Macintosh

You are currently browsing articles tagged Macintosh.

Reducing the Friction: Using Keyboard Shortcuts

Friday, June 14, 2013 in General, Macintosh, Personal by slowe | No comments

One thing that I personally have found extremely helpful in making common tasks easier—a key aspect of the “reducing the friction” idea I’ve been discussing—is the use of keyboard shortcuts. In this post, I want to talk about how you might be able to maximize your use of keyboard shortcuts to help improve your personal efficiency.

In my view, there are three aspects to using keyboard shortcuts more extensively:

  1. Using a keyboard-based launcher/search tool
  2. Using a system-wide hotkey tool
  3. Using (and/or customizing) application-specific keyboard shortcuts

Let’s take a quick look at each of these.

Keyboard-Based Launcher/Search Tool

I don’t think it’s any secret that I’m a fan of Quicksilver, regarded by many to be the quintessential tool for OS X in this category. There are other tools in this category, of course; examples include LaunchBar and Alfred. The key value that all these tools add to an existing system is the ability to quickly and easily search for something or launch an application without having to take your hands off the keyboard. Most of these tools also take an “object-oriented” approach that lets you use them to open URLs, open documents or folders, perform web searches, access browser bookmarks, and more.

System-Wide Hotkey Tool

While tools such as Quicksilver (or LaunchBar or Alfred) have some of this functionality as well, I’m specifically thinking of a utility like FastScripts. FastScripts allow you to bind AppleScripts to keyboard shortcuts, either on a system-wide basis or on an application-specific basis. There are other tools similar to this, but this is one with which I am very familiar (I think Keyboard Maestro offers similar functionality, plus other features as well.)

Here are some potential ways you could use this tool to help reduce the friction:

  • Perhaps you want to be able to compose a new e-mail message from any application on your system. You could write an AppleScript that launches Mail.app and composes a new message, then use FastScripts to create a system-wide shortcut key. Now, in whatever application you’re in, you can quickly and easily bring up a window to send a new e-mail message—all without taking your hands off the keyboard or having to switch between applications.
  • Maybe you want to make it even easier to launch a particular application. You could write a very simple AppleScript that launches the application, then use FastScripts or its equivalent to create a system-wide hotkey to launch the app. (This sort of functionality is especially useful if you aren’t using a tool like Quicksilver, LaunchBar, or Alfred.)
  • Like with an application, an AppleScript to open a commonly-accessed folder is pretty simple. Think about being able to use a quick keyboard shortcut to access folders that you frequently use, without having to navigate through the folder structure or switch applications to get there. Handy!

Application-Specific Keyboard Shortcuts

There are two parts to this particular aspect of using keyboard shortcuts:

  1. Using something like FastScripts, but on an application-specific basis
  2. Using OS X’s System Preferences application to customize keyboard shortcuts more to your liking

Use case #1 I’ve kind of already described in the previous section, so I won’t go into it again. There are lots of potential use cases here—creating a keyboard shortcut for an AppleScript that archives the selected messages is one example that might help accelerate your e-mail processing workflow.

Use case #2 is a bit more interesting, I think. A little-known fact is that you can use System Preferences to create new keyboard shortcuts for specific features within applications as well as customize existing keyboard shortcuts. Here’s an example. In some of my applications, the Export command (for saving a file in a different format) used Option-Command-E, but in other applications it didn’t. Since keyboard shortcuts are a little like muscle memory, using the same keyboard shortcut across multiple applications makes it easier and simpler. So, I used System Preferences so that more of the applications I use regularly have the same keyboard shortcut (where possible) for the Export function.

I hope some of these ideas are useful, or that they spark new ideas you might have about how you might reduce the friction in your own workflows. I’d love to hear any ideas or suggestions that other people have, so please speak up in the comments below. Thanks!

Tags: , ,

Reducing the Friction: Automating File Management

Friday, June 7, 2013 in General, Macintosh, Personal by slowe | 1 comment

One of the key things you can do to help improve your efficiency is “reduce the friction”—make common tasks easier, simpler, faster. (This isn’t my phrase or idea, by the way, but I’ve forgotten exactly where I first saw it.) In my last Reducing the Friction post, I talked about how I use AppleScript to help automate part of my blog publishing process. In this post, I’ll share how I help automate some common file management tasks.

The tool that I use here is Hazel, a nifty rules-based file management tool. Hazel uses a set of “if-then” rules to automatically perform tasks on a file based on a set of conditions. I use Hazel for a number of things, but the primary use case I’ll highlight here is automatically archiving files. I use this same technique in two different ways:

  1. To automatically archive files I no longer need/want
  2. To automatically archive published blog posts

The basic rule is the same in both instances, although the trigger is different. Here’s a screenshot of the Hazel rule for the first usage, archiving files I no longer need/want:

Hazel rule screenshot

Hazel rule for archiving files

Let me break that down real quick:

  • The rule condition states that a file must have been assigned the blue color label in the Finder (which, in my system, is what I use to mark a file as no longer needed/wanted) in order for the rule to be fired.
  • Once the rule is fired, then Hazel will move the file to the Archive-Pending folder and clear the color label from the file.

So, to archive files to my Archive-Pending folder (which I periodically move off my laptop to my home NAS for longer-term storage), I simply assign it the blue color label and Hazel does the rest. By the way, you’ll note that this rule is attached to the ~/Documents folder.

I use the same basic rule, with one small tweak, for the second usage I listed (automatically archiving published blog posts):

Hazel rule screenshot

Hazel rule for archiving published blog posts

As you can see, the rule actions are the same (move the file to the Archive-Pending folder and clear the color label), but the trigger is different. In this particular case, I use the green color label, which I’ve named “Finished” in my Finder preferences, to trigger the rule action. This rule is attached to my Blog-Drafts folder.

So, when I’m done with a blog post, I mark the Markdown file with the Finished (green) label, and Hazel automatically moves the post to my Archive-Pending folder. This helps ensure that the Blog-Drafts folder only contains unpublished/in-progress drafts, and also helps ensure that I have an archive of all my blog posts (an archive that is separate from backups of the WordPress database). This second reason, by the way, is one of the reasons I use the publishing process I use instead of just using the WordPress editor (although that is a perfectly fine way of doing it, if that works for you).

So what’s next? Hazel has the ability to watch a file’s activity (based on last opened or last modified dates), so in theory I could have Hazel start automatically moving “old” or “inactive” files to the Archive-Pending folder as well. I’m a bit hesitant to do that right now, but it is an option I might explore in the future.

I’d love to hear any other thoughts readers might have on “reducing the friction” through automating parts of the file management process (either with Hazel or with other tools). Feel free to add your thoughts, ideas, or suggestions in the comments below.

Tags: ,

Technology Short Take #33

Tuesday, June 4, 2013 in Networking, Security, Storage, Virtualization by slowe | 1 comment

Welcome to Technology Short Take #33, the latest in my irregularly-published series of articles discussing various data center technology-related links, articles, rants, thoughts, and questions. I hope that you find something useful here. Enjoy!

Networking

  • Tom Nolle asks the question, “Is virtualization reality even more elusive than virtual reality?” It’s a good read; the key thing that I took away from it was that SDN, NFV, and related efforts are great, but what we really need is something that can pull all these together in a way that customers (and providers) reap the benefits.
  • What happens when multiple VXLAN logical networks are mapped to the same multicast group? Venky explains it in this post. Venky also has a great write-up on how the VTEP (VXLAN Tunnel End Point) learns and creates the forwarding table.
  • This post by Ranga Maddipudi shows you how to use App Firewall in conjunction with VXLAN logical networks.
  • Jason Edelman is on a roll with a couple of great blog posts. First up, Jason goes off on a rant about network virtualization, briefly hitting topics like the relationship between overlays and hardware, the role of hardware in network virtualization, the changing roles of data center professionals, and whether overlays are the next logical step in the evolution of the network. I particularly enjoyed the snippet from the post by Bill Koss. Next, Jason dives a bit deeper on the relationship between network overlays and hardware, and shares his thoughts on where it does—and doesn’t—make sense to have hardware terminating overlay tunnels.
  • Another post by Tom Nolle explores the relationship—complicated at times—between SDN, NFV, and the cloud. Given that we define the cloud (sorry to steal your phrase, Joe) as elastic, pooled resources with self-service functionality and ubiquitous access, I can see where Tom states that to discuss SDN or NFV without discussing cloud is silly. On the flip side, though, I have to believe that it’s possible for organizations to make a gradual shift in their computing architectures and processes, so one almost has to discuss these various components individually, because to tie them all together makes it almost impossible. Thoughts?
  • If you haven’t already introduced yourself to VXLAN (one of several draft protocols used as an overlay protocol), Cisco Inferno has a reasonable write-up.
  • I know Steve Jin, and he’s a really smart guy. I must disagree with some of his statements regarding what software-defined networking is and is not and where it fits, written back in April. I talked before about the difference between network virtualization and SDN, so no need to mention that again. Also, the two key flaws that Steve identifies—single point of failure and scalability—aren’t flaws with SDN/network virtualization, but rather flaws in an implementation of said technologies, IMHO.

Servers/Hardware

  • Correction from the last Technology Short Take—I incorrectly stated that the HP Moonshot offerings were ARM-based, and therefore wouldn’t support vSphere. I was wrong. The servers (right now, at least) are running Intel Atom S1260 CPUs, which are x86-based and do offer features like Intel VT-x. Thanks to all who pointed this out, and my apologies for the error!
  • I missed this on the #vBrownBag series: designing HP Virtual Connect for vSphere 5.x.

Security

Cloud Computing/Cloud Management

  • Hyper-V as hypervisor with OpenStack Compute? Sure, see here.
  • Cody Bunch, who has been focusing quite a bit on OpenStack recently, has a nice write-up on using Razor and Chef to automate an OpenStack build. Part 1 is here; part 2 is here. Good stuff—keep it up, Cody!
  • I’ve mentioned in some of my OpenStack presentations (see SpeakerDeck or Slideshare) that a great place to start if you’re just getting started is DevStack. Here, Brent Salisbury has a nice write-up on using DevStack to install OpenStack Grizzly.

Operating Systems/Applications

  • Boxen, a tool created by GitHub to manage their OS X Mountain Lion laptops for developers, looks interesting. Might be a useful tool for other environments, too.
  • If you use TextMate2 (I switched to BBEdit a little while ago after being a long-time TextMate user), you might enjoy this quick post by Colin McNamara on Puppet syntax highlighting using TextMate2.

Storage

  • Anyone have more information on Jeda Networks? They’ve been mentioned a couple of times on GigaOm (here and here), but I haven’t seen anything concrete yet. Hey, Stephen Foskett, if you’re reading: get Jeda Networks to the next Tech Field Day.
  • Tim Patterson shares some code from Luc Dekens that helps check VMFS version and block sizes using PowerCLI. This could come in quite handy in making sure you know how your datastores are configured, especially if you are in the midst of a migration or have inherited an environment from someone else.

Virtualization

  • Interested in using SAML and Horizon Workspace with vCloud Director? Tom Fojta shows you how.
  • If you aren’t using vSphere Host Profiles, this write-up on the VMware SMB blog might convince you why you should and show you how to get started.
  • Michael Webster tackles the question: is now the best time to upgrade to vSphere 5.1? Read the full post to see what Michael has to say about it.
  • Duncan points out an easy error to make when working with vSphere HA heartbeat datastores in this post. Key takeaway: sometimes the fix is a lot simpler than we might think at first. (I know I’m guilty of making things more complicated than they need to be at times. Aren’t we all?)
  • Jon Benedict (aka “Captain KVM”) shares a script he wrote to help provide high availability for RHEV-M.
  • Chris Wahl has a nice write-up on using log shipping to protect your vCenter database. It’s a bit over a year old (surprised I missed it until now), and—as Chris points out—log shipping doesn’t protect the database (primary and secondary copies) against corruption. However, it’s better than nothing (which I suspect it what far too many people are using).

Other

  • If you aspire to be a writer—whether that be a blogger, author, journalist, or other—you might find this article on using the DASH method for writing to be helpful. The six tips at the end of the article are especially helpful, I think.

Time to wrap this up for now; the rest will have to wait until the next Technology Short Take. Until then, feel free to share your thoughts, questions, or rants in the comments below. Courteous comments are always welcome!

Tags: , , , , , , , , , , , , , ,

Reducing the Friction: BBEdit to MarsEdit

Friday, May 31, 2013 in General, Macintosh, Personal by slowe | 6 comments

In some of the presentations that I give on productivity and efficiency, one of the things I mention is reducing the friction; that is, making processes more streamlined so they’re easier to perform. In this post, I’m going to describe one way I reduced the friction for producing and publishing blog posts using BBEdit, TextSoap, MarsEdit, and some AppleScript.

It’s no secret that I’ve become a huge fan of Markdown, the human-readable plain text “markup” format created by Jon Gruber. The vast majority of all my content is now created in Markdown, and then converted to RTF (to share with my Office-using co-workers), PDF (for broader publication), or HTML (for publishing online). Until very recently, my blog publishing process looked something like this:

  1. Write the blog post in Markdown, using TextMate.
  2. Using a built-in Markdown binary in TextMate, convert the Markdown into HTML.
  3. Run the raw HTML through TextSoap (very handy tool) to remove smart quotes and curly apostrophes.
  4. Paste the parsed HTML into MarsEdit for publication to my blog.

While it seems complicated, it wasn’t terribly complicated—but it wasn’t as seamless as it could be. So, I set out to improve the process. The first big change was a switch from TextMate to BBEdit, which is more extensible (and kept up to date by the developer). That change allowed me to do two things:

  • Switch from the built-in Markdown support in TextMate to using a separate (and more up-to-date) MultiMarkdown binary maintained by Fletcher Penny.
  • Introduce an AppleScript (BBEdit has outstanding support for AppleScript) to automate some portion of the process.

My first pass at automating the process just got me back to where I was before—writing Markdown in BBEdit, converting to HTML, cleaning the HTML with TextSoap, and pasting into MarsEdit. Not too impressive, but acceptable, and a process with which I was familiar. I stuck with that process for a while, primarily because it was a known entity. A couple of days ago, though, I asked myself: Can I do better? Can I be more efficient?

So, my second pass at automating the process is much more comprehensive. The AppleScript I wrote as a result of challenging myself to reduce the friction does the following:

  • Takes the Markdown from BBEdit and converts it to HTML.
  • Using the HTML produced by the standalone MultiMarkdown binary, it then calls TextSoap to (in the background) clean the HTML according to a custom cleaner I’d created (the custom cleaner, called “Replace HTML Entities,” just replaces curly quotes and curly apostrophes, which don’t translate well on my site).
  • Creates a new, blank blog post in MarsEdit, into which it pastes the cleaned HTML as the body of the post.

I store the script in BBEdit’s scripts folder, which means I can invoke the script easily from within BBEdit.

Here’s the AppleScript itself (click here if the script doesn’t show up):

Now, I can write my Markdown in BBEdit, invoke the script, and get dropped out to HTML code sitting in a new blog post in MarsEdit. All I need to do to publish the post at that point is supply the metadata (tags, categories, title, excerpt) and click Send to Blog. Done. (I used this process for this post, in fact.) How’s that for reduced friction?

Tags: , , ,

Using pf on OS X Mountain Lion

Wednesday, May 15, 2013 in Macintosh, Security, UNIX by slowe | 16 comments

I’ve written before about adding an extra layer of network security to your Macintosh by leveraging the BSD-level ipfw firewall, in addition to the standard GUI firewall and additional third-party firewalls (like Little Snitch). In OS X Lion and OS X Mountain Lion, though, ipfw was deprecated in favor of pf, the powerful packet filter that I believe originated on OpenBSD. (OS X’s version of pf is ported from FreeBSD.) In this article, I’m going to show you how to use pf on OS X.

Note that this is just one way of leveraging pf, not necessarily the only way of doing it. I tested (and am currently using) this configuration on OS X Mountain Lion 10.8.3.

There are X basic pieces involved in getting pf up and running on OS X Mountain Lion:

  1. Putting pf configuration files in place.
  2. Creating a launchd item for pf.

Let’s look at each of these pieces in a bit more detail. We’ll start with the configuration files.

Putting Configuration Files in Place

OS X Mountain Lion comes with a barebones /etc/pf.conf preinstalled. This barebones configuration file references a single anchor, found in /etc/pf.anchors/com.apple. This anchor, however, does not contain any actual pf rules; instead, it appears to be nothing more than a placeholder.

Since there is a configuration file already in place, you have two options ahead of you:

  1. You can overwrite the existing configuration file. The drawback of this approach is that a) Apple has been known to change this file during system updates, undoing your changes; and b) it could break future OS X functionality.

  2. You can bypass the existing configuration file. This is the approach I took, partly due to the reasons listed above and partly because I found that pfctl (the program used to manage pf) wouldn’t activate the filter rules when the existing configuration file was used. (It complained about improper order of lines in the existing configuration file.)

Note that some tools (like IceFloor) take the first approach and modify the existing configuration file.

I’ll assume you’re going to use option #2. What you’ll need, then, are (at a minimum) two configuration files:

  1. The pf configuration file you want it to parse on startup
  2. At least one anchor file that contains the various options and rules you want to pass to pf when it starts

Since we’re bypassing the existing configuration file, all you really need is an extremely simple configuration file that points to your anchor and loads it, like this:

The other file you need has the actual options and rules that will be passed to pf when it starts. You can get fancy here and use a separate file to define macros and tables, or you can bundle the macros and tables in with the rules. Whatever approach you take, be sure that you have the commands in this file in the right order: options, normalization, queueing, translation, and filtering. Failure to put things in the right order will cause pf not to enable and will leave your system without this additional layer of network protection.

A very simple set of rules in an anchor might look something like this:

Naturally, you’d want to customize these rules to fit your environment. At the end of this article I provide some additional resources that might help with this task.

Once you have the configuration file in place and at least one anchor defined with rules (in the right order!), then you’re ready to move ahead with creating the launchd item for pf so that it starts automatically.

However, there is one additional thing you might want to do first—test your rules to be sure everything is correct. Use this command in a terminal window while running as an administrative user:

sudo pfctl -v -n -f <path to configuration file>

If this command reports errors, go back and fix them before proceeding.

Creating the launchd Item for pf

Creating the launchd item simply involves creating a properly-formatted XML file and placing it in /Library/LaunchDaemons. It must be owned by root, otherwise it won’t be processed at all. If you aren’t clear on how to make sure it’s owned by root, go do a bit of reading on sudo and chown.

Here’s a launchd item you might use for pf:

A few notes about this launchd item:

  • You’ll want to change the last <string> item under the ProgramArguments key to properly reflect the path and filename of the custom configuration file you created earlier. In my case, I’m storing both the configuration file and the anchor in the /etc/pf.anchors directory.
  • As I stated earlier, you must ensure this file is owned by root once you put it into /Library/LaunchDaemons. It won’t work otherwise.
  • If you have additional parameters you want/need to pass to pfctl, add them as separate lines in the ProgramArguments array. Each individual argument on the command line must be a separate item in the array.

Once this file is in place with the right ownership, you can either use launchctl to load it or restart your computer. The robust pf firewall should now be running on your OS X Mountain Lion system. Enjoy!

Some Additional Resources

Finally, it’s important to note that I found a few different web sites helpful during my experimentations with pf on OS X. This write-up was written with Lion in mind, but applies equally well to Mountain Lion, and this site—while clearly focused on OpenBSD and FreeBSD—was nevertheless quite helpful as well.

It should go without saying, but I’ll say it nevertheless: courteous comments are welcome! Feel free to add your thoughts, ideas, questions, or corrections below.

Tags: , , ,

Technology Short Take #31

Monday, April 8, 2013 in Macintosh, Networking, Security, Storage, Virtualization by slowe | 3 comments

Welcome to Technology Short Take #31, my irregularly published series that takes a look at links, posts, articles, and thoughts from around the web related to core data center technologies. I hope that you find something useful!

Networking

  • Umair Hoodbhoy speculates in this post that the inclusion of Cisco’s ONE Controller in the recently-announced “Daylight” effort could mean the end for Big Switch’s Floodlight. (Umair’s play on words—”in Daylight there is no need for Floodlights”—is cute.)
  • Of course, Big Switch recently moved to “diversify,” if you will, away from just Floodlight with the introduction of Switch Light. As usual, Brent Salisbury has an excellent write-up on Switch Light, so I recommend reading his post. Switch Light seems like a good idea—more competition is always good, isn’t that what people say?—but I wonder how much cooperation Big Switch will get from the major networking vendors with regards to OpenFlow interoperability now that Big Switch is competing even more directly with them via Switch Light.
  • I think I might have mentioned this before (sorry if so), but here’s a good write-up on using the Edge Gateway CLI for monitoring and troubleshooting. Nice.
  • Greg Ferro examines a potential SDN use case (an OpenFlow use case) in the form of enterprise firewall migrations.
  • Just getting started in the networking field? Last year, Brent Salisbury put together a couple of great posts that help “refresh the basics” of networking. Part 1 covers Ethernet, IP, and TCP headers in Wireshark captures; part 2 pulls that together to show how the headers encapsulate in the OSI stack. If you’re not already familiar with this information, this is good reading.

Servers/Hardware

Nothing this time around, but I’ll stay alert for information I can include in the next Technology Short Take!

Security

  • Mounting guest disk images on the host? That’s a no-no from a security perspective—see here to learn why.
  • Mike Foley shared recently that the release candidate of the vSphere 5 Security Hardening Guide has been released. Check it out here.

Cloud Computing/Cloud Management

  • I haven’t had the chance to actually try it out myself, but Blueprint looks interesting. As the website describes it, it’s designed to “reverse engineer” servers so that you can migrate them into a configuration management system like Chef or Puppet.
  • Looking for a decent high-level overview of OpenStack and how it works? Check out this article titled “In a nutshell: How OpenStack works”. (As an aside, I think it’s awesome how Ken Pepple’s diagrams show up in all sorts of places. One day I hope my material proves as useful to folks.)
  • If you use Puppet for configuration management and want to deploy GlusterFS, be sure to check out this Puppet Forge module. I’ve tested it and it works as advertised.
  • This is an older article (published in May of last year), and it’s a bit on the lengthy side, but I like the tack the author uses. He describes cloud as the synthesis of many different forms of innovation within IT, pulling together things like open source, virtualization, distributed programming, NoSQL, DevOps/NoOps, distributed teams, dynamic languages, and Big Data (among others). He then goes on to provide examples of how organizations building or leveraging clouds are synthesizing these various independent technological innovations together. If you have a few minutes (as I said, it’s a bit on the lengthy side), I’d recommend reading it.

Operating Systems/Applications

  • This series is a bit older, but an interesting one nevertheless. Brian McClain, who was one of the presenters in a Cloud Foundry/BOSH session I liveblogged at VMworld 2012, has his own personal blog and posted a series of articles on using BOSH with vSphere. I hadn’t really considered how one might use BOSH for deploying (and managing) multi-VM applications on vSphere, but Brian provides some practical examples. Part 1 of the series is here, followed by part 2, part 3, part 4, and part 5.
  • Like using Markdown on OS X? You might find these handy.
  • Ah, the good old days of DOS…reborn as FreeDOS.
  • Go ahead, read up on YAML. You know you want to. Well, YAML is used in both Hiera (can be used with Puppet) and BOSH, after all.
  • Here’s another interesting tool that I haven’t had the opportunity to actually test myself. Oz looks like it could be quite useful—especially in virtualized/cloud computing environments—but I’m struggling to determine why I should use Oz instead of OS-specific mechanisms (like a kickstart file). If anyone has used Oz and can shed some light on this question, I’d appreciate it.
  • You may have heard that I recently switched from TextMate to BBEdit as my default OS X text editor (and therefore the tool whereby I do most of my content generation). As part of the switch, I found this to be helpful. (I might post a separate entry about the switch, if enough people seem interested in reading about it.)

Storage

Virtualization

That’s it for this time. I have plenty more links I wanted to share, but I figured I’d better not let this post get any longer. As always, courteous comments are welcome, so I invite you to participate in the conversation by adding your thoughts below.

Tags: , , , , , , , , , ,

Technology Short Take #28

Thursday, January 10, 2013 in Macintosh, Microsoft, Networking, Security, Storage, Virtualization by slowe | 3 comments

Welcome to Technology Short Take #28, the first Technology Short Take for 2013. As always, I hope that you find something useful or informative here. Enjoy!

Networking

  • Ivan Pepelnjak recently wrote a piece titled “Edge and Core OpenFlow (and why MPLS is not NAT)”. It’s an informative piece—Ivan’s stuff is always informative—but what really drew my attention was his mention of a paper by Martin Casado, Teemu Koponen, and others that calls for a combination of MPLS and OpenFlow (and an evolution of OpenFlow into “edge” and “core” versions) to build next-generation networks. I’ve downloaded the paper and intend to review it in more detail. I’d love to hear from any networking experts who’ve read the paper—what are your thoughts?
  • Speaking of Ivan…it also appears that he’s quite pleased with Microsoft’s implementation of NVGRE in Hyper-V. Sounds like some of the other vendors need to get on the ball.
  • Here’s a nice explanation of CloudStack’s physical networking architecture.
  • The first fruits of Brad Hedlund’s decision to join VMware/Nicira have shown up in this joint article by Brad, Bruce Davie, and Martin Casado describing the role of network virutalization in the software-defined data center. (It doesn’t matter how many times I say or write “software-defined data center,” it still feels like a marketing term.) This post is fairly high-level and abstract; I’m looking forward to seeing more detailed and in-depth posts in the future.
  • Art Fewell speculates that the networking industry has “lost our way” and become a “big bag of protocols” in this article. I do agree with one of the final conclusions that Fewell makes in his article: that SDN (a poorly-defined and often over-used term) is the methodology of cloud computing applied to networking. Therefore, SDN is cloud networking. That, in my humble opinion, is a more holistic and useful way of looking at SDN.
  • It appears that the vCloud Connector posts (here and here) that (apparently) incorrectly identify VXLAN as a component/prerequisite of vCloud Connector have yet to be corrected. (Hat tip to Kenneth Hui at VCE.)

Servers/Hardware

Nothing this time around, but I’ll watch for content to include in future posts.

Security

  • Here’s a link to a brief (too brief, in my opinion, but perhaps I’m just being overly critical) post on KVM virtualization security, authored by Dell TechCenter. It provides some good information on securing the libvirt communication channel.

Cloud Computing/Cloud Management

  • Long-time VMware users probably remember Mike DiPetrillo, whose website has now, unfortunately, gone offline. I mention this because I’ve had this article on RabbitMQ AMQP with vCloud Director sitting in my list of “articles to write about” for a while, but some of the images were missing and I couldn’t find a link for the article. I finally found a link to a reprinted version of the article on DZone Enterprise Integration. Perhaps the article will be of some use to someone.
  • Sam Johnston talks about reliability in the cloud with a discussion on the merits of “reliable software” (software designed for failure) vs. “unreliable software” (more traditional software not designed for failure). It’s a good article, but I found the discussion between Sam and Massimo (of VMware) as equally useful.

Operating Systems/Applications

Storage

  • Want some good details on the space-efficient sparse disk format in vSphere 5.1? Andre Leibovici has you covered right here.
  • Read this article for good information from Andre on a potential timeout issue with recomposing desktops and using the View Storage Accelerator (aka context-based read cache, CRBC).
  • Apparently Cormac Hogan, aka @VMwareStorage on Twitter, hasn’t gotten the memo that “best practices” is now outlawed. He should have named this series on NFS with vSphere “NFS Recommended Practices”, but even misnamed as they are, the posts still have useful information. Check out part 1, part 2, and part 3.
  • If you’d like to get a feel for how VMware sees the future of flash storage in vSphere environments, read this.

Virtualization

  • This is a slightly older post, but informative and useful nevertheless. Cormac posted an article on VAAI offloads and KAVG latency when observed in esxtop. The summary of the article is that the commands esxtop is tracking are internal to the ESXi kernel only; therefore, abnormal KAVG values do not represent any sort of problem. (Note there’s also an associated VMware KB article.)
  • More good information from Cormac here on the use of the SunRPC.MaxConnPerIP advanced setting and its impact on NFS mounts and NFS connections.
  • Another slightly older article (from September 2012) is this one from Frank Denneman on how vSphere 5.1 handles parallel Storage vMotion operations.
  • A fellow IT pro contacted me on Twitter to see if I had any idea why some shares on his Windows Server VM weren’t working. As it turns out, the problem is related to hotplug functionality; the OS sees the second drive as “removable” due to hotplug functionality, and therefore shares don’t work. The problem is outlined in a bit more detail here.
  • William Lam outlines how to use new tagging functionality in esxcli in vSphere 5.1 for more comprehensive scripted configurations. The new tagging functionality—if I’m reading William’s write-up correctly—means that you can configure VMkernel interfaces for any of the supported traffic types via esxcli. Neat.
  • Chris Wahl has a nice write-up on the behavior of Network I/O Control with multi-NIC vMotion traffic. It was pointed out in the comments that the behavior Chris describes is documented, but the write-up is still handy, and an important factor to keep in mind in your designs.

I suppose I should end it here, before this “short take” turns into a “long take”! In any case, courteous comments are always welcome, so if you have additional information, clarifications, or corrections to share regarding any of the articles or links in this post, feel free to speak up below.

Tags: , , , , , , , , , , , , ,

Update on Markdown and BoxCryptor on iOS

Monday, December 10, 2012 in Interoperability, Macintosh by slowe | No comments

A short while ago, I talked about how to add client-side encryption to Dropbox using EncFS. In that post, I suggested using BoxCryptor to access your encrypted files. A short time later, though, I uncovered a potential issue with (what I thought to be) BoxCryptor. I have an update on that issue.

In case you haven’t read the comments to the original BoxCryptor-Markdown article, it turns out that the problem with using Markdown files with BoxCryptor doesn’t lie with BoxCryptor—it lies with Byword, the Markdown editor I was using on iOS. Robert, founder of BoxCryptor, suggested that Byword doesn’t properly register the necessary handlers for Markdown files, and that’s why BoxCryptor can’t preview the files or use “Open In…” functionality. On his suggestion, I tried Textastic.

It works flawlessly. I can preview Markdown files in the iOS BoxCryptor client, then use “Open In…” to send the Markdown files to Textastic for editing. I can even create new Markdown files in Textastic and then send them to BoxCryptor for encrypted upload to Dropbox (where I can, quite naturally, open them using my EncFS filesystem on my Mac systems). Very nice!

If you are thinking about using EncFS with Dropbox and using BoxCyrptor to access those files from iOS, and those files are text-based files (like Markdown, plain text, HTML, and similar file formats), I highly recommend Textastic.

Tags: , , , ,

Why a CLI for Dropbox on Mac OS X

Saturday, December 8, 2012 in Macintosh by slowe | 12 comments

I was thinking about a command-line interface (CLI) for Dropbox, and how I personally would take advantage of such a feature. So, after failing to find any indication that the Mac OS X Dropbox client contained a CLI, tonight on Twitter I made this comment:

Too bad the #Mac version of @Dropbox doesn’t have a CLI.

Shortly thereafter, I received this response:

@scott_lowe @Dropbox What would you do with it if you did?

I posted a response (which you can see if you follow either of the Twitter links above), but I realized that my response really needed a bit more background.

Like many people in IT today, I’m pretty mobile. I have a home office, but I also travel a fair amount. My laptop, a 2011 13″ MacBook Pro with 8GB of RAM and a 512GB SSD, is my primary computer. The problem is this: when I’m in my home office, I want my laptop to be configured a certain way, but when I’m traveling, I need it configured a different way. For example, when I’m in my home office, I want Synergy running so that I can connect to the Synergy server on my Mac Pro workstation. When I’m not in the home office, Synergy should not be running. So how do I get the computer to automatically reconfigure itself? The answer is quite simple, actually: an app called ControlPlane.

ControlPlane is a handy little application that performs a set of actions based on a context. A context is defined as a set of conditions, like (as in my situation) being connected to my 24″ Apple Cinema Display and being connected via Ethernet to a network using my home network’s IP addressing scheme. If all those conditions are met, then it’s quite likely I’m in my home office—meaning I’m in that particular context—and ControlPlane should perform a set of actions to reconfigure my laptop. Similarly, if those conditions aren’t true, then it’s quite likely I’m not in my home office—meaning I’m in a roaming or traveling context—and therefore my computer should be configured a different way. Handy, right?

To put some specifics on this idea, then, here’s how I use ControlPlane:

  • I have two contexts, one called Docked and one called Roaming. Docked is only for when I’m connected to my 24″ Apple Cinema Display in my actual home office, wired up via Ethernet (not wireless), and have an IP address off my home network’s subnet. When those conditions are true, I’m “docked” and I need Synergy running so that I can share keyboard and mouse between my Mac Pro workstation and my laptop.
  • Any other time, I’m not “docked” and should be in the Roaming context. In the Roaming context, Synergy should not be running.
  • When I enter the Docked context, ControlPlane should launch Synergy, if it’s not already running, and then issue a Growl notification that the computer is entering the Docked context.
  • When I leave the Docked context (meaning I’m entering the Roaming context), then ControlPlane should kill Synergy (if it’s running), and post a Growl notification.

ControlPlane is capable of much, much more, but (for now) this is sufficient. At some point in the future, I might have it mount network drives (or maybe my EncFS filesystem).

I said all that to finally come back to the comment that started all this: if Dropbox had a CLI (or AppleScript support, but that’s probably too much to ask for), then I could use ControlPlane to automate/manipulate the behavior of Dropbox as part of my contexts. For example, I could define another context—say, Disconnected—in which there are no active network interfaces. In that context, I’d like Dropbox to pause syncing. Then, when I enter another context, either Roaming or Docked, then Dropbox should continue syncing. However, without some sort of non-GUI access to Dropbox, this isn’t possible (to my knowledge).

Anyway, that’s what I was thinking. Courteous comments (or questions) are always invited and encouraged, so feel free to speak out below.

Tags: , , ,

Problem with Markdown Files in BoxCryptor on iOS

Friday, November 30, 2012 in Interoperability, Macintosh, Security, Storage by slowe | 2 comments

About a week ago, I published an article showing you how to use EncFS and BoxCryptor to provide client-side encryption of Dropbox data. After working with this configuration for a while, I’ve run across a problem (at least, a problem for me—it might not be a problem for you). The problem lies on the iPad end of things.

If you haven’t read the earlier post, the basic gist of the idea is to use EncFS—an open source encrypting file system—and OSXFUSE to provide file-level encryption of Dropbox data on your OS X system. This is client-side encryption where you are in the control of the encryption keys. To access these encrypted files from your iPad, you’ll use the BoxCryptor iOS client, which is compatible with EncFS and decrypts the files.

Sounds great, right? Well, it is…mostly. The problem arises from the way that the iPad handles files. BoxCryptor uses the built-in document preview functionality of iOS, which in turn allows you to access the iPad’s “Open In…” functionality. The only way to get to the “Open In…” menu is to first preview the document using the iOS document preview feature. Unfortunately, the iOS document preview functionality doesn’t recognize a number of files and file types. Most notably for me, it doesn’t recognize Markdown files (I’ve tried several different file extensions and none of them seem to work). Since the preview feature doesn’t recognize Markdown, then I can’t get to “Open In…” to open the documents in Byword (an iOS Markdown editor), and so I’m essentially unable to access my content.

To see if this was an iOS-wide problem or a problem limited to BoxCryptor, I tested accessing some non-encrypted files using the Dropbox iOS client. The Dropbox client will, at least, render Markdown and OPML files as plain text. The Dropbox iOS client still does not, unfortunately, know how to get the Markdown files into Byword. I even tried a MindManager mind map; the Dropbox client couldn’t preview it (not surprisingly), but it did give me the option to open it in the iOS version of MindManager. The BoxCryptor client also worked with a mind map, but refuses to work with plain text-based files like Markdown and OPML.

Given that I create the vast majority of my content in Markdown, this is a problem. If anyone has any suggestions, I’d love to hear them in the comments. Otherwise, I’ll post more here as soon as I learn more or find a workaround.

Tags: , , , , ,

« Older entries