Planet OpenNMS

April 19, 2018

OpenNMS Horizon 21.1.0 (Replicant) Released

OpenNMS Horizon 21.1.0 (code name: Replicant) is now available.

It contains bug fixes and a few enhancements, including support for forwarding events, alarms, and nodes to Kafka.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

April 19, 2018 02:40 PM

April 16, 2018

This Week in OpenNMS: April 16th, 2018

It's time for This Week in OpenNMS!

In the last week we did a bunch of work on Drift and the Kafka producer, as well as a number of other bug fixes in anticipation of the Horizon and Meridian releases this week.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus did more work on a Jasper Studios fix.
    • Craig worked on some plugin manager updates.
    • Chandra worked on periodic sync support for the Kafka producer.
    • Patrick did some query index optimization in the Drift fl...

April 16, 2018 11:27 AM

April 13, 2018

OpenNMS.js v1.2.1

Bug Fixes

  • rest: fix HTTP timeout configuration to be more consistent (c8e7162)

by RangerRick at April 13, 2018 05:36 PM

April 09, 2018

This Week in OpenNMS: April 9th, 2018

It's time for This Week in OpenNMS!

In the last week we released Helm 1.1.0, continued to do more work in preparation for Drift in Horizon 22, and worked on various integrations with other tools.

Github Project Updates

  • Internals, APIs, and Documentation

    • I fixed a bug that would cause some event comparisons to not match properly.
    • Jesse, David, and I fixed some bugs in building on Windows.
    • Jesse fixed an issue with template compatibility across different Elasticsearch versions.
    • C...

April 09, 2018 11:54 AM

April 02, 2018

This Week in OpenNMS: April 2nd, 2018

It's time for This Week in OpenNMS!

Github Project Updates

  • Internals, APIs, and Documentation

    • Christian did more work on sFlow support in Telemetryd.
    • Markus added more test coverage for the index strategy and fixed UTC time-handling.
    • Chandra and Jesse did more work on the Kafka producer.
    • Markus improved our internal cache API to be more configurable.
    • Markus worked on improving OID storage in Elasticsearch.
    • Markus added support for a single flow dispatcher adapter.
    • Jesse fix...

April 02, 2018 10:42 AM

March 30, 2018

OpenNMS.js v1.2.0

Bug Fixes

  • http: add timeout to GrafanaHTTP (22bdd70)

Features

  • rest: NMS-9783: add X-Requested-With header to requests (e803726)

by RangerRick at March 30, 2018 02:35 AM

March 26, 2018

This Week in OpenNMS: March 26th, 2018

It's time for This Week in OpenNMS!

Github Project Updates

  • Internals, APIs, and Documentation

    • Christian did more work on sFlow support in Telemetryd.
    • Markus fixed a recursion error in the Elasticsearch client code.
    • Chandra added support for filtering events before passing them on to Kafka.
    • Markus fixed some errors in our netty implementation.
    • Jeff put event configuration info from the wiki into the admin guide.
    • Markus worked on refactoring the smoke test infrastructure.
    • Jes...

March 26, 2018 11:53 AM

March 19, 2018

This Week in OpenNMS: March 19th, 2018

It's time for This Week in OpenNMS!

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus continued his work on improvements to Elasticsearch configuration and testing.
    • Markus fixed a dependency issue that would cause errors in the JasperStudio extension.
    • Craig fixed a classloader issue to access configs from the config manager.
    • Jesse did some work on the Kafka exporter.
    • Markus fixed a bug in flow document indexing in Elasticsearch.
    • Ronny added the admin guide to t...

March 19, 2018 11:53 AM

March 16, 2018

OpenNMS.js v1.1.1

1.1.0 had a build dependency that snuck into the runtime dependencies and caused a number of unnecessary projects to get pulled in. This release is identical to 1.1.0 with that dependency fixed.

by RangerRick at March 16, 2018 09:45 PM

OpenNMS.js v1.1.0

This release adds support for telemetry (Netflow) APIs which will be introduced in OpenNMS 22.x. It also includes a number of build optimizations and updates since v1.0.3.

by RangerRick at March 16, 2018 09:44 PM

March 15, 2018

OpenNMS Meridian 2017.1.6 Released

Release 2017.1.6 is a small update to OpenNMS Meridian 2017.1.5.
It contains a few bug fixes.

The codename for 2017.1.6 is Meridianus Posoniensis.

Bug
  • It is not possible to see Statsd results on the WebUI (Issue NMS-9861)
  • Inconsistent handling of keyboard navigation on top menu (Issue NMS-9867)

by RangerRick at March 15, 2018 08:19 PM

OpenNMS Meridian 2016.1.11 Released

Release 2016.1.11 is an update to 2016.1.10 that provides one small bug fix.

The codename for 2016.1.11 is Gall-Peters.

Bug
  • Inconsistent handling of keyboard navigation on top menu (Issue NMS-9867)

  • Copyright dates need a bump for 2018 (Issue NMS-9871)

by RangerRick at March 15, 2018 08:18 PM

OpenNMS Meridian 2015.1.9 Released

Release 2015.1.9 is the tenth release of OpenNMS Meridian 2015.
It contains a keyboard-navigation fix and a few documentation/date updates.
The codename for 2015.1.9 is MIST.

Bug
    • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
    • Inconsistent handling of keyboard navigation on top menu (Issue NMS-9867)
    • Copyright dates need a bump for 2018 (Issue NMS-9871)

by RangerRick at March 15, 2018 08:17 PM

OpenNMS Horizon 21.0.5 (Electric Sheep) Released

OpenNMS Horizon 21.0.5 (code name: Electric Sheep) is now available.

It contains mostly bug fixes.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

March 15, 2018 04:12 PM

March 12, 2018

This Week in OpenNMS: March 12th, 2018

It's time for This Week in OpenNMS!

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on Sentinel documentation and proof-of-concept code.
    • I backported my fixes for the Minion build to the 2017 foundation branch.
    • Markus did some improvements to Elasticsearch configuration and testing.
    • Christian worked on sFlow support in Telemetryd.
  • Web & UI

    • Chandra worked on fixing a JSTL bug that was causing Statsd reports to not render.
    • Patrick fixed keyboard na...

March 12, 2018 11:11 AM

March 05, 2018

This Week in OpenNMS: March 5th, 2018

It's time for This Week in OpenNMS!

Github Project Updates

  • Internals, APIs, and Documentation

    • Craig did a few more fixes and enhancements to the plugin manager.
    • Markus did some work on running the DAOs in an OSGi container.
    • Dustin fixed MD4-handling in the Radius code.
    • Dustin and Christian did more work on Netflow 9, IPFIX, and sFlow support.
  • Web & UI

    • Patrick worked on keyboard navigation of the menu.
    • I upgraded our asset build to Webpack 4 and did a bunch of build opti...

March 05, 2018 10:23 AM

February 27, 2018

This Week in OpenNMS: February 27th, 2018

It's time for This Week in OpenNMS!

Sorry for the delay in getting this out, but last week I was on a nerd cruise and my flight home got delayed until yesterday.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth worked on wrapping up his blueprint/karaf/gemini refactor.
    • Jesse made Elasticsearch connection and read timeouts configurable.
    • Dustin did more work on Netflow 9 and IPFIX support.
    • Craig did more fixes to the plugin manager.
    • Jesse fixed the flow API to s...

February 27, 2018 11:21 AM

February 16, 2018

Prodigal Customers

Growing up in the southern United States meant Sunday mornings were spent at Sunday School. One of the stories we would study was the Parable of the Prodigal Son. A man has two sons. The younger son asks for his inheritance in advance and he goes off and squanders it. When he returns, his father throws a big celebration to welcome him back.

I never really got the point of that story, as I always identified with the older, dutiful son, so it is surprising that it took working with OpenNMS for me to understand it.

We have great customers. Since we do little marketing, before we get a customer they have to first discover OpenNMS, then investigate it to see if it meets their needs, and only then do they contact us. It means that they are self-selecting, and without exception they are incredibly smart, physically beautiful and possessing of a wit so sharp they make Ginsu knives look dull. (grin)

The first company to ever buy an OpenNMS support subscription did so in December of 2001, and this year they renewed for the 17th time. It is a wonderful testament to the work of the team that they created something to inspire such a long commitment.

That said, we do lose a few customers each year. The first one I lost was a little heartbreaking. It was a hospital in Virginia, and when I called them to see if they would renew their support subscription they told me “no”. I was a little shocked, as I was unaware of any problems and they hadn’t opened tickets in awhile, and they told me that was the point. They loved OpenNMS but it “just worked” so they saw no value in getting support, they were still using it.

A more common case for us losing a customer is that our “internal champion” leaves. OpenNMS is a complex and powerful tool, and it does take awhile to climb the learning curve to see its full potential. If all of that knowledge is focused on one person, and that person leaves, their replacement can be overwhelmed and seek out something simpler, even if it is more expensive and less powerful.

I am alway saddened when this happens, but lately we’ve been experiencing what I’m calling “Prodigal Customers”. These are customers who leave and come back.

Cartoon by Chad Essley http://www.cartoonmonkey.com

I love them, and always want to slaughter (figuratively) the fattened calf to welcome them back.

It’s hard to explain, but while it is wonderful to have someone use something you’ve created for almost two decades straight, it is almost more rewarding to have someone go and try something else and discover it doesn’t stack up. Heck, I’d love it if all our customers could try out every possible option, because those that then chose OpenNMS for their solution would truly recognize what an awesome platform it can be.

Being 100% open source, OpenNMS does not have any way to “lock in” a particular customer. You can use it with our services or without, but you always have access to the latest code. Thus choosing to use OpenNMS is a validation of the work we’ve put into it, and whether you are a long time customer, a new customer, or a “prodigal” customer, your preference to use OpenNMS makes all the work to create it worthwhile.

by Tarus at February 16, 2018 12:46 PM

February 15, 2018

OpenNMS Meridian 2017.1.5 Released

Release 2017.1.5 is a small update to OpenNMS Meridian 2017.1.4.
It contains a few bug fixes and performance enhancements.

The codename for 2017.1.5 is Pulkovo meridian.

Bug
  • Change links to docs in help page using https (Issue NMS-9832)
  • Copyright dates need a bump for 2018 (Issue NMS-9871)
Enhancement
  • ES REST plugin not doing preemptive basic auth (Issue NMS-9699)
  • bsmd: avoid processing alarm lifecycle events when no rules are defined (Issue NMS-9835)

by RangerRick at February 15, 2018 07:56 PM

OpenNMS Horizon 21.0.4 (Priscilla Stratton) Released

OpenNMS Horizon 21.0.4 (code name: Priscilla Stratton) is now available.

It contains bug fixes and a few performance enhancements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

February 15, 2018 02:26 PM

February 13, 2018

OpenNMS.js v1.0.3

This is a small release with documentation updates, an API for stringifying model objects, and enabling search properties in the NodeDAO.

by RangerRick at February 13, 2018 03:37 PM

February 12, 2018

This Week in OpenNMS: February 12th, 2018

It's time for This Week in OpenNMS!

In the last week we worked on the Drift telemetry project, turning the Minion into an appliance, Karaf, bug fixes, the plugin manager, Helm, and refactoring our JavaScript.

Github Project Updates

February 12, 2018 11:33 AM

February 05, 2018

This Week in OpenNMS: February 5th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, the event bus, Karaf refactoring, web UI bug fixes, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse enhanced the event listener API to make them multi-threaded (including alarm processing).
    • Dustin continued his work on Netflow 9 and IPFIX support in Telemetryd.
    • Chandra did more work on NX-OS Telemetryd support.
    • Seth is close to wrapping up hi...

February 05, 2018 10:56 AM

January 31, 2018

2018 New Zealand Network Operators Group (NZNOG)

One thing that all open source projects struggle with is getting users. Most people in IT and software are overwhelmed with a plethora of information and options, and matching the right material to the right audience is a non-trivial problem.

Last year my friend Chris suggested that I speak at a Network Operators Group (NOG) meeting, specifically AusNOG. It was a lot of fun. I felt very comfortable among this crowd. so I decided to reach out to more NOGs to see if they would be interested in learning about OpenNMS.

The thing I like the most about NOGs is that they value getting things done above all else. While “getting things done” is still important with the free and open source crowd, there seems to be more philosophy and tribalism at those shows. “Oh, that’s written in PHP, it must suck” etc. As a “freetard” I live for the philosophical and social justice aspects of the community, but from a business standpoint it doesn’t translate well into paying customers.

At NOGs the questions are way more business-focused. Does it work? Is it supported? What does it cost? While I’m admittedly biased toward OpenNMS and its open source nature, the main reason I keep promoting it is that it just makes solid business sense for many companies to use it instead of their current solution.

Plus, these folks are pretty smart and entertaining while dispensing solid advice and knowledge.

Anyway, with that preamble, at AusNOG I learned about the New Zeland NOG (NZNOG) and submitted a talk. It got accepted and I found myself in Queenstown.

NZNOG Scenary

The main conference was spread out over two days, and like AusNOG it consisted of 30 to 45 minute talks in one track.

While I know it won’t work for a lot of conferences, I really like the “one track” format. It exposes me to things I wouldn’t have gone to otherwise, and if there is something I am simply not interested in learning about I can use that time to catch up on work or participate in the hallway track.

NZNOG Clare Curran

The conference started with a presentation by the Honorable Clare Curran, a newly minted Member of Parliament (they recently held elections in New Zealand). I’m slowly seeing politicians getting more involved in information technology conferences, which I think is a good thing, and I can only hope it continues. She spoke about a number of issues the government is facing with respect to communications technology.

Several things bother me about the US government, but one big one is the lack of understanding of the importance of access to the Internet at broadband speeds. Curran stated that “lack of reliable high-speed network access is a new measure of poverty”. Later in the day John Greenhough spoke on New Zealand’s Ultra-Fast Broadband (UFB) project, where on one slide broadband was defined as 20Mbps download speed.

NZNOG John Greenhough

Where I live in the US I am lucky to get 10Mbps and many of my neighbors are worse off, yet the government is ceding more of the decision making process about where to build out new infrastructure to the telecommunications companies which have zero incentive to improve my service. It’s wonderful to see a government realize the benefits of a connected populace and to take steps to make it happen.

Because we all need Netflix, right? (grin)

There was a cool talk about how Netflix works, and I didn’t realize that they are working with communications providers to provide low-latency solutions distributed geographically. This is done by supplying providers with caching content servers so that customers can access Netflix content while minimizing the need for lots of traffic over expensive backhaul links.

NZNOG Netflix RRD

I did find it cool that one of the bandwidth graphs presented was obviously done using RRDtool. I don’t know if they collected the data themselves or used something like OpenNMS, but I hope it was the latter.

With this push for ubiquitous network access comes other concerns. New Zealand has a law called TICSA that requires network providers to intercept and store network traffic data for use by law enforcement.

NZNOG Lawful Intercept

I thought the requirements were pretty onerous, but I was told that the NZ government did set aside some funds to help providers with deploying solutions for collecting and storing this data (but I doubt it can cover the whole cost, especially over time). The new OpenNMS Drift telemetry project might be able to help with this.

NZNOG Aftab Siddiqui

There were a couple of talks I had seen in some form at AusNOG. The ever entertaining Aftab Siddiqui talked about MANRS (Mutually Agreed Norms for Routing Security) but unlike in Australia he was hard pressed to find good examples of violations. Part of that could be that New Zealand is much smaller than Australia, but I’m giving the NZ operators the credit for just doing a good job.

NZNOG NetNORAD

The Facebook folks were back to talk about their NetNORAD project. While I have a personal reluctance to deploy agents, there really isn’t a way to measure latency at the detail they want without them. I think it would be cool to be able to gather and manage the data created by this project under OpenNMS.

NZNOG Geoff Huston

What I like most about these NOG meetings is that I always learn something cool, and this one was no different. Geoff Huston gave a humorous talk on DNSSEC and handling DNS-based DDoS attacks. While I was somewhat familiar with DNSSEC, I was unaware of the NSEC part of it.

Most DNS DDoS attacks work by asking for non-existent domains, and the overhead in processing them is what causes the denial of service. The domain name is usually randomly generated, such as jeff123@example.com, jeff234@example.com, etc. If the DNS server doesn’t have the domain in its cache, it will have to ask another DNS server, which in turn won’t have the domain as it doesn’t exist.

The NSEC part of DNSSEC, when responding to a non-existent domain request, will return the next valid domain. In the example above, if I ask for jeff123@example.com, the example.com DNS server can reply that the domain is invalid and, in addition, the next valid domain is www.example.com. If implemented correctly, the original DNS server should then never query for jeff234@example.com since it knows it, too, doesn’t exist.

Pretty nifty.

NZNOG Rata Stanic

One talk I was eagerly awaiting was from Rada Stanic at Cisco. She also spoke at AusNOG but I had to leave early and missed it. While she disrespected SNMP a little more than I liked (grin), her talk was on implementing new telemetry-based monitoring protocols such as gRPC. OpenNMS Drift will add this functionality to the platform. Our experience so far is that the device vendor implementation of the telemetry protocols leaves something to be desired, but it does show promise.

NZNOG Ulf

It was nice being in New Zealand again, and our mascot Ulf seemed to be popular with the locals. Can’t imagine why.

by Tarus at January 31, 2018 11:38 PM

January 29, 2018

This Week in OpenNMS: January 29th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, Kafka metrics, Karaf refactoring, web UI bug fixes, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth fixed calling collection commands over the RPC interface.
    • Chandra did more work on generic resource collection.
    • Dustin did the groundwork for sFlow support in Telemetryd.
    • Ronny updated the help page to use HTTPS links.
    • Seth fixed logging issue...

January 29, 2018 10:56 AM

January 25, 2018

2018 Linuxconf Australia Sysadmin Miniconf

I just wanted to put up a quick post on my trip to Linuxconf Australia (LCA) being held this week in Sydney.

First, a little background. I’ve been curtailing my participation in free and open source software conferences for the last couple of years. It’s not that I don’t like them, quite the opposite, but my travel is funded by The OpenNMS Group and we just don’t get many customers from those shows. A lot of people are into FOSS for the “free” (as in gratis) aspect.

Contrast that with telcos and network operators who tend to have the opposite viewpoint, if they aren’t spending a ton of money then they must be doing it wrong, and you can see why I’ve been spending more of my time focusing on that market.

Anyway, we have recently signed up a new partner in Australia to help us work with clients in the Pacific Rim countries called R-Group International, and I wanted to come out to Perth and do some training with their team. Chris Markovic, their Technical Director as well as being “mobius” on the OpenNMS chat server, suggested I come out the week after LCA, so I asked the LCA team if they had room on their program for me to talk about OpenNMS. They offered me a spot on their Sysadmin Miniconf day.

Linuxconf Australia Sign

The conference is being held at the University of Technology, Sydney (UTS) and I have to say the conference hall for the Sysadmin track was one of the coolest, ever.

Linuxconf Australia - UTS Lecture Hall

The organizers grouped three presentations together dealing with monitoring: one on Icinga 2, one from Nagios and mine on OpenNMS. While I don’t know much about Icinga, I do know the people who maintain it and they are awesome. One might think OpenNMS would have an antagonistic relationship with other FOSS monitoring projects, but as long as they are pure FOSS (like Icinga and Zabbix) we tend to get along rather well. Plus I’m jealous that Icinga is used on the ISS.

Linuxconf Australia Icinga2 Talk

I think my talk went well. I only had 15 minutes and for once I think I was a few seconds under that limit. While it wasn’t live-streamed it was up on YouTube very quicky, and you can watch it if you want.

I had to leave LCA to head to the New Zealand Network Operator’s Group (NZNOG) meeting, so I missed the main conference, but I am grateful the organizers gave me the opportunity to speak and I hope to return in the future.

Linuxconf Australia During a Break

by Tarus at January 25, 2018 06:31 PM

January 22, 2018

This Week in OpenNMS: January 22nd, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, Kafka metrics, Karaf refactoring, web UI bug fixes, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra continued to work on exposing Kafka metrics to collection by making JMX collection support generic resource types.
    • Seth continued his work making our bundles load properly with blueprints.
    • Markus worked on telemetry data validation.
    • Dustin wo...

January 22, 2018 10:50 AM

January 18, 2018

OpenNMS Meridian 2017.1.4 Released

Release 2017.1.4 is an update to OpenNMS Meridian 2017.1.3. It is primarily a bug fix release.

The codename for 2017.1.4 is Tenerife meridian.

Bug
  • Notification storm causes JVM crash with: Native memory allocation (mmap) failed (Issue NMS-9766)
  • The typeahead widget for KSC Report Search on front page is not working (Issue NMS-9776)
  • The geographical maps on large installations is unusable (Issue NMS-9777)
  • Cannot create user groups through the WebUI (NPE) (Issue NMS-9785)
  • Broken Link in Admin guide to Alarm Introduction (Issue NMS-9802)
  • Wrong syntax for automatic rescanning in admin guide (Issue NMS-9803)
  • Geocoordinates truncated to 5 decimal places (Issue HZN-1219)

by RangerRick at January 18, 2018 09:59 PM

OpenNMS Horizon 21.0.3 (Roy Batty) Released

OpenNMS Horizon 21.0.3 (code name: Roy Batty) is now available.

Release 21.0.3 contains mostly small bug fixes.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

January 18, 2018 04:50 PM

Conferences: Australia, New Zealand and Senegal

Just a quick note to mention some conferences I will be attending. If you happen to be there as well, I would love the opportunity to meet face to face.

Next week I’ll be in Sydney, Australia, for linux.conf.au. I’ll only be able to attend for the first two “miniconf” days, and I’ll be doing a short introduction to OpenNMS on Tuesday as part of the Systems Administration Miniconf.

Then I’m off to Queenstown, New Zealand for the New Zealand Network Operators Group (NZNOG) conference. I will be the first presenter on Friday at 09:00, talking about, you guessed it, OpenNMS.

The week after that I will be back in Australia, this time on the other side in Perth, working with our new Asia-Pacific OpenNMS partner R-Group International. We are excited to have such a great partner bringing services and support for OpenNMS to organizations in that hemisphere. Being roughly 12 hours out from our home office in North Carolina, USA, can make communication a little difficult, so it will be nice to be able to help users in (roughly) their own timezone.

Plus, I hope to learn about Cricket.

Finally, I’m excited that I’ve been asked to do a one day tutorial at this year’s African Network Operators Group (AfNOG) in Dakar, Senegal, this spring. The schedule is still being decided but I’m eager to visit Africa (I’ve never been) and to meet up with OpenNMS users (and make some new ones) in that part of the world.

I’ll be posting a lot more about all of these trips in the near future, and hope to see you at at least one of these events.

by Tarus at January 18, 2018 04:43 PM

January 16, 2018

This Week in OpenNMS: January 16th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, Kafka metrics, Karaf refactoring, web UI bug fixes, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra continued to work on exposing Kafka metrics to collection.
    • Jesse did performance improvements when aggregating Drift data from Elasticsearch.
    • Ronny cleaned up Net-SNMP collections.
    • Seth worked on making our bundles load properly with blueprin...

January 16, 2018 10:16 AM

January 09, 2018

Running OpenNMS Horizon in Docker

Running applications in containers provides many benefits, and it's not just hype. Higher velocity to maintain changes while keeping a service available. Scaling your software by just spinning up more instances to handle load. Container images allow you to manage your application dependencies and link them all to a portable and standardised runnable container image. The infrastructure can be used as a commodity and container allow you to manage resource usage on a granularity at process level. A...

January 09, 2018 09:48 PM

January 08, 2018

This Week in OpenNMS: January 8th, 2018

It's time for This Week in OpenNMS!

In the last week we did more work on Drift telemetry, refactoring Collectd, enlinkd, and refactoring our JavaScript.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more work on refactoring Collectd.
    • Ronny worked on Asciidoctor documentation rendering.
    • Jesse did more work on accessing interface and top N data in Drift queries.
    • Antonio worked on bridge topology fixes in Enlinkd.
    • I fixed an issue that could cause an NPE whe...

January 08, 2018 10:59 AM

January 04, 2018

Welcome to 2018

I love New Year’s. Not exactly the party on New Year’s Eve, as I tend to spend it as a quiet evening with friends, but the idea of starting over and starting fresh.

It is also a good time to reflect on the year past. While 2017 was pretty tumultuous for the world at large, for OpenNMS it was a pretty good year.

Our decision to split OpenNMS into two versions is still paying off. We did three major releases of Horizon (19, 20, and 21) as well as point releases every month there wasn’t a major release, and Meridian 2017 finally came out, although later than I would have liked. Horizon users get to experience rapid advancements in power and features while Meridian users can relax knowing their system is very stable and secure.

While it is hard to pick out the best features added in 2017, I’d have to go with OpenNMS Helm and the Minion.

Helm allows you to combine and manage multiple instances of OpenNMS from a Grafana dashboard.

OpenNMS Helm

The Minion is our foray into the whole “Internet of Things” space with an application that can be installed on a small device and used to send remotely collected data to a central OpenNMS instance. Minions have minimal configuration and can be configured redundantly, yet they have the ability to collect massive amounts of monitoring data. We’re very eager to see what novel uses our users come up with for the technology (we have one customer that is “Minion-only”, i.e. they do no monitoring or collection from the central OpenNMS instance at all and instead just put two Minions at each location).

As for the OpenNMS Group, the company behind OpenNMS, we experienced modest growth but still had a record year for gross revenue. What is more exciting is that net income was also a record and several hundred percent above last year, so we are going into 2018 well positioned in our Business Plan of “Spend less than you earn”.

2018 should be exciting. The OpenNMS Drift project brings telemetry (flow) data into OpenNMS, and we are working on some exciting features regarding correlation which will probably involve new machine learning technology.

As always, these features will be available as 100% free and open source software.

Personally, I added three new countries to my list, bringing the total number of countries I’ve been in to forty. I had a great time in Estonia and Latvia, and I really enjoyed my trip to Cuba.

One last thing. If you are reading this you are probably a user of OpenNMS. If so, thank you. We are a small but dedicated group of people creating this platform and often we don’t get much feedback on who uses it and what they like about it. The fact that people do find it useful makes it worthwhile, and we wouldn’t exist without our users and clients.

So, Happy New Year, and may 2018 exceed your wildest expectations.

by Tarus at January 04, 2018 04:11 PM

January 02, 2018

This Week in OpenNMS: January 2nd, 2018

It's time for This Week in OpenNMS! We're back from the holidays and ready to write some more code.

Before the holiday break we did more Telemetryd work, web UI refactor, and other bug fixing.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra did more work on kafka offset monitoring.
    • Seth did more work on making DAOs and collection OSGi-friendly.
    • Antonio added a new monitor: SnmpTimeMonitor.
    • Markus did more work on defining a model for flow applications.
    • Je...

January 02, 2018 10:56 AM

December 24, 2017

PRIS Release and CI/CD Workflow

PRIS Release Management and Continuous Delivery Workflow

The current release workflow for PRIS and the Docker Container Images was driven by manual tasks. That means you have to push a "Release Button" which sets version numbers and triggers Docker Image builds. I have switched to a continuous delivery workflow. Every commit is a release and there is no "Release Button" anymore. Unique version numbers are generated with git describe and the build number from the CI/CD system. To release stab...

December 24, 2017 05:42 PM

PRIS Release and CI/CD Workflow

PRIS Release Management and Continuous Delivery Workflow

The current release workflow for PRIS and the Docker Container Images was driven by manual tasks. That means you have to push a "Release Button" which sets version numbers and triggers Docker Image builds. I have switched to a continuous delivery workflow. Every commit is a release and there is no "Release Button" anymore. Unique version numbers are generated with git describe and the build number from the CI/CD system. To release stab...

December 24, 2017 12:42 PM

December 21, 2017

OpenNMS Meridian 2017.1.3 Released

Release 2017.1.3 is an update to OpenNMS Meridian 2017.1.2. It is primarily a security and bug fix release.

The codename for 2017.1.3 is Ferro meridian.

Bug
  • Privilege Escalation Bug with Grafana Plugin (Issue NMS-8093)
  • IOActive: Cross-Site Scripting in createFavorite filter Parameter (Issue NMS-9670)
  • IOActive: Reflected Cross-site Scripting in userGroupView/roles roleDescr and Other Parameters (Issue NMS-9673)
  • IOActive: Reflected Cross-site Scripting in admin/thresholds/index.htm filterField and Other Parameters (Issue NMS-9674)
  • HEAD requests to static resources in the UI don’t work (Issue NMS-9689)
  • The EXE installer of the remote poller on Windows is not working (Issue NMS-9721)
  • IllegalStateException in OnmsVaadinContainer (Issue NMS-9742)
  • Karaf snmp:show-config command lists value of timeout for retries (Issue NMS-9745)
  • The content of the clone foreign source definition dialog is misleading (Issue NMS-9749)
  • Relative path reference to version.properties (Issue NMS-9767)
Enhancement
  • Authentication proxy support (Issue NMS-9739)

by RangerRick at December 21, 2017 09:05 PM

OpenNMS Meridian 2016.1.10 Released

Release 2016.1.10 is an update to 2016.1.9 that provides a few bug fixes.

The codename for 2016.1.10 is Waterman Butterfly.

Bug
  • host with single quote in the name breaks UI menu items (Issue NMS-6616)
  • IOActive: Reflected Cross-site Scripting in userGroupView/roles roleDescr and Other Parameters (Issue NMS-9673)
  • IOActive: Reflected Cross-site Scripting in admin/thresholds/index.htm filterField and Other Parameters (Issue NMS-9674)
  • The EXE installer of the remote poller on Windows is not working (Issue NMS-9721)

by RangerRick at December 21, 2017 09:03 PM

OpenNMS Horizon 21.0.2 (Voight-Kampff) Released

OpenNMS Horizon 21.0.2 (code name: Voight-Kampff) is now available.

Release 21.0.2 contains some UI security fixes, other bug fixes, and a few small enhancements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

December 21, 2017 03:59 PM

December 18, 2017

This Week in OpenNMS: December 18th, 2017

It's time for This Week in OpenNMS! Apologies for missing last week but I was in Las Vegas to watch a hockey game. (No really.)

In the last two weeks we more work on the Drift telemetry project and other refactoring.

Github Project Updates

  • Internals, APIs, and Documentation

    • Dustin and Christian continued their work on the Netflow support in Telemetryd.
    • Markus continued his work on Elasticsearch and Telemetryd.
    • Markus added support for enriching flows with classification metadata...

December 18, 2017 11:57 AM

December 14, 2017

Monitor LXC container processes using HostResourceSwRunMonitor

A monitoring solution should always help in bad situations and provide a useful overview of your system health status. Service availability monitors are especially handy to ensure that all services are running on the correct machines.

In past, I have run into an problem which was more of an issue with documentation than a classical monitor alarming issue. We had some servers with LXC containers running. Unfortunately these and other server went down because of some hypervisor issues. After r...

December 14, 2017 10:23 AM

December 04, 2017

This Week in OpenNMS: December 4th, 2017

It's time for This Week in OpenNMS!

Last week we did more work on the Drift telemetry project and other refactoring.

Github Project Updates

  • Internals, APIs, and Documentation

    • I made it easier to pass additional JVM options during test builds.
    • Jeff fixed it so RTC subscription events aren't persisted to the database.
    • Seth continued to work on cleaning up JNLP launch of the remote poller.
    • Antonio continued to work on Enlinkd bridge discovery fixes.
    • Dustin and Markus continued t...

December 04, 2017 11:25 AM

November 29, 2017

Update on Expensify

I recently posted a rant on how a vendor we use, Expensify, appeared to be exposing confidential data to workers with the Amazon Mechanical Turk service. In response to the general outcry, they posted a detailed explanation on their blog.

It did little to change my mind.

So apparently what happened is that they used to use the Mechanical Turk from 2009 to 2012, so if you we a customer back then your information was disclosed to those third party workers. Then they stopped, supposedly using some other, similar, in-house system.

But, some genius there decided that the best way for certain customers to insure their receipts were truly private was to have them use the Mechanical Turk with their own staff. I covered that in my first post and it is so complex it hardly registers as a solution.

Of course, they decided to test this new “solution” starting the day before the American Thanksgiving holiday. This was done using receipts from “non-paying customers”. While we pay to use the service (not for much longer), if you were trying it out for free your receipts were exposed to Mechanical Turk workers. Heh, if you aren’t paying for the product you are the product. The post goes on to talk about the security of the Mechanical Turk service, which was surprising because they went on and on about how they didn’t use it.

What really angered me was this paragraph:

The company was away with our families and trying hard to be responsive, while also making the most of a rare opportunity to be with our loved ones. Accordingly, this vacuum of information provided by the company was filled with a variety of well-intentioned but inaccurate theories that generated a bunch of compounding, exaggerated fears. As a family-friendly business we try hard to separate work life from home life, and in this case that separation came at a substantial cost.

Well, boo hoo. If you truly cared about your employees you wouldn’t start a major beta test the day before a big holiday. I spent my holiday worrying about my employees’ personal data possibly being exposed through the Expensify service. Thanks for that.

What pisses me off the most is this condescending Silicon Valley speak that their lack of transparency is somehow our fault. That our fears are just “exaggerated”. When Ryan Schaffer posted on Quora that nothing personal is included on receipts, he demonstrated a tremendous lack of understanding about something on which he should be an expert. As they turn this new leaf and try to be more transparent, I noticed he deleted his answer from the Quora question.

Smells like a cover up to me.

Look, I know that being from North Carolina I can’t possibly understand all the nuances of the brain-heavy Valley, but if Expensify truly does have a “patented, award-winning” methodology for scanning receipts, why don’t they just make that available to their customers instead of using the Turk? This long-winded defense of the Turk seems like they are protesting too much. Something doesn’t make sense here.

I’ve told my folks to stop using SmartScan and that we would move away from Expensify at the end of the year. If you use, or are planning to use, Expensify you should deeply consider whether or not this is a company you want to associate with and if they will act in your best interests.

I decided the answer was “no”.

by Tarus at November 29, 2017 05:38 PM

November 28, 2017

Dougie Stevenson – The Elvis of Network Management

David messaged me yesterday that Dougie Stevenson had died.

I hadn’t seen Dougie in person in a long time, but I’d kept up with him through the very networks he, in part, helped manage. While I had heard he wasn’t in the best of health, the news of his passing hit me harder than I expected.

I can’t remember the first time I met Dougie. I do remember it was always Dougie, rarely Doug and never Douglas. While most adults might drop such a nickname, it is a reflection on his almost childlike friendliness and good nature that he kept it. I do know that I was working at a company called Strategic Technologies at the time, so this would be the mid-1990s. I was working with tools like HP OpenView, and I’d often run into Dougie at OpenView Forum events. When he decided to take a job at Predictive Systems I followed him, even though it meant commuting to DC four to five days a week.

It was at Predictive that I got to see his genius at work. With his unassuming nature and down-to-earth mannerisms it was easy to miss the mind behind them, but when it came to seriously thinking about the problems of managing networks there were few who could match his penchant for great ideas. I used to refer to him as the “Elvis” of network management.

We were both commuters then. While he had lived in many places, he called Texas home as much as I do North Carolina. We were working on a large project for Qwest near the Ballston metro stop, and after work we’d often visit the nearby Pizzeria Uno. The wait staff loved to see Dougie, and would always laugh when he referred to the cheese quesadillas appetizer as “queasy-dillies”. This was back during the first Internet bubble, around 1999, and while many of us were working hard to make our fortune, Dougie never really cared that much for money. He used to joke it would all go to his ex-wives anyway. I know he had been married but we didn’t talk too much about that aspect of his life. He’d much rather talk about the hotrod pickup truck he was always working on when he had the time. I do remember he once walked away from a small fortune over principles – that was just the kind of person he was.

I can’t remember the last time I saw Dougie, but it could have been in Austin back in 2008. I have this really bad picture I took then:

Dougie and Me

Notice he has on his OpenNMS shirt. He never failed to promote our efforts to create a truly free and open source network management platform whenever he could.

As I’ve gotten older, I wish more for time than money. Between the business and the farm I’m kept so busy that I rarely get to spend as much time with the amazing people I know, and it would have been nice to see Dougie at least once more. In any case, a small part of him lives on in the hearts and minds of those who did know him.

Though it saddens me to say it, Elvis has left the building.

by Tarus at November 28, 2017 10:43 PM

November 27, 2017

Expensify and Why I Hate the Cloud

Over the weekend I found out that Expensify, a service I use for my company, outsources a feature to Amazon’s Mechanical Turk service. Expensify handles the management of business expenses, which for a company like ours can be problematic as we do a lot of travel when deploying services. The issue is that the feature, the “smart scanning” of receipts, could potentially expose confidential data to third parties. As a user of Expensify, this bothers me.

Expensify touts “SmartScan” as:

As background, SmartScan is the patented, award-winning technology that underpins our “fire and forget” design for expense management. When you get a receipt, rather than stuffing it into your pocket to dread for later, just:

1. Take your phone out of your pocket
2. SmartScan the receipt
3. Put your phone back in your pocket

What they never told us is that if their “patented, award-winning technology” can’t read your receipt, they send it to the Mechanical Turk, which in turn presents it to a human being who will interpret the receipt manually. The thing is, we have no control over who will see that information, which could be confidential. For example, when I post a receipt for an airline ticket, it may include my record locater, ticket number and itinerary, all of which are sensitive.

This apparently never occurred to the folks at Expensify. Take this Quora answer from Ryan Schaffer, listed as Expensify Director of Marketing & Strategy:

Also, its worth mentioning, they don’t see anything that can personally identify you. They see a date, merchant, and amount. Receipts, by their very nature, are intended be thrown away and are explicitly non-sensitive. Anyone looking at a receipt isunable to tell if that receipt is from me, you, your neighbor, or someone on the other side of the world.

Wrong, wrong, wrong. It seems that Mr. Schaffer may limit his business expenses to the occasional coffee at Starbucks, but for the rest of us it is rarely that limited. For someone whose job is to perfect dealing with receipts, his view is pretty myopic.

For examples of what Expensify exposes, take a look at this tweet by Gary Pendergast.

Information Exposed by Expensify Tweet

It is also worth noting that it appears Expensify does its business on the Mechanical Turk as “Fluffy Cloud” instead of Expensify, which strikes me as a little disingenuous.

In a blog post this morning the company addressed this:

As you might imagine, doing this is easier said than done. Given the enormous scale and 24/7 nature of this task, we have agents positioned around the world to hand off this volume from timezone to timezone. Most of the US team is located in Ironwood, MI or Portland, OR (where we have offices and can train in person). Most of the international team is in Nepal or Honduras (where we work with a third-party provider to manage the on-site logistics). But regardless of the location, every single agent is bound by a confidentiality agreement, and subject to severe repercussions if that agreement is broken.

But if this were true, why are random people on Twitter announcing that they can see this data? Are they relying on the Amazon agreement with the people working as part of the Mechanical Turk? That doesn’t instill much confidence in me. But then in the same blog post they double down, and suggest that if you want extra security, you can just set up your own staff as part of the Mechanical Turk:

1. You hire a 24/7 team of human transcription agents.
         o For the fastest processing we suggest staffing three separate shifts — or daytime shifts in three different offices around the world. Otherwise your receipts might lag for many hours before getting processed.

2. They apply to Amazon Mechanical Turk for an account. Be aware that this is a surprisingly involved process, including:
         o The agent must sign up using their actual personal Amazon account. If your account doesn’t have an adequate history of purchases (each of which implies a successful credit card billing transaction and package delivery) or other activity, you will be rejected.
         o The agent must provide their full name, address, and bank account information for reimbursement. Amazon verifies this with a variety of techniques (eg, confirm that your IP is in the country you say you are, verify the bank account is owned by the name and address provided, full criminal background check), and if anything doesn’t add up, you will be rejected.
         o Rejection is final. It requires such an abundance of verifiable documentation (most notably being an active Amazon account with a long history) that you can’t just create a new account and try again.
         o There is no apparent appeals process. Accordingly, I would recommend confirming before hiring that the candidate can pass Amazon Mechanical Turk’s many strict controls because we have no ability to override their judgement.

3. You notify us of the “workerID” of each of your authorized agents.
         o Though you are not obligated to share your staff’s identity with us directly, your staff will still be obligated to follow the Expensify terms of services. Failure to comply with our terms will result in an appropriate response, starting with immediate banning by our automated systems, ranging up to our legal team subpoenaing you (or failing that, Amazon) for the identity of the agent to press charges directly.

4. We will create a “Qualification” for your “Human Intelligence Tasks” (HITs) that ensures only your agents will see your receipts.

5. Your staff will use the Amazon Mechanical Turk interface to discover and process your employee’s receipts.

That’s the solution? This is what passes for security at Expensify? Hire three shifts of employees all using verified personal Amazon accounts and then you can be sure your confidential data is kept confidential?

Wouldn’t it just be easier to create a small webapp that would present receipts to people in a company directly without going through the Mechanical Turk? Heck, why not just bounce it back out to you – it isn’t that great of a chore.

Plus, basically, if you don’t do this Expensify is saying they can’t keep your information secure.

This is what frustrates me the most about “the Cloud”. Everyone is in such a rush to deploy solutions that they just don’t think about security. Hey, it’s only receipts, right? Look what I was able to find out with just a discarded boarding pass – receipts can have much more information. And this is from a company that is supposed to be focused on dealing with expenses.

I demand two things from companies I trust with our information in the cloud: security and transparency. It looks like Expensify has neither.

I will be moving us away from Expensify. If you know of any decent solutions, let me know. Xpenditure looks pretty good, and since they are based in the EU perhaps they understand privacy a little better than they do in San Francisco.

by Tarus at November 27, 2017 10:09 PM

This Week in OpenNMS: November 27th, 2017

It's time for This Week in OpenNMS!

Last week we did more Telemetryd work and a bunch of bug fixing.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus continued his work refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jeff fixed an issue with the karaf snmp:show-config command.
    • Jesse fixed an intermittent JMX issue in containers.
    • I fixed a couple of object-comparison bugs found while debug...

November 27, 2017 11:27 AM

November 20, 2017

This Week in OpenNMS: November 20th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and other work supporting the Horizon and Meridian releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jesse refactored the OSGi Telemetryd adapter to fall back to classpath searches more quickly for non-OSGi telemetry plugins.
    • Markus continued to work...

November 20, 2017 02:45 PM

November 16, 2017

OpenNMS Meridian 2017.1.2 Released

Release 2017.1.2 is the third release of OpenNMS Meridian 2017. It is primarily a security and bug fix release.

The codename for 2017.1.2 is Kraków meridian.

Bug
  • JMX config GUI can’t connect to JMX service with JNDI name not “jmxrmi” (Issue NMS-8596)
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • rescan-exitsing attibute of requisition-def tag in provisiond-configuration.xml is not passed to scanNode() in CoreImportActivities (Issue NMS-9492)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo in regional status geo map: Unacknowledges (for unacknolwedged) (Issue NMS-9700)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • Duty schedules with embedded newlines break startup (Issue NMS-9709)
  • Unexpected errors while generating event definitions from TRAP-TYPE without a DESCRIPTION field (Issue NMS-9718)
  • NPE in Enlinkd bridge topology broadcast domain calculation (Issue NMS-9720)
  • Null pointer exception in SurvellianceViewConfigurationCategoryWindow.java (Issue NMS-9722)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)
Enhancement
  • ES REST plugin not doing preemptive basic auth (Issue NMS-9699)

by RangerRick at November 16, 2017 10:02 PM

OpenNMS Meridian 2016.1.9 Released

Release 2016.1.9 is an update to 2016.1.8 that provides a few bug fixes.

The codename for 2016.1.9 is Winkel tripel.

Bug
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)

by RangerRick at November 16, 2017 09:59 PM

OpenNMS Horizon 21.0.1 (Rachael) Released

OpenNMS Horizon 21.0.1 (code name: Rachael) is now available.

Release 21.0.1 contains a few enhancements but is primarily a bugfix release, including a fix for the rendering issue in the topology UI and other Vaadin-based UI elements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

November 16, 2017 04:50 PM

November 13, 2017

2017 Cubaconf

I’ve just returned from Cubaconf in Havana, which was also my first visit to Cuba. It was a great trip and I’ve got enough material for at least four blog posts. Most of them won’t deal with free and open source software, so I’ll put them up on my personal blog and I’ll add links here when they are done..

Cubaconf is in its second year, and while I really wish they would have called it “Cuba Libré” (grin) it was a good conference.

There is a spectrum within the Free, Libré, Open Source Software (FLOSS) community, and this is often described by trying to separate the term “open source” from “free software”. If we define “open source” as any software with a license that meets requirements of the Open Source Definition (OSD) and “free software” as any software with a license that meets the requirements of the Four Freedoms, they are the same. You can map the ten requirements of the OSD onto the four requirements of free software.

Open Source is Free Software Chart

However, it can be useful to separate those who look at FLOSS as simply a development methodology from those who view it as a social movement. When companies like Microsoft and Facebook publish open source software, they are simply looking to gain value for their business that such sharing can create. It’s a development methodology. When people talk about free software, they tend to focus on the “help your neighbor” aspect of it, and this was more the focus of Cubaconf than simply creating new code.

The main thing I discovered on my visit was that Cubans face severe limitations on many things, but I’ve never met a people more determine to do as much as they can to make their situation better, and to do it with such passion. If I had to pick a theme for the conference, that would be it: passionate continuous improvement.

Cubaconf Registration

The three day conference had the following structure: Day One was a standard conference with keynotes and five tracks of presentations, Day Two had keynotes and more of a “barcamp” organization, and Day Three was set aside for workshops, as well as the obligatory video game tournament.

They did have the best lanyard sponsor I’ve seen at a technology conference:

Cubaconf Lanyard and Badge

I was in Cuba with my friend and coworker Alejandro, who used to live in Venezuela and is a fluent Spanish speaker, and Elizabeth K. Joseph, who promotes the open source aspects of Mesosphere. We shared a three bedroom “casa particular” in Old Havana, about a ten minute walk from the conference, which was held on the second floor (third floor if you are American) of the Colegio de San Gerónimo.

Everyone was together on the main room for the first keynote.

Cubaconf People in Room

While both English and Spanish were spoken at the conference, the presentations were overwhelmingly in Spanish, which was to be expected. I can get by in Spanish, but the first speaker, Ismael Olea, spoke fast even for the native speakers. At least I could understand most of the content in his slides.

Cubaconf Ismael Olea

Olea is from Spain and did a keynote on HackLab Almería. Almería is a province in the southeastern part of Spain, and with a population of around 700,000 people it is much smaller than provinces like Madrid (6.5 million) and Barcelona (5.5 million). As such, the region doesn’t get as much attention as the larger provinces, and so they goal of Hacklab Almería is to use technology at the “hyperlocal” level. They define themselves as a “collective of technological , social and creative experimentation” and FLOSS plays a large role in their mission.

After the keynote, we broke up into individual sessions. I went to one called “How to Make Money with Free Software” presented by Valessio Brito from Brazil. While he spoke mainly in Spanish, his slides were in Portuguese, but I was able to follow along. His presentation focused on how he used his knowledge of FLOSS to get consulting engagements around the world. This was pretty topical since in Cuba, as elsewhere, having strong software skills can be lucrative, and since a lot of proprietary software is either impossible to get or too expensive, having skills in open source software is a plus.

Cubaconf Valessio Brito

Also, I liked his shirt.

Our OpenNMS presentation was in the next time slot. I asked our hosts if they would like the presentation in English or Spanish, and when they said Spanish I asked Alejandro to give it. He did a great job, even though he had only a short time to understand the slides.

Cubaconf Alejandro Galue

The lunch break came next, and we walked a couple of blocks to the Casa de Africa, a museum dedicated to the African influence in Cuban culture.

Cubaconf Lunch Break

We ate sandwiches and talked out on the patio. This would be the location for lunch for all three days.

Cubaconf Maira Sutton

After lunch I watched a presentation by Maira Sutton called “Fighting Cyber Dystopia with Tech Solidarity and the Digital Commons” which is a long way to express the idea of using free software combined with working together to take back some of the power from large corporations. Her main example talked about the city of Austin, Texas, and its fight with Uber and Lyft. Austin wanted all ride sharing drivers to have to undergo a background check that included fingerprints. Sounds reasonable, but Uber and Lyft resisted, eventually leaving the city.

However, services like Uber and Lyft can be downright useful, so a number of startups filled in the gap, offering similar services that met the City’s fingerprint requirements. Instead of acquiescing to local laws, Uber and Lyft took their fight to the State legislature, which overturned Austin’s regulation.

Even though it is a sad ending, the example did demonstrate that combining technology and social action can result in solutions that can meet or exceed those provided by large commercial companies.

Cubaconf First Night's Event

For each night of the conference there was an event, and the one for Tuesday was held at a modern art gallery on the southern side of Old Havana. There was lots of food and drink, and I got exposed to a project called cuban.engineer. This is a group to promote technology careers within Cuba, and I had seen their shirts at the conference.

Cubaconf cuban.engineer shirts

In a lot of the world we take Internet access for granted. I can remember accessing the Internet from the night market in Siem Reap, Cambodia, on an open wi-fi connection. That doesn’t exist in Cuba. Cuba is one of the most disconnected countries in the world, which can make working with technology difficult. Access is controlled by an agency called ETESCA. To access the Internet you purchase a card which offers a certain number of hours of use, and then you have to locate an area with a wi-fi hotspot (usually near a park). The card has a number of digits for a username and a number of digits as a password, and once you get connected you hope you stay connected long enough to do what you need to do.

No one is exempt from this. Even in our apartment the owner would use one of these cards to enable access for the hotspot on the ground floor. So, if you are a technology business in Havana, your first job is to located your office near a hotspot, and then buy a bunch of these cards.

Thus you can imagine that sharing in a big part of the culture. People burn and swap CDs with software such as Ubuntu on them, and they tend to use Gitlab to make local mirrors of code repositories. While wi-fi equipment can be hard to come by, people have been able to set up their own, private wi-fi networks within cities like Havana to make sharing easier. There is no Internet access (I joked that it was Cuba’s “dark web“) but they can set up tools like Rocket.Chat to communicate and share.

Despite limitations in acquiring software, Microsoft Windows is still the most common operating system running on Cuban computers. An attempt was made to create a Cuba focused Linux-based distro called Nova. I was told that they even experimented with making it look as close to Windows 7 as possible, but people were still tied to using Windows. According to Wikipedia this distro is no more, which is a shame.

Cubaconf Mixæl Laufer

The second day started with the meter pegged at full on social justice, with a presentation by Dr. Mixæl S. Laufer, Ph.D., from Four Thieves Vinegar. They are a collective aiming to share information on how to create pharmaceuticals in places where they might not be available. If you live in the US than you probably heard of Martin Shkreli who as CEO of Turing Pharmaceuticals raised prices 5600%, and EpiPen maker Mylan who raised the price of this life saving device several hundred percent just because they could. Laufer showed how you could make your own EpiPen for around $30, among other things.

Now drug companies will say that they have to charge that amount to cover the costs of creating new drugs, but the EpiPen greed demonstrated that wasn’t true. Running health care as a “for profit” enterprise has always seemed inherently wrong due to the incentives being more toward making money versus keeping people healthy, but that is commentary for another time and place.

I had to leave after that presentation for something special. I make classic cocktails as a hobby, and one of our hosts asked me to speak to a school for bartenders (cantineros) on the great tradition of Cuba cocktails. It was a blast and I’ll write that up soon.

Cubaconf Wednesday Event

Wednesday night’s event was held, appropriately, at a bar in an area called Barber’s Alley. It was a fun gathering and I got a nice picture of some of our hosts.

Cubaconf Hosts

Left to right is Jessy, Pablo, pb, and Adalberto.

There was also a guy there who made pipes, specifically replicas of native American peace pipes, and one was passed around.

Cubaconf Peace Pipe

The third and final day was a series of workshops, but was started with a keynote from Ailin Febles, from the Uniōn de Informāticas de Cuba, a non-profit organization to bring together “all technicians, professionals and people related to information and communication technologies in a space that enables mutual support of the associates in the achievement of their professional, academic, scientific, cultural and personal objectives”.

Cubaconf Ailin Febles

Of course, a lot of their organization is driven by open source software.

Cubaconf Software used by UIC

I hope they switch to Nextcloud from Owncloud soon.

There was one morning workshop in English, ironically by a German named Christian Weilbach, on machine learning. I was interested in the topic since I keep hearing about it lately, and the fact that I would probably be able to understand it was a plus. To me machine learning is magic, and I wanted to dispel some of that magic.

Cubaconf Christian Weilbach

It worked. It turns out that machine learning is, to a large extent, what we used to call linear algebra. It just is able to work on much larger and more complex data sets. I’m still eager to play more with this technology, but it was nice to learn that it really isn’t all that new.

Cubaconf Old Car Taxi

After lunch we decided to spend our last afternoon exploring Havana a bit.

Cubaconf Brewery Event

The final evening event was in a brewery, and I enjoyed the beer. What I enjoyed more was the opportunity to talk with Inaury about race in Cuba. Cubans come in all shapes and sizes, from people with light skin, blond hair and blue eyes to people so dark they are almost blue, yet they all seem to interact and socialize with each other more so than any other place I’ve been. I plan to chat more about that in a blog post as well.

Overall I had a great time in Cuba. I love the fact that working in free software means I can make new friends in almost any country, and that even a place with limited resources can put on a great conference. If you get a chance to go to Cubaconf, you should take it.

by Tarus at November 13, 2017 04:29 PM

This Week in OpenNMS: November 13th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes in preparation for the releases this Thursday.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on the vaadin OSGi bug introduced in Horizon 20.
    • Chandra did more work on making it so Telemetryd adapters can be loaded from OSGi.
    • Chandro worked on the NX-OS Telemetryd adapter.
    • Markus fixed preemptive auth in the Elasticsearch ReST client and updated the J...

November 13, 2017 11:09 AM

November 06, 2017

This Week in OpenNMS: November 6th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes targeting the November releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse wrapped up the work on fixing an SNMP thread leak while provisioning.
    • Alejandro fixed some logging on the branch for handling traps without descriptions.
    • Alejandro and Jesse did more work on Amazon SQS code.
    • Jeff wrapped up the mattermost/slack format changes.
    • Jeff improved the...

November 06, 2017 01:48 PM

October 30, 2017

This Week in OpenNMS: October 30th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of work on the new telemetry daemon for the Drift project, released Helm 1.0.0 packages, and did some UI cleanup work on Compass.

Github Project Updates

  • Internals, APIs, and Documentation

    • Alejandro continued his work implementing an Amazon SQS-based sink adapter for Minion forwarding.
    • Alejandro fixed a bug where reloadDaemonConfigSuccessful and reloadDaemonConfigFailed were not being sent on a northbounder daemon reload...

October 30, 2017 03:26 PM

October 23, 2017

This Week in OpenNMS: October 23rd, 2017

It's time for This Week in OpenNMS!

Last week we released Horizon 21 and Meridians 2015.1.8, 2016.1.8, and 2017.1.1.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on persisting Netflow 5 data to elasticsearch.
    • Alejandro worked on implementing and Amazon SQS-based sink adapter for Minion forwarding.
  • Web and UI

    • Seth did more work on the newer Angular-based outage list.
    • Seth fixed some ReSTv2 date-handling relating to null values.
    • Jeff fixed some...

October 23, 2017 01:47 PM

October 19, 2017

OpenNMS Meridian 2017.1.1 Released

Release 2017.1.1 is the second release of OpenNMS Meridian 2017. It contains a number of security and bug fixes and a few small enhancements.

The codename for 2017.1.1 is Meridian of Monte Mario.

Bug
  • An empty category is not shown when in focus (Issue NMS-9423)
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • The button to add a graph to a KSC report doesn’t work (Issue NMS-9498)
  • RadixTreeSyslogParser confuses timezone and hostname fields (Issue NMS-9522)
  • Stale IP Address Cache (Issue NMS-9613)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • trapd may silently discard invalid traps (Issue NMS-9660)
  • Trap event parenting lacks bias toward SNMP primary interfaces (Issue NMS-9666)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)
Enhancement
  • Display AlarmId on Event page (Issue NMS-8445)
  • Check/add support for PostgreSQL 10 (Issue NMS-9679)

by RangerRick at October 19, 2017 09:22 PM

OpenNMS Meridian 2016.1.8 Released

Release 2016.1.8 is an update to 2016.1.7 that provides a few security fixes.

The codename for 2016.1.8 is Hammer retroazimuthal.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)

by RangerRick at October 19, 2017 09:21 PM

OpenNMS Meridian 2015.1.8 Released

Release 2015.1.8 is the ninth release of OpenNMS Meridian 2015. It contains a cross-site-scripting security fix.
The codename for 2015.1.8 is CHOST.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)

by RangerRick at October 19, 2017 09:19 PM

OpenNMS Horizon 21.0.0 (Deckard) Released

OpenNMS Horizon 21.0.0 (code name: Deckard) is now available.

This release is primarily an under-the-hood update, bringing our embedded Karaf from 2.x to the very latest (4.1.2). It also includes Minion improvements, improvements to event parameter handling internally, and much more.

Note: In this release we finally reformatted all of our configuration files in $OPENNMS_HOME/etc to match the way they get written out if you modify them in OpenNMS. Upgrades will likely be a bit more compli...

October 19, 2017 05:08 PM