Linux command line task management with jobs, BG, FG and nohup – multitasking

Often I see people waiting while their command is executing, impatiently tapping their desk until a file copy or command has finished.

They are often amazed when I show them that the Linux command line has a way of sending pending commands to the background, so you can continue on another task.

Below is a gif screencast which shows:

Continue reading “Linux command line task management with jobs, BG, FG and nohup – multitasking”

VMWare Hardware Virtualization is not a feature of the CPU HP Proliant Microserver Gen10 Plus v2

For a while I’ve been postponing enabling Virtualization on my new microserver. But this weekend my wife was visiting her parents and I already watched all the series I wanted to, so no more procrastination!

Yet when I started, my HP Proliant Microserver showed this warning during the installation of VMWare ESXi VSphere:

<HARDWARE_VIRTUALIZATION WARNING: Hardware Virtualization is not a feature of the CPU, or is not enabled in the BIOS>

I ignored it, hoping for the best, but when I tried to power on a VM a similar message popped up:

Failed – This host supports Intel VT-x, but Intel VT-x is restricted. Intel VT-x might be restricted because ‘trusted execution’ has been enabled in the BIOS/firmware settings or because the host has not been power-cycled since changing this setting.

FIX: disable trusted execution (Intel TXT) in the Microserver BIOS

Follow these steps:

  1. Enter BIOS (F9 during boot)
  2. Enter menu option System Configuration

  3. Enter BIOS/Platform Configuration (RBSU)

  4. Enter Server Security
  5. Disable Microsoft (R) Secured-core Support
  6. Enter Intel Security Options and disable Intel(R) TXT Support
  7. Enter Virtualization Options and make sure Intel(R) Virtualization Technology, Intel(R) VT-d and Access Control Service are enabled

Disclaimer

Now you should know I just enabled and disabled these option based on reddit and Stackoverflow posts, and since nothing production like is running on this node I’m fine if I might have missed some steps or perhaps enabled too much. Basically I’m saying; You are responsible for your own server 🙂 Check with a professional if your node is running more important tasks.

Yet if I made a booboo somewhere, I would appreciate if you would please let me know and I’ll update the post accordingly.

File won’t download from Microsoft Teams

My colleague and me wanted to share a 50MB zip file via Teams. Which looked fine, but MS Teams application would not do anything when I tried to download it.

I tried several things, opening the same location in Sharepoint, moving it to OneDrive, etc. but in the end the following worked for me:

  • Open MS teams in a browser (URL for convenience: https://teams.microsoft.com/)
  • Open the same chat in which the file was shared
  • Go to the Files tab
  • Download the file

I’m not sure why Teams app would not download, but atleast this worked for me.

Happy “Not trying to use USB sticks ever again” day to you all!

Log as well as see error and standard output in Linux Terminal

Quick snippet, as I was searching for this one today.

You can output both standard and error output to both screen and log file with the below command:

my_command.sh 2>&1 | tee my_command.log

Explanation:

  • my_command.sh
    • replace with your command (possibly including arguments)
  • 2>&1
    • redirects standard error to standard output, otherwise only standard output is written to file
  • | tee
    • my_command.log pipes the output to tee, which writes both to screen and file

Simple http API backend for testing purpose using docker/kubernetes

At work we are responsible for an API Gateway offering. Testing of that API gateway is often done by using an API backend. This post shows how to create a static API backend to which you can easily add responses.

While looking for solutions I did not want to maintain another image, so I tried using an existing image and add config to mold it into something we can use.

I’m going to show both docker-compose and kubernetes yaml, as I’ve used both for testing.

Note: Create a local directory html for static files. These files contain the ‘responses’ for the backend.

Big thanks to my colleague Mahesh, who showed me a lot of cool tricks with K8s and OpenShift! Not only that, he helps me a lot with my simple questions and it’s been a lot of fun to figure out our (work related) challenges!
If you’d like then take a look at his blog over here: Mahesh Chinthaka – Medium

Setup

First up is the docker compose file which we can use for testing our backend locally. This file was the basis forwhat I converted to the k8s yamls.

Docker compose

version: '3.8'

services:
  nginxbackend:
    image: nginxinc/nginx-unprivileged
    container_name: nginxapibackend

    ports:
      - "8080:8080/tcp"
    volumes:
      - ./html:/usr/share/nginx/html
    restart: unless-stopped

Run docker compose up -d to start the nginx backend.

You can test the backend by opening this endpoint in your browser:

http://localhost:8080/yourfile.json

Note that yourfile.json should be present in the html directory

Kubernetes

Note: I’m not going to expose the NGINX backend outside of our namespace as I only want it accessible from the API Gateway, which resides in the same namespace.

If you want to test the backend, use docker or change the service to your liking.

The setup changes slightly because I don’t want to use local storage in my kubernetes cluster. In this setup I am using configmaps for the static response files.

K8s step 1: Create the configmap

kubectl create configmap nginxhtml --from-file=./html/

In the next steps we’ll mount the configmap for use in the pod.

K8s step 2: Create the deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginxapibackend
  name: nginxapibackend
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginxapibackend
  strategy: {}
  template:
    metadata:
      labels:
        app: nginxapibackend
    spec:
      containers:
      - image: nginxinc/nginx-unprivileged
        name: nginx
        volumeMounts:
          - name: nginxhtml
            mountPath: /usr/share/nginx/html
        ports:
          - containerPort: 8080
      volumes:
        - name: nginxhtml
          configMap:
            name: nginxhtml

Create the service

apiVersion: v1
kind: Service
metadata:
  name: nginxapibackend-service
  namespace: apim-dev
spec:
  selector:
    app: nginxapibackend
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080

Extra; Update the HTML configmap in kubernetes

You cannot update a configmap, so delete the current one and create a new one. Then recreate your pod so it uses the updated html directory.

kubectl delete configmap nginxhtml
kubectl create configmap nginxhtml --from-file=./html/
kubectl delete pod nginxapibackend-abcdefghij-abcde

Run a quick interactive shell in kubernetes for testing purposes

Today I wanted to check some stuff on a pod running in my local kubernetes cluster. I’m still getting used to Kubernetes, thus didn’t want something ugly like exposing that pod.

The easiest way of doing it for me has been to spin up a temporary pod using Ubuntu;

kubectl run myshell --rm -i --tty --image ubuntu -- /bin/bash

Now you can do whatever you want in the pod and when you log out of myshell, it’ll be removed immediately and we’re back to square one! <3

Error relocating: Symbol not found

I was running a container from linuxserver.io, which is based on Alpine linux.

While this container ran fine for a while, it seems after a while I’m getting the following errors in the log:

transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_cipher_list: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_default_passwd_cb_userdata: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_free: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_use_certificate: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_sess_set_new_cb: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_current_cipher: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_privatekey: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_add_client_CA: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_ciphersuites: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_default_passwd_cb: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_write: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_use_certificate_file: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get0_alpn_selected: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_set_fd: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_shutdown: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_ctrl: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CIPHER_get_name: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_new: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_read: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_load_verify_locations: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_use_PrivateKey: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_get_cert_store: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_set_session: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_post_handshake_auth: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_use_certificate_chain_file: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_options: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_alert_desc_string_long: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_connect: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_keylog_callback: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_next_proto_select_cb: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: BIO_f_ssl: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_use_PrivateKey_file: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_free: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_peer_cert_chain: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_check_private_key: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_peer_certificate: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_verify_result: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: OPENSSL_init_ssl: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_shutdown: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_set_bio: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_pending: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_alpn_protos: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_certificate: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_msg_callback: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_ctrl: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_srp_password: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_new: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_set_connect_state: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_ex_data: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_error: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_get_version: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_set_ex_data: symbol not found
transmission  | Error relocating /usr/lib/libcurl.so.4: SSL_CTX_set_verify: symbol not found
transmission  | Error relocating /usr/bin/transmission-daemon: SSL_CTX_get_cert_store: symbol not found

It seems this is because there are incompatibilities between the minimal (musl) system C library (libc.so) that ships with Alpine Linux and the bigger (GNU) libc that ships with more typical Linux distributions. Those error messages hint that you’re tripping over something like that. (text copied from the post linked below)

More information in this thread: Error relocating – symbol not found – building docker-fpm-alpine image – Stack Overflow

In my case I was indeed running Ubuntu Linux as host for the Docker images.

I’ll update this post when I found the exact solution. For now I’m using another image provider for this specific goal.

Linux, thank you for all the good times

This will be quite similar to a lot of stories I’ve read on Reddit, Stack, etc lately. But last week there was a straw which broke the camel’s back.

I’m currently installing my tool set on a macbook, after spending nearly half my life on Linux. As an analogy; it feels like finally trading in that old-timer car, which you know every nook and cranny of the engine bay but it just isn’t up to it’s task in this world.

In the past 20 years I loved how the merry heap of Open Source devvers tackled every (really every) hurdle and created this OS shaped out of hope and dreams. A project started so small and turned to influential by those same characters 🙂 I laughed about the naming of less (less is more), used cowsay on most of my terminal messages and could use this free and open solution to earn money as a self employed engineer.

I installed Warty Warthog and was wondering what I would do with the rest of my day, since it only took 30 minutes instead of a full day compiling in Gentoo.

I found out about so many beautiful solutions built, maintained and cared for by communities which were revolving around the community itself, instead of self-glorifying CEO personalities.

The straw was an email from the customer I’m currently working at, they stated that you need to be MS Intune compliant to be able to login to corporate resources. Which means that I can reach everything (yay openvpn) but not use it (nay intune)

In all those years it has always been corporate policies which broke stuff for me. A customer or client would ask me to join their network and it’s tough to explain that you need to recompile gnome-network-manager to add VPN support. For me myself I can explain why this time is an investment, but when a client/customer is waiting for me to deliver value it’s a different story.

I spent a full day on getting audio to work in MS Teams via Citrix Workspace (both Citrix and MS are very corporate), and that shows where the issue lies; The corporates (not meant as a negative!) don’t care that much about the minority share that Linux users are. They don’t lose (much) money when I can’t use their products, so why bother.

Next to that the companies which develop solutions for Linux are in trouble with testing, the group is abysmally small and the techniques they used are splintered (gnome/kde, ubuntu/fedora/mint/pop_os, cpu architecture, sound subsystems, etc etc) so it’s neigh impossible to test a new release properly to prevent previous bugs to re-appear.

I switched to a Macbook three days ago, ported my whole workspace and most of the tools are working fine. Next to that, I am now compliant, thus can use the corporate facilities without restrictions.

And. It. Just. Works.

Honestly it feels like losing a good friend, who’s been there for most of my life.

Goodbye Linux, it’s been a blast. I’ll see you on all of my servers, so I guess we’ll be neighbours, no longer roommates.

photo of person walking on deserted island
Photo by Tom Swinnen on Pexels.com

Citrix Workspace (ICAClient) no sound/audio in Microsoft Teams

Since last week I am working with a virtual desktop (VDI) through Citrix Workspace (ICAClient) and noticed I can not use Teams to call or join meetings.

This message is displayed in Microsoft Teams:

There’s a problem with your connection.
Still connecting to remote devices. Calling isn’t available yet.

Cause: HDX Optimized audio does not work

If you want to skip straigt to the solution, click here: Solution: Change MSTeamsRedirSupport to zero

How to diagnose if the cause is the same as what I encountered

Log in to your VDI, play some sounds AND talk into your microphone to make sure your audio is actually working. Check this via the sound mixer, that’ll show a moving bar if it’s receiving sound by your microphone. Speakers should work when you watch a random youtube movie.

Next; Open MS Teams and click the “Three dots” settings menu, choose About, then Version. When your Workspace and Teams are expecting HDX to work but it didn’t, you will see this message: Citrix HDX Not Connected

MS Teams, Settings – About – Version: “Citrix HDX Not Connected”

Note: If it would be working, you would have seen Citrix HDX Connected

The third option is if Teams does not expect Citrix HDX to work, then it simply doesn’t show anything about Citrix HDX and tunnels sound over the regular sound channels. This is what we want to accomplish in the next chapter.

There is a registry entry MSTeamsReditSupport, which is set every time you connect to your VDI with Citrix Workspace. From what I understand; Citrix Workspace communicates to your VDI that it is capable to receive HDX optimized audio streams. Next to that MS Teams checks that registry setting when it is started to use/not use HDX optimized audio.

Solution: Change MSTeamsRedirSupport to zero

Change MSTeamsRedirSupport to 0 (zero) in registry. The exact location of this registry entry is here:
HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream\MSTeamsRedirSupport

It’s a bit tedious to open Registry Editor every time, so you can also create a registry entry file MSTeamsRedir.reg
In this file you can paste this content:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream]
"MSTeamsRedirSupport"=dword:00000000

Remember; You should run MSTeamsRedir.reg every time you connect to the machine or when you restart MS Teams.

Why is this a problem?

I do not know exactly, but I know that the HDX optimized socket on my laptop can not be reached contact the VDI and I tried searching for a solution for a couple of hours. I then became fed up with HDX optimized sockets and thought about buying a macbook to just make the damn thing work. After that short existential crisis I kept searching for a possible solution and was happy to find this registry setting.

My emotions with Linux after figuring stupid things out which simply work on other OS’s

What I’ve tried and did not work:

1.) Run Citrix supplied hdxcheck.sh and see if you have all the libs installed, I tried installing all libs manually and in the end still had no HDX optimized sound in my VDI. You can run this command via the following path:
/opt/Citrix/ICAClient/util/hdxcheck.sh

2.) Install older version of Citrix Workspace, which didn’t use the HDX optimization and thus sound worked in all applications. I did encounter some bugs with full-screen not working properly on a bigger monitor. The version I used is linked below:
Download icaclient_19.12.0.19_amd64.deb via https://www.citrix.com/downloads/workspace-app/
Direct link to the download: https://www.citrix.com/downloads/workspace-app/legacy-workspace-app-for-linux/workspace-app-for-linux-1912.html

Sources:

Citrix.com: Enable optimization of Microsoft Teams

Citrix.com: How to collect Logs for Citrix Workspace app for Linux?

(Web-safe) Fonts blurry/bad/jagged/vague in Chrome

Chrome based browsers (Edge/Vivaldi/etc) and Chrome itself are great. But the font smoothing on my Linux laptop (Pop!_Os / Ubuntu) is not great. This comes into play when you’re visiting pages with web or web-safe fonts.

Web(-safe) fonts allow Web designers to use fonts that are not installed on the viewer’s computer.

The edges of the fonts look a bit jagged and the edges are vague. This is quite annoying, since the fonts are rendered perfectly in all other applications.

After a whole lot of searching I finally found the solution (for me). YMMV (Your miles may vary)

Solution: Disable Hardware acceleration in settings

Go to settings by clicking the three dots and then select settings.

In the settings, search for hardware

(You can click this link to go there directly: chrome://settings/?search=hardware)
(If you use chrome, click here to go there directly: chrome://settings/?search=hardware)

Flip the switch next to Use hardware acceleration when available and click Relaunch

Wonderful! Click Relaunch to view beatifully rendered web fonts

After the relaunch my fonts were rendered perfect.

Examples:

Hardware acceleration disabled, bask in the glory of clean fonts!
Hardware acceleration enabled, fonts edges are vague !