Top Nav

Archive | Cloud

Fonts & RackSpace Cloud Files

If you try to serve fonts from RackSpace Cloud Files or other CDN then you may run into problems with browsers refusing to load the fonts. Here’s an example error:

Font from origin ‘http://xxxxx.xxx.rackcdn.com’ has been blocked from loading by Cross-Origin Resource Sharing policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://www.acme.com’ is therefore not allowed access.

The problem is your browser doesn’t consider it secure to load the font from a different domain then the web page itself was loaded from.

The solution is CORS or Cross-Origin Resource Sharing as described here:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

When RackSpace Cloud  Files serves the font file, it needs to set a header like:

or more specifically:

This informs your browser that it is save to include this resource in the indicated alternate origin.

RackSpace Cloud Files provide a means to change the headers on individual files. Here’s the technical details:

http://docs.rackspace.com/files/api/v1/cf-devguide/content/Assigning_CORS_Headers_to_Requests-d1e2120.html

You can also set headers from the mycloud.rackspace.com portal. Just login, go to Storage -> Cloud Files and locate your font file. Click the gear icon and choose Edit Headers. A dialog will open where you can set the “Access-Control-Allow-Origin” header.

Note that it takes some time for header changes to propagate through the CDN. I always purge the file after making changes in the hopes that this will accelerate propagation but I can’t confirm that it helps.

With the addition of CORS headers you can reliably service your font files from the CDN!

0

Clone RackSpace Cloud Files Container With TurboLift

turbolift is an absolutely brilliant utility for manipulating RackSpace Cloud Files.  With turbolift you can do things like:

  • Upload a directory, (recursively)
  • Upload a single file
  • Upload a local directory (recursively) and sync it with a Cloud Files Container
  • Download a Container to a local directory
  • Download changed objects from a Container to a local directory
  • Compresses a Local Directory, then uploads it
  • List all Containers
  • List all Objects in a Container
  • Delete an Object in a Container
  • Delete an entire Container
  • Clone one Container in one region to another Container in the same or Different Region.
  • Set Custom headers on Objects/Containers

Wow!

So in this article I’m going to demonstrate how to clone a container.

Here’s the download link for turbolift:

https://github.com/cloudnull/turbolift

On CentOS 6.5 the install is easy:

Now lets assume that we have a container on RackSpace Cloud Files name “devimages” and we want to copy or clone the contents of that container to another container named “prodimages”. Here’s the turbolift command:

The [SOURCE REGION] and [DESTINATION REGION] should be one of ‘dfw’, ‘ord’, ‘iad’, ‘lon’, ‘syd’ or ‘hkg’.

turbolift is fast – it takes about 10 minutes to clone a 2GB container with 18K objects in the same region.

4

Scalr 4.5 Install Notes For Cento 6.4

Last year we published an article on installing the open-source version of Scalr:

http://blogs.reliablepenguin.com/2013/08/29/scalr-install-notes

Now there’s a new 4.5 release of Scalr available so it’s time for an update.

We’re installing on Cento 6.4 hosted on a RackSpace Performance 1 Cloud Server.

The installation instructions have improved since the last time around but Scalr is till a complex install:

https://scalr-wiki.atlassian.net/wiki/display/docs/Installing+Scalr+4.5

Follow these instructions one section at a time and make sure you’ve got the section complete and working before moving to the next section. We’ve provided notes below about each section.

Before you start, select a hostname for the server and add a DNS A record. For this article we’ll use:

You’ll have problems later on if you don’t get the hostname setup in advance.

Also I like to add some swap to the server:

 Create UNIX Users and Group for Scalr

I setup a script at /root/env.sh with the environment variable as follows:

This makes it easy to get the environment right.

Notice that we’re using user “apache” instead of “www-data” since this is CentOS instead of Ubuntu.

Configure your firewall

Edit /etc/sysconfig/iptables and add lines shown:

And restart the service:

Install Scalr’s PHP Dependencies

The PHP dependencies are tricky. Tried using the IUS repository but kept having problems with errors like this:

So I started over with the Remi repository:

Now edit /etc/yum.repos.d/remi.repo and enable the “remi” and “remi-php55” repositories.

The instructions say to install the php-pecl-rrd extension now but it’s better to wait due to dependency issues that we’ll see later.

Also notice that we’re installing php-pecl-http1 instead of php-pecl-http. This is critical.

Install Scalr’s Python Dependencies

Python is installed by default so just a couple of additional packages to install:

As with PHP, we’ll defer installing the python-rrdtool package until a later step.

Configure PHP for Scalr

Edit /etc/php.ini and (a) enable “short_open_tags” and (b) set the “date.timezone” setting.

Update System SNMP MIBs

For CentOS there is no “snmp-mibs-downloader”. I ended up doing nothing for this step.

Download and Install Scalr 4.5

I choose to install Scalr in /opt/scalr with the following steps:

Notice that back in the first step, I set the SCALR_INSTALL environment variable. No run the installer:

Install and Configure MySQL

Install MySQL server and set to start on boot:

Set the mysql root login and secure:

http://blogs.reliablepenguin.com/2012/10/09/secure-mysql-installation

I like to add a .my.cnf file:

http://blogs.reliablepenguin.com/2012/10/09/create-my-cnf-file-for-mysql-authentication

Edit the /etc/my.cnf file and add this line to the “[mysqld]” section:

Now create the database and user for Scalr:

And load the database structure and data:

Create the Scalr Cache folder

Install and Configure rrdtool and rrdcached

The default version of rrdtool is too old …. we need at least 1.4:

And now we can get the PHP and Python dependencies that we skipped earlier:

Set rrdcached to start on boot:

Edit /etc/sysconfig/rrdcached and change the “RRDCACHED_USER” to “root” and add the following line:

Now create the graphics and data directories:

And start the service:

Install and Configure Apache

Install Apache “httpd” package and SSL support:

Edit /etc/httpd/conf.d/vhosts.conf and add:

Set Apache to start on boot and start it now:

Configure Scalr

Copy the sample config file:

Now edit the config file at /opt/scalr/app/etc/config.yml and set the following parameters:

Leave the other parameters at default settings.

Configure the Scalr Cronjobs

Edit “apache” cronjobs:

and add the following:

 Configure the Scalr Daemons

Edit /etc/init.d/scalr and copy/paste the following contents:

Now set the service to start on boot and start it for the first time:

Validate your Scalr installation

 Now run the validation script:

Log in to Scalr

Open a browser and go to:

http://scalr.domain.com

Login with user “admin” and password “admin”.

Go to the Admin -> admin -> edit and change the admin password.

All Done!

Scalr install is now complete. You can get started using Scalr by adding a user and building an environment.

 

1

Vyatta VPN User Management

Here are the basic commands needed for managing VPN users on the Brocade Vyatta vRouter available in RackSpace Cloud.

Add New User

Remove A User

Change User Password

Same as adding a new user.

 

2

Error 850 When Connecting to Vyatta VPN With Windows 8

While setting up a Windows 8 workstation to connect to a Brocade Vyatta firewall on RackSpace Cloud, I got the following error:

Error 850: The Extensible Authentication Protocol type required for authentication of the remote access connection is not installed on your computer.

Turns out the fix is pretty simple – on the Connections Properties -> Security tab we need to explicitly set the authentication protocols as shown in this image:

Credit goes to Brendan at SysadminSpot for providing this solution:

https://sysadminspot.com/server-administration/error-connecting-to-virtual-private-network-pptp-error-850-the-extensible-authentication-protocol-type-required-for-authentication/

0