Stdin

Simon Eisenmann's Weblog

Network bridge with bonding on Ubuntu 16.04 Xenial


Well its early 2017 and it is time to upgrade servers still running Ubuntu 12.04. If these servers are virtualization hosts they most likely use a network bridge with a bonded network interface. This post describes a bonded network bridge configuration which works consistently on Ubuntu 12.04, 14.04 and 16.04 to avoid surprises of lost networking after upgrade.

So upgrade to Ubuntu 14.04 is straight forward and the bonding/bridge configuration works just the same as on 12.04. I cannot say the same for the update to 16.04.

Requirements

To acually use bonding make sure you have ifenslave installed. For normal Linux network bridges, install bridge-utils as well.

sudo apt-get install ifenslave bridge-utils

Network configuration /etc/network/interfaces

auto lo
iface lo inet loopback

auto bond0
iface bond0 inet manual
	bond-slaves none
	bond-mode active-backup
	bond-miimon 100
	bond-downdelay 200
	bond-updelay 200
	post-up ifup eth0 eth1

iface eth0 inet manual
	bond-master bond0
	bond-primary eth0

iface eth1 inet manual
	bond-master bond0

auto br0
iface br0 inet static
	address 192.168.0.22
    netmask 255.255.255.0
	gateway 192.168.0.1
	dns-nameservers 192.168.0.1
	bridge_ports bond0
	bridge_fd 0
	bridge_hello 2
	bridge_maxage 0
	bridge_ageing 0
	bridge_maxwait 0
	bridge_stp off

Obviously replace the static network configuration details with your own.

The trick here is the post-up ifup eth0 eth1 on the bond0 interface. This will join the slaves on boot after 60 seconds while the bond waits for slaves to join while at the same time having no auto lines for the interfaces itself.

Make sure to have this configuration in place before the first reboot into Ubuntu 16.04 after update to avoid loosing network connectivity.

I publish this so it might help someone with the same issue.

Golang 1.8 PPA for Ubuntu 16.04 Xenial


There are many reasons why one wants to use the latest Go, but with the upcoming 1.8 it is especially nice as it finally seems to feasible to expose Go based HTTPS servers directly without putting another HTTP server (like Nginx) in front.

Or as Cloudflare put it in their So you want to expose Go on the Internet blog entry:

Back when crypto/tls was slow and net/http young, the general wisdom was to always put Go servers behind a reverse proxy like NGINX. That’s not necessary anymore!

As the current Ubuntu 16.04 LTS only has Go 1.6 available in the repos, I created a PPA which has the various bits and pieces backported from next Ubuntu to provide Go 1.8 on Ubuntu 16.04 now.

You can update your system from my Golang backports PPA by adding ppa:longsleep/golang-backports to your system’s Software Sources.

sudo add-apt-repository ppa:longsleep/golang-backports
sudo apt-get update
sudo apt-get install golang-go

See https://launchpad.net/~longsleep/+archive/ubuntu/golang-backports for the list of packages.

Adding this PPA will update the default system Go to 1.8. Please note that Go 1.8 is still in beta at time of writing.

Have fun!

OnePlus 2 custom ROM in 20 minutes


As i was dissapointed by the high prices of Google’s Nexus 5X and 6P i got myself a OnePlus 2 64GB. The device arrived within 8 days from China and i have completely switched over from my old Nexus 5 to the OnePlus 2 running Exodus Android. Replacing the stock OS was easy and straight forward so thought i could share some quick instructions.

Unlocking the bootloader

I assume that you already got the Android platform tools installed - you need fastboot and adb. Command line examples are for Linux. If these tools mean nothing to you, then these instructions are probably not for you.

The OnePlus 2 is similar to the Nexus devices and supports fastboot. Unlocking the bootloader will wipe the device - so only do this if you have a backup! To put the OnePlus 2 into fastboot mode, shut it down and then press and hold volume up and power button until the logo appears. Check with sudo fastboot devices - the device needs to appear there.

Unlock the device with fastboot.

$ sudo fastboot oem unlock

This will show some chinese on the phone - this is the confirmation dialog where the first option means yes. Confirm with the power button. The device will wipe itself and reboot when complete.

Flash custom recovery

After the device is unlocked a custom recovery needs to be installed. Get the image from https://dl.twrp.me/oneplus2. To flash the recovery your phone has to be in fastboot mode again.

$ sudo fastboot flash recovery twrp-2.8.7.0-oneplus2.img

After this, boot directly into TWRP by running sudo fastboot boot twrp-2.8.7.0-oneplus2.img. Do not boot OxygenOS as this will overwrite TWRP with the default recovery again. Follow the instructions of TWRP to prevent this.

Replace OxygenOS

Exodos Android seems to be the only custom Android distribution which already does provide official nighly images for the OnePlus 2. Download the image from http://www.exodus-developers.net/exodus-5.1/oneplus2/.

If you want Google surveillance, now is the time to get the Google Apps package. The OnePlus 2 is 64bit (ARM64) - make sure to get the correct download. I recommend to get the mini package from the Open Gapps project at http://opengapps.org/?api=5.1&variant=mini&arch=arm64.

Full wipe

To install a custom Android a full wipe is required. So go to Advanced Wipe and select System, Data, Cache and Dalvik Cache.

Install ZIPs

Put the downloaded ZIP files on the phone with adb. If your adb does not detect the OnePlus 2, then add the OnePlus USB vendor ID to ~/.android/adb_usb.ini with echo 0x2a70 >> ~/.android/adb_usb.ini and try adb devices again.

$ adb push exodus-5.1-20151003-NIGHTLY-oneplus2.zip /sdcard
$ adb push open_gapps-arm64-5.1-mini-20151008.zip /sdcard

Now select the Exodos ZIP file and apply it. After that has completed, the new system is basically ready. Now also select and apply the Google Apps ZIP file if you want Play Store and Google integration.

Reboot

Reboot, after the ZIPs have installed successfully. The first boot will take a couple of minutes.

Summary

The OnePlus 2 works surprisingly well for me and i complely migrated to it after two days testing. I have encountered some minor software issues related to the early state of the OnePlus 2 custom Android. Only real issue is that the beast is really large and it does take a while to charge.

Issues and problems

  • Barcode / QR code scanners crash Android.
  • Sometimes the hardware buttons stop working - workaround is to toggle the control style setting in General button options.
  • The screen protector (applied by default) leaves smudges easily.
  • New cables required (Type C).
  • Device gets really hot when running CPU intensive stuff like enabling disk encryption.

So i am going to keep the OnePlus 2 and can recommend it to others if you can bare the size of the phone. It depends on your Internet connection download speed if you get this done in 20 minutes or less :)

Spreedbox goes Kickstarter


We are running a Kickstarter campaign to create the Spreedbox.

The Spreedbox is a hardware device powered by ODROID-C1 and Ubuntu Snappy Core bringing the most private video chat and file exchange of Spreed WebRTC into your home. All set up and ready to use, including extra hardware support for random number generation and RGB LED signaling.

Nice looking

The Spreedbox will catch eyes when placed at a visible location and lights will catch your attention when there are messages or calls.

Spreedbox design

Why?

If your family lives all over the place you will love the Spreedbox as they can share their pictures and news without having them tracked, indexed, crawled and sold by service providers. They can leave you voice and video messages from all over the world without having to share anything with big data crawlers like Google or Facebook. With the Spreedbox you share nothing with any service provider - it all happens on the device.

Support the Spreedbox on Kickstarter now

If you have questions, let me know. Link: https://www.kickstarter.com/projects/spreed/spreedbox-the-most-private-video-chat-and-file-exc

Snappy Ubuntu Core for ODROID-C1


Over the last weekends i played around with Snappy Ubuntu. I thought i can learn the platform best by doing some porting. As a result i present the image for the ODROID-C1 (1.5Ghz quad core ARM CPU, Gigabit Ethernet).

Download

https://www.stdin.xyz/downloads/snappy/odroidc/

The image contains the current stable 15.04 Snappy release (ubuntu-core 3), has webdm and ssh access as ubuntu/ubuntu enabled (developer mode).

To use it you need to unxz the .img.xz file after downloading and flash it to a 4GB micro SD or eMMC using the dd command.

Build yourself

Alternatively i also provide downloads for the OEM snap and the device part. You can use those to create your own image with the ubuntu-device-flash tool.

The OEM snap and the device part have been built from source using my Snappy ODROIDC builder from https://github.com/longsleep/snappy-odroidc/. That repository has links to patched Kernel and U-Boot source. Both are required to make Snappy work on ODROIDC.

Issues

Everything seems to work, including ubuntu-core update and rollback. Please report issues at the GitHub tracker of Snappy ODROIDC builder.

Experience

While creating the image and the gear to build it, i learned a tremendous amount of things. There are plenty of compatibility issues between the ODROIDC software (U-Boot, Kernel) provided by Hardkernel and the needs of Ubuntu Snappy. I managed to add work arounds and backports, but it would be nice if the two things could be closer together, meaning Snappy should be more flexible and the Kernel and U-Boot for the hardware should not be ancient.

Overall it was a fun experience and the guys at the #snappy IRC channel have been very helpful when i had stupid questions. Thank you all.

Kernel

The ODROIDC uses a patched Kernel based on 3.10. Kernel 3.10 is a longterm Kernel so that is not so bad. Though to make this work with Snappy it needs AppArmor3. The AppArmor backport situation is not clear and i had a hard time to find what is required to patch in. Also i was not able to find documentation what configuration options are required to be turned on to have 100% of the security relevant options for Snappy. I came up with a manually created defconfig.

U-Boot

It turned out that the U-Boot for ODROIDC is a mess and does not have a shared history with upstream U-Boot. That is bad and pretty much makes the thing unmergable. I backported the missing stuff to the ODROIDC U-Boot tree from upstream U-Boot and hacked around in boot.ini to make Snappy work with old U-Boot commands. Works for now, but very messy.

Strangenesses

While working on Snappy, i encountered a bunch of issues and problems.

I had a hard time to find any information about the initrd which needs to be included in the OEM snap so the system is actually working. This is not just any initrd - it needs special gear for Snappy. I solved this by downloading an official perinstalled Ubuntu tarball and extracting the initrd from there. See device.mk for details.

In my first images the snappy tool did not detect that the system is using U-Boot. It turned out that the tool checks for the uEnv.txt file. I now ship an empty one but it is not required or used while booting.

To make Ubuntu Snappy on ODROIDC really nice, some stuff needs to be added to the base system, I have not yet found a solution for this - except some minimal extensions using the device part. I guess i can do more stuff with the device part and have to explore more.

Currently only the OEM snap can be uploaded to the Ubuntu store. The device part is kept out. I heard this is going to change somehow. Looking forward to this as it is really required to have the OEM and device stuff in the store to create a fully signed system, without downloading stuff from ‘somewhere’ and to be able to update without flashing.

Iridium goes Linux User Group


Tonight i went to the Linux User Group Stuttgart meet at LinuxHaus Stuttgart. Nice evening with lots of discussion and great feedback about the various projects i am involved with. I told people about Iridium Browser demoed Spreed.ME and gave some help and advice. Some even did installs of Iridium and Spreed WebRTC which was totally awesome - there was even a WebRTC going on in the Freifunk Wifi available at the LinuxHaus. Anyone who wants to follow up at home and install your own Spreed WebRTC server, grab it from Spreed WebRTC GitHub, and try it out with Iridium. I also promise to come by more often :)

I'm back with a personal page


It was time to move to a new server. I took the opportunity to build a new personal page as well. This means i can quickly publish my stuff again. I combined this by trying something new and built this site with a static publishing framework named Hugo. Let’s see how this goes.

– Simon


Index of all posts. Email: simon AT longsleep DOT org.