Moving from Windows to Linux – Freedom and Happiness
New week at work, opening my laptop and Windows system greets me with well known and hated information: “Configuring Windows Updates, 30% Complete, Don’t turn off your computer”, hanging on the screen for another 20 minutes. Just perfect…
I work with Linux operating systems throughout my professional life, but I’ve never had it installed as my main operating system on my workstation. Time to change it! Here is my experience of switching from Windows to Linux as well a brief mention of applications I work with on Linux.
The type of work I do involves pretty wide range of tasks. I’m working with IT infrastructures, network appliances, Linux & Windows servers, databases and application servers. I use an office suite to create presentations, write documentations or create designs. I also use multiple e-mail service providers and follow multiple agendas.
This post is not to discuss pros and cons of working with Windows or Linux. As a matter of fact I’m working with all major operating systems; Linux, Windows and even OSX. Now, I decided to finally give it a try and I will run Linux on my day to day machine.
First things first, my laptop is Lenovo X1 Carbon 5th Gen:
CPU: Intel i7-7500U | RAM: 16GB | GPU: Intel HD Graphics 620
External peripherals:
Logitech M560 Unifying Receiver | SONY SBH80 | JBL Flip 3
I have considered 3 Linux distributions (flavours);
- Ubuntu Linux one of the most popular and well maintained Linux distros based on solid Debian Linux.
- Manjaro Linux it is a distribution based on the Arch Linux. Pretty good in terms of packages management and easy to work with.
- Linux Mint based on Debian and Ubuntu. Linux Mint provides full out-of-the-box multimedia support by including some proprietary software and comes bundled with a variety of free and open-source applications
NOTE: There are plenty of Linux Distributions, check this out: Linux Distributions Timeline
GNU/Linux Distributions Timeline source: wikimedia.org
I already knew Ubuntu very well, but I also heard good opinions about Linux Mint. Next to that when looking at DistroWatch, Linux Manjaro is ranked nr 1 – so I decided to give it a try. After some initial validation in a virtual machine I’ve installed Linux Manjaro on my laptop. Wow, even though I knew what to expect, that was a blast! Here I am, with a fresh Linux OS on my laptop and it feels so good! First impressions were like relief from something which was puzzling me for so many years!
Installing Linux OS
Installation of Linux OS can be described as “Easy peasy lemon squeezy” process, literally. There is no easier installation approach than Linux! All you need to do is to download selected Linux ISO image, create bootable USB drive using tools like “Etcher” and boot your system from the USB drive. You will have two options: either to run Live CD to give it a try and then install Linux (preferred) or run the installer immediately. For those who consider dual boot (Windows and Linux on one disk), I strongly recommend to install Windows first (or shrink existing Windows partition) and then install Linux! In this order Linux installer will discover Windows partition and will add it nicely to the boot loader. If you try it the other way around, Windows will mess everything up – simply do not do it, unless you are a nerd and you know how to deal with it. Pay attention to partitioning of a hard drive, first create ~100 MB partition for “/boot/efi”. I don’t use SWAP when running on SSD drive and having 16GB of RAM. Then create a root partition or separate root “/” from “/home”. This is good idea if you would like to reinstall Linux on root partition without loosing data stored on /home partition. I suggest 20-30 GB for root and the rest for /home. Having root partition slightly bigger will make future distro/system upgrades easier.
Running Linux Manjaro
After a few days of working with Manjaro and GNOME on the desktop, it turned out that it was a bit uncomfortable. Gnome 3 is not what Gnome used to be. I must admit that I had very pleasant experience with installing or removing software and all applications were running very smoothly. But I had issues with bluetooth devices and the quality of sound. I was struggling a lot getting High Fidelity Playback (A2DP Sink) over analog (HSP/HFP) sound. Each time I was connecting my bluetooth devices the quality of sound was very random and I couldn’t figure out the way to make it stable. Next to that I had several issues with setting custom look and feel of Gnome desktop components, and finally I did not make friends with the default GNOME file manager – Nautilus. For those who don’t care about desktop environment or want to try installing other desktop environments, I definitely recommend Linux Manjaro flavour. I also encourage you to read this informative article 7 Reasons Why I Use Manjaro Linux – especially section about software installation and repositories (PPAs).
Something was telling me that I should try Linux Mint with its highly appreciated Cinnamon desktop environment. I was too curious, so I installed it and I loved it! Cinnamon desktop environment meets all my requirements, it is very nice looking, smooth and fast, it also has low memory usage! It provides all I need in terms of look and feel customisation, applets, desklets and its simplicity. Linux Mint provides full out of the box multimedia support, I’ve got no more issues with sound quality over bluetooth. Also Lenovo function keys are supported. Everything is really working out of the box. Because of Linux Mint is based on Ubuntu Linux it benefits from broad range of deb packages available on the internet, and maintained by software vendors. For example if there is no package available in APT or Flatpak repository you might still download a deb package directly from software vendor’s website. Rpm and deb are the most popular software package formats.
Linux Mint 19 “Tara” Cinnamon Edition
First days in the office environment
Linux vs. Windows and MS Office Suite, enterprise WiFi networks, VPNs, certificates and all that challenges related to compatibility with enterprise applications.
Booting up my laptop, connecting an external monitor… after quick configuration of “Display” settings I’m up and running. Connecting to enterprise network worked well. Now it’s time to verify if VPNs are working. OpenVPN – works out of the box. Ciso AnyConnect required installation of additional packages though:
sudo apt install openconnect network-manager-openconnect network-manager-openconnect-gnome
I can now configure new Cisco VPN connection – it works like a charm.
Performance of the system – extremely fast and stable, no lags coming from unknown sources. No background processes scanning hard drive, downloading gigabytes of updates, sending tons of information to unknown servers, no distracting notifications, just pure pleasure of interacting with the OS. Battery life – Power Center shows 15 hours. I wasn’t aware of my laptop can work that long on a battery, but to be frank I have noticed 30-40% run-time increase on average, when not running CPU intensive tasks.
The negative side is that I have just realized that I have to learn new applications! I found it the most annoying and time consuming part… I got used to windows applications so much that now I feel a bit lost. There are so many applications available in repositories and it is extremely hard to select the best which will work for me, and the experience will be as close as possible to what I used to. On the other hand I see that we spend 90% of the time working with web browser based applications!
Applications
Here is the list of applications I’m working with on Linux, apart from pre-installed apps:
| Apps group | App name | Notes |
|---|---|---|
| Accessories | ||
| CherryTree, Zim | Notes database | |
| Docky | Fancy shortcut bar | |
| xreader | PDF reader | |
| Double Commander | File Manager | |
| KeePassXC | Passwords database | |
| LuckyBackup, Duplicati | Backup utilities | |
| Solar | Logitech mice | |
| VeraCrypt | Data encryption | |
| Synapse / Albert | App Launcher | |
| Xpad | Sticky notes | |
| Guake Terminal | Must have! | |
| VirtualBox | Virtual machines | |
| Graphics | ||
| Flameshot, Shutter | Screenshots + editing | |
| GIMP | Linux Photoshop | |
| Nomacs | Image viewer | |
| SimpleScan | Super fast scanner utility | |
| Kdenlive | Video editing | |
| Internet | ||
| Dropbox / Insync | Insync is commercial | |
| FeedReader | 🙂 | |
| Firefox / Opera / Chrome | Whatever is your favourite | |
| xfreerdp & vinagre | Remote Desktop Clients | |
| Skype, Slack | 🙂 | |
| Thunderbird Mail | Mail + ExQuilla for Microsoft Exchange add-on | |
| Evolution | Mail and Calendar | |
| Rambox | All in One Mail & Messaging client | |
| Office | ||
| LibreOffice | MS Office Alternative. (Install MS Fonts in Linux) | |
| WPS Office | MS Office alternative: presentation, spreadsheets, writer | |
| XMind | Mind maps | |
| Pencil | MS Visio alternative | |
| Programming | ||
| Atom | Text and source code editor | |
| Oracle SQL Developer | Oracle database | |
| DBeaver | Database client | |
| Terminator | Must have! | |
| Multimedia | ||
| Spotify | 🙂 | |
| VLC media player | Multimedia player |
I have to admit that I’m running Windows 10 in a virtual machine, just in case I really really have to run some weird, Windows only compatible application. I also recommend to install Windows fonts in Linux – this will make LibreOffice more compatible with documents created in MS Office. One of the mistakes we make, is that we are looking for Windows applications alternatives for Linux – how about searching Linux apps which does the job we are after? Just look at the problem from different perspective.
Working on Linux in enterprise and technical oriented environments is a pleasure. I feel more productive than ever. Everything is working flawlessly and OS seems to be silent, yes including my CPU fan. I also tried OSX for a while but that experience was far from good. I want to forget about it, mainly because I run OSX on MackBook Air which is quite outdated. I’m not going to throw 2,5k on a laptop with always outdated specs, being totally vendor and hardware locked, and then spend another 1k on a decent software. End of story.
Linux is much better and more mature than 10 years ago. I see more and more people moving away from Windows on other platforms, in my opinion, the only driver for Windows is its Office and Outlook closed ecosystem. I agree that those applications are one of the best on the market. But trust me, it is very easy to work without Outlook native client and most of the documents can be nowadays successfully edited in LibreOffice or WPS Office.
Here is my desktop:
Problems:
Skype for business (Lync) – not supported, no native app for Linux, no web browser plugins, simply it does’t work. The SIPE Project is a third-party Pidgin plugin for those who really need it. Go ahead and give it a try.
Outlook – Evolution / Thunderbird works fine with Office365.com servers but doesn’t work with local, “old” exchange servers. Many issues concerning working with calendar and user authentication. This can be easily overcome by using outlook web client.
Finger Print sensor – couldn’t make it working in Linux Manjaro. Though, I haven’t tried in Linux Mint yet.
Conclusion:
We’ve always worked and practiced in Windows, we got used to it. Windows is being pushed everywhere, making us thinking that’s the only way to go. This is not true! You can learn Linux in one weekend! User experience is very similar in all operating systems, including Linux, Windows or OSX. There are always pros and cons. OSX is so sweet and colourful. After all these years I’ve developed my own opinion about Windows and to me it was one big virus on my machine! I encourage you to give Linux a try! Be original, be yourself, stand out from the crowd! Go where not everyone dares to go! Use your brain and think about your privacy!
Feel free to leave your comment or ask questions. I would be very happy to discuss about your experience and challenges with Linux.
Cheers!!
Installing OpenShift Origin in a Home Lab
We are going to demonstrate how quickly get us up and running with a “lightweight” OpenShift Origin environment in a virtual home lab.
Origin is the upstream community project that powers OpenShift. Built around a core of Docker container packaging and Kubernetes container cluster management. OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. (source: www.openshift.org)
Let’s have a look at our virtual infrastructure of this project:
OpenShift Origin Topology
Virtual infra:
Our virtual infrastructure has 4 virtual machines. Point out that each machine has 3 virtual disks attached. In addition, we are running DNS server, NFS storage and Ansible control server. Our DNS server is configured to resolve to all hostnames and IPs including console.openshift.local domain and wildcard for *.apps.openshift.local. We will be running installation scripts from ansible host, using openshift ansible playbooks. It can be a laptop or any other workstation that has access to all virtual servers. Point out that os-infra1 node has 8GB of RAM, this is because we intend to run logging, metrics and EFK on that node. Continue reading…
Installing Sophos UTM 9 Firewall In Home Network
Have you ever thought about securing and monitoring your home network, or protecting your children from online treads? There are hundreds of applications you could install which is challenging to choose. I do care about online security and I’m very keen to know what’s going on in my home network. This has led me to creating my own, central home intrusion prevention system (IDS) on a budget equipment. And I’m going to share with you, how to do it.
Traditional home network armed with IDS system
In the previous post Securing Home Network with SOPHOS UTM IDS we have introduced SOPHOS UTM 9 and we have discussed some benefits of having such system implemented in our home network. In this post we will focus on building that IDS Box, which is shown on the diagram above in a red square. Let’s take a look at example hardware which can be used to build our home network Intrusion Detection System.
Bill of materials (BoM). Choosing a decent piece of hardware.
 Intel NUC6CAYH, Celeron J3455 |
€ 129 |
 RAM: Crucial 4GB PC3L-12800 |
€ 39 |
 SanDisk SSD Plus, 120GB, 2,5″, SATA3 |
€ 60 |
 TP-Link USB 3.0 to Gigabit Ethernet Adapter |
€ 19 |
| TOTAL: | €247 |
In our project we are using Intel NUC6CAYH mini PC which has a quad-core Intel Celeron processor. It is power-efficient and very quiet device. Although it comes with only one network interface card (NIC), it is not an issue because that’s the way we save some money and we hook-up an USB 3.0 gigabit Ethernet adapter, which will serve as of a secondary NIC. This is because our IDS system requires two network interfaces – one for the external network (WAN) and the second for internal network (LAN). We’ve got 4GB of RAM and 120 GB solid state hard drive (more disk space is good for longer logs’ retention time). This configuration will ensure a decent performance and long up-time for our system.
The total price is around € 250 (2017), but this is only example of the hardware which can be used for this purpose. The IDS system can be installed on any spare desktop PC, as well as in a virtual machine. The minimum hardware recommendations are as follows:
- CPU: 1.5+ GHz (dual core recommended)
- RAM: 1GB (2GB strongly recommended)
- HDD: 60GB +
Connecting hardware and Installing Sophos UTM software.
Sophos UTM network topology
IDS box must be installed in the way it intercepts traffic from both, external and internal networks. This means we have to plug it in between our ISP modem on NIC:2, and our local network switch on NIC:1. This way our entire network traffic will flow through IDS. It will serve as a router, an internet gateway, a firewall and a DNS forwarder to all devices in our local network. It will also manage entire network traffic.
Firewall rules
For example we can define a firewall rule which will prevent our Smart TV from accepting inbound connections from the internet, or block communication between a gaming console and a network printer, or maybe we would like to block WiFi mobile devices from accessing our NAS storage, etc.
Downloading Sophos ISO image and obtaining free license.
Free Sophos UTM Home Edition features full Network, Web, Mail and Web Application Security with VPN functionality and protects up to 50 IP addresses. You can register and request for software download URL here. Register your account as a home user and follow instructions from an email that you will receive to download ISO image of Sophos UTM. You will also receive your free license attached with that email. We will be using USB pen drive as our installation medium, so no need to burn ISO image onto a CD.
Note: You must download the latest version of the following ISO image: UTM v9 software appliance “asg-9.506-2.1.iso” (2018). Do not download hardware appliances ISO images.
Once the ISO image has been downloaded, we create a bootable USB installation drive using Rufus. ISO requires at least 1GB on a memory stick.
Connect some keyboard, monitor and plug in USB installation media into free USB port and power up a PC. Go to BIOS settings and configure boot sequence the way it boots up from an external USB device.
The installation process starts:
TIP: After first reboot, you may login to the system as a root user. At the first login attempt you will be asked to reset root password. Just leave empty password for “Old Password:” prompt and set the new and secure password for the root user account.
The system is ready for initial setup. All configuration is done with Web Admin using web browser. Open the following URL https://10.0.0.2:4444 (IP of NIC1) to perform basic system setup.
Next, login to Web Admin console with username admin and the password you just set. Now you must activate the product with a license file obtained during the registration process (check the mailbox). Follow the Setup wizard:
Finally, we are ready to enjoy our brand new Sophos UTM 9 instance.
Sophos UTM WebAdmin Dashboard
Summary
The installation process is straight forward. However the fun begins with IDS configuration, where we have to setup NAT, firewall rules, routing rules, network and websites protection. Sophos UTM comes with lots of features. Imagine you are running a web server, or a mail server, or access your home network over a VPN. All these network services can be monitored and protected by Sophos UTM. As a matter of fact, we pay a lot to our internet providers and our network’s bandwidth is pretty good, why not to utilize it to its full potential? Lightweight home websites, mail servers, lab servers can easily be running in home networks. The only challenge is to keep them secured and backed up.
Stay tuned!! In following articles we will focus on Sophos UTM configuration. The fun is just about to begin!
Securing Home Network with SOPHOS UTM IDS
Traditionally, households are connected to the internet via modems. Modern modems come with builtin basic routers and Wi-Fi access points. All we have to do is to plug them in, activate the service and enjoy a vast ocean of content available on the internet. What if the “internet” would attempt to browse our home network?
Cyber threat real-time map: cybermap.kaspersky.com
Are traditional devices strong enough to secure home network from internet threats, or protect the children from browsing unwanted content? Unfortunately not. Their role is to provide internet service at basic security level. Home networks certainly need something more than simple modem to increase level of security. Here comes the enterprise grade firewall, an Intrusion Detection System – Sophos UTM Home Edition. And guess what, it is for free! Continue reading…
How To Build an FPV Drone – Beginners Guide
Building a quadcopter is relatively easy nowadays. Components required to build a decent quadcopter, equipped with a first person view camera (FPV), are broadly available for purchase. The average time for a hobbyist to build a “qwad” is less than an hour! Well, let’s build a multipurpose quadcopter capable of flying freestyle, racing, and recording HD videos at the same time!
Even though it appears to be difficult, trust me it isn’t. Once you created your first qwad, you won’t have any problems with building even more advanced configurations. It is very easy to learn how to put all the things together and take your bird in the air. This post is about to provide basic information on haw to get started with the hobby, short buying guide of “ready to fly” quads and finally some generic information about building the quadcopter equipped with FPV & HD recording camera.
Let’s roll…
Provisioning WebLogic Server in less than 1 minute using Docker
We are going to demonstrate how to provision Oracle WebLogic Server in less than 1 minute Using Docker running on Ubuntu.
Prerequisites
To follow this tutorial, you will need Ubuntu 64-bit up and running. We will be using Ubuntu version 16.04 in our fancy VirtualBox sandbox machine. This is because Docker requires a 64-bit version of Ubuntu as well as a kernel version equal to or greater than 3.10.
1. Installing docker on Ubuntu:
#Add the GPG key for the official Docker repository to our system: sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D #Add the Docker repository to apt sources: sudo apt-add-repository 'deb https://apt.dockerproject.org/repo ubuntu-xenial main' sudo apt-get update #we make sure that we use Docker repo instead of default Ubuntu repo: sudo apt-cache policy docker-engine #installing Docker $ sudo apt-get install -y docker-engine
Verifying installation and displaying information about Docker:
$ docker images -a REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest 48b5124b2768 3 months ago 1.84kB $ docker run hello-world Hello from Docker! This message shows that your installation appears to be working correctly. #Other check commands $ sudo systemctl status docker $ docker info
2. Provisioning WebLogic Server Domain
Our docker is ready to roll so we navigate to docker hub website:
https://hub.docker.com/r/playniuniu/weblogic-domain
or simply go to https://hub.docker.com and search for “weblogic” docker images.
@ https://hub.docker.com/r/playniuniu/weblogic-domain we copy the following command:
docker run -d -p 8001:8001 –name=wlsadmin playniuniu/weblogic-domain:12.2.1.2 startWebLogic.sh
Run it and after a while (depends on your network speed) a brand new WebLogic Server domain is up and running:
$ docker run -d -p 8001:8001 --name=wlsadmin playniuniu/weblogic-domain:12.2.1.2 startWebLogic.sh Unable to find image 'playniuniu/weblogic-domain:12.2.1.2' locally 12.2.1.2: Pulling from playniuniu/weblogic-domain 8d30e94188e7: Pull complete 1d43e94144e5: Pull complete ... Status: Downloaded newer image for playniuniu/weblogic-domain:12.2.1.2
Voila! We can login to WLS Admin Console http://ubuntuhost:8001/console using credentials weblogic/welcome1 and check if managed server (AdminServer) is up.
Learn more about Docker:
Oracle Compute Cloud Service Overview – Network
Oracle Compute as part of Oracle Cloud Service, is a standards-based infrastructure service. In Network section we control the ways of how we can connect to our Oracle Cloud Services.
Oracle Compute Cloud Service architectural overview
Access to Oracle Compute instances is possible in several ways.
We can use a web browser to access the web console, we can access the REST API directly, or we can use the command-line interface. Secure access is provided by protocols such as SSH and RDP. We can also set up a VPN tunnel to provide secure access to instances in our Oracle Compute Cloud Service network.
Accessing Oracle Compute Cloud with a web browser
Creating Oracle Database Cloud Service (DBaaS)
Previously we were looking at How to get 30 days Free Oracle Cloud Subscription Plan PaaS IaaS. Now let’s take a look at the Oracle Database Public Cloud Services and one of its offerings: Oracle Database Cloud Service (DBaaS).
We will create brand new 12c Database instance, enable remote access and using Oracle SQL developer we will connect from our local machine to the newly created database. Finally we will show how to monitor the database instance with OEM Database Express 12c and DBaaS Monitor.
Creating Database as a Service Instance in Oracle Database Cloud.
- Login to my services using the URL provided by Oracle in a welcome email:
- https://myservices.emea.oraclecloud.com
- Create DB Cloud Service Instance:
We will create our demo database with a backup configuration enabled using both, Cloud Storage and Local Storage. This will allow us in the future creating Oracle SOA Cloud Service instance.
How to get 30 days Free Oracle Cloud Subscription Plan PaaS IaaS
Oracle now offers the Free Oracle Cloud Promotion plan. With this promotion, we start with $300 (€260) Cloud Service credits in your Oracle Cloud Services Account. This balance can be used towards activating and using any of the metered Oracle Cloud Services in the following categories: PaaS, IaaS, Big Data and Middleware Cloud Services, which are available as Pay-as-You-Go subscriptions.
Previously we were playing with free trial subscription of Oracle Database Schema Cloud Service. This tutorial however is different! We are going to try a 30 days free subscription plan, which includes all we need to get started with Oracle Cloud: Compute, Storage, Database, Database Backup, MySQL, Java, SOA, Application Container Cloud and Developer Cloud Services.
Oracle Database Cloud Service free trial account
Oracle Cloud is offering a free of charge 30 days trial subscriptions to Oracle’s Platform (PaaS) and Infrastructure (IaaS) Cloud Services. One of the services is Oracle Database Cloud Service.
Users can find two ways to discover Oracle Cloud. One way is to get 30 days trial subscription to Platform & Infrastructure services. Second way is to register for Application (SaaS) and Data (DaaS) quick tours which offers very nice interactive application demos, videos and e-books.
Oracle Sales Cloud Quick Tour
One of the Platform & Infrastructure services is Oracle Database in the Cloud providing several deployment choices such us single schemas, dedicated pluggable databases, virtualized databases and more. Our focus for today is to activate 30 days subscription to Oracle Database Schema Cloud Service and application express (APEX). Continue reading…