image (in /data/isos) was rather slick. I created a new volume in /data/vms, set the memory and cpu and started it. The default networking is a NAT'd network in the 192.168.122.x/24 network. As ovh only provides 3 IP addresses for free, I'm content to start with this network for testing, but I plan to move to a different subnet mask.

If I need to nat ports, the libvirt site has a useful page on forwarding incoming connections.

iptables -t nat -A PREROUTING -p tcp --dport HOST_PORT -j DNAT --to $GUESTIP:$GUESTPORT
iptables -I FORWARD -d $GUESTHOST/32 -p tcp -m state --state NEW -m tcp --dport $GUESTPORT -j ACCEPT

I have been reading some good things about The Formean, and how you can manage an infrastructure with it, so my next real VM will be an install of foreman. This will hopefully let me setup an enviroment where I can build virtual machines and provision them automatically. I don't know (yet) if The Foreman will handle iptable rules on the host, but it seems to have the ability to call external scripts and be customized, so I should be able to provision NAT on the host when provisioning a new VM.

Foreman utilizes DHCP and PXE to install "bare metal" VMs, so we need a network without DHCP. Now, to create my non-dhcp managed nat, I copy the default network xml file and modify it with my new range and remove the dhcp address

cd /usr/share/libvirt/networks
cp default.xml netmanaged.xml

Modified netmanaged.xml:

<network>
  <name>managednat</name>
  <bridge name="virbr1" />
  <forward/>
  <ip address="172.16.25.1" netmask="255.255.255.0">
  </ip>
</network>

It should show up with virsh net-list --all and I can activate it.

# virsh net-list --all
Name                 State      Autostart     Persistent
--------------------------------------------------
default              active     yes           yes
managednat           inactive   yes           yes
# virsh net-autostart managednat
Network managednat marked as autostarted

# virsh net-list --all
Name                 State      Autostart     Persistent
--------------------------------------------------
default              active     yes           yes
managednat           inactive   yes           yes

# virsh net-start managednat
Network managednat started

# virsh net-list --all
Name                 State      Autostart     Persistent
--------------------------------------------------
default              active     yes           yes
managednat           active     yes           yes

The gateway will be 172.16.25.1, and I will assign the IP 172.16.25.5 to my Foreman virtual machine, aptly called "builder". Once the basic ubuntu machine is installed by hand (hopefully the last one we do in this environment), I'll want access to it. Ideally, this would be behind a firewall with vpn access, but I haven't got that far yet. So for now, I'll just setup some NAT for port 22 and 443.

iptables -t nat -A PREROUTING -p tcp --dport 8122 -j DNAT --to 172.16.25.5:22
iptables -I FORWARD -d 172.16.25.5/32 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 8143 -j DNAT --to 172.16.25.5:443
iptables -I FORWARD -d 172.16.25.5/32 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT

Using "foreman-installer" is the most recommended method, ensuring that we have current packages directly from theforeman.org. I've installed 12.04 LTS (precise), so it's fairly straightforward, though I modified slightly from the installation documentation. The original instruction rely on running as root.

# get some apt support programs 
sudo apt-get install python-software-properties

# add the deb.theforeman.org repository
sudo bash -c "echo deb http://deb.theforeman.org/ precise stable > /etc/apt/sources.list.db/foreman.list"  
# add the key
wget -q http://deb.theforeman.org/foreman.asc -O- | sudo apt-key add -
# install the installer
sudo apt-get update && sudo apt-get install foreman-installer

# run the installer
sudo ruby /usr/share/foreman-installer/generate_answers.rb

At this point, Foreman is running on port 443, or in my case "https://externalip:8143/". I can login with the username "admin" and the password "changeme".

I've been reading the manual more at this point, but I think my next step is to watch the video Foreman Quickstart: unattendend installation. If I can grok that (and it looks nicely step by step) I'll try and setup an unattended install.

Tagged as: foreman puppet libvirt virsh

New Static Site

I had mentioned previously that I had taken up markdown blogging. At that time, I was writing my post in markdown, converting it to HTML, and then injecting it into blogger. This last week, I have done a good bit of work to convert my site to a "static site" using Pelican. A static site is made up entirely of static files - no database, no php includes, just your basic collection of html, javascript, css, and images. I write content in Markdown on my laptop. I develop my theme locally as well. Then I run "make html" and pelican will process my configuration file, my content, and my theme to generate all of the pages, posts, archive pages, and various rss feeds. The end result is a directory full of files that can be dropped onto pretty much any webserver.

There were a few hic-cups. Many of my older pages were not originally written in markdown, but rather using whatever CMS editor I had at the time. Pelican has an import feature, but some things got lost in translation. Any preformated code blocks had to be re-created manually (amusingly enough, copying and pasting from the old web page into vim, then indenting them properly).

The biggest loss is a search engine. A CMS like Wordpress or a hosted solution like Blogger stores your content in a database and provides a search interface to that content. With static pages, not so much. Most of the web gets around this using Google's CSE, which I am trying as well. As of yet, almost nothing appears to be indexing on this page. If this continues, I will setup a stanadlone search engine that simply indexes the pages on this site. (UPDATE: Google has a nice fresh index of the website, covering everything except this page I wrote yesterday.) I'm still researching possibilities on that. Ten years ago, ht://dig was the premier application to use, but development on that seems to have stopped in 2004. Sphider looks like a good product, but again, development stopped in 2007. Small search engine development seems to have dropped off significantly with the rise of Google's popularity.

A copy of the website content and theme can be tracked on github.

Tagged as: