Arabian Beer Goggles
Lol, just kidding. Its about a new beer I’ve ‘discovered’ after being in search for an alternative to Arabian Moose Beer for a long time since it had gone missing speaking of scarcity of brewery brands no more than few available here, at the place I live!
Its called Barbican and keeps some history with it!
Its pretty awesome and a friend of mine just made it more awesome. She said, “Barbi Can!“.
Lol, what a name!
Expanding the C: drive (system boot partition)
Posted by Abbas in Uncategorized on March 3, 2010
So, I ran out of space on system partition in one of my primary xen virtual machines. Yea, things like this happen quite often when I literally underestimate myself. Unlike Linux, in this case there’s no power of init which lets you expand an LVM or move a system partition to new disk even without going through any reboots. I guess Microsoft realised that its an important option Windows should have so they provided in Windows Server 2008 and Windows 7 under Disk Management with an on the fly ability to either shrink or expand a system volume. But still its a painful risky process in XP or Server 2003. I’m familiar with third party softwares that help in resizing the partitions including GParted but like always I like to follow vendor supported methodologies on production machines. And it was ‘diskpart’ here. Booting the system from a Server 2008 / Vista DVD’s recovery tools or from WinPE, you can use diskpart. But first things first – there are three requirements you must have before going ahead.
- Free space should exist contiguous right after the system partition
- That free space partition must be of ‘primary’ type and must not be a logical partition.
- It should also be in ‘unallocated’ or deleted form without an existence of a ‘drive’ on it.
I had 10Gig C: and D: drive on a 20Gig of a disk. Added 10 more from XenCenter totalling into 30. As I needed a primary unallocated partition after C: drive so I had to use robocopy to backup the D: drive’s data into a network samba share, format and then split it into one primary and one extended partition.
Legends:
Red = Total system drive space before and after the expand
Blue = Total free space on disk before and after expand
Green = Commands issued.
Error Logging to Console
Posted by Abbas in Uncategorized on February 6, 2010
Sometimes when some applications start logging to console, it can really bleed your eyes when something wrong happens. Not mentioning about standard output or standard errors which are rather easily controllable but it could be anything else invoked by kernel such as iptables logging when you would like to log any rules to a log file or default syslog. But “hideously” such applications log to system console too and can surprise you when you plug monitor and see a messy mesh of error loggings all the way back and forth, specifically when a machine is virtual – of course in that case VM would be unresponsive 
I was trying to look into syslog.conf to control but found out that this is not what a syslog daemon has dominance over; in fact, needs kernel-level logging modified. And this can be done through either of these ways.
Instruct kernel to log only “errors” instead of informational notifications.
Controlled by ‘printk’ kernel parameter. Defaults are:
# sysctl -a | grep printk
kernel.printk_ratelimit_burst = 10
kernel.printk_ratelimit = 5
kernel.printk = 6 4 1 7
# find /proc -name '*printk*' -exec cat {} \;
6 4 1 7
Just change ’6 4 1 7′ to ’3 4 1 7′.
# echo "kernel.printk = 3 4 1 7" >> /etc/sysctl.conf # sysctl -p
Documentation goes over here, if you’re intrested /usr/share/doc/kernel-doc-2.6.18/Documentation/sysctl/kernel.txt
printk: The four values in printk denote: console_loglevel, default_message_loglevel, minimum_console_loglevel and default_console_loglevel respectively. These values influence printk() behavior when printing or logging error messages. See 'man 2 syslog' for more info on the different loglevels. - console_loglevel: messages with a higher priority than this will be printed to the console - default_message_level: messages without an explicit priority will be printed with this priority - minimum_console_loglevel: minimum (highest) value to which console_loglevel can be set - default_console_loglevel: default value for console_loglevel
Definitions of kernel logging numbers, from Syslog’s manual:
#define KERN_EMERG "<0>" /* system is unusable */ #define KERN_ALERT "<1>" /* action must be taken immediately */ #define KERN_CRIT "<2>" /* critical conditions */ #define KERN_ERR "<3>" /* error conditions */ #define KERN_WARNING "<4>" /* warning conditions */ #define KERN_NOTICE "<5>" /* normal but significant condition */ #define KERN_INFO "<6>" /* informational */ #define KERN_DEBUG "<7>" /* debug-level messages */
Change kernel ring buffer logging level
Just keep in mind, using this approach only limits console logging and issuing dmesg would still print the over all logs.
# dmesg -n 3 or # dmesg -n 4
HA LB Cluster on CentOS5 – Without actual heartbeat :P
Last month I wrote a howto for highly available load balanced Piranha cluster using Red Hat’s cluster suite. Until then it was quite not obvious why one should use the Debian styled network load balanced cluster in the production environment when actual “heartbeat” package and service creates a lot of havoc on Red Hat machines. But my reckoning of doing classic things more manually kept me interrogative and I found the flexible way of doing load balanced clustering without needing the actual heartbeat service. Reasons why I’m so much against of having it are numerous:
- Running heartbeat snatches the independence of managing virtual IP addresses on load balancer by hand.
- Thus restricting expansion of the pools!
- Ldirector’s daemon must be managed by heartbeat when its running.
- Waste of resources in utilization; such with a sheer restart of heartbeat service and it just sits on waiting and waiting,…
- And above all, I don’t need a “second” load balancer for a failover. All that glitters is one load balancer running ldirectord in a simple environment and as for the job, it does most of heartbeat’s when acting as a divider and a monitor for distributing requests between web servers.
Environment
Requirements: At least three systems, each with a minimum of one IP (CentOS in my case). Packages ‘heartbeat’, ‘heartbeat-ldirector’ for load balancing and ‘ipvsadm’ for Linux IP Virtual Server. I know you’re thinking that why the ‘heartbeat’ when actually we’re not going to run it. In fact, we’re not going to run it; its just for a dependency resolution, rather a service startup requirement – I should say (/etc/ha.d/shellfuncs is the file needed)! And I swear we won’t run it ! So these are the packages which shape into a project Ultramonkey when combined and it describes the different topologies of a functional HA LB cluster but that’s not our concern, anyway 
(perhaps yours if you think you’ve a bit of free time)
Virtual IP: 10.10.10.60
Load Balancer: 10.10.10.61 aka VM1.
Cluster Nodes/Real Servers:
Web Server1: 10.10.10.62 aka VM2
Web Server2: 10.10.10.63 aka VM3.
And we’ll be using LVS-DR (direct routing) approach for clustering; its most widely used and has lesser downsides.
Lets start by configuring the web servers first.
Cluster Nodes Configurations
1. On both web servers VM2 and VM3, apache should be running having a common serving file (for purpose of get checked by ldirectord).
# yum install httpd -y # echo foo > /var/www/html/test.html # service httpd start # chkconfig httpd on
And to distinguish both of the web servers during test loading, create at least a one unique file on each of web servers.
[root@VM2 ~]# echo "This is VM2" > /var/www/html/index.html [root@VM3 ~]# echo "This is VM3" > /var/www/html/index.html
2. Virtual IP needs to be terminated on both web servers so we’ll create a second network interface on each of it. Because eventually all three NICs on all three servers would have to have the same VIP so this would cause a problem with ARP as it resolves MACs against IPs. There are different solutions to this problem. Some may refer to use iptables or arptables_jf. Many would recommend changing default gateway route or hiding the network interface (by the way don’t use iptables or change default gateway for this; Red Hat discourages both of these methods as they cause a lot of overhead). But the most flexible approach I’ve found is:
a. create a loopback interface so it doesn’t communicate with your network gateway/router directly.
b. instruct Linux kernel to announce ARP requests with preference to be taken from local address when matching for communication instead preference from the destination address.
c. instruct Linux kernel to send ARP responses only to the requests originating from same sender address to same local addresses’ subnet. Details here, if you’re really curious about it.
# vi /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0 IPADDR=10.10.10.60 NETMASK=255.255.255.255 ONBOOT=yes NAME=loopback # # vi /etc/sysctl.conf net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.eth0.arp_announce = 2 # sysctl -p # ifup lo:0
Load Balancer Configuration
We’ll be going through:
a. installing required packages
b. enabling IP forwarding,
# yum install heartbeat heartbeat-ldirector ipvsadm -y # chkconfig --add ldirectord # chkconfig --del heartbeat # sed -i 's/net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 0' /etc/sysctl.conf # sysctl -p
c. configure secondary eth0 for VIP as its going to be exposed to outside world or your local gateway and
# vi /etc/sysconfig/network-scripts/ifcfg-eth0:0 DEVICE=eth0:0 BOOTPROTO=none ONBOOT=yes HWADDR=3a:5d:71:ad:67:47 NETMASK=255.255.255.0 IPADDR=10.10.10.60 GATEWAY=12.12.12.1 TYPE=Ethernet
d. then creating ldirector.cf, the configuration file of our load balancer, respectively!!
# vi /etc/ha.d/ldirectord.cf checktimeout=10 checkinterval=2 autoreload=no logfile="/var/log/ldirectord.log" quiescent=no virtual=10.10.10.60:80 real=10.10.10.62:80 gate real= 10.10.10.63:80 gate service=http request="test.html" receive="foo" scheduler=wrr protocol=tcp checktype=negotiate # service ldirectord start
Option ‘quiescent’ just removes the real server from ipvs table whom ldirectord doesn’t recieve any response from, when querying for test.html within ten seconds, marking that real server as dead; until its available again. Note that the “gate” switch in ‘real’ server’s parameter value which testifies the usage of LVS Direct Routing method. The rest of the two methods are masq and ipip the details of which along with the other options available, particularly the scheduler parameters, for this configuration file can be found in ‘man ldirectord’.
Testing
Use ‘ipvsadm’ to list down current statistics of ldirectord. Make sure that both real servers IPs are listed there and have non-zero value in weight (since we’ve this default setup, it should be 1). If not, then try checking the log file, tcpdump on ldirector and apache logs on real servers.
If everything works good, you’ll see changing content when browsing to http://10.10.10.60/ multiple times (from another system outside these cluster nodes). Then stop httpd on one web server, browse to the URL again and all requests should now be served from the other web server.
[root@VM1 ~]# ipvsadm -l IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.10.10.60:http wrr -> 10.10.10.63:http Route 1 0 0 -> 10.10.10.62:http Route 1 0 0
For a more meaningful testing
$ for i in $(seq 6); do curl http://10.10.10.60/index.html; done This is VM3 This is VM2 This is VM3 This is VM2 This is VM3 This is VM2
I’ll be posting a couple of optimizations techniques soon when I’ll be getting some more free time. Stay tuned and take care
checkinterval=2
autoreload=no
logfile=”/var/log/ldirectord.log”
quiescent=yes
virtual=10.10.10.60:80
real=10.10.10.62:80 gate
real= 10.10.10.63:80 gate
service=http
request=”index.html”
receive=”hi”
scheduler=wlc
protocol=tcp
checktype=negotiate
Total Rsync Progress
If you use rsync frequently, you might be aware of the fact that rsync doesn’t show overall or total transfer statistics when you’re syncing directories recursively. Even options like ‘–progress’, ‘–stats’ and ‘-vv’ won’t do that. I was searching for that, was about to write a script to run in dry-run mode and measure an overall rsync progress but found a patch here written by Graeme Humphries. This patch later was incorporated into latest dev version 3.1dev downloadable here at http://samba.anu.edu.au/ftp/rsync/dev/nightly/ with an option invokable by ‘–info=progress2′.
Excerpts from the man pages:
There is also a --info=progress2 option that outputs statistics based on the whole transfer, rather than individual files. Use this flag without outputting a filename (e.g. avoid -v or specify --info=name0 if you want to see how the transfer is doing without scrolling the screen with a lot of names. (You don't need to specify the --progress option in order to use --info=progress2.)
So, I downloaded, compiled and installed this dev version and guess what now, there’s no creepy scrolls in shell console filling up the screen with individual file progress.
Yea, I know Red Hat and CentOS are slow in updating their packages repository but lets hope when this build is final, Dag’s repo may have an rpm for it.
Easiest way to create selfsigned certificates
For Linux its going to be with tool ‘genkey’ – a part of crypto-utils package available in Red Hat distros.
# genkey servername
And for Windows, easiest way to do is with SelfSSL available in IIS 6.x Resource Tools.
ASCII Art in Linux
I’m fond of two ascii art tools in Linux.
- linux_logo
- figlet
Both of these are available in RPMForge/Dag’s repository. Second one, figlet draws the ascii art for any text that is input. It has a lot of font options available (see man for figlet and figlist).
Installing HPLIP 3.9.10 on CentOS 5.4 for newer printers (HP LaserJet M1120 MFP)
CentOS 5′s base repository has an older version of HPLIP, something about ’1.6.7′ or so which of course is not adequate to get newer HP printers specially the LaserJet series, to get to work. Now the natural way to have this installed, you may think is to compile it from source – if you’re thinking that then no, that won’t help out! Even after fulfilling all of the required dependencies. I got about almost 14 errors when running hp-check utility after compiling, got’em reduced to 10 but no far lesser than that if you know what I mean.
error: NOT FOUND! This is a REQUIRED/RUNTIME ONLY dependency. Please make sure that this dependency is installed before installing or running HPLIP. error: NOT FOUND! This is a REQUIRED/RUNTIME ONLY dependency. Please make sure that this dependency is installed before installing or running HPLIP. warning: NOT FOUND! This is an OPTIONAL/RUNTIME ONLY dependency. Some HPLIP functionality may not function properly. warning: NOT FOUND! This is an OPTIONAL/RUNTIME ONLY dependency. Some HPLIP functionality may not function properly. error: NOT FOUND! This is a REQUIRED/COMPILE TIME ONLY dependency. Please make sure that this dependency is installed before installing or running HPLIP. error: Could not access file: No such file or directory error: 10 errors and/or warnings. ----------- | SUMMARY | ----------- Please refer to the installation instructions at: http://hplip.sourceforge.net/install/index.html
Pretty insane though, many of these dependencies were already installed. I would assume that this would be the reason why hplip is not under active development for CentOS and why its not current under CentOS as I saw quite a few HP’s devs and techs saying a big “no” to this community based distribution when people complained on their Launchpad about these compilation errors. Plus, the relative hplip installation issues I found on CentOS’ forum.
After being in disappointed (oops wth) situation, I tried running the RHEL5′s rpm (can be downloaded from hplip’s site) on it after removing the source installed version, but it too gave the dependency errors which I hoped I would resolve and I did later on.
Installing……
# rpm -ivh /Raid/hplip-3.9.10_rhel-5.0.i386.rpm Preparing... ########################################### [100%] file /usr/bin/hpijs from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 file /usr/lib/libhpip.so.0.0.1 from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 file /usr/lib/sane/libsane-hpaio.so.1.0.0 from install of hplipfull-3.9.10-0.i386 conflicts with file from package libsane-hpaio-1.6.7-4.1.el5.4.i386
So, I decided to remove problematic hpijs
Package Arch Version Repository Size Removing: hpijs i386 1:1.6.7-4.1.el5.4 installed 588 k Removing for dependencies: libsane-hpaio i386 1.6.7-4.1.el5.4 installed 94 k sane-backends i386 1.0.18-5.el5 installed 3.1 M sane-backends-devel i386 1.0.18-5.el5 installed 27 k sane-backends-libs i386 1.0.18-5.el5 installed 5.2 M xsane i386 0.991-5.el5 installed 4.5 M Transaction Summary Install 0 Package(s) Update 0 Package(s) Remove 6 Package(s)
But realised soon that it also removed libsane sub-dependency as well.
# rpm -ivh /Raid/hplip-3.9.10_rhel-5.0.i386.rpm error: Failed dependencies: libsane.so.1 is needed by hplipfull-3.9.10-0.i386
Because installing sane would also install hpijs and other conflicting stuff as well so the solution here was to remove problematic packages without ‘removing’ any dependencies needed.
[root@ToughGuy ~]# rpm -ivh /Raid/hplip-3.9.10_rhel-5.0.i386.rpm Preparing... ########################################### [100%] file /usr/bin/hpijs from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 file /usr/lib/libhpip.so.0.0.1 from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 file /usr/lib/sane/libsane-hpaio.so.1.0.0 from install of hplipfull-3.9.10-0.i386 conflicts with file from package libsane-hpaio-1.6.7-4.1.el5.4.i386 # # rpm -ev --nodeps libsane-hpaio # rpm -ivh /Raid/hplip-3.9.10_rhel-5.0.i386.rpm Preparing... ########################################### [100%] file /usr/bin/hpijs from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 file /usr/lib/libhpip.so.0.0.1 from install of hplipfull-3.9.10-0.i386 conflicts with file from package hpijs-1.6.7-4.1.el5.4.i386 # # rpm -ev --nodeps hpijs # # rpm -ivh /Raid/hplip-3.9.10_rhel-5.0.i386.rpm Preparing... ########################################### [100%] 1:hplipfull ########################################### [100%] #
Concluding the overall steps:
# yum install cups cups-devel ghostscript* PyQt xsane -y # Download and install hplip-3.9.10_rhel-5.0.i386.rpm from http://hplipopensource.com/hplip-web/install_wizard/index.html choosing RHEL5. # rpm -ev --nodeps libsane-hpaio # rpm -ev --nodeps hpijs # rpm -ivh hplip-3.9.10_rhel-5.0.i386.rpm # Reboot the system if you're lucky enough, you'll see no errors # reboot # system-config-printer
And configure the printer now as usual. Just out of curiosity, this was my XenServer where I installed it (yea I know it would sound funny) and I got scanner (LaserJet M1120 is dual scanner and printer) working fine as well with xsane. Check it out
Scan Test HP LaserJet M1120 MFP
NOTE: If this post helped you out or provided you with ways of troubleshooting, feel free to say a little thanks
Cats in an international airport!
Just came across this snap in my cell’s pic gallery which I took at Zia Intl. Airport. Funny!
Raid tricks
Posted by Abbas in Uncategorized on December 16, 2009
Increasing the rebuild speed
Sometimes when you’re quite lazy or bored and don’t like the noticeable amount of free resources on your server, you may like to increase the raid building and resyncing process speed.
# echo 250000 > /proc/sys/dev/raid/speed_limit_max
# echo 250000 > /proc/sys/dev/raid/speed_limit_min
And this would spin up the hards faster to their maximum extent saving almost half of the time!
Defaults were:
# cat /proc/sys/dev/raid/speed_limit_max
200000
# cat /proc/sys/dev/raid/speed_limit_min
1000
And looks like my hards have 100M/s speed.
#hddtemp /dev/sda
/dev/sda: ST3750330AS: 31°C
# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 280 MB in 3.01 seconds = 93.09 MB/sec
Checking and repairing
The larger the hard drive is the greater the probability of having its blocks corrupted. Its better to check for consistency against any bad blocks or md superblocks.
# cat /sys/block/md0/md/sync_action
idle
# echo check > /sys/block/md0/md/sync_action
And if there are any, repair them.
# echo repair > /sys/block/md0/md/sync_action
Setting up RAID alerts to send emails about any errors
Red Hat family distros come with built in service daemon mdmonitor which runs ‘mdadm –monitor’ in a daemon mode.
Remember to add “DEVICE partitions” or partitions being components of an md array to top of file /etc/mdadm.conf. Monitoring all RAID events and changing default email template Last edited on: Tue Mar 9 11:41:38 PST 2010
# mdadm --detail --scan >> /etc/mdadm.conf
# echo "MAILADDR some-email-address" >> /etc/mdadm.conf
# chkconfig mdmonitor on
# service mdmonitor restart
Added the two new tweaks.
I am CeontOStic, are you?
Recent Comments