Archive for August, 2012

Raspberry Pie

Saturday, August 25th, 2012

In honour of the Raspberry Pi I wanted to make a Raspberry Pie, I tried to do this by looking up a recipe on the rPi plugged into the TV but page loads were too slow (still running debian squeeze rather than raspbian so not taking advantage of the speed increases associated with that).
So I decided to just experiment and throw things together until they looked about right (the temporary absence of scales meant that being accurate was difficult). When you are making something yummy out of components which are all yummy there is only so far you can go wrong.
This produced the following:
A raspberry pie in a pyrex dish lead

There was a little less pastry than would have been optimal made using flour, unsalted butter and a little bit of water (cribbing from Delia’s instructions but without any accuracy). I left it in the fridge for well over the half an hour I had originally intended before rolling it out. This was cooked for ~10minutes at 180℃ (might have been better to leave it longer). I used two punnets of raspberries most of which went in raw on top of the cooked pastry but ~1/3 of a punnet went in with some sugar (mainly castor sugar but a little bit of soft brown which deepened the colour) and two heaped tablespoons of corn flour and a little big of water this was stirred vigorously on a hob such that it did a lot of bubbling until it turned into a rather nice thick goo with all the bits of raspberry broken up (looked very jam like). That then got poured on top. I left it in the fridge over night as it was quite late by this point and we ate most of it for lunch.

The only good pie chart - fraction of pie which is pacman, fraction which is pie

The only good pie chart, fraction of pie dish which looks like pacman, fraction which is pie.

Raspberry Pi Entropy server

Thursday, August 23rd, 2012

The Raspberry Pi project is one of the more popular projects the Computer Lab is involved with at the moment and all the incoming freshers are getting one.

One of the things I have been working on as a Research Assistant in the Digital Technology Group is on improving the infrastructure we use for research and my current efforts include using puppet to automate the configuration of our servers.

We have a number of servers which are VMs and hence can be a little short of entropy. One solution to having a shortage of entropy is an ‘entropy key‘ which is a little USB device which uses reverse biased diodes to generate randomness and has a little ARM chip (ARM is something the CL is rather proud of) which does a pile of crypto and analysis to ensure that it is good randomness. As has been done before (with pretty graphs) this can then be fed to VMs providing them with the randomness they want.

My solution to the need for some physical hardware to host the entropy key was a Raspberry Pi because I don’t need very much compute power and dedicated hardware means that it is less likely to get randomly reinstalled. A rPi can be thought of as the hardware equivalent of a small VM.

Unboxed Raspberry Pi with entropy key

I got the rPi from Rob Mullins by taking a short walk down the corridor on the condition that there be photos. One of the interesting things about using rPis for servers is that the cost of the hardware is negligible in comparison with the cost of connecting that hardware to the network and configuring it.

The Raspberry Pi with entropy key temporarily installed in a wiring closet

The rPi is now happily serving entropy to various VMs from the back of a shelf in one of the racks in a server room (not the one shown, we had to move it elsewhere).

Initially it was serving entropy in the clear via the EGD protocol over TCP. Clearly this is rather bad as observable entropy doesn’t really gain you anything (and might lose you everything). Hence it was necessary to use crypto to protect the transport from the rPi to the VMs.
This is managed by the dtg::entropy, dtg::entropy::host and dtg::entropy::client classes which generate the relevant config for egd-linux and stunnel.

This generates an egd-client.conf which looks like this:

; This stunnel config is managed by Puppet.

sslVersion = TLSv1
client = yes

setuid = egd-client
setgid = egd-client
pid = /egd-client.pid
chroot = /var/lib/stunnel4/egd-client

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

debug = 0
output = /egd-client.log

verify = 3

CAfile = /usr/local/share/ssl/cafile

[egd-client]
accept = 7777
connect = entropy.dtg.cl.cam.ac.uk:7776

And a host config like:

; This stunnel config is managed by Puppet.

sslVersion = TLSv1

setuid = egd-host
setgid = egd-host
pid = /egd-host.pid
chroot = /var/lib/stunnel4/egd-host

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

debug = 0
output = /egd-host.log

cert = /root/puppet/ssl/stunnel.pem
key = /root/puppet/ssl/stunnel.pem
CAfile = /usr/local/share/ssl/cafile

[egd-host]
accept = 7776
connect = 777
cert = /root/puppet/ssl/stunnel.pem
key = /root/puppet/ssl/stunnel.pem
CAfile = /usr/local/share/ssl/cafile

Getting that right was somewhat tedious due to defaults not working well together.
openssl s_client -connect entropy.dtg.cl.cam.ac.uk:7776
and a python egd client were useful for debugging. In the version of debian in rasperian the stunnel binary points to an stunnel3 compatibility script around the actual stunnel4 binary which resulted in much confusion when trying to run stunnel manually.

Alps

Friday, August 3rd, 2012

I am presently coming to the end of a holiday in and around Chamonix in the Alps (first time I have been outside the UK for several years) and this consists of some notes on interesting things I have noticed.

They drive on the wrong side of the road fairly consistently, this takes a while to get used to.

Many toilets consist of holes in the ground, many lack soap and some even sinks. The romans had better toilets well over 2000 years ago, toilet technology has made significant advances in the last couple of millennia why not consistently take advantage of this? They have special ceramic things to go around the holes in the ground, why not use one with a more useful shape?
This is not to say that they don’t also have perfectly good working toilets or even that the good ones are not in the majority.

There is much greater biodiversity on the Alps than on mountains in the Lake District or the Cairngorms (my more regular haunts) many of the flowers are familiar from their use in gardens but I don’t think there is a garden centre in the world large enough to fit all the varieties of beautiful plants that there are in the Alps. There are also many insects I have never seen before a few of which are a little vicious including the very large number of ants which one must take great care to avoid sitting near.
Some of this greater biodiversity might be due to the mountains being younger and so more fertile or due to warmer summers but I don’t think that completely explains it. I suspect the fact that the landscape of the Lake District and Cairngorms being an artificial one created by our destruction of the forests which would naturally cover them has some significant effect as will the grazing by lots of sheep. The beautiful mountain meadows in the Alps are I think more naturally occurring with the trees not covering them because of the ground being above the tree line rather than felling.

I am on holiday with my parents who were last here some 27 years ago which allows them to notice some of the more obvious changes that have occurred in that time. Chamonix is about 3 times larger than it was then. The glaciers have clearly retreated a long way in that time and there is much less snow on the tops of the mountains than there was at the same time of year. Here climate change is an obvious “I can see it just by looking” thing (though obviously this could be a localised thing but for that we know it is a global one). We climbed up to a glacier and touched it, in a “do the things your children might not get a chance to do” and a “pictures or it didn’t happen” frame of mind.

The public transport up and down the valley is free, regular, punctual and really rather nice rendering cars completely unnecessary for the tourist. (Apparently funded by a 1€ a night per tourist tax)

Bread and (real) milk won’t last more than a day necessitating regular shopping, bread purchased in the evening may already be stale :-(. Restaurants may not open until 19:00 which is tedious when you need an early dinner.

The Alps are much more work than British mountains, so much more up, so much more down.
The Alps can get far too hot and it seems for the end of July and early August they do so regularly so perhaps June/early July would be a better time to come. Fortunately they are covered in trees which provide welcome shade and relief from the oppressive sunshine. A few hundred meters above the tree-line it generally gets more reasonable as the temperature drop due to height gain combines with stronger winds.

Gorges la Diosaz is wonderfully cool and reasonably priced at ~6€ and a lovely train journey from Chamonix.
L’Arguille du Midi is extortionately priced ~50€ but you would be hard pressed to find a better view.
Mount Chiref in Italy is much less well signposted than the several mountains we climbed in France/Switzerland which were wonderfully well signposted, still worth the climb.