Early/Often on the Horizon

Lots of stuff, and I mean lots of cool stuff is going on and to paraphrase Hamlet I have not enough thoughts to put them in, imagination to give them shape, or time to act them in. I spent this week in the UK but I should be home for awhile and I hope to catch up.

But I wanted to put down a at least one thought. When we made the very difficult decision to split OpenNMS into two products, Horizon and Meridian, we had some doubts that it was the right thing to do. Well, at least for me, those doubts have been removed.

It used to take us 18 or more months to get a major release out. Due to the support business we were both hesitant to remove code we no longer needed or to try the newest things. Since we moved to the Horizon model we’ve released 3 major versions in six months and not only have we added a number of great features, we are finally getting around to removing stuff we no longer need and finishing projects that have languished in the past.

In the meantime we’re delivering Meridian to customers who value stability over features with the knowledge that the version they are running is supported for three years. Seriously, we have some customers upgrading from OpenNMS 1.8 (six major releases back) who obviously want longer release cycles, and even if you don’t need support you can get Meridian software for a rather modest fee coupled with OpenNMS Connect for those times when you really just need to ask a question.

Anything OpenNMS does well is a reflection on our great team and community, but I take personally any shortcomings. At least now I can see the path to minimize them if not remove them completely.

It’s a good feeling.

OpenNMS 16 Released

In keeping with our new Horizon release policy of a new major release every three to four months, we are happy to announce the availability of OpenNMS 16, codenamed Daredevil.

Most of the changes in OpenNMS 16 are under the covers. We are trying to streamline the code and thus have removed both capsd (which was deprecated) and linkd (which was replaced by enhanced linkd). This version also requires Java 8.

The main visible feature is that the Dashboard has been rewritten and should be a considerable improvement to those who use it.

A nearly complete list of changes is as follows:

Bug

  • [NMS-863] – "24hr Avail" went negative
  • [NMS-2213] – SLM categories totals are not being updated during runtime
  • [NMS-5631] – Deadlock inside RTC's DataManager during shutdown
  • [NMS-6100] – The Stp interface box page throws an exception
  • [NMS-6158] – When displaying Linkd link info on node, ifAlias data in interface columns missing opening quote
  • [NMS-6536] – NRTG is throwing ConcurrentModificationException
  • [NMS-6567] – IfIndex not updated in ipinterface table on change
  • [NMS-6568] – Requisition UI has inconsistent field labels for building the provisioning requisition
  • [NMS-6583] – linkd can't make use of learned MAC addresses on ports to determine path mapping
  • [NMS-6593] – sort order interfaces on node page
  • [NMS-6802] – EnLinkD IS-IS Link discovery fails on Cisco routers
  • [NMS-6902] – Geomaps are quite slow
  • [NMS-6905] – Remove Link Status Menu Item
  • [NMS-6912] – lldpchassisid not properly decoded for DragonWave in Enhanced Linkd Lldp node discovery
  • [NMS-6972] – test failure: org.opennms.netmgt.provision.detector.SmtpDetectorTest
  • [NMS-6974] – Link Status Provider is still an option for older Linkd Topology Provider
  • [NMS-7029] – Java 8 build fails some tests
  • [NMS-7089] – MAC 00:00:00:00:00:00 should be treated as null
  • [NMS-7090] – IpNetToMedia Table: Manage duplicated ip address
  • [NMS-7096] – Toggle icons on Node List Page are too small on resolutions greater than Full HD
  • [NMS-7148] – Geo-Maps running on a server without internet connection breaks the UI for valid nodes.
  • [NMS-7175] – Alarms dashlet: "ago" and node label columns can overlap when tiled
  • [NMS-7183] – LLdp link discovery: lldpRemLocalPortNum value 0
  • [NMS-7184] – LldpHelper decode exception
  • [NMS-7192] – Remove the logging directories from the DEB package
  • [NMS-7207] – Switch direction to zoom in and out in the topology
  • [NMS-7251] – Change filterfavorites.filter to 'text' SQL data type
  • [NMS-7294] – Enhanced Linkd inserts wrong Local Port bridge number
  • [NMS-7320] – Java environment in Debian has to be configured twice
  • [NMS-7337] – Database Report "Response time by node" Not Working.
  • [NMS-7358] – IllegalArgumentException on ipnettomediatable
  • [NMS-7362] – No CDP neighbors on a topological map
  • [NMS-7372] – ACLs ineffective in geographic map
  • [NMS-7379] – Unable to display performance data from Host Resource processor table
  • [NMS-7400] – KSC Reports with non-existing resources generate exceptions on the WebUI
  • [NMS-7410] – Title information on the node detail page are confusing
  • [NMS-7412] – Double footer in resource graph page
  • [NMS-7432] – Normalize the HTTP Host Header with the new HttpClientWrapper
  • [NMS-7434] – Disabling Notifd crashes webUI
  • [NMS-7456] – JRB to RRD converter no longer compiles
  • [NMS-7466] – Reload Collectd and Pollerd Configuration without restart OpenNMS
  • [NMS-7467] – Path Outage severity is not indicated in Web UI
  • [NMS-7481] – DrayTek Vigor2820 Series agent bug: zero-length IpAddress instance ID
  • [NMS-7485] – queued creates its own category for loggings
  • [NMS-7518] – SNMP version syntax inconsistent across components
  • [NMS-7531] – Surveillance View configuration is no longer dynamic
  • [NMS-7533] – EventconfFactoryTest fails with no events eventconf.xml
  • [NMS-7537] – Vaadin SV on index page not fitting to view
  • [NMS-7543] – Vaadin:Dashboard SV dashlet no longer indicate context of other dashlets
  • [NMS-7549] – NPE on admin/notification/noticeWizard/chooseUeis.jsp
  • [NMS-7554] – Smoke test is failing with the new dashboard
  • [NMS-7563] – gui and maps does not display lldp and cdp links
  • [NMS-7570] – Dashboard Auto-Refresh runs JVM out of memory (Full-GC)
  • [NMS-7576] – The XSD for the SNMP Hardware Inventory Provisioning Adapter is not included on the RPM/DEB packages.
  • [NMS-7577] – Search by foreignSource or severityLabel doesn't work on Geo Maps
  • [NMS-7590] – List of service names in the requisition editor should be pulled from the poller conifguration instead of capsd
  • [NMS-7597] – Tog depth for VmwareMonitor and VmwareCimMonitor is wront
  • [NMS-7598] – Varbinddecodes are being ignored on Notifications
  • [NMS-7603] – Some parameters logged out of order since slf4j conversion
  • [NMS-7604] – Replace PermGen VM arguments with Metaspace equivalents
  • [NMS-7610] – Remote Poller throws ClassNotFound Exception when loading config
  • [NMS-7615] – RPM dependency for JDK 8 is wrong
  • [NMS-7616] – Compass can't make a POST request from FILE URLs in some cases
  • [NMS-7617] – Test failure: org.opennms.netmgt.provision.service.Nms5414Test
  • [NMS-7620] – Scrolling issue
  • [NMS-7622] – Memory leak in RTC
  • [NMS-7626] – The PSM doesn't work with IPv6 addresses if the ${ipaddr} placeholder is used on host or virtual-host
  • [NMS-7629] – Timeline image links are not working with services containing spaces
  • [NMS-7630] – Database reports don't run in 16
  • [NMS-7631] – Match event params for auto-ack of Notification
  • [NMS-7633] – include-url doesn't work on poller packages
  • [NMS-7634] – ClassCastException in BSFNotificationStrategy
  • [NMS-7636] – Node resources are deleted when provisiond aborts a scan
  • [NMS-7637] – Default date width in Database Reports is too small
  • [NMS-7640] – Test failure: testImportAddrThenChangeAddr
  • [NMS-7641] – The IP Interface page is blank.
  • [NMS-7642] – The global variable org.opennms.rrd.queuing.category is set to OpenNMS.Queued and should be queued
  • [NMS-7643] – Test failure: testSerialFailover
  • [NMS-7644] – Fixing Logging Prefix/Category on several classes
  • [NMS-7645] – Test failure: tryStatus
  • [NMS-7650] – XML data collection with HTTP POST requests is not working
  • [NMS-7651] – Improving exception handling on the XML Collector
  • [NMS-7657] – Vaadin surveillance view configuration doesn't work with Firefox
  • [NMS-7658] – Error in Debian/Ubuntu init script

Enhancement

  • [NMS-1504] – Add option to turn off snmp v3 passphrase clear text in log files
  • [NMS-2995] – Trapd is not able to process SNMPv3 INFORMs
  • [NMS-4619] – XMPP: Make SASL mechanism configurable
  • [NMS-6442] – Set vertex to focal point
  • [NMS-6581] – Drools Update to 6.0.1 Final
  • [NMS-6963] – PATCH — Bridgewave Wireless Bridge
  • [NMS-7146] – Move RTC over to Spring and Hibernate
  • [NMS-7229] – Be able to set the rescanExisting flag when defining a scheduler task on provisiond-configuration.xml
  • [NMS-7310] – add Siemens HiPath 3000 event files
  • [NMS-7311] – add Siemens HiPath 3000 HG1500 event files
  • [NMS-7312] – add Siemens HiPath 8000 / OpenScapeVoice event files
  • [NMS-7318] – Move notification status indicator to header
  • [NMS-7424] – Add pathOutageEnabled="false" to poller-configuration.xml by default
  • [NMS-7441] – Change varchar to text for CDP and LLDP tables
  • [NMS-7453] – Update Smack API
  • [NMS-7461] – Update asciidoctor maven plugin from 1.5.0 to 1.5.2
  • [NMS-7473] – Remove Capsd from OpenNMS
  • [NMS-7474] – Modify WebDetector/Monitor/Plugin/Client to expose ability to enable/disable certificate validation
  • [NMS-7476] – Add support for gzip compression on REST APIs
  • [NMS-7479] – Allow RRD data to be retrieved via REST
  • [NMS-7480] – Make resource data accessible through ReST
  • [NMS-7505] – The DefaultResourceDao loads all child resources when retrieving a specific resource by id
  • [NMS-7528] – Use the default threshold definition as a template when adding TriggeredUEI/RearmedUEI on thresholds through the WebUI
  • [NMS-7579] – Remove unnecessary output from opennms-doc module
  • [NMS-7593] – BSFMonitor creates a new BSFManager every poll which makes caching script engines ineffective
  • [NMS-7595] – SNMP interface RRD migrator should create and clean up backups interface-wise
  • [NMS-7609] – Create a ReST API to expose the available detectors/policies/categories/assets/services required to manipulate foreign sources
  • [NMS-7612] – Need upgrade task for collection strategy classes
  • [NMS-7619] – Create opennms.properties option to choose between new and old dashboard
  • [NMS-7632] – Deprecation of LinkD

Story

  • [NMS-7299] – Allow user to create and modify surveillance views
  • [NMS-7303] – Migrate Surveillance view GWT UI component to Vaadin
  • [NMS-7304] – Migrate Alarms GWT UI component to Vaadin
  • [NMS-7305] – Migrate Notifications GWT UI component to Vaadin
  • [NMS-7306] – Migrate Node Status component from GWT to Vaadin
  • [NMS-7307] – Migrate Resource Graph Viewer component from GWT to Vaadin
  • [NMS-7323] – Update user documentation
  • [NMS-7325] – Allow user to select surveillance view in the Dashboard
  • [NMS-7326] – Remove the GWT dashboard from the code base
  • [NMS-7429] – Remove "report-category" attribute
  • [NMS-7430] – Add surveillance view's name in the left header cell
  • [NMS-7431] – Add an option to disable "refreshing"
  • [NMS-7469] – Add preview window in config UI
  • [NMS-7489] – Icons for alarms and notifications
  • [NMS-7490] – Modal window to show node, alarm and notification details
  • [NMS-7491] – Admin configuration panel shows dashboard instead of surveillance view
  • [NMS-7492] – Allow to configure refresh time per surveillance view
  • [NMS-7530] – Rename the surveillance config panel link in Admin menu
  • [NMS-7540] – Dashboard Dashlet: Refresh indicator
  • [NMS-7542] – Vaadin Dashboard: Alarm Dashlet should have severity sorting by default

Dev-Jam 2015 – Magical Number 10

We are just about a month away from one of my favorite weeks of the year: The OpenNMS Developer’s Jamboree, or Dev-Jam.

This is the tenth one we’ve had, which is hard for me to believe. I think it is a testament to the community around the OpenNMS Project that we can have these year after year (and not a testament to the fact that I’m quickly becoming an “old guy”).

We have people from all over the world who contribute to OpenNMS, and for one week out of the year we get together to hack and hang out. It was an “unconference” before such things were popular.

The first one was held at the Pittsboro OpenNMS HQ in 2005, but we quickly learned that we needed a bigger venue. The requirements for a successful Dev-Jam are as follows:

  • A room big enough to hold everyone
  • Fast Internet
  • A place for everyone to sleep
  • Food

We found a great home for Dev Jam at the University of Minnesota’s Twin Cities campus in Minneapolis, specifically in a dorm called Yudof Hall. We lease the downstairs “club room” which is a large rectangular room that is big enough for our crowd. On one side is a kitchen and on the other side is an area with a television and couches. In the middle we set up tables for everyone to work.

We also get rooms in the same dorm, so people can come and go as they please. Some people like to get up in the morning. Others stay up late and don’t come down until noon. The campus offers a number of places to eat, and in the evening we can walk to a restaurant for dinner and drinks. We try to see a Twins game while we are there as well as take a trip to Mall of America.

This will be the first year that access to the light rail system is available from campus, which will make getting around so much easier.

For those of you who haven’t spend a lot of time embedded with an open source project, you probably don’t understand how much fun an event like this can be, or why just writing about it makes me eager for June to arrive. Technically I’ll be at work, but it is unlike any other job I’ve ever had.

If you would like to come, we still have a few places left. Check out the Registration page for more information. Everyone is welcome, but be advised that this is a “code” heavy conference with little formal structure. For more casual OpenNMS users, there is the User’s Conference in September.

Hope to see you at Dev-Jam, and if not there, at the OUCE.

Touchscreen Issues with OnePlus One Phone

Last September I was able to purchase a OnePlus One phone, and my initial impressions were very positive.

Having owned it now for over six months, I can state that this is the best smartphone I’ve ever owned, a list which has included two iPhones, several Nexus devices, a couple of Samsung devices and an HTC One. It is fast, runs well, has a wonderful screen and is the right size for my hand.

Being a fan, I have followed the drama surrounding OnePlus and CyanogenMod, and I am very unhappy about the new OxygenOS being closed source. But still, I decided to upgrade to Lollipop (Cyanogenmod 12S) when it became available and that’s when I started to notice an issue with the touchscreen.

I play a game called Ingress, and within the application is a mini-game called “Glyph Hacking“. In the mini-game you are presented with a number of patterns on a grid, and you have to replicate the patterns, in order, in a certain amount of time. I really enjoy the game as a mental exercise, but I started noticing that as I was trying to draw the glyphs it would often just stop drawing or jump to the next glyph in the sequence. This was frustrating.

I found a thread that suggests a number of other people are having this issue with the phone and that it may be a software problem. I’m not so sure this is the case with my handset, because up until this last week it has been working fine (never seen the issue before). But just in case, I was able to restore the phone to KitKat and (CyanogenMod 11S) the problem remained. All of the suggestions I’ve found on-line, from plugging the phone in to “ground” it to rebooting, haven’t helped.

Using a program called “Yet Another Multitouch Test” I was able to demonstrate that the screen is registering additional touches that I did’t make, especially near the top of the screen. I’ve contacted OnePlus support so we’ll see what happens. Here is a video demonstrating the issue.

POSSCON 2015

POSCONN (or the Palmetto Open Source Software Conference) is a regional conference held every year in Columbia, South Carolina. It dawned on me that I travel too much, because when I mentioned to a neighbor that I spent some time in Columbia, she paused and then asked “oh, it’s almost winter down there”. I had to explain that I meant the Columbia that is three hours away and not the Columbia in South America.

I really like regional grassroots open source conferences, but for some reason I was never able to make POSSCON. This year I decided to change that and OpenNMS was even able to sponsor it.

Sponsor Sign

POSSCON is organized by IT-ology, a non-profit dedicated to promoting technology careers for students in kindergarten through 12th grade. I think they must know what they are doing since they really know how to organize conferences (they are also responsible for All Things Open held in Raleigh, North Carolina, each October).

We piled five of us into the Ulf-mobile and drove down Monday night. Ben came along even though Tuesday was his birthday, so we decided to go out on Monday night to celebrate. There are a number of highly rated restaurants in the downtown Columbia area, and with my penchant for vintage cocktails and Ben’s taste for whiskey we decided on Bourbon. It was a wonderful evening and for his birthday we bought him a flight of Pappy Van Winkle, an incredibly difficult to find bourbon. The verdict: it is worth the hype.

Pappy van Winkle bottles

The show officially started on Tuesday and spanned two days. The first day consisted of roughly hour-long talks like most conferences. Where it differed was that the talks were held in different buildings around downtown Columbia. While it made it a little harder to jump from one venue to another, the weather, for the most part, was good.

The opening keynote was held at the Music Farm. As a sponsor we had a table which was also in the auditorium and I really liked that. One of the issues with having any sort of booth is that they are often set off in a side room. If you have booth duty you can’t see any of the presentations, and traffic between presentations is light. This way we had some down time during the presentations and yet got a lot of foot traffic in between them. Seemed to make the day go faster. The mayor of Columbia spoke and claimed to be the only mayor in America who was into open source, but I know of at least one other mayor, the mayor of Portland, Oregon, who attends these shows (I should disclose that the City of Portland is an OpenNMS customer). I didn’t want to bring it up though, ’cause this is a good thing to be proud of.

POSSCON Keynote

My presentation on the Linux Desktop was held at the Liberty Tap Room (‘natch) and while it was cool, it wasn’t the best place for presentations. The projector screen was dim (more useful for sports broadcasting at night then for tech talks in the middle of the morning). During one talk I had to listen to the Miller Lite truck idling on the road outside the door as the driver made his delivery.

Mine was the last one of the day, but I wanted to check out the venue so I went early and stayed for a talk on open source licensing (by one of the other sponsors) and one by Jason Hibbets of opensource.com fame.

I thought the presenter of the law talk was pretty brave discussing licensing with Bradley Kuhn in the room, but while I enjoyed the talk I could tell it was over the heads of most of the audience (you have to have lived it to really enjoy the finer aspects of the GPL and enforcement). I liked Jason’s talk, which I had not seen before, on the tools and processes they use at opensource.com to build community.

Jason Hibbets

Toward the end of the day I saw a talk by Erica Stanley on open source and the Internet of Things. It was good but due to the lack of a sound system it was hard to hear everything. I presented after her and didn’t have that problem (grin).

I think my talk on using the Linux Desktop went well. Now three years after leaving Apple I’m still using it and still loving it.

Tuesday evening there was a reception back at Music Farm followed by a speaker/sponsor dinner held at Blue Marlin. Ben, Jess and I ended up at a table with Bradley Kuhn, Erica Stanley and Carol Smith from Google. We talked briefly about the Google Summer of Code. OpenNMS was involved for several years, but these last two years we were not accepted. Last year I was told it was because they wanted to give other projects a chance, and this year, to be quite frank, I don’t think our proposals were strong enough. Instead of complaining like some projects, I am hoping this will motivate the team to do better next year. I think GSoC is a wonderful program and I wish it was around when I was in school, as both the pay and work environment would have been better than the hours I put in at a non-air-conditioned plastic injection molding plant (although I will say the experience motivated me to finish my degree).

Wednesday’s format was a little different. Everything was held at the IT-ology offices, which was good since the weather was rainy all day. It was made up of workshops, and I did two and a half hours on OpenNMS. Everyone seemed to enjoy it.

Overall, it was a great conference. Over 800 people registered and I think they all got their money’s worth. It was also a great way to market Columbia (I know we spent some money there). It has made me look forward to this year’s All Things Open conference (note that the Call for Speakers is open).

Review: System 76 Sable

As you might guess, I am a big fan of all things open, and I tend to vote with my wallet. When the need arose to replace some iMacs in the office, I decided to check out the Sable systems offered by Linux-friendly vendor System 76.

System 76 was a sponsor at SCaLE this year (like OpenNMS) and they also sponsored the Bad Voltage Live event where they gave away a laptop and a server, so they already had my goodwill.

Back in 2008 I needed some machines for our training courses, so being an Apple fanboy at the time I bought iMacs. Outfitting training rooms can be problematic if you don’t do training full time because you usually end up with nice systems that you don’t use very often. Seems wasteful, so we decided to use them to run Bamboo and our unit tests for OpenNMS when they weren’t being used for training.

Seth noticed that it was taking those machines around 240 minutes to run the suite of tests versus 160 minutes for the newer iMacs we were using, and this was having a negative impact development (almost everything we do relies on test driven development). Since we were running Ubuntu on the boxes anyway, I decided on a Linux alternative and chose System 76 for the first six replacement systems.

I like all-in-one systems for training since they tend to move around (we use the training room as a conference room when there are no classes). The all-in-one form factor makes them easy to carry. The Sables I ordered came with a 23.6 inch touch screen at 1080p, 3.1 GHz i7 processor, 16GB of RAM and a 500GB SSD for a total price of US$1731.

The ordering process went smoothly (there was one glitch when the original quote was for seven instead of six but it was quickly corrected). I placed the order on March 18th and they shipped a week later on the 25th.

They arrived in six boxes marked AIO PC:

System 76 boxes

I think AIO must be the manufacturer in China, but I couldn’t find a similar system on the web. One box had a smashed-in corner, so I opened it first, but it was packed well enough that the unit wasn’t damaged:

System 76 open box

I removed the packing and pulled the unit out. It was wrapped to protect the screen.

System 76 screen wrap

and the whole unit was covered in plastic wrap to prevent scratches.

System 76 plastic wrap

These units come with a power brick that is external to the system and I ordered them with a Logitech keyboard and mouse. These came in a separate box along with extra cables, etc., for expansion (unlike Apple products, you can actually work on these systems).

System 76 keyboard box

The hardest part about the whole process was figuring out how to turn the darn thing on. I finally found the switch on the back of the system on the lower right side (as you face it). I felt kind of stupid and yes, I even read the little pamphlet that came with it. Perhaps they should add and IKEA-like drawing with the little dude pointing to the switch.

It booted right up into Ubuntu 14.10, and all I had to do was create an account and set the IP address. Ben was then able to get in and deploy our Bamboo image and we were up and running in no time.

System 76 screen

While we still have some iMacs being used, the Sables have, so far, proven to be a solid replacement. I haven’t really used them as a desktop, yet, but they can run our test suite in a little over an hour which is almost a four-fold increase.

System 76 in a line

While Apple doesn’t offer a 24-inch iMac anymore, the 21-inch version with similar processor, RAM and SSD is US$2399, or quite a premium. The Sable is not nearly as thin or stylish as the iMac, but it is a nice looking machine and after struggling this week to correctly replace the hard drive in a late 2009 iMac I appreciate the fact that I can work on these if I need to, and the extra cables shipped with it even encourage me to do so.

And that’s what open is all about.

♫ To Be Thick as a Brick ♫

In keeping with the musical theme this week, I thought it would be cool to post about a little bit of OpenNMS “bling” now featured at the Chatham County Public Library in Pittsboro, NC.

OpenNMS Brick

We like to both talk about OpenNMS as well as support the local community, so when I found out that the library was raising money by selling personalized bricks, I thought it would be cool to get one.

OpenNMS Brick

We also have one to be installed at the Tesla Museum. I’m going to have to take a road trip to get a picture of that one, or see if Jeremy Garcia will drive over when it is open and take one for us.

♫ The Lunatic is on My Web ♫

The TL;DR of it is that I needed to create a new forum called OpenNMS Connect. This will be a place for Luna. So far I’ve been happy.

When I first started my quest for forum software a couple of month ago, I did what most geeks do and did a search for it. I found a very helpful Wikipedia page (‘natch).

After dismissing the non-open source options, I started looking at the programming language. Now I know I really shouldn’t be a PHP snob (this blog is presented using PHP software) but having been burned in the past with security issues my first inclination is to avoid it.

Now the guys in the office are trying to get me to think all “agile-ly” and so I need a “user story”. For any forum we use it has to support LDAP, for which the story could be “User must be able to access forum using directory services” or better yet “Admin needs a central way of controlling forum access”. We implement LDAP via the FreeIPA project, and it will just be so much easier if we can add and remove people from a particular group and just have it work.

The first project I looked at was Discourse. I was especially interested in a hosted version if I could tie it into our IPA instance. Discourse is kind of the “new hotness” at the moment, but I didn’t see an easy way to implement LDAP. There is a Single Sign On (SSO) option but it would require writing our own authentication page, and it wouldn’t work if we hosted it with them anyway.

The next project that caught my eye was the eXo Platform. It’s written in Java (as is OpenNMS) and it seems to have a ton of features. Perhaps too many. In any case I put the team on it and asked them to get it working with LDAP.

They succeeded in getting LDAP authentication to work, but then hit a ton of other snags. The authenticated users couldn’t access the default /portal/intranet site no matter how often we tweaked the permissions. They could reach the /portal/meridian site but we couldn’t figure out how to change the default portal. And in all cases we couldn’t get the top menu bar to load with an LDAP user which meant you couldn’t log out, etc.

On Friday I decided to see what I could do about it. Friday was a long day.

eXo is one of those companies that produces an open source version of their software as well as a paid version. My three readers know how I feel about that business model, and it made it kind of frustrating to figure out things since I couldn’t tell if the documentation would actually work on the “community” version. Also, to access the forums you need to register, which gets you a couple of spam-y e-mails trying to sell you on their paid version. Not too obnoxious and I can understand why they do it, but it was a little annoying.

It can also be hard to administer. A lot of the configuration is buried in .war files. For example, in order to set the default portal above, you have to unpack portal.war, change it and repack it. In playing around with the system, I decided that while the LDAP authentication is nice, the platform itself is way overkill for what we need. It is huge and on our system took several minutes to start up and would often spike the load with limited users.

So I spent a lot of time looking for alternatives. Unfortunately, the only option I found that had easy to understand LDAP integration was phpBB. When I mentioned that to the team, Jeff threw up in his mouth a little and I wasn’t too happy about that choice either. I don’t have the same prejudices as some, but I felt that its style was a little dated and there have been some serious security issues in the past associated with it.

But for grins I installed phpBB anyway. It was rather easy to do, which made me happy, but then I noticed that it was not easy to make the forum itself private. Another user story is that “Admin requires that only authorized users see the forum”. You can make certain parts of phpBB private, but I kind of wanted the same thing as eXo – an initial log in screen you have to use before accessing the site.

Then it dawned on me that we could just put it in a directory by itself in the web root, say /forum, and then make a pretty splash page on on the site with a link to it. Apache LDAP authentication is something we already figured out and knew worked and I could just require a valid login to access /forum.

This caused another lightbulb to go off. If we are going to do it that way, then why not just put any forum we like behind an LDAP authenticated directory?

The downside would be that users would need to create a forum-specific user if they wanted to add content, but on the upside they could choose their own usernames, thus obfuscating their identities for people who work at sensitive organizations. Thus we could have an LDAP user tied to, say, obama@whitehouse.gov and their forum name could be something totally different, like “Hot Cocoa”.

Yes, I know it is dressing up a bug as a feature, but to me it did seem useful.

Then I thought, hey, let’s revisit Discourse. That turned out to be harder than it would seem

Well, the only way to install Discourse on CentOS is as a Docker container, and at the moment it doesn’t seem to work.

The first time I tried to install it, it died complaining about lack of access to an SMTP server. No where in the instructions did it say you had to modify the app.yml and put in a valid mail server. In any case, I did that and restarted the install.

At one point during the install process I get this:

-- 0:  unicorn (4.8.3) from
/var/www/discourse/vendor/bundle/ruby/2.0.0/specifications/unicorn-4.8.3.gemspec
Bundle complete! 92 Gemfile dependencies, 189 gems now installed.
Gems in the group development were not installed.
Bundled gems are installed into ./vendor/bundle.

I, [2015-04-04T04:49:47.161747 #38]  INFO -- : > cd /var/www/discourse
&& su discourse -c 'bundle exec rake db:migrate'
2015-04-04 04:49:55 UTC [339-1] discourse@discourse ERROR:  relation "users" does not exist at character 323
2015-04-04 04:49:55 UTC [339-2] discourse@discourse STATEMENT:      SELECT a.attname, format_type(a.atttypid, a.atttypmod),	                     pg_get_expr(d.adbin, d.adrelid), a.attnotnull, a.atttypid, a.atttypmod
	                FROM pg_attribute a LEFT JOIN pg_attrdef d
	                  ON a.attrelid = d.adrelid AND a.attnum = d.adnum
	               WHERE a.attrelid = '"users"'::regclass
	                 AND a.attnum > 0 AND NOT a.attisdropped
	               ORDER BY a.attnum

which a Google search says to ignore, but then a little while later the install fails with:

FAILED
--------------------
RuntimeError: cd /var/www/discourse && su discourse -c 'bundle exec rake db:migrate' failed with return #
Location of failure: /pups/lib/pups/exec_command.rb:105:in `spawn' exec failed with the params {"cd"=>"$home", "hook"=>"bundle_exec", "cmd"=>["su discourse -c 'bundle install --deployment --verbose --without test --without development'", "su discourse -c 'bundle exec rake db:migrate'", "su discourse -c 'bundle exec rake assets:precompile'"]}
68a9a49f29ad74d9ab042bcaadfb06e02ff526104fefd82039eae1588bbb6e43
FAILED TO BOOTSTRAP

on which Google is much less helpful. No matter what I did I couldn’t get past it.

This kind of brings up an issue I have with Docker. Now let’s get this out of the way: I am jealous of the Docker project. We’ve been around for 15 years and gotten little notice whereas they have become huge in a short time. It would be nice if, say, I could get up to four readers on my blog.

But I really, really, really hated how hidden this whole process was. You install software on your system and then load “magic bits” from the Internet and hope it works. I think this is great on a intranet when you need to deploy lots of the same things, but without developing it internally first it was a little scary. When it doesn’t work it is incredibly hard to diagnose. Because the app wouldn’t build I couldn’t play with the database or really do anything, so I just uninstalled and reinstalled numerous times to try to fix this.

Plus, by running in a container, we would then need to modify nginx to use our LDAP configuration and that seems to be much harder than with Apache. I didn’t think it would be easy to just forward requests to the Docker instance, but since I couldn’t get it to work I’ll never know.

By this time I said, screw it, reinstalled phpBB and went home. It’s now about 8pm and I’ve been at it 11 hours.

Well, I have a mild form of OCD, or maybe it’s just being a geek, but I couldn’t let it rest. So early this morning (as in soon after midnight) I discovered a project called Luna (an active project from the aforementioned Wikimedia page).

Luna is the next iteration of the ModernBB project which is in turn is a fork of FluxBB. It’s simple, does almost everything I could want, and was incredibly easy to install. No Docker containers, no large Java app, just some PHP that you drop in your web root. Plus the webUI is built on bootstrap just like OpenNMS.

In about an hour I had it running, had changed the style to match our color palette, and fixed an issue where jquery wasn’t getting loaded by copying it down as a local file.

OpenNMS Luna Website

The downside is that it isn’t production yet. I installed 0.7 and earlier this morning they released 0.8. Jesse fixed an issue with the internal mail system and I have a couple of more issues that I’d like to see fixed, but overall I’m very happy with it. They are aiming to release 1.0 on 13 April.

And I really like their attitude and philosophy. They are self-funded and I love Yannick’s tag line of “You Can Do Anything.”

To help that I sent them 100€. (grin)

Anyway, sorry for the long post. I’ll let you know how it goes.

OpenNMS on Bad Voltage

I had to go back through my notes, but I first met Jono Bacon on April 12th, 2008 at a LugRadio Live show in San Francisco. Jeremy Garcia, the founder of LinuxQuestions.org, I didn’t meet until this year’s SCaLE conference, but I had been following that site since at least 2009 (or at least that the oldest e-mail I still have from it). Those two guys make up half of the team behind the Bad Voltage podcast.

The other half consists of Stuart “No Fruit in Beer” Langridge and Bryan “Puffy Nipples” Lunduke, both nicknames earned at SCaLE (where they did their first live show). Stuart, the more social and less-sickly of the pair, joined us for a few drinks one evening during the conference, but I have yet to meet Bryan face to face.

Which is probably a good thing, because the few seconds I saw said face on a Google hangout this week, well, it wasn’t pretty. Ebola is nothing to joke about so I shall leave it at that, but let’s just say he was under the weather.

I was on the Hangout because the guys asked me to come on Bad Voltage. The first time I was invited was a couple of weeks ago when the taping was on a Thursday. I couldn’t make that one, so considering the history of this crew I was a little suspicious when they asked me to chat on April Fool’s Day.

Of course, this is when I found out that Bryan was deathly ill and wouldn’t be joining us, and even my thick brain can detect a pattern. Dodges me at SCaLE even with the promise of free booze. Ditches me during the one time I’m on his show. I know when I’m not wanted.

The string of “coincidences” continued during the taping when Jono’s app crashed a few minutes into our chat. In 38 shows it had never happened before and so we had to start over, and the guys were good sports and laughed at all the right moments as I repeated my stories. April Fool’s Day is also my wedding anniversary, so they got a small slice of what it is to live with me and have to suffer through my stories over and over (she’s stuck with me for 22+ years so I guess that is one miracle for her sainthood, two to go).

Anyway, after the technical glitches were sorted and Bryan was done snubbing me, I thought the chat went pretty well. It’s hard for me to fit anything into ~10 minutes and I left stuff out that I would have liked to say, but I hope it gets people interested in OpenNMS. In any case, even without my bit (or should I say especially without my bit) the show is always entertaining and you should check it out. You’ll get the occasional F-bomb and sometimes references to moose genitalia, but overall it is pretty safe for work.

Anyhoo – check it out and let me know what you think:

Bad Voltage 1×39: Ambitious but Rubbish

OpenNMS at POSSCON, 14-15 April

#NotAprilFools

I love the fact that with the possible exception of OSCON (which has blacklisted me as a speaker for some reason), the main open source conferences all tend to be grassroots, regional affairs. I love going to them and find them to be much better than the commercial and corporate shows.

One I have never been able to attend is POSSCON. Although only one state away, my schedule has not worked out to allow me to go. I’ve heard a number of good things about it, so this year I was determined to attend and The OpenNMS Group is even a gold sponsor.

We will have be a booth where you can come by and see the new OpenNMS shiny, and I will be giving a talk on the first day about switching to the Linux Desktop, and on the second day there will be a workshop on using OpenNMS.

Hope to see you there.