It is very easy to install using Synaptic/Apt and is available in the Ubuntu Universe Repository. There are two front ends available using GTK, and QT. The only issue I had to troubleshoot was that the recorded audio was out of sync and choppy. It was very easy to fix by changing the DEFAULT sound option to plughw:0,0.

The software is capable of using a variety of audio sources including Jack audio server. The capture provided an excellent quality file in .ogv format.

If you are sharing the video capture with Windows users, you will need to convert it to a Windows-friendly format for them. I used mencoder - 

mencoder -idx mycapture.ogv -ovc lavc -oac mp3lame -o mycapture.avi

For a helpful page on installing additional repositories and software in Ubuntu, see here Enabling Extra Repositories. You should also see the following link:  Medibuntu  – to install the W32 Codecs.

This is only required if you need to convert the output into a Windows format like .avi. In order to play the converted avi video in Windows,  I still needed to install this free codec: FFDShow MPEG-4.

I serve a large organization with multiple branch offices in remote places. Typically, these offices are staffed with from one to fifty employees. Most of the offices have a local Windows Domain Controller, which doubles as a file/print server, DNS, and DHCP server.

The larger of the offices are usually connected to the Internet via T1, or DSL via a local service provider. In addition, the offices have a firewall that is connected back to headquarters via IPSec VPN tunnel.

This arrangement has provided a good solution for several years, however there are limitations. Recently, many of our offices have begun providing Internet access for clients – this added network load, in addition to increased usage of high-bandwidth services like You Tube, have placed new demands on us to manage the bandwidth. In addition, configuring servers and firewalls per individual office – and getting local support who can help us on site – is challenging.

A major point of our current initiative is to make our network locations more homogeneous, and more under the control of IT staff at headquarters. Virtualization has become an attractive option for several reasons: it eliminates the cost of a separate hardware firewall, and it allows us to configure a hardware-agnostic server “image” for use on any local hardware.

My “One Box Solution” allows for the firewall, bandwidth management, and Windows Domain Controller to exist on a single, portable, server.

I recently began piloting such a solution in one of our offices. Not having a current budget for my project, I took advantage of an unused Dell workstation at HQ. I added an additional 10/100 NIC we had lying in our closet. I installed Ubuntu 8.10 server (any version of Linux will work) and VMWare’s latest version of free server for Linux.

If you haven’t been exposed to VMWare yet, go to www.vmware.com and download the free player and one of the free virtual appliances (pre configured workstations and computers). VMWare server is also free and will allow you to build and configure your own virtual machines.

Having built the Linux box and installed VMWare server, I configured one of my NICS as an internal nic, with an address on my local subnet, and the other NIC as an external NIC with one of my assigned Internet IP addresses.

Inside VMWare server, I configured three virtual networks. One network connected to my external interface of my Linux server. The second connected to a host only virtual network, and the third connected to the internal NIC of my Linux server.

The first virtual server I built was my M0n0wall firewall. Note that M0n0Wall is available PRE-BUILT! AS A VIRTUAL APPLIANCE! This means you don’t have to compile or build it. Just download the Virtual Appliance files and open them in VMWare Server.  I choose M0n0wall for several reasons. It is free. It is easy to configure. It allows for QoS, Traffic Shaping, and most importantly the IPSec tunnels that connect back to Headquarters and our DR NOC. The external WAN interface of M0n0Wall was connected to the external virtual network. The internal LAN interface of M0n0Wall was connected to the HOST ONLY virtual nework (we’ll see why in sec…). The WAN and LAN interfaces were configured with appropriate network settings, NTP server settings, DNS, etc. The WAN IP will be on our Internet subnet, and the Gateway will point to our ISP’s router or gateway IP address. The LAN interface will become the internal default gateway for our local network. M0n0wall is a powerful firewall solution for a small office. With the addition of a third NIC, you can easily set M0n0wall up to provide a DMZ, or a Captive Portal for your Wireless users. A Captive Portal will allow you to plug in a wireless device, authenticate users in a browser, and/or use RADIUS for advanced authentication.

The second virtual server is Untangle – also available Pre-built as a virtual appliance! Untangle can install as a bridge – meaning there is no routing involved. It sits between your firewall and your internal network. Untangle can also function as the firewall, but since it lacks the IPSec function for our tunnel back to Headquarters, we choose M0n0Wall. Where Untangle really excels is in Internet filtering and management. Untangle provides a suite of free modules for management and OpenVPN. There are also paid and supported modules available. The free version provides for very granular reporting and a powerful degree of access control right out of the box.

The third server is our Windows Domain Controller. This is the only commercial device which requires a paid-for license. Our virtual domain controller runs inside VMWare and connects via one interface to our internal network.

This arrangement has allowed us to provide a one-box all-in-one appliance to our remote offices that can be built and exchanged as needed, with a minimum of configuration. The Windows server can easily be promoted to a domain controller on site. IP Addresses and other site specific information can all be easily configured through graphical utilities.

Using online backup, such as Mozy Pro, in conjunction with our single box, we have discovered a way to provide highly-available network services to our smaller, budget and staff challenged offices in the field.

Options include using ESXi, which is VMWare’s free version of ESX server. The downside of ESXi is that it requires more expensive hardware. It will not run on a workstation with a SATA disk drive. However, if you have a true server that is on the hardware compatibility list, ESXi will provide a better platform. It installs as it’s own OS. Linux and Windows are not required. The management tools and options are also much nicer.

One additional thing we’ve looked at – and likely something we’ll be hearing more about in the coming months – are WAN optimization appliances such as Riverbed that run as a virtual machine. This will likely become a solution in our most remote offices where slow satellite connectivity is the norm.

Typically email attachment sizes are limited. Users complain when attempting to email huge spread sheets or media content if they are denied due to size restrictions.

Typically the solution has been FTP. However FTP generally leaves much to be desired for the average user. It requires the maintenance of accounts. Some people are restricted by local policy and firewalls. Browser support for FTP is weak. FTP servers must generally be maintained or entropy sets in and they become an administrative and security nightmare.

Enter Allard Software’s Filetransfer Appliance.

It works like this: When a user has the need to send a large attachment they point their web browser to the File Transfer server. They get a page with a form to send an email. They fill in To:, Subject:, and their message. They then browse the file and click upload. Then they can send the email. The recipient gets the email which contains a link to download the file. The file expires after a set period of time. The recipient receives a notification when the file is downloaded. That’s it! Beautifully efficient and simple!

Filetransfer Appliance is a piece of cake to set up. It installs as a VMWare appliance – meaning the software is already installed and configured. All you need to do is boot the VM, give it a hostname and set your IP address. There are a few configuration options including your mail server and Active Directory integration so users can authenticate with their AD credentials.

The device can use SSL with your own certificate or a self signed certificate if you choose.

Support is highly responsive from the developer himself.

The device is incredibly inexpensive, licensing starts under $100 for 10 users and their is a FREE 3 user demo.

http://www.allardsoft.com/filetransfer

We then realized our SSL Certificate (The VMWare provided, self signed one) had expired a few days prior. Our upgrade to Virtual Center 2.5 and ESX 3.5 did not replace the expired certificate.

We looked into the possibility of installing our Go Daddy wildcard SSL certificate, which requires a process of conversion and it didn’t seem worth the hassle to us. See the links below for more on that.

We were able to rename c:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\rui.crt to rui.crt.old and then go to Add/Remove programs and reinstall Virtual Center Server with the Repair option. This installed the new certificate for us.

At this point, all the hosts were disconnected, but right clicking and choosing ‘reconnect’ brought them all right back into VC.

The certificate is now valid for two years.

Install Wildcard Certificate on Virtual Center
Installing a New Certificate

1. Download the Solarwinds VMWare ESX Monitor.

2. Install it in your Windows workstation.

3. SSH or console into your ESX server as root, or equivalent.

4. type nano /etc/snmp/snmpd.conf to open the configuration for editing.

5. make sure there is a statement that says rocommunity public, if not add it. Otherwise close.

6. at the command line type: chkconfig snmpd on t (to make the service start automatically)

7. Restart the snmpd service: service snmpd restart

8, open your ESX firewall for snmp port 161 UDP and TCP by entering the following:

esxcfg-firewall -o 161,tcp,in,snmp
esxcfg-firewall -o 161,udp,in,snmp

Now open up your Solar Winds monitor and enter the name of the ESX server. The defaults should work fine unless you changed the public string name to something else.

I joined the company in May ’06, my boss had been there a few months, and the CTO had been there about a year. Neither of them are still with the company and as the network administrator, the ESX infrastructure has fallen into my hands – as my boss had more or less taken the lion’s share of responsibility and planning during the procurement and configuration phases. I’m quite familiar with the day to day tasks of deploying a VM, etc… But the bigger picture has been a little fuzzy.

My new boss and the new CTO have been pretty great to work with; and supported my desire to attend VMWare sponsored training on ESX this past week downtown at the MicroTek facility on Broad Street in the Financial District.

The training was pretty good. Each student (there were about fifteen or twenty) had their own pc, and we used Citrix to access VMWare’s educational environment where teams of two shared one remote ESX server (DL380). When we got to the Clustering/VMotion/HA part we combined into teams of four with two students managing each ESX host. We covered everything from installing to troubleshooting. Quite a bit of material for four eight hour days. The tough thing is that truly understanding everything about ESX means you already have a grasp of Windows administration, Active Directory, SAN architectures, networking, etc… So for instance, if you’ve never touched a SAN, the whole concept of VMotion or presenting LUNS to a host isn’t going to make much sense – neither are iSCSI software vs hardware based initiators, or HBA’s, vLans, etc, etc… The weakest link for me is understanding our SAN architecture. I’m getting a handle on it; and we are hoping to get Dell in to give us a technical overview of managing it, creating and presenting LUNS to hosts. We’ve got two additional matching Dell 2950′s we want to add to the existing two ESX hosts. We need additional licenses for the ports on the fiber switch. Once the proper LUNS have been made available to the new hosts I’ll be able to set them up into the existing cluster with no problem.

I’ve been doing a lot of experimenting with the free version of VMWare Server at home. This has been alot of fun. We had a very simple network at home, cable internet, a wi-fi cable/dsl router, and that was it. I built an internal LAN and made the wi-fi LAN a DMZ that is isolated from our internal LAN. My vpn device is simply an old Dell Dimension T500 with some extra RAM and dual NICs, running Win2K3 server and RRAS… on the inside sits my workstation, my wife’s workstation, and my single server/dc running Win2k3. This is an old AMD Athlon 1.2 GHz maxed out with 1.5 GB of RAM.

I bought an old Compaq SDLT drive on EBay for $165, put a SCSI card in and installed backup software. I installed VMWare server for Windows and put two VMWare guests (two Windows XP workstations and a Linux workstation) and was running my server/dc/dns and backup on the host. It kept occurring to me that maybe there was a better way to do this – so I cloned the server to a VM, installed Ubuntu Linux server with minimal options, installed VMWare server for Linux, and then ran my guests, plus the original server in VM’s on the Linux host.

I was able to map the SCSI interface and tape drive through to the VM guest server. Everything worked ok, but for some reason I could not get the same performance out of this arrangement that I had gotten out of the Windows based host which totally suprised me. Even disabling the server and trying various combinations of RAM and reservations for the host, there just didn’t seem to be enough CPU cycles to go around and everything ran at a snail’s pace. When I went back to Windows again, everything just seemed to work better. This was a disappointment because managing the Linux server felt so much more like managing an ESX environment. Its also really cool to use a tool like Putty to go in and some basic sysadmin stuff instead of waiting for an RDP session, open multiple windows, waiting, clicking, waiting, etc, etc, etc…

My wife’s workstation is actually an old Compaq notebook that was originally NT 4, upgraded to 2000 Pro. Its been acting a little funky lately, but she has all our banking software on it and some other stuff. (yes, we back it up). So I made a VM out of it, thus taking any hardware issues completely out of the picture. I was able to give the VM a lot more free disk space, and upgrade it to XP. So now my wife can use the VM instead of the notebook which has more resources and isn’t dependent on an old piece of hardware, slow drive and memory, etc… Such a powerful tool.

Maybe I’ll see if my wife will let me pick up some supported hardware off EBay to build an ESX server at home