I finished this weekend Marcus Aurelius Meditations. Yes, this is the Emperor in the movie Gladiator. Since I have reading about Stoicism, watching videos and actually doing meditation, I was curious about MA’s writings. I have read about Epictetus so looked like a good follow up.
The intro of the book is quite good. Give you a lot of background about MA, his time and his “meditations” itself. To be honest, I gathered more from the intro that the book itself. The meditations are divided in 12 books but doesnt looks like there is a plot. I felt that MA was repeating his stoicism mantra in all books.
I was surprised about his very stoicism believe with insisting points about anything outside your soul, it is something you can’t control and it is going to perish sooner or latter. You should care only about your reasoning and following the “rational” nature.
Any pain, insult, feeling is is something external and if it affects you is because you are not following the human nature. Dont look for fame, fortune, etc. At the end, the atoms of our body will go back to the nature, the source. And this is for everybody.
And very interesting, he is very clear in the existence of a god and there is a reason for everything.
In summary, I am taking several points of stoicism in my own believe. It fits in my core values and find it useful. Like meditation itself.
So I just created an empty repo and started working on it:
$ git clone https://github.com/thomarite/test-ci.git
$ cd test-ci
$ pyenv local 3.7.3
$ python -m venv virt_env
$ source virt_env/bin/active
$ python -m pip install pylama
$ python -m pip install black
$ python -m pip install pytest
$ python -m pip install tox
$ mkdir tests
$ vim tests/test_sample.py
def increment(x):
return x + 1
def test_answer():
assert increment(4) == 5
$ vim requirements.txt
pytest==5.4.3
pylama==7.7.1
black==19.10b0
$ vim .travis.yml
language: python
python:
"3.7"
# command to install dependencies
install:
pip install -r requirements.txt
# command to run tests
script:
pylama .
black --check .
py.test -s -v tests/
Then you create an account with Travis-ci.org that is “free” and you link up to your repo. As soon as you commit, you will how the tests run and if they are successful.
As I have now a basic setup, I hope I carry on using it to any new python stuff I try.
As my last attempt to build a MPLS-SR Arista lab failed usin cEOS. I decided to try a different approach as I need more resources that my laptop has. For sometime, I wanted to use tesuto but I am not sure if it is still on business. From the main page, you can’t find any link to register (and pay) for the service. Although if you search for “pricing” you can find a link to that. That’s it.
The other option was to use EVE-NG. You can use it in your own bare-metal server or in the cloud.
So finally, I decided to spend some money. I signed up for GCP with a $300 free computing offer. So at least I dont pay for GCP yet and then I bought one year of EVE-NG professional. Let’s see how it goes.
Before buying the license, you need to install eve-ng. So I followed the official documentation to use it in GCP as it is quite up to date.
I consulted other links too just to compare other users experiences like these:
I had an issue during the process. When I had to configure DHCP, the IP wizard was showing garbage in the script. Hopefully I didnt have to add anything just accept all default values.
So once it is done, you need to https to the VM…. it didnt work. Somehow “apache” was started. So after startup, got access. I can login and change the default password.
root@eveng01:/var/www/html# service apache2 start
root@eveng01:/var/www/html# service apache2 status
So far, I am not planning to give it a static IP to the VM and a FQDN from my domain. Maybe in the future if I use it often.
Now, I need to create the Arista lab. I followed one of the links earlier, it was quite handy.
I created my small 3 nodes lab, apply the config. All this with a couple of reboots in each device and you have the lab up and running!
It is nice to work in a system with plenty of RAM. The VM has 60GB of RAM and 16vCPU. So I should be able to create a lab with 14 vEOS (each one needs 4GB and 1CPU).
$ top
top - 13:00:27 up 1:33, 1 user, load average: 2.12, 1.37, 1.04
Tasks: 266 total, 1 running, 168 sleeping, 0 stopped, 0 zombie
%Cpu(s): 10.3 us, 5.9 sy, 0.0 ni, 83.4 id, 0.0 wa, 0.0 hi, 0.4 si, 0.0 st
KiB Mem : 10.2/61838576 [ ]
KiB Swap: 0.0/0 [ ]
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
27623 root 20 0 3034100 1.992g 25696 S 100.4 3.4 11:21.40 qemu-system-x86
26120 root 20 0 3034100 1.951g 26068 S 100.0 3.3 8:54.66 qemu-system-x86
24536 root 20 0 3034100 1.915g 26072 S 43.3 3.2 9:16.11 qemu-system-x86
245 root 25 5 0 0 0 S 8.2 0.0 2:05.36 uksmd
7500 www-data 20 0 377908 30744 12732 S 4.5 0.0 0:17.27 apache2
4262 root 20 0 1138416 15732 13508 S 0.8 0.0 0:25.40 janus
5526 tomcat8 20 0 5925452 348168 17676 S 0.8 0.6 0:43.17 java
159 root 20 0 0 0 0 I 0.4 0.0 0:01.13 kworker/6:1-eve
4363 mysql 20 0 2493932 85712 20408 S 0.4 0.1 0:10.80 mysqld
7210 www-data 20 0 377900 31024 12724 S 0.4 0.1 0:07.08 apache2
Unfortunately, I am hitting the same problem, and this time, the MAC addresses are the ones you expect to see based on the interface outputs:
I have asked again Arista if this is expected…
In the main time, I need to learn how to map the devices in the VM to external ports so I can access directly from my laptop.
UPDATE
My Arista SE confirmed that cEOS doesnt support MPLS Data Plane. And this should work with vEOS. So I asked in Arista forum about this problem with vEOS and turns out that this works but you need to be sure that a “physical” interface is attached to the VRF, a Loopback or SVI is not enough.
This seems to be the original post about the problem:
I have a supplier at my employer that requires to use a FTP server to send big files when you open a support ticket. For a long time (a couple of years) whenever I had to upload big files, I had to use my personal VM because my ftp connections failed from the office. I always blamed the super-smart firewall.
One day, I decided to fix the issue and allow the connection in our corporate firewall. I failed. Still couldnt upload files from the office. So keep using my personal VM.
This week I had to upload again a big file. This time I am working from home, so pretty much it is going to work the upload. Wrong! It fails. Ok, I checked a bit and got to the conclusion that it is my ISP or modem at home that is blocking FTP. Most ISP use CGN to stretch as much as possible the limited IPv4. I have IPv6 at home and my VM has IPv6 too… but the ftp server doesnt.
I checked the internet if there was any know issue with my ISP and FTP connections. No luck. I connected to my modem, nothing obvious messing around with FTP.
I decided to give it a proper go to this issue. I knew that it worked from my VM and it didnt from home. I noticed that I was running the same ftp client version in the VM and at home. So let’s debug the ftp client and take a packet capture in both locations.
CLI from the VM:
$ ftp -vd b.b.b.b
ftp: setsockopt: Bad file descriptor
Name: ftp
---> USER ftp
331 Please specify the password.
Password:
---> PASS XXXX
230 Login successful.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd support
---> CWD support
250 Directory successfully changed.
ftp> cd 211211
---> CWD 211211
250 Directory successfully changed.
ftp> put TEST.txt
local: TEST.txt remote: TEST.txt
---> TYPE I
200 Switching to Binary mode.
ftp: setsockopt (ignored): Permission denied
---> PORT a,a,a,a,162,57
200 PORT command successful. Consider using PASV.
---> STOR TEST.txt
150 Ok to send data.
226 Transfer complete.
28 bytes sent in 0.00 secs (854.4922 kB/s)
ftp> quit
---> QUIT
And this is the packet capture:
After typing “put” in packet 33, I see a “PASV” message from the server and a new connection (initiated by the server!) is established for the data transfer. All good.
So now, make the same from home and compare.
CLI from home without debug:
$ ftp b.b.b.b
Connected to b.b.b.b.
Name: ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd support
250 Directory successfully changed.
ftp> cd 211211
250 Directory successfully changed.
ftp> put TEST.txt
local: TEST.txt remote: TEST.txt
500 Illegal PORT command.
ftp: bind: Address already in use
ftp> quit
221 Goodbye.
CLI from home with debug:
$ ftp -vd b.b.b.b
ftp: setsockopt: Bad file descriptor
Name: ftp
---> USER ftp
331 Please specify the password.
Password:
---> PASS XXXX
230 Login successful.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd support
---> CWD support
250 Directory successfully changed.
ftp> cd 211211
---> CWD 211211
250 Directory successfully changed.
ftp> put TEST.txt
local: TEST.txt remote: TEST.txt
---> TYPE I
200 Switching to Binary mode.
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,1,158,202,145
500 Illegal PORT command.
ftp: bind: Address already in use
ftp> quit
---> QUIT
221 Goodbye.
So with and without debug I keep seeing “ftp: bind: Address already in use”…..
And this is the packet capture from home:
So after I type “put” in packet 32, the answer from the server is a “500”.
I wasnt clearly paying attention to the clues. I was still banging my head why the server was sending a “500 Ilegal PORT command”.
I was comparing both captures and both debug outputs… but still didnt it.
I thought I understood FTP. I knew that you use port TCP 21 to establish the control session and the data session / transfer is via new TCP session using a random port. That’s one of the reasons that using NAT or CGN can screw up your FTP sessions.
So I assumed that the issues wasnt my ISP. So it had to be my side (or me).
So finally, I decided to search for “ftp: bind: Address already in use” as it was the message that came up with and without debugging.
An entry from 2004…. it can’t fix my problem for sure…. keep reading and update from 2020… it says it works…. oh boy II
try using a passive connection with "ftp -p" instead, see if it helps...
There we go:
$ ftp -vdp b.b.b.b
ftp: setsockopt: Bad file descriptor
Name: ftp
---> USER ftp
331 Please specify the password.
Password:
---> PASS XXXX
230 Login successful.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd support
---> CWD support
250 Directory successfully changed.
ftp> cd 211211
---> CWD 211211
250 Directory successfully changed.
ftp> put TEST.txt
local: TEST.txt remote: TEST.txt
---> TYPE I
200 Switching to Binary mode.
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (b,b,b,b,46,248).
---> STOR TEST.txt
150 Ok to send data.
226 Transfer complete.
26 bytes sent in 0.00 secs (12.5386 kB/s)
ftp> quit
---> QUIT
221 Goodbye.
it worked !!!
I felt embarrassed. Time to search for FTP passive vs active…
Really good explanation. I hope I will never forget it.
FTP Active: The client issues a PORT command to the server signalling that it will “actively” provide an IP and port number so the server opens the Data Connection back to the client.
FTP Passive: The client issues a PASV command to indicate that it will wait “passively” for the server to supply an IP and port number, after which the client opens a Data Connection to the server.
So it worked in my VM because somehow the ftp server sent a PASV command (maybe because it detects there is no NAT as I have a public IP???).
From home, it failed because, by default, the connection is ftp active, so when the server tried to open the new data connection to me(something I couldnt see in the packet capture…) it failed as my ADSL modem wouldnt allow inbound connections.
Once I enabled “-p” in my connection to the server, all worked because it was me who started the new data connection and my firewall allows everything outbound.
Happy to solve the problem after a couple of years, and after a couple of hours of “serious” troubleshooting. It was shocking how blind I was. I had the ftp error message and the PASV from the trace.
This week I have been following a discussion in NANOG about LDPv6 (there are lot of emails but it is VERY interesting) and I realized that I didnt recognize the term “BGP-Free Core”. So I searched about it. It seems it wasnt an obscure subject and funny enough I have used that design in my MPLS labs in GNS3… So what is BGP-Free core? These are the links I read:
Just finished reading this book. I wanted to follow up with more info about how to improve my concentration and attention after “Deep Work”. This book is more dense. I liked the first part as there was a strong focus in the person’s psychology for distraction. We have our internal and external triggers that push us to traction (what we have to do) or distraction, and we need to identify those triggers. We need to master our internal triggers and hack back the external ones (email, app notifications, etc). We need to make time for traction and prevent distraction. And a simple timetable can give you visibility to where you are “spending” your time. Even more, you can adjust the timetable to be aligned with your values. I see connections with meditation and that works for me.
And the attention needs to start with ourselves. Then the important people around us and finally work.
I enjoyed the examples of companies like Slack to help employees to disconnect and be productive. And how important is “psychological safety” in a team..
Nowadays it is the social media the evil for our lack of attention. But in the past we have had others like television, video games, radios, books, etc. It seems Socrates complained about the written word. So there is nothing new. I liked the example of Tantalus’ curse. And now I understand the curse. He was trying to reach for things that he didnt actually need.
This is a nice screensaver:
“What we fear doing most is usually what we most need do”
And at the end there is a section for kids that I think it is very useful and original.
In summary, I have enjoyed the book and gives me more reasons to carry on my goal of better focus ( deep work / indistractable).
I hope I re-read this book at some time in the future.
I am troubleshooting an issue in a docker setup with some Arista cEOS where I can’t ping inside a VRF. First I though it was a MTU issue as when you use MPLS, there is an extra tag in the L2 frame.
…But my pings weren’t that big.
Still wanted to increase the MTU because that’s the expected thing to do in your WAN links if you run MPLS and want your users in different VRFs to be able to use the full 1500 bytes.
After some searching, It seems you can change the default value using the config file as per this link:
$ ip link show docker0
9: docker0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:be:73:8c:d3 brd ff:ff:ff:ff:ff:ff
$ cat /etc/docker/daemon.json
{
"data-root": "/home/somebody/storage/docker",
"mtu": 1600
}
$ sudo service docker restart
..
$ ip link show docker0
9: docker0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:fb:c0:cf:a2 brd ff:ff:ff:ff:ff:ff
And restart docker. But still had mtu 1500. Checking another link it seems I actually need to create a container so the bridge come up with the new value
$ docker run -d busybox top
...
9: docker0: mtu 1600 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:fb:c0:cf:a2 brd ff:ff:ff:ff:ff:ff
Funny thing, once I started my lab again (using docker-topo) still got MTU 1500!!!
Will have to dig a bit why docker-topo doesnt take the docker mtu 1600 from the config file.
Solution: docker-topo is creating user-defined bridges, so it needs to be told that the mtu is different. The “mtu:1600” in the docker config it is only for the default bridge so when you start the busybox, it is attached to the default bridge and you see 1600.
The other thing I was curious was if I could tcpdump the networks created by docker.
Yes, you can!
# docker network ls
# ifconfig
# tcpdump -i br-xxxx
Sometime ago I tried these typical Italian rice bowls and like them. So I wanted to give it a go one day. The ones I tried had spinach and cheese inside. I quick search showed me videos for arancini but with meat. It looks good but wanted to try the spinach version so I went a bit free style.
These are the videos used as reference: link1 and link2
Ingredients for the rice balls
1 and 1/2 cup of arborio/paella rice
3 cups of boiling water
half onion chopped + splash of olive oil
pinch of sea salt
knob of butter
1 tsp of tumeric
Process
Fry the onion with the oil in a deep pan until soft
Add the rice and mix all together for a minute
Add the boiling water, salt, butter and tumeric
Cook at middle temperature and stir often
Once all liquid is absorbed, spread the rice in a tray to cool down.
Ingredients for the filling
500g of washed spinachs
half onion chopped + splash of olive oil
1 garlic clove
splash of milk
1 big tsp flour
Process
Fry the onion with the olive oil until soft.
Add the garlic and fry until golden
Add the spinach. They will reduce quite a lot.
Stir often and once the spinach are like a paste, add the milk and flour
Remove from heat and let it cool down
Frying the rice balls
Ingredients
2 eggs
Breadcrumbs
sunflower oil (never through olive in the sink please!)
Cheese
Process
Heat up a deep pan with the sunflower oil.
have a plate with the breadcrumbs and another with the mixed eggs
For making the balls, as per videos, wet your hands, make a decent ball, and make a hole with a finger.
Fill the hole with the cheese and spinach.
Cover the ball with a bit more rice and follow the technique to shape it like an egg
Pass the ball by the egg, then breadcrumbs and finally into the hot oil.
Fry until golden
This is my result:
Veredict:
To be honest, they look as I remembered but my spinach filling wasnt as great as the ones I tried.
I think I need to use mozarella cheese and add something else to the spinach mix (salt? nutmeg?)
Next time I will try to find the Arancini recipe with spinach.
I finished this short book about Stoicism. As I have been meditating for over a year, I am interested in ways to keep learning and improving my quality/health of mind. I like feeling fit in my body, and my mind.
After watching some short videos about Stoicism, I liked the ideas and felt they can fit in my way of thinking.
Most of the times, Epictetus and Marcus Aurelius are the most common figures mentioned about Stoicism so I tried something written from them.
I went to the “How To Be Free” as the main source from Epictetus. I learned that he was a Greek born slave from the Roman times who earned his freedom and became a philosopher. Who more entitled to write about freedom that a slave? And I didn’t know that the stoicism had started some centuries earlier, around 300BC in Greece. As well, the “Encheiridion” was actually written by Arrian (I read a book about Alexander The Great and didnt know about his philosophy side) that was one student of Epictetus.
The book centres in what it is under our control and what is not. Things that we control are just inside us, and they are the ones that makes free (and content). As soon as you start to give away that control to outside things, you are doomed to suffering. It can be brutal in some cases. If a love one dies, it is not in your control that event, so you shouldn’t bee affected, just accept that is part of nature. Nature is nature and is not bound to our will. That reminds me too Buddhism too.
I like this philosophical approach, it matches well with me. In the world where we live with so much attention to the outside, it is good to get back to basics. We should be happy/content how we are, if we dont hurt anybody/anything and we life in harmony with nature. Suffering is part of life and we shouldn’t sell our freedom to external factors. Somebody insult you? Somebody has done something bad to you? Things are not going according your wishes? These are timeless sources of suffering and we had people already talking about this and providing guidance for a couple of millenniums. And I think we haven’t learned much apart from taking the wrong approach: take this pill, buy this, be like that person, etc etc
There is so much we can do for ourselves by ourselves. Why schools don’t teach more philosophical thinking? When I was in high school we had a subject about Philosophy that was mandatory to get access to University. But at the end of the day, they prepare you to pass an exam. Not to learn. How important is a good teacher…
I finished reading this book from Paul Krugman. I have really enjoyed it. It is short book and got me hooked. And it is much more easier to read the Keynes book… that was proper hardcore. He explains the crisis we have seen in XIX and XX in a way that you dont need to be economist.
It is really interesting the connections of the economic crisis globally and how complex it is getting everything. It seems the only power that the governments have is print money and play with the interest rates. And it is clear that there is no a perfect system and we will carry on seeing crisis like this. There were some big figures in the economic world that said there will not be more macro economical crisis anymore. And it is funny how the IFM hasn’t followed the practices to improve economies from countries in crisis, they have made things worse.
The baby setting Co-Op is a great example that is used in several parts of the book so explain the type of crisis in that scenario. Really useful.
And seems he is honest, he doesnt have the explanations for all crisis. For example for the Asia crisis of the late 90s, he uses the psychological concept that investors put all countries is Asia in the same basket and treated some countries with stronger economies like weakest one.
And Keynes is mentioned several times. It is clear he was great (although I didnt understand much from his book).
It is clear that things that behave like a bank and they are not bank, they should play by the same rules to protect consumers and avoid crisis like the 2008.
And how important is the confidence. Even well run banks can go down extremely easy when there is a “run on the bank” (people want to take the money out of the bank). It is like a domino effect.
As in Mandelbrot book, it is impossible to foresee the economy long run… And Keynes says that in the long run we are dead.
