Extra Pepperoni

Molly Mae and the latest iteration of her disapproval played Pianos again, with new guitarist Peter Goodrich and guest Chevonne on vocals & keyboards. The Micks opened. Interestingly I hear Peter's guitar more clearly in the video.

Photos (including The Micks)

Videos

1. Good Lookin'
2. I Wanna Have Your Baby
3. Social Worker
4. Pinup Girl
5. Cancao Brasileira
6. Garter Belt, by Chevonne
7. Stop Stealing My Shit

Users of our Isilon clusters need basic status information, so every 10 minutes our clusters run status.sh per /etc/mcp/templates/crontab. This provides a variety of useful information to users with access to the Isilon shared filesystem, and no need to provide shell access to the cluster nodes or remember the command syntax.

We now need to run some large/slow jobs, so I wanted a list of nodes in least-busy order. Obviously Isilon tracks this so SmartConnect can send connections to the least loaded node when using the "CPU Usage" connection policy, but it's not available to user scripts. The pipeline to provide a list of nodes sorted by lowest utilization to highest is applicable to all clusters, though -- just swap in the appropriate local cluster-wide execution command for isi_for_array.

status.sh

#!/bin/sh
# Record basic cluster health information

PREFIX=/ifs/x/common/cluster/status

isi status                   > $PREFIX/status.log
isi status -q -d             > $PREFIX/pool.log
isi job status -v            > $PREFIX/job.log
isi quota list               > $PREFIX/quota.log
isi quota list|grep -v :|grep -v default- > $PREFIX/quota-short.log
isi snapshot list -l         > $PREFIX/snapshot.log
isi snapshot usage | tail -1 > $PREFIX/snapshot-total.log
isi sync policy report | tail> $PREFIX/synciq.log
isi_for_array -s uptime      > $PREFIX/uptime.log
isi_for_array uptime | tr -d :, | awk '{print $12, $1}' | sort -n | awk '{print $2}' > $PREFIX/ordered-nodes.txt

Normally, the first time you ssh to a new server, OpenSSH asks for permission to store the server's hostname (and IP) along with its unique ssh hostkey in ~/.ssh/known_hosts. Then if the hostkey ever changes, either because the machine was rebuilt or because you're connected to a different machine (as would be the case if someone intercepted your connection, for instance...), OpenSSH complains loudly that something is hinky:

pepper@teriyaki:~$ ssh cluster uname -a
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The DSA host key for cluster has changed,
and the key for the corresponding IP address 10.0.10.124
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the DSA host key has just been changed.
The fingerprint for the DSA key sent by the remote host is
f7:b0:d4:11:2c:6c:ec:be:96:f0:88:71:d9:26:20:0c.
Please contact your system administrator.
Add correct host key in /Users/pepper/.ssh/known_hosts to get rid of this message.
Offending key in /Users/pepper/.ssh/known_hosts:81
DSA host key for cluster has changed and you have requested strict checking.
Host key verification failed.

This is a nuisance with high-availability (HA) clusters, where multiple nodes may share a single hostname and IP. The first time you connect to a shared IP everything works and you store the hostkey for whichever node accepted your connection. Then it may continue to work for a long time, if you keep connecting to the same node. But when you get a different node at that IP, OpenSSH detects it's a different machine (hostkey), and either the connection fails (if it's non-interactive) or you get the scary warning (if it's interactive). To avoid this, the convention is to ssh directly into individual nodes for administration.

But some of our sequencers use rsync-over-ssh to export data to our Isilon storage clusters, so we had a problem. If we configured them to connect to the VIP (like NFS clients), things would break when they connected to different nodes. But if we configured them to connect to individual nodes, we'd lose failover -- if any Isilon node went down, all of 'its' clients would stop transferring data until it came back up.

I briefly considered synchronizing the ssh hostkeys between nodes, to avoid the hostkey errors, but this is poor security -- if each node has the same hostkey, it's easy for any node to eavesdrop on connections to all its peers with the same hostkey, and changing keys is disruptive.

Fortunately the OpenSSH developers are way ahead of me. If the hostkey is already on file as valid for a known host -- even if there are other conflicting keys on file for the same host -- OpenSSH accepts it.

To set this up, just ssh to each node, then append the cluster hostname and IPs to their entries in ~/.ssh/known_hosts or /etc/ssh/ssh_known_hosts.

cluster-1,10.0.10.101,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-2,10.0.10.102,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-3,10.0.10.103,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-4,10.0.10.104,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...

Bjorn and I met up at the Mermaid Parade this year. We met a couple of Bjorn's friends, who met some more of their friends, who met and made more friends -- it was a social snowball. Mariah & Danielle looked great, so people kept stopping them to take their picture, or to have pictures taken with them -- including the Sea Rabbit and its human creator.

The whole thing felt very much like part of a Brooklyn continuum. We saw crazy colorful animal dude again -- Bjorn & Mariah see him around Manhattan, and I saw both last week and last year at Brooklyn Pride. And the lime green Charger reappeared the next day on 7th Ave, in the 7th Avenue Street Fair.

I took 941 photos (a personal record) and whittled them down to 281 at Flickr.

• More Flickr photos
• Google Images

I went to Jalopy again to see Robin Aigner. Unfortunately her site had the wrong time, so I showed up a couple hours early, came back home, and went back again! The show was a benefit for the Music Maker Relief Fund, put on by The Whistlin' Wolves (who joined most of the performances, along with David Bennet Cohen on piano).

It was funny to hear Old Plank Road performed by someone other than The Magpie, although I heard Benjoya mentioned a few times. I sat next to Sheriff Uncle Bob and recognize he was dressed for the evening from his sheriff's star (and tie with more stars), but didn't realize until he went onstage that he was a performer.

I took some photos.

Videos

• The Whistlin' Wolves, with David Bennet Cohen
  1. Way down the Old Plank Road
  2. Bucket's Got a Hole in it
  3. Likes Likker Better Than Me
  4. Pass around the Bottle
  5. Wine with Dinner
• Memphis Minda & Banjo Dan, with Mark
  1. Quiet Whiskey
  2. Good Liquor
• The Birdhive Boys
  1. Hot Corn Cold Corn
  2. Drunkard's Hiccups
  3. Dooley
• Doug Hatt, with The Whistlin' Wolves & David Bennet Cohen
  1. It Won't Hurt
  2. Tell Me Baby Why You Been Gone So Long
• Sheriff Uncle Bob, with The Whistlin' Wolves & David Bennet Cohen
  1. Cigareets
  2. Rocks off
  3. Willin'
• Robin Aigner, with The Whistlin' Wolves & David Bennet Cohen
  1. Bootleggers Blues
  2. Was I
  3. Raleigh & Spencer
• Rachel Zevita, with The Whistlin' Wolves & David Bennet Cohen
  1. Danny Boy
  2. Another Irish Drinking Song ...

Freddy's Bar has reopened in a new location. The new place is larger and nicer, although they still need to sort some things out -- staff kept walking through the stage during the performances. To celebrate the occasion, Freddy's hosted 3 bands on opening night: The Magpie, Brute Force, and Les Sans Culottes. Josh and I were there to see Gavin play in both The Magpie and Les Sans Culottes.

Many folks were snapping away with DSLRs and phones, and one fellow had a serious looking video camera, on a tripod, atop a raised platform. Fortunately for us all, Freddy's had the lights on.

Photos

Magpie

1. Biguine/Biguine
2. Cormaine
3. Copra Luca
4. If You Want to Know Who We Are
5. March Hora
6. Old Plank Road
7. Tania
8. Mineola Rag
9. Mysteriouse
10. D Minor Bulgar

Brute Force

I didn't take any video of Brute Force.

Les Sans Culottes

1. Magic Baguette
2. Monsters from the Id
3. Sur la Plage
4. Allo Allo
5. Je Suis Content
6. Gangsteur*
7. Jour du Velo
8. Boots
9. F.U.C. Something
10. Chaussures
11. Hot Bird
12. Le Biz
13. Sartre & the Lobster*
14. Ou Est ou Est*
15. SOS Elefants
16. Telefon Douche

LSC Encore

1. Shuba Duba Luba
2. ???
3. Ecole du Merde (for Virpi)

*: written by Gavin

I got a Sony video camera to take video of Julia, but an 8+ year old video camera is useless -- both the iPhone and the Canon Rebel T1i take better (and higher resolution) video, but the iPhone has no zoom and neither has high-quality audio. I have been filming and photographing friends' bands for a while now, and am getting a bit more serious about it. Unfortunately, musicians are allergic to light, so it's always an adverse environment for any kind of camera. It was time to find a video camera that can handle low light, with good/flexible audio.

I looked into Panasonic cameras briefly, but they're in the middle of updating their whole lineup, so their new models aren't available yet, and they don't have information on the old (discontinued) models online. After a great deal of searching, reading, comparing, and pondering, I decided on the Canon Vixia HF S20.

Features

• According to most reports it works relatively well in low light.
• It has a 3.5mm stereo mic jack.
• It has Canon's Mini Advanced Shoe
  • The shoe supports Canon's Directional Stereo Microphone DM-100.
  • It also also supports a 5.1 (surround sound) mic and larger lights, although I don't expect to use either.
• 1080i (1920*1080) resolution, at 60 fields per second.
• In "PF30" mode the camera produces 30p video, which is what I want for iMovie. Many other cameras cannot handle this, although iMovie 11 is less picky about what footage it can handle. PF24 (recorded at 24p) appears fine as well.
• Still photography up to 3264*2456 (16:9, in video mode) or 3264*1840 (4:3, in still mode).
• 32gb flash onboard.
• 2 SDHC slots. I have a firmware file that should upgrade to SDXC (different filesystem with the same physical characteristics, for cards of 64gb and larger), but haven't tried it -- I don't have any SDXC media to test against. The camera does have a "Relay Recording" mode so video can overflow from onboard to slot A and then slot B, although I may never need this. I might not even use the onboard flash memory if my iMac's SD(HC) slot is much faster than the camera's USB port.
  • To import directly from SD cards (should be faster, and enables the camera to charge simultaneously), connect it to a flash reader, launch iMovie, choose Import from Camera..., and select the SD reader (my iMac's is called "Apple Internal Memory Card Reader" from the Camera: popup
• 10x zoom -- less than some other cameras but still quite useful.
• Popup flash/video light. Handy, although I'm not sure if this will ever be useful.

I used the S20 at a very dark show with the DM-100, and got usable (though decidedly grainy) video with clear sound.

Numbers

• The included Canon BP-808 battery is rated at 55 minutes.
• I bought a BP-819 with twice the capacity, rated at 105 minutes.
• The S20 includes 32gb RAM, sufficient for 175 minutes of MXP (24mbps, 1920*1080) video.

Problems

• The battery is frankly puny -- at highest quality, the built-in flash lasts more than 3 times as long as the puny battery. With the BP-819 as well, though, I should be able to record for 3 hours -- enough for any normal concert. For long events, I might need to bring the AC adaptor and plug the camera in. Unfortunately the camera can either run off AC current or charge the battery, but not both.
• The S20 is overly complicated. It has 5 main modes:
  1. Dual Shot -- automatic mode, with both video and stills available, but no menu access at all.
  2. Video recording
  3. Photography
  4. Video playback
  5. Photo playback
• Unfortunately Dual Shot mode does not allow overriding most of the defaults. This includes 60i frame rate (rather than the 30p or 24p I'd prefer), and won't even let me hide most of the onscreen status indicators.
• Each menu command is linked to one or more non-auto modes. So to review all the settings, you must work through 3 menus in each of 4 modes.
• The playback modes require choosing either photos or videos from one of the 3 possible sources (onboard flash, flash A, or flash B).
• The menus are needlessly complicated. For example, when I'm shooting in "Dual Shot" mode, the steps to delete all photos from flash B are (this is different than the procedure to completely initialize flash B):
  1. Push the Camera/Review button.
  2. Push the Swap Playback(??) button (play arrow on 2 rectangles, surrounded by 2 curving arrows).
  3. Push B.
  4. Push Photos.
  5. Push Checkmark.
  6. Push Select All.
  7. Push Edit.
  8. Push Delete.
  9. Push Yes.
  10. (Wait for deletion.)
  11. Push OK.
  12. To shoot again, push Camera/Review again.
• The touchscreen is not very sensitive. This was very annoying before I got used to it, but even now not all my presses register, and I worry about joggling the camera if I use the onscreen controls while filming.
• No lens cap! Stupid! I cannot just throw a glass lens (or even a glass filter) in a bag and let it get scratched with every jostle. Fortunately it's 58mm, so finding caps isn't difficult, but I'm not about to pay $9 to Canon for a piece of plastic that should have been in the box anyway.
• The dedicated low light mode is odd. It makes everything very blurry, as if it's using double-length exposures for pairs of frames. Not usable with any kind of motion. If I wanted to capture a still as video, it might serve, but the still camera would make more sense there.
• The camera doesn't appear to work for streaming to a computer -- it only recognizes USB in 'playback' modes, not 'shooting' (recording) modes. This is a pity, as it means it can't work with iChat. I have a built-in iSight, but if I ever wanted to potcast, a better camera that isn't fixed into the monitor might be useful.
• No viewfinder. This is a negative, but one I'm comfortable with. Canon's S21 adds a viewfinder and bumps the onboard RAM from 32gb to 64gb, but these are not worth an additional $235.

Conclusion

All things considered, I am happy with the camera. The touchscreen isn't very good and the menus are downright lousy, but I am able to mostly ignore them now that it's set up. I would have liked something simpler, but to get the odd combination of features I wanted, I needed a higher end and more complicated camera. Fortunately I can simply ignore most of the irrelevant capabilities (Direct burning of DVDs, onboard editing & effects, playlists, onboard creation of SD video from HD footage, etc.).

We got back as the much-anticipated blizzard was beginning. It snowed all afternoon and plenty stuck. Lots of shoveling!

Today I racked a 1U Avocent LCD tray with 16-port IP-accessible KVM switch (ECS17KMM16-001). What a fiasco! We got it last week, but it took me several days and 3 phone calls before I was told to just ignore the bad spots in the documentation and work around them.

Website

• The Avocent Tech Support website requires registration, but doesn't let me register in Safari/Mac.
• In Firefox/Mac, I apparently completed the registration process. Not sure because I just got a blank screen, and I am now unable to login.
• The Services & Support area of avocent.com doesn't include manuals. I registered thinking they were behind that, but it turns out manuals are public -- just hidden under Resources.
• Their explanation of password criteria is wrong -- it's alphanumeric, not alphabetical:

The password must be 5-16 characters and contain alphabetical characters of mixed case and at least one number.

Documentation

• It is impossible to find manuals by part number. Our "ECS17KMM16" LCD/KVM is not visible until "LCD Tray" is selected.
• For some reason, there are 3 installation PDFs for our ECS on the website. The one for the LCD Tray doesn't mention the AutoView module at all, and the components have different part and serial numbers. This causes confusion with Avocent Tech Support, as they never seem to be able to find the first model & serial number I provide. They do not mention each other, even to say which steps must occur first and which last.
  • ECS17KMM(8/16) KVM Quick Install Guide (Update)
  • ECS17KMM(8/16) Quick Installation Guide
  • ECS17KMM; ECS17KMM(8/16) LCD Quick Install Guide
  • None of these, unfortunately, actually tells me how to use our new AutoView switch.

LCD Tray

• The tray has a part number, a model number, and a serial number. The KVM switch has its own part and serial numbers. The KVM numbers are apparently useless to Avocent Technical Support, and they weren't able to look up the tray serial number either.
• The installation instructions mention the notched ends go to the rear, but the photo doesn't show notches.
• The LCD Tray instructions leave out a required cage nut, required to install the "Cable Channel". After I had racked the tray, I realized I would need to remove it and one of the rails to install this cage nut. But see below.
• The instructions are quite insistent about using the "Spacer" (with warnings that things will break and fall apart otherwise), but do not identify what it actually looks like. The drawing of the spacer has no detail and doesn't match anything in the package. I found an otherwise apparently useless metal bar, but it did not fit as described or pictured.
• The CMA (cable mounting arm) instructions say to remove and discard a screw from one of the slides, but not that it must be the right side, or that the screw is actually required to attach the CMA.

Push the LCD Tray into the rack, and then tighten the four rear slide-rail bracket screws. Remove the rail-adjustment screw that is closest to the rear of the rack from the outer slide-rail bracket and discard. Loosen the Velcro® straps on the cable retractor to allow free and smooth movement of the cable retractor arm. Align the cable-management arm (CMA) to the outer slide-rail bracket, and use the removed screw to attach the CMA.

AutoView 1016

• The display is vertically truncated. This happens both when connected through the LCD tray (which does not allow me to vertically compress the display to fit, only to choose whether I want to see the top or bottom of the display) and via TCP/IP.
• After I followed the LCD Tray instructions to install the rails, I discovered the AutoView requires an additional 2 cage nuts which are not mentioned (one is required for cable management even without the AutoView). I had to remove the tray, remove both rails, and add 2 more cage nuts for the AutoView to attach to. At least I didn't install the rails & tray, remove the tray and a rail, install the non-AutoView Cable Channel, install the tray a second time, and then discover I had to remove everything again.
• There is mention of adjusting the front and back rails to fit the LCD Tray, but none of the fact that they must actually be adjusted to fit the AutoView switch -- which did not fit after I had adjusted the rear rails for the LCD Tray.
• The AutoView's mounting flanges protrude several inches behind the rack flanges, which required me to remove an entire PDU to install the AutoView. This was only possible because it's a new rack.
• The first step of 590-1012-501A is missing entirely -- removal of 2 silver screws from each side of the AutoView.
• The first step pictured in 590-1012-501A is wrong. It shows attachment of 3 screws per side, but there are only 2 screw holes. I thought I had the wrong parts, but was eventually told this is apparently just a documentation error.
• I was unable to find usage instructions for the AutoView in the package.
• Password criteria are too restrictive. Basic punctuation should be allowed. We had to create yet another unique password just for this KVM, because it wouldn't accept the correct password.

The bright side

• It looks like Avocent has recently decided all KVMs sold in the US should be IP accessible. Good move!

Dances of Vice is apparently a series of shows in NYC. This was their second http://dancesofvice.com/phantasmagorey.html event. The show started with the Ghost Train Orchestra (quite good), then a bunch of dance/performance numbers, an audience "fashion show" decided by trivia questions, and finally a fashion show by Purevile.

I got some video of the orchestra and a dance number:

• medium
• large
• 720p