x11vnc and Dummy Monitor

Setup x11vnc

Install package:

$ apt install x11vnc

Set password:

$ x11vnc -storepasswd /etc/x11vnc.pass

Create x11vnc service:

$ vim /lib/systemd/system/x11vnc.service
[Unit]
Description=Start x11vnc at startup.
After=multi-user.target
[Service]
Type=simple
ExecStart=/usr/bin/x11vnc -auth guess -forever -loop -noxdamage -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -shared
[Install]
WantedBy=multi-user.target

Enable the service:

$ systemctl enable x11vnc.service 
$ systemctl daemon-reload

Reboot.

Setup Dummy Monitor Driver

Install package:

$ apt install xserver-xorg-video-dummy

Configure xorg.conf:

$ vim /etc/X11/xorg.conf
Section "Device"
  Identifier  "Configured Video Device"
  Driver      "dummy"
EndSection

Section "Monitor"
  Identifier "Configured Monitor"
  HorizSync 31.5-48.5
  VertRefresh 50-70
EndSection

Section "Screen"
  Identifier "Default Screen"
  Monitor "Configured Monitor"
  Device "Configured Video Device"
  DefaultDepth 24
  SubSection "Display"
    Depth 24
    Modes "1920x1080"
  EndSubSection
EndSection

Java 9 Restriction on MD5withRSA

Problem:
You got the following error message when trying to access Java applet.

Unsigned application requesting unrestricted access to system. The following resource is signed with a weak signature algorithm MD5withRSA and is treated as unsigned.

Screen Shot 2017-10-30 at 5.22.09 PM

Workaround:

  1. Get java.security file in Java Applet Plugin folder.
$ cd /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/conf/security/ 
$ vim java.security
  1. Find the following lines and comment them out.
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
      DSA keySize < 1024

jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224

E.g.:

#jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
# RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224

#jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
#      DSA keySize < 1024

#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
#    EC keySize < 224

Bright Cluster – HA Setup

  1. Configure failover interface in 1st Head Node
  2. Register license for HA
  3. Prepare HA configuration using command
     $ cmha-setup
  4. Go to Setup menu to prepare configuration
  5. Check Clone Failover for clone instruction
  6. Power-on second head node, let it boot to PXE
  7. Select Rescue in PXE menu
  8. Login as root
  9. Start cloning by calling
     $ /cm/cm-clone-install --failover
  10. The second head node will reboot automatically once completed
  11. Back to primary head node.
  12. In cmha-setup menu, select Finalize.
  13. Verify HA status
     $ cmha status
  14. In cmha-setup menu, configure shared storage.