I’ve been looking around for a full-time gig lately, which has given me cause to reflect on my career.

And so I revised a poem I wrote a while back. The poem is more or less a summary of my career; hope you enjoy!

Ballad of the Converged IT Guy
For 16 years I’ve wrangled the stack
As help desk, then admin, now engineer
Tech experience, I do not lack
Just ask around, I’m not insincere

I love pushing packets from the core to the edge
Across the hops with intact QoS values I pledge
I don’t fear multicast or spanning-tree
And I once wrote a Valentine’s to LACP

But truthfully at heart, I’m a Microsoft man
Clustered Hyper-V and block storage is a solid plan
Get a System Center and Datacenter license
And watch for the first time, the beancounters’ silence

Linux, Unix, LAMP? If you insist, if I must
SSH, Putty & apt-get are the tools I trust
Open Source Software is the way of tomorrow
Damnit! Another exploit was found, now only sorrow

I’m deep on storage, right down in my chest
Block, file, object, vols, luns and NFS
But really, wack wack file-sharing’s still the best
And yes, I’ve seen every file extension from east to west
Kilo, Mega, Giga, Tera, Exa
I dedupe, replicate, or quiesce

I still change out the tapes from time to time
Work on a digital PBX? change the toner? okay fine
But really the work I enjoy the most
Is deploying via Powershell a fleet of hosts

To Public, Private, Hybrid Cloud I offer this toast
And Office 365, Azure experience I boast
Yet sometimes I fear being replaced with a script
A converged IT career perhaps clipped?

Oh the rigors of this IT life
ITIL, HIPPA, PCI & SOX
Waterfall, Agile and now DevOps
Declarative, Imperative
Concatenate, Compress, Compile
Yay Though, I’m a Converged IT Guy

Lo, the whiteboard is my kryptonite
Certs I lack, but Devs are my friends
And IT Siloes are my sworn enemy

I’m a Converged IT Guy

 

I’m writing this post inside Microsoft Edge, Redmond’s lightweight and speedy browser. My blog is now hosted on IIS 8.5 inside an Azure WebApp, which I can fiddle with via Powershell. As I write, Office 2016 Preview is installing inside its special App-V/ClickToRun context on screen #1, OneDrive (consumer) is busy syncing my consumer backend to my PC, and oh yeah, did I mention I’m running Windows 10 Professional at home now?

Truly, Summer 2015 is the Summer of Microsoft, and I’m digging the return of the king of compute. Brief review of Windows 10 Professional below.

The Good

  • It’s slimmer: the ISO I downloaded weighed in at about 3.06 GB, which means it fit on one of the many cheap 4GB USB sticks I have lying about
  • It installed very fast: About 25 minutes from start to Domain Join, this was among the most pleasurable Windows PC builds I’ve ever done. Almost as satisfactory and automated as deploying a fleet of Core VMs with Powershell!
  • It’s pretty & blue: I’m really digging the aesthetics of Windows 10. It’s flat, yes, but not overly so. It’s sharp-edged, yet soft and inviting too. The Windows 10 background image -apparently a real photograph- is wicked cool, and I’ve decided to make it my background on all three of my displays
  • It offered very few driver headaches: My main PC -Alpha- is an Intel Core i7-4770k with 32GB of DDR3 1600 MhZ RAM, two Samsung 850 Pros (256GB each), and four Western Digital 1TB 2.5 inch drives, and display is handled by an ATI FirePro W4200 card with 2GB of RAM. All that is plugged, interfaced or otherwise connected to a Supermicro X10SAT, a sort of hybrid workstation/server board (Intel LynxPoint chipset) with a TPM chip to boot. Upon first login to the PC, I got ready to pay homage to the hardware gods, but turns out I didn’t need to. The only thing that wasn’t up-to-date with a proper signed driver was the LynxPoint ME devices, and some various chipset related stuff, all of which I resolved in 5 minutes & only one reboot.
  • It imported my Storage Spaces virtual disks from 8.1: The four WD drives were set up in a Mirrored Storage Spaces array in Windows 8.1. I use the resulting 1.4TB disk for system images, backups of other lab servers, and general safe bulk storage. Unlike when I’ve reinstalled 8.1, this storage spaces disk was present during install and was already moutned as a drive letter on login.
  • It didn’t make me question reality/sanity like Windows 8 did: I’ve written before about teh shock, fear, terror and horror I experienced after first login to a Windows 8 PC in 20131, an experience that sent me on a sojourn into the world of Macs & Chromebooks. Well, upon first login of Windows 10, I felt…at home.
  • It’s Got Edge, which feels like Chrome circa 2011: My Goodness, this is a fast browser. It loads very fast on my box, and renders equally as fast. I love the design of the browser too as it doesn’t get in my way or put a lot of friction between me and all the https I want to consume.
  • The Touch Bits aren’t so offensive anymore: They’re actually quite useful and look good, and what’ s more, they work in a Domain-joined PC context, which is huge. I’ve ditched my Spotify sub and gone full Groove2, and Groove Music had no problem importing some 5,000 MP3s stored on my WindowsSAN in the Garage. I now have near full remote viewing & control of the XBox One in my living room, and if I played any games regularly, I could stream them to my PC in the office.
  • It’s Got Azure AD built-in: I could have joined my PC to my Azure AD Premium instance out of the box, but will test that later on a VM
  • Cortana is somewhat useful: I’m in favor of anything that keeps me out of a productivity-killing browser instance, and I’ve found myself using Cortana to get glanceable information I used to open a browser to see
  • They want to kill the password: I haven’t tested the new authentication mechanisms, but I look forward to it.

The Bad

  • It’s a bit insecure, but not in the way you think: I chose to purchase Windows 10 Professional because I don’t trust “Free!!” and I expected to get a license key all to myself and be left alone with the shiny new OS. But after install  was finished and I was, you know, working, I was interrupted by a Technical Preview-style prompt near the taskbar. Hey Jeff. It’s Satya. How we doin’? Do you like the new shiny? Let me know what you think. Ciao. Right in the middle of a mad powershell session. No bueno, Microsoft! Don’t fish for compliments while I’m working, ok?
  • It’s a bit cavalier with my Wifis: I’ve followed the controversy over Wifi Sense, the Windows 10 feature that securely shares Wifi passwords with contacts you have in Facebook and whatnot. Okay, so it’s really Opt-In, but it’s a deceptive opt-in. During install if you hit “Express Settings,” you’re opted-in (with subsequent opt-ins needed for specific networks). I understand why they’re doing this but dislike seeing this on the Professional SKU.
  • It threatened me to not make the wrong choice during install: During install, Windows 10 asked if this PC was owned by me or “my organization” and then it told me that much was riding on the answer to that question. “If you get this wrong,” the installer said, “It’s not easy to back out the changes later.” WTF?!? Basically the installer was asking me if I wanted to Domain-join this PC, go with Azure AD or leave it as a Workgroup computer, but the execution was clumsy.

The Ugly

  • Donde esta mi RSAT?!? I can’t believe Microsoft didn’t have a fully-baked RSAT install ready on launch day, and still doesn’t a week later. And now it’s August, the month where I’ve heard Microsoft more or less shuts down. We need our RSAT tools Microsoft! What the hell?
  • Office 2016 nothing but headaches: Word has been crashing constantly, particularly on File Save As dialog window. Extremely annoying, especially considering I run no add-ins and have an E4 license, which means I’m running a ClicktoRun/containerized version of Office

Other than that, I’m quite happy. Windows is back, but more than that, my sense is that the Desktop is back. I think many people are tired of all the friction they’re encountering on the web in a browser, and they’re also developing app fatigue. More than anything else, they’re also tired of trying to remember passwords & login details to this site or that site, and they’re worried about their own security because Breachfest 2015 news continues.

Windows 10 isn’t the cure for that, but it’s big step in the right direction. Microsoft’s built an OS that takes the best stuff you care about on the web, and puts it in attractive, touch & mouse-friendly desktop applications that are wicked-fast and peacefully coexist with traditional fat client WinForms/WPE applications, even as they’ve pushed out a new and fast browser.

And that’s really cool because it means we’re one step closer to a sort of technology singularity: business/work stuff peacefully co-existing with your personal & family stuff, accessed transparently via a single set of credentials on whatever device/screen you’ve got on you at the moment.

It means we’re closer to the Agnostic Computing promised land!


  1. and I’ve written about how Windows 8/Server 2012 are also under-appreciated by IT pros 

  2. Zune Lives!!! 

Kudos to Intel  for recognizing & implementing a full Powershell module for their network adapters.

This is probably old news to most of you (and indeed, I think this was released in 2013) but I’ve just now managed to explore them.

How do I love them? Let me count the ways.

  1. With IntelNetCmdlets, you no longer have to fart around with netsh cmds to get your NICs primed to push packets properly
  2. With IntelNetCmdlets, your Network Engineering colleague in the cube next to you will no longer laugh as you suffer from Restless Finger Syndrome. RFS is characterized by furious mouse clicking interspersed with curses such as, “Goddamnit, I don’t have time to hunt through all these Device Manager menus just to input the Receive Buffer values I want! And I have four adapters! Somebody kill me. Now!”
  3. With IntelNetCmdlets, engineers who dabble in the virtual arts now have yet another tool in the box that can reduce/eliminate human error prior to the creation of an important virtual switch in a well-considered Hyper-V infrastructure.
  4. With IntelNetCmdlets, even your beater lab environment shines a little brighter because these babies work with my favorite NIC of all time, the  I350 T-4 quad port server adapter, which you can now buy brand new (Probably a Chinese knock-off…but the drivers work!) for about $70 on eBay. Suck on that Broadcom NetExtreme and goofy BroadcomCLI!

Here’s an example of what Intel’s Net cmdlets can do for you.

Let’s say you’re building out a host in your homelab, or you just received some new Whitebox x86 servers for a dev environment at work. Now, naturally this box is going to host virtual machines, and it’s likely those VMs will be on shared storage or will be resources in a new cluster…whatever the case, proper care & raising of your physical NICs at this stage in your infrastructure project not only sets you up for success and makes you a winner, but saves potentially hours or days of troubleshooting after you’ve abstracted all this nonsense away with your hypervisor.

Of course this could all be scripted out as part of a Config Mgr task sequence, but let’s not get too fancy here! I’m no MVP and I just want you to kill your need for Device Manager and the cryptic netsh commands, ok?

Gifcam demo time. Here I’m setting the Jumbo packet value in the Windows registry for the four Intel adapters on my I350-T4 card:

intelncmd

 

What I love about this is that Intel’s gone the extra-mile with their Netcmdlets. There’s a full Powershell helpfile, with extras if you tag -verbose or -examples to the end of your get-help query. Any setting you need to toggle, it’s there, from “Green Ethernet” to how many RSS queues you want, to whether VMQ is enabled or disabled.

All you need? A quality Intel card (the Pro1000 cards prior to the I350 family don’t support this officially, but you may be able to trick the Proset drivers into it!), the Proset driver package utility (here) and Powershell. Hell, you can even do this while PS Remoting!

 

What are you going to do with all the time I Just saved you? Cheers

What do you get when you take an IT Systems Engineer with more time on his hands than usual and an unfinished home project list that isn’t getting any shorter?

You get this:

Daytime

My home automation/Internet of Things ‘play’

That’s right. I’ve stood-up some IP surveillance infrastructure at my home, not because I’m a creepy Big Brother type with a God-Complex, rather:

  1. Once my 2.5 year old son figured out how to unlock the patio door and bolt outside, well, game over boys and girls….I needed some ‘insight’ and ‘visibility’ into the Child Partition’s whereabouts pronto and chasing him while he giggles is fun for only so long
  2. My home is exposed on three sides to suburban streets, and it’s nice to be able to see what’s going on outside
  3. I have creepy Big Brother tendences and/or God complex

I had rather simple rules for my home surveillance project:

  • IP cameras: ain’t no CCTV/600 lines of resolution here, I wanted IP so I could tie it into my enterprise home lab
  • Virtual DVR, not physical: Already have enough pieces of hardware with 16 cores, 128GB of RAM, and about 16TB of storage at home.
  • No Wifi, Ethernet only: Wifi from the camera itself was a non-starter for me because 1) while it makes getting video from the cameras easier, it limits where I can place them both from a power & signal strength perspective 2) Spectrum & bandwidth is limited & noisy at distance-friendly 2.4GhZ, wide & open at 5ghz, but 5 has half the range of 2.4. For those reasons, I went old-school: Cat5e, the Reliable Choice of Professionals Evereywhere
  • Active PoE: 802.3af as I already own about four PoE injectors and I’ve already run Cat5e all over the house
  • Endpoint agnostic:  In the IP camera space, it’s tough to find an agnostic camera system that will work on any end-device with as little friction as possible. ONVIF is, I suppose, the closest “standard” to that, and I don’t even know what it entails. But I know what I have: Samsung GS6, iPhone 6, a Windows Tiered Storage box, four Hyper-V hosts, System Center, an XBox One and 100 megabit internet connection.
  • Directional, no omni-PTZ required: I could have saved money on at least one corner of my house by buying a domed, movable PTZ camera rather than use 2 directionals, but 1) this needed to work on any end-point and PTZ controls often don’t

And so, over the course of a few months, I picked up four of these babies:

TV-IP310PI_d02_2

Trendnet TV-IP310PI

Design

I liked these cameras from the start. They’re housed in a nice, heavyweight steel enclosure, have a hood to shade the lens and just feel solid and sturdy. Trendnet markets them as outdoor cameras, and I found no reason to dispute that.

My one complaint about these cameras is the rather finicky mount. The camera can rotate and pivot within the mount’s attachment system, but you need to be careful here as an ethernet cable (inside of a shroud) runs through the mount. Twist & rotate your camera too much, and you may tear your cable apart.

And while the mount itself is steel and needs only three screws to attach, the interior mechanism that allows you to move the camera once mounted is cheaper. It’s hard to describe and I didn’t take any pictures as I was cursing up a storm when I realized I almost snapped the cable, so just know this: be cognizant that you should be gentle with this thing as you mount it and then as you adjust it. You only have to do that once, so take your time.

Imaging and Performance:

ircam

Nighttime

Trendnet says the camera’s sensor & processing is capable of pushing out 1080p at 30 frames per second, but once you get into one of these systems, you’ll notice it can also do 2560×1440, or QHD resolutions. Most of the time, images and video off the camera are buttery smooth, and it’s great.

I’m not sharp enough on video and sensors to comment on color quality, whether F 1.2 on a camera like this means the same as it would on a still DSLR, or understand IR Lux, so let me just say this: These cameras produce really sharp, detailed and wide-enough (70 degrees) images for me, day or night. Color seems right too; my lawn is various hues of brown & green thanks to the heat and California drought, and my son’s colorful playthings that are scattered all over do in indeed remind me of a clown’s vomit. And at night, I can see far enough thanks to ambient light. Trendnet claims 100 foot IR-assisted viewing at night. I see no reason to dispute that.

Let the camera geeks geek out on teh camera; this is an enterprise tech blog, and I’ve already talked abou the hardware, so let’s dig into the software-defined & networking bits that make this expensive project worthwhile.

Power & Networking

These cameras couldn’t be easier to connect and configure, once you’ve got the power & cabling sorted out. The camera features a 10/100 ethernet port; on all four of my cameras, that connects to four of Trendnet’s own PoE injectors. All PoE injectors are inside my home; I’d rather extend ethernet with power than put a fragile PoE device outside. The longest cable run is approximately 75′, well within the spec. Not much more to say here other than Trendnet claims the cameras will use 5 watts maximum, and that’s probably at night when the IR sensors are on.

From each injector, a data cable connects to a switch. In my lab, I’ve got two enterprise-level switches.

One camera, the garage/driveway camera, is plugged into trunked, native vlan 410 port on my 2960s in the garage,

The other switch is a small CIsco SG-300 10p. The three other cameras connect to it. The SG-300 serves the role of access-layer switch and has a 3x1GbE port-channel back to the 2960s. This switch wasn’t getting used enough in my living room, so I moved it to my home office, where all ports are now used. Here’s my home lab environment, updated with cameras:

The Homelab as it stands today

The Homelab as it stands today

Like any other IP cam, the Trendnet will obtain an IP off your DHCP server. Trendnet includes software with the camera that will help you find/provision the camera on your network, but I just saved a few minutes and looked in my DHCP table. As expected, the cameras all received a routable IP, DNS, NTP and other values from my DHCP.

Once I had the IP, it was off to the races:

  • Set DHCP reservation
  • Verify an A record was created DNS so I could refer to the cameras by names rather than IP
  • Login, configure new password, update firmware, rename camera, turn-off UPNP, turn-off telnet
  • Adjust camera views

Software bits – Server Side

Trendnet is nice enough to include a fairly robust and rebadged version of Luxriot camera software, which has two primary components: Trendnet View Pro (Fat Client & Server app) and VMS Broacast server, an http server. Trendnet View Pro is a server-like application that you can install on your PC to view, control, and edit all your cameras. I say server-like because this is the free-version of the software, and it has the following limits:

  • Cannot run as a Windows Service
  • An account must be logged in to ‘keep it running’
  • You can install View Pro on as many PCs as you like, but only one is licensed to receive streaming video at a time

Upgrading the free software to a version that supports more simultaneously viewers is steep: $315 to be exact.

Smoking the airwaves with my beater kiosk PC in the kitchen. This is the TrendNet View client, limited to one viewer at a time

Smoking the airwaves with my beater kiosk PC in the kitchen. This is the TrendNet View client, limited to one viewer at a time

Naturally, I went looking for an alternative, but after dicking around with Zoneminder & VLC for awhile (both of which work but aren’t viewable on the XBox), I settled on VMS Broadcast server, the http component of the free software.

Just like View Pro, VMS Broadcast won’t run as a service, but, well, sysinternals!

So after deliberating a bit, I said screw it, and stood-up a Windows 8.1 Pro VM on a node in the garage. The VM is Domain-joined, which the Trendnet software ignored or didn’t flag, and I’ve provisioned 2 cores & 2GB of RAM to serve, compress, and redistribute the streams using the Trendnet fat client server piece as well as the VMS web server.

Client Side

On that same Windows 8.1 VM, I’ve enabled DLNA-sharing on VLAN 410, which is my trusted wireless & wired internal network. The thinking here was that I could redistribute via DLNA the four camera feeds into something the XBox One would be able to show on our family’s single 48″ LCD TV in the living room via the Media App. So far, no luck getting that to work, though IE on the XBox One will view and play all four feeds from the Trendnet web server, which for the purposes of this project, was good enough for me.

Additionally, I have a junker Lenovo laptop (Ideapad, 11″) that I’ve essentially built into a Kiosk PC for the kitchen/dining area, the busiest part of the house. This PC automatically logs in, opens the fat client and loads the file to view the four live feeds. And it does this all over wifi, giving instant home intel to my wife, mother-in-law, and myself as we go about our day.

Finally, both the iOS & Android devices in my house can successfully view the camera streams, not from the server, but directly (and annoyingly) from the cameras themselves.

The Impact of RTSP 1080p/30fps x 4 on Home Lab 

I knew going into this that streaming live video from four quality cameras 24×7 would require some serious horsepower from my homelab, but I didn’t realize how much.

From the compute side of things, it was indeed alot. The Windows 8.1 VM is currently on Node2, a Xeon E3-1241v3 with 32GB of RAM.

Typically Node2’s physical CPU hovers around 8% utilization as it hosts about six VMs in total.

With the 8.1 VM serving up the streams as well as compressing them with a variable bit rate, the tax for this DIY Home surveillance project was steep: Node2’s CPU now averages 16% utilized, and I’ve seen it hit 30%. The VM itself is above 90% utilization.hosts

More utilization = more worries about thermal as Node2 sits in the garage. In southern California. In the summertime.

Ambient air temperature in my garage over the last three weeks.

Ambient air temperature in my garage over the last three weeks.

Node2’s average CPU temperature varies between 22c and 36c on any given warm day in the garage (ambient air is 21c – 36c). But with the 8.1 VM, Node2 has hit as high as 48c. Good thing I used some primo thermal paste!

trsp

All your Part 15 FCC Spectrum are belong to me, on channel 10 at least

All your Part 15 FCC Spectrum are belong to me, on channel 10 at least

From the network side, results have been interesting. First, my Meraki is a champ. The humble MR-18 802.11n access point doesn’t break a sweat streaming the broadcast feed from the VM to the Lenovo Kiosk laptop in the kitchen. Indeed, it sustains north of 21mb/s as this graph shows, without interrupting my mother in law’s consumption of TV broadcasts over wifi (separate SSID & VLAN, from the SiliconDust TV tuner), nor my wife’s Facebooking & Instagramming needs, nor my own tests with the Trendnet application which interfaces with the cameras directly.

Meraki’s analysis says that this makes the 2.4ghz spectrum in my area over 50% utilized, which probably frustrates my neighbors. Someday perhaps I’ll upgrade the laptop to a 5ghz radio.

vSwitch, the name of my Converged SCVMM switch, is showing anywhere from 2megabits to 20 megabits of Tx/Rx for the server VM. Pretty impressive performance for a software switch!network

Storage-wise, I love that the Trendnets can mount an SMB share, and I’ve been saving snapshots of movement to one of the SMB shares on my WindowsSAN box.

I am also using Trendnet’s email alerting feature to take snapshots and email them to me whenever there’s motion in a given area. Which is happening a lot now as my 2 year old walks up to the cameras, smiles and says “Say cheeeese!”

All in all, a tidy & fun sub-$1000 project!

This is my third Father’s Day as a dad to the Child Partition, Everett.

But in a real sense, it’s my first Father’s Day as a true Daddy.

On the other Father’s days, I was a pretender, a fraud, a passive observer in the boy’s development, letting things happen to him, getting frustrated when he didn’t comply, dreading his tantrums and so on.

Now, on Father’s Day 3.0 in 2015, I make things happen for Everett, my 2.5 year old son who was diagnosed with mild/moderate ASD. Today, I’m a full active-active Dad.

And the results have been incredible.

Some back of the napkin advice for other new dads like me who may be struggling with an ‘on the spectrum’ toddler:

  • Own the schedule: I’m convinced there’s a tempo and rhythm to a child’s day that will set him/her up for success if properly planned, or result in failure, frustration and shouting if neglected. IT Guys are good at looking at thinking of systems and sequencing things properly; take that talent and set up your son or daughter for success.
  • Toys suck, for the most part: This is the biggest thing I’ve learned. You can’t just take a toy, give it to your kid and expect them to find fulfillment and joy. Kids, especially ones like my son, need active, structured play with mom or dad, and they need mom or dad’s full attention, so only take your mobile out to take pictures of your kid. Bonus father points if you can set up a play environment that stimulates & works your son or daughter’s joints & muscles. The $50 I spent on a safety trampoline have been more effective & fun for Everett than a box full of well-intentioned toys, even ones that are STEM-focused.
  • Be imaginative: Reality beats imagination into submission when you’re an adult, and it’s hard to get it back. But if you work at it, you can fill an empty slot in your kid’s Sunday afternoon with something that stimulates him, is 100x more fun than watching TV and mega-fun for you and your kid. Pull an old rope out of your utility area or garage, knot it up, and teach your son or daughter what tug of war is. With all those Amazon boxes you’ve intended to recylce, build a fort. Play games that involve contrasts and opposites: Gooo faast! Now Slow! When your kid wants to climb, structure it: we go up, we come down, and so on.
  • If you get resources, exploit them: If your son or daughter gets diagnosed as ‘on the spectrum,’ don’t spend a month moping about as if it’s the end of the world like I did. Rather, challenge yourself to maximize the impact of all the resources about to come your way, whether it’s in-home therapy, occupational therapy, or speech. You’ll only have to go through this once and though it might be inconvenient for your career, it’s the best time to help your kid. So do what you have to do Dad!
  • Use your tools and tech know-how: I organized all the appointments & schedules with my Office 365 Exchange tenant, and built the timeline below with my Visio Subscription. I’ve got a Kanban style whiteboard at home with family tasks. Work the problem with what you have and you’ll see the results quickly.
  • Make Transitions fun: Getting my boy to sit in his car seat used to be a 20 minute scream & cry stressor. But once I learned to plan his transitions from one activity/place to another, the boy responded. So now when we get in my car, he pushes the start button, then climbs in the seat himself and says, “Ok, we go now.” Which is so great!

Once I figured this all out, I couldn’t believe how the boy changed. Rather than throwing a tantrum, he tells me what he wants to do. He seems to be sleeping a bit better thanks to the routines. We ramp him up to active play in the AM, then wind him down before lunch.

Happy Father’s Day!

morning