Today I spent large part of the day to configure a vpn to access our servers. Instead of leaving port 22 wide open, I prefer to use a vpn to access the internal network and to do ordinary administration tasks. This way I'll also be able to use graphical tools that I don't feel like to use over the internet.
unix
MD1000 performance
By abate - Posted on July 11th, 2008
Tagged:
This is data related with a dell 2950 + md1000 that I'm configuring. /dev/sda is the onboad raid controller with 3 300G sas disks (raid5). /dev/sdb is the md1000 with 5 1T sata disk (raid5). First when configuring the md1000 you must create the logical volume from the bios. I've created a fairly standard raid5 array using with all disks.
The crude data without any optimization is as follows:
<code lang=sh> promethium:~# hdparm -tT /dev/sda
/dev/sda: Timing cached reads: 5872 MB in 2.00 seconds = 2940.90 MB/sec
trasfering data over the wire with nc
By abate - Posted on June 24th, 2008
Tagged:
nc, TCP/IP swiss army knife, is an utility to transfer data across the network (actually is much more then that...). If you need to transfer large files inside you private network it might be a good idea to use nc, instead of heavier data transfer protocols (such as nfs, samba, ssh, http...)
Server side :
nc -vvn -l -p 3000 -w 3 | pv -b > outputfile
where -l says to listen and -p 3000 specifies the port.
Client side :
nc -vvn 192.168.0.5 3000 < inputfile
This is pretty straightforward.
To make the process a bit more human friendly I've used pv that is a small monitor the progress to show how much data has been transfered.
how to resize a xen image (or any other fs)
By abate - Posted on June 24th, 2008
This is a small recipe to resize a disk image. In this case I wanted to make it bigger.
create a sparse file :
dd if=/dev/zero of=xen.img bs=1k count=1 seek=30M
copy the old file system to the sparse file:
dd if=old-xen.img of=xen.img conv=notrunc
now we resize the fs (reiserfs in this case)
resize_reiserfs xen.img
and we can happily mount it.
mount -o loop xen.img test/
now we have a bigger fs !
# df -h
Filesystem Size Used Avail Use% Mounted on
/home/xen.img 30G 338M 30G 2% /home/test
running skype in a schroot
By abate - Posted on April 27th, 2008
If I don't trust a stranger to wonder inside my house, why should I allow a closed source program to access my home directory ? Apart from the paranoia and conspiracy implications I decided to spend some time learning how to chroot skype (and iceweasel for that matter, since I don't really trust javascript, flash and the mozilla plugin model) in a chroot.
I started from this article :
http://www.debian-administration.org/articles/566
This recipe didn't work out of the box. This is mine:
Now step by step:
First we install the software. I'm working on a debian unstable...
Openldap + SSL
By abate - Posted on April 13th, 2008
There are many many howto on the net regarding this topic. Here I'll not give another howto, but just a list of mistakes I've done today. I hope this will same some time to others.
openssl certs
nagios
By abate - Posted on March 19th, 2008
This week I spent some time configuring nagios to track our infrastructure, including web services and hardware.
Nagios is an interesting piece of software. It's very flexible and kinda easy to setup. I've to say that the documentation is not particularly well written. However sites like http://www.nagiosexchange.org/ make like very easy. Setting it up on debian is pretty straightforward.
mysql + ssl and xen headahe
By abate - Posted on March 11th, 2008
Well today I tried to understand why our production server (shame shame) has rebooted twice in a row in the last 3 days. The only visible problem in the logs is the infamous xen error : " xen_net: Memory squeeze in netback driver." . Googling around it seems kinda common and the recommended solution is to add dom0-min-mem to xend.conf and dom0_mem as a kernel option. I've done that and updated the xen hypervisor to the latest bakcported version. The machine is up and running and everything seems fine at the moment. I didn't touch the kernel.
magacli, openipmi, ipmitool
By abate - Posted on March 7th, 2008
Tagged:
If you manage a dell poweredge, it will come a time where you are curious to know about the health of your machine. These are few notes.
The first thing you will try is probably the dell management server. It's the usual java monster with web interface and all in it. I don't like it. So I installed openimpi and got the megacli bianry from the lsi website.
openimpi is easy: apt-get install opemimpi impitools
Then we need to load the impi kernel modules:
ipmi_si
ipmi_devintf
ipmi_msghandler
ipmi_poweroff
ipmi_watchdog
ipmi_devintf
ipmi_msghandler
ipmi_poweroff
ipmi_watchdog
quicky about ssh
By abate - Posted on February 29th, 2008
Tagged:
To generate a new key-pair on your local machine you run the following command:
ssh-keygen -t rsa
Then you can copy the key to the remote hosts with
ssh-copy-id -i ~/.ssh/id_rsa.pub username@remotehost
More info:
man ssh-agent
man ssh-add
