In a previous post I have shown how to set up port forwarding to KVM virtual machines. In this post I will show you how to add an IPsec IKEv2 VPN to your (Ubuntu 18.04) KVM setup. I will show how to install the VPN endpoint on a virtual machine and make it available using port forwards. This allows for a simple networking setup and easy replacement of VPN technology. Install Strongswan You need to setup a new Ubuntu virtual machine using “virt-install” (as described here). On this newly created machine you need to install the strongswan IPsec software: ...

In a previous post I have shown how to set up static IP addresses for virtual machines in KVM (on Ubuntu 18.04). I have also shown how to reconfigure the IP range of the KVM network. In this post I will show how to do port forwarding of specific traffic to your virtual machines without turning off UFW. This requires to reconfigure the KVM network to a “routed” network with explicit forwarding rules in iptables. ...

In a previous post I have shown how to use the serial console in KVM (on Ubuntu 18.04) and how to access it on the KVM CLI. In this post I will show how to set up static IP addresses for your KVM virtual machines. Static IP addresses are a requirement for doing port forwarding, a topic we will touch in another post in this blog series. In this post we will also explore how to reconfigure the IP range for your KVM virtual machines. ...

In a previous post I have installed KVM (on Ubuntu 18.04) from the CLI on my Dell R720xd. In this post I will show how to adjust the GRUB config to enable the serial console in KVM and how to access it on the KVM CLI. This is great for fixing SSH connectivity issues and to do easy LUKS password entry during boot. In this post we will also explore how to allow access to the grub menu from the serial console. ...

In a previous post I have installed OpenSSH (on Ubuntu 18.04) on my Dell R720xd. In this post I will show how to install KVM on it, so that you can start using it as a GNU/Linux hypervisor to run virtual machines. In this post I will also show how to load a graphical tool to connect to your KVM enabled server. Install KVM KVM requires CPU virtualization support (VT-x/AMD-V) to be enabled in the BIOS. You can check if your CPU is supported by installing cpu-checker and running the kvm-ok command. ...

In a previous post I have installed Ubuntu 18.04 on my Dell R720xd. In this post I will show how to install OpenSSH on it, so that we no longer need the iDRAC for system administration. After setting up SSH to securely manage the server we only need the iDRAC when we misconfigure the firewall or the network. Install OpenSSH Installing OpenSSH can be done by selecting the “OpenSSH server” in the software selection screen of the network installer. Alternatively you can install it, or ensure that it is installed, by running the following command: ...

I rent a dedicated server at LeaseWeb (this is NOT a sponsored post) for my virtual machines. It is a Dell PowerEdge R720xd and I recently re-installed it. You can let LeaseWeb do this for you, but I prefer to install the operating system installation myself. Fortunately this is possible from my own pc, with a cup of coffee next to me, surrounded by the piece and quiet of my home office. ...

Every day in December I am doing a programming puzzle. The series is called Advent of Code and it follows the advent calendar approach. Every day from the 1st until the 25th of December one puzzle is unlocked. The puzzles get gradually harder and each puzzle has two parts, where the first part is easier than the second. It is not about winning Well, for some people it is. Only the first 100 answers are rewarded with points on the global leader board. I’m simply not fast enough to compete for a top 100 position. So for me it is not about winning. For most people it is not, as 95 thousand people have made the first puzzle and there is only place for 100 entries on the global leader board. The yearly unofficial survey asks people why they play and the reasons given are: for the fun (1st), the challenge (2nd) or to improve their skills (3rd). ...

In my career I have seen many REST APIs. They all implement Create Read Update and Delete (CRUD) on single entities with verbs as described by the REST standard. All of them do the same 4 (additional) things: column filtering, row filtering, authorization and document nesting. In this post we will look at a few implementations and explore a system for maturity qualification of a REST API implementation. Column filtering (sparse field-sets) Row filtering (with filter language) Authorization (on tables, columns, rows) Document nesting (based on relations) As a software architect I’m interested in standards and standard implementations. We will evaluate a few implementations and score the 4 additional tasks on the following scale: ...

TreeQL (see: TreeQL.org) and PathQL (see: PathQL.org) are two API query languages that I have designed and implemented. These implementations can save you time implementing your queries and CRUD operations on database models as REST API’s in (administrative) business applications. TreeQL design philosophy In one sentence: TreeQL is a feature-rich REST protocol for exposing database tables as resources over the web using nested JSON. It does: .. follow the REST protocol closely .. have a limited (spatial) filtering language .. nesting based on foreign key relations .. hide the underlying SQL dialect .. no real joins, only sub-selects .. support application authorization Example query to get the content of post 1 with the messages in the comments: ...