Configurations (Linux) | Bots!

Simple failover cluster using UCARP on Ubuntu (Heartbeat Alternative)

January 24, 2016 by Rumi

In this tutorial, I’ll show you the steps to create a simple failover cluster on Ubuntu using CARP. To make the things meaningful,we’ll create the cluster for Apache service but you can use it for any other service, which relay on IP.

Scenario:

Here is my Setup:

PrimarySrv: This is the main server, where I configured the apache and which act as Master (IP: 192.168.1.202)
SecondarySrv: 2nd Apache Server where I configured the apache exactly like on PrimarySrv (IP : 192.168.1.203)
192.168.1.250 : Virtual IP address,created using Ucarp.

Linux Tune Network Stack (Buffers Size) To Increase Networking Performance

December 23, 2015 by Rumi

By default the Linux network stack is not configured for high speed large file transfer across WAN links. This is done to save memory resources. You can easily tune Linux network stack by increasing network buffers size for high-speed networks that connect server systems to handle more network packets.

The default maximum Linux TCP buffer sizes are way too small. TCP memory is calculated automatically based on system memory; you can find the actual values by typing the following commands:

$ cat /proc/sys/net/ipv4/tcp_mem

The default and maximum amount for the receive socket memory:

$ cat /proc/sys/net/core/rmem_default
$ cat /proc/sys/net/core/rmem_max

The default and maximum amount for the send socket memory:

How to Encrypt VNC Traffic with Putty

December 9, 2015 by Rumi

By default, VNC is not secure protocol.VNC uses encryption during initial connection and login (passwords are not sent in plain-text). Once, we connected then all the VNC data is unencrypted and hacker could sniff our VNC session. It is better (safer) to start VNC server only on 127.0.0.1(localhost) and tunnel it over secure SSH tunnel (For this,there are options in Putty).

In this example, I am using CentOS 6.2 as VNC server and VNC Viewer & PuTTY as VNC client on Windows 7.

On CentOS, edit /etc/sysconfig/vncservers file:

sudo nano /etc/sysconfig/vncservers

Add the option “-localhost“:

SVN Server on Ubuntu 12.04 LTS with Web Access

December 9, 2015December 9, 2015 by Rumi

To install SVN server, run this command at the command prompt:

sudo apt-get install subversion libapache2-svn apache2

Make the directory where you want to keep the svn repositories and edit the dav_svn.conf file:

sudo mkdir /svn
sudo nano /etc/apache2/mods-enabled/dav_svn.conf

Delete all the data and make it simple like this 🙂

<Location /svn>
DAV svn
SVNParentPath /svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
</Location>

To create a svn user , use the following command:

How to Update SSH & MOTD Banner on CentOS 6

December 7, 2015 by Rumi

For legal reasons, Some people need to display a warning banner on their Linux machine before login so that a person requires to acknowledge the contents of the banner before entering the password. To do this, edit a/etc/issue.net file and fill it with the desired context.

Edit the /etc/issue.net file:

sudo nano /etc/issue.net

Here is mine banner as a sample, you can add your’s here:

#########################################################
# Authorized access only! # 
# Disconnect IMMEDIATELY if you are not an authorized user!!! #
# All actions Will be monitored and recorded #
###############################################################

Secure RDP connection through Vyatta using PuTTY

December 6, 2015 by Rumi

Connecting to SSH Server as gateway instead of directly RDP to a PC is safer way and add another layer ofencryption.With this method,we can connect to any client that is behind the firewall provided that we have open the port 22 (or any other SSH port) to the SSH Server.

In First step, we’ll configure the vyatta, so that it will forward the ssh request to the internal Linux server that it will receive on it’s port 222.

(From the Configuration Mode, issue these commands)

IP Setting on CentOS6 using Shell Script

December 6, 2015 by Rumi

#!/bin/bash

if [ $# -eq 5 ]
then

echo ""
echo "Taking the backup and Changing the hostname from $(hostname) to $1 ..."

sed -i.bk "s/$(hostname)/$1/g" /etc/sysconfig/network

echo ""
echo "Backing up & Assigning the Static IP ..."
echo ""

cp /etc/sysconfig/network-scripts/ifcfg-$2 /etc/sysconfig/network-scripts/$2.bk

cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$2

DEVICE=$2
BOOTPROTO=static
IPADDR=$3.$4
NETMASK=255.255.255.0
GATEWAY=$3.$5
ONBOOT=yes
EOF

echo "Changing the dns ..."
echo ""

sed -i.bk "s/nameserver.*/nameserver $3.$5/" /etc/resolv.conf

echo "Adding $1 as hostname to the /etc/hosts file .."
echo ""

sed -i.bk "/$(hostname)$/d" /etc/hosts
echo "$3.$4 $1" >> /etc/hosts

echo "Restarting the Network Service, Please connect it using the new IP Address if you are using ssh ..."

service network restart

else

echo "Usage: ip.sh <hostname> <interface> <baseip> <ipaddress> <gateway/dns>"
echo "Example: ip.sh testname eth0 10.10.10 41 1"

fi

Check Hardware Commands in Linux

November 5, 2015 by Rumi

1. lscpu
The lscpu command reports information about the cpu and processing units. It does not have any further options or functionality.

$ lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 1
Core(s) per socket: 4
Socket(s): 1
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 23
Stepping: 10
CPU MHz: 1998.000
BogoMIPS: 5302.48
Virtualization: VT-x
L1d cache: 32K
L1i cache: 32K
L2 cache: 2048K
NUMA node0 CPU(s): 0-3

Cloning Openvz Proxmox PVE container guest machine

December 13, 2016November 4, 2015 by Rumi

I first created a ‘template’ vm containing all stuff I need and using a temporarily ip adres.
In the network config file of eth0 (/etc/sysconfig/network-scripts/ifcfg-eth0) I comment out the HWADDRESS line, else it will not come up with another mac address…
Stop this ‘template’ vm as it is just used for cloning.
Create a backup : vzdump –dumpdir /path/to/backupdir –snapshot 101
Restore in new container : vzrestore /path/to/backupdir/backupfile_of_container_101 102 or vzrestore –storage ‘storagename’ /path/to/backupdir/backupfile_of_container_101 102
Create a new mac for eth0 : vzctl set 102 –netif_add eth0
Modify the hostname in the proxmox webinterface.
Bootup the vm and open a vnc console.
Change the ip address in /etc/sysconfig/network-scripts/ifcfg-eth0
Go to /etc/ssh and remove all keys : rm -f /etc/ssh/*key*
Restart the ssh server so it will regenerate keys : service sshd restart

Allow NFS attachment on Proxmox OpenVZ containers

November 4, 2015 by Rumi

Prepare the container

To allow a container to use NFS filesystem, you will need to start it with “nfs” feature enabled. If the container is running while you set the –features nfs:on, you will need to reboot it.

# vzctl set 101 --features "nfs:on" --save
# vzctl start 101

After this you may see nfs in /proc/filesystems

# vzctl exec 101 cat /proc/filesystems
 ext3
 ext2
nodev rpc_pipefs
nodev proc
nodev nfs
nodev sysfs
nodev tmpfs
nodev devpts