As of the latest version of Windows 10 build 16299.19, also known as the “Fall Creator’s Update”, Linux distributions are now available in the Windows Store, and multiple distributions can be installed and run alongside one another. This is great news, but the old way did offer one feature the latest release makes a bit more fragile: the ability to install a custom distribution of one’s own choosing. I’ve seen various ways of doing this with the Fall Creator’s Update published, the most common of which is to install one of the distributions from the App Store and replace its rootfs directory with one of your own.

Some televisions and monitors are limited to the “broadcast RGB” color range. This is a subset of an 8-bit range of levels from 0-255 - in this case, 16-235. You’ll find this referred to as 16:235 in some cases. You can find a lot more on this here: http://kodi.wiki/view/Video_levels_and_color_space If you’re using Xorg this can be adjusted using the xrandr with something along the lines of: xrandr --output HDMI-0 --set output\_csc tvrgb for Radeon devices.

This assumes you internally maintain a certbot host which retrieves certificates, and then you fetch those certs to the frontend / application servers that need them. It is also assumed you have enabled SSH for your Kerio Operator install. WARNING: This will update your kerio database directly. Do not attempt unless you understand the implications and have made a backup. mkdir -pv /var/etc/letsencrypt/live/ EDITOR=vim crontab -e: 0 0 1 * * /usr/bin/scp -o StrictHostKeyChecking=no -r -i /var/etc/letsencrypt/ssl-sync.

Why? Microsoft’s recent introduction of the Subsystem for Linux (awkwardly called ‘Bash on Ubuntu on Windows’) had me intrigued from the day of its announcement. Though it’s a transparent attempt to keep developers from leaving their Windows environments behind in a world now focused on development for UNIX-like platforms, and though I’m not particularly interested in supporting such an agenda per-se, I find the notion of a new NT kernel subsystem capable of handling Linux syscalls exotic, and so I had to subject it to some stress testing.

I discovered the instances in my home lab were not being protected by the neutron security groups I’d set up for them - what followed was a week-long odyssey to discover the culprit. IPTables rules were being put in place, and every other aspect of Neutron networking was just fine. Making things more mysterious, a test deploy on my own desktop, with the host running Fedora 23 and the containers running CentOS 7, did not manifest the issue.

Use case: We want to deploy instances on a particular set of compute hosts because of their special or specialized capabilities. On the API server(s) ensure that the following scheduler_default_filters are set: AggregateInstanceExtraSpecsFilter,AggregateMultiTenancyIsolation Dedicate Compute Hosts To a Specific Project Create a host aggregate: $ nova aggregate-create DedicatedCompute $ nova aggregate-add-host DedicatedCompute dedicated-compute-host1 $ nova aggregate-add-host DedicatedCompute dedicated-compute-host2 $ nova aggregate-add-host DedicatedCompute dedicated-compute-host3 Add a key=value pair to the host aggregate metadata - we’ll use this to match against later.

Some quick notes for those interested: Install EC2 API TOOLS Set Access and Secret key environment variables: export AWS_ACCESS_KEY=xxxxxxxxxxxxxxx export AWS_SECRET_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Set up an S3 bucket and secure it to taste, to be specified later If exporting from OpenStack, remove the cloud-init package Note all prep considerations on http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/PreparingYourVirtualMachine.html Export the VM image - I’m using OpenStack (KVM) images in raw format, so these needed no initial conversion. You can also use VHD or VMDK Docs: http://docs.

During my evaluation of Windows 10 I’ve cobbled together a script that disables most known anti-privacy features in the new system. It also removes the unnecessarily installed default Modern apps. The script was designed with a professional environment in mind, but applies equally well to home users, and most settings will apply to all editions of Windows, not just Pro/Enterprise It’s alarming but not surprising that we’ve gotten to this point - Windows has always served the agenda of its maker before that of its user.

Found this little gem today, thought I’d mention it on my corner of the web. https://addons.mozilla.org/en-US/firefox/addon/standalone/ Creates site specific apps, like Prism used to do - for Chrome users, this is the equivalent of “Create Application Shortcuts” which I find indispensable personally. The strange thing is, it’s been around since 2013. How did I miss it for that long? I’ve been looking everywhere for something like this.

I like the concept of Docker and containerization in general, but I have some pretty fundamental concerns: Thought experiments: How many deployed docker images were torn down and redeployed upon the revelation of heartbleed? Of shellshock? In practice, not in theory. How many Docker images are regularly destroyed and redeployed for the purpose of updating their userlands? Again, in reality, even with the most agile orchestration. How many Docker images are actually deployed with a minimal attack surface, that being only the executables and libraries they need, rather than entire userlands?