Having recently received Hasu’s fantastic HHKB JP Bluetooth Controller, I noticed one irksome thing: the alt and command keys were reversed on the left hand side, and the kana key that I typically remap to right command was reverted.
This is normal: the keyboard targets Windows users primarily, but one thing you lose when upgrading to the Hasu controller are the dip switches that allow changing the role of caps lock, the arrow keys and setting it to macOS mode.
Of course it’s a pretty easy change to fix: you simply need to head over to the TMK Keymap Editor and edit the current layout, then download the hex file and flash it, but I’ve done the work, so I might as well share!
First off, as in other tutorials, you’ll need the DFU/AVR tools installed in OSX. This is accomplished by using Homebrew.
The code to get these installed is as follows:
brew tap osx-cross/avr
brew install avr-libc dfu-programmer
Next up, you’ll need to download the layout hex file that I have compiled here: “mac_version.hex“. If, for whatever reason, you need to go back to the default firmware, I have that compiled as well: default.hex. Remember to unzip these files prior to using them if Safari doesn’t automatically unzip your downloads.
Finally, put the keyboard in DFU mode by pressing the button on the back of the controller, where the dip switches used to reside. You may need to remove the cover to do so, and note that you can use the cover if you have short fingernails.
Once in DFU mode, this one-liner will erase the firmware, load the new hex layout and reset the keyboard so that you can use it once again. Note that I’m assuming your hex file will be in the Downloads folder in your home directory, and I’d also recommend having a spare keyboard handy in case anything goes wrong.
Finally, if your layout is still a bit odd (underscore and pipe not working), you may have set the keyboard to the wrong layout. In Apple OSX this can be done by opening the keyboard section of the settings and changing the keyboard layout. Note that it doesn’t really matter that ANSI is suggested when you hit shift+z, shift+?, but that you select JIS once completed, like so:
This how-to on Windows Salt minions will just scratch the surface of the power behind Salt, and will cover remote execution, installation and management.
Please note: I’m new to Salt, and I’m a recovering Windows syasdamin from the 2000-2013 era. This means I probably have a bunch of out-moded ways of working with Windows.
To this end, this first question would be: why? Active Directory and associated policies do a good job of managing Wintel already. I’ve had luck in the past managing hundreds, thousands of servers, desktops and laptops using the tools Microsoft provides without too much issue, and I’ve heard things only got better since I left for greener pastures.
The easy answer is that many organisations may now find themselves with a combination of Linux and Windows servers, Windows and macOS workstations, coupled with the odd BSD system here and there, Linux desktops and Unix servers.
What Salt allows for is a management platform that covers all of these platforms with a common language that is easy to read and hack away at (YAML) and very extensible using a programming language with a relatively gentle learning curve (Python).
In my case, most things running at home are either running OSX or some version of Linux/BSD, but there are a few of oddball Windows 10 computers doing things Microsoft-based computers do pretty well; gaming, spreadsheets, touchscreen-enabled full-desktops.
The idea of managing Windows computers with Salt came to me pretty late into the journey through the docs, but hit me like a freight-train as these are often the computers that require the most maintenance for me personally, meaning reinstalls, reconfiguration and general “care and feeding”. Having gone down the path of running my own Active Directory at home a few times and finally settling on a couple of Apple “servers”, this seemed like a pretty good work-around that wouldn’t introduce much pain.
The first caveat, however, was that I was unable to get Windows-based Salt minions to be accepted by OSX-based Salt masters. Not the end of the world, but it meant running Docker or a Vagrant box to handle the Windows 10 computers. I ended up simply installing Salt on an Ubuntu-based storage server I already had running that had recently been upgraded to Xenial instead, but I’m most likely going to be revisiting this architecture in the long-term.
Now that we have that out of the way, here’s the general architecture of what I’ll be going over:
The Nitty Gritty – Deploying Salt Minion Services to All of Your Windows Nodes
I’ll come right out and say that I cheated when it came to installing the Minion service on the nodes at home in that I already had Chocolatey installed, and that I simply used the default salt hostname for the master by adding it the the static DNS entries on my DNS server.
This last bit, the part about the DNS server, might be a luxury depending on your install location. I also can’t expect that Chocolatey is installed everywhere, but just quickly, here’s how that scenario works:
Install Salt Master and start the service on a computer in your network
Ensure that there is a DHCP reservation for the IP of this node
Add a DNS entry salt for that DHCP-reserved IP
Install the Salt minions via choco install -y saltminion on the Windows hosts
Accept the keys on the Linux master via salt-key -A
Should you have to go about this a different way, you can point an alias (CNAME) to the hostname in your network, OR add a manual host entry to your nodes (I’ve used Group Policy to do this in the past, with network scripts), or finally, you can simply change the Salt Minion config to point to the new hostname.
As for the deployment of the Salt Minion service and binaries, you could do this over RDP for a few hosts, Group Policy, or via psexec:
This snippet will install the Salt Minion service, configure it to point at `SALTMASTER` (replace this with the hostname you’d prefer) then start the service. Note: as mentioned above, I haven’t tested this myself!
The most up-to-date Salt Minion binaries can be found here: https://docs.saltstack.com/en/latest/topics/installation/windows.html Should the version change, you’ll want to update that one-liner as well.
Accepting the Minions
Assuming you’ve got your minions now sending requests to the Salt master node, you need to approve them.
On the master node running Linux, this can be done like so:
sudo salt-key -A
You’ll be greeted with a list of nodes to be accepted, and you can take a moment to note the names and accept them:
user@ubuntu:/srv/salt# sudo salt-key -A
[sudo] password for user:
The following keys are going to be accepted:
Key for minion WINDOWSGAMES accepted.
Testing the Minions
Now that you have minions installed and working, let’s run a quick test that proves we can run remote commands on them. Note that this is just scratching the surface, and that “push commands” are just one way of working with Salt Stack, you can also have the nodes “pull” from the Salt master on a regular basis.
Sample run command:
sudo salt -G 'os:windows` cmd.run 'dir'
This should give you a directory listing on each of the nodes, like so:
Volume in drive C has no label.
Volume Serial Number is 3FF7-A973
Directory of C:\Windows\system32\config\systemprofile
07/16/2016 04:47 AM <DIR> .
07/16/2016 04:47 AM <DIR> ..
07/16/2016 04:47 AM <DIR> AppData
0 File(s) 0 bytes
3 Dir(s) 66,483,965,952 bytes free
Package Management on the Master Node
You’ve got a few options for package management for Windows Salt minions:
Master-shared packages (WinRepo)
Personally, I’m currently using Chocolatey package management because it’s what I’m used to, but I certainly do still use Cygwin for development purposes from time-to-time since Windows Bash mode has still yet to become commonplace. The third option, however, is probably the most scalable, and more user-friendly.
To get started with Windows repositories on the Linux Salt master, you’ll need to run:
sudo salt-run winrepo.update_git_repos
This means that you now have a repository for Windows packages on the Master node, but also note that these don’t come with binaries – they will fetch and send them as needed. I can see this as both good and bad, in a corporate setting you’ll want to create your own SLS files and point them to known-good sources.
To install a package on all of your Windows remote nodes using the Linux Salt master repository:
sudo salt -G 'os:windows' package.install 'firefox'
Note that if ever you want to specify a specific action for a node in particular, that’s done like so:
sudo salt 'WINDOWSGAMES' pkg.install 'firefox'
I’m trying to follow the “pets vs cattle” paradigm here, though you can also use -G to specify groups of servers/workstations/laptops which can overlap in order to manage things in a more granular approach (bit of a pun here, the G is for Grains).
Useful Commands for Windows Salt Minions
In no particular order, here’s a quick dump of the commands I used during my first weekend managing Salt minions at home running Windows 10.
Show installed applications:
sudo salt -G 'os:windows' pkg.list_pkgs
List current Salt minion keys:
sudo salt-key -L
Delete an old Salt minion key:
sudo salt-key -d WINDOWSGAMES
Check if a service is available:
sudo salt -G 'os:windows' service.available 'salt-minion'
Restart a service:
sudo salt -G 'os:windows' service.restart 'salt-minion'
Download the Atmel flashing utility “FLIP”: http://www.atmel.com/tools/flip.aspx
Grab the most recent Zeal 60 keyboard zip: https://cdn.shopify.com/s/files/1/0490/7329/files/zeal60_v0_3.zip
Unzip the zeal60_v0_3.zip file to your desktop
Install the Driver
Plug in your Zeal60 to your computer via USB
Hit “Windows” and “r” keys together, then type “devmgmt.msc”
Right click the device with the exclamation point next to it
Click “browse for driver”
Navigate to C:\Program Files\FLIP\Drivers
Flashing the Board
Install the driver –
If you’ve not started assembling anything yet, press the golden button between the “A” and “S” pads on the board (if you’ve already assembled it, unplug it and hold the “space” and “esc” keys while plugging in the USB cable)
In FLIP, hit connect to the device, and select “ATMega32U4”
Hit “ctrl” + “U” keys to connect to the Zeal 60 PCB
Hit “ctrl” + “L” to load a file
Select the “default.hex” file in the Zeal 60 folder you extracted to your desktop
On the left-hand window, click “Run”
Once completed, then click “Start Application” in the right window
It’s been almost 4 years since I’ve rounded up VMs used on a daily basis, so it’s high time I take another kick at the can and make an update list.
My workflows have changed quite a bit over the years, with more focus being on the Windows side of things. That said, I havent stopped using Linux and still have a keen interest in both storage and management, which should be reflected here.
FreeBSD 9 – I’ve made the switch to this as my go-to server OS. The jails functionality and ports collections are amazing! This could run many of the functions listed herein, but at the very least is a great ZFSv28 test box for the uninitiated.
Astaro – I’m still using Astaro after all these years, and Sophos purchasing them has not stopped the love. By far the easiest way to start using Squid, Quagga and OpenVPN.
GNS3 Workbench – I use this for testing Cisco configurations on my way to certification. Load up an IOS image, configure, test away!
Nexenta Community Edition – My ZFS primer was done a few years ago using Nexenta, and it is still the easiest way to get into ZFS, so it deserves the nod. The first time you see the speedometers you’ll be in love.
Solaris 11 11/11 – For newer versions of ZFS, you’re stuck with Solaris 11.11.11. You can download this for free, but won’t be able to get support and updates without a license, so I wouldn’t consider it production-ready.
Bactrack 5 – Time to test your wifi security. I’d recommend plugging an Alfa USB wifi device into ESX, sharing the device with the VM and scanning your access point in order to do quick audits.
Windows Server 2008 R2 – Not free, per se, but a good trial that should be enough to get you going on your road to certification. I use the Core install for DHCP and DNS when Windows integration is important.
Ubuntu LTS – Ubuntu is currently the most popular Linux distribution, can run a wealth of software. Finally took over OpenSuSE as my go-to distribution. The only thing I would mention is that unity does not work so well in ESXi, and if you require the whole desktop experience, you might be better off with Xubuntu or Mint.
Google Reader – It took a very long time for me to get used to the way Google reader works, but it might actually be the best there is at the moment especially considering the aggregation of many feeds into one.
Mint – Personal finance application I could not live without.
IMO – Goodbye Adium, Pidgin and MSN Messenger! IMO.im is not only a multi-instance web chat client that runs everywhere, it also runs on iOS!
Kindle Cloud Reader – Never lose your place. The web client knows where you were on your Kindle, iOS device and syncs it up for you.
Google Finance – For stock checking and even watching mutuals. Find out when the next dividend is, sort companies by financials and even display candle graphs.
Aviary – Has just surpassed Picnik as my only photo editor, and is now also integrated with flickr. Note that there are many Aviary editors ranging from vector to audio and even video.
Netflix Instant Queue – I’m sure you’ve heard of this, but did you also realize that it will resume from PS3, XBOX 360, iPhone/iPad on the web? Outside of the US, we’re not able to use “Instant Queue” but this app brings it back.
Offline Gmail – Spotty wifi? Don’t worry, Gmail offline has you covered.
Google Voice – This doesn’t get as much hype as it should, but is a great app that can not only make calls for you, but also send SMS.Soon they will make loans app and pay day loans apps.
If you’ve been running snapshots for a while and have already backed them up, you might occasional need to delete all zfs snapshots for your pool.
Typically, you’d do this as part of your backup script, assuming that they have been written correctly.
First, to find the used snapshot space, run this command: zfs list -o space
This will give you a detailed readout of your pools and snapshot space used.
Here’s my script to wipe ZFS snap shots, but I am certainly open to suggestion: zfs list -H -o name -t snapshot | xargs -n1 zfs destroy Again, caution is needed as this will remove ALL SNAPS from your pools.
I’ve decided to replace the Windows Home Server Vail server with something capable of handling newer builds of ZFS and the inherent deduploication.
Here’s a quick kit list and build diary I’ll try to keep up-to-date as I go along.
Dell Perc6i – this is essentially a port multiplier. I scored it from eBay on the cheap, though it was delivered from Israel, took awhile, and had neither cables nor mounting bracket.
OCZ RevoDrive 120GB – Though the RAID controller on this card is not supported in Linux/Solaris, the drives show up as two separate devices as long as you make sure to put it in the right PCIe slot. That means it’s perfect for both ZIL (log) and L2ARC (cache).
2x Intel 80GB X25-M SSDs – these will house the virtual machine files to be deduped. Very reliable drives, and though they might not be the fastest in terms of writes, the speeds are relatively constant which is quite handy compared to solutions that attempt compression like SandForce controllers. ZFS will take care of that, thanks.
(IN TRANSIT) 2x Dual Port 1gbit Intel PCIe NICs – I’ll use these for the direct connection to the virtual machine host. Currently one link is used, but when reading from the SSD drives the line is saturated.
(IN TRANSIT) 32 Pin SAS Controller To 4x SATA HDD Serial Cable Cord – This is needed to plug in 8 drives to the LSI controller.
5x 1.5TB Seagate hard drives – These will be the bread-and-butter storage running in RAID-Z2 (similar to RAID 6).
3x 3TB Seagate hard drives – These might simply be a large headache, but the plan was to have an extra 3TB RAID-Z2 for backups in another machine. Unfortunately there seem to be issues with drives that are 4k presenting themselves as 512b. I may be able to get around this by hacking or waiting as they become more popular. For now 2 of them are in software RAID1 on a Windows 7 host, and the other remains in the external USB 3 case and is used as a backup drive.
NetGear GS108T Switch – A cheap VLAN-capable switch should I decide to use more than 2 bonded ports (I doubt it), currently running the lab.
The PR-savvy folks at Amahi recently chimed in on the Vail-Fail fiasco by presenting Amahi as an alternative to the Windows Home Server (Vail) solution, and I thought I should give it a run for the money to see how it stacks up.
In short: not well at all.
First, the good things: when configured properly, Amahi offers DLNA/uPNP streaming and the ability to send h264 streams to iPod/iPad/iPhone devices. It also supports backups, disk spanning, remote access, dynamic DNS (*.yourhda.com) and a slew of other features that should have you salivating by now.
The bad? None of it works out of the box.
In order to set up an Amahi server, you must first complete a Fedora 12 install. That’s right, Fedora 12. Not 13 or 14, don’t be confused. Just like most open source software, Amahi suffers from circular dependency issues if you choose the wrong version and the wrong repository – be warned. (Note: if you want to use current versions of Fedora, make sure to change the repository to either f13.amahi.org or f14.amahi.org and realize that there are no plugins for either).
Fedora 12 is a relatively easy install, but when you’re manually setting IP configurations, you lose most of the WHS market in one fell swoop. Fail?
After the install has completed, you logon to Fedora and run the Amahi installer. You’re met with a logon screen. What username and password to use? Pick anything and you’ve just been made an admin. Security by obscurity or brainless UI design? I think it’s the latter.
This install will take almost as long as the Fedora build, which is counter-intuitive. Why not simply chain the install? Why not build a freaking fork that contains Amahi? I’m ranting here, but I find this bit incredibly odd, especially since Amahi has specific OS requirements.
OK, we’ve survived, we’ve realized that eth0 is the only card available to Amahi by now, and through process of elimination we’ve figured out which port Fedora has decided this is. We’ve realized the firewall has been disabled, we’ve entered the activation code and received an email letting us know that we now own http://im.yourhda.com
Let’s start packing it full of media, eh? We’ll need disks for that, but they are in the case so we should be OK – let’s add a disk to Amahi and let the good times roll. Oh wait, you can’t do that. Why not? It needs to be done via commandline. OK, getting the sleeves rolled up is fun once in a while, disks added.
Let’s add some media to the disks. Done. the transfer speed is a good 10% faster than WHS, and 50% faster than Vail. Good news. But you have to use SCP to do it… The Samba sharing doesn’t actually work out of the box (fixed later in Fedora). More fail.
Alright, media is on the device, let’s play some. Pop on the TV, have a look for uPNP or DLNA devices. None. Hmm. Oh yeah, it’s not even added yet.