Create a custom profile for KDEnlive 16.4.3

Fedora recently upgraded the bundled KDEnlive to the 16.4.3 release that changes a lot of the previous export settings.

Thanks to this tutorial on the KDE website I managed to create a profile for my videos that is similar to what I was running previously:

File: /usr/share/mlt/presets/consumer/avformat/Velenux/1920x1200_60fps

description=MP4 1920x1200 60fps
f=mp4
frame_rate_num=60
frame_rate_den=1
width=1920
height=1200
progressive=1

vcodec=libx264
vb=10M
g=30
bf=2

acodec=aac
ab=384k
pix_fmt=yuv420p

threads=4
coder=1
movflags=+faststart

meta.preset.extension=mp4
meta.preset.name=MP4 1920x1200 60fps

In the editor I created a new profile with the settings suggested by the tutorial:

  • Destination: File rendering
  • Group: MP4
  • Profile Name: MP4 1920×1200 60fps
  • Extension: mp4
  • Parameters: properties=Velenux/1920x1200_60fps vb=%quality+’k’ ab=%audiobitrate+’k’
  • Video qualities: 10000,20000,30000
  • Default quality: 10000
  • Audio Bitrates: 384,256,192,160,128
  • Default Audio Bitrate: 256

For reference: the tutorial this article is based on, the KDEnlive manual about render profiles parameters and the KDEnlive docs about rendering.

Using SQL on text files to discover which ship to fly in EVE online

EVE online is a MMORPG where the players fly spaceships to blow each other to pieces and smack talk in forums and chats online.

The developers recently released a CSV data dump containing all the PvP kills (spaceships blown apart by other players) in the last month.

I thought it was an excellent excuse to test out one of the projects I starred on github and never got to try out: q, a nifty tool that allows you to use SQL queries on CSV or otherwise tabular text files.

As a first step, since q was having some problems with the text encoding in CCP release, I got rid of most of the colums I didn’t care about:

$ mkdir eve-killdump
$ cd eve-killdump/
$ unzip ~/Downloads/WWB_killdump.zip
$ cut -d, -f10-12,14,16-18 killdump.csv > onlymatters.csv

At this point my “onlymatters.csv” file looked like this:

destroyedShipType,destroyedShipGroup,killTime,solarSystemName,regionName,iskLost,iskDestroyed
Coercer,Destroyer,2016-03-10 21:29:37,Lamaa,The Bleak Lands,12585330.52,6692045.33

Then I ran my first query, I wanted to see which ships were destroyed the most:

$ q -H -d, -w none "SELECT destroyedShipType, destroyedShipGroup, COUNT(*) as nDestroyed FROM ./onlymatters.csv GROUP BY destroyedShipType ORDER BY nDestroyed" | tail -n 10
Atron,Frigate,6067
Catalyst,Destroyer,7702
Caracal,Cruiser,7903
Svipul,Tactical Destroyer,8165
Velator,Rookie ship,8481
Tristan,Frigate,8700
Mobile Tractor Unit,Mobile Tractor Unit,8712
Thrasher,Destroyer,8914
Ibis,Rookie ship,10503
Capsule,Capsule,155253

Unsurprisingly, a lot of Frigates (the cheapest/easiest to fly spaceship type) are destroyed the most. And most of them of Gallente manufacturing! Interesting.

Then I wanted to see the destroyed ships grouped by “ship group” (shall we call it “class”?) and ran:

$ q -H -d, -w none "SELECT destroyedShipType, destroyedShipGroup, COUNT(*) as nDestroyed FROM ./onlymatters.csv GROUP BY destroyedShipGroup ORDER BY nDestroyed" | tail -n 10
Manticore,Stealth Bomber,10924
Megathron,Battleship,11947
Svipul,Tactical Destroyer,15961
Drake,Combat Battlecruiser,16478
Malediction,Interceptor,22912
Ibis,Rookie ship,28716
Coercer,Destroyer,31393
Maller,Cruiser,44608
Tristan,Frigate,100919
Capsule,Capsule,158907

Again, Frigates are second only to Capsules (every pilot has a capsule to fly when his ship gets blown apart, BUT the capsule can be blown apart too, so I guess the Capsule is the most flown “ship” in EVE!) in number of ship lost.

That’s it for now, was a nice excercise to test out q a bit :)

Fly safe! o/

firewalld and nmcli – how to open a port on a specific interface on CentOS 7

For admins used to using iptables, the changes in RHEL 7.x made life a lot harder: the default config is a mess of zones, rules sending the traffic through different chains and what not. I had to spend hours tracking down how to add a single port to a single zone and switch one interface from one zone to another, I might as well document the whole experience for the sake of fellow admins out there:

First thing first, let’s see how our interfaces are configured:

# firewall-cmd --get-active-zones
public
  interfaces: ens160 ens192 ens224 ens256

In my particular case I want to switch ens224 (my management interface) from the “public” to the “work” zone, so I check what services are enabled in both zones:

# firewall-cmd --zone=public --list-services
dhcpv6-client http ssh
# firewall-cmd --zone=work --list-services
dhcpv6-client ipp-client ssh

And then I make sure I have http enabled in the “work” zone as well:

# firewall-cmd --permanent --zone=work --add-service http

Then I went to switch the ens224 interface from “public” to “work”… but it didn’t work:

# firewall-cmd --permanent --zone=public --remove-interface=ens224
# firewall-cmd --permanent --zone=work --add-interface=ens224
# firewall-cmd --reload
success
# firewall-cmd --get-active-zones
public
  interfaces: ens160 ens192 ens224 ens256

You also need to change the zone in the configuration setting, either by editing the configuration file in /etc/sysconfig/network-scripts/ or, as it was in my case, by fiddling with NetworkManager:

# nmcli c
NAME    UUID                                  TYPE            DEVICE 
nas     xxxxxxxx-yyyy-zzzz-tttt-wwwwwwwwwwww  802-3-ethernet  ens256 
cda-be  xxxxxxxx-yyyy-zzzz-tttt-wwwwwwwwwwww  802-3-ethernet  ens224 
bal     xxxxxxxx-yyyy-zzzz-tttt-wwwwwwwwwwww  802-3-ethernet  ens160 
cda-fe  xxxxxxxx-yyyy-zzzz-tttt-wwwwwwwwwwww  802-3-ethernet  ens192
# nmcli -p con show cda-be|grep connection.zone
connection.zone:                        --
# nmcli con modify cda-be connection.zone work
# nmcli -p con show cda-be|grep connection.zone
connection.zone:                        work

I reloaded the firewall configuration again and verified with iptables that the rules were now pointing to the “work” zone and that the zone did allow for http traffic:

# firewall-cmd --reload
# iptables -nvL
[...]
Chain INPUT_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 IN_public  all  --  ens256 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    0     0 IN_public  all  --  ens192 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    1    44 IN_public  all  --  ens160 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    1    60 IN_work    all  --  ens224 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    0     0 IN_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto] 
[...]
Chain IN_work_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:631 ctstate NEW
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 ctstate NEW
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 ctstate NEW

I hope this will be useful for someone out there :)
More info, as usual, in the official documentation: firewall-cmd, nmcli.

Pacemaker cluster maintenance mode

This is intended as a quick reminder for all the sysadmins out there (me included) that keep forgetting the syntax while working on different environments.

For older clusters you would use:

crm configure property maintenance-mode=true

While for newer cluster you might want to use:

pcs property set maintenance-mode=true

Set the property to “false” to exit maintenance mode.

For reference, check the official Red Hat documentation.

How to start rails or puma (installed with rvm) with systemd

Just a few notes I took about how to start rails server or puma (installed with rvm) with systemd.

I started reading this question on StackOverflow, but it has no answers. Then I found out this gist containing an interesting example: it shows how to create a wrapper with rvm, and then how to use this wrapper to start the server.

I read more in systemd.service documentation and the rails command line documentation and wrote this (gist):

# based on https://gist.github.com/twtw/5494223
# create systemd service file for rails/puma startup
# 0. [if required: rvm use ruby@default]
# 1. rvm wrapper default systemd rails
# 2. put this file in /etc/systemd/system/rails-puma.service
# 3. systemctl enable rails-puma
# 4. systemctl start rails-puma
[Unit]
Description=Rails-Puma Webserver
 
[Service]
Type=simple
User=app
WorkingDirectory=/home/app/your-app
ExecStart=/home/app/.rvm/bin/systemd_rails server -e production
TimeoutSec=15
Restart=always
 
[Install]
WantedBy=multi-user.target

I didn’t get to test it yet, if it works for you let me know :)