Google Checkout API - phpmycheckout

I'm currently in the process of implementing the Google checkout system. I could just take the easy route and use the standard HTML button and be on my way. There are 2 ways to use the HTML button version and both are pretty simple. The first one is just simple form with hidden vars describing your product, qty and price. The second way is a little bit more complex. I use PHP so here a sample of the code I used to throw it together. The sample below uses the phpgcheckout classes from http://www.phpgcheckout.com/. I simply copied the files from phpgcheckout up to the server and included the config.php file.

-------------------------------------------------------
$key = 'Wpkdo4dlsorlf03l94kd';
$merchant_id = '1180294430430239';
$cart = new gCart($merchant_id,$key);
$cart->addItem('My Product title', 'My Product description, '1', '12.99');
$xml = $cart->getCart();
$hmac = CalcHmacSha1($xml,$key);
$cartxml = base64_encode($xml);
?>

<form method="POST" 
action="https://sandbox.google.com/checkout
           /cws/v2/Merchant/
<?php echo $merchant_id; ?>/checkoutForm">
 <input type="hidden" name="cart"
  value="<?php echo $cartxml; ?>">
  <input type="hidden" name="signature"
  value="<?php echo $hmac; ?>">
<input type="image" name="Google Checkout" 
   alt="Fast checkout through Google"
  src="http://sandbox.google.com/checkout/buttons/checkout.gif?merchant_id=
  <?php echo $merchant_id; ?>
  &w=180&h=46&style=white&variant=text&loc=en_US"  height="46" 
width="180">  </form>
-------------------------------------------------------

As you can see, this is just an excerpt of the cart I built in php (php5) using some of phpgcheckout's code. This isn't that difficult to do.. but there's one problem, I don't get anything back from google to tell me the order processed successfully. My current project requires I create a user account to access a training program after the card is charged. Supposedly this can be done through the google checkout API and I think I'm about half way there. But to be honest, Google's documentation SUCKS and they don't have a full set of sample code for php5. You would think Google would be a step up on the game in this area...?

Upgrade VMware ESX 3.0.1 to ESX 3.0.2

Pretty easy & smooth process to upgrade from VMware Infrastructure ESX 3.0.1 to VMware ESX 3.0.2. Since I'm running my systems off a SAN and using VMWare vmotion all I needed to do was put my first ESX server in maintenance mode and shut it down. This automatically moved all my running VM's via vmotion over to the other ESX server. I then put in the 3.0.2 install / upgrade CD and booted from it. CD Upgrade went pretty quickly, approx 10 minutes and then rebooted the system. After reboot my Virtual Center picked the system with no problems and I turned on a test machine to make sure it was working ok. I then moved over a couple production VM's without problems.

Since the upgrade appeared to work just fine I repeated the process on my second ESX server.

There are multiple accounts with name cifs/102-PC12.domain.edu of type DS_SERVICE_PRINCIPAL_NAME

I've been having the following error logging on my domain controllers about every hour for quite some time now and finally got around to drilling down to figure it out.

Type: Error
Event: 11
Date Time: 8/29/2007 7:46:33 AM
Source: KDC
ComputerName: DC2
Category: None
User: N/A
Description: There are multiple accounts with name cifs/102-PC12.domain.edu of type DS_SERVICE_PRINCIPAL_NAME.

After a little research and lots of luck... I decided to use ldp.exe to do a quick search of the (serivceprincipal=*.102-PC12.domain.edu). What do you know... it came up with 2 accounts sharing that name. I quickly found the one that was a problem and deleted it. It turns out somebody put an image on a few machines without first pulling the source from the domain... not a good idea.

Student Kiosks

We've recently expanded our Student Kiosks from 4 to 9 kiosks around campus. These are custom Kiosks I designed and used our University Fab Shop / Paint Shop to create for us. They use a 19" LCD and a stadard desktop computer with an add on wireless card and wifi extender antenna to get better reception. Systems are really just setup for quick internet / email / registration info for students.

The kiosks have been very popular and according to our domain stats from last year, the 4 kiosks we had in place averaged 30 unique logins each per hour during normal business hours, higher than any other student stations on campus.

NetApp 3050c upgrade of DataOnTap 7.0.5 to DataOnTap 7.2.3

Performing a non-disruptive upgrade of our Network Appliance FAS 3050c (clustered filer configuration)

One of the benefits of having the clustered filers (FAS3050c) is that I can, in most cases, perform a system upgrade without having to disrupt services running on either system. The process is a little complex but well worth the payoff as in our environment I literally have thousands of students connecting to the storage at a time. Below is a slightly modified version of my notes from the upgrade (use at your own risk). I followed the directions from NetApp's upgrade guide. Although, I will note that their directions were not exact. I had differing outputs from commands at times which made me a little nervous. All in all the upgrade went pretty smooth and the systems have been running solid since.

Download from now.netapp.com under Download Software – DataOnTap – FAS 3050c

• new Shelf Firmware from now.netapp.com (all shelf firmware updates)
• new Disk Firmware from now.netapp.com (all disk firmware updates)
• newest release of Filer Firmware CFE 3.1
• newest GA Release of DataOnTap 7.2.3
• docs for DataOnTap 7.2.3

Copied and Made backups of files

• Mounted \\filerA\c$
• Mounted \\filerB\c$
• Made of backup of c$\etc\ folder on both systems (minus log files)
  - Copy to c$\backup\etc_8-24-2007
• From shelf zip file to the etc\shelf_fw on the both filerA and filerB
• From shelf zip file to the etc\shelf_fw on the both filerA and filerA
• From disk zip file to the etc\disk_fw on the both filerA and filerB
• From disk zip file to the etc\disk_fw on the both filerA and filerA

Shelf Firmware

• Login to the appliance console.
• Check current shelf firmware version ( > sysconfig -v )
  
• Enter Advanced privileges ( > priv set advanced )
  
• Start the update ( > storage download shelf )
  - This will upgrade the shelf firmware on all the disk shelves in the system. (If you wish to only update the disk shelves attached to a specific adapter, enter storage download shelf adapter_number instead).
• Accept the update, Press y for yes and hit enter.
• To verify the new shelf firmware, ( > sysconfig -v )
  
• Exit Advanced privlieges ( > priv set admin )

Disk Firmware

Disk firmware is automatically updated on reboot if there are updated files in the disk_fw folder. To keep the system from updating too many disks at once set or verify the following option.

• ( > options raid.background_disk_fw_update.enable)
  - if it is set to off, I recommend you change it to on
  

DataOnTap Update

1. Downloaded the newest General Deployment Release, in this case it was Data ONTAP 7.2.3.
2. Verified our system met all requirements for running the downloaded release, updates were required for Disk firmware and shelf firmware (which was done above)
3. Checked known problems and limitations of the new release to see if any would affect our environment. No potential problems found.
4. Compared bug fixes from current version of OnTap 7.0.5 to new version of 7.2.3. There were many bug fixes that could potentially effect our environment which makes the upgrade needed.
5. Downloaded newest documentation for 7.2.3

Update Procedure

With C$ mapped on both filers I ran the downloaded OS install (self extracting zip files) to the respective \etc directories. This is the first step and copies all the needed files over to the filers. Once completed, we preforme the procedure below from the NOW upgrade guide for Windows Clients.

1. start the install on both systems ( > download )
   
2. Checked the cluster status ( > cf status ) to make sure cluster failover was enabled
3. Had filerB takeover services for filerA ( > cf takeover )
   - This causes filerA to reboot
   
4. During reboot of filerA hit ( ctrl-c ) to enter into maintenance mode
5. From maintenance mode type ( > halt ) to do a full reboot
6. Hit ( del ) during memory test to get to the CFE prompt
7. start the firmware update of the filer from the CFE> prompt using ( CFE> update_flash )
   
8. Now reboot, type ( bye ) at console after update was finished to reboot filerA
9. filerA is now in a …waiting for giveback state
10. Now to give services back to filerA we have to force it using ( > cf giveback –f ) from filerB
    - This is required since we are now on different version of DataOnTap between systems in the cluster.
    
11. Giveback successful, checked firmeware and os version on filerA using ( > sysconfig –v )
12. After checking services on both systems it's time to upgrade filerB
    
13. Have filerA take over the services of filerB ( > cf takeover –n )
    
14. Type ( > halt ) from filerB to reboot it
    
15. During reboot of filerB hit ( ctrl-c ) to enter into maintenance mode
16. From maintenance mode type ( > halt ) to do a full reboot
17. Hit ( del ) during memory test to get to the CFE prompt
18. start the firmware update of the filer from the CFE> prompt using ( CFE> update_flash )
    
19. Typed ( bye ) at console after update was finished to reboot filerB
20. filerB is now in a …waiting for giveback state
21. Now to give services back to filerB we have to force it using ( > cf giveback –f ) from filerA
    - This is required since we are now on different version of DataOnTap between systems in the cluster.
22. Giveback successful, checked firmeware and os version on filerB using ( > sysconfig –v )
1. Both systems should now show the updated firmware and OnTap version 7.2.3


23. You should also notice that any out of date disk firmware is automatically updated. In my case I went from NA07 to NA08 on many of the disks.

My final steps were to test system connections

1. We use the following NetApp services: CIFS, FTP, HTTP, FCP via VMWARE. All worked fine. I Also checked our student websites and our web based FTP software that connects to the filer.
2. Checked Domain connection using cifs testdc ( filerA> cifs testdc )
   - appeared fine

Filer Panic - NetApp FAS 3050c cluster mode

Filer Panic - NetApp FAS 3050c cluster mode

I recently encountered a panic of one of my filers. I run (2) FAS 3050c NetApp filers in a clustered configuration. Here's what happened. One of the guys in the server room (to remain nameless) was messing around behind the server rack and somehow broke one of my fiber cables connecting filerB to it's disk shelves (the shelves I run as my san that VMWare ESX is connected to). No biggie, filerA quickly noticed the outage and picked up services for filerB. I got notice from autosupport about the outage and was quickly in the server room to check it out. After going through filerB back and forth and checking connections I attempted to run a ( cf giveback ) from filerA to give filerB it's services back. filerB didn't like it and quickly threw the services back to filerA. This got me worried.

So i called NetApp support, who by the way already had a case opened up because of the failover that had happened. After a couple hours on with support we decided it was either a faulty ESH2 module, a faulty cable, or something else (like a bad disk not reporting itself as bad in the loop). So NetApp sent out some parts, 3 new drives, a new cable and 2 ESH2 modules. (Now I'm glad I have the hardware warrenty).

I get the parts the next day and get everything replaced. Again, everything looks to be normal but when checking the disk / shelf status with a ( > fcadmin device_map ) from within maintenance mode we noticed the filer was not recognizing the shelf's in it's loop but services were still running fine from filerA. (see below) At this point we decided we need to wait until I can take the entire system (both head units in the cluster) down so we can do an invasive test to see what piece of hardware is having the problem. Also, running an ( > aggr status -r ) showed me the filer thought all the disks in the shelf had failed.

> *> fcadmin device_map
Loop Map for channel 0a:
Translated Map: Port Count 24
7 29 28 27 25 26 23 22 21 20 16 19 18 17 24 39 38 37 36 32 35 34 33 40
Shelf mapping:

Shelf Unknown: 16 17 18 19 20 21 22 23 24 25 26 27 28 29 32 33 34 35 36 37 38 39 40

Loop Map for channel 0b:
Translated Map: Port Count 17
7 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
Shelf mapping:
Shelf Unknown: 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

Chuck at NetApp support recommends I first try just powering off the systems, then powering off the shelves and letting them sit for a couple minutes. (I first had to shut down all my VM's running the from the SAN and shutdown all services running on both systems... with thousands of users this was a pain). He then has me power on the shelves, let them fully come up and then power on filerB by itself into maintenance mode. We again run the ( > fcadmin device_map ) (see below) and now the filer is seeing it's shelves. Apparently there is a bug with the shelf firmware version I am on (just one version back) that causes certain panics to stay in memory. Hence, our problem.

> *> fcadmin device_map
Loop Map for channel 0a:
Loop Map for channel 0a:
7 29 28 27 25 26 23 22 21 20 16 19 18 17 24 39 38 37 36 32 35 34 33 40
Shelf mapping:
Shelf 1: 29 28 27 26 25 24 23 22 21 20 19 18 17 16

Shelf 2: XXX XXX XXX XXX XXX 40 39 38 37 36 35 34 33 32

Loop Map for channel 0b:
Translated Map: Port Count 17
7 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
Shelf mapping:
Shelf 1: 29 28 27 26 25 24 23 22 21 20 19 18 17 16

Target SES devices on this loop:
Shelf 1: 14 15

I now shut filerB back down, bring up filerA (which is still running service for both systems) and then bring filerB up. filerB comes up in a ...waiting for giveback state. I issue a ( > cf giveback ) from filerA and filerB takes back it's services. Were back up and running.

NetApp recommended I upgrade the firmware as soon as possible and noted that the power cycle of the shelf is a temporary fix to the memory issue.

Defensive Googling: Using google to see if your site has been hacked.

Found this on isc.sans.org

Using some keywords with a Google search you can pretty quickly find some embarrassing content that may have been added to your site by a hacker.

A couple quick searches like this may come up with all sorts of stuff:

This is an example of searching University Sites for cialis or viagra. Look how many of them have been hacked. Click here to see it in action.
site:.edu (cialis OR viagra) buy

Here are some other examples given by ISC:
site:myorg.org porn
site:mygov.gov cialis buy

OT: Bicycle commuting - Fuji Newest 2.0

Just got a new road bike for my small 10 mile commute to work... actually my wife got it for me as a surprise birthday gift. :) My wife is RAD!

What a huge upgrade. about 7lbs lighter than my old borrowed Centurion 12 speed I've been using this summer. Plus she added some triathlon bars that really help with the wrists, especially after sitting on the computer for 10hrs. I only ride about 40 - 60 miles a week, but for a newbie commuter this bike is great. Even took the kids out over the weekend and pulled them in the bike trailer with no problems. (I have a little 2 seater in-step - about 45lbs with the kids). The gearing allowed me to pull a pretty steep hill with little effort. The adjustable stem gave me the option to add a little height to the bars for some extra comfort.

Only think I need now is to go pick up some clipless pedals.

Mac vs PC

This made me laugh... Give the guy his red stapler and let him out of the building quietly.

Here's my VMware ESX 3 Server Patch Process

Download Patches:

• Find new patches from VMWARE.com -> Downloads -> ESX 3.X.X
  ( only download patches for current version of ESX Server )
• Download all Patches available for current version
• Using WinSCP upload all patches to /tmp on esx server

Create List of updates and order to be applied:

Create a text file installorder.txt in the /tmp folder with the order to install patches. Install them in order by release date from oldest to newest. Add files in order to be installed from top to bottom with the patch names (without the .tgz at the end)

cd /tmp
vi installorder.txt

--------------------------------------

ESX-5140477
ESX-5095559
ESX-4825991

--------------------------------------

Create the following shell script:

cd /tmp
vi esxpatches.sh

--------------------------------------
!#/bin/sh
# ESX Patch Script
for x in `cat installorder.txt`
do
tar -zxvf $x.tgz
cd ./$x
esxupdate -n update
cd ..
done
--------------------------------------

Set permissions on the shell script

chmod /tmp/esxpatches.sh 777

Using the Virtual Infrastructure Client:

• Move all VM’s to ESX Server you are not patching.
• Put the ESX Server in Maintenance Mode.

Run the patch update script

./esxpatches.sh

Using the Virtual Infrastructure Client:

• Reboot newly patched VMWare ESX Server
• Exit Maintenance Mode
• Slowly Move VM’s back to newly patched ESX Server

Outlook Multiple Instances

Outlook Multiple Instances...Isn't this great...my Outlook (2003) continues to open new instances of itself. Very strange behavior that causes duplicate emails to come down. And better yet... to only way to close it is to end the process... which requires my pst files be checked when I re-open.

This screenshot was taken after having MS Outlook open for only a couple hours.



I hope my upgrade to Outlook 2007 fixes this problem.

Password Utility

I've actually been using this little utility for quite a while now... but was recently reminded of how much I depend on it. I have so many passwords to remember I can never remember which username goes with what password. Anyway, Access Manager 2 (http://www.accessmanager.co.uk/) is a great little program that keeps all your passwords in one, simple to use list and offerers superior protection. Access Manager uses dual encryption that includes both 'Blowfish' and 'Rijndael' with 256 bits each.

Best of all Access Manager is FREE for personal, non-commercial use.

Flash Video & FLVMDI (Meta Data Injector)

Recently found this great little utility that injects extra metadata into flash video files (.flv).

Two of these meta data features I can't belive that Macromedia or Sorenson doesn't include it by default. The first one is the keyframe markers. You can use the /k switch to add 'keyframes' object to the metadata. The second feature is an onLastSecond tag that gives you an event when the video is finished. This is very handy as the infoObject.code == "NetStream.Play.Stop" and the infoObject.code == "NetStream.Buffer.Empty" doesn't always work reliably.

--------------------------------------------------------------------
netStream.onLastSecond = function(infoObject) {
// video is done playing.
_root.gotoAndPlay(_root._currentframe + 1);
};
--------------------------------------------------------------------

More on the FLVMDI.exe Flash Video Metadata Injector here

Apple iPhone - iPod

Wow, I can't wait to get an iPhone. I've been drooling non stop since the offical release in January.

The thing comes with lots of cool features... but for me I'd just like to get ride of my phone, my ipaq and my ipod and have a single unit.

What I really want to know are the details.

Can I secure shell from it?

Seriously... this will make my life so much easier. Can I remote desktop to my windows servers? Can I install my own software on it? Like Photoshop maybe?

Technorati

Technorati wins, first site to pick up my url. Less than 48 hours from creation.

VMWare Upgrade ESX 3.0.0 to ESX 3.0.1

Finally decided to upgrade my VMWare ESX Servers from the original ESX 3.0.0 that I installed back in August to VMWare ESX 3.0.1. Since I have (2) ESX machines running I moved all my production boxes over to server#2 and turned off my test boxes. This gave 8 production systems running on Server#2, but it barley noticed them. I then put Server#1 in maintenance mode and decided to use the .tar upgrade file rather than the CD. Checksum was correct so I went ahead and took a quick backup of a few key directories "/etc" and "/vmware" and then ran the esxupdate command to kick off the upgrade.

Uh oh, failed on VM-Kernal file not matching. After finding other users on the VMTN Discussion Forums with the same problem...but no solutions...I decided to download the ISO file and try an upgrade from CD. Went through the CD Upgrade and about half way through it failed to read the VM-Kernel file from the CD. Seriously? The CD Media checked out fine! So I burned a new CD (at 8x speed just in case) checked it again and started the upgrade process...same thing. Wow, this is lame. So I decided I might as well just do a clean install as I'm sure my system is hosed by now anyway.

Clean install worked fine off the CD Media but now I had to re-setup all my LUN Paths, Networks, DNS, IP's, etc. No biggie, its not too hard and I have Server#2 to look at as a reference. After deleting the new old Server#1 from Virtual Infrastructure and re-adding the new Server#1 I find that I can't light up VMotion and all my test boxes have been (orphaned).
Ok, I'm starting to get worried as I can't really upgrade Server#2 if I can't move my 8 production VM's over to Server#1 and I'm not really sure I want to after this smooth upgrade I've just had.

Time to call VMWare Tech Support. I have the gold support, which means I call them... they take my info and call me back the next day. Not ideal...but at least my production VM's were still running. After a couple days of phone tag with VMWare support I finally get to talk to somebody and he quickly shows me a command to fix my orphaned test VMs ( vmware-cmd -s register /vpx/vms/_/ ). Nice, all my test VM's are back to normal status. Now on to why VMotion wouldn't work. I missed a key step when setting up my Network again, that little check box next to Enable VMotion in the network config. Wow, that was easy. Re-configure for HA and were ready to roll.

Upgrade for Server#2 planned for next week...I hope the upgrade goes much smoother.

Energy Drinks

Found a great site that reviews Energy Drinks www.boostadvisor.com

I recently tried the Wired X294 with 588 mg of caffine in a single can. Compare that to 80 in a can of redbull or 100 mg in a double shot espresso. Wow, talk about some late night programming pick me up.

Outdoor Wireless Mesh

It's been a long process but were finally in the implementation stages of our Outdoor wireless mesh. We've designed the system using Cisco Aironet 1500 Series AP's and the Cisco Wireless Control System (WCS). Our first phase will include (7) Access Points mounted on 15' poles and (2) of the WCS base units. There will be a back-haul on both sides of the mesh and all AP's are within (1) hop of a back-haul. They say you can put the access points up to 600' apart but we decided with all the tree's on campus to put them 300' - 400' apart to be on the safe side.

With the Cisco 1500's the AP's talk over 802.11 A and the clients can connect over 802.11 b/g

From the picture below you can see a basic layout of the mesh (I threw it together in Visio using the sprinkler heads for access points so I could visualize the bubble). Backhaul locations are in both corners top right and bottom left.

VMWare Setup

I just finished my 3rd Academic quarter with 3 of my production servers running as virtual machines. I setup VMWare in the fall and went into production just before classes started fall quarter.

My setup includes (2) Dell 2950's with (2) each Dual Core 3.73 ghz cpu, 16 GB RAM, dual fiber cards, 4 gig nics, and dual power supplies. These 2 servers are directly connected to a Network Appliance 3050c Cluster SAN. (the direct connection, without a fiber switch, was a little tricky to setup but works well as long as I don't ad any more Servers). I setup VMWare ESX 3.0 on both servers and hooked them together with VMotion.

VMotion is sweet. Had a switch go out that was connected to my ESX Server 1 and VMotion auto moved all running servers to ESX Server 2 within seconds. If I hadn't got the email about it from VMotion I would of never known as the systems all stayed in production.