Mounting VMDK files into host when in split file

I usually use OSFmount for mounting files made with DD, ddrescue, dd_rescue and gddrescue, for virtual machines in vmware i can mount those directly with OSFMount as long as it is a single file disk, when the thing has multiple files, i can not do that

Turns out vmware gives a way a tool to consolidate those disks into 1 disk.

cd C:Program Files (x86)VMwareVMware Workstation
vmware-vdiskmanager -r c:my_in_file.vmdk -t 0 file_out.vmdk

Now i can mount them directly onto my host machine.

Note that, even the  http://www.vmware.com/support/developer/vddk/ (The vmware vmdk development kit) which is a recent tool can not mount mutiple split disks, and requieres a single disk to mount on host

Memory in openVZ – all you need to know

First, calculating memory

I want 1GB of ram, how many pages would those be ?
To calculate the numebrs for an openvz conf file, you should know that in container config files, the numbers there are pages, not bytes, you should probably know that a page of memory is 4k which is 4096 bytes

So a gigabyte is 1073741824 bytes

Number of pages = 1073741824 / 4096

So a gigabyte is 262144 pages (which open VZ should get in the config file to end up with a gigabyte of ram).

Now To what values in the openvz config file mean.

So, a memory block in oppenvz is measured by pages not bytes or megabytes, so the word pages generally means memory, now let us look at some variables in the openvz config file, vm means virtual machine (which is your container)

Values are specified in the form of
parameter=”barrier:limit”
For example
VMGUARPAGES=”67584:2147483647″

vmguarpages = VM Guaranteed Pages, the barrier is the effective number (The limit should be set to maximum integer, 2147483647 on 32bit and 9223372036854775807 on 64bit even though it is not defined or useful yet), If the current amount of allocated memory space does not exceed the guaranteed amount (the barrier of vmguarpages), memory allocations of container’s applications always succeed. If the current amount of allocated memory space exceeds the guarantee but below the barrier of privvmpages, allocations may or may not succeed, depending on the total amount of available memory in the system. if allocations exceed privvmpages, allocations will fail.
oomguarpages = Out Of Memory Guaranteed pages (Total for all machines should not exceed the available memory on the server) this is like the above, but assuming the system has no choice but to kill procesees, the system will weigh this in to chose what VM to kill from.
privvmpages = Private VM pages (The barrier and the limit of privvmpages parameter impose an upper limit on the memory allocations)

Eclipse Content assist and fast auto complete

So in my Window => preferences window, i searched for “content assist”, and under content assist for PHP, i made the value 50 rather than 200, this did not help at all as there was no change.

So i searched for text editors and enrich after delay to enrich immediately, and magically everything worked on PDT, this does not make sense, what does hovering have to do with content assist, but there you are, now as soon as i write anything, choices star appearing 😀

Again, Switching from Zend Studio (paid) to PDT (Eclipse) which is ironically made by Zend as well was a very good move, i feel no issues whatsoever, i think this one is even better than the old version of Zend studio i was using, and Zend studio offered me no advantage at all, even though it would probably be beneficial to some who know hot to use the zend tools and get the studio to compliment those tools.

Creating a self signed security certificate

It may be true that tutorials teaching you how to create and install a self signed security certificvate are everywhere, this one here i put for my own purposes, because i use this one that i wrote as copy and paste instructions for speed. I added things to explain why we are doing everything

Here we will discuss installing a self signed certificate (Acting as your own certificate authorite) …

If you are not sure if what you need is a self signed certificate or a proper secure certificate signed by a certificate authority, you can see the difference here

In this tutorial, we will install a self signed certificate on a debian squeeze machine. Please keep in mind that 1 certificate can be installed per IP address. If you need to install more certificates for more hosts, please have a look here.

We are sssuming you have apache installed, other web servers have different installation instructions, but the generation procedure remains the same

The steps we will take are

A- get the system ready
B- Create a private key
C- Create a certificate signing request from the private key
D- Create a certificate from the certificate signinig request
E- Install the certificate and the private key

F- Decrypt the private key (Optional)

A- get the system ready

1- Install openssl

On my debian system, this is done with the following command, on other systems, the installer may be different

apt-get install openssl ssl-cert

2- Create a directory we can work in

mkdir /etc/apache2/ssl

B- Create a private key

Creating a private key is as simple as

1- Go to our working directory

cd /etc/apache2/ssl

2- To create a private key, Issue the command

openssl genrsa -des3 -out myprivate.key 4096

A password of your choice is requiered (You must enter it twice).

You will then have a private key in the file myprivate.key

This is the encryption key for your private key, and even though this is an encrypted private key file, this key should never be shared with anyone. Since if you do decrypt it in the optional step below, and if it is ever shared with anyone after it is decrypted, they can create a certificate just like the one we are creating and fool a visitor into thinking they are on the correct website (in case of a man in the middle attack for example).

C- Create a certificate signing request from the private key

The certificate signing request is the file we normally give to a certificate authority so that they can create a certificate for us, but in this case, we are the certificate authority (Self signed certificate), we will therefore create a Certificate Signing request and sign it ourselves

1- To create a file containing the Certificate signing request data, all we need to do is issue the following command

openssl req -new -key myprivate.key -out signingrequest.csr

You will now be asked for (Keep your eyes open for the common name since it is the most important)

* Your Pass Phrase, the one you chose for the private key (To create a request from a private key, we need the decrypt and read the private key)
* Country Code (US), State…, CITY, Organisation Name, Organisation Unit
* Common name, and this is the most important, this is either your domain or sub domain, if it is your domain, do not add WWW and enter example.com if it is a sub domain enter subd.example.com
* A Challenge password of your choice

* Enter anything into the optional company name.

We will now have 2 files in the directory, our private key (myprivate.key) and a certificate signing request (signingrequest.csr), we have 2 passwords, the private key’s encryption password and the signing request’s challenge password

D- Create a certificate from the certificate signinig request

openssl x509 -req -days 3650 -in signingrequest.csr -signkey myprivate.key -out mypublic.crt

Now, you will be asked the the Private Key’s pass phrase, the first password, Again to decrypt the private key so we can create a certificate.

We will now have 3 files in the directory, our private key (myprivate.key) and a certificate signing request (signingrequest.csr), and out certificate file (mypublic.crt)

E- Install the certificate and the private key

At this point, we have a public key (mypublic.crt), and a private key (myprivate.key), we can now install those on apache, and start using our certificate.

To install certificate on apache, we must

1- Enable mod ssl on apache, this is done with the command

a2enmod ssl

2- Make sure Apache is listening on the SSL port (443 by default)

On a debian system, you will need to verify the file ….

3- Fix the host’s config file to use the certificates

How this is done depends on how your system defines websites in apache, The easiest way to do this on a debian system is to copy the file mysite from the /etc/apache2/sites_available folder into a file called mysite_ssl (The mysite file could be called anything like polosite.com.cfg), then open the new file for editing, change the Virtual Host Line at the top to <VirtualHost *:443> (You may also change the 8 with your IP address) then scroll down to the end of the new file, and right before the end of the Virtual Host, add the following lines

<VirtualHost *:443>
...................
...................
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/mypublic.crt
SSLCertificateKeyFile /etc/apache2/ssl/myprivate.key
</VirtualHost>

4- Restart apache server

On a debian system, the apache server is restarted with the command

/etc/init.d/apache2 restart

IMPORTANT: Now, when you restart the apache server, you will be asked for the password you chose when you created your private key, the next step below will make apache not ask for a password, but will also create a risk if your unencrypted key should fall into a malicious user’s hands. Worth mentioning that most websites do decrypt the private key, then make sure it is in a directory only root user can access, again, by default your private key is encrypted, decrypting it means you need to take very good care of it.

F- Decrypt the private key (Optional)

openssl rsa -in myprivate.key -out myprivate.key.insecure
mv myprivate.key myprivate.key.secure
mv myprivate.key.insecure myprivate.key
  

Now, restarting Apache should not ask you for a password

G- Working with browsers

Firefox will allow you to add this certificate to it’s memory, whenever this certificate is presented for this hostname, Your modified Firefox will consider it a valid certificate