-
Part 3: Building the Keystone – Dataproc Custom Images for Secure Boot & GPUs
Part 3: Building the Keystone – Dataproc Custom Images for Secure Boot & GPUs In Part 1, we established a secure, proxy-only network. In Part 2, we explored the enhanced install_gpu_driver.sh initialization action. Now, in Part 3, we’ll focus on using the LLC-Technologies-Collier/custom-images repository (branch proxy-exercise-2025-11) to build the actual custom Dataproc images embedded with…
-
Part 2: Taming the Beast – Deep Dive into the Proxy-Aware GPU Initialization Action
Part 2: Taming the Beast – Deep Dive into the Proxy-Aware GPU Initialization Action In Part 1 of this series, we laid the network foundation for running secure Dataproc clusters. Now, let’s zoom in on the core component responsible for installing and configuring NVIDIA GPU drivers and the associated ML stack in this restricted environment:…
-
Dataproc GPUs, Secure Boot, & Proxies
Part 1: Building a Secure Network Foundation for Dataproc with GPUs & SWP Welcome to the first post in our series on running GPU-accelerated Dataproc workloads in secure, enterprise-grade environments. Many organizations need to operate within VPCs that have no direct internet egress, instead routing all traffic through a Secure Web Proxy (SWP). Additionally, security…
-
Upgrading Proxmox 7 to 8
Some variant of the following[1] worked for me. The first line is the start of a for loop that runs on each node in my cluster a command using ssh. The argument -t is passed to attach a controlling terminal to STDIN, STDERR and STDOUT of this session, since there will not be an intervening…
-
Installing a desktop environment on the HP Omen
`dmidecode | grep -A8 ‘^System Information’` tells me that the Manufacturer is HP and Product Name is OMEN Transcend Gaming Laptop 14-fb0xxx I’m provisioning a new piece of hardware for my eng consultant and it’s proving more difficult than I expected. I must admit guilt for some of this difficulty. Instead of installing using the…
-
Security concerns regarding OpenSSH mac sha1 in Debian
What is HMAC? HMAC stands for Hash-Based Message Authentication Code. It’s a specific way to use a cryptographic hash function (like SHA-1, SHA-256, etc.) along with a secret key to produce a unique “fingerprint” of some data. This fingerprint allows someone else with the same key to verify that the data hasn’t been tampered with.…
-
Signed NVIDIA drivers on Google Cloud Dataproc 2.2
Hello folks, I’ve been working this year on better integrating NVIDIA hardware with the Google Cloud Dataproc product (Hadoop on Google Cloud) running the default cluster node image. We have an open bug[1] in the initialization-actions repo regarding creation failures upon enabling secure boot. This is because with secure boot, kernel driver code has its…
-
IPv6 Multicast support on libvirt guests using macvtap
# # Debian / libvirt # # By default, qemu guests network interfaces are created with the # trustGuestRxFilters attribute set to no. This setting blocks # neighbor solicitation and other ipv6 multicast traffic. To enable # neighbor solicitations, modify your interface definition in your # guest definition XML. # For example if you have…
-
Converting a windows install to a libvirt VM
Reduce the size of your c: partition to the smallest it can be and then turn off windows with the understanding that you will never boot this system on the iron ever again. Boot into a netinst installer image (no GUI). hold alt and press left arrow a few times until you get to a…