Known Element Enterprises Corporate Blog

I have had a very busy past few days, attending the WiFI town hall meetings, and e-mailing a number of key players. Known Element is throwing its expertise into the ring and is launching the Red Badger project.

There you will find collected resources on large scale WiFI deployment, and various other WiFI topics. We are also in the process of putting together a map of anchor WiFI locations which will then allow more nodes to be built around it creating a city wide mesh.

See all the project details at: http://www.knownelement.com/red-badger/

Watch for updates throughout the next few weeks.

I’ll also be continuing my VPN build out from September. Major progress has been made toward that goal, and it has been re cast to serve as a critical part of the WiFI back end infrastructure.

I have long been a proponent of being involved in the community. When I was about 13 or so, I ran a monthly news letter for my neighborhood. I participated in multiple Operation CleanSweep days. I went to neighborhood watch. I picked up trash and recyclables. I dillegently reported graffiti.

I often wondered what the cause of all this crime and blight was. I mean I certainly never even considered littering or defacing property. The affect on MY community was obvious. My parents raised me to respect myself and those around me, as well as my and others property.  I was in my community all the time. Going to the grocery and other stores, walking or riding my bike etc etc. So were a lot of other people, many of them the ones comitting crimes.  Where were the parents and other role models of these teenagers and young adults? Why weren’t they learning to avoid drugs, and not commit crimes? Why didn’t they go home and interact with their families?

I believe this is a big part of what is called the “digital divide”. People not having access to computers and good education. All over the place, not just “inner city kids”. I lived in the suburbs (and still do).  Crime is rampant all through Los Angeles.

So how do we use technology to help get people into productive groups and teach them the necessary life skills?

Well one way is to provide free computers and internet access throughout Los Angeles. The free computer part is pretty easy, as a number of organizations and community centers have “learn and earn” programs etc. However these days a computer isn’t very useful unless its connected to a network. A good friend of mine recently said “A computer is only as powerful as the ones its connected to”. He is quite right.

However providing safe, secure, clean (no porn/child molesters etc) internet access throughout the city of Los Angeles is a much more complex problem.  The kind of problem I have been talking about with people for many years and am ready to be a part of.

Recently I received an e-mail from a group I am a part of called the SoCal Wireless User Group. See http://www.socalwug.org/ for more details. They mentioned meetings being held by the LaWifi Project ( http://www.lawifi.lacity.org/ ). I will be attending those meetings this Wednesday and Thursday. 

I want to continue to do my part in helping our community grow and prosper. I plan to be very involved with this project, and will provide regular updates on this blog.

Why don’t Canonical and Linspire merge?

Ideas/Advantages:

1) Linspire has a fair amount of market penetration in the Southwestern United States (and possibly elsewhere but I can’t speak to that).
They have access to retail channels (Frys comes to mind) and put out a decent product.

2) The paid version has fully legal multimedia playback capability. This is something that Canonical has long been trying to solve for Ubuntu, and by merging with Linspire a paid version of Ubuntu (or more likely a CD with the necessary deb packages) could be produced that would allow fully legal multimedia playback.

3) Linspire has switched its base to ubuntu.

4) Linspire and Canonical both produce a great desktop product.
In recent Ubuntu releases, Canonical has started to focus more and more on the server but still has a long way to go. By merging the two organizations, I think that a top of the line desktop and server product could be released and marketed to the United States in a very aggressive manner.  I think Canonical has marketing and sales outside the United States down quite well.

Something to ponder anyway.

Another track to take would be a merger of Linspire and Xandros. Both have patent covenant deals with Microsoft. One produces a desktop product and one produces a server product. Hmmm…… now that actually could be quite interesting. It would really give Novell and RedHat a run for the money. Especially with the recent interop work that is being done. Debian based distros need in on that too!

Last night I was downloading Windows 2008 to setup a domain controller on my laptop for use at  my UUASC talk. 

Anywho while downloading that, I decided to take a shot at installing SCE. It was a painful experience.

Problem 1) No indication or check that I needed .NET 3.0. However it did tell me I needed msxml6.0 and prompted me to install it. Microsoft why didn’t you do the same thing for the .NET requirement???? Ugh. So I had to locate and install .NET 3.0. Easy enough to do, but it should have been integrated with the installer.

Problem 2) I get a 404 when clicking on Full Setup from the autorun screen. However if I wait a minute or so the installer pops up. This happens with both the installer of the CD from my Action Pack subscription and the eval version of SCE downloaded from microsoft.com/sce….

Actually this problem appears to have gone away now. Interesting. It was there last night when I attempted the install…. 

Problem 3) No check for SQL prerequistes. See this screenshot of the SQL selection screen. Why the installer didn’t tell me I would need a local SQL reporting instance before I got here I don’t know. Oh wait…. bad release engineering on Microsofts part. 

So I will now remeidate that issue and attempt to push forward.

Phase one of the Known Element product launch consisits of the front most part of a web stack:

1) A highly available pair of servers providing load balancing and router/firewall services.
2) A highly available pair of Apache servers.
3) A highly available pair of configuration management servers. 

All of the above will be provided as virtual machines. 

I plan to release the VMs sometime on Saturday September 22nd. They will also be made available at my UUASC talk on October 4th. 

I also plan to release a pair of OpenVPN virtual machines that:

1) Are highly available
2) Provide road warrior and site to site VPN functionality
3) Authenticate to Active Directory
4) Provide one time password authentication.

on Sunday September 30th. 

I have just launched a new website and company. A for profit entity called Known Element.  You can find out more by visiting http://www.knownelement.com

I will be releasing the VPN virtual machines as part of the Known Element product suite. 
 

Here are some notes and documentation on what I did to setup the Linux Virtual Server (LVS) virtual machine:

1) Installed Ubuntu Feisty 7.04 server edition. I used the guided partitioning with LVM option.
2) Modified sources.list to my liking.
3) Installed the build essential meta package and kernel headers.
4) Installed vmware tools.
5) Rebooted
6) Installed the LVS user land tools following this howto. However when doing that I noticed the generic kernel doesn’t include LVS kernel support. So I installed the server kernel.
7) Removed unnecessary packages from the virtual machine.

So I have decided to combine the router and load balancer functionality onto one virtual machine. I am getting that machine setup now. Hopefully I will be able to release the finished virtual machine/router VM by end of week.

So on to my big September project.

My plan of attack for setting up a VPN is as follows:

Dev environment (on my laptop using host only networking and also real IP addresses):

0) Setup a router vm that has a host only network adapter and a real IP address. This will be the bridge into my VPN DMZ.

The VPN DMZ will consist of the following:

1) Setup a linux virtual server load balancer. (dev-vpn will be the virtual dns name and dev-vpnbal will be the dns name of the machine itself).

2) Setup a puppet server to serve out configuration files to VPN nodes.

3) Setup 2 nodes behind it. (dev-vpn01 dev-vpn02)

3a) Setup apache as a shared service (using heartbeat and drbd). Why apache? Two reasons
       1) I have wanted to setup a shared apache instance for a while and this gives me an excuse to do that.
       2) Its a fairly simple service to setup and excellent howtos exist on creating a shared version of apache.
This will get me familiar with drbd and heartbeat, so I don’t have to spend time dealing with those while setting up openvpn.

3b) Setup 2 Windows 2003 Nodes  to serve as active directory/dns servers in an active/passive cluster.

4) Configure the vpn nodes to authenticate to Active Directory.
5) Setup Wikid one time password (OTP) system ( http://www.wikidsystems.net/ ).

Once all that foundational work is out of the way then

5) Install openvpn on dev-vpn01 and configure it to authenticate to Wikid which will use Active Directory as its back end.

6) Setup a Linux VM  with a production network IP address. This is what clients will be able to access once they authenticate to the VPN.

Well I think thats it.

I will probably setup the production version of this next month. I am only focusing on the development version this month.