I feel a disturbance….but this time it’s a good thing

In case you have been hiding in a wiring closet admiring the weave of the Cat 5/6 cabling the last few months, let me bring you up to date on a big announcement from Hewlett-Packard. SDN.

Here is a link to the page
HP Go SDN!

In 3 days and about 4 hours, HP will officially lauch the HP SDN App Store! This is a place where HP and 3rd party applications will be made available for use with the HP VAN SDN Controller. SDN Applications can either run internally in the controller (Reactive) or externally (Proactive). These application can be easily be downloaded to your controller (Reactive) or run along side of the controller (Proactive).

This is great news because those of us who imagine we are monster DevOps mavens…I did say imagine…can create applications and once accepted, can be accessed through the App Store. These applications can generate revenue for you.

So if you’re a company in need of a SDN solution, you have a place to shop. If your capable of creating your own application, you have a marketplace to sell your wares.

After all, selling SDN applications on the HP SDN App store is my retirement plan…;-)

Also: Good information over at the SDN commiunity Discussion Boards Here

There is a new love in my life!

What can I say? I was with my long time favorite Linux Distro, Ubuntu, and we were having an argument. I wanted it to have the luscious Cinnamon interface, an it was telling me “I don’t have support for that anymore”. There was some initial shedding of tears and I steeled myself and said “It’s OK, at least I have MATE”. Well I looked up my old acquaintance, MATE and it didn’t take long until I remembered why I left in the first place.

I started staying up late at night, Hitting the Googler, hoping I would find some thing new and refreshing. Then it happened, not only did I find something refreshing, but it was also Minty! I had found something very exciting Linux Mint.

enable_server

I downloaded Linux Mint 17 and was instantly amazed by its good looks. We all know that looks can only go so far. So I took Mint out for a test drive and was completely blown away. The first thing I noticed was that the user interface was Cinnamon!!! WOOOT!

It’s the little things that make all the difference in the world. My scroll wheel on my mouse actually made the content on the screen scroll. What a concept! I was able to quickly search the network and mount my Synology NAS storage device. Lastly, I added my HP OfficeJet PRO8500A printer and it all worked flawlessly!

Just a couple quick commands on the commandline….whhhaaaa? The commandline windows are translucent? Out of the box? Just too cool……where was I…oh yes…command line…..I was able to get my L.A.M.P. server installed and with a quick “a2enmod cgi” I had the cgi script execution working as well.

So, do yourself a favor and dump that old distro for something sleek and beautiful and very, very (user) friendly with a minty fresh taste (I couldn’t resist)!

HIP TIP-O-THE DAY: Head over to Virtualboximages.com to find a boat load of “Free” virtual box VDI’s for your downloading pleasure.

Just don’t tell them I sent you!

Goodbye URLLIB2, I’m not going to miss you!

Hot on the trail of another monster chunk of code writing, I found I was stuck in a trap I made for myself. I was at the end of my understanding of Python, URLLIB2 and IMC eAPI’s. I was trying to HTTP POST a chunk of xml into IMC’s Configuration Template library. This was quite perplexing….I tried every thing I could and no matter how I changed the programming, I would still get the dreaded 500 Internal Server error….you know what I’m talking about. I feel you cringing right now!

So, after about a billion Google searches I started seeing the stuff called Requests. Developed by a guy named Kenneth Reitz, it is my new favorite plaything.

Take a look at this sample of URLLIB2 code to get the POST working.

cj = CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
resp = opener.open(c_url)
print c_url
print cj._cookies
# get to the cookie
foo = cj._cookies[‘10.132.0.100’][‘/imc/’][‘JSESSIONID’].value
foo1 = “JSESSIONID=%s” % (foo)
# Authenticate
authhandler = urllib2.HTTPDigestAuthHandler()
authhandler.add_password(“iMC RESTful Web Services”, server, user, passw)
opener = urllib2.build_opener(authhandler)
a2 = urllib2.install_opener(opener)

# Now build header to send HTTP POST for controller file
#agent = “Apache-Httpclient/4.1 (java 1.5)”
pagehandle=urllib2.Request(my_url,c_data) #Add values forces POST
pagehandle.add_header(‘Content-Type’,’application/xml; charset=utf-8′)
pagehandle.add_header(‘Accept’,’application/xml’)
pagehandle.add_header(‘USer-Agent’,’Apache-Httpclient/4.1 (java 1.5)’)
pagehandle.add_header(‘Accept-encoding’,’application/xml’)
pagehandle.add_header(‘Connection’,’Keep-Alive’)
pagehandle.add_header(‘Cookie’, foo1)
pagehandle.add_header(‘Cookie2′,’$Version=1’)
c_result = urllib2.urlopen(pagehandle)

If you ask me, it was good for its time but very confusing with the openers and handlers.

Now here is the same code using requests..

s = requests.session() # This keeps the session open

# Cookie Factory
r = s.get(my_url)
cook = r.headers[‘set-cookie’]
# Strip out the JSESSIONID
x1, x2, x3 = cook.split(‘;’)
# Set up Authentication header info
auth=HTTPDigestAuth(user,passw)

# POST with requests (Probably don’t need all these headers…but they don’t hurt)

headers = {‘Accept’: ‘application/xml’, ‘host’: ‘10.132.0.100:80’, ‘Content-Type’: ‘application/xml; charset=utf-8’, ‘Accept-encoding’: ‘application/xml’, ‘Connection’: ‘Keep-Alive’, ‘User-Agent’: ‘Apache-HttpClient/4.1 (java 1.5)’, ‘Cookie’: x1, ‘Cookie2’: ‘$Version=1’}

# This sends the controller xml data to the IMC server

r = s.post(my_url, data=c_data, auth=auth, headers=headers)

From here I can use: r.headers, r.return_code because everything the remote site sent back is in the variable “r”.

Thank you Mr. Reitz!!!

P.S. In the end it was a xml tag that I had given a wrong name. Correct name wasand I had…..so humbling!

Just take a wiff of that air!

OK, Seems I’m on a roll here with the HP 830 Wired-WLAN controller. Just looking things over and I see I can turn one of the radios on the MSM Access Point into a sniffer.

If you’re fighting wireless connectivity issues this could be a life saver.

In full disclosure: I will tell you that the HP 830 has a web interface but I’m from a planet far, far away and a long time ago. I’m old school so I opt for the command line. after all….question mark is my friend and yours too.

To use one of the radios as a sniffer, you will need to take it out of service. Let’s break it down:

1. If you have “Auto Ap” enabled, it will need to be temporarily disabled, use the undo wlan auto-ap enable command.

2. Change the view to the AP you want to use:
wlan ap ap01_0002 model 425-AM id 5 in this example ap01_0002 is the name of my access point.

3. Enter the radio view: radio 2

4. Disable the radio to change its settings: raido disable

5. Set the channel statically: channel 11 in this example 11 is the channel I statically assigned the radio.

6. Enable the radio: radio enable

7. Use the wlan capture start ap ap01_0002 radio 2 to get the sniffer started.

 

To verify the operation use the display wlan capture to see if it is running
WLAN Capture
——————————————————————————–
AP Name        : ap01_0002
Radio          : 2
Radio Mode     : 802.11n(2.4GHz)
Channel        : 11
Capture Limit  : 10000
File Name      : CaptureRecord.dmp
Status         : Capturing
——————————————————————————–.

8. To stop the capture: wlan capture stop

From the pointed prompt enter the dir command. Talk about a throwback command…you should see a list of filenames. Look for the “.dmp” file.

<AC>dir
Directory of cfa0:/

0     -rw-       298  Dec 06 2013 20:25:38   system.xml
1     -rw-       624  Apr 26 2013 19:23:42   wlan_ca_certificate.cer
2     -rw-      1800  Apr 26 2013 19:23:42   wlan_local_certificate.pfx
3     -rw-      3855  Dec 05 2013 20:49:08   startup.cfg
4     -rw-      2493  Sep 09 2013 22:24:30   basewc.cfg
5     -rw-      5449  Jul 09 2013 18:12:18   830-1-cfg.cfg
6     -rw-      1437  Jul 09 2013 18:15:58   default.cfg
7     -rw-      4610  Dec 06 2013 20:25:40   startup.cfg.old
8     -rw-       149  Jul 09 2013 20:23:12   apcfg.txt
9     -rw-      3075  Dec 05 2013 20:49:06   _startup_bak.cfg
10    -rw-   1199826  Dec 17 2013 20:49:36   capturerecord.dmp
11    -rw-  89019392  Sep 18 2013 08:36:46   hp830-cmw520-r3308p29.bin

1020068 KB total (865328 KB free)

File system type of cfa0: FAT32

Hook up a quick tftp server…something like 3cdaemon…and get it ready to receive a file.

9. Enter the tftp 10.132.0.10 put capturedrecord.dmp command.This will copy the file to your PC.

Rename the filetype to “.cap” and open it with Wireshark.

enable_server

DHCP server in times of need?

OK, say your working on getting the new HP 830 Unified Wired-WLAN controller up and running in a test lab. I know, you’re just like me and like to geek out in the lab…..wear it like a badge of honor. You happen to have the New HP 830 Unified Wired-WALN controller and some access points (MSM-430, MSM-460). The one thing you don’t have is a DHCP server handy in your lab. Fear not! One is closer than you think.

You see, the HP 830 controller actually has an embedded 8 or 24 port gigabit switch. IF you look at the command line for the switch you will see it has all kinds of features and functionality and one of them is a DHCP server.

When you establish a console connection to the controller you will be at the WLAN controller prompt…..<HP>…from this prompt you need to navigate to the prompt for the internal switch. How do you do this? I’m glad you asked. Use the very intuitive command…..oap connect slot 0.

You should now see an identical prompt to the one you were just at <HP>…..from here you can issue the system-view command to get to the [HP] (enabled mode) or CTRL+K to move back to the controller. Let’s stay on the switch prompt and use the system-view to get enabled.

Let’s take a quick peak at what it will take to get it running.

A quick look at the commands.
enable_server

We start off with enabling the DHCP server. Next we specify the name of the server, I used swim2 with the EXTENDED option.
Specify the IP range and mask along with the gateway information. The forbidden IP addresses are optional.

Finally apply the ip-pool to the VLAN interface. In this example it is VLAN 100.

That’s it. You now have a quick and easy DHCP server to use for your LAB environment.

HP’s iMC 7.0 Login Page Customization

I know what you’re thinking. I just upgraded my iMC server to the 7.0 release and now my old login customization no longer works. Well, maybe that wasn’t what you were thinking but at some point you will. So I have been busy here in the “Wookie Lab” and tracked down where the graphic locations are.

If you haven’t tried the new themes in iMC, there are four to choose from.

Classic, Midnight, Gun Metal and Ocean.
enable_server

The corresponding folder locations:
c:\Program Files\iMC\client\web\apps\imc\resources\primefaces-imc-deep-blue\images.

There is also a primefaces-imc-classic-blue, primefaces-imc-cool-black and
 primefaces-imc-elegant-gray directory. You may want to add the custom graphics to those as well.

There are two files that you will need to create. The first is “box_bg.png” This has to be a png file. The graphic dimensions are 508X248.

The second image is “login_bg.jpg” This file will be 1908X1080.

Be creative!

Here I made the box_bg.png file:
enable_server

This will be where  the Username and password fields will be displayed. Don’t worry, just experiment and see what you come up with.

The next graphic is the overall background image login_bg.jpg. This is what mine looks like:
enable_server

Place a copy of both files in the primefaces directories listed above. Make sure you make of backup of the original files….never know if you’ll need them later.

Point you browser over at your iMC server and behold!…..do people even say that anymore?

enable_server

 

Hit me up if you have any questions!!

You Could Use A Rest!

So you have a far flung enterprise network that requires care and feeding to keep things up and running. You know you can’t do it alone and your personnel resources are stretched thin already. You need to start working smarter and not harder. During the last meeting with your HP networking team you find out about a great new network management solution called IMC, Intelligent Management Center.

You like what you see. A network management application that not only let’s you monitor and manage network products from HP, but many other vendors as well. You also discover how IMC can help with network services like AAA, its ability to do compliance checking, and position you to take advantage of Software Defined Networking (SDN) all from a single pane of glass.

After getting IMC up and running, things start to get a little simpler. You like simple. Need to push out a new set of SNMP community strings to 500 switches and routers; you easily finish the task in fifteen minutes. Need to verify you didn’t miss any default community strings? You can set up a compliance check and run it against all the devices in your network with very little effort.

Now that you have IMC doing the heavy lifting for you, taking care of the day to day tasks of backing up all the configurations on your network, base lining software revisions, and keeping an eye on everything else, you deserve a Rest. Not like a siesta, but more like a new innovation to take you to the next level.

RESTful API’s are what I am talking about. With the release of IMC 5.0, HP opened up the eAPI’s for third party applications to integrate with IMC. This results in the ability to have scripts that run outside of IMC get information stored in IMC and push changes into IMC. That’s a lot of IMC! The first time I heard of this I thought, “Hey, I have a new use for my Python chops” and I started to think about the possibilities.

RESTful API’s are basically HTTP calls in the form of PUT, GET and POST. You have probably seen them a thousand times in the top of your web browser and never even noticed them. By using the RESTful API’s you can use a POST to the IMC server to make a change. Perhaps you want to move a single device from one vlan to the next by simply entering the device’s MAC address and a vlan number. Wrap it up in RESTful API script and the job is done. There are multiple client languages that are supported.  Java and Python are my personal favorite.

OpenStack for Idiots

So, being somewhat savvy with the teknical stuff, I thought I would explore the world of Openstack. At first I was thinking that this was similar to OpenFlow. NOT. OpenFlow is the language that is used by the Software Defined Network (SDN) Controller to establish flow tables in Openflow enabled switches…what to know more go to www.openflow.org. Openstack is the environment where compute, storage and networking are virtualized……OK, I’ll wait while you google it…

Moving on…I wanted to know more about this teknology so I did what I always do, buy a book and start reading. It is absolutely amazing what is in those things…

I picked up OpenStack Cloud Computing Cookbook by Kevin Jackson. It’s a great resource but if you are trying to use it as a step by step guide, I wish you good luck. There are a lot of moving parts to OpenStack like Nova, Glance, Keystone, Swift and it requires some general knowledge of what these are. When I saw Keystone I thought of that beer commercial with “Keith Stone”, I can’t get that out of my head.

I used Oracle’s Virtual Box as a base platform and tried to set it up as instructed by the book but soon ran into things that were obsolete. Seems that nova-manage has been replaced with keystone..(I’m getting thirsty, again!).

Eager to see the Horizon dashboard, I went to the ultimate source of knowledge, Google. It wasn’t long until I discovered DevStack. It could not get any simpler to set up a Openstack dev environment. Here’s how I did it.

Set up a generic Linux Virtual Box VM. I use VDMK as the disk file type. Then, using this (http://devstack.org/guides/single-vm.html) as a resource, I just followed the simple instructions.

I picked up a copy of the minimal Ubuntu image at https://help.ubuntu.com/community/Installation/MinimalCD#A64-bit_PC_.28amd64.2C_x86_64.29
It’s only 35M and it’s a quick setup in Virtual Box. Once you get logged into the VM just issue these commands.

apt-get update
apt-get install -qqy git
git clone https://github.com/openstack-dev/devstack.git
cd devstack
echo ADMIN_PASSWORD=password > localrc
echo MYSQL_PASSWORD=password >> localrc
echo RABBIT_PASSWORD=password >> localrc
echo SERVICE_PASSWORD=password >> localrc
echo SERVICE_TOKEN=tokentoken >> localrc
./stack.sh

HIPTIP of the week: If you issue the command “sudo bash” without quotes on the command line, ubuntu will prompt for your password. Now you do not need to start every command with sudo.

Keep an eye on the stack.sh when its finished, it will give instructions on how to access the dashboard.

Congratulations you now have a OpenStack dev platform to play with and just took you first step into the world of Software Defined Networking.

I scream, You Scream

I have an interesting idea. I want to load an 802.1x test client on an Android device. Trouble is I don’t have one. I do have VirtualBox, so I started asking myself if there is a way to run Android in it. A quick trip to the Google and I found a couple of interesting resources.

First I loaded an Android image for VMWare and it didn’t do a whole lot. There must be more! Finally my luck panned out by finding this;

Kirsle

I posted the downloads here as well.

system

Android ISO

And unless you’re really clever, you will need instructions. I copied them and put them into a word file that you can print out.

Instructions

When you get to the part about accessing the Terminal Emulator, I used the fly wheel on my mouse and found it. I guess in Android there is a search function as well.

Other than that it is a very stable version of Ice Cream Sandwich running on your desktop.

Discliamier: This is totally unsupported by me or anybody I know. I am offering this as is. I will be doing my client install (Hopefully) later this week.