How

Setting up a Raspberry PI as a DNS Sinkhole to block ads and Trackers

April 15, 2020 by Simon

What is PiHole?

Snip from WikiPedia: “Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole (and optionally a DHCP server), intended for use on a private network. It is designed for use on embedded devices with network capability, such as the Raspberry Pi, but it can be used on other machines running Linux and cloud implementations. Pi-hole has the ability to block traditional website advertisements as well as advertisements in unconventional places, such as smart TVs and mobile operating system advertisements.”

What is a Raspberry PI?

A Raspberry PI is an inexpensive (5V Volt, 2 Amp) ARM based computer that can run off the power from a USB cable.

Here is a photo of my Raspberry Pi 3B+ with an Adafruit LCD Screen

My Raspberry Pi has the following specifications

4 x 1.4GHz 64-bit (quad-core processor)
1GB LPDDR2 SDRAM
Dual-band wireless LAN
Bluetooth 4.2/BLE,
Faster Ethernet
Extended 40-pin GPIO header
Full-size HDMI 4 USB 2.0 ports
5V/2.5A DC power input

My screen has the following specifications (purchased from Pakronics)

3.5″ display with 480×320 16-bit colour pixels
Resistive touch overlay

I plugged in a full sized USB Keyboard, Mouse and HDMI cable.

SD Card Choice

Read my guide to download and write an Raspberry Pi Operating System to an SD card.

I would not put a cheap/slow MicroSD card in the Raspberry PI, aim for at least a UHS (1) or UHS (3) speed SD card for the best bang for buck.

fyi: I bought a new 32GB Samsung UHS 1 Ultra Micro SD card and it died after 12 hours of use. I replaced it with another 32GB No name brand CLASS 10 SD Card I had laying around.

Raspberry Setup

I download and saved the Raspian (Full) Operating System to a SD Card and inserted it into my Raspberry PI 3B+ (view the guide here on preparing an Operating System on a SD card).

I used the American 110-240V AC to 5.25V 2500ma DC power supply (with a US to AUS adaptor) that came with the Adafruit Screen. It had a Micro USB connection on one end.

It did not work though (I just had a flashing red light on the Raspberry Pi).

I had an Australian 240V AC to 5V 2500ma DC power supply to Micro USB. from a previous project and it worked (the Raspberry Pi Started up).

I also have a number of Moki brand 240V to USB (1A and 2.4A) adapters.

I will use the 2.4mA plug. I know my Adafruit screen uses 100mA so this will do.

I plugged the HDMI cable into my Monitor and set up the HDMI as a Picture in Picture output so I can see my Main 4K screen (Display Port) and the Raspberry Pi HDMI input at the same time.

Frst Raspberry Pi Boot

Mmmm my 4K screen with a 1080P HDMI picture in picture image (from the Raspberry Pi).

The Raspberry Pi booted fast and a welcome screen appeared

Apologies in advance, photos below are bad (I don’t have a HDMI capture card).

I clicked Next to setup the Raspberry PI

I set my timezone and language

I set a password

I skipped connecting to WiFi (I want pure Ethernet)

I was prompted to update the software

Setup is complete

I rebooted the Raspberry Pi

Second Boot

I changed further configuration by clicking the Raspberry Pi start button then Preferences then Raspberry PI Configuration

Screenshot of the Raspberry Pi menu showing Raspberry Pi Configuration

I changed the hostname to “raspberrypihole”, set Boot to CLI , Login as “pi“, and set Wait for network.

Update: After my Samsung SD card died I re setup my PI with a no name brand SD card and entered the name “raspberrypihole“

Under display I reviewed the display options

I enabled SSH, SPI and I2C.

Enable SSH, SPI and I2C features screenshot.

I increased the GPU memory to 132GB

Time for a Reboot

SSH Access

I do not want to leave a keyboard, mouse and screen connected once I finish setting it up so I setup a SSH connection to the Raspberry Pi.

TIP: Putty is a free program for SSH connections.

I SSH’ed (more information on SSH below) to the Raspberry Pi and ran these commands to update it’s software and firmware.

sudo apt-get update  && sudo apt-get upgrade

Output

[email protected]:~ $ sudo apt-get update  && sudo apt-get upgrade
Hit:1 http://archive.raspberrypi.org/debian buster InRelease
Hit:2 http://raspbian.raspberrypi.org/raspbian buster InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

The program “htop” is good for viewing system resources.

Now it’s time to look at the Adafruit screen and case.

I put the Raspberry PI in the Adafruit Case

I purchased this kit for the Raspberry Pi, the LCD screen just connects to the Raspberry Pi GPIO pins. It has a Adafruit LCD screen and a case for my Raspberry Pi 3B+

Photo of a Raspberry Pi 3B+, LCD screen and case

The screen just connects onto the GPIO pins

The LCD screen allows you to use pins below the screen.

GPIO pins documentation from https://www.raspberrypi.org/documentation/usage/gpio/

GPIO pin documentation from https://www.raspberrypi.org/documentation/usage/gpio/

A nice stack 🙂

Photo showing the LCD screen connected to the Pi

The case clips are hard to clip over the Raspberry Pi (Don’t force it or you might break for Pi)

Photo showing a case clip over the raspberry pi board

The case clip near the GPIO pins is on

Photo showing the case clip near the GPIO pins.

The clip near the power plug was off because the Raspberry Pi was not positioned correctly

Photo of the Raspberry PI off center of the lugs

After 30 minutes I carefully put the Raspberry Pi and LCD screen into the Case.

Photo showing the LCD screen in the case.

Side of the case with USB and Ethernet and USB porws exposed.

Photo of the Case exposing the USB and Ethernet port

HDMI, Power and Audio plugs are visible and lined up 🙂

Photo showing HDMI, Power and Audio plugs

The screen is visible through the case

The screen dips down on one side, I might have to prop it up (hot glue gun) a bit inside later

Photo showing the LCD screen dips to one side

SSH Connections to the Raspberry PI

I created a SSH connection to my Raspberry PI with Putty

I created a SSH connection to the Raspberry Pi and connected to it.

I ran the “ifconfig” command to get a list of all network interfaces.

I ran “ifconfig” to list all network interfaces.

I ran these commands to update my Raspberry PI Software

sudo apt-get update
sudo apt-get upgrade
sudo apt full-upgrade
sudo apt -y dist-upgrade

I updated the Pi Firmware too (this is dangerous, only update if you have issues).

sudo rpi-update

I rebooted and connected to the Raspberry Pi and ran this command to get the Ethernet and wireless mac address.

The first interface is my Ethernet adopter the second if the WiFi adaptor.

ifconfig |grep ether
ether b8:27:eb:d9:00:86 txqueuelen 1000
ether b8:27:eb:8c:55:d3 txqueuelen 1000

The first Mac address is my Ethernet address on The Raspberry PI and the second is WiFi.

I logged into my router (Telstra DJA0230) and clicked Advanced then Local Network. I could see my DHCP range was from 192.168.0.2 to 192.168.0.254, I shortened this to 192.168.0.2 to 192.168.0.200 (so I can set a static IP Address for the Raspberry PI) then I set a Static IP address for the Raspberry pi to 192.168.0.201.

I rebooted the Raspberry PI and checked the IP address

I logged into my Router (at https://192.168.0.1)

When my Samsung SD card died I had to re-setup a new SD card but the IP address came across as the mac address stayed the same (as it was the same hardware), I did however change the name of the Static IP hostname in my home router to match the new name “raspberrypihole” (not “pihole”)

I set a static IP for this Ethernet address and defined 192.168.0.201 as the IP address.

Setting Up PiHole on the RaspBerry PI

I SSH’ed to my Raspberry Pi (with the new IP address) and ran this command

Now its time to install Pi Hole onto My Raspberry Pi

curl -sSL https://install.pi-hole.net | bash

I received a Root user error

I read this guide on temporarily allowing root logins then rebooted my Pi and connected again as root. Running as root is not a good idea long term buy it works and my location is secure.

I logged in as root and checked my username

# whoami
root

I re-ran this command to restart the PiHole Setup

curl -sSL https://install.pi-hole.net | bash

Root user is found

Available packages are downloaded

Root user check ok, disk space ok, packages downloading.

Confirmation warning.

The pi is showing a confirm install screen

PiHole is free, consider donating.

I donated. Thanks

This will pay for itself in no time.

Static IP address is required.

I chose to just have PiHole work on Ethernet (and not Wifi)

I was prompted to set my upstream DNS provider.

I selected all default blacklist lists.

I allowed PiHole to use IPv4 and IPv6.

My IP and Gateway was displayed on the screen.

Final warning about setting a static IP address.

The PiHole IPv6 address is show

Install a web server (Yes)

I chose to log all DNS queries.

I oped to allow the viewing of all logged data. This is less secure but I can reduce this later.

The PiHole setup resumed and PiHole was downloaded from GitHub.

A progress bar displayed the install status.

A PiHole admin URL and Password was displayed (write this down)

I loaded the PiHole initial admin screen (http://192.168.0.201/admin/) and it was a bit empty.

I login and logged in.

I had better uninstall the nextdns.io (my blog post about NextDNS.io here) as the Pi will now be the main DNS blocking Sinkhole in our house.

The Raspberry Pi Pi Hole service was up and waiting for connections

On my Windows 10 PC I added the DNS server for the PiHole in IPV4 and IPV6.

I obtained the PiHole IPV4 and IPV6 addresses (1) PiHole Admin, 2) Pi Hole Settings Page, 3) IP Address)

I added the Pi Holes IPV4 IP address to my Windows 10 IP Settings.

I added the PIHole DNS to the IPV4 and IPV6 on my Windows 10 Ethernet adaptor

I added the Pi Holes IPV6 IP address to my Windows 10 IP Settings.

After 18 hours the Pi Hole Admin interface (at http://192.168.0.201/admin/index.php) was reporting stats.

I can view stats for Protocol and answered queries

Pie charts by protocol and answered queries

I can also see stats for permitted and blocked domains

Default Block Lists

I can also see the source blocked domains

Add 3rd party block lists

I added these block lists to my PiHole list of sites to block (Thanks Jol)

https://v.firebog.net/hosts/Easyprivacy.txt
https://v.firebog.net/hosts/Prigent-Ads.txt
https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt
https://hostfiles.frogeye.fr/multiparty-trackers-hosts.txt
https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt
https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt
https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/AmazonFireTV.txt
https://v.firebog.net/hosts/Airelle-trc.txt
https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt
https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt
https://hosts-file.net/ad_servers.txt
https://hosts-file.net/emd.txt
https://hosts-file.net/exp.txt
https://hosts-file.net/grm.txt
https://hosts-file.net/psh.txt
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt
https://mirror1.malwaredomains.com/files/justdomains
https://mirror.cedia.org.ec/malwaredomains/immortal_domains.txt
http://someonewhocares.org/hosts/hosts
https://phishing.army/download/phishing_army_blocklist_extended.txt
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.2o7Net/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts
https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://v.firebog.net/hosts/AdguardDNS.txt
https://v.firebog.net/hosts/Airelle-hrsk.txt
https://v.firebog.net/hosts/Easylist.txt
https://v.firebog.net/hosts/Easyprivacy.txt
https://v.firebog.net/hosts/Prigent-Ads.txt
https://v.firebog.net/hosts/Prigent-Malware.txt
https://v.firebog.net/hosts/Prigent-Phishing.txt
https://v.firebog.net/hosts/Shalla-mal.txt
https://v.firebog.net/hosts/static/SamsungSmart.txt
https://v.firebog.net/hosts/static/w3kbl.txt
https://www.malwaredomainlist.com/hostslist/hosts.txt
https://www.squidblacklist.org/downloads/dg-malicious.acl
http://sysctl.org/cameleon/hosts
https://zerodot1.gitlab.io/CoinBlockerLists/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
http://www.joewein.net/dl/bl/dom-bl.txt
http://www.networksec.org/grabbho/block.txt

I updated all block lists

954,481 domains on my block list 🙂

I now have the PiHole blocking 945,481 domains

LCD Screen Setup

I followed thin guide to setup the screen.

I can this code from the pi (logged in as root)

cd ~
wget https://raw.githubusercontent.com/adafruit/Raspberry-Pi-Installer-Scripts/master/adafruit-pitft.sh
chmod +x adafruit-pitft.sh
sudo ./adafruit-pitft.sh

I edited /boot/config.txt and changed these values

framebuffer_width=320
framebuffer_height=240

I was prompted to choose a screen

Select configuration:
1. PiTFT 2.4", 2.8" or 3.2" resistive (240x320)
2. PiTFT 2.2" no touch (240x320)
3. PiTFT 2.8" capacitive touch (240x320)
4. PiTFT 3.5" resistive touch (320x480)
5. PiTFT Mini 1.3" or 1.54" display (240x240)
6. MiniPiTFT 1.14" display (240x135) - WARNING! CUTTING EDGE! WILL UPGRADE YOUR KERNEL TO LATEST
7. Quit without installing

SELECT 1-7:

I entered “3” for PiTFT 2.8″ capacitive touch (240×320)

I then was prompted to set the rotation of the screen

Select rotation:
1. 90 degrees (landscape)
2. 180 degrees (portait)
3. 270 degrees (landscape)
4. 0 degrees (portait)

SELECT 1-4:

I entered “3” for 270 degrees (landscape).

I was prompted to allow the console to appear on the screen

Would you like the console to appear on the PiTFT display? [y/n]
y

I rebooted

Reboot [y/n]
y

Installing PADD to display PiHole stats on the LCD

I followed this guide to install PADD (the software that displays the PiHole stats on the LCD screen)

cd ~
wget -N https://github.com/jpmck/PADD/files/4320681/padd.txt
rename padd.txt paddsimon.sh
chmod +x paddsimon.sh

Making PADD starts at boot

Edit this file

sudo nano  ~/.bashrc

and add the following to the end of the file

# Run PADD
# If we're on the PiTFT screen (ssh is xterm)
if [ "$TERM" == "linux" ] ; then
  while :
  do
    /root/paddsimon.sh
    sleep 0.2
  done
fi

I rebooted the PI.

Turning the screen OFF from the CLI

I created a bash script with this contents to turn the screen off

#!/bin/bash
gpio -g pwm 18 0

Turning the screen ON from the CLI

I created a bash script with this contents to turn the screen on

#!/bin/bash
gpio -g pwm 18 1023

How to Update the PiHole from the CLI

I ran the following command to update the PiHole block lists

pihole -g

Output…

  [i] Pi-hole blocking is enabled
  [i] Neutrino emissions detected...
  [✓] Pulling blocklist source list into range

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: mirror1.malwaredomains.com (justdomains)
  [✓] Status: No changes detected

  [i] Target: sysctl.org (hosts)
  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_tracking.txt)
  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_ad.txt)
  [✓] Status: No changes detected

  [i] Target: hosts-file.net (ad_servers.txt)
  [✓] Status: No changes detected

  [i] Target: raw.githubusercontent.com (ytadblock.txt)
  [✓] Status: Retrieval successful

  [i] Target: v.firebog.net (Easyprivacy.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Prigent-Ads.txt)
  [✓] Status: No changes detected

  [i] Target: gitlab.com (notrack-blocklist.txt)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (spy.txt)
  [✓] Status: Retrieval successful

  [i] Target: www.github.developerdan.com (ads-and-tracking-extended.txt)
  [✓] Status: Retrieval successful

  [i] Target: hostfiles.frogeye.fr (firstparty-trackers-hosts.txt)
  [✓] Status: Retrieval successful

  [i] Target: hostfiles.frogeye.fr (multiparty-trackers-hosts.txt)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (android-tracking.txt)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (SmartTV.txt)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (AmazonFireTV.txt)
  [✓] Status: Retrieval successful

  [i] Target: v.firebog.net (Airelle-trc.txt)
  [✓] Status: No changes detected

  [i] Target: bitbucket.org (Mandiant_APT1_Report_Appendix_D.txt)
  [✓] Status: No changes detected

  [i] Target: gist.githubusercontent.com (Test.txt)
  [✓] Status: Retrieval successful

  [i] Target: gitlab.com (notrack-malware.txt)
  [✓] Status: Retrieval successful

  [i] Target: hosts-file.net (emd.txt)
  [✓] Status: No changes detected

  [i] Target: hosts-file.net (exp.txt)
  [✓] Status: No changes detected

  [i] Target: hosts-file.net (grm.txt)
  [✓] Status: No changes detected

  [i] Target: hosts-file.net (psh.txt)
  [✓] Status: No changes detected

  [i] Target: isc.sans.edu (suspiciousdomains_Medium.txt)
  [✓] Status: Retrieval successful

  [i] Target: mirror.cedia.org.ec (immortal_domains.txt)
  [✓] Status: No changes detected

  [i] Target: someonewhocares.org (hosts)
  [✓] Status: No changes detected

  [i] Target: phishing.army (phishing_army_blocklist_extended.txt)
  [✓] Status: Retrieval successful

  [i] Target: ransomwaretracker.abuse.ch (CW_C2_DOMBL.txt)
  [✓] Status: Retrieval successful

  [i] Target: ransomwaretracker.abuse.ch (LY_C2_DOMBL.txt)
  [✓] Status: Retrieval successful

  [i] Target: ransomwaretracker.abuse.ch (RW_DOMBL.txt)
  [✓] Status: Retrieval successful

  [i] Target: ransomwaretracker.abuse.ch (TC_C2_DOMBL.txt)
  [✓] Status: Retrieval successful

  [i] Target: ransomwaretracker.abuse.ch (TL_C2_DOMBL.txt)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (spy.txt)
  [✗] Status: Not found
  [✗] List download failed: no cached list available

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: raw.githubusercontent.com (hosts)
  [✗] Status: Not found
  [✗] List download failed: no cached list available

  [i] Target: reddestdream.github.io (minimalhosts)
  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_malvertising.txt)
  [✓] Status: Retrieval successful

  [i] Target: v.firebog.net (AdguardDNS.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Airelle-hrsk.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Easylist.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Prigent-Malware.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Prigent-Phishing.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (Shalla-mal.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (SamsungSmart.txt)
  [✓] Status: No changes detected

  [i] Target: v.firebog.net (w3kbl.txt)
  [✓] Status: No changes detected

  [i] Target: www.malwaredomainlist.com (hosts.txt)
  [✓] Status: No changes detected

  [i] Target: www.squidblacklist.org (dg-malicious.acl)
  [✗] Status: Connection Timed Out (Cloudflare)
  [✗] List download failed: no cached list available

  [i] Target: zerodot1.gitlab.io (hosts)
  [✓] Status: No changes detected

  [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
  [✓] Status: Retrieval successful

  [i] Target: www.joewein.net (dom-bl.txt)
  [✓] Status: Retrieval successful

  [i] Target: www.networksec.org (block.txt)
  [✓] Status: Retrieval successful
  [i] Received empty file: using previously cached list

  [✓] Consolidating blocklists
  [✓] Extracting domains from blocklists
  [i] Number of domains being pulled in by gravity: 1178534
  [✓] Removing duplicate domains
  [i] Number of unique domains trapped in the Event Horizon: 954486
  [i] Number of whitelisted domains: 2
  [i] Number of blacklisted domains: 0
  [i] Number of regex filters: 0
  [✓] Parsing domains into hosts format
  [✓] Cleaning up stray matter

  [✓] Force-reloading DNS service
  [✓] DNS service is running
  [✓] Pi-hole blocking is Enabled

I can view all possible command line options by running

pihole /?

Output..

Usage: pihole [options]
Example: 'pihole -w -h'
Add '-h' after specific commands for more information on usage

Whitelist/Blacklist Options:
  -w, whitelist       Whitelist domain(s)
  -b, blacklist       Blacklist domain(s)
  --wild, wildcard     Wildcard blacklist domain(s)
  --regex, regex       Regex blacklist domains(s)
                        Add '-h' for more info on whitelist/blacklist usage

Debugging Options:
  -d, debug           Start a debugging session
                        Add '-a' to enable automated debugging
  -f, flush           Flush the Pi-hole log
  -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
  -t, tail            View the live output of the Pi-hole log

Options:
  -a, admin           Web interface options
                        Add '-h' for more info on Web Interface usage
  -c, chronometer     Calculates stats and displays to an LCD
                        Add '-h' for more info on chronometer usage
  -g, updateGravity   Update the list of ad-serving domains
  -h, --help, help    Show this help dialog
  -l, logging         Specify whether the Pi-hole log should be used
                        Add '-h' for more info on logging usage
  -q, query           Query the adlists for a specified domain
                        Add '-h' for more info on query usage
  -up, updatePihole   Update Pi-hole subsystems
                        Add '--check-only' to exit script before update is perfo                                                     rmed.
  -v, version         Show installed versions of Pi-hole, Web Interface & FTL
                        Add '-h' for more info on version usage
  uninstall           Uninstall Pi-hole from your system
  status              Display the running status of Pi-hole subsystems
  enable              Enable Pi-hole subsystems
  disable             Disable Pi-hole subsystems
                        Add '-h' for more info on disable usage
  restartdns          Restart Pi-hole subsystems
  checkout            Switch Pi-hole subsystems to a different Github branch
                        Add '-h' for more info on checkout usage

After 1 Week

After 1 week stats were rolling into the PIHole.

40% of all traffic was being blocked.

I could see blocked and allowed domain calls

I can white list domains if they are blocked.

I white listed fearby.com and events.gfe.nvidia.com

Done

This is what it looks like done

PiHole stats on the LCD screen

View of the pi from the left hand side

View of the pi from the right hand side

Nice

After 2 month(s)

After 2 months the PiHole served 266,737 DNS requests. 95,268 requests were blocked (13,000 ad’s, tens of thousands of trackers.

Did it block Ad’s

Mostly yes. Not all advertisements are blocked but most are.

Some YouTube Advertisements seem to get through but I am seeing far less Advertisements in web pages

Troubleshooting

I needed to white list “events.gfe.nvidia.com” to allow my video card drivers to upodate.

Cooling

The Raspberry Pi is running cool at 47c (even though it is in a tight space).

I might add a heat pipe to it and have an external fan. I will thermal epoxy the hat pipe to the Pi CPU and run it outside to a external heat sink and fan.

eBay purchase for a fan, thermal epoxy and heatpipes.

I have many spare heat sinks laying around.

I will update when the part’s arrive.

Rotating the screen

I did exit my /boot/config.txt to rotate my LCD Screen orientation

Buttons

Read this guide to see how I setup a Python script to make my buttons work.

Do edit your /boot.config.txt to configure your screen rotation (if need be) and to check if the LCD screen is setup (by Adafruit)

framebuffer_width=240
framebuffer_height=320

# --- added by adafruit-pitft-helper Sun 8 Mar 2020 12:29:49 AM AEDT ---

dtparam=spi=on
dtparam=i2c1=on
dtparam=i2c_arm=on
dtoverlay=pitft28-capacitive,speed=64000000,fps=30
dtoverlay=pitft28-capacitive,rotate=270,touch-swapxy=true,touch-invy=true

# --- end adafruit-pitft-helper Sun 0 Mar 2020 12:29:49 AM AEDT ---

Handy Links

Handy Guide: https://learn.adafruit.com/pi-hole-ad-pitft-tft-detection-display/pitft-configuration to configure the LCD Screen

Schematics of the screen: https://learn.adafruit.com/assets/25555

Donate to PiHole: https://pi-hole.net/donate/

Raspberry Pi GPIO Pins: https://www.raspberrypi.org/documentation/usage/gpio/

v 1.2

How to backup and restore a MySQL database on Windows and Linux

April 21, 2019 by Simon

Why backup and restore

This is a quick guide demonstrating how you can backup and restore a MySQL database on Windows and Linux using Adminer.

You may need to know how to backup a restore a database for a number of reasons..

e.g

Send the database to someone to debug or give feedback while learning.
Move the database from a local machine to the cloud
Move the database from cloud vendor A to cloud vendor B
etc.

Having a backup of the VM is good but having a backup of the database too is better. I use UpCloud for hosting my VM’s and setting backups is easy. But I cannot download those backups.

Murphy’s Law

“If anything can go wrong, it will”

The most important reason for taking a backup and knowing how to restore it is for disaster recovery reasons.

Backup (the easiest way) with Adminer

Adminer is a free PHP based IDE for MySQL and other databases. Simply install Adminer and save the file on your local computer or remote web server directory.

FYI: The Adminer author Jakub Vrana has a patron page, I am a patron of this awesome software.

Snip from Adminers website. “Adminer (formerly phpMinAdmin) is a full-featured database management tool written in PHP. Conversely to phpMyAdmin, it consist of a single file ready to deploy to the target server. Adminer is available for MySQL, MariaDB, PostgreSQL, SQLite, MS SQL, Oracle, Firebird, SimpleDB, Elasticsearch andMongoDB.”

TIP: The file would be publicly accessible to anyone so don’t save it to a common area, obfuscate the file, protect it of delete the file when you are done using it.

Once Adminer is installed load it in a web browser, login with your MySQL credentials. Once you login you will see all databases and an Import and Export menu.

Adminer main screen, all databases and import and export menu.

tbtest is a simple database with one table and 4 fields (ID, Key, Value and Modified)

.Click Export to open the export screen.

Export screen showing a list of databases and export options

Click Export, a SQL file will be generated (this is the export of the database).

Here is a save of the file:
https://fearby.com/wp-content/uploads/export.txt

Exported view of https://dev.mysql.com/doc/workbench/en/wb-admin-export-import-management.html

Its that simple.

If I add a binary blob file to the table and upload a PNG file lets see how the export looks.

Screenshot o the new table with a blog field in Adminer UI

Let export the database again in Adminer and check out the output. I used Sublime Text editor to view the export file.

New Export shows the binary file in the Backup SQL file

Restore (the easiest way) with Adminer

OK lets delete the tbtest database and then restore it with Adminer. I used Adminer to delete (DROP) the database.

Database “dbtest” deleted.

Now lets create a blank database to restore to (same name).

Database created.

Now lets import the database backup using Adminer.

Click Import, select the backup file and un-tick Stop on errors.

Import screenshot, dxtest selectded, Restore file selected, stop on errors disabled

TIP: The 2MB next the the choose file button is defined by your web server and PHP configuration. If you are trying to import a larger database (e.g 80MB) first increase the limits in your web server and PHP (via php.ini).

The Import (restore should take seconds)

The database was imported from a backup, all tables and records imported just fine.

Bonus methods.

On Ubuntu use this guide to backup from the command line. If you use the Oracle MySQL Workbench read this.

I hope this helps someone.

How to install PHP 7.2.latest on Ubuntu 16.04

November 17, 2018 by Simon

How to install PHP 7.2.latest on Ubuntu 16.04/ Ubuntu 18.04/Debian etc/

I have a number of guides on moving away from CPanel, Setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. PHP is my programming language of choice.

PHP has a support page that declares the support date ranges and support types: http://php.net/supported-versions.php

A version of PHP is either actively supported, security fix supported or end of life. Read this post to check WordPress for PHP compatibility.

From time to time vulnerabilities come up that require PHP updates to be applied.

Multiple flaw found in #PHP, most severe of which could allow arbitrary code execution
Affected Versions:
PHP 7.2 —prior to 7.2.5
PHP 7.1 —prior to 7.1.17
PHP 7.0 —prior to 7.0.30
PHP 5.0 —prior to 5.6.36https://t.co/TtiqXePoHu
Upgrade to the latest version of PHP immediately
— The Hacker News (@TheHackersNews) May 1, 2018

#PHP 7.2.12 has been released https://t.co/iNXGYTs0PX
— Neustradamus (@neustradamus) November 9, 2018

Source Link here

I have guides on setting up PHP 7 here on Digital Ocean, here on AWS and here on Vultr. I have tried upgrading to PHP 7.1 in the past with no luck (I forgot to change something and rolled back to 7.0).

FYI: I have a guide on setting up PHP child workers so the output from some commands below may be different than yours. Here are the steps I performed to install PHP 7.2 alongside 7.0 then switch. to 7.2.

Backup your system

Do perform a Snapshot or Backup before proceeding. Nothing beats a quick restore if things fail.

Note: Use this information at your own risk.

Updating php 7.2.12 to 7.2.12

Update your Ubuntu systems

apt-get update && apt-get upgrade

Updating from an older php (e.g 5.x, 7.1, 7.1 to say 7.2.12)

Backup PHP

cd /etc/php
zip -r php7.0backup.zip 7.0/

Install Helper

This software provides an abstraction of the used apt repositories. It allows you to easily manage your distribution and independent software vendor software sources. More Info

apt-get install python-software-properties

Add the main PHP repo (more information)

add-apt-repository ppa:ondrej/php

Update the package lists

“In a nutshell, apt-get update doesn’t actually install new versions of the software. Instead, it updates the package lists for upgrades for packages that need upgrading, as well as new packages that have just come to the repositories.” from here

apt-get update

List Installed Packages (optional)

dpkg -l

Install PHP 7.2

apt-get install php7.2

Install common PHP modules

apt-get install php-pear php7.2-curl php7.2-dev php7.2-mbstring php7.2-zip php7.2-mysql php7.2-xml

Install PHP FPM

apt-get install php7.2-fpm

Update all packages (may be needed to update from php 7.2.4 to 7.2.5)

sudo apt-get upgrade

Edit your NGINX sites-available config

sudo nano /etc/nginx/sites-available/default
# I set: fastcgi_pass /run/php/php7.2-fpm.sock;

Edit your NGINX sites-enabled config

sudo nano /etc/nginx/sites-enabled/default
# I set: fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;

I edited these lines

location ~ \.php$ {
    ...
    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    ...
}

Edit your PHP config (and make desired changes)

sudo nano /etc/php/7.2/fpm/php.ini

Edit your PHP pool config file (as required). See this guide here.

e.g.

> cgi.fix_pathinfo=0
> max_input_vars = 1000
> memory_limit = 1024M
> max_file_uploads = 8M
> post_max_size = 8M

sudo nano /etc/php/7.2/fpm/pool.d/www.conf

Make sure you set: listen = /run/php/php7.2-fpm.sock

Set PHP 7.2 as the default PHP

update-alternatives --set php /usr/bin/php7.2

Check your PHP version

php -v

Reload PHP

sudo service php7.2-fpm reload

Reload NGINX

nginx -t
nginx -s reload
/etc/init.d/nginx restart

Check the status of your PHP (and child workers)

sudo service php7.2-fpm status
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-05-04 19:02:27 AEST;
     Docs: man:php-fpm7.2(8)
  Process: 123456 ExecReload=/bin/kill -USR2 $MAINPID (code=exited, status=0/SUCCESS)
 Main PID: 123456 (php-fpm7.2)
   Status: "Processes active: 0, idle: 10, Requests: 0, slow: 0, Traffic: 0req/sec"
    Tasks: 11
   Memory: 30.5M
      CPU: 10.678s
   CGroup: /system.slice/php7.2-fpm.service
           ├─16494 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
           ├─16497 php-fpm: pool www
           ├─16498 php-fpm: pool www
           ├─16499 php-fpm: pool www
           ├─16500 php-fpm: pool www
           ├─16501 php-fpm: pool www
           ├─16502 php-fpm: pool www
           ├─16503 php-fpm: pool www
           ├─16504 php-fpm: pool www
           ├─16505 php-fpm: pool www
           └─16506 php-fpm: pool www

Check your website.

Troubleshooting

Guides that helped me.

https://thishosting.rocks/install-php-on-ubuntu/

https://websiteforstudents.com/wordpress-supports-php-7-2-heres-how-to-install-with-nginx-and-mariadb-support/

Check your log files

tail /var/log/nginx/error.log

Debug FPM Service

systemctl status php7.2-fpm.service
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-05-06 00:18:55 AEST; 7min ago
     Docs: man:php-fpm7.2(8)
  Process: 123456 ExecReload=/bin/kill -USR2 $MAINPID (code=exited, status=0/SUCCESS)
 Main PID: 123 (php-fpm7.2)
   Status: "Processes active: 0, idle: 10, Requests: 44, slow: 0, Traffic: 0req/sec"
    Tasks: 11
   Memory: 212.6M
      CPU: 12.052s
   CGroup: /system.slice/php7.2-fpm.service
           ├─438 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
           ├─441 php-fpm: pool www
           ├─442 php-fpm: pool www
           ├─443 php-fpm: pool www
           ├─444 php-fpm: pool www
           ├─445 php-fpm: pool www
           ├─446 php-fpm: pool www
           ├─447 php-fpm: pool www
           ├─449 php-fpm: pool www
           ├─450 php-fpm: pool www
           └─451 php-fpm: pool www

May 06 00:18:55 server systemd[1]: Stopped The PHP 7.2 FastCGI Process Manager.
May 06 00:18:55 server systemd[1]: Starting The PHP 7.2 FastCGI Process Manager...
May 06 00:18:55 server systemd[1]: Started The PHP 7.2 FastCGI Process Manager.

Remove PHP 7.0

sudo apt-get purge php7.0-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libaspell15 libauthen-pam-perl libc-client2007e libio-pty-perl libmcrypt4 librecode0 libtidy-0.99-0 libxmlrpc-epi0 linux-headers-4.4.0-109
  linux-headers-4.4.0-109-generic linux-headers-4.4.0-112 linux-headers-4.4.0-112-generic linux-headers-4.4.0-87
  linux-headers-4.4.0-87-generic linux-headers-4.4.0-96 linux-headers-4.4.0-96-generic linux-image-4.4.0-109-generic
  linux-image-4.4.0-112-generic linux-image-4.4.0-87-generic linux-image-4.4.0-96-generic linux-image-extra-4.4.0-109-generic
  linux-image-extra-4.4.0-112-generic linux-image-extra-4.4.0-87-generic linux-image-extra-4.4.0-96-generic mlock
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
  php7.0-cli* php7.0-common* php7.0-curl* php7.0-fpm* php7.0-gd* php7.0-imap* php7.0-intl* php7.0-json* php7.0-mbstring* php7.0-mcrypt*
  php7.0-mysql* php7.0-opcache* php7.0-pspell* php7.0-readline* php7.0-recode* php7.0-sqlite3* php7.0-tidy* php7.0-xml* php7.0-xmlrpc*
  php7.0-xsl*

PHP 7.0 Removed 🙂

Remove other unused packages

sudo apt autoremove

At the time of writing (November the 18th 2018) PHP 7.2.12 is the latest version of PHP and PHP 7.3 will be out at the end of the year.

Good luck and I hope this guide helps someone

Ask a question or recommend an article

[contact-form-7 404 "Not Found"]

Revision History

v1.4 Updated the post to mention PHP 7.0 EOL

v1.3 Updated to add PHP 7.2.12 information

v1.2 PHP 7.2.9 and PHP 7.2 updates

v1.1 Remove PHP 7.0 steps

v1.0 Initial post

How to use the UpCloud API to manage your UpCloud servers

June 17, 2018 by Simon

How to use the UpCloud API to manage your UpCloud servers.

If you have not read my previous posts I have now moved my blog etc to the awesome UpCloud host. Sign up using this link to get $25 free credit.

I recently compared Digital Ocean, Vultr and UpCloud Disk IO here and UpCloud came out on top by a long way (read the blog post here).

Here is my blog post on moving from Vultr to UpCloud.

Spoiler: UpCloud performance is great.

I have never had an UpCloud page load take longer than 2 seconds since moving.

UpCloud API

UpCloud has an API that we can opt into to using where we can manage servers. Read the official UpCloud API documentation here.

The API allows you to control:

Accounts
Pricing
Zones
Timezones
Plans
Servers
Storages
IP-Addresses
Firewall
Tags
etc

Create a sub-account to query the API

You should create a new user account (in the UpCloud dasbboard) just for API access. I created two accounts for use on my server and on my home laptop and my server (and set a limiting IP(s) that can access it).

Create a Sub Account for API Access

Click My Accounts,
Click User Accounts,
Click Change on your user and enable API connections.
TIP: Set up an IP rule to limit access to your API for security (I set up a VPN to get a static IP on my dynamic IP Internet host at home)).
Save the changes

TIP: Lock down the account to have the minimum permissions required.

e.g

Disable access to the control panel (Untick).
Allow API Connections (Tick) and specify an IP
Disable access to billing contact (Untick).
Disable access to billing section in the control panel (Untick).
Disable allowing of emails to billing contact (Untick).
Allow or Remove access to all server (or manually add access to desired servers)
Allow or Remove access to modify storage (or manually allow or remove access to desired storage)
etc

Save the account.

Now let’s make our first API call

I use OSX and I use the awesome Paw API testing tool from https://paw.cloud (This is not a plug, they are awesome). Postman is a popular API testing tool too. Any good programing language or CLI will allow you to send API requests.

First, let’s prepare the authorization string (this is a Base64 encoded combination of your username and password) read more here.

Head over to https://www.base64encode.org/
Click the Encode tab
Add your “username:password” (without the quotes).
Click Encode

A Base64 string will be outputted 🙂

e.g > eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk

fyi

You can encode also Encode and Decode Base64 from the Ubuntu Command line

Encode Base64 from the CLI Sample

echo -n 'yourapiusername:yoursupersecurepassword' | base64
eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk

Decode Base64 from the CLI Sample

echo `echo eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk | base64 --decode`
yourapiusername:yoursupersecurepassword

Now we can add an “Authorization Basic” token to the API request in Paw.

A quick test of the UpCloud Prices API endpoint https://api.upcloud.com/1.2/price reveals the API is working.

I can now see a full breakdown of my service prices in JSON 🙂

Query My Account

OK, Let’s see how much credit I have left by querying the https://api.upcloud.com/1.2/account, I duplicated the item in Paw and changed the URL to https://api.upcloud.com/1.2/account but no data returned?

I had to enable “Access to Billing section in Control Panel” for the user before this data returned from the API (make sense).

> HTTP/1.1 200 OK

Query (GET)

GET /1.2/account HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Authorization: Basic *******************************************

Output

HTTP/1.1 200 OK
Date: Sun, 17 Jun 2018 04:23:32 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 91
Server: Apache

{
   "account" : {
      "credits" : 2500.00,
      "username" : "yourapiusername"
   }
}

“2500.00” = cents ($25)

Query All of Your Servers

Ok, Let’s get server information by querying https://api.upcloud.com/1.2/server

Query (GET)

GET /1.2/server HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Authorization: Basic ##############base64hash##############

Output

HTTP/1.1 200 OK
Date: Sun, 17 Jun 2018 04:32:22 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 1154
Server: Apache

{
   "servers" : {
      "server" : [
         {
            "core_number" : "1",
            "hostname" : "server1nameredacted.com",
            "license" : 0,
            "memory_amount" : "2048",
            "plan" : "1xCPU-2GB",
            "plan_ipv4_bytes" : "3472464313",
            "plan_ipv6_bytes" : "166293599",
            "state" : "started",
            "tags" : {
               "tag" : [
                  "tag1"
               ]
            },
            "title" : "server1nameredacted.com",
            "uuid" : "########-####-####-####-############",
            "zone" : "us-chi1"
         },
         {
            "core_number" : "1",
            "hostname" : "server2nameredacted.com",
            "license" : 0,
            "memory_amount" : "1024",
            "plan" : "1xCPU-1GB",
            "plan_ipv4_bytes" : "198911",
            "plan_ipv6_bytes" : "19742",
            "state" : "started",
            "tags" : {
               "tag" : [
                  "tag2"
               ]
            },
            "title" : "server1nameredacted.com",
            "uuid" : "########-####-####-####-############",
            "zone" : "us-chi1"
         }
      ]
   }
}

Query Server Information

I have redated the UUID’s for my servers but once you know them you can query them by hitting https://api.upcloud.com/1.2/server/########-####-####-####-############

Query (GET)

GET /1.2/server/########-####-####-####-############ HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Authorization: Basic ##############base64hash##############

Output

HTTP/1.1 200 OK
Date: Sun, 17 Jun 2018 04:45:14 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 1656
Server: Apache

{
   "server" : {
      "boot_order" : "cdrom,disk",
      "core_number" : "1",
      "firewall" : "on",
      "host" : redacted,
      "hostname" : "server1nameredacted.com",
      "ip_addresses" : {
         "ip_address" : [
            {
               "access" : "private",
               "address" : "##.#.#.###",
               "family" : "IPv4"
            },
            {
               "access" : "public",
               "address" : "###.###.###.###",
               "family" : "IPv4",
               "part_of_plan" : "yes"
            },
            {
               "access" : "public",
               "address" : "####:####:####:####:####:####:########",
               "family" : "IPv6"
            }
         ]
      },
      "license" : 0,
      "memory_amount" : "2048",
      "nic_model" : "virtio",
      "plan" : "1xCPU-2GB",
      "plan_ipv4_bytes" : "3519033266",
      "plan_ipv6_bytes" : "168200052",
      "state" : "started",
      "storage_devices" : {
         "storage_device" : [
            {
               "address" : "virtio:0",
               "boot_disk" : "0",
               "part_of_plan" : "yes",
               "storage" : "########-####-####-####-############",
               "storage_size" : 50,
               "storage_title" : "system",
               "type" : "disk"
            }
         ]
      },
      "tags" : {
         "tag" : [
            "fearby"
         ]
      },
      "timezone" : "Australia/Sydney",
      "title" : "server1nameredacted.com",
      "uuid" : "########-####-####-####-############",
      "video_model" : "cirrus",
      "vnc" : "off",
      "vnc_password" : "#########################",
      "zone" : "us-chi1"
   }
}

The servers name, IPv4 and IPV6 network adapters are listed, CPU(s), Memory, Disk Sized and UUID’s are all visible 🙂

Surprisingly the VNC password is visible (enabling access to the root console).

TIP: Ensure your API account is safe and secure.

Query Storage Information

Now, Let’s query the storage with the GUID from above by querying https://api.upcloud.com/1.2/storage/########-####-####-####-############

Query (GET)

GET /1.2/storage/########-####-####-####-############ HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Authorization: Basic  ##############base64hash##############

Output

HTTP/1.1 200 OK
Date: Sun, 17 Jun 2018 04:53:36 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 559
Server: Apache

{
   "storage" : {
      "access" : "private",
      "backup_rule" : {},
      "backups" : {
         "backup" : [
            "########-####-####-####-############"
         ]
      },
      "license" : 0,
      "part_of_plan" : "yes",
      "servers" : {
         "server" : [
            "########-####-####-####-############"
         ]
      },
      "size" : 50,
      "state" : "online",
      "tier" : "maxiops",
      "title" : "system",
      "type" : "normal",
      "uuid" : "########-####-####-####-############",
      "zone" : "us-chi1"
   }
}

I can see information about the storage’s assigned server and backups 🙂

Query Backup Information

Backup storage can be queried with the same storge API endpoint https://api.upcloud.com/1.2/storage/########-####-####-####-############

Query (GET)

GET /1.2/storage/014fd483-ea90-4055-b445-bf2011951999 HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Authorization: Basic ##############base64hash##############

Output

HTTP/1.1 200 OK
Date: Sun, 17 Jun 2018 05:01:11 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 412
Server: Apache

{
   "storage" : {
      "access" : "private",
      "created" : "2018-06-16T04:47:56Z",
      "license" : 0,
      "origin" : "########-####-####-####-############",
      "servers" : {
         "server" : []
      },
      "size" : 50,
      "state" : "online",
      "title" : "On-Demand Backup",
      "type" : "backup",
      "uuid" : "########-####-####-####-############",
      "zone" : "us-chi1"
   }
}

Rename Backup

One thing that I would like to be able to do is to rename on-demand backups in the UpCloud dashboard (this is not a feature yet) but I can rename manual backup’s in the API though 🙂

Boring “On-Demand Backup” label.

I tried sending JSON to https://api.upcloud.com/1.2/storage/########-####-####-####-############ to rename a backup but kept getting an error?

JSON

{
> “storage”: {
> “title”: “Latest manual backup , Working NGINX, PHP, MySQL w Tweaks”,
> “size”: “50”
> }
> }

Result

> “error_code” : “CONTENT_TYPE_INVALID”,
> “error_message” : “The Content-Type header has an invalid value.”

I googled and found an old manual for UpClouds API (official support here).

I added these missing content type headers (108 was the length in chars of the payload)

> Content-Type: application/json; Charset=UTF-8'
> Content-Length: 108

Still no go?

I think the content length value is wrong, more here.

I fixed it, it turned out I had a semicolon in the Content-Type value. The JSON RFC always assumes that Content-Type is UTF8 encoded (more here).

This Fails

Content-Type: application/json; charset=utf-8

This Works

Content-Type: application/json

Now I can rename my Backup (storage). I manually calculated the length of the JSON payload and added a “Content-Length” header and value.

Query (PUT)

PUT /1.2/storage/########-####-####-####-############ HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Content-Type: application/json
Content-Length: 113
Authorization: Basic ##############base64hash##############

{"storage":{"size":"50","title":"Latest manual backup , Working NGINX, PHP, MySQL w Tweaks"}}

Output

HTTP/1.1 202 ACCEPTED
Date: Sun, 17 Jun 2018 05:47:02 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 453
Server: Apache

{
   "storage" : {
      "access" : "private",
      "created" : "2018-06-16T04:47:56Z",
      "license" : 0,
      "origin" : "########-####-####-####-############",
      "servers" : {
         "server" : []
      },
      "size" : 50,
      "state" : "online",
      "title" : "Latest manual backup , Working NGINX, PHP, MySQL w Tweaks",
      "type" : "backup",
      "uuid" : "########-####-####-####-############",
      "zone" : "us-chi1"
   }
}

Success 🙂

Create a Backup

Backups can be performed with a “/backup” added to the end of the query string.

Query (POST)

POST /1.2/storage/########-####-####-####-############/backup HTTP/1.1
Host: api.upcloud.com
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23
Content-Type: application/json
Content-Length: 100
Authorization: Basic ##############base64hash##############

{
  "storage": {
    "title": "Sunday 17th Latest backup , Working NGINX, PHP, MySQL w Tweaks"
  }
}

Output

HTTP/1.1 201 CREATED
Date: Sun, 17 Jun 2018 06:17:35 GMT
Content-Type: application/json; charset=UTF-8
Connection: close
Content-Length: 487
Server: Apache

{
   "storage" : {
      "access" : "private",
      "created" : "2018-06-17T06:17:35Z",
      "license" : 0,
      "origin" : "########-####-####-####-############",
      "progress" : "0",
      "servers" : {
         "server" : []
      },
      "size" : 50,
      "state" : "maintenance",
      "title" : "Sunday 17th Latest backup , Working NGINX, PHP, MySQL w Tweaks",
      "type" : "backup",
      "uuid" : "########-####-####-####-############",
      "zone" : "us-chi1"
   }
}

Success (UpCloud GUI)

Conclusion

UpCloud does have great API docs.

I can easily integrate this into bash scripts to manage my servers via API and a future Java app for managing servers.

Paw does give CURL output to allow me to copy working API’s for use in BASH 🙂

More to come

BASH Script to Deploy and configure a server on UpCloud via Initalization scripts (or manual) (1 week)
JAVA App to manage your server (3 months)

If you are signing up for UpCloud please consider using my referral code and get $25 credit for free.

Read my setup guide here.

https://www.upcloud.com/register/?promo=D84793

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 404 "Not Found"]

Revision History

V1.1 updated typo

v1.0 Initial Post.

Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 4 of 4

June 5, 2018 by Simon

How can you measure VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 4 of 4

Read Part 1, Part 2, Part 3 or Part 4

I ran the MySQL benchmark preparation command again (no problem this time).

sysbench --test=oltp --oltp-table-size=1000000 --db-driver=mysql --mysql-db=test --mysql-user=root --mysql-password=###################### prepare
sysbench 0.4.12:  multi-threaded system evaluation benchmark

Creating table 'sbtest'...
Creating 1000000 records in table 'sbtest'...

Test table and records created

Now I can benchmark MySQL on my main server.

sysbench --test=oltp --oltp-table-size=1000000 --db-driver=mysql --mysql-db=test --mysql-user=root --mysql-password=################################# --max-time=60 --oltp-read-only=on --max-requests=0 --num-threads=8 run

RAW Output

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 8

Doing OLTP test.
Running mixed OLTP test
Doing read-only test
Using Special distribution (12 iterations,  1 pct of values are returned in 75 pct cases)
Using "BEGIN" for starting transactions
Using auto_inc on the id column
Threads started!
Time limit exceeded, exiting...
(last message repeated 7 times)
Done.

OLTP test statistics:
    queries performed:
        read:                            336210
        write:                           0
        other:                           48030
        total:                           384240
    transactions:                        24015  (400.09 per sec.)
    deadlocks:                           0      (0.00 per sec.)
    read/write requests:                 336210 (5601.24 per sec.)
    other operations:                    48030  (800.18 per sec.)

Test execution summary:
    total time:                          60.0242s
    total number of events:              24015
    total time taken by event execution: 480.0242
    per-request statistics:
         min:                                  1.79ms
         avg:                                 19.99ms
         max:                                141.00ms
         approx.  95 percentile:              37.49ms

Threads fairness:
    events (avg/stddev):           3001.8750/27.36
    execution time (avg/stddev):   60.0030/0.01

Results

queries performed (in 60 seconds):

read: 336210
other: 48030
total: 384240

I decided to add an index to see if I can speed this query up (read the MySQL index page here). I added an index (in Adminer) on the columns “Id” and “pad” for the sbtest table in the test database

I restarted the MySQL process

mysql restart
[ ok ] Restarting mysql (via systemctl): mysql.service.

I ran the same benchmark again.

Raw Output

sysbench --test=oltp --oltp-table-size=1000000 --db-driver=mysql --mysql-db=test --mysql-user=root --mysql-password=########################## --max-time=60 --oltp-read-only=on --max-requests=0 --num-threads=8 run
sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 8

Doing OLTP test.
Running mixed OLTP test
Doing read-only test
Using Special distribution (12 iterations,  1 pct of values are returned in 75 pct cases)
Using "BEGIN" for starting transactions
Using auto_inc on the id column
Threads started!
Time limit exceeded, exiting...
(last message repeated 7 times)
Done.

OLTP test statistics:
    queries performed:
        read:                            426538
        write:                           0
        other:                           60934
        total:                           487472
    transactions:                        30467  (507.69 per sec.)
    deadlocks:                           0      (0.00 per sec.)
    read/write requests:                 426538 (7107.67 per sec.)
    other operations:                    60934  (1015.38 per sec.)

Test execution summary:
    total time:                          60.0110s
    total number of events:              30467
    total time taken by event execution: 479.9124
    per-request statistics:
         min:                                  5.75ms
         avg:                                 15.75ms
         max:                                138.57ms
         approx.  95 percentile:              25.10ms

Threads fairness:
    events (avg/stddev):           3808.3750/8.70
    execution time (avg/stddev):   59.9891/0.00

Results

The quick index added 20% extra throughput on queries 🙂

Don’t forget to delete your test database

DROP DATABASE `test`;

Viewing MySQL Index Usage (on the “test” database)

Query to show Index stats for a table ‘test’

SELECT
 OBJECT_SCHEMA as 'Database', OBJECT_NAME as 'Table', 
 INDEX_NAME as 'Index', 
 COUNT_STAR, 
 SUM_TIMER_WAIT,  MIN_TIMER_WAIT, AVG_TIMER_WAIT, MAX_TIMER_WAIT, 
 COUNT_READ, 
 SUM_TIMER_READ, MIN_TIMER_READ, AVG_TIMER_READ, MAX_TIMER_READ,  
 COUNT_FETCH, SUM_TIMER_FETCH, MIN_TIMER_FETCH, AVG_TIMER_FETCH, MAX_TIMER_FETCH
FROM 
 performance_schema.table_io_waits_summary_by_index_usage
WHERE 
 object_schema = 'test'

I can see the MySQL PRIMARY index is getting used 🙂

Read more in viewable query stats (columns) here.

Other System Information Tools

Show processor information

cat /proc/cpuinfo

Output

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 61
model name      : Virtual CPU a7769a6388d5
stepping        : 2
microcode       : 0x1
cpu MHz         : 2394.454
cache size      : 16384 KB
physical id     : 0
siblings        : 1
core id         : 0
cpu cores       : 1
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm invpcid_single kaiser fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt arat
bugs            : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass
bogomips        : 4788.90
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management:

Memory Information

You can assign 512MB, 1GB, 2GB or more memory to a server on Vultr, Read my guide here on upgrading resources for Vultr VM’s here.

Only upgrade your server’s memory when server processes demand it, there is no need to pay for extra idle memory. Read my older guides on upgrading Digital Ocean and AWS servers.

I use the htop utility to monitor memory and processes. The memory usage will depend on how you have configured your server to use connection pools in code, MySQL or services. Also what memory demands do you get in pean bandwidth times?

You can check your server memory details on Ubuntu with this command

cat /proc/meminfo

Output

MemTotal:        2048104 kB
MemFree:           96176 kB
MemAvailable:     693072 kB
Buffers:          183476 kB
Cached:           526124 kB
SwapCached:            0 kB
Active:          1467220 kB
Inactive:         243228 kB
Active(anon):    1070464 kB
Inactive(anon):    27004 kB
Active(file):     396756 kB
Inactive(file):   216224 kB
Unevictable:        3652 kB
Mlocked:            3652 kB
SwapTotal:             0 kB
SwapFree:              0 kB
Dirty:                64 kB
Writeback:             0 kB
AnonPages:       1004504 kB
Mapped:           114664 kB
Shmem:             94192 kB
Slab:             192692 kB
SReclaimable:     171892 kB
SUnreclaim:        20800 kB
KernelStack:        3072 kB
PageTables:        20528 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:     1024052 kB
Committed_AS:    2424332 kB
VmallocTotal:   34359738367 kB
VmallocUsed:           0 kB
VmallocChunk:          0 kB
HardwareCorrupted:     0 kB
AnonHugePages:    247808 kB
CmaTotal:              0 kB
CmaFree:               0 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
DirectMap4k:       67440 kB
DirectMap2M:     2029568 kB

Use Memory or Disk (Swap)

You can configure the use of Memory over Disk by configuring your/etc/sysctl.conf file (setting value “vm.swappiness”)

You can check your swap file settings by running the following command

cat /proc/sys/vm/swappiness
1

Or By running

sysctl vm.swappiness
vm.swappiness = 1

Set a new swap file value by editing /etc/sysctl.conf

sudo nano /etc/sysctl.conf

Set the following to use more ram over the swap disk.

vm.swappiness = 1

Read about swappiness values here: https://en.wikipedia.org/wiki/Swappiness

Service Performance

Performance (and allocated resources) depends on the demands of your operating system and installed software

What operating system do you have?

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.4 LTS
Release:        16.04
Codename:       xenial

View NGINX Status, how much memory does it use?

/etc/init.d/nginx status
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-05-25 21:28:25 AEST; 1 weeks 3 days ago
     Docs: man:nginx(8)
 Main PID: #### (nginx)
    Tasks: 3
   Memory: 58.9M
      CPU: 33min 11.515s
   CGroup: /system.slice/nginx.service
           ├─#### nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           ├─#### nginx: worker process
           └─#### nginx: cache manager process

PHP (and Child Worker) status how much memory does it use and how many child workers do you have? Read my add PHP child workers post here (and update to PHP 7.2 here)

sudo service php7.2-fpm status
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-05-25 21:28:26 AEST; 1 weeks 3 days ago
     Docs: man:php-fpm7.2(8)
 Main PID: #### (php-fpm7.2)
   Status: "Processes active: 0, idle: 20, Requests: 75911, slow: 0, Traffic: 0.1req/sec"
    Tasks: 21
   Memory: 694.2M
      CPU: 20h 49min 45.132s
   CGroup: /system.slice/php7.2-fpm.service
           ├─ #### php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
           ├─ #### php-fpm: pool www-acc
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-acc
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           ├─ #### php-fpm: pool www-usr
           └─ #### php-fpm: pool www-usr

MySQL Status

sudo service mysql status
● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-05-25 21:28:27 AEST; 1 weeks 3 days ago
 Main PID: ##### (mysqld)
    Tasks: 35
   Memory: 405.9M
      CPU: 2h 17min 31.822s
   CGroup: /system.slice/mysql.service
           └─#### /usr/sbin/mysqld

Shared VM Hosts

One of the biggest impacts (after server latency) for your server is not the disk performance but the number of hosts/websites on the server who are also using the disk and server resources.

I have 80 other web servers on my server (based on a reverse lookup).

I may move to a dedicated box when I can afford it.

Security

Above all else ensure that security is number 1 priority and make performance second priority.

Scan your site with Zap, Qualys and Kali Linux. Performance means nothing if you are hacked.

Simulated concurrent users

You can use Siege to test the maximum concurrent users accessing your site before the server starts to drop connections.

FYI: If you use Cloudflare (you should) this may not work as it will block connections.

Install Siege

sudo apt-get install siege

Test your server with 10 concurrent serves for 1 minute

siege -t1m c10 'https://yourserver.com/'

Results

siege -t1m c10 'https://yourserver.com/'
** SIEGE 3.0.8
** Preparing 15 concurrent users for battle.
The server is now under siege...
Lifting the server siege...      done.

Transactions:                    417 hits
Availability:                 100.00 %
Elapsed time:                  59.01 secs
Data transferred:               8.24 MB
Response time:                  1.62 secs
Transaction rate:               7.07 trans/sec
Throughput:                     0.14 MB/sec
Concurrency:                   11.46
Successful transactions:         417
Failed transactions:               0
Longest transaction:            2.26
Shortest transaction:           1.49

Keep upping the connections (from 10 above) to a limit where connections start dropping.

I tried 25 then 50 concurrent users hitting a server on Digital Ocean and it did not fail.

Conclusion

Choose a server near your customers
Change hosts if one is faster and cheaper
Measure or benchmark your server (and compare over time).
Use Cloudflare

Create your own server today

Create your own server on Vultr here.
Create your own server on Digital Ocean here.
Create your own server on UpCloud here.

And remember you can install the Runcloud server management dashboard here.

I hope this guide helps someone.

< Previous

Read Part 1, Part 2, Part 3 or Part 4

Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 3 of 4

June 5, 2018 by Simon

How can you measure VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 3 of 4

Read Part 1, Part 2, Part 3 or Part 4

I used these commands to generate bonnie++ reports from the data in part 2

echo "<h1>Bonnie Results</h1>" > /www-data/bonnie.html
echo "<h2>Vultr (Sydney)</h2>" >> /www-data/bonnie.html
echo "1.97,1.97,servername,1,1528177870,4G,,656,99,308954,68,113706,33,1200,92,188671,30,10237,251,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,26067us,119ms,179ms,29139us,26069us,16118us,1463us,703us,880us,263us,119us,593us" | bon_csv2html >> /www-data/bonnie.html
echo "<h2>Digital Ocean (London)</h2>" >> /www-data/bonnie.html
echo "1.97,1.97,servername,1,1528186398,4G,,699,99,778636,74,610414,60,1556,99,1405337,59,+++++,+++,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,17678us,10099us,17014us,7027us,3067us,2366us,1243us,376us,611us,108us,59us,181us" | bon_csv2html >> /www-data/bonnie.html
echo "<h2>UpCloud (Singapore)</h2>" >> /www-data/bonnie.html
echo "1.97,1.97,servername,1,1528226703,4G,,1014,99,407179,24,366622,32,2137,99,451886,17,+++++,+++,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,11297us,54232us,16443us,4949us,44883us,1595us,264us,340us,561us,138us,66us,327us" | bon_csv2html >> /www-data/bonnie.html

Image of results here

Network Performace

IMHO Network Latency is the biggest impact on server performance, Read my old post on scalability on a budget here. I am in Australia an having a server in Singapore was too far away and latency was terrible.

Here is a non-scientific example of pinging a Vultr, Digital Ocean and UpCloud server in three different locations (and Google).

Test Ping Results

Vultr 132ms Ping Average (Sydney)
Digital Ocean 322ms Ping Average (London)
UpCloud 180ms Ping Average (Singapore)

Latency matters, run a https://www.webpagetest.org/ scan over your site to see why.

Adding https added almost 0.7 seconds to https communications in the past on Digital Ocean (a few thousand kilometres away). The longer the latency the longer HTTPS handshakes take.

Deploying a server to Singapore (in my experience) is bad if your visitors are in Australia. But deploying to other regions may be lower in cost though. It’s a trade off.

Deploy servers as close as you can to your customers is the best tip for performance.

Also, consider setting up Image Optimization and Image CDN plugins (guide here) in WordPress and using Cloudflare (guide here)

Benchmarking with SysBench

Install CPU Benchmark

sudo apt-get install sysbench

CPU Benchmark (Vultr/Sydney)

Result

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1

Doing CPU performance benchmark

Threads started!
Done.

Maximum prime number checked in CPU test: 20000


Test execution summary:
    total time:                          39.1700s
    total number of events:              10000
    total time taken by event execution: 39.1586
    per-request statistics:
         min:                                  2.90ms
         avg:                                  3.92ms
         max:                                 20.44ms
         approx.  95 percentile:               7.43ms

Threads fairness:
    events (avg/stddev):           10000.0000/0.00
    execution time (avg/stddev):   39.1586/0.00

39.15 seconds

CPU Benchmark (Digital Ocean/London)

sysbench --test=cpu --cpu-max-prime=20000 run

Result

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1

Doing CPU performance benchmark

Threads started!
Done.

Maximum prime number checked in CPU test: 20000


Test execution summary:
    total time:                          33.4382s
    total number of events:              10000
    total time taken by event execution: 33.4352
    per-request statistics:
         min:                                  3.24ms
         avg:                                  3.34ms
         max:                                  6.45ms
         approx.  95 percentile:               3.45ms

Threads fairness:
    events (avg/stddev):           10000.0000/0.00
    execution time (avg/stddev):   33.4352/0.00

33.43 sec

CPU Benchmark (UpCloud/Singapore)

sysbench --test=cpu --cpu-max-prime=20000 run

Result

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1



Doing CPU performance benchmark

Threads started!
Done.

Maximum prime number checked in CPU test: 20000


Test execution summary:
    total time:                          23.7809s
    total number of events:              10000
    total time taken by event execution: 23.7780
    per-request statistics:
         min:                                  2.35ms
         avg:                                  2.38ms
         max:                                  6.92ms
         approx.  95 percentile:               2.46ms

Threads fairness:
    events (avg/stddev):           10000.0000/0.00
    execution time (avg/stddev):   23.7780/0.00

23.77 sec

Surprisingly, 1st place in prime generation goes to UpCloud, then Digital Ocean then Vultr. UpCloud has some good processors.

Processors:

UpCLoud (Singapore): Intel(R) Xeon(R) CPU E5-2687W v4 @ 3.00GHz
Digital Ocean (London): Intel(R) Xeon(R) CPU E5-2630L v2 @ 2.40GHz
Vultr (Sydney): Virtual CPU a7769a6388d5 (Masked/Hidden CPU @ 2.40GHz)

(Lower is better)

(oops, typo in the chart should say Vultr)

Benchmark the file IO

Confirm free space

df -h /

Install Sysbench

sudo apt-get install sysbench

I had 10GB free on all servers (Vultr, Digitial Ocean and UpCloud) so I created a 10GB test file.

sysbench --test=fileio --file-total-size=10G prepare
sysbench 0.4.12:  multi-threaded system evaluation benchmark

128 files, 81920Kb each, 10240Mb total
Creating files for the test...

Now I can run the benchmark and use the pre-created text file.

sysbench --test=fileio --file-total-size=10G --file-test-mode=rndrw --init-rng=on --max-time=300 --max-requests=0 run

SysBench description from the Ubuntu manpage.

“SysBench is a modular, cross-platform and multi-threaded benchmark tool for evaluating OS parameters that are important for a system running a database under intensive load. The idea of this benchmark suite is to quickly get an impression about system performance without setting up complex database benchmarks or even without installing a database at all.”

SysBench Results (Vultr/Sydney)

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from timer.


Extra file open flags: 0
128 files, 80Mb each
10Gb total file size
Block size 16Kb
Number of random requests for random IO: 0
Read/Write ratio for combined random IO test: 1.50
Periodic FSYNC enabled, calling fsync() each 100 requests.
Calling fsync() at the end of test, Enabled.
Using synchronous I/O mode
Doing random r/w test
Threads started!
Time limit exceeded, exiting...
Done.

Operations performed:  385920 Read, 257280 Write, 823266 Other = 1466466 Total
Read 5.8887Gb  Written 3.9258Gb  Total transferred 9.8145Gb  (33.5Mb/sec)
 2143.98 Requests/sec executed

Test execution summary:
    total time:                          300.0026s
    total number of events:              643200
    total time taken by event execution: 182.4249
    per-request statistics:
         min:                                  0.01ms
         avg:                                  0.28ms
         max:                                 18.12ms
         approx.  95 percentile:               0.55ms

Threads fairness:
    events (avg/stddev):           643200.0000/0.00
    execution time (avg/stddev):   182.4249/0.00

SysBench Results (Digital Ocean/London)

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from timer.


Extra file open flags: 0
128 files, 80Mb each
10Gb total file size
Block size 16Kb
Number of random requests for random IO: 0
Read/Write ratio for combined random IO test: 1.50
Periodic FSYNC enabled, calling fsync() each 100 requests.
Calling fsync() at the end of test, Enabled.
Using synchronous I/O mode
Doing random r/w test
Threads started!
Time limit exceeded, exiting...
Done.

Operations performed:  944280 Read, 629520 Write, 2014432 Other = 3588232 Total
Read 14.409Gb  Written 9.6057Gb  Total transferred 24.014Gb  (81.968Mb/sec)
 5245.96 Requests/sec executed

Test execution summary:
    total time:                          300.0024s
    total number of events:              1573800
    total time taken by event execution: 160.5558
    per-request statistics:
         min:                                  0.00ms
         avg:                                  0.10ms
         max:                                 18.62ms
         approx.  95 percentile:               0.34ms

Threads fairness:
    events (avg/stddev):           1573800.0000/0.00
    execution time (avg/stddev):   160.5558/0.00

SysBench Results (UpCloud/Singapore)

sysbench 0.4.12:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from timer.


Extra file open flags: 0
128 files, 80Mb each
10Gb total file size
Block size 16Kb
Number of random requests for random IO: 0
Read/Write ratio for combined random IO test: 1.50
Periodic FSYNC enabled, calling fsync() each 100 requests.
Calling fsync() at the end of test, Enabled.
Using synchronous I/O mode
Doing random r/w test
Threads started!
Time limit exceeded, exiting...
Done.

Operations performed:  994320 Read, 662880 Write, 2121090 Other = 3778290 Total
Read 15.172Gb  Written 10.115Gb  Total transferred 25.287Gb  (86.312Mb/sec)
 5523.97 Requests/sec executed

Test execution summary:
    total time:                          300.0016s
    total number of events:              1657200
    total time taken by event execution: 107.4434
    per-request statistics:
         min:                                  0.00ms
         avg:                                  0.06ms
         max:                                 15.43ms
         approx.  95 percentile:               0.13ms

Threads fairness:
    events (avg/stddev):           1657200.0000/0.00
    execution time (avg/stddev):   107.4434/0.00

Comparison

sysbench fileio results (text)

Read

Vultr (Sydney): 385,920
Digital Ocean (London): 944,280
UpCloud (Singapore): 944,320

Write

Vultr (Sydney): 823,266
Digital Ocean (London): 629,520
UpCloud (Singapore): 662,880

Other

Vultr (Sydney): 1,466,466
Digital Ocean (London): 3,588,232
UpCloud (Singapore): 2,121,090

Total Read Gb

Vultr (Sydney): 5.8887 Gb
Digital Ocean (London): 14.409 Gb
UpCloud (Singapore): 15.172 Gb

Total Written Gb

Vultr (Sydney): 3.9258 Gb
Digital Ocean (London): 9.6057 Gb
UpCloud (Singapore): 10.115 Gb

Total Transferred Gb

Vultr (Sydney): 9.8145 Gb
Digital Ocean (London): 24.014 Gb
UpCloud (Singapore): 25.287 Gb

Now I can remove test file io benchmark file

sysbench --test=fileio --file-total-size=2=10G cleanup
sysbench 0.4.12:  multi-threaded system evaluation benchmark

Removing test files...

Confirm the test file has been deleted

df -h /
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        40G   16G   23G  41% /

Bonus: Benchmark MySQL (on my main server (Vultr) not on Digital Ocean and UpCLoud)

I tried to run a command

sysbench --test=oltp --oltp-table-size=1000000 --db-driver=mysql --mysql-db=test --mysql-user=root --mysql-password=#################################### prepare
sysbench 0.4.12:  multi-threaded system evaluation benchmark

FATAL: unable to connect to MySQL server, aborting...
FATAL: error 1049: Unknown database 'test'
FATAL: failed to connect to database server!

To fix the error I created a test table with Adminer (guide here).

< Previous – Next >

Read Part 1, Part 2, Part 3 or Part 4

Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 2 of 4

June 5, 2018 by Simon

How can you measure VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 2 of 4

Read Part 1, Part 2, Part 3 or Part 4

Measure Disk Performance with Bonnie++

Installing Bonnie++ on Ubuntu

apt-get install bonnie++

Read this. post on using Bonnie++

Benchmark disk IO with DD and Bonnie++

Starting Bonnie++

bonnie++ -d /tmp -r 2048 -u username

Bonnie++ Readme.

Disk io with bonnie++ on Vultr/Sydney

Writing a byte at a time...done
Writing intelligently...done
Rewriting...done
Reading a byte at a time...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Create files in sequential order...done.
Stat files in sequential order...done.
Delete files in sequential order...done.
Create files in random order...done.
Stat files in random order...done.
Delete files in random order...done.
Version 1.97 ------Sequential Output------ --Sequential Input- --Random-
Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
Machine Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec %CP
servername 4G 656 99 308954 68 113706 33 1200 92 188671 30 10237 251
Latency 26067us 119ms 179ms 29139us 26069us 16118us
Version 1.97 ------Sequential Create------ --------Random Create--------
servername -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP
16 +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++
Latency 1463us 703us 880us 263us 119us 593us
1.97,1.97,servername,1,1528177870,4G,,656,99,308954,68,113706,33,1200,92,188671,30,10237,251,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,26067us,119ms,179ms,29139us,26069us,16118us,1463us,703us,880us,263us,119us,593us

Disk io with bonnie++ on Digital Ocean/London

Writing a byte at a time...done
Writing intelligently...done
Rewriting...done
Reading a byte at a time...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Create files in sequential order...done.
Stat files in sequential order...done.
Delete files in sequential order...done.
Create files in random order...done.
Stat files in random order...done.
Delete files in random order...done.
Version 1.97 ------Sequential Output------ --Sequential Input- --Random-
Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
Machine Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec %CP
servername 4G 699 99 778636 74 610414 60 1556 99 1405337 59 +++++ +++
Latency 17678us 10099us 17014us 7027us 3067us 2366us
Version 1.97 ------Sequential Create------ --------Random Create--------
servername -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP
16 +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++
Latency 1243us 376us 611us 108us 59us 181us
1.97,1.97,servername,1,1528186398,4G,,699,99,778636,74,610414,60,1556,99,1405337,59,+++++,+++,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,17678us,10099us,17014us,7027us,3067us,2366us,1243us,376us,611us,108us,59us,181us

Disk io with bonnie++ on UpCloud/Singapore

Writing a byte at a time...done
Writing intelligently...done
Rewriting...done
Reading a byte at a time...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Create files in sequential order...done.
Stat files in sequential order...done.
Delete files in sequential order...done.
Create files in random order...done.
Stat files in random order...done.
Delete files in random order...done.
Version 1.97 ------Sequential Output------ --Sequential Input- --Random-
Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
Machine Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec %CP
servername 4G 1014 99 407179 24 366622 32 2137 99 451886 17 +++++ +++
Latency 11297us 54232us 16443us 4949us 44883us 1595us
Version 1.97 ------Sequential Create------ --------Random Create--------
servername -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP
16 +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++
Latency 264us 340us 561us 138us 66us 327us
1.97,1.97,servername,1,1528226703,4G,,1014,99,407179,24,366622,32,2137,99,451886,17,+++++,+++,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,11297us,54232us,16443us,4949us,44883us,1595us,264us,340us,561us,138us,66us,327us

Now read this site on how to make sense of this data

< Previous – Next >

Read Part 1, Part 2, Part 3 or Part 4

How I upgraded from a standalone 1Password 6.x licence to 1Password (7+) cloud subscription on OSX

May 27, 2018 by Simon

This is how I upgraded from my standalone 1Password 6.x family licence to a 1Password 7 cloud subscription on OSX. I am not reviewing 1Password here.

This is NOT a paid endorsement, this is output from my legitimate quest from upgrading an old stand-alone family licence to a cloud subscription. I have been using 1Password for the past 5 years and have recommended it to everyone I know.

Always backup your data before updating (things can go wrong), good luck. At the time of writing 1Password 7 was not out of beta.

Why

I have a number of guides on moving away from CPanel, Setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean and let’s say 1Password has helped me store everything from service invoices, SSH password service passwords etc. I did have a stroke last year (caused by the flu (a cough) and luckily all is OK ) and I now realise that having everything out of my brain and in a secure vault is a good idea (touch wood).

Reasons why I use 1Password – Password Manager.

It is a good idea to use a password manager.
It has allowed me to have a different password on every site I use.
I managed to stop using my old “same” password on every site I used since the 1990’s.
I am paranoid (check out https://howsecureismypassword.net/, https://haveibeenpwned.com/ and google “sites hacked” or “passwords exposed”).
It’s a good idea.

1Password 7 News

1Password 7 has been hitting my twitter timeline, should I upgrade? Here is the official upgrade guide.

Security Researcher Troy Hunt’s – https://haveibeenpwned.com/ is now a feature in 1Password 7

@1Password just keeps getting better and better. Ping: @troyhunt pic.twitter.com/qTtE6XyoXb
— Grant Harrington (@harringg) May 22, 2018

I wrote a PHP implementation to check a password exposure level with Troy Hunt’s pwned passwords API and know it’s a good idea.

Also, there are loads of great features in 1Password 7.

Anything that can help create secure passwords is a good idea.

86% of Passwords are Terrible (and Other Statistics) https://t.co/pSqbb7IV0g by @troyhunt
— Particular Software (@ParticularSW) May 25, 2018

1Password Twitter Support Shoutout

Before I begin I would like to acknowledge the patient 1Password support team on twitter. They answered well over 20 questions from me and handled my frustrations of there not being a clear standalone family licence, I suspected a plot to force people onto a cloud subscription at first.

In an ideal world upgrading, 1Password should be an easy process (1Password Twitter Support indicated)

Load’s of 1 Password activity on Twitter

Phew! ? 1Password 7 for Mac has generated a lot of excitement! If you have any questions, be sure to check out our forums to see if they’ve been answered. Our team is always here. https://t.co/Xixe8e80yY
— 1Password (@1Password) May 23, 2018

Before I downloaded the latest 1Password 7 I fired heaps of questions at the twitter support. I hope 1Password give them a raise or bonus.

I did spend way too long reading past the negative 1Password support posts on “where is the standalone licence”, “beta discounts are gone”, “why so expensive” and “how can I upgrade from 1password 6 and still use dropbox” etc.

I ended up logging a support ticket (looking for the unicorn beta tester discount/stand-alone licence, I think I was too late to join the beta program).

I backed up my 1Password 6 data

Always take backups of your data before upgrading anything.

Open your existing 1Password 6

Click File, Export, All Items

Choose a File Name and press Save

Verify Data (open Finder)

I also backed up the 1Password file in Dropbox before upgrading. Simply drag it to your desktop.

I visited https://1password.com/extlink/signin/ and…

Signed in (create an account if you don’t have one), I had one from a previous support ticket I logged.
I chose “Individual” account type.
Specified my Email Address
Verified My Email

Then I..

Added my Name
Skipped the Credit card option (to activate the trial)
Generated a master key (this is combined with your password)
Created a new password for a new password vault
Logged in
Saved my Emergency Recover PWF (with details)

I did have a peek at the 1Password SSL certificate strength and other tools and they came up all good (I don’t want to use an insecure service).

You too can test SSL on sites with https://dev.ssllabs.com/ssltest/

The only concern I have is TLS 1.3 is not an option yet. I use it on my blog’s web server (guide here) also a few SSL labs identified weak cyphers are presented as available from the server (Is this an issue)?

I also had a look at Google Chrome’s developer console to see if anything out of the ordinary was popping up? The console appears a little chatty? TLS 1.2 was in force securing the client/server communications so that’s nice.

Now that I am logged into my cloud 1Password (trial) account I can…

Add/View/Edit/Delete items in my vault.
Download desktop/mobile apps.
Import data to vaults.
Turn on Two Factor authentication.
Create/Edit/Delete a password vault (or set as default).
Update billing details (if you wish to subscribe)
Contact Support

Now I can connect my new 1Password cloud account to my local 1Password 6 installation by.

Open 1 Password (on my Mac)
Open the Preferences and go to the Account tab
Click on Scan the account details
Move the scan window over a QR Code (Setup Code) in a logged in 1password.com screen (login detail like login server, master key and username are auto-entered).
Enter my vault password.

Now I am prompted to import my local 1Password data into the cloud account from my local 1Password.

When the import completed I was prompted to delete the local vault (I said yes because I backed it up).

Tip: 1Password 6 on my Mac did not appear to delete the Dropbox data so I deleted this manually.

After a few minutes, I noticed Dropbox was still syncing files?

Troubleshooting: I had to set my new cloud vault as the primary vault to save to and not the old vault that was syncing via Dropbox. I also deleted all links to Dropbox on iOS and Android devices.

I did notice that 1Password was 6.8.9 (I thought 1password 7 was the latest?, I did try the update button). I ended up ticking “Include beta builds” and then 1Password 7.0 is a download option (maybe this will change in the next few days)?

I opened 1Password 7 on my local desktop.

I had a quick look around in 1Password 7 for the https://haveibeenpwned.com/ feature. I opened an existing account I added to 1Password. It look’s nice.

Some nice alerts and features I noticed when viewing my data in 1 Password 7.

Aside: I had to opt into beta builds on Windows to get 1Password 7 too.

Summary

When I set out and wanted a stand-alone licence but it appears I would need to pay for a licence on Windows and Mac and portable devices.

I overlooked an earlier DM from 1Password (that provided the purchase links) so I decided to go with a subscription (I think I missed the BETA program too, no reply from the hockey app email when opting into beta on Windows).

Buy standalone licences

Buy Mac Licence ($39 in BETA or $64.99 RRP)
Buy Windows Licence ($39 in BETA or $64.99 RRP)

From what I could see standalone licences only work via Dropbox (or locally) and not via the 1Password cloud.

However, the subscription does away with the requirement to buy multiple licences (all apps are free once you subscribe). I am not sure when 1Password 8 is coming out so I think it is wiser to go with a yearly subscription (that’s about 10.8c a day in Australian peso’s).

Time to Subscribe

I pulled the trigger and subscribed 🙂

One nice thing is the trial time is added on to the subscription length so if you have 30 days left in the trial it add’s on to the yearly subscription length (13 months), that’s nice.

Update: June 2019

1Password now allow you to setup 2FA (authenticator app or YuiKey leys (or both)) authentication on your 1Password login. Read the official post here.

Goto https://my.1password.com/profile/2fa to setup 2FA.

You can setup 2FA (authapp and or hardware keys)

You will be notified by email if a 2FA method is setup.

You will need to sign out and back into your apps web, Desktop and Mobile).

Web Signin

You will need to insert and press your hardwre key.

And enter your 2FA code

Mobile app login

I used my YubiCo Authentocator app to get the temporary OTP.

You can remove previous logged in devices from accessing your data or force them to reqire 2FA at next login

Nice

Conclusion

Happy = Yes (they are shooting fish in a barrel)

Could have been easier to upgrade from 1 password = Yes

I hope this guide helps someone.

Find out more about 1Password at http://1password.com/

Ask a question or recommend an article

[contact-form-7 404 "Not Found"]

Revision History

v1.4 Added 2fA Info

v1.3 Fixed typo in the title/url.

v1.2 Added Links

v1.1 Added Conclusion

v1.0 Initial post

How to backup WordPress on a host that has CPanel

April 29, 2018 by Simon

This is a simple guide that demonstrates how you can log in to a host that offers the CPanel tools to backup all of your website files (and databases). Backing up your website should be done often and especially before you migrate to any another website host. I used to change hosts every few years (they don’t own your site, you do).

I have a number of guides on moving away from CPanel, setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line copying files to a server via command line editing remote files locally etc but how do you manage a website with CPanel?

You can normal login to CPanel tools on a shared host by loading www.yourdomainnam.com/cpanel (failing that login to your domain hosts web GUI and find your CPanel interface there).

Step 1: Login to your Host

Step 2: Find your CPanel Interface

Hosts are a bit different but in this case, I just click my domain to find the CPanel link.

I found it, I clicked the CPanel login.

Step 3: CPanel Applications

CPanel does offer good tools to manage your websites like web-based File Manager and Database tool called phpMyAdmin.

Aside: CPanel/Hosts Downsides

The thing I don’t like about hosts that offer CPanel is they usually limit delivery of your website to extract more money. Nothing worse than receiving Resource Limit Is Reached errors.

Also shared hosts usually lag way behind in newer software versions like PHP and MySQL (this is a security concern).

TIP: You can scan your site for vulnerabilities using Qualsys Freescan, Zap or Kali Linux.

Here is a security scan of a shared host (with CPanel) that I was using in 1999. Note the high vulnerabilities and old version of Linux.

Also, a shared host will often overcharge you (e.g $150 a year) for a poorly configured SSL certificate.

This was an SSL cert I paid $150 a year for (evaluated with SSL Labs SSL Test) on a shared host with CPanel.

Aside: Self Managed Upsides

After I moved my domain to a self-managed virtual machine I migrated WordPress, set up a free SSL certificate, sped up my site with a CDN, setup Cloudflare, setup better TLS security etc

When you manage your own server you can install a free SSL certificate in under 1 minute.

Below is my SSL certificate. A strong SSL certificate will increase search engine traffic

Aside: Compare Shared host speed v Self Managed

FYI: https://gtmetrix.com/ is a great site for measuring the speed of a website (shared of self-managed). I found great speed improvements after moving away from a host offering CPanel, tweaking the server and setting up cloudflare. A self-managed server will allow you to tweak anything you want.

GTMetrix results:

I like how self-managed servers allow you to scale the server’s resources yourself, move servers or add storage etc.

Aside: SSL Certificate

If you have an SSL cert you should test it often as vulnerabilities pop up from time to time.

FYI: All sites will soon require an SSL certificate to be sent traffic from search engines (no SSL = lower traffic).

SSL Test my site: https://dev.ssllabs.com/ssltest/analyze.html?d=fearby.com&s=104.27.154.69

Now enough with the self-managed serve asides and back to how to backup your website with CPanel tools.

Step 4: Backup your web files in CPanel

Use the File Explorer app in CPanel

Highlight all files that you want to backup (highlight everything but not past backup files).

View the files to compress summary

Click Compress Files(s) and view the backup progress

You can now download the backup zip file in your browser (click the file and click Download).

Download Progress.

Step 5: Backup your database in CPanel

Now we need to backup any MySQL database(s) that may be used by WordPress

Open the phpMyAdmin app in CPanel.

FYI: Alternatively, you can use a free tool called Adminer to backup and restore our database.

Click your WordPress database (on the left). You can identify your current WordPress database by opening the wp-config.php file.

The first step is to perform an online cold backup of the WordPress database.

Click the database you want to backup (on the left)
Click the Options tab
Under the Copy To frame enter a new database name to copy the database too
Click Go

Now you have an online cold spare that you can use just in case the original database corrupts itself. You can rename the database or configure WordPress to point to this new database if need be.

Now let’s download a copy of the database (Repeat for multiple databases).

Click the database you want to backup
Click the Export tab
Click Go

You should now have a backup of your website in a zip file and an export of your database in a .sql text file, SQL files can be re-imported to databases later.

TIP: Backup often.

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 404 "Not Found"]

Revision History

v1.0 Initial post

How to install Windows 10 Pro alongside an OSX partition with Apple Boot Camp

April 20, 2018 by Simon

This guide will show you how to install Windows 10 Pro alongside an OSX partition with Apple Boot Camp.

I have a number of guides on moving away from CPanel, Setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. I use OSX to develop and occasionally need to use Windows to achieve some development tasks, this is how you can install Windows on an Apple PC.

Apple Boot Camp

Apple Bootcamp software can be found here: https://support.apple.com/en-au/HT201468

Bootcamp Steps.

You can download a Windows 10 ISO here: https://www.microsoft.com/en-au/software-download/windows10

You will need to plug in a 16GB or larger USB key to use as an install medium.

Download Boot Camp

Download AppBoot Camp here: https://support.apple.com/en-au/boot-camp

Start Apple Boot Camp, click Continue, Tick all options, select the Windows 10 ISO file (beware Bootcamp will select the first ISO file it finds, ensure your USB is selected, Click Continue (tip: You may need to er format and prepare the USB key 10 times, Apple Bootcamp is not the most reliable program), It may take 6 hours to copy files pre Window Setup).

Choose your Windows partition size (at least 200GB is ideas)

When the Bootcamp Wizard is complete you can reboot into Windows (automatic at the end of the wizard)

Enter the desired details in each step (e.g Local, Windows Key, Windows Version, Partition and Country etc)

Loads more steps like Keyboard Layout, Domain, Microsoft Account, Password and Cortana and Privacy etc.

Windows is now installed, Apple Bootcamp will set up appropriate drivers for your Mac,

While this is happening I will install Google Chrome Canary.

Bootcamp has now finished setting up drivers.

Windows 10 Start menu (I prefer OSX’s simplicity)

You can set up your prefered Startup disk in the Apple System Preferences or press the Option key on startup and choose a partition to boot.

Update: Open a Windows 10 Boot Camp Installation on OSX in Parallels (like a VM)

Read this guide will show you how you can open a Windows 10 Boot Camp Installation on OSX in Parallels (like a VM).

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 404 "Not Found"]

Revision History

v1.1 Added Open Bootcams as VM

v1.0 Initial post

How

What is PiHole?

What is a Raspberry PI?

SD Card Choice

Raspberry Setup

Frst Raspberry Pi Boot

Second Boot

SSH Access

I put the Raspberry PI in the Adafruit Case

SSH Connections to the Raspberry PI

Setting Up PiHole on the RaspBerry PI

Default Block Lists

Add 3rd party block lists

954,481 domains on my block list 🙂

LCD Screen Setup

Installing PADD to display PiHole stats on the LCD

Making PADD starts at boot

Turning the screen OFF from the CLI

Turning the screen ON from the CLI

How to Update the PiHole from the CLI

After 1 Week

Done

After 2 month(s)

Did it block Ad’s

Troubleshooting

Cooling

Rotating the screen

Buttons

Handy Links

Why backup and restore

Murphy’s Law

Backup (the easiest way) with Adminer

Restore (the easiest way) with Adminer

Bonus methods.

Footer

Popular

Security

Code

Tech

Wordpress

General