Planet OpenNMS

December 04, 2017

This Week in OpenNMS: December 4th, 2017

It's time for This Week in OpenNMS!

Last week we did more work on the Drift telemetry project and other refactoring.

Github Project Updates

  • Internals, APIs, and Documentation

    • I made it easier to pass additional JVM options during test builds.
    • Jeff fixed it so RTC subscription events aren't persisted to the database.
    • Seth continued to work on cleaning up JNLP launch of the remote poller.
    • Antonio continued to work on Enlinkd bridge discovery fixes.
    • Dustin and Markus continued t...

December 04, 2017 04:25 PM

November 29, 2017

Update on Expensify

I recently posted a rant on how a vendor we use, Expensify, appeared to be exposing confidential data to workers with the Amazon Mechanical Turk service. In response to the general outcry, they posted a detailed explanation on their blog.

It did little to change my mind.

So apparently what happened is that they used to use the Mechanical Turk from 2009 to 2012, so if you we a customer back then your information was disclosed to those third party workers. Then they stopped, supposedly using some other, similar, in-house system.

But, some genius there decided that the best way for certain customers to insure their receipts were truly private was to have them use the Mechanical Turk with their own staff. I covered that in my first post and it is so complex it hardly registers as a solution.

Of course, they decided to test this new “solution” starting the day before the American Thanksgiving holiday. This was done using receipts from “non-paying customers”. While we pay to use the service (not for much longer), if you were trying it out for free your receipts were exposed to Mechanical Turk workers. Heh, if you aren’t paying for the product you are the product. The post goes on to talk about the security of the Mechanical Turk service, which was surprising because they went on and on about how they didn’t use it.

What really angered me was this paragraph:

The company was away with our families and trying hard to be responsive, while also making the most of a rare opportunity to be with our loved ones. Accordingly, this vacuum of information provided by the company was filled with a variety of well-intentioned but inaccurate theories that generated a bunch of compounding, exaggerated fears. As a family-friendly business we try hard to separate work life from home life, and in this case that separation came at a substantial cost.

Well, boo hoo. If you truly cared about your employees you wouldn’t start a major beta test the day before a big holiday. I spent my holiday worrying about my employees’ personal data possibly being exposed through the Expensify service. Thanks for that.

What pisses me off the most is this condescending Silicon Valley speak that their lack of transparency is somehow our fault. That our fears are just “exaggerated”. When Ryan Schaffer posted on Quora that nothing personal is included on receipts, he demonstrated a tremendous lack of understanding about something on which he should be an expert. As they turn this new leaf and try to be more transparent, I noticed he deleted his answer from the Quora question.

Smells like a cover up to me.

Look, I know that being from North Carolina I can’t possibly understand all the nuances of the brain-heavy Valley, but if Expensify truly does have a “patented, award-winning” methodology for scanning receipts, why don’t they just make that available to their customers instead of using the Turk? This long-winded defense of the Turk seems like they are protesting too much. Something doesn’t make sense here.

I’ve told my folks to stop using SmartScan and that we would move away from Expensify at the end of the year. If you use, or are planning to use, Expensify you should deeply consider whether or not this is a company you want to associate with and if they will act in your best interests.

I decided the answer was “no”.

by Tarus at November 29, 2017 05:38 PM

November 28, 2017

Dougie Stevenson – The Elvis of Network Management

David messaged me yesterday that Dougie Stevenson had died.

I hadn’t seen Dougie in person in a long time, but I’d kept up with him through the very networks he, in part, helped manage. While I had heard he wasn’t in the best of health, the news of his passing hit me harder than I expected.

I can’t remember the first time I met Dougie. I do remember it was always Dougie, rarely Doug and never Douglas. While most adults might drop such a nickname, it is a reflection on his almost childlike friendliness and good nature that he kept it. I do know that I was working at a company called Strategic Technologies at the time, so this would be the mid-1990s. I was working with tools like HP OpenView, and I’d often run into Dougie at OpenView Forum events. When he decided to take a job at Predictive Systems I followed him, even though it meant commuting to DC four to five days a week.

It was at Predictive that I got to see his genius at work. With his unassuming nature and down-to-earth mannerisms it was easy to miss the mind behind them, but when it came to seriously thinking about the problems of managing networks there were few who could match his penchant for great ideas. I used to refer to him as the “Elvis” of network management.

We were both commuters then. While he had lived in many places, he called Texas home as much as I do North Carolina. We were working on a large project for Qwest near the Ballston metro stop, and after work we’d often visit the nearby Pizzeria Uno. The wait staff loved to see Dougie, and would always laugh when he referred to the cheese quesadillas appetizer as “queasy-dillies”. This was back during the first Internet bubble, around 1999, and while many of us were working hard to make our fortune, Dougie never really cared that much for money. He used to joke it would all go to his ex-wives anyway. I know he had been married but we didn’t talk too much about that aspect of his life. He’d much rather talk about the hotrod pickup truck he was always working on when he had the time. I do remember he once walked away from a small fortune over principles – that was just the kind of person he was.

I can’t remember the last time I saw Dougie, but it could have been in Austin back in 2008. I have this really bad picture I took then:

Dougie and Me

Notice he has on his OpenNMS shirt. He never failed to promote our efforts to create a truly free and open source network management platform whenever he could.

As I’ve gotten older, I wish more for time than money. Between the business and the farm I’m kept so busy that I rarely get to spend as much time with the amazing people I know, and it would have been nice to see Dougie at least once more. In any case, a small part of him lives on in the hearts and minds of those who did know him.

Though it saddens me to say it, Elvis has left the building.

by Tarus at November 28, 2017 10:43 PM

November 27, 2017

Expensify and Why I Hate the Cloud

Over the weekend I found out that Expensify, a service I use for my company, outsources a feature to Amazon’s Mechanical Turk service. Expensify handles the management of business expenses, which for a company like ours can be problematic as we do a lot of travel when deploying services. The issue is that the feature, the “smart scanning” of receipts, could potentially expose confidential data to third parties. As a user of Expensify, this bothers me.

Expensify touts “SmartScan” as:

As background, SmartScan is the patented, award-winning technology that underpins our “fire and forget” design for expense management. When you get a receipt, rather than stuffing it into your pocket to dread for later, just:

1. Take your phone out of your pocket
2. SmartScan the receipt
3. Put your phone back in your pocket

What they never told us is that if their “patented, award-winning technology” can’t read your receipt, they send it to the Mechanical Turk, which in turn presents it to a human being who will interpret the receipt manually. The thing is, we have no control over who will see that information, which could be confidential. For example, when I post a receipt for an airline ticket, it may include my record locater, ticket number and itinerary, all of which are sensitive.

This apparently never occurred to the folks at Expensify. Take this Quora answer from Ryan Schaffer, listed as Expensify Director of Marketing & Strategy:

Also, its worth mentioning, they don’t see anything that can personally identify you. They see a date, merchant, and amount. Receipts, by their very nature, are intended be thrown away and are explicitly non-sensitive. Anyone looking at a receipt isunable to tell if that receipt is from me, you, your neighbor, or someone on the other side of the world.

Wrong, wrong, wrong. It seems that Mr. Schaffer may limit his business expenses to the occasional coffee at Starbucks, but for the rest of us it is rarely that limited. For someone whose job is to perfect dealing with receipts, his view is pretty myopic.

For examples of what Expensify exposes, take a look at this tweet by Gary Pendergast.

Information Exposed by Expensify Tweet

It is also worth noting that it appears Expensify does its business on the Mechanical Turk as “Fluffy Cloud” instead of Expensify, which strikes me as a little disingenuous.

In a blog post this morning the company addressed this:

As you might imagine, doing this is easier said than done. Given the enormous scale and 24/7 nature of this task, we have agents positioned around the world to hand off this volume from timezone to timezone. Most of the US team is located in Ironwood, MI or Portland, OR (where we have offices and can train in person). Most of the international team is in Nepal or Honduras (where we work with a third-party provider to manage the on-site logistics). But regardless of the location, every single agent is bound by a confidentiality agreement, and subject to severe repercussions if that agreement is broken.

But if this were true, why are random people on Twitter announcing that they can see this data? Are they relying on the Amazon agreement with the people working as part of the Mechanical Turk? That doesn’t instill much confidence in me. But then in the same blog post they double down, and suggest that if you want extra security, you can just set up your own staff as part of the Mechanical Turk:

1. You hire a 24/7 team of human transcription agents.
         o For the fastest processing we suggest staffing three separate shifts — or daytime shifts in three different offices around the world. Otherwise your receipts might lag for many hours before getting processed.

2. They apply to Amazon Mechanical Turk for an account. Be aware that this is a surprisingly involved process, including:
         o The agent must sign up using their actual personal Amazon account. If your account doesn’t have an adequate history of purchases (each of which implies a successful credit card billing transaction and package delivery) or other activity, you will be rejected.
         o The agent must provide their full name, address, and bank account information for reimbursement. Amazon verifies this with a variety of techniques (eg, confirm that your IP is in the country you say you are, verify the bank account is owned by the name and address provided, full criminal background check), and if anything doesn’t add up, you will be rejected.
         o Rejection is final. It requires such an abundance of verifiable documentation (most notably being an active Amazon account with a long history) that you can’t just create a new account and try again.
         o There is no apparent appeals process. Accordingly, I would recommend confirming before hiring that the candidate can pass Amazon Mechanical Turk’s many strict controls because we have no ability to override their judgement.

3. You notify us of the “workerID” of each of your authorized agents.
         o Though you are not obligated to share your staff’s identity with us directly, your staff will still be obligated to follow the Expensify terms of services. Failure to comply with our terms will result in an appropriate response, starting with immediate banning by our automated systems, ranging up to our legal team subpoenaing you (or failing that, Amazon) for the identity of the agent to press charges directly.

4. We will create a “Qualification” for your “Human Intelligence Tasks” (HITs) that ensures only your agents will see your receipts.

5. Your staff will use the Amazon Mechanical Turk interface to discover and process your employee’s receipts.

That’s the solution? This is what passes for security at Expensify? Hire three shifts of employees all using verified personal Amazon accounts and then you can be sure your confidential data is kept confidential?

Wouldn’t it just be easier to create a small webapp that would present receipts to people in a company directly without going through the Mechanical Turk? Heck, why not just bounce it back out to you – it isn’t that great of a chore.

Plus, basically, if you don’t do this Expensify is saying they can’t keep your information secure.

This is what frustrates me the most about “the Cloud”. Everyone is in such a rush to deploy solutions that they just don’t think about security. Hey, it’s only receipts, right? Look what I was able to find out with just a discarded boarding pass – receipts can have much more information. And this is from a company that is supposed to be focused on dealing with expenses.

I demand two things from companies I trust with our information in the cloud: security and transparency. It looks like Expensify has neither.

I will be moving us away from Expensify. If you know of any decent solutions, let me know. Xpenditure looks pretty good, and since they are based in the EU perhaps they understand privacy a little better than they do in San Francisco.

by Tarus at November 27, 2017 10:09 PM

This Week in OpenNMS: November 27th, 2017

It's time for This Week in OpenNMS!

Last week we did more Telemetryd work and a bunch of bug fixing.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus continued his work refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jeff fixed an issue with the karaf snmp:show-config command.
    • Jesse fixed an intermittent JMX issue in containers.
    • I fixed a couple of object-comparison bugs found while debug...

November 27, 2017 04:27 PM

November 20, 2017

This Week in OpenNMS: November 20th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and other work supporting the Horizon and Meridian releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on refactoring our JMX code to be shared as much as possible between the monitor, collection, and detector implementations.
    • Jesse refactored the OSGi Telemetryd adapter to fall back to classpath searches more quickly for non-OSGi telemetry plugins.
    • Markus continued to work...

November 20, 2017 07:45 PM

November 16, 2017

OpenNMS Meridian 2017.1.2 Released

Release 2017.1.2 is the third release of OpenNMS Meridian 2017. It is primarily a security and bug fix release.

The codename for 2017.1.2 is Kraków meridian.

Bug
  • JMX config GUI can’t connect to JMX service with JNDI name not “jmxrmi” (Issue NMS-8596)
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • rescan-exitsing attibute of requisition-def tag in provisiond-configuration.xml is not passed to scanNode() in CoreImportActivities (Issue NMS-9492)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo in regional status geo map: Unacknowledges (for unacknolwedged) (Issue NMS-9700)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • Duty schedules with embedded newlines break startup (Issue NMS-9709)
  • Unexpected errors while generating event definitions from TRAP-TYPE without a DESCRIPTION field (Issue NMS-9718)
  • NPE in Enlinkd bridge topology broadcast domain calculation (Issue NMS-9720)
  • Null pointer exception in SurvellianceViewConfigurationCategoryWindow.java (Issue NMS-9722)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)
Enhancement
  • ES REST plugin not doing preemptive basic auth (Issue NMS-9699)

by RangerRick at November 16, 2017 10:02 PM

OpenNMS Meridian 2016.1.9 Released

Release 2016.1.9 is an update to 2016.1.8 that provides a few bug fixes.

The codename for 2016.1.9 is Winkel tripel.

Bug
  • Tweak Mattermost notification docs not to specify a channel (Issue NMS-9362)
  • INFO-level “unable to locate resource” log messages for interfaces not persisted by policy (Issue NMS-9388)
  • Northbounders implementation are not sending feedback events for reloadDaemonConfig (Issue NMS-9524)
  • XSS: HTML attribute values with quotes not escaped properly (Issue NMS-9645)
  • Incorrect logging of exceptions in Slack and Mattermost notifications (Issue NMS-9656)
  • IOActive: Reflected Cross-site Scripting in instrumentationLogReader.jsp searchString Parameter (Issue NMS-9672)
  • Typo prevents FIQL query values from being URI-encoded (Issue NMS-9694)
  • Typo: “not elegible” for SNMP primary N enumeration (Issue NMS-9701)
  • ReST v1 does not return errors for unparseable events (Issue NMS-9724)
  • Sending bad XML to the Requisitions ReST end point makes the API unusable (Issue NMS-9725)

by RangerRick at November 16, 2017 09:59 PM

OpenNMS Horizon 21.0.1 (Rachael) Released

OpenNMS Horizon 21.0.1 (code name: Rachael) is now available.

Release 21.0.1 contains a few enhancements but is primarily a bugfix release, including a fix for the rendering issue in the topology UI and other Vaadin-based UI elements.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 20, see the release notes.

November 16, 2017 09:50 PM

November 13, 2017

2017 Cubaconf

I’ve just returned from Cubaconf in Havana, which was also my first visit to Cuba. It was a great trip and I’ve got enough material for at least four blog posts. Most of them won’t deal with free and open source software, so I’ll put them up on my personal blog and I’ll add links here when they are done..

Cubaconf is in its second year, and while I really wish they would have called it “Cuba Libré” (grin) it was a good conference.

There is a spectrum within the Free, Libré, Open Source Software (FLOSS) community, and this is often described by trying to separate the term “open source” from “free software”. If we define “open source” as any software with a license that meets requirements of the Open Source Definition (OSD) and “free software” as any software with a license that meets the requirements of the Four Freedoms, they are the same. You can map the ten requirements of the OSD onto the four requirements of free software.

Open Source is Free Software Chart

However, it can be useful to separate those who look at FLOSS as simply a development methodology from those who view it as a social movement. When companies like Microsoft and Facebook publish open source software, they are simply looking to gain value for their business that such sharing can create. It’s a development methodology. When people talk about free software, they tend to focus on the “help your neighbor” aspect of it, and this was more the focus of Cubaconf than simply creating new code.

The main thing I discovered on my visit was that Cubans face severe limitations on many things, but I’ve never met a people more determine to do as much as they can to make their situation better, and to do it with such passion. If I had to pick a theme for the conference, that would be it: passionate continuous improvement.

Cubaconf Registration

The three day conference had the following structure: Day One was a standard conference with keynotes and five tracks of presentations, Day Two had keynotes and more of a “barcamp” organization, and Day Three was set aside for workshops, as well as the obligatory video game tournament.

They did have the best lanyard sponsor I’ve seen at a technology conference:

Cubaconf Lanyard and Badge

I was in Cuba with my friend and coworker Alejandro, who used to live in Venezuela and is a fluent Spanish speaker, and Elizabeth K. Joseph, who promotes the open source aspects of Mesosphere. We shared a three bedroom “casa particular” in Old Havana, about a ten minute walk from the conference, which was held on the second floor (third floor if you are American) of the Colegio de San Gerónimo.

Everyone was together on the main room for the first keynote.

Cubaconf People in Room

While both English and Spanish were spoken at the conference, the presentations were overwhelmingly in Spanish, which was to be expected. I can get by in Spanish, but the first speaker, Ismael Olea, spoke fast even for the native speakers. At least I could understand most of the content in his slides.

Cubaconf Ismael Olea

Olea is from Spain and did a keynote on HackLab Almería. Almería is a province in the southeastern part of Spain, and with a population of around 700,000 people it is much smaller than provinces like Madrid (6.5 million) and Barcelona (5.5 million). As such, the region doesn’t get as much attention as the larger provinces, and so they goal of Hacklab Almería is to use technology at the “hyperlocal” level. They define themselves as a “collective of technological , social and creative experimentation” and FLOSS plays a large role in their mission.

After the keynote, we broke up into individual sessions. I went to one called “How to Make Money with Free Software” presented by Valessio Brito from Brazil. While he spoke mainly in Spanish, his slides were in Portuguese, but I was able to follow along. His presentation focused on how he used his knowledge of FLOSS to get consulting engagements around the world. This was pretty topical since in Cuba, as elsewhere, having strong software skills can be lucrative, and since a lot of proprietary software is either impossible to get or too expensive, having skills in open source software is a plus.

Cubaconf Valessio Brito

Also, I liked his shirt.

Our OpenNMS presentation was in the next time slot. I asked our hosts if they would like the presentation in English or Spanish, and when they said Spanish I asked Alejandro to give it. He did a great job, even though he had only a short time to understand the slides.

Cubaconf Alejandro Galue

The lunch break came next, and we walked a couple of blocks to the Casa de Africa, a museum dedicated to the African influence in Cuban culture.

Cubaconf Lunch Break

We ate sandwiches and talked out on the patio. This would be the location for lunch for all three days.

Cubaconf Maira Sutton

After lunch I watched a presentation by Maira Sutton called “Fighting Cyber Dystopia with Tech Solidarity and the Digital Commons” which is a long way to express the idea of using free software combined with working together to take back some of the power from large corporations. Her main example talked about the city of Austin, Texas, and its fight with Uber and Lyft. Austin wanted all ride sharing drivers to have to undergo a background check that included fingerprints. Sounds reasonable, but Uber and Lyft resisted, eventually leaving the city.

However, services like Uber and Lyft can be downright useful, so a number of startups filled in the gap, offering similar services that met the City’s fingerprint requirements. Instead of acquiescing to local laws, Uber and Lyft took their fight to the State legislature, which overturned Austin’s regulation.

Even though it is a sad ending, the example did demonstrate that combining technology and social action can result in solutions that can meet or exceed those provided by large commercial companies.

Cubaconf First Night's Event

For each night of the conference there was an event, and the one for Tuesday was held at a modern art gallery on the southern side of Old Havana. There was lots of food and drink, and I got exposed to a project called cuban.engineer. This is a group to promote technology careers within Cuba, and I had seen their shirts at the conference.

Cubaconf cuban.engineer shirts

In a lot of the world we take Internet access for granted. I can remember accessing the Internet from the night market in Siem Reap, Cambodia, on an open wi-fi connection. That doesn’t exist in Cuba. Cuba is one of the most disconnected countries in the world, which can make working with technology difficult. Access is controlled by an agency called ETESCA. To access the Internet you purchase a card which offers a certain number of hours of use, and then you have to locate an area with a wi-fi hotspot (usually near a park). The card has a number of digits for a username and a number of digits as a password, and once you get connected you hope you stay connected long enough to do what you need to do.

No one is exempt from this. Even in our apartment the owner would use one of these cards to enable access for the hotspot on the ground floor. So, if you are a technology business in Havana, your first job is to located your office near a hotspot, and then buy a bunch of these cards.

Thus you can imagine that sharing in a big part of the culture. People burn and swap CDs with software such as Ubuntu on them, and they tend to use Gitlab to make local mirrors of code repositories. While wi-fi equipment can be hard to come by, people have been able to set up their own, private wi-fi networks within cities like Havana to make sharing easier. There is no Internet access (I joked that it was Cuba’s “dark web“) but they can set up tools like Rocket.Chat to communicate and share.

Despite limitations in acquiring software, Microsoft Windows is still the most common operating system running on Cuban computers. An attempt was made to create a Cuba focused Linux-based distro called Nova. I was told that they even experimented with making it look as close to Windows 7 as possible, but people were still tied to using Windows. According to Wikipedia this distro is no more, which is a shame.

Cubaconf Mixæl Laufer

The second day started with the meter pegged at full on social justice, with a presentation by Dr. Mixæl S. Laufer, Ph.D., from Four Thieves Vinegar. They are a collective aiming to share information on how to create pharmaceuticals in places where they might not be available. If you live in the US than you probably heard of Martin Shkreli who as CEO of Turing Pharmaceuticals raised prices 5600%, and EpiPen maker Mylan who raised the price of this life saving device several hundred percent just because they could. Laufer showed how you could make your own EpiPen for around $30, among other things.

Now drug companies will say that they have to charge that amount to cover the costs of creating new drugs, but the EpiPen greed demonstrated that wasn’t true. Running health care as a “for profit” enterprise has always seemed inherently wrong due to the incentives being more toward making money versus keeping people healthy, but that is commentary for another time and place.

I had to leave after that presentation for something special. I make classic cocktails as a hobby, and one of our hosts asked me to speak to a school for bartenders (cantineros) on the great tradition of Cuba cocktails. It was a blast and I’ll write that up soon.

Cubaconf Wednesday Event

Wednesday night’s event was held, appropriately, at a bar in an area called Barber’s Alley. It was a fun gathering and I got a nice picture of some of our hosts.

Cubaconf Hosts

Left to right is Jessy, Pablo, pb, and Adalberto.

There was also a guy there who made pipes, specifically replicas of native American peace pipes, and one was passed around.

Cubaconf Peace Pipe

The third and final day was a series of workshops, but was started with a keynote from Ailin Febles, from the Uniōn de Informāticas de Cuba, a non-profit organization to bring together “all technicians, professionals and people related to information and communication technologies in a space that enables mutual support of the associates in the achievement of their professional, academic, scientific, cultural and personal objectives”.

Cubaconf Ailin Febles

Of course, a lot of their organization is driven by open source software.

Cubaconf Software used by UIC

I hope they switch to Nextcloud from Owncloud soon.

There was one morning workshop in English, ironically by a German named Christian Weilbach, on machine learning. I was interested in the topic since I keep hearing about it lately, and the fact that I would probably be able to understand it was a plus. To me machine learning is magic, and I wanted to dispel some of that magic.

Cubaconf Christian Weilbach

It worked. It turns out that machine learning is, to a large extent, what we used to call linear algebra. It just is able to work on much larger and more complex data sets. I’m still eager to play more with this technology, but it was nice to learn that it really isn’t all that new.

Cubaconf Old Car Taxi

After lunch we decided to spend our last afternoon exploring Havana a bit.

Cubaconf Brewery Event

The final evening event was in a brewery, and I enjoyed the beer. What I enjoyed more was the opportunity to talk with Inaury about race in Cuba. Cubans come in all shapes and sizes, from people with light skin, blond hair and blue eyes to people so dark they are almost blue, yet they all seem to interact and socialize with each other more so than any other place I’ve been. I plan to chat more about that in a blog post as well.

Overall I had a great time in Cuba. I love the fact that working in free software means I can make new friends in almost any country, and that even a place with limited resources can put on a great conference. If you get a chance to go to Cubaconf, you should take it.

by Tarus at November 13, 2017 04:29 PM

This Week in OpenNMS: November 13th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes in preparation for the releases this Thursday.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on the vaadin OSGi bug introduced in Horizon 20.
    • Chandra did more work on making it so Telemetryd adapters can be loaded from OSGi.
    • Chandro worked on the NX-OS Telemetryd adapter.
    • Markus fixed preemptive auth in the Elasticsearch ReST client and updated the J...

November 13, 2017 04:09 PM

November 06, 2017

This Week in OpenNMS: November 6th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of Telemetryd work and a few other bug fixes targeting the November releases.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse wrapped up the work on fixing an SNMP thread leak while provisioning.
    • Alejandro fixed some logging on the branch for handling traps without descriptions.
    • Alejandro and Jesse did more work on Amazon SQS code.
    • Jeff wrapped up the mattermost/slack format changes.
    • Jeff improved the...

November 06, 2017 06:48 PM

October 30, 2017

This Week in OpenNMS: October 30th, 2017

It's time for This Week in OpenNMS!

Last week we did a lot of work on the new telemetry daemon for the Drift project, released Helm 1.0.0 packages, and did some UI cleanup work on Compass.

Github Project Updates

  • Internals, APIs, and Documentation

    • Alejandro continued his work implementing an Amazon SQS-based sink adapter for Minion forwarding.
    • Alejandro fixed a bug where reloadDaemonConfigSuccessful and reloadDaemonConfigFailed were not being sent on a northbounder daemon reload...

October 30, 2017 03:26 PM

October 23, 2017

This Week in OpenNMS: October 23rd, 2017

It's time for This Week in OpenNMS!

Last week we released Horizon 21 and Meridians 2015.1.8, 2016.1.8, and 2017.1.1.

Github Project Updates

  • Internals, APIs, and Documentation

    • Markus worked on persisting Netflow 5 data to elasticsearch.
    • Alejandro worked on implementing and Amazon SQS-based sink adapter for Minion forwarding.
  • Web and UI

    • Seth did more work on the newer Angular-based outage list.
    • Seth fixed some ReSTv2 date-handling relating to null values.
    • Jeff fixed some...

October 23, 2017 01:47 PM

October 19, 2017

OpenNMS Meridian 2017.1.1 Released

Release 2017.1.1 is the second release of OpenNMS Meridian 2017. It contains a number of security and bug fixes and a few small enhancements.

The codename for 2017.1.1 is Meridian of Monte Mario.

Bug
  • An empty category is not shown when in focus (Issue NMS-9423)
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • The button to add a graph to a KSC report doesn’t work (Issue NMS-9498)
  • RadixTreeSyslogParser confuses timezone and hostname fields (Issue NMS-9522)
  • Stale IP Address Cache (Issue NMS-9613)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • trapd may silently discard invalid traps (Issue NMS-9660)
  • Trap event parenting lacks bias toward SNMP primary interfaces (Issue NMS-9666)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)
Enhancement
  • Display AlarmId on Event page (Issue NMS-8445)
  • Check/add support for PostgreSQL 10 (Issue NMS-9679)

by RangerRick at October 19, 2017 09:22 PM

OpenNMS Meridian 2016.1.8 Released

Release 2016.1.8 is an update to 2016.1.7 that provides a few security fixes.

The codename for 2016.1.8 is Hammer retroazimuthal.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)

by RangerRick at October 19, 2017 09:21 PM

OpenNMS Meridian 2015.1.8 Released

Release 2015.1.8 is the ninth release of OpenNMS Meridian 2015. It contains a cross-site-scripting security fix.
The codename for 2015.1.8 is CHOST.

Bug
  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)

by RangerRick at October 19, 2017 09:19 PM

OpenNMS Horizon 21.0.0 (Deckard) Released

OpenNMS Horizon 21.0.0 (code name: Deckard) is now available.

This release is primarily an under-the-hood update, bringing our embedded Karaf from 2.x to the very latest (4.1.2). It also includes Minion improvements, improvements to event parameter handling internally, and much more.

Note: In this release we finally reformatted all of our configuration files in $OPENNMS_HOME/etc to match the way they get written out if you modify them in OpenNMS. Upgrades will likely be a bit more compli...

October 19, 2017 09:08 PM

October 16, 2017

This Week in OpenNMS: October 16th, 2017

It's time for This Week in OpenNMS!

Last week we continued progress towards Horizon 21, due this week.

Github Project Updates

  • Internals, APIs, and Documentation

    • Chandra worked on minion system tests for Telemetryd.
    • I wrapped up my work on normalizing configuration files for Horizon 21.
    • I added support for PostgreSQL 10.
    • Markus added some code to the installer to verify the database and system time match.
    • Christian did more work on cleaning up the location:IP cache code.
    • Set...

October 16, 2017 03:03 PM

October 14, 2017

Sneak peek IFTTT integration in Horizon 21

People familiar with production lines are familiar with using Stack Lights to indicate the status of a machine.

Wouldn't it be cool to have something similar as a status indicator for your IT-Infrastructure? This question is probably ~20 years old and we've ended up with things like the USB Table Traffic Light that you can buy now for arround 70,-€. Some diehard users of OpenNMS might already know its ancestor: onmsblink. It uses the blink1 USB multicolour LED and shows overall status...

October 14, 2017 01:48 AM

October 09, 2017

Monitoring Storcli based Megaraid/LSI RAID controllers

What happens when there are broken disks and degraded RAID volumes and nobody knows about them? Monitoring disks and RAID volumes is a fundamental part of rolling out a monitoring solution.

Unfortunately, manufactures for RAID controllers create their own tooling, which makes it difficult to monitor them using generic monitoring protocols. If you are familiar with the LSI MegaRAID controller, you probably also know the Storcli tool. It almost has super cow powers and provides all the inform...

October 09, 2017 10:23 PM

This Week in OpenNMS: October 9th, 2017

It's time for This Week in OpenNMS!

Last week we continued progress towards Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jesse fixed some issues in the trap handler.
    • Alejandro worked on updating us to the latest Apache Commons HTTP client.
    • Seth continued to work on upgrading Karaf to 4.1.
    • I (finally) moved the netmask field from the SNMP interface table to the IP interface table.
    • I worked on reformatting our configuration files to make them match the...

October 09, 2017 02:28 PM

October 02, 2017

This Week in OpenNMS: October 2nd, 2017

It's time for This Week in OpenNMS!

Last week we released Meridian 2017, as well as maintenance releases of Meridian 2015 and 2016. We continued progress towards releasing Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • Ronny continued working on migrating our documentation to AsciiBinder.
    • Dustin continued working on the location:node cache.
    • Jeff added support for clear-alarm in the Spectrum event importer.
    • Jeff cleaned up WS-Man collection to match WMI...

October 02, 2017 02:27 PM

September 28, 2017

OpenNMS Meridian 2017.1.0 Released

Release 2017.1.0 is the first release of OpenNMS Meridian 2017. It is based on OpenNMS Horizon 19, plus a number of other bug fixes and changes that went into Horizon 20.

The codename for 2017.1.0 is Bering Strait.

What’s New in OpenNMS Meridian 2017?

Since Meridian 2016, a huge number of backend changes have occurred, including a large refactor of provisioning, many cleanups in Enlinkd, and a number of new features including the Business Service Monitor.

New features include:

  • Business Service Monitor: Provides a high-level correlation of business rules, and to display them in the topology map.
  • Slack notifications.
  • Plugin Manager: An API for adding 3rd-party “plugins” to OpenNMS.
  • Many UI enhancements in topology, provisioning, and elsewhere.
  • Elasticsearch ReST Forwarder: Store events, alarms, and alarm state changes in Elasticsearch for archival or searching.

For a complete list of new features, breaking changes, and upgrade notes, see The Meridian 2017 release notes.

by RangerRick at September 28, 2017 07:56 PM

OpenNMS Meridian 2016.1.7 Released

Release 2016.1.7 is an update to 2016.1.6 that provides a number of small bug fixes.

The codename for 2016.1.7 is Tobler hyperelliptical.

Bugs Fixed:

  • INFO-severity syslog-derived events end up unmatched (Issue NMS-8106)
  • Resource graph forecast page lacks header (Issue NMS-8856)
  • Allow provisiond to perform reverse lookups without requiring an A record (foundation-2016) (Issue NMS-9406)
  • No bounds-checking in processing of DHCP Options (Issue NMS-9420)
  • The reason parameter for a nodeLostService event is limited to 255 characters (Issue NMS-9550)
  • The remote-poller.sh script looks for the remote-poller.jar file in the wrong location (Issue NMS-9606)
  • vmware importer fails with NPE (Issue NMS-9611)
  • Basic syslog messages with Informational severity turn into unknown events (Issue NMS-9615)
  • quick add node is broken (Issue NMS-9618)
  • Remote poller logs have place holders for their names (Issue NMS-9621)
  • Remote Poller log path incorrect when using the NSIS installer (Issue NMS-9631)

by RangerRick at September 28, 2017 07:48 PM

OpenNMS Meridian 2015.1.7 Released

Release 2015.1.7 is the eighth release of OpenNMS Meridian 2015. It contains a few small bug fixes.
The codename for 2015.1.7 is ROTT.

Bugs Fixed:

  • The reason parameter for a nodeLostService event is limited to 255 characters (Issue NMS-9550)
  • Remote Poller log path incorrect when using the NSIS installer (Issue NMS-9631)

by RangerRick at September 28, 2017 07:46 PM

September 25, 2017

OpenNMS.js v1.0.2

This is a bugfix release to fix support for making ReSTv2 queries against OpenNMS Horizon 20.1.x.

by RangerRick at September 25, 2017 03:45 PM

This Week in OpenNMS: September 25th, 2017

It's time for This Week in OpenNMS!

Last week we did prep-work for Meridian 2017 and Horizon 20.1, as well as continuing to work on JTI integration.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more remote poller logging cleanup.
    • Jesse did more work on JTI telemetry support.
    • Seth updated JNA to 4.4.0.
    • Dustin worked on supporting multiple nodes with the same IP in the location:IP cache.
    • Seth did more work updating our embedded Karaf.
  • Web and UI

    • Se...

September 25, 2017 03:16 PM

September 21, 2017

OpenNMS Horizon 20.1.0 (Zorg) Released

OpenNMS Horizon 20.1.0 (code name: Zorg) is now available.

Horizon 20.1.0 is based on Horizon 20.0.2 plus additional work done in preparation for Meridian 2017, including a new ReST API to support enhanced OpenNMS Grafana inetgration.

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 19, see the release notes.

September 21, 2017 07:55 PM

September 20, 2017

2017 Ohio Linuxfest

The Ohio Linuxfest was one of the first open source conferences I ever attended, way back in 2010. I had heard about it from the local Linux Users Group, TriLUG, and we ended up renting a van and taking a couple of other open source geeks with us, including “Mr. IPv6” Kevin Otte.

It was a blast.

Ohio Linuxfest Banner

This year looks like another great show, with one of my favorite people, Karen Sandler, giving a keynote on Friday and yours truly will be giving the last keynote on Saturday.

If you are into free and open source software and are able to make it, I strongly encourage you to check out the conference. You’ll be glad you did.

by Tarus at September 20, 2017 02:56 PM

September 19, 2017

2017 Australian Network Operators Group Conference

Back in June I was chatting with “mobius” about all things OpenNMS. He lives and works in Perth, Australia, and suggested that I do a presentation at AusNOG, the Australian Network Operators Group.

One of the things we struggle with at OpenNMS is figuring out how to make people aware it exists. My rather biased opinion is that it is awesome, but a lot of people have never heard of it. To help with that I used to attend a lot of free and open source conferences, but we’ve found out over the years that our user base tends to be more along the lines of large enterprises and network operators that might not be represented at such shows.

Imagine my surprise when I found out that there were a whole slew of NOGs, network operator groups, around the world. It seems to me that people who attend these conferences have a more immediate need for OpenNMS, and with that in mind I submitted a talk to AusNOG. I was very happy it was selected, not in the least because I would get to return to Australia for a third time.

AusNOG David Hughes

I wasn’t sure what to expect, but was pleasantly surprised. The event was extremely well organized and I really liked the format. Many conferences as they become successful respond by adding multiple tracks. This can be useful if the tracks are easy to delineate, but often you can get “track bloat” where the attendees get overwhelmed with choice and as a presenter you can end up with a nearly empty room if you are scheduled against a popular speaker. At AusNOG there is only one track of somewhat short, highly curated talks that results in a very informative conference without the stress of trying to determine the best set of talks to attend.

AusNOG Program

(Note: Visit the “programme” site and click on talk titles to download the presentations)

The venue was very nice as well. Held at the Langham Hotel, the conference took place in a ballroom that held the 200+ people with a lobby out front for socializing and a few sponsor booths. The program consisted of 90 minutes of presentations separated by a break. They alternated sets of three 30 minute talks with two 45 minutes talks. I found all of the presentations interesting, but I have to admit that I spent a lot of time looking up unfamiliar acronyms. As network operators Autonomous System (AS) numbers were thrown around in much the same way SNMP Private Enterprise Numbers are shared among network management geeks. Australia is also in the process of implementing a nationwide National Broadband Network (nbn™) to provide common infrastructure across the country, so of course that was the focus of a number of talks.

In the middle of each day we broke for lunch which was pretty amazing. The Langham restaurant had a sushi section, a section for Indian food, a large buffet of your standard meat and veg, and at least three dessert sections: one with “healthy” fruit and cheese, another focused on ice cream and a chocolate fountain, and a large case full of amazing pastries and other desserts. All with a view out over the Yarra river.

AusNOG Yarra River

I really liked the format of AugNOG and suggest we adopt it for the next OpenNMS conference. For those few talks that were either over my head or not really of interest, they were over pretty quickly, but I found myself enjoying most of them. I thought it was interesting that concepts we usually equate with the managing servers are being adopted on the network side. One talk discussed topics such as running switch software in containers, while another discussed using Ansible and Salt to manage the configuration of network gear.

AusNOG Runing Switch Software in Containers

I was happy to see that my talk wasn’t the only one that focused on open source. Back fifteen years ago getting large companies to adopt an open source solution was still in the evangelical stage, but now it is pretty much standard. Even Facebook presented a talk on their open source NetNORAD project for monitoring using a distributed system to measure latency and packet loss.

I did have a few favorite talks. In “The Future Is Up in the Sky” Jon Brewer discussed satellite Internet. As someone who suffered for years with a satellite network connection, it was interesting to learn what is being done in this area. I used a system with a satellite in geosynchronous orbit which, while it worked, ended up with latency on the order of a second in real-world use. It turns out that there are a number of solutions using shorter distances with satellites in low earth or high earth orbit. While they present their own challenges, it is still the most promising way to get network access to remote areas.

Another talk by Mark Nottingham discussed issues associated with the increased use of encrypted protocols and the challenges they create for network operators. While the civil libertarian in me applauds anything that makes it harder for surveillance to track users, as a network monitoring guy this can make it more difficult to track down the cause of network issues.

And this will become even more important as the network changes with the adoption of Internet of Things (IoT) devices. Another good talk discussed the issue of IoT security. Even today the main consensus is that you protect weakly secured devices with a firewall, but a number of new exploits leverage infected systems within the firewall for DDoS attacks.

AusNOG Internet of Things Vulnerabilities

I think my own talk went well, it was hard to squeeze a good introduction to OpenNMS into 30 minutes. I did manage it – 30 minutes on the nose – but it didn’t leave time for questions. As a speaker I really liked the feedback the conference provided in the form of a rather long report showing what the attendees thought of the talk, complete with cool graphs.

AusNOG Speaker Response

I really enjoyed this conference, both as an attendee and a speaker. While I hope to speak to more NOGs I would much rather encourage OpenNMS users who are happy with the project to submit real-world talks on how they use the platform to their local tech groups. I think it tells a much stronger story to have someone a little less biased than myself talking about OpenNMS, and plus you get to visit cool conferences like AusNOG.

by Tarus at September 19, 2017 04:10 PM

September 18, 2017

Help Get OpenNMS Packaged by Bitnami

As someone who has used OpenNMS for, well, many years, I think it is a breeze to get installed. Simply add the repository to your server, install the package(s), run the installer and start it.

However, there are a number of new users who still have issues getting it installed. This is not a problem limited just to OpenNMS but can be a problem across a number of open source projects.

Enter Bitnami. Bitnami is a project to package applications to make them easier to install: natively, in the cloud, in a container or as a virtual machine. Ronny pointed out that OpenNMS is listed in their “wishlist” section, and if we can get enough votes, perhaps they will add it to their stack.

Bitnami also happens to have a great team, lead in part by the ever amazing Erica Brescia. As I write this we have less that 50 votes, with the current leaders being over 1200, so there is a long way to go. I’d appreciate your support, and once you vote you get a second chance to vote again via the socials.

Bitnami OpenNMS Wishlist

Thanks, and thanks to Bitnami for the opportunity.

by Tarus at September 18, 2017 07:55 PM

This Week in OpenNMS: September 18th, 2017

It's time for This Week in OpenNMS!

Last week was more development work on JTI support, wrapping up of Helm, and prepping for Meridian 2017 and a new Horizon release.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth and I worked on fixing logging in the remote poller.
    • Jesse and Chandra worked on implementing JTI stream data collection.
    • Jesse fixed location-handling in newSuspect events.
    • Christian worked on fixing some import errors in the VMware adapter.
    • Ronny w...

September 18, 2017 03:28 PM

September 13, 2017

OpenNMS.js v1.0.1

This is a small release to fix an authentication issue in the Grafana HTTP interface.

by RangerRick at September 13, 2017 11:54 PM

Monitor your Synology NAS with SNMP

Network Attached Storage devices are very popular in small or medium offices or at home to store and share data.

Synology is one of the manufactures who build their devices with SNMP support to provide monitoring and managment capabilities. This makes it very easy to let OpenNMS keep an eye on your NAS and it can tell you if something goes wrong. All you need to do is, use the SNMP Monitor and configure the OIDs you want to monitor. Nobody likes to investigate MIB files, so I have shared my...

September 13, 2017 10:13 PM

September 11, 2017

This Week in OpenNMS: September 11th, 2017

It's time for This Week in OpenNMS!

Last week was more Helm wrap-up and fixing issues to prepare for the release of Meridian 2017.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did some cleanup of misformatted APC eventconf entries.
    • Jesse started working on adding support for Juniper Telemetry Interface.
    • Christian fixed the startup path in the remote poller script.
    • Seth fixed the criteria API to handle stacking join conditions.
    • I fixed our DHCP handler to dea...

September 11, 2017 02:29 PM

September 08, 2017

OpenNMS.js v0.1.0-alpha.2

re-released with an updated version for npmjs

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v0.1.0-alpha.3

Bug Fixes

  • browser: fix error when using the dev .js file in a browser (ee7d22a)
  • cli: only attempt to read the configuration file if it exists (2339c6d)
  • dao: handle single-entry array responses (6c66be6)
  • rest: fix axios include handling (e461831)
  • rest: fix handling of XML data in node (70fd445)
  • rest: generate a node version with webpack (58d2938)
  • v2: consider the server type when comparing the version numbers (e2c03ee)
  • v2: fix handling of 204 codes (a352ea8)
  • v2: remove the implicit wildcards (4940010)

Features

  • alarms: expose the sticky and journal memos (adbcb3a)
  • dao: add alarm ack/unack/escalate/clear support (f44f8d7)
  • rest: add PUT support (b50d99e)
  • v2: add support for nested restrictions with boolean operators (09cd705)
  • v2: add support for the v2 api (eb1b165)

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v1.0.0-beta.1

Bug Fixes

  • api: fix comparator matching (6897389)
  • api: handle Meridian properly in useJson (740cdf1)
  • dao: fix handling of 204s in Grafana - the data is null (55028cb)
  • js-10: Handle single alarm (xml) result properly (544c174)
  • js-12: Make breakpoints work (13fb9ae)
  • log: bump logging of missing count down to DEBUG (00b3e1b)
  • rest: fix clonedeep import in the CLI (e2e9d79)
  • rest: fix crash when options is undefined in getServer (7768b48)
  • rest: make sure passed options don't leak (9b9dee4)
  • rest: only set up global if it exists (eg, Node.js, not browser) (7a1b2c3
    )
  • rest: webpack still needs to fake global for browsers (8f7fa5a)

Features

  • alarms: add support for manipulating journal and sticky memos (875e268)
  • alarms: implement ticket create/update/close (93ff386)
  • api: add "ISNULL" alias to comparator (3a243a5)
  • api: consider 202 a successful HTTP response (d21e5e1)
  • api: static method for matching a comparator (df90751)
  • cli: add --version, also a warning about passwords (1c07be9)
  • cli: make a cli bundle in dist/ (02298d7)
  • dao: add alarm setTTicketId/setTTicketState (bb429f6)
  • dao: add ReSTv2 support to event and node DAOs (c524493)
  • dao: implement querying ReSTv2 search properties (a588325)
  • dao: Include comparators and values (JS-11) (9ad41d2)
  • dao: use JSON against modern (19+) OpenNMS instead of XML (c17db2c)
  • rest: add POST support (d3af9e2)
  • rest: return a useful OnmsResult on error (094399c)

by RangerRick at September 08, 2017 07:22 PM

OpenNMS.js v1.0.0

This is the first official release of OpenNMS.js.

OpenNMS.js currently supports a subset of the OpenNMS ReST API:

  • query alarms, events, and nodes (including complex queries against OpenNMS Horizon 21+ and Meridian 2017+)
  • acknowledge, escalate, and clear alarms
  • create, update, and close trouble tickets against an alarm
  • create, update, and delete alarm sticky memos
  • create, update, and delete alarm journal memos

Changes since 1.0.0-beta.1

Bug Fixes
  • api: add missing modules to API export (53fad98)
  • api: add workaround for Error init + clean up docs (6f7a4ab)
  • dao: Map troubleTicketState properly (JS-24) (86fc298)
  • dao: URL-encode FIQL values (NMS-9578) (9a335e8)
  • rest: Do not reset headers when headers defined (2f360fd)
  • rest: Do not set responseType on request (0c2b6f4)
  • rest: Use err.data.response if exists as message (4875b9c)
  • rest: use negative offset for dates to work around a server issue (abdfc0b)
Features
  • alarms: expose a link to the alarm details page (HELM-55) (8795818)
  • api: add metadata call to detect ticketer config support (bf0255b)
  • api: Include ticketer configuration. JS-17 (2728734)
  • dao: Add capability to fetch values from alarm v2 endpoint (JS-22) (637443f)
  • dao: Add more complex null value handling for v2 (JS-20) (7817b4a)
  • dao: add user parameter to unack (JS-19) (90c128d)
  • dao: expose the event label and locations (HELM-13) (3395039)
  • dao: Include troubleTicketLink if defined (JS-23) (7420218)
  • dao: support dates in query parameters (JS-15) (d9884b6)
  • internal: add utility methods for dealing with dates (c40450b)
  • rest: Improve OnmsError object and GrafanaHttp error handling (72d6e32)
  • rest: only parse requests on success (JS-13) (aa9257d)

by RangerRick at September 08, 2017 07:22 PM

September 06, 2017

This Week in OpenNMS: September 6th, 2017

It's time for This Week in OpenNMS!

Last week was a short week because of the Labor Day holiday, but we continued wrapping up Helm changes and working on bug fixes in preparation for Meridian 2017.

Github Project Updates

  • Internals, APIs, and Documentation

    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers. I have the foundation and foundation-2016 branches building cleanly, and have managed to run them on Elastic Bamboo instances, so we'...

September 06, 2017 02:29 PM

September 01, 2017

2017 Australian Network Operators Group (AusNOG) Conference

I am excited to be returning to Australia for the third time next week. This trip is to speak at the Australian Network Operators Group (AusNOG) annual conference in Melbourne.

AusNOG Promo Graphic

I can’t believe I’ve gone for so long and not known about Network Operator Groups (NOGs). There are quite a few of them and I think they would be a perfect audience to introduce to the OpenNMS Project. One of our users on the OpenNMS chat server is from Perth and he made me aware of the conference, and I was humbled and delighted to have my presentation accepted.

At OpenNMS we strive very hard to separate the project (.org) from the commercial entity that supports the project (.com) and this presentation will be strictly focused on the project. It’s a wonderful thing about OpenNMS: if it meets your needs, cool. If not, also cool. I just want more people to be aware of open source options, especially in the carrier and enterprise space.

And it looks like open source is definitely making inroads at AusNOG. The talk before mine is about Ansible and Salt. There is another talk on using open source to build a version of NetNorad, and another one on open source for big data analytics. The one after mine is about modern network monitoring, so I hope I tick at least a few boxes on his list.

I hope to see you there (although it looks like it is sold out) but let me know if you are in the area and perhaps I can at least say “hi”.

by Tarus at September 01, 2017 04:25 PM

August 28, 2017

This Week in OpenNMS: August 28th, 2017

It's time for This Week in OpenNMS!

In the last week we have been working on wrapping up the Helm project, and continuing to finish up the work that will become Meridian 2017 and OpenNMS Horizon 21.

Github Project Updates

  • Internals, APIs, and Documentation

    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers.
    • Christian and Dustin did more work on moving event parms to a separate database table.
    • DJ worked on cleaning up test database creatio...

August 28, 2017 02:12 PM

Load Thresholding

System has high load!

Sounds anything but perfect. At least when we are talking about servers.

Fortunately, I don't have to explain what load is or how it's defined because there are many explanations on the internet. I found my favorite one on blog.scoutapp.com.

Once you read the article, you know that the ideal load on a Linux machine depends on the number of CPU cores. And maybe you can already foresee what that means for your threshold configs. Yes, you will need individual thres...

August 28, 2017 01:30 PM

August 22, 2017

This Week in OpenNMS: August 22nd, 2017

It's time for This Week in OpenNMS! In the last week we worked on internals, documentation, and web APIs.

Github Project Updates

  • Internals, APIs, and Documentation

    • Seth did more work on converting eventd to use Camel routes.
    • I continued my work on getting OpenNMS integration tests to run cleanly in Docker containers.
    • Alejandro added documentation on creating custom security roles in recent OpenNMS versions.
    • Craig did more work on license and product management in the plugin manag...

August 22, 2017 02:12 PM

August 17, 2017

OpenNMS Meridian 2016.1.6 Released

Release 2016.1.6 is an update to 2016.1.5 that provides quite a few bug fixes and a few small enhancements.

The codename for 2016.1.6 is Goode homolosine.

Bug

  • collectd does not unschedule deleted nodes (Issue NMS-5105)
  • noSuchInstance causing problems during provision scan (Issue NMS-8046)
  • Security issue for all admin vaadin applications exposed as OSGI Service (Issue NMS-8431)
  • Updating assets/categories through ReST affects Forced Unmanaged services. (Issue NMS-8879)
  • Logging for TCP output queue (Issue NMS-9291)
  • provision.pl does not create interfaces (Issue NMS-9345)
  • XSS vulnerability on quick-add node page (Issue NMS-9353)
  • XSS vulnerability on node error page (Issue NMS-9354)
  • XSS vulnerability with application names (Issue NMS-9355)
  • Thresholding on WSMan datasources appears broken (Issue NMS-9361)
  • TCP persistence strategy should output time in milliseconds, not seconds (Issue NMS-9409)
  • NullPointerException during nodeScan on devices with broken IP-MIB::ipAddressIfIndex (Issue NMS-9415)
  • Event Configuration Screen Requires Alarm Type (Issue NMS-9422)
  • SQL injection in DefaultSurveillanceViewService (Issue NMS-9476)
  • “query” parameter allows SQL injection (Issue NMS-9478)
  • Clone foreign source requisition overwrites config of other requisition without any hint or warning (Issue NMS-9481)
  • Fix ownership of users.xml (Issue NMS-9493)
  • ConcurrentModificationException thrown by Statsd (Issue NMS-9511)
  • Update copyright date in docs (Issue NMS-9516)
  • Document supported products and versions for Remedy integration (Issue NMS-9538)
  • Eventd does not respect event configuration order when reloading (Issue NMS-9551)
  • users.xml being overwritten on installation (Issue NMS-9573)

Enhancement

  • Document the logic behind the response time value reported by the SnmpMonitor (Issue NMS-9475)
  • Add parameterized SQL support to Criteria API (Issue NMS-9480)

by RangerRick at August 17, 2017 06:42 PM

OpenNMS Meridian 2015.1.6 Released

Release 2015.1.6 is the seventh release of OpenNMS Meridian 2015. It contains a few bug fixes.

The codename for 2015.1.6 is MVT.

 Bug

  • collectd does not unschedule deleted nodes (Issue NMS-5105)
  • Security issue for all admin vaadin applications exposed as OSGI Service (Issue NMS-8431)
  • XSS vulnerability on node error page (Issue NMS-9354)
  • XSS vulnerability with application names (Issue NMS-9355)
  • NullPointerException during nodeScan on devices with broken IP-MIB::ipAddressIfIndex (Issue NMS-9415)
  • “query” parameter allows SQL injection (Issue NMS-9478)
  • Fix ownership of users.xml (Issue NMS-9493)
  • Update copyright date in docs (Issue NMS-9516)
  • users.xml being overwritten on installation (Issue NMS-9573)

by RangerRick at August 17, 2017 06:41 PM

OpenNMS Horizon 20.0.2 (Ruby Rhod) Released

OpenNMS Horizon 20.0.2 (code name: Ruby Rhod) is now available.

This release is primarily a bug fix release, including:

  • a fix for the Enlinkd lockup in 20.0.1, as well as a filehandle leak
  • a fix for an SQL injection bug
  • a number of UI tweaks
  • support for reloading Drools configuration without restarting

For more details on what has changed, see the complete change log.

More Info

For complete info on what has changed since Horizon 19, see the release notes.

August 17, 2017 06:17 PM

August 14, 2017

Statusbox

Hey folks,

maybe you still remember the discussion about the Statusbox feature which Markus started at the Easterhack session. At that time I already liked the idea and to be honest, I was a little bit disappointed that it wasn't possible to complete it on this weekend. After some days I read Markus' comment in his pull request:

As this feature was intended to be a small enhancement but a lot of issues were raised while developing this issue, I am now going to burry it.

I was rea...

August 14, 2017 10:45 PM

This Week in OpenNMS: August 14th, 2017

It's time for This Week in OpenNMS! In the last week we worked on internals, documentation, and web APIs.

Github Project Updates

  • Internals, APIs, and Documentation

    • Jeff did more work on the Twilio notification strategy.
    • Craig continued his work on the OpenNMS plugin manager.
    • Christian worked on moving event parms to a separate table.
    • I worked on cleaning up our exception-handling in JNA ICMP code.
    • I fixed an RPM bug where users.xml would be overwritten upon upgrade.
    • I fixe...

August 14, 2017 02:35 PM

August 07, 2017

This Week in OpenNMS: August 7th, 2017

It's time for This Week in OpenNMS! In the last week we worked on internals, documentation, and web APIs.

Github Project Updates

  • Internals, APIs, and Documentation

    • Dustin and Christian worked on moving event parameters into a separate table in the database.
    • Jesse fixed an ordering bug in event processing that could happen when eventconf is live-reloaded.
    • Jeff cleaned up his tool for importing events from CA Spectrum.
    • Jesse fixed some issues with custom varbind processing in even...

August 07, 2017 05:54 PM

Introducing OpenNMS.js

Recently, we have been working on a project called "Helm" which will integrate a convenient OpenNMS alarm dashboard into Grafana. As part of that process, we have been developing a pure-JavaScript API for interacting with OpenNMS's ReST services called "OpenNMS.js".

OpenNMS.js is primarily designed for developers, making it easy to write Node.js or browser tools for performing actions in OpenNMS. However, OpenNMS.js is also a CLI tool that lets you perform a number of useful actions...

August 07, 2017 04:18 PM

August 03, 2017

2017 Dev-Jam – Days 4 and 5

Apologies to my three readers for the two-plus week delay in writing this up. I know you’ve been waiting for this post with more anticipation than Season 7 of Game of Thrones, but things have been crazy busy in OpenNMS-land of late.

As you know, this year’s Dev-Jam was held at Concordia University in Montréal. For most of the week we had access to a nice, large space which included air conditioners (the Grey Nuns building does not have central air), but due to a scheduling conflict we had to move out for the day on Thursday.

We moved to the basement cafeteria, which worked out rather well.

Dev-Jam: Grey Nuns Cafeteria

There were no A/C units but with the windows open there was a good cross breeze and it was comfortable. By the fourth day of Dev-Jam people are pretty much settled into a routine, so the day was mostly spent working to finish up various projects.

On Friday we moved back upstairs. The last full day of Dev-Jam is always bittersweet for me, as I love the “show and tell” part where people share what they have been working on, but I hate the fact that it is over for another year. We also forgot to bring the equipment we usually use for video capture (it was left back in Minnesota) so while the sessions were recorded, they haven’t been posted to Youtube yet.

Dev-Jam: Jesse White presents on Minion

Jesse kicked off the presentations talking about work he was doing to assign specific monitoring tasks to particular Minions.

Dev-Jam: Markus presents on Doughnut Graphs

Markus followed that with his work on adding “doughnut” graphs to the user interface. These resemble the graphs available with Compass™, our mobile app. That is supposed to be a green doughnut and not a grey one but the projector didn’t render it very well.

Dev-Jam: Christian presents on IFTTT

As OpenNMS wants to be the monitoring platform of choice for the Internet of Everything, Christian did some work on integrating it with “If This, Then That” (IFTTT)

Dev-Jam: Ronny presents on ASCIIBinder

Ronny is our “documentation czar” who led the effort to create the most awesome docs.opennms.org site. He explored using ASCIIBinder to manage our growing collection of documentation.

Dev-Jam: Seth presents on ReST

I work with some amazing people, and years ago they saw the potential in adding ReST functionality to OpenNMS. It was a great decision and makes OpenNMS extremely flexible when integrating with other systems. Seth presented some of the work he is doing to extend that feature.

Dev-Jam: Alejandro presents on Drools

OpenNMS has a couple of ways to correlate alarms. The basic method is using the “vacuumd” configuration and SQL, but a stronger (although more complex) method is to used the Drools business intelligence engine. Alejandro presented some work he is doing to move some of the legacy vacuumd tasks to Drools.

Dev-Jam: Jeff presents on CLA Assistant

Contributor License Agreements are a controversial topic in open source, but we use one for OpenNMS. The main reason is to ask any contributor to certify that they have the right to contribute the code. It may seem trivial, but not only does signing such an agreement make the person think about it, it does give the project some cover in case of a dispute.

We currently manage our own CLAs, but the website CLA Assistant aims to make it easier. Jeff presented on what he found out about the service, and we may be migrating to it in the future.

Dev-Jam: Antonio presents on Enhanced Linkd

And last but not least, Antonio talked about the work he is doing on Enhanced Linkd. This is the process that figures out Layer 2 connections between devices. It is non-trivial as vendors seems to relate this information in different ways, and we really appreciate the time he has put into that part of the project.

It was great seeing everyone again, and it was also cool to hold the conference in a new location (well, cool once it was over, it added a lot of stress to my life). I’m eager to start planning next year’s conference.

by Tarus at August 03, 2017 04:26 PM

July 31, 2017

This Week in OpenNMS: July 31st, 2017

It's time for This Week in OpenNMS! In the last week we worked on internals, documentation, and web APIs.

Github Project Updates

  • Internals, APIs, and Documentation

    • I got rid of the RANCID "rws-not-configured" exception when it's not configured.
    • Jesse worked on cleaning up some code in Enlinkd.
    • Markus enabled the IFTTT integration in the main codebase.
    • Alejandro did more work on wrapping up his Drools and BSF alarm northbounders.
    • I worked on fixing integration test code to run...

July 31, 2017 03:20 PM

July 24, 2017

This Week in OpenNMS: July 24th, 2017

It's time for This Week in OpenNMS! Last week we were at Dev-Jam, our annual developer conference hackathon.

Github Project Updates

  • Internals, APIs, and Documentation

    • Alejandro fixed a threading issue in Statsd.
    • Ronny did lots of work on converting documentation to be rendered by AsciiBinder
    • Jesse worked on APIs for handling merged datacollection configuration files
    • DJ did some cleanup of test infrastructure
    • Alejandro implemented alarm northbounders that can feed into BSF scri...

July 24, 2017 03:10 PM

July 20, 2017

2017 Dev-Jam – Day 3

By Day 3 we’ve settled into a rhythm, so I don’t have much to report from the actual OpenNMS side of things. Personally, I spent way too much time trying to figure out why Twitter is blocking links to this blog. It’s been ad-free for over a decade, yet Twitter thinks it is spam.

We believe it was because we were using dlvr.it to post things I write here to the OpenNMS Twitter feed and thus it got flagged as automation (which is, apparently, bad). I can understand it, but my complaint is that there is no clear process for getting it resolved. I think I’ve submitted the proper request and I’ve even tried to back-channel some help through friends of friends, but I think I’m just going to focus on posting on Google Plus from here on out, unless I need to complain. (grin)

So the gang worked while I bitched at Twitter. Oh, I do have a picture of a Canadian food product: ketchup flavored potato chips, modeled by Jeff.

Dev-Jam: Ketchup Potato Chips - photo credit Jessica

I can report on what we did in the evening. Usually Dev-Jam involves seeing a Major League Baseball game, specifically the Minnesota Twins. However, the only MLB team ever in Montréal, the Expos, played their last season here a year before Dev-Jam started (2004).

However, Montréal does host an international fireworks competition, so we got tickets. It’s held at La Ronde, which is an amusement park in the Six Flags chain. La Ronde is located on the northern end of St. Helen’s Island (Île Sainte-Hélène). While the park itself wasn’t very crowded, it turns out that Metallica fans, including our own Alejandro, were descending on the southern part of the island for a concert.

To get there from Grey Nuns, we took the Metro. The Metro station on St. Helen’s Island is near a museum called The Biosphere, complete with a geodesic dome created by Buckminster Fuller. Might be worth a return visit.

Dev-Jam: Montréal Biosphere - photo credit Mike

We took a free shuttle to get to the park, and our tickets also granted us admission. Out of habit I had taken my grandfather’s pocket knife, not realizing they would have metal detectors, but they had a cool system where I could drop it off and pick it up later (so I didn’t have to hide it in the bushes).

As soon as we got into the park, the sky opened up and poured on us. Some of us found shelter under building overhangs, some on rides and some just got wet. One of the rides was the carousel, where Ben, Seth and Cynthia seemed to have fun.

Dev-Jam: La Ronde Carousel - photo credit Mike

Luckily, the rain didn’t last too long. Since it was National Hot Dog Day, we decided to find some. As a fan of the show Silicon Valley, I suggested we try out the “Not Hotdog” app. Seems to work.

Dev-Jam: Not Hotdog - screenshots Mike

Afterward there was just enough time for a ride on Le Vampire.

Dev-Jam: Le Vampire Rollercoaster - photo credit Chris

Jessica is in the back of this shot, with Ronny and Jesse in the front.

Then it was time to see the show. There are three seating sections: Bronze, Silver and Gold. Gold had free beer but we had been told that the Silver section (Argent) had the best views. I wasn’t disappointed. And this being Quebec, there had to be clowns.

Dev-Jam: Fireworks Clowns - photo credit Ben

In section 307 we were on an elevated platform looking out over a lake. The fireworks were launched from the other side of the lake and synchronized with music. As this is an international competition, the presenter for our show was Germany. They played the German national anthem and introduced the performers.

Dev-Jam: Fireworks Introductions - photo credit Ben

The show … it was amazing.

And when I say it was amazing, I mean it was like I had never seen fireworks before, and I’ve seen them at places like EPCOT at Disney World. Since we were pretty close to the launch site, it was like they took up your whole field of vision. Plus, I never knew there were so many different types. They used the whole area, from high overhead down to the lake itself (at one point in time it was if the water was ablaze in green fire). Shells would explode overhead in a burst of color, followed by a second color and when those faded there would be a ring left that slowly faded away.

Dev-Jam: Fireworks Above - photo credit Ben

Sometimes the sky would just be a fountain of gold, and at other times the action would be at ground level. At times I felt they were telling a story. Not exactly one I understood, such as the red fountain thingies seem to be fighting the shooty yellow thingies, but it still evoked an emotional response.

Dev-Jam: Fireworks Down Low - photo credit Ben

The emotional high point for me was when they played Pachelbel’s Canon. I know it is cliché but the “Canon in D” is one of the most beautiful things ever made, and to see it illustrated in fire was simply breathtaking.

Speaking of things to take your breath away, soon after the show started the air was filled with smoke and ash from the fireworks. While it really didn’t detract from the show, people with health issues related to breathing should think carefully about attending.

Dev-Jam: The Bridge at Night - photo credit Ben

The show was 30 minutes long, and by the time we headed out to leave so did 40,000 Metallica fans. This was further complicated by the bridge to the island being closed so people could watch the fireworks. Rather than waiting for buses to arrive once the bridge was reopened, we decided to walk. There was a great view from the top, and the bridge itself was lit in green.

Dev-Jam: View from Bridge - photo credit Ben

We got back to the dorm around midnight, having had a great time. I hope I get a chance to see the fireworks show again, perhaps at next year’s Dev-Jam.

by Tarus at July 20, 2017 08:36 PM

July 19, 2017

2017 Dev-Jam – Day 2

Dev-Jam was fully underway by Tuesday morning, starting with another Canadian tradition, Tim Hortons.

Dev-Jam: Tim Hortons Box

Lots of great discussions were going on. Ronny demonstrated Project Atlas, more formally known as the GraphML Topology Provider. This allows you to use GraphML to create topologies within the OpenNMS user interface.

Dev-Jam: Ronny Doing a Demo of Atlas

There is also a topology.xml file on the OpenNMS Forge github repository that can be used as an example.

Jesse gave us a demonstration of Project Helm. This is a Grafana plugin that let’s you combine fault and performance data from multiple instances of OpenNMS on one dashboard.

Dev-Jam: Jesse Doing a Demo of Helm

While it is just in alpha, the goal is to let users manage alarms directly from the dashboard, including acknowledging them, adding “sticky” and journal notes, etc. We have been working for years now on making a robust ReST interface for OpenNMS and it is really paying off by allowing us to create features like this. Since all of the communication between Grafana and the OpenNMS system (or systems) is via ReST, there is no need to store and manage data locally.

Dev-Jam: Helm Screenshot

If you want to play with Helm, you should be running the latest Horizon 21 snapshot.

We have a person named Roberto attending Dev-Jam for the first time and I was eager to find out why he was interested in OpenNMS, so I spent some time talking with him. His company deploys underwater fiber-optic cable. Their customers used to be large telecommunications providers, but now they deal mainly with very large Internet companies, and those companies are requesting a higher level of monitoring information. It was one of those “very large Internet companies” that suggested they use OpenNMS, and it was interesting to learn about the challenges of running and managing undersea fiber.

Only a small part of the cable contains the fiber as most of it consists of a thick protective sleeve. The sleeve has to be thicker near shore since there is a greater chance of damage from things like ships’ anchors. Also, electrical current flows through the sleeve which attracts sharks, who then proceed to bite the cable. Here’s a video:

I’m eager to see how they end up using OpenNMS.

As I mentioned before, we are staying in the Grey Nuns Residence at Concordia University. According to Wikipedia there is a crypt in the basement where nearly 300 bodies are buried, most of them nuns who had lived at the Grey Nuns Motherhouse. It is off limits to visit, but I wanted to see if I could at least find the entrance.

Our conference is being held in a large room called E104, and most of the rooms of the people attending are also on the east side of the residence. My room, however, is on the west side and to get there I have to walk about 200 meters (it is a big place). You go out of E104, down to the basement and along a very long corridor before heading up several floors.

Along this corridor you will see a nondescript door,

Dev-Jam: Door to Grey Nuns Crypt

and if you peek through the little round window you can see into the crypt.

Dev-Jam: Image of Grey Nuns Crypt

The graves are marked with plain wooden crosses, and the one nearest the door died in 1885, although there are certain to be much older graves in the crypt. Apparently there was a project to move the bodies out of Grey Nuns but the government balked due to the fact that some of the people buried there died of infectious diseases (the history of the Grey Nuns [pdf] confirms that several nuns died of the Spanish Flu of 1918).

It is a pretty solemn place and in stark contrast to the rest of the dormitory.

Speaking of things definitely not solemn, for dinner we all headed to a Japanese restaurant nearby called Kinka Izakaya. Izakaya means a pub, and the menu consists of lots of small plates, kind of like Japanese tapas.

Dev-Jam: Dinner at Kinka Izakaya

The place met a number of criteria: good food, can seat 24 people and close to the dorm. We also had to try a “Sake Bomb” in which a small amount of sake is suspended over a glass of beer. You then drop the sake into the beer and drink. Yes, there is video:

Good times.

by Tarus at July 19, 2017 03:50 PM

July 18, 2017

2017 Dev-Jam – Day 1

Dev-Jam is an unstructured conference. Our goal is to simply put a bunch of incredibly smart people in a room and see what happens. That said, we do officially start and end the conference. On Monday morning we get together to make introductions and to talk about projects that we want to pursue during the week. This allows people with similar interests to work together if they want. On Friday we have presentations on what got accomplished.

Dev-Jam: People Around a Table

I usually start off the week, and then turn it over to Jesse White (our CTO and GM of The OpenNMS Group Canada).

Dev-Jam: Jesse White in an MC Frontalot shirt

I thought it was cool that he was wearing an MC Frontalot T-shirt as we commissioned him to produce a free software song that we released on Independence Day (July 4th).

Another cool thing about OpenNMS is that we try to work as transparently as possible. While a lot of projects allow public access to their git repository, I believe OpenNMS is the only one that has a repository for every branch that automatically builds packages as commits are made (the list can be found at http://yum.opennms.org/repofiles/ but be patient as there are so many it can take a minute or so to load). We also publish a weekly newsletter called “This Week in OpenNMS” (or TWiO). This week Ben posted some ideas bouncing around this year’s Dev-Jam which include:

  • updating packaging (yum/Debian) infrastructure including better support of upstream PostgreSQL packages
  • improved wifi link support in Enlinkd and topology
  • improving the opennms.com and opennms.org web sites
  • simplifying collection of OCAs
  • integrating DigitalOcean and Xen requisition tools
  • Spark chat integration
  • ReST infrastructure improvements
  • discussing how to improve Docker image generation
  • grafana dashboard for UPS data
  • northbound interfaces for Drools (scriptd-like interface for alarms)
  • structured data monitor (using the XML collector infrastructure)
  • Cisco ACI integration
  • OSGi deployment of ReST services
  • donut charts on the front page
  • rewrite the node list page
  • migrate documentation to AsciiBinder
  • trigger IFTTT events when alarms change
  • porting the Go version of the minion to a new platform

Dev-Jam: Laptop and Can of Cheerwine

I should note that Ben is also a fan of that North Carolina export, Cheerwine.

Dev-Jam: People Meeting to Discuss the Website

Jessica, our graphic designer, pulled together a meeting to discuss our web presence. We recently revamped the opennms.com website and we are looking to determine improvements needed for the opennms.org website.

Speaking of Jessica, she also designed our Dev-Jam shirts.

Dev-Jam: Front of Dev-Jam Shirt

The front is meant to represent summer camp.

Dev-Jam: Back of Dev-Jam Shirt

The top symbol is for Montréal, the bottom is Ulf the OpenNMS mascot, the tag to the left represents coding and the right image is for fireworks (we are attending the competition on Wednesday).

It’s not all work. Recently I read about a restaurant very close to Concordia (where we are holding the conference) that offered free meals to people who need them. I wanted to support that, so for lunch a group of us went to Marché Ferdous, which had been written up on sites such as CNN, the BBC and Huffington Post.

Dev-Jam: Marché Ferdous Entrance

It’s a small shop a couple of blocks away from our dorm, and I got the falafel platter.

Dev-Jam: Marché Ferdous Falafel Platter

My meal was about CAD$10 so I paid with a $20 bill and told them to keep the change. Always gotta pay it forward, yo. (grin)

The falafel was just okay (I’m spoiled as I get to eat Angie’s falafel on a regular basis – some of the best falafel on the planet and I should know as I’ve had it pretty much all over the planet) but the sides were excellent. Everyone else got meat and really enjoyed it.

After lunch we took a side trip to a SAQ store to check out the spirit selection. Later that evening there was a tasting …

Dev-Jam: Monday Whiskey Selection

… which probably had something to do with the decision to screen Strange Brew, eh?

Dev-Jam: Strange Brew on Screen

by Tarus at July 18, 2017 04:00 PM

2017 Dev-Jam – Day 0

♬ It’s the most wonderful time of the year ♬

It’s hard for me to believe that we are getting ready for our twelfth annual OpenNMS developers conference, Dev-Jam.

Dev-Jam: Welcome to Montreal Sign

This year we changed venues from our normal spot at Yudof Hall at the University of Minnesota to Concordia University in Montréal, Quebec, Canada. We have to plan these things out months in advance, and back in January there was talk of greatly increasing the effort required to enter the United States, especially for visitors from other countries, requiring them to, among other things, reveal social media passwords. Since a large portion of people attending Dev-Jam come from outside the US, we thought it prudent to move the conference. Plus, The OpenNMS Group now has a corporation in Canada, so it also seemed to be a nice way to mark that development.

After searching around for a place to hold the event, we settled on the Grey Nuns Residence, a large dormitory. While the individual rooms are not as nice as Yudof, the conference space is really large and should work out well. Plus, Grey Nuns is considered one of the most haunted places in Montréal, although so far no one has reported anything unusual.

We have over 20 people attending this year, which is down a little bit from normal. We have several people from Minneapolis who attend, and by moving it to Canada it became difficult for them to make it. In an ironic twist our friend Muthu from India was unable to get his visa to Canada approved in time to make the conference. But outside of some weather delays everyone else made it here safely.

So did the Cheerwine. It has become a Dev-Jam tradition for me to bring the North Carolina made cherry-flavored soda to share with everyone, and sometimes it gets a little, soggy, in transit. All 48 cans made it to Montréal, although it won’t last all that long.

There is a bit of adjustment to being in Quebec. I get to practice my (poor) French, and I love the fact that it is like everything has subtitles (legally, English should appear under the French in no more than half the size). Plus we’re having to get used to things distinctly Canadian such as Thrills chewing gum. Flavored with rosewater, the taste has been compared to soap, a fact that is proudly displayed on the box.

Dev-Jam: Thrills Gum Box

Another Montréal tradition is poutine. This is a dish of thin french fries topped with cheese curds and gravy.

Dev-Jam: Poutine

The one I tried was a variation that included chicken and a whiskey BBQ sauce. This was from a restaurant chain called St-Hubert which specializes in chicken (seriously, the set menu offered chicken, chicken, chicken, chicken, ribs, chicken, chicken, and, you guessed it, chicken). It was good, and it was nice to find a place to serve 20+ people comfortably.

Dev-Jam: Dinner at St. Hubert

While change can be challenging, I think this is going to be a great week. Outside of David and myself, both Mike and Craig have made all twelve Dev-Jams, and DJ has made all but one. One of my goals with OpenNMS is to built something that lasts, and it is nice to have traditions that have continued for this long.

by Tarus at July 18, 2017 01:46 AM