Thomas v James.com

Latest posts.

September 29th 2013

Create a windows base box for vagrant

Using puppet on windows, one thing has been missing for me, being able to iterate quickly with vagrant. There are a number of articles out there that detail a the steps required to create your own windows base box for vagrant, but unfortunately they’re a whole bunch of manual steps, which doesn’t gel too well with working with an automated environment. So this is my attempt to distil down the steps into as few manual ones as possible.

This has all been tested using the publicly available Windows Server 2008 R2 evaluation VHD for Hyper-V.

The end goal being a vagrant base box that:

  • Includes puppet
  • Has all the necessary setup performed via powershell
  • vagrant up works as expected

You will need the latest versions of the following installed as well:

The Hyper-V VHD unfortunately doesn’t work as-is with the default VirtualBox setting used when creating a new VM, so use the following bash script to setup the needed VirtualBox VM. The main change required is connecting the VHD to an IDE Controller not the default SATA one the wizard will create.

Save the above gist locally as virtualbox.sh in the directory you want to use as your working folder, the do the following:

  • Boot VM via ./virtualbox.sh script (note, only tested on a mac)
  • Login as Administrator/Pass@word1
  • Allow installation to complete, consent to the reboot
  • Login as Administrator/Pass@word1
  • Set the Timezone
  • Install the VirtualBox Guest Additions
  • Run the vagrant_prepare.ps1 gist from the command shell

    @powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://gist.github.com/tvjames/6750255/raw/33f3a553663b6b6ace77f1eb11ee23d4c58449fd/vagrant_prepare.ps1'))"
    

Once the preparation script is complete:

  • Activate Windows for 180 days of use.
  • Reset password expiry on administrator
  • Shutdown the VM so that a vagrant base box can be created

Back in the terminal window where virtualbox.sh was run from, execute the following, it will take a while:

NAME=$(basename -s .vhd *.vhd)
VBOX=$(VBoxManage showvminfo "$NAME" | grep "Config file" | cut -d : -f 2 -s | sed 's/^ *//g')
vagrant package --base "${VBOX}" --output windows-server-2008-r2-eval.box
vagrant box add windows-server-2008-r2-eval windows-server-2008-r2-eval.box 

If you are rebuilding an earlier box, you’ll need to remove the exiting one before running the above commands:

vagrant box remove windows-server-2008-r2-eval

To create your new windows vagrant instance:

vagrant init windows-server-2008-r2-eval
# alter Vagrant file according to https://github.com/WinRb/vagrant-windows
vagrant up

You now have a fully functioning vagrant controlled windows box for the next 180 days, with the puppet provisioner baked in.

Enjoy!

September 24th 2013

Virgin Australia’s Velocity Global Wallet – Getting activated, a tale of woe

I’m a regular Virgin Australia flyer, a Velocity member as well, when they announced the upgraded Global Wallet membership cards I was quite excited to try it out. The fees are comparable to some of the competition, the exchange rates will be another story. I’ve used the travelex cards a number of times in the past, but having to either order online and pickup at the post office or go in person to get one can sometimes be inconvenient (especially on short notice travel). So the Velocity Global Wallet sounded pretty good, it would always be there, all I had to do was put funds into it. Easy.

Or so I thought. Overall it was a rather frustrating process to get the card fully activated, the main issue mostly around the identity verification that comes with activation. The initial opt in, delivery and setup of the account was the easy thing, but the second you think you’re done there’s a redirect to the identify verification section, where the trouble starts.

Originally I wrote this as a bit of a rant, but I’ll spare you.

The ID verification is an online process that accepts the usual forms of identification you might find on the list when applying for a medicare card, opening a bank account or applying for a new credit card. This is where I start to take issue, compared with other travel money cards and local pre-paid visa/mastercard the ID requirements seem pretty high. When I picked up my last travelex card at the post office, ID was required to confirm the pickup, it wasn’t record or kept.

The second issue I faced was when attempting to meet the high ID requirements, once I entered by drivers licence details, I was then unable to fill in my passport information, which I expected would meet the 100 points of ID requirement they seem to have. Unfortunately the application would only allow me to enter, the passport was now incompatible with my other supplied details:

  • Electoral Enrolment information, no good if you’re not a citizen
  • Certified copied of a whole bunch of documents.

I threw my hands up at this point, I wasn’t going to go to the effort of certifying and scanning documents just for a travel money card, if I was going to go to that much effort I’d just walk into travelex. I leave a few ranty tweets and get a stock “if you’re having issues please call us” kind of reply. Along with this reassuring message about the need for all the identity verification.

“Hi, as the Global Wallet allows global access to stored funds, the verification process needs to be secure for our members”

I appreciate that the portal to provide my identification needs to be secure, this doesn’t address my frustration at the level of identity verification required, and what seemed like illogical rules around incompatible identification documents.

I left it a few weeks until I was sitting in the Melbourne Lounge waiting for my flight home, figured I would give it another go.

This time success, passport detailed were accepted and along with an uploaded (non certified) scan of my drivers licence. The process proceed to it’s next logical step, manual verification. I hoped that would be it.

Shortly later an email arrived from a customer service rep, asking me to provide additional documents that confirm my address. This seemed odd as I had supplied correlated ID with my residential address. I informed them they may have had my postal address supplied by Velocity, but they had all the information required to verify my identity.

This unfortunately wasn’t a sufficient response on my part, so again I was asked to verify my postal address (the address the card was sent to), along with a helpful note about the kinds of documents that would be acceptable. These include:

  • Australian Taxation Office (ATO) notice issued within the last 12 months.
  • A financial benefits notice issued by the Commonwealth or a State/Territory within the last 12 months (e.g. a notice from Centrelink)
  • Utilities notice issued by a local government or utilities provider within the last 3 months.
  • Government-issued identification that verifies your address (example: driver’s licence)

This list wasn’t helpful, as I had supplied my government issued ID, utility bills delivered online contained my residential address and I sure-as-hell wasn’t going to be providing anything from the ATO to them. About to throw my hands up again, I thought about what official documents I had received that weren’t financial (bank statements, tax assessments) that I could scan, censor and email. Oh yes, they offer along with the secure website the option of just emailing them the documents. I think Troy Hunt wrote an interesting article recently on this, For your security, please email your credit card and driver’s license (basically, don’t).

I found a something suitable, scanned it, censored it so only the company & my postal address were visible, returned it in an email along with a request for the following information.

  1. The regulation that requires this degree of information capture
  2. Their privacy policy,
  3. Their data retention & storage policy
  4. Anything else that relates to the use, storage or destruction of the supplied personal information.

The response I received, “We have reviewed your application and removed your registration error.”, while it has finally allowed me to fully activate my card, unfortunately did not address my request for the above information.

So what could Velocity have done differently?

  • Offered in-person verification for lounge members, or at a kiosk at the airport. I travel often, use the lounge, this would have worked nicely.
  • Dog food the process, assuming I’m not the only person experiencing this, it feels like the business process might not have been thoroughly tested with an test group.
  • Further empower their social media team to contact me directly to address my frustration, feedback and concerns. This was something that CommBank did relatively well, after an unpleasant call centre experience.
  • Re-evaluate just how much personal information they really need for a travel money card, and still address the regulations. Assure me that the partner they have chosen isn’t going to result in my identity being stolen as well.

I realise some of these issues may be set by the partner that provides the travel money cards, Rêv Australia, but the card wears the Virgin brand, so I see these as issues that Velocity / Virgin have the responsibility to own & address.

Finally, in the off chance that someone from Virgin / Velocity reads this, drop me an email if you want to discuss, I am keen to hear if it’s just me, or others have had the same issue. A quick google resulted in a forum post where no ID at all needed to be provided.

September 15th 2013

Vagrant AWS & rsync on windows

I’ve been using vagrant & vagrant-aws quite a bit lately, it’s great to be able to fire up a VM to test something out then fire it up on an EC2 instance to try it out in the cloud. Easy as hell when running on linux/osx but less than obvious when doing it on Windows. Everything vagrant-aws works out of the box, except rsync.

There are two issues:
* Not all the AMIs have rsync installed by default
* Windows doesn’t have rsync

The first issue can be overcome by adding a small user_data script that installs rsync on startup while the answer to the second is less obvious. There are a couple of rsync options available for windows.

I found the cwRsync Free Edition to work quite well.

Grab the installer (not the server installer), install and then add it to your path. After that as long as you’re using an AMI with rsync available you should be good to go.