from:"admin"

On Fri, Jan 22, 2016 at 11:02 AM, Ed Heron  wrote:
>   I'm still running CentOS 5 with Xen.
>
>   We recently replaced a virtual host system board with an Intel
> S1400FP4, so the host went from a 4 core Xeon with 32G RAM to a 6 core
> Xeon with 48G RAM, max 96G.  The drives are SSD.
>
>   I was recently asked to move an InterBase server from Windows 7 to
> Windows Server.  The database is 30G.
>
>   I'm speculating that if I put the database on a 35G virtual disk and
> mirror it to a 35G RAM disk, the speed of database access might improve.
>
>   I use local LVM for my virtual disks with DRBD on top to mirror the
> disk to a backup server.
>
>   If I change grub.conf to increase RAM disk size and increase host RAM,
> I could create a 35G RAM disk.
>
>   I'd modify rc.local to add
> pvcreate /dev/ramdisk
> vgextend vg /dev/ramdisk
> lvconvert -m 1 --corelog vg/lv_database /dev/ramdisk
>
>   Even with lv_database being 35G, it doesn't take long to activate the
> mirror.
>
>   I haven't decided where to put the commands to turn off the lvm
> mirror.
> lvconvert -m 0 vg/lv_database
> vgreduce vg /dev/ramdisk
> pvremove /dev/ramdisk
>
>   I haven't put this in real world use, yet.
>
>   On it's face, this might speed up database access.  Would we expect it
> to speed up database access in real world use?
>
>   Should I document the process so others could know how to do this?  I
> realize new documentation for CentOS 5 virtualization would be
> considered obsolete before I wrote it but I'm expecting to test CentOS 7
> virtualization in the next few months and, when I am comfortable, I'd
> upgrade my 18 virtual hosts.  I would update the documentation, at that
> time, as well.
>
>


I may not understand enough to understand what you are doing, you want
to actively mirror this with LVM or?
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] LVM mirror database to ramdisk

On Fri, Jan 22, 2016 at 4:54 PM, Ed Heron  wrote:
>   Yes, but it isn't that simple.  One copy of the mirror would be on a
> physical disk.  The other copy of the mirror would be on RAM disk.
> Since data in RAM doesn't generally survive reboot, the RAM piece would
> need to be turned off before shutdown and created on startup.
>
>> Is there something about LVM mirroring that can handle disks of
>> different speeds?
>
>   With newer LVM, there appears to be some settings that might help with
> that a bit.  With this older verion, I'd be hoping that the next
> available disk would handle each request.  If the physical disk takes
> longer to deal with the writes, the RAM disk might be the one that is
> available most of the time.
>
>   I'd much prefer a method of pre-filling a 35G cache but I saw a
> reference to creating a disk mirror in RAM and decided to explore it.
>

Can you post the results of your test when you get it working?
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] LVM mirror database to ramdisk

>  Ed Heron  wrote:
>   Yes, in a test environment, I am mirroring a Logical Volume with a RAM
> disk to increase the perceived speed of the disk.  I'm expecting to
> convert a live guest to this type of setup, this weekend.
>
>   I was asking 2 questions.
> 1. Should I expect a significant increase in speed in a real world
> environment?  With enough RAM, a good caching system will eventually do
> a similar function.  This is almost like pre-loading a cache.
> 2. Should I document the process for others?  I'm using CentOS 5 now,
> which is on it's way out, but I would update the documentation to
> include CentOS 7 when I upgrade my servers.
>

See this is where I was confused.  Would not the LVM mirror have to
sync all the time with the disk anyways?

Is there something about LVM mirroring that can handle disks of
different speeds?
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] LVM mirror database to ramdisk

Ed Heron  wrote:
>   Absolutely, I'll share my real world results.  I'm happy that I'm not
> the only person interested in the technique.  I'm a little disappointed
> somebody isn't telling me there is a much simpler method of putting my
> database in RAM.  The technique is only useful in a situation where the
> server has gobs of RAM so it might only apply to a small subset of users
> but it might speed up database access.  And since it is being done by
> the virtual host, the guest doesn't need to know anything about it.
> This keeps guest complexity down.  Also, I don't have as much Windows
> knowledge as I have Linux knowledge so it was easier for me to implement
> under Linux.


See,

This is where I get confused again, which type of database is it?
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] win2008r2 update on centos 6 host made system unbootable

2015-12-08 Thread NightLightHosts Admin

On Tue, Dec 8, 2015 at 5:26 PM, Dennis Jacobfeuerborn
 wrote:
> Hi,
> today we ran into a strange problem: When performing a regular Windows
> 2008r2 update apparently among other things the following was installed:
> "SUSE - Storage Controller - SUSE Block Driver for Windows"
>
> Previously the disk drive was using the Red Hat virtio drivers which
> worked just fine but after the reboot after the update I just get a blue
> screen indicating that Windows cannot find a boot device.
>
> Does anyone understand what is going on here? Why is the windows update
> installing a Suse driver that overrides the Red Hat driver even though
> it is apparently incompatible with the system?
>
> Regards,
>   Dennis

Did you roll back the driver and did it work after that?
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS] Centos 6.5 - Fping - SE Linux - Missing type enforcement (TE) allow rule

2014-10-25 Thread admin


Hi gents,

I seem to have a small issue with fping and Observium(a monitoring 
solution). The particular VPS I'm using does have SELinux enabled and it 
seems to be causing issues when the httpd process is attempting to use 
Fping?


Here is what I know so far :

Output from audit2why -a :

---
type=AVC msg=audit(1414265994.125:6744): avc:  denied  { create } for  
pid=8968 comm=fping scontext=unconfined_u:system_r:httpd_t:s0

  Was caused by:
Missing type enforcement (TE) allow rule.

You can use audit2allow to generate a loadable module 
to allow this access.


---

Which does seem to confirm that something is wrong between httpd and fping.

I then ran audit2allow -M fping-httpd  audit2allow which did create 
both the .te and .pp files. The issue is that inside the .te file, I 
have a warning saying that the rules already exists! Which does make 
sense since I had to allow those particular function for the Mysql

connection to function properly.

---
.te file :

module fping-httpd 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket create;
}

#= httpd_t ==

# This avc is allowed in the current policy
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket create;

---

Is the Missing type enforcement related to all of this? I really don't 
want to disable SELinux and would rather learn to actually use it properly.


Thank you!


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 6.5 - Fping - SE Linux - Missing type enforcement (TE) allow rule

2014-10-25 Thread admin

I've just recreated the module and enabled it, yet I can't seem to allow 
fping to be used by the httpd process. It seems that the last error was 
just a byproduct of a bad module I had not properly removed. Are there 
any additional troubleshooting steps I could try?


What I've done so far :

1) grep fping /var/log/audit/audit.log | audit2allow -M observium_fping
2) semodule -i observium_fping.pp

3) semodule -l | grep fping
**
fping   1.0
observium_fping 1.0
**

4) cat /var/log/audit/audit.log | grep fping

type=AVC msg=audit(1414295291.964:357): avc:  denied  { create } for  
pid=5283 comm=fping scontext=unconfined_u:system_r:httpd_t:s0 
tcontext=unconfined_u:system_r:httpd_t:s0 tclass=rawip_socket
type=SYSCALL msg=audit(1414295291.964:357): arch=c03e syscall=41 
success=no exit=-13 a0=2 a1=3 a2=1 a3=7fff871b1790 items=0 ppid=5282 
pid=5283 auid=500 uid=48 gid=48 euid=0 suid=0 fsuid=0 egid=48 sgid=48 
fsgid=48 tty=(none) ses=1 comm=fping exe=/usr/sbin/fping 
subj=unconfined_u:system_r:httpd_t:s0 key=(null)




On 10/25/2014 8:30 PM, Greg Lindahl wrote:

On Sat, Oct 25, 2014 at 04:22:38PM -0400, admin wrote:


# This avc is allowed in the current policy
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket create;

This confusing output means that the first allow line is in the
current policy, and the second is not.

-- greg


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] Preferred method of provisioning VM images

2014-06-12 Thread NightLightHosts Admin

The world needs documentation bounties.


On Thu, Jun 12, 2014 at 4:30 PM, Peter pe...@pajamian.dhs.org wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 On 06/13/2014 03:47 AM, Dario Faggioli wrote:
  If you're up for it, Xen wiki will be glad to host it! :-P

 I would love to do a writeup on this, but my time is extremely limited
 right now.  I'll see what I can do.


 Peter
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1
 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

 iQEcBAEBAgAGBQJTmg3YAAoJEAUijw0EjkDvHKoH/RTd1myCecNTYALvO8l7nRo/
 pDjImHlWaT1N5RUODIkZ66EeGF1BJYPaGMrmmjR9R7GGycUkp1eBG3kkGBc1tyMi
 Hhd9ZjQUvc5IH2BPh2ik8tCom4d6V2+KMEr1ZpYXfYCMi92HaB23xo52x5PKO4pc
 4+PJSBe4Dq/UuBtHHyIbRL9WYXLlCybLPVAyQt65pKNyJduwt6M2yJgeRLFB4Iz+
 clQ47+roC7UGEpbo6pxjEnU76/WYwZRFefbiBrl4i3Fpl6sWlwBuPH1zyYup3Cwa
 0NSJcB6q0rulOcU24OQSWB3O2SpGXOn2WjcmmZQpBZphviMBPOUJeOSAHGU4e6Q=
 =xjTL
 -END PGP SIGNATURE-
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Finally switching from Xen to KVM - question about networking

2014-06-11 Thread NightLightHosts Admin

Do you have the proper gateway/route configured on the VM?

On Wed, Jun 11, 2014 at 9:50 AM, Steve Campbell campb...@cnpapers.com wrote:

On 6/10/2014 4:00 PM, Zoltan Frombach wrote:

On 6/10/2014 9:51 PM, Steve Campbell wrote:
On 6/10/2014 3:38 PM, Zoltan Frombach wrote:
On 6/10/2014 9:27 PM, Steve Campbell wrote:
On 6/10/2014 3:09 PM, Zoltan Frombach wrote:
Steve,

Try the following config.

On your host:

/etc/sysconfig/network-scripts/ifcfg-eth0:

DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Ethernet
HWADDR=xx:xx:xx:xx:xx:xx- put your physical NIC's MAC address
here
BRIDGE=br0
USERCTL=no
IPV6INIT=no
IPV6_AUTOCONF=no

/etc/sysconfig/network-scripts/ifcfg-br0:

DEVICE=br0
BOOTPROTO=static
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Bridge
IPADDR=10.0.5.16
NETMASK=255.255.255.0 - you may need to adjust this to your
network
GATEWAY=10.0.5.1
DNS1=8.8.8.8
DNS2=8.8.4.4
PEERDNS=yes
DELAY=0
STP=off
USERCTL=no
IPV6INIT=no
IPV6_AUTOCONF=no

Restart networking on the host.

Then inside you VM:

/etc/sysconfig/network-scripts/ifcfg-eth0:

DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Ethernet
HWADDR=xx:xx:xx:xx:xx:xx- it must be a unique MAC address for
your VM
IPADDR=10.0.5.17
NETMASK=255.255.255.0 - you may need to adjust this to your
network
GATEWAY=10.0.5.1
DNS1=8.8.8.8
DNS2=8.8.4.4
PEERDNS=yes
USERCTL=no
IPV6INIT=no
IPV6_AUTOCONF=no

Then in Virtual Machine Manager make sure that your VM's NIC is
connected to the br0 bridge, like this:

Network Source: Specify shared device name
Bridge Name: br0

On 6/10/2014 8:16 PM, Steve Campbell wrote:
On 6/10/2014 12:43 PM, Digimer wrote:
On 10/06/14 12:38 PM, Steve Campbell wrote:
On 6/10/2014 12:05 PM, Digimer wrote:
On 10/06/14 11:46 AM, Steve Campbell wrote:
On 6/10/2014 10:46 AM, Digimer wrote:
On 10/06/14 10:03 AM, Steve Campbell wrote:
I had so much trouble putting Centos 6 guest VMs on a Centos 5
host
that
I finally switched to a Centos 6 host.

I've not needed more that test VMs, so I've used Virtual
Machine
Manager
on the old system, which worked pretty well, so I decided to
create my
first KVM guest machine. I noticed when I created it, I only
had the
options of NAT for my network interface, so I used that
(obvious).

Well, after starting the VM, I find I don't have connectivity
with
that
interface. Reading, I find examples where I need to create
bridges
perhaps. Xen did most of this for me, so it's a little new to
me.

Can anyone throw me a clue, please?

steve campbell
Setting up a bridge is not that hard, and it will give your VMs
direct
access to the outside world, and host - VM access just
fine as
well.

Here is a link showing how to setup a bridge connected to a
bond
device. Ignore the bond and pretend it is a straight ethX
device:

https://alteeve.ca/w/AN!Cluster_Tutorial_2#Configuring_our_Bridge.2C_Bonds_and_Interfaces

The host has a device named virbr0 that is installed during
system
installation. It also has a network device vnet0. There are no
files in
/etc/sysconfig/network-scripts for these.

Shouldn't I be able to use the virbr0 virtual bridge for this?
I've
tried setting up the VM's device with all of the options that is
listed,
but to no avail.

Should I need to set up another bridge for this?

And thanks for the link.

steve
virbr0 is created and managed by libvirtd. If you open Virtual
Machine
Manager, connect to localhost and then double-click on
'localhost',
you will see a tab for creating/managing bridges (NAT'ed,
generally).
I disable 'virbr0' as NAT'ing is generally not what I want.

The 'vnetX' devices are dynamically created to link a VM's
interface
to a bridge. Think of them as virtual network cables. They get
created
and destroyed as needed.

Sorry, but I'm confused:

My host server has a real NIC and IP address with a real
gateway to
the
outside:
virtbr0 IP: 192.168.122.1
Host IP: 10.0.5.16
Gateway IP: 10.0.5.1
on eth0 and this works

My VM server has all fake stuff currently:
Host IP: 10.0.5.17
Gateway IP: 10.0.5.1
on eth0 and this is like NIC without a cable.

So I need to create a bridge device on both the host and VM (lets
say I
name it br1). I change the eth0 config file on both host and VM to
point
to br1 and give the br1 config file on both host and VM the
correct
IP.
But won't this just let the two talk to each other. How will
the VM
server get outside?

steve
The bridge is created only on the host. Think of the bridge as
being
like a virtual switch. When a VM is created, you tell it to
connect to
the bridge, similar to how you would plug a physical wire into a
real
switch. That provides the link to the network, and then you
configure
the virtual server's network just as if it was a real network.

On the host, you don't set the IP on the ethX device, instead you
tell
ethX to connect to the bridge

Re: [CentOS-virt] Problem with X on VM

2014-06-09 Thread NightLightHosts Admin

What vnc are you using?

On Mon, Jun 9, 2014 at 9:40 AM, Steve Campbell campb...@cnpapers.com wrote:
 I've got a Centos 5 server with Xen installed. I'm trying to install a
 Centos 6.5 VM on it but once all is installed, the X window will not
 sync or display. I think I understand that it's probably due to the
 settings on the vnc stuff. I've got Centos 6.2 VMs that act just fine.

 Is there a way I can modify the VM's screen settings either during
 installation or after installation?

 Hope that makes sense. Thanks

 steve campbell
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Xen DomU supoprt in RHEL 7 and the CentOS Plan

2014-05-23 Thread NightLightHosts Admin

+3 XEN!

On Fri, May 23, 2014 at 3:56 AM, O'Reilly, Dan daniel.orei...@dish.com wrote:
 +2

 -Original Message-
 From: centos-virt-boun...@centos.org [mailto:centos-virt-boun...@centos.org] 
 On Behalf Of Antony Messerli
 Sent: Friday, May 23, 2014 7:49 AM
 To: centos-virt@centos.org
 Subject: Re: [CentOS-virt] Xen DomU supoprt in RHEL 7 and the CentOS Plan

 +1 on Xen support, I haven't had time to test on RHEL yet or poke around in 
 the kernel yet, but has all of the Xen support been removed from the kernel?

 Ant

 On May 23, 2014, at 8:31 AM, Kai Schaetzl mailli...@conactive.com wrote:

 Karanbir Singh wrote on Fri, 23 May 2014 13:19:45 +0100:

 so far, in rhel7rc its pretty clear that Xen instances ( domUs ) are
 not going to boot with the RHEL7rc kernel.

 What a pity. Not to mention Dom0.

 Wondering if someone has looked into what the challenges might be to
 enable this support, and then what the options are to deliver this support ?

 I'm sorry, I haven't yet, not even tested RHEL7rc. I just want to
 raise my hand and say, yes, I would like to have xen support if you
 can make it happen without too many hooplas. But I won't be able to help 
 much.

 Kai

 --
 Get your web at Conactive Internet Services: http://www.conactive.com

 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Xen and Centos 6.5

2014-05-22 Thread NightLightHosts Admin

I used it and it works great.  From what I remember I have to check
sometimes that the xen kernel is still default.  There is also a work
around for something but I need to access my local at home docs for
the info.



On Thu, May 22, 2014 at 12:18 PM, Carlos Vasquez
cvasq...@scratchspace.com wrote:
 On 5/22/2014 9:11 AM, Steve Campbell wrote:
 What exactly is the status of Xen and Centos 6.5?

 Is it available to install and run on production machines?

 I find a lot of how-to methods for installation on google, but is there
 a standard recommended way to install this according to the Centos folk?

 steve campbell

 Steve,
 I believe this is the currently recommended method:

 http://wiki.centos.org/HowTos/Xen/Xen4QuickStart

 --

 Regards,
Carlos

 -
 Carlos Vasquez
 Tech Support
 ScratchSpace, Inc.
 http://www.scratchspace.com/

 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

[CentOS-virt] Hey

2014-01-28 Thread NightLightHosts Admin

Just want to let you guys know that, although it may have been around
for a bit, bringing Xen back to CentOS is awesome and I really
appreciate it.  I was very disappointed when RedHat dropped support as
Xen is awesome.

Thanks for the effort!
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] Hey

2014-01-28 Thread NightLightHosts Admin

I have used xen over kvm and others for a while.  It was what I just
started using first years ago.  With Xen I could manage domains and my
system seemed like a real server.  KVM just seemed like a command line
trick to me.  (I know it is not especially since its integration into
the kernel.)

xenserver is pretty sweet and there are some big products built around
it.  Citrix loves it too.  OpenStack is neat:
http://www.xenproject.org/presentations-and-videos/video/xpus13-rackspace.html

I was disappointed when redhat dropped xen :/  I mean now there is an
entire project around keeping xen on centos, etc.  This one.

In the end xen just seemed more strait forward.
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] Cambiar nombre al host sin reiniciar el sistema

2014-01-26 Thread admin

Aslo need restart your log daemon.

/etc/init.d/rsyslog restart

Thanks


Mauricio Tavares писал 26-01-2014 17:14:
 On Sun, Jan 26, 2014 at 10:09 AM, Always Learning 
 cen...@u62.u22.net wrote:
 Using: From translate.google.com

 Rodrigo Pichiñual Norin rodrigo.pichin...@gmail.com

 Hello everyone:

 I want to change the name of my host, but without reboot

 1) edit / etc / sysconfig / network

 HOSTNAME = name_hostname

   I believe that is the FQDN

 2) edit / etc / hosts

   192.168.x.x name_hostname


 I know the restart rename but my point is not to restart the
 server.

After you do all that, type

 hostname name_hostname

 test then by doing

 hostname -f
 hostname -s

 man hostname should provide more info.

 can??


 thanks

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kernel autoconfigure ?

2012-03-27 Thread admin lewis

2012/3/27 Johnny Hughes joh...@centos.org:
 On 03/26/2012 04:45 PM, admin lewis wrote:
 Anyone know if there is a kernel autoconfigure tool to compile from source ?
 thanks
 luigi

 What are you trying to accomplish.


Simply I want enable grsecurity. I downloaded vanilla kernel and
grsecurity patch but I dont want reconfigure every kernel options..
because it's too long read and understand every feature of the kernel.
Also I want disable all modules I dont need. Finally I dont want
initrd.
Thanks very much for any help
luigi


-- 
Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] kernel autoconfigure ?

2012-03-26 Thread admin lewis

Anyone know if there is a kernel autoconfigure tool to compile from source ?
thanks
luigi


-- 
Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 6.2 install some problems

2012-02-28 Thread admin lewis

Hi,
I have reinstalled centos 6.2 x86_64 because it seems there is not xfs
mod on i386.
But i have found an orther problem. After the partitioning there is
not any prompt to choice the type of server I want (minimal, web etc)
So now I have a desktop installation...
I want to remove xorg, gnome etc..
and an other bug.. i am unable to setup Eth interface ... with
system-config-network-tui i cant see any eth..
I have 4 NIC.. and all works well..
cheers
luigi


-- 
Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] XFS on Centos 6.2 ?

2012-02-27 Thread admin lewis

Hi,
I need of to mount an XFS partition on Centos 6.2 .. but I cant find
the kernel module..
it that true the xfs is available only under x86_64 ?

-- 
Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Secure a python http server

2011-08-30 Thread admin lewis

Hi,
I want to make secure my python http server.. what should i use ?
chroot ? there are something more secure ?
On my centos server I've SE enabled..then .. sandboxing ?
Thanks very much
lewis


-- 
Linux and Windows 2003/2008 Server.
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Secure a python http server

2011-08-30 Thread admin lewis

2011/8/30 Steven Crothers steven.croth...@gmail.com:
 You wrote the application... nobody can tell you how to secure code they've
 never seen.

 On Tue, Aug 30, 2011 at 1:16 PM, admin lewis adminle...@gmail.com wrote:

 Hi,
 I want to make secure my python http server.. what should i use ?
 chroot ? there are something more secure ?
 On my centos server I've SE enabled..then .. sandboxing ?

http://mapproxy.org/

that's it..
lewis



-- 
Linux Server, Microsfot Windows 2003/2008 Server, Exchange 2007
http://predellino.blogspot.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] initial page for 6.0 RN

2011-06-23 Thread Lucas do Amaral - Linux Sys. Admin (IFCE)

Exept I cant create a new page ;/

You are not allowed to edit this page.


I've tried to follow the pattern and user this url:
http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0/BrazilianPortuguese?action=edit

On Wed, Jun 22, 2011 at 5:17 PM, Manuel Wolfshant
wo...@nobugconsulting.rowrote:

 On 06/22/2011 06:40 PM, Lucas do Amaral - Linux Sys. Admin (IFCE) wrote:
  Can I translate to PT-BR ? :D
 Why not? We welcome translators.


 
  On Wed, Jun 22, 2011 at 12:37 PM, Ricardo David Carrillo Sanchez
  dominus@gmail.com mailto:dominus@gmail.com wrote:
 
  Thank's
 
  Saludos
  --
 
  Ricardo David Carrillo Sánchez
  Administrador de Sistemas
  Analista de Seguridad Informática
  PGP/GPG key fingerprint: 7AD4 6D7B A09B C010 8445  31F4 92C2 DDFA
  2DA0 E376
  PGP/GPG public key: https://insecure-it.com.mx/keys/dominus.ceo.asc
 
 
 
  On Wed, Jun 22, 2011 at 10:36 AM, Akemi Yagi amy...@gmail.com
  mailto:amy...@gmail.com wrote:
 
  On Wed, Jun 22, 2011 at 8:33 AM, Ricardo David Carrillo Sanchez
  dominus@gmail.com mailto:dominus@gmail.com wrote:
  
   Hi,
   Could you send the link to see the Release Notes ..? or wiki
  section
 
  Here:
 
  http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0
 


 ___
 CentOS-docs mailing list
 CentOS-docs@centos.org
 http://lists.centos.org/mailman/listinfo/centos-docs




-- 
--
Atenciosamente,
Lucas do Amaral Saboya
CV/Resume: PT-BR http://dl.dropbox.com/u/2179889/cv%28pt-br%29.pdf
EN-UShttp://dl.dropbox.com/u/2179889/cv%28en-us%29.pdf

Administrador de Sistemas Linux
Instituto Federal de Educação, Ciência e Tecnologia do Ceará - IFCE
Diretoria de gestão da Tecnologia da Informação
===
*Linux System Administrator
Federal Institute of Ceará
Board of Management of Information Technology*
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-docs] Permission to create an article on wiki.centos.org

2011-06-23 Thread Lucas do Amaral - Linux Sys. Admin (IFCE)

   -

   Your FirstnameLastname username;
   LucasSaboya
-

   The proposed subject of your Wiki contribution(s);
   translate the release notes and some other stuff to brazilian portuguese
   - The proposed location of your Wiki contribution(s)
   At this point, just the release notes section, but later on, the howto
   section and some other stuff..



-- 
--
Atenciosamente,
Lucas do Amaral Saboya
CV/Resume: PT-BR http://dl.dropbox.com/u/2179889/cv%28pt-br%29.pdf
EN-UShttp://dl.dropbox.com/u/2179889/cv%28en-us%29.pdf

Administrador de Sistemas Linux
Instituto Federal de Educação, Ciência e Tecnologia do Ceará - IFCE
Diretoria de gestão da Tecnologia da Informação
===
*Linux System Administrator
Federal Institute of Ceará
Board of Management of Information Technology*
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] initial page for 6.0 RN

2011-06-23 Thread Lucas do Amaral - Linux Sys. Admin (IFCE)

http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0/BrazilianPortuguese?action=show
and we're done :)

On Thu, Jun 23, 2011 at 4:42 PM, Manuel Wolfshant
wo...@nobugconsulting.rowrote:

 On 06/23/2011 07:28 PM, Markus Falb wrote:
  On 18.6.2011 20:19, Manuel Wolfshant wrote:
  Hello
 
I've created the first version of the ReleaseNotes page for CentOS
  6.0 in the wiki. As usual, corrections / additions / translations are
  welcome.
  I found one minor issue
 
  In section 2. Introduction
 
  Welcome to the CentOS 6.0 release. CentOS is an Enterprise-class Linux
  Distribution derived from sources freely provided to the public by our
  Upstream OS Provider (UOP)[1].
 
  The footnote [1] is missing.
 Hello

 thank you for notifying us. I fixed it

 Manuel
 ___
 CentOS-docs mailing list
 CentOS-docs@centos.org
 http://lists.centos.org/mailman/listinfo/centos-docs




-- 
--
Atenciosamente,
Lucas do Amaral Saboya
CV/Resume: PT-BR http://dl.dropbox.com/u/2179889/cv%28pt-br%29.pdf
EN-UShttp://dl.dropbox.com/u/2179889/cv%28en-us%29.pdf

Administrador de Sistemas Linux
Instituto Federal de Educação, Ciência e Tecnologia do Ceará - IFCE
Diretoria de gestão da Tecnologia da Informação
===
*Linux System Administrator
Federal Institute of Ceará
Board of Management of Information Technology*
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] initial page for 6.0 RN

2011-06-22 Thread Lucas do Amaral - Linux Sys. Admin (IFCE)

Can I translate to PT-BR ? :D

On Wed, Jun 22, 2011 at 12:37 PM, Ricardo David Carrillo Sanchez 
dominus@gmail.com wrote:

 Thank's

 Saludos
 --

 Ricardo David Carrillo Sánchez
 Administrador de Sistemas
 Analista de Seguridad Informática
 PGP/GPG key fingerprint: 7AD4 6D7B A09B C010 8445  31F4 92C2 DDFA 2DA0 E376
 PGP/GPG public key: https://insecure-it.com.mx/keys/dominus.ceo.asc



 On Wed, Jun 22, 2011 at 10:36 AM, Akemi Yagi amy...@gmail.com wrote:

 On Wed, Jun 22, 2011 at 8:33 AM, Ricardo David Carrillo Sanchez
 dominus@gmail.com wrote:
 
  Hi,
  Could you send the link to see the Release Notes ..? or wiki section

 Here:

 http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0
 ___
 CentOS-docs mailing list
 CentOS-docs@centos.org
 http://lists.centos.org/mailman/listinfo/centos-docs



 ___
 CentOS-docs mailing list
 CentOS-docs@centos.org
 http://lists.centos.org/mailman/listinfo/centos-docs




-- 
--
Atenciosamente,
Lucas do Amaral Saboya
CV/Resume: PT-BR http://dl.dropbox.com/u/2179889/cv%28pt-br%29.pdf
EN-UShttp://dl.dropbox.com/u/2179889/cv%28en-us%29.pdf

Administrador de Sistemas Linux
Instituto Federal de Educação, Ciência e Tecnologia do Ceará - IFCE
Diretoria de gestão da Tecnologia da Informação
===
*Linux System Administrator
Federal Institute of Ceará
Board of Management of Information Technology*
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS] [OT] ups advice

2011-04-15 Thread admin lewis

2011/4/14 John R Pierce pie...@hogranch.com:
 On 04/14/11 9:06 AM, admin lewis wrote:
 Hi
 I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by
 apc... anyone could help me giving an hint ?
 a simple smart ups 1000 could be enough ?



 apc smartups or eaton powerware woudl be my choices.    1000VA should be
 fine.

 avoid consumer UPS's like apc backups, they are junk.


 how long do you need the system to stay powered when the power fails?
 just long enough to shutdown?  or do you need it to stay up for some
 period of time?



Few minutes... 10 minutes should be enough.. and then shutdown the machine ..
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] [OT] ups advice

2011-04-14 Thread admin lewis

Hi
I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by
apc... anyone could help me giving an hint ?
a simple smart ups 1000 could be enough ?

thx so much!!

lewis.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] ups advice

2011-04-14 Thread admin lewis

2011/4/14 Bowie Bailey bowie_bai...@buc.com:
 On 4/14/2011 12:06 PM, admin lewis wrote:
 Hi
 I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by
 apc... anyone could help me giving an hint ?
 a simple smart ups 1000 could be enough ?

 APC's website has a UPS Selector feature that will recommend a UPS
 based on your equipment.

 --
 Bowie


I take a APC Smart-UPS 1000VA LCD 230V
It seems good a enough to give 15-20 minutes of power to my server.
very very thanks for your simple but very useful hint.
lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Rules for port forwarding

2011-03-29 Thread admin lewis

Hi,
does anyone remember the rules for port forwarding ?
the followings does not work:
iptables -A FORWARD -i eth0 -o eth1 -p tcp –dport 80 -j ACCEPT
iptables -A PREROUTING -t nat -p tcp -i eth0 –dport 80 -j DNAT –to
192.168.20.1:80

thx lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Install on Dell PowerEdge T310

2011-03-24 Thread admin lewis

2011/3/24 Alexander Dalloz ad+li...@uni-x.org:
 Am 23.03.2011 19:33, schrieb admin lewis:

 Thanks very much to all, now I have understood..
 anyway it's a perc s300.. I see I can make a virtual disk read-only...
 very interesting.. well .. to have a /boot partition read-only is a
 non-sense...
 thanks to all again... someone has told google is your friend ..
 ..but I say  I prefer human friend..
 :-)

 https://access.redhat.com/kb/docs/DOC-19840


yep, after I created the array, centos cant see any disk... :-(
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Install on Dell PowerEdge T310

2011-03-23 Thread admin lewis

Hi,
this is the first time I install linux on a dell server. Simply I
booted from a centos 5.5 x64 dvd but I cant see the disks.. is there
something I miss ?
thanks very much for any help
luigi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Install on Dell PowerEdge T310

2011-03-23 Thread admin lewis

2011/3/23 John R Pierce pie...@hogranch.com:
 On 03/23/11 10:40 AM, admin lewis wrote:
 Hi,
 this is the first time I install linux on a dell server. Simply I
 booted from a centos 5.5 x64 dvd but I cant see the disks.. is there
 something I miss ?

 does that system have some form of PERC raid controller?  you need to go
 into the PERC Bios (or use Dell's utility disk and the raid
 configuratator) and define whatever level of hardware raid you want,
 creating logical volumes that your OS will see as 'disks'.



Thanks very much to all, now I have understood..
anyway it's a perc s300.. I see I can make a virtual disk read-only...
very interesting.. well .. to have a /boot partition read-only is a
non-sense...
thanks to all again... someone has told google is your friend ..
..but I say  I prefer human friend..
:-)



-- 
Admin Lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] tcpdump; how to dump all

2011-01-14 Thread admin lewis

Hi,
My server is connected to the lan and when I run tcpdump I see few packets
captured but lots packets received by filter.
How can I dump every packets received by filter ?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to set ACLs on windows share

2010-10-27 Thread admin lewis

2010/10/26 Miguel Medalha miguelmeda...@sapo.pt


  I have to get/set acls on a windows share by script.
 I can mount the windows share by mount.cifs but I don't know how to
 set/get acls... anyone could help me ?
 thx so much.


 You would benefit from posing this question to the Samba mailing list:

 sa...@lists.samba.org

 Do you want to set the ACLs from the Windows side or from the Unix server
 side?

 What do you use to store ACLs? Linux ACLs? A Samba VFS module?



Hi, I found the solution... smbcacls ...
anyway... I have a linux client and I want to get/set acls on a windows
share, by script.
anyway
thx.
bye
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] how to set ACLs on windows share

2010-10-26 Thread admin lewis

Hi,
I have to get/set acls on a windows share by script.
I can mount the windows share by mount.cifs but I don't know how to set/get
acls... anyone could help me ?
thx so much.

-- 
Admin Lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] temp dir, httpd and selinux

2010-10-21 Thread admin lewis

Hi,
I have a php software installed on a centos server with selinux
enforced activeted.
The php software (glpi -- http://www.glpi-project.org) have a plugin
that must write on a temp dir... but selinux dont give access to that
dir to write.
How should i do ?
lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Net CD/DVD writer

2010-10-20 Thread admin lewis

Hi,
i'm looking for a net cd writer software. I've found webcdwriter
(http://joerghaeger.de/webCDwriter/) but it seems not more upgraded.
Anyone know something else ?
thx lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Partitioning production server

2010-08-31 Thread admin lewis

Hi,
I have to install a production server with postgresql.. with few hundreds of
MB (2-300)
would u advice me to partitioning the disk ?
The server will be under vmware environment with SAN as storage.


-- 
--
Lewis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apparent BIND problem doing RBL lookups for Postfix

2010-04-15 Thread sys Admin

What happens if you change your resolv.conf to google's dns ?


On 4/15/10, Nataraj incoming-cen...@rjl.com wrote:
 listserv.traf...@sloop.net wrote:
 Check out the following bug report. I would also look at other bind bug
 reports. My sense is that redhat has deviated quite a bite from the ISC
 version of bind. In particular I believe that they disabled or otherwise
 modified the caching behavior back about 6-8 months ago when there were
 major security issues with bind. I have felt that my Red Hat/Centos name
 servers have not worked as well as Fedora or ISC bind name servers since
 this time. You might try installing ISC bind and see if that solves your
 problem.



 https://bugzilla.redhat.com/show_bug.cgi?id=553334



 Nataraj


 Interesting - though in our case it's failing long before a few
 million lookups. I don't much relish compiling ISC versions to run on
 my box - the security implications and other hassles don't seem
 trivial. [We don't allow external [the world] lookups - just local
 trusted users, but that only mitigates some of the security concerns.]

 Perhaps it's possible to use an older version that's security
 patched. Ugh.

 Though I have not done it in a while, It's not a big deal to build ISC
 bind.  If you have compilers installed, you untar it and run make or
 make install, maybe setting up the path for installation.  With the
 security issues today, I often run a separate system for name servers
 (actually I use virtual machines).  In fact, mostly I setup both an
 internal and a external nameserver where the internal one forwards
 queries to the external one so it never receives packets from the
 Internet.   So the internal one could be on your mail server and the
 external one could be a seperate box.  For test purposes, you could try
 ISC bind on any old box just to determine if it solves the problem.

 Alternatively, if the problem is urgent I guess you could buy a red hat
 license and try to get them to up the priority on resolving this.   If
 you have the time and skills, you could install a debug compiled version
 of CentOS bind and try to either debug it or capture a dump of it when
 it breaks and submit that to developers.

 I don't think running ISC bind for a short time is a major risk.  It's
 quite widely deployed in the field.

 Nataraj

 -Greg

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos


 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos


-- 
Sent from my mobile device
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

Hi,

 Split the TEXT/BLOB data out of the primary table into tables of their
 own indexed to the primary table by it's key column.

This is part of what I was planning to do, there are a lot of stuff I
am planning to split out into their own tables with reference key. The
problem is I'm unsure whether the added overheads of joins would
negate the IO benefits hence trying to figure out more about how
Centos/Linux does the caching.

 Think about distributing the parts to different boxes as necessary.
 You can start with the DBMS which is the logical candidate.

Eventually I figured that would probably have to be done but I don't
know enough at this point. So I'm taking the approach of optimizing
stage by stage starting with things I'm more familiar with and less
likely to muck up totally, i.e.from the app/script side first. Then
after getting more familiar with the setup, experiment with the
hardware based solutions.


 On the DBMS backend, give it plenty of memory, good storage for the
 workload and good networking.

Again problem is old server so memory is maxed, drives controller is
probably not helping.

 On the Apache/PHP side, look for a good DBMS inter-connect and some
 PHP caching module and of course enough CPU for the PHP code and
 network for Apache+DBMS inter-connect.

 If you wanted to split it up even more you could look into some sort
 of PHP distributed cache/processing system and have PHP processed
 behind Apache.

Thanks for the heads up, I didn't realize it was possible to separate
the PHP processing from Apache itself. However, for the time being,
I'm probably still limited to a single server situation so will keep
this in mind for future.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

Hi,


 I believe the OP said he was running postgresql.


 Quoted from OPs previous mail hes not sure lol

 The web application is written in PHP and runs off MySQL and/or
 Postgresql.

 Ah, well #1 on his list then is to figure out what he is running!

LOL, I know it sounds quite noobish, coming across like I've no idea
what DBMS it is running on. The system currently runs on MySQL but
part of my update requirement was to decouple the DBMS so that we can
make an eventual switch to postgresql.

Hence the solution cannot be dependent on some specific MySQL functionality.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

MySQL's acquisition was one of the factor, the client wants to keep
everything on the opensource side as far as possible.

On the technical side, all tables are using the InnoDB engine because
myISAM doesn't support either. Also previously during development, it
was discovered that on some particular application/function, MyISAM
caused a heavy load that went away after switching to InnoDB.

Also, as part of my idea was to subsequently put the tables on
different disks for better improvement. Postgresql supports that while
MySQL appears to require all the tables remain on the same filesystem.

There were other considerations that was discussed internally
previously but without digging up docs, off hand, these are the key
factors I can recall that drove the decision to eventually replace
MySQL with Postgresql.


On 1/27/10, Chan Chung Hang Christopher
christopher.c...@bradbury.edu.hk wrote:

 Ah, well #1 on his list then is to figure out what he is running!

 LOL, I know it sounds quite noobish, coming across like I've no idea
 what DBMS it is running on. The system currently runs on MySQL but
 part of my update requirement was to decouple the DBMS so that we can
 make an eventual switch to postgresql.

 Hence the solution cannot be dependent on some specific MySQL
 functionality.


 mysql's isam tables have a reputation for surviving just about anything
 and great builtin replication support...

 postgresql less so (I suspect due to fake fsync/fsyncdata in the days
 before barriers) but maybe things have improved a lot nowadays.

 Why are you switching?
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

Hi,

On 1/27/10, Ross Walker rswwal...@gmail.com wrote:

 But if your doing mysql on top of LVM your basically doing the same,
 cause LVM (other then current kernels) doesn't support barriers.

 Still if you have a battery backed write-caching controller that
 negates the fsync risk, LVM or not, mysql or postgresql.

This is a bit of a surpise. Am I understanding correctly that running
postgresql or mysql on top of LVM negates any data reliability
measures the DBMS might have in the event of an unexpected shutdown?

I have several servers configured to run LVM on top of MD1 for the
convenience of being able to add more space to a volume in the future.
I didn't realize this was a reliability risk. :(
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

2010-01-25 Thread Noob Centos Admin

Hi,

 If you want a fast database forget about file system caching,
 use Direct I/O and put your memory to better use - application
 level caching.

The web application is written in PHP and runs off MySQL and/or
Postgresql. So I don't think I can access the raw disk data directly,
nor do I think it would be safe since that bypasses the DBMS's checks.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos/Linux Disk Caching, might be OT in some ways

2010-01-25 Thread Noob Centos Admin

Hi,

 20 feilds or columns is really nothing. BUT That's dependant on the type
 of data being inserted.

20 was an arbitary number :)

 Ok so break the one table down create 2 or more, then you will have
 Joins  clustered indexes thus slowing you down more possibly.  That
 is greatly dependant on your select, delete, and update scripts.

That was the reason the original develop gave for having these massive
rows! Admittedly it is easier to read but when each row also contains
text/blob fields, they tend to grow rather big. Some users have been
complaining the server seems to be getting sluggish so I'm trying to
plan ahead and make changes before it becomes a real problem.

 Possibly very correct, but Nate is very correct on how you are accessing
 the DB ie direct i/o also.  Your fastest access come in optimized SPROCS
 and Triggers and TSQL.  Slam enough memory into the server and load it
 in memory.

It's an old server with all slots populated so adding memory is not an
option. I thought of doing an image and porting it into a VM on a
newer/faster machine. But then at the rate this client's usage
growing, I foresee that as simply delaying the inevitable.


 If speed is what your after why are you worried about VFS?
 CentOS does support Raw Disk Access (no filesystem).

To be honest, I don't really care about VFS since I didn't know it
existed until I started looking up Linux file/disk caching :D

So I assumed that was what PHP and DBMS like MySQL/Postgresql would be
working through. It made sense since they wouldn't need to worry about
what filesystem was really used.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos/Linux Disk Caching, might be OT in some ways

2010-01-24 Thread Noob Centos Admin

I'm trying to optimize some database app running on a CentOS server
and wanted to confirm some things about the disk/file caching
mechanism.

From what I've read, Linux has a Virtual Filesystem layer that sits
between the physical file system and everything else. So no matter
what FS is used, applications are still addressing the VFS. Due to
this, disk caching is done on an inode/block basis.

I'm assuming that this is still the case in CentOS or am I badly mistaken?

If that is correct, then here is my scenario and hypothesis.

Assuming the server has xxx MB of free memory and the database consist
of several tables more than xxx MB in size. So no table will fit
entirely into memory. And assuming other processes do not interfere
with the caching behaviour or available memory etc.

Given the inode caching behaviour, if the DBMS only access a bunch of
inodes that total less than xxx MB, is it therefore likely to be
always using the cache, hence faster?

My thought is that if this is the case, then I could likely speed up
the application behaviour if I further split the tables into parts
that are more frequently accessed, and parts that are unlikely
touched.

e.g. the table may currently have rows with 20 fields and total
1KB/row, but very often say only 5/20 fields are used in actual
processing. Reading x rows from this table may access x inodes which
would not fit into the cache/memory.

However if now I break the table into two parts with those 5 fields
into a smaller table, there would be a speed increase since the
reading the same x rows from this table would only access 1/x inodes.
Further more, these would more likely fit into the disk/memory cache
for even faster access.

Or would I simply be duplicating what the DBMS's index files would
already be doing and therefore see no improvement?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Are SSD disks worth the cost for server usage?

2010-01-13 Thread Noob Centos Admin

Hi,

 - A: one is with 80 GB SSD (and 12 GB memory)
 http://www.ovh.co.uk/products/eg_ssd.xml
 - B: the other with 750 GB SATA2 (and 8 GB memory).
 http://www.ovh.co.uk/products/eg_best_of.xml

The Intel SSD are fast but have a history of firmware problems. So I
wouldn't suggest using them on a mission critical data. Personally I
think asking for more RAM on the SATA server would do more for
performance especially since you are going to be running several VM.

Just my noobish 2 cents' worth.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

Hi,

  since initially it seems like the high load may be due to I/O wait
 Maybe this will help you to identify the IO loading process:

  http://dag.wieers.com/blog/red-hat-backported-io-accounting-to-rhel5

Thanks for the suggestion, I did install dstat earlier while trying to
figure things out on my own. However, I think my kernel being the
older version does not support the latest feature the website was
pointing out. Given that it's a live server not within physical touch,
I'm a little wary of doing kernel updates that might just kill it :D

I'll try other methods first and see if they help, if not, I'll
probably have to bite the bullet and do it over a weekend where I get
more time to repair any inadvertent damage.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

 Hi,

 You should also try out atop instead of just using top.  The major
 advantage is that it gives you more information about the disk and
 network utilization.

Thanks for the tip, I tried it and if the red lines are any
indication, it seems that atop thinks my disks (md raid 1) are the
problem being busy over 60~70% of the time. However that is sort of
expected since most of the expected activity on the server is
smtp/pop3.

Unfortunately, I did not know about atop previously and don't have a
baseline to compare against :(
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

Hi,


 Dstat could at least tell you if your problem is CPU or I/O.

This was the result of running the following command which I obtained
from reading up about two weeks ago when I started trying to
investigate the abnormal server behaviour.

dstat -c --top-cpu -d --top-bio --top-latency
usr sys idl wai hiq siq|  cpu process   | read  writ| latency process
  4   1  93   2   0   0|mysqld   0.0|  80k   82k|khelper 8
 42  46   0  12   0   0|httpd 12| 648k0 |ksoftirqd/0   111
 26  37  12  26   0   0|httpd1.5| 520k   11M|ksoftirqd/175
 23  49   8  19   0   0|exim 1.0| 652k   16k|ksoftirqd/044
 26  44   3  28   0   0|exim 1.0| 652k 1296k|ksoftirqd/044
 32  41   4  23   0   0|exim 1.5| 620k   16k|ksoftirqd/050
 28  52   3  16   0   0|exim 1.5| 700k0 |ksoftirqd/147
 21  41  11  28   0   0|exim 1.0| 556k   11M|ksoftirqd/079
 27  46   3  24   0   0|exim 1.5| 684k   16k|ksoftirqd/140
 29  45   2  24   0   0|exim 1.0| 672k  944k|ksoftirqd/025
 28  33   3  37   0   0|httpd 14| 852k 5992k|ksoftirqd/139
 36  39   2  23   0   0|httpd5.0|1024k0 |ksoftirqd/084


 Even better, run

 vmstat 2 10

 Look at the first two columns.  What column have higher numbers?  If r,
 you're CPU-bound.  If b, you're I/O bound.

procs ---memory-- ---swap-- -io --system--
-cpu--
 r  b   swpd   free   buff  cache   si   sobibo   in   cs us sy id wa st
 8  1   3092 131460 100692 83366800402110  4  1 92  2  0
 9  1   3092 130708 100700 83501600   578   206  577 1420 32 50  3 15  0
 7  1   3092 128324 100716 83614800   546  2866  594 1465 31 44  7 18  0
 4  1   3092 126860 100724 83726800   540   256  596 1505 28 43  6 23  0
 7  2   3092 125600 100740 83856400   620   234  661 1442 30 41  2 26  0
 5  1   3092 124028 100756 83975200   570  2692  635 1430 24 45  6 25  0
 6  0   3092 122040 100784 84096400   584  1464  682 1434 27 44  2 28  0
 6  1   3092 120588 100792 84223200   602   278  624 1562 32 46  2 20  0
 2  3   3092 120556 100840 84306400   440  2908  603 1299 22 35  6 37  0
 3  1   3092 119832 100876 84408800   430  1104  605 1348 23 36  1 40  0

According to this, am I correct to conclude that I'm CPU bound and the
system is busy doing some unknown processing?

 Did you check if you have a defect disk or a rebuilding array?  That
 could be the cause.

I usually run a cat /proc/mdstat whenever I log into the server to
check my MD raid status. So far the array appears ok. There are no
disk warning when I run dmesg. smartctl also reports no error logged
and passed for both disks, although no self test was ran. Would I be
safe to conclude that the disks are OK and not part of the problem?

Thanks again to everybody for the suggestions and help so far.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

Hi,

 Yes, these figures indicate that you are fairly close to being cpu bound.

 What kind of filtering are you doing? If you have any connection
 tracking/state related rules set, you will need to be using a fair
 amount of cpu.

Initially, when the load start going up, I had thought the APF
filtering rules were the problem since the Indian fellow is still
hammering away at the server even now. However, I've since taken the
risk of turning off APF and rely on static iptables rules, which adds
up to less than one screenful on SSH.

I also thought it might had to do with exim/spamassassin but making a
few changes to reduce the number of emails that goes to spamd doesn't
seem to be helping much.

In fact as you can see from the stats, load has gone up even further
since. I've been averaging 10+ for the whole working day. At the
moment it's between 6 to 10 when it should be at 0.3 from past months
of logs.

This is despite the fact most of my clients should be out celebrating
New Year's Eve. From weeks of logs, the Indian spammer is also a very
punctual fellow who should have knock off work about 17 minutes ago.
So there shouldn't be any heavy 'known' activities on the server at
this point.

So I'm quite stumped as to what's chewing up the CPU cycles. I am also
starting to worry if the server's been compromised and is now doing
something I don't want it to be.

I'm probably going to shutdown the mail/httpd services after midnight
when the impact is the least and see how the server reacts for a
couple of minutes with everything else cut off.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

Hi,

 I do not know about now but I had to unload the modules in question.
 Just clearing the rules was not enough to ensure that the netfilter
 connection tracking modules were not using any cpu at all.

Thanks for pointing this out. Being a noob admin as my pseudonym
states, I'd assumed stopping apf and restarting iptables was
sufficient. I'll have to look up unloading module later.

 /me shrugs. When I was the mta admin at Outblaze Ltd. (messaging
 business now owned by IBM and called Lotus Live) spammers always ensured
 I got called. All they do is just press the big red button (aka start
 the script/system) and then go and play while I would have to deal with
 whatever was started.

Based on the almost precise timing of around 9:30 to 5:30 India time,
I'm inclined to think in my case it wasn't so much a spammer pressing
a red button but a compromised machine in an office starting up when
the user gets into office and knocks off on time at 5:30 :D

 I remember only one occasion when the spams were
 launched but neutralized very soon because they were pushing a website
 and I found a sample real early and so the anti spam system could just
 dump the spams and knock out accounts being used to send the crap.

Could I ask how do I knock out the accounts sending the crap if they
are not within my systems?

 First, try rmmod'ing the netfilter modules after you have cleared away
 the state related rules to make sure that you are only using static
 rules in netfilter...unless you have done that already..

I think I'm only using static rules because after I restart iptables,
I would then do a service iptables status to check my rules were in,
and that list was very short compared to when APF was active.

The good news is, I think I've fixed the big problem after doing my
shutdown tests and returned to the original problem.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

I initiated services shutdown as previously planned and once the
external services like exim, dovecot, httpd, crond (because it kept
restarting these services), the problem child stood out like a sore
thumb.

There was two exim instances that didn't go away despite service exim
stop. Once I killed these two PID, the load average started dropping
rapidly. After a minute or so, the server went back to a happy 0.2~0.3
load and disk activity became almost negligible.

I think these, orphaned? zombied?, exim instances were related to a
mail loop problem I discovered earlier today where one of my client on
holiday had a full mailbox and keep bouncing mails from a contact
whose site was suspended. Although I terminated that loop, it seemed
that exim had gotten those two instances stuck in limbo sucking up
processing power and hitting the disk somewhere unknown since they
weren't showing up in my exim logs.

After observing a while, I brought the services back and once exim got
started, my load went back to 2.x ~ 3.x. Unfortunately while I was
typing this email, I realize it didn't stop there. I'm up to 4.x ~ 5.x
load level by now.

So the application that is the cause of the load is definitely exim,
more specifically I think it's spam assassin because now that the mail
logs entries are slow, I can read the spamd details and mails are
taking between 3 to 8 seconds to be checked.

Thanks again to everybody who had offer suggestions and advice and do
have a Happy New Year :)


On 1/1/10, Noob Centos Admin centos.ad...@gmail.com wrote:
 Hi,

 I do not know about now but I had to unload the modules in question.
 Just clearing the rules was not enough to ensure that the netfilter
 connection tracking modules were not using any cpu at all.

 Thanks for pointing this out. Being a noob admin as my pseudonym
 states, I'd assumed stopping apf and restarting iptables was
 sufficient. I'll have to look up unloading module later.

 /me shrugs. When I was the mta admin at Outblaze Ltd. (messaging
 business now owned by IBM and called Lotus Live) spammers always ensured
 I got called. All they do is just press the big red button (aka start
 the script/system) and then go and play while I would have to deal with
 whatever was started.

 Based on the almost precise timing of around 9:30 to 5:30 India time,
 I'm inclined to think in my case it wasn't so much a spammer pressing
 a red button but a compromised machine in an office starting up when
 the user gets into office and knocks off on time at 5:30 :D

 I remember only one occasion when the spams were
 launched but neutralized very soon because they were pushing a website
 and I found a sample real early and so the anti spam system could just
 dump the spams and knock out accounts being used to send the crap.

 Could I ask how do I knock out the accounts sending the crap if they
 are not within my systems?

 First, try rmmod'ing the netfilter modules after you have cleared away
 the state related rules to make sure that you are only using static
 rules in netfilter...unless you have done that already..

 I think I'm only using static rules because after I restart iptables,
 I would then do a service iptables status to check my rules were in,
 and that list was very short compared to when APF was active.

 The good news is, I think I've fixed the big problem after doing my
 shutdown tests and returned to the original problem.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

Just an concluding update to anybody who might be interested :)

My apologies for blaming spamassassin in the earlier email. It was
taking so long because of the real problem.

Apparently the odd exim processes that was related to the mail loop
problem I nipped was still the culprit. I had overlooked the fact that
by the time I caught onto the mail loop issue, there were actually
hundreds if not thousands of bounced and rebounced messages in the
queue already. Attempting to deliver these messages queued before I
terminated the mail loop was what those exim processes were trying to
do.

This would had been ok if not for the other problem. The user
apparently went on 2 week vacation since 15th and thought it was a
good idea to enlarge his mailbox before doing so. So there was this
2.5GB mailbox choked full of both valid  rebounced mails, plus the
queue of more rebounced mails. So every time exim attempted to add the
queued mails to the user's account, the quota system rejected it. The
cpu load was probably due to this never ending ping pong match between
exim and the quota.

Yeah, I can't help but feel this must be such a noob mistake allowing
that to develop without realizing it.

Now that I've purged the queue of those bounced messages and other
housekeeping for that user, server load has finally gone back to the
expected sub 1.0 levels so I can finally go and enjoy my holiday :)



On 1/1/10, Noob Centos Admin centos.ad...@gmail.com wrote:
 I initiated services shutdown as previously planned and once the
 external services like exim, dovecot, httpd, crond (because it kept
 restarting these services), the problem child stood out like a sore
 thumb.

 There was two exim instances that didn't go away despite service exim
 stop. Once I killed these two PID, the load average started dropping
 rapidly. After a minute or so, the server went back to a happy 0.2~0.3
 load and disk activity became almost negligible.

 I think these, orphaned? zombied?, exim instances were related to a
 mail loop problem I discovered earlier today where one of my client on
 holiday had a full mailbox and keep bouncing mails from a contact
 whose site was suspended. Although I terminated that loop, it seemed
 that exim had gotten those two instances stuck in limbo sucking up
 processing power and hitting the disk somewhere unknown since they
 weren't showing up in my exim logs.

 After observing a while, I brought the services back and once exim got
 started, my load went back to 2.x ~ 3.x. Unfortunately while I was
 typing this email, I realize it didn't stop there. I'm up to 4.x ~ 5.x
 load level by now.

 So the application that is the cause of the load is definitely exim,
 more specifically I think it's spam assassin because now that the mail
 logs entries are slow, I can read the spamd details and mails are
 taking between 3 to 8 seconds to be checked.

 Thanks again to everybody who had offer suggestions and advice and do
 have a Happy New Year :)


 On 1/1/10, Noob Centos Admin centos.ad...@gmail.com wrote:
 Hi,

 I do not know about now but I had to unload the modules in question.
 Just clearing the rules was not enough to ensure that the netfilter
 connection tracking modules were not using any cpu at all.

 Thanks for pointing this out. Being a noob admin as my pseudonym
 states, I'd assumed stopping apf and restarting iptables was
 sufficient. I'll have to look up unloading module later.

 /me shrugs. When I was the mta admin at Outblaze Ltd. (messaging
 business now owned by IBM and called Lotus Live) spammers always ensured
 I got called. All they do is just press the big red button (aka start
 the script/system) and then go and play while I would have to deal with
 whatever was started.

 Based on the almost precise timing of around 9:30 to 5:30 India time,
 I'm inclined to think in my case it wasn't so much a spammer pressing
 a red button but a compromised machine in an office starting up when
 the user gets into office and knocks off on time at 5:30 :D

 I remember only one occasion when the spams were
 launched but neutralized very soon because they were pushing a website
 and I found a sample real early and so the anti spam system could just
 dump the spams and knock out accounts being used to send the crap.

 Could I ask how do I knock out the accounts sending the crap if they
 are not within my systems?

 First, try rmmod'ing the netfilter modules after you have cleared away
 the state related rules to make sure that you are only using static
 rules in netfilter...unless you have done that already..

 I think I'm only using static rules because after I restart iptables,
 I would then do a service iptables status to check my rules were in,
 and that list was very short compared to when APF was active.

 The good news is, I think I've fixed the big problem after doing my
 shutdown tests and returned to the original problem.


___
CentOS mailing list
CentOS@centos.org

Re: [CentOS] Find reason for heavy load

2009-12-29 Thread Noob Centos Admin

Hi,

 last time I saw something like that, it was a bunch of chinese 'bots'
 hammering on my public services like ssh.
another admin had turned
 pop3 on too, this created a very heavy load yet they didn't show up in
 top (bunches of pop3 and ssh processes showed up in ps -auxww,
 however, plug netstat -an

Unfortunately the server is meant for web/email purposes so I can't
turn off pop3/smtp. Naturally ps shows up a lot of httpd/mysql 
exim/dovecot processes but a cursory glance doesn't see any suspicious
IPs.

Similarly, I did a quick look at netstat -an and most of the IP are
from local ISP that my clients are using.

One thing that occurred to me is, does using iptables to block smtp
attempt uses more system resources as opposed to letting the bot
flood my smtp logs with pointless attempts? :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find reason for heavy load

2009-12-29 Thread Noob Centos Admin

Hi,

 Try blocking the IPs on the router and see if that helps.

Unfortunately the server's in a DC so the router is not under our control.

 You can also run iostat and look at the disk usage which also
 generates load.

I did try iostat and its iowait% did coincide with top's report, which
is basically in the low 1~2%.

However, iostat reports much lower %user and $system compared to top
running at the same time so I'm not quite sure if I can rely on its
figures.

 How many cores does your machine have? Load avg is calculated for a
 single core, so a quad core would reach 100% utilization at a load of
 4, but high iowaits can generate an artificially high load avg as well
 (and why one sees greater than 100% utilization).

It's a dual core that's why I was getting concerned since loads above
2.0 would imply the system's processing capacity was apparently maxed.
However, load and percentages don't add up.

For example, now I'm seeing
top - 14:04:30 up 171 days,  7:14,  1 user,  load average: 3.33, 3.97, 3.81
Tasks: 246 total,   2 running, 236 sleeping,   0 stopped,   8 zombie
Cpu(s): 13.3%us, 16.0%sy,  0.0%ni, 67.5%id,  3.0%wa,  0.0%hi,  0.2%si,  0.0%st

iostat
Linux 2.6.18-128.1.16.el5xen 12/30/2009
avg-cpu:  %user   %nice %system %iowait  %steal   %idle
   3.280.201.162.380.01   92.97


 I really wish load would be broken down as CPU/memory/disk instead of
 the ambiguous load avg, and show network read/write utilization in
 ifconfig.

Totally agreed. All the load number is doing is telling me something
is using up resources somewhere but not a single clue otherwise!
Confusing, frustrating and worrying at the same time :(
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] NIC traffic monitoring, recording and reporting software?

2009-07-16 Thread Noob Centos Admin

On Fri, Jul 17, 2009 at 12:07 AM, James B. Byrnebyrn...@harte-lyne.ca wrote:
 I have snmpd and mrtg running and reporting against my Cisco router.
  What I want to do is to configure snmp so that I can monitor
 network traffic across the host's own eth0 NIC.  Is this even
 possible for a generic NIC running on a x86_64 or i686 host?

Shouldn't be a problem since I was monitoring my server's own NIC
traffic and load with MRTG before it stopped working. If I'm not
mistaken, it's a matter of configuring snmp to check localhost in
addition to your router's IP.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-15 Thread Noob Centos Admin

Hi,
 well, i note there's a few versions of rrdtool in the various
 repositories.   the stock CentOS 5 version 9from upstream) is 1.2.30,
 while rpmforge has 1.3.7, also a seperate rrdutils package (I have no
 idea whats in it)

*sigh* The stuff of nightmares, I did have 1.3.7 installed after
checking. But searching on this direction finally yielded an important
piece of information. Somebody posted back in 2008 on a site to IGNORE
the jrrd problem because OpenNMS supposedly comes with some kind of
java rrd already installed (which begs the question of why then is the
jrrd step mentioned in the install guide).

So I went ahead with the install process which then complained that my
postgresql was the wrong version, i.e. 8.4 instead of max of 8.3, but
at least this time it kindly offered a -Q option to ignore the version
restrictions at my own risk.

I did. Then it was on to another problem, with OpenNMS dying on
startup due to port clash with DHCP. Fortunately again, this was noted
as something that happens quite often on Linux systems and a quick fix
was to simply comment out the dhcp configuration.

After that, it was just the usual matter of opening a port in iptables
for the opennms/tomcat and FINALLY something was working.

I'm crossing my fingers that ignoring the jrrd, ignoring the versions
and ignoring the dhcp monitor isn't going to bite me one of these
days. For now, ignorence is bliss :D
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-15 Thread Noob Centos Admin

Hi,

 java.  I don't remember seeing this problem when installing from the opennms 
 yum
 repository, though.

I didn't expect it either, honestly. In most cases, updates/installs
does go relatively painlessly if I don't mess up following
instructions/guides. In this case, I guess I just tripped up over the
unessential jrrd.

 Are you getting any benefit from mixing all of these non-stock versions on 
 your
 system?  How many different repositories that contain conflicting versions of
 packages do you use?  Normally epel doesn't overwrite stock packages and 
 opennms

I've no idea honestly, my primary role isn't server admin and I'm just
winging it as I go along to support what I'm supposed to be doing with
the server.

The PG 8.4 was because we're developing something for our client who's
on that server, so I'm standardizing on 8.4 and likely will stick with
it for quite a while, rather than going with the 8.3 since there
appears to be quite a few changes in 8.4, especially on warm standby
features.

Apart from what's needed, I usually try to avoid installing things on
the public web servers we have.

 That is normal - typically you'd run opennms on a machine dedicated to
 monitoring, with perhaps thousands of targets so it wouldn't be running a lot 
 of
 other services.

Well, unfortunately, there's only that pair of machine in that
particular location. I really needed the monitoring tool up on it
because I've been noticing a higher than normal load since the
weekend. My quick hack of a PHP/cat /proc/loadavg script was also
alerting me consistently. After a couple of hours on opennms, it
became obvious that something was hitting the server. Turns out that
the client did not set the appropriate measures on their forum
software and bots were having a field day hitting it to break the
image recognition and finally got through to spamming.

 Removing it won't bother opennms.  It has an assortment of application probes
 that it uses in addition to snmp and is intended to work automatically with
 large numbers of targets - when it discovers a node (or you add it),  it 
 probes
 the application ports to see what is running, then periodically tests again 
 and
 notifies you when something that was previously running stops working.  
 However,
 it is very configurable and you can add/remove whatever you want.

Yup, it's pretty cool and that web interface really helps. While I am
perfectly at home using a text editor, I really don't want to have to
wade through and edit tons of text just to do something a few clicks
should handle.

Thanks again for pointing me to opennms :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-15 Thread Noob Centos Admin

Hi,

 A possible work-around is to use a VPN like openvpn to give you what
 look like normal routes to remote locations even with private addressing.

Given the amount of trouble I've had just getting monitoring to work,
I don't think I'm even going to try fiddling with openVPN.

Besides which, after I went to sleep happily last night, I  woke up
this morning to find openNMS has decided to mysteriously stop working
just like MRTG previously. The service is running, opennms -v status
indicates every is a-OK, but the web interface is just not responding.
No log entries, not a single clue. Nothing changed, except my mood or
maybe the datacenter decided port 8980 is an hacking attempt and
decided to close it off. :(

I'm so tired of this whole monitoring crap that I'm not even going to
bother to fix it. My crude load warning script still runs fine. So
until it starts complaining consistently about the load, I think I'm
just going to be an irresponsible admin on top of being a noob one and
just do work that I'm getting paid for. *sigh*
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-14 Thread Noob Centos Admin

Thanks guys for all the suggestions. None of it changed the situation
but I'm beginning to think that it might have to do with SNMP not
accepting word names in MRTG, or more specifically some kind of
language encoding issue.

This is because of the following reasons

1. It's been pointed that out that MRTG need to be started with the
options env LANG=C because it won't work properly if LANG is UTF8

2. On some options I try in MRTG, the log shows some error about Wide
characters returned from SNMP, and I see a chinese character, which
obviously shouldn't be a return value.

3. Addressing SNMP variables by name does not work in MRTG, but works
from command line. e.g. something like ssRawCpuLoad is fine in command
line, but does not work in MRTG config file, only the dot-numeric
equivalent would return some kind of data in MRTG.

4. The problem started AFTER I rebooted the system after the update,
so the reboot might have possibly allowed some settings to take effect
with regards to the server's encoding. Maybe Centos 5.3 went from an
EN_US language default to UTF8 default?

If this is indeed the case, how would I possible change the
interface/shell language settings back to the English one, since I
don't typically need to input non-English characters nor view them in
shell?

I've added a LANG='en_US' and export LANG line in /etc/profile but it
doesn't seem to be doing anything. Do I need a reboot for it to work
like I am guessing based on #4 above?

Thanks!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-14 Thread Noob Centos Admin

Hi,

 I don't see any similar problem on machines upgraded to Centos5.3 that
 are monitored with (and running) OpenNMS, so I'd guess that since you
 didn't change your snmpd.conf settings it is MRTG-specific.

I think it's my server, quite possibly I screwed up something during
the initial setup two years ago or along the way updating it from 5.0
and so forth until it's not behaving in any recognizable manner
anymore.

 And btw: OpenNMS might be overkill for your purpose, but you might want
 to take a look:  http://www.opennms.org.

It looks good and I decided to give it a try in hope that maybe it can
be up and running faster than I can get MRTG to work again.
Unfortunately, as above mentioned, my server does not behave like a
CentOS server anymore. Following the steps at OpenNMS, I get to the
install -dis stage where it promptly dies because it cannot find jrrd.

downloaded jrrd but it refuses to ./configure because it cannot find rrd_create

yum install rrdtool but there was no rrd_create

searched online and the only result that was similar... was somebody
having the same problem on a Solaris server -- hence making me wonder
if I was logging into the wrong server. Using the instructions there
however, I at least learnt how to tell configure where rrdtool was...
but it still cannot find rrd_create for the ./configure process

Having spent almost 5 days on this, I'm officially giving up on
monitoring the server with these tools. Writing a PHP script seems a
lot faster, I've already gotten a basic script running to pull load
figures from exec'ing uptime and emailing warnings if the load figures
stay above a certain level.

Now I just have to expand the script to exec snmpget for the other
metrices I need to keep track of. It's really frustrating that I have
to resort to writing my own code when these things worked fine for
other people.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS/SNMP update breaks MRTG?

2009-07-13 Thread Noob Centos Admin

I got itchy fingers over the weekend and decided to fix what wasn't
broken and upgraded one of the older servers from Centos 5.2 to Centos
5.3. Following the recommended process of updating glibc and such
before the rest, it appeared to work perfectly and rebooted without
problem.

However, MRTG 2.15.2 started complaining about unexpected values. I
installed/updated both MRTG (2.16.2) and net-snmp to the latest
available in hope of fixing it. Subsequently, MRTG stopped working
altogether.

I've spent the whole weekend and whole Monday morning trying to fix it
and thus far have only finally managed to get garbage values showing
up in MRTG again as opposed to nothing. And this required learning
about SNMP and adding many additional lines to  the original MRTG
configuration file, none of which I had to do previously.

Did anybody else have similar experiences with MRTG failing after the
update and what was the simple fix? It does not make any sense that I
have to jump through so much hoops to get just the default
functionality back. Thus I believe there must be one small thing I'm
overlooking.

Thanks for any advice.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-13 Thread Noob Centos Admin

Hi,

 Perhaps the OIDs changed for the interfaces you are monitoring.

 Have you tried re-running cfgmaker to regenerate mrtg.cfg? It should
 pick up the correct OIDs again.

Yes I did, however the default MRTG configuration appears to contain
almost nothing. Consulting with others. it seems to be the norm, MRTG
should pick up the standard OIDs for the basics, i.e. load and network
traffic if nothing's specified.

Currently, I had to manually insert target lines after figuring out
the OIDs in order to get garbage data into the log files. Garbage data
because while the debug log shows some numbers corresponding to output
from top, MRTG is producing graphs that bear no resemblance to it.

Reproducing the entire default MRTG configuration would therefore
pretty much require a very long config file, as well as coming up with
formulas to twist the data into something that would produce sensible
graphs... which obviously don't seem like the right way to do it.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS/SNMP update breaks MRTG?

2009-07-13 Thread Noob Centos Admin

Hi,

 Did the update overwrite your snmpd.conf file?  The 'view' on the default one
 may not permit access to the things mrtg needs to see.  Try changing it to .1 
 to
 expose everything.

It might have done so. To be honest I have no idea since I've never
touched the SNMP configuration before this and simply used the
default. Currently there's nothing inside the snmpd.conf except a
rocommunity which is the public user.

I've added lines from an online source that claims that is the default
snmpd configuration and it looks like it should be allowing view all
to the public user. In any case, even prior to adding these lines, I
could get the relevant values off SNMP using command line with the
public community user, so I don't think I was blocking any thing in
SNMP

--- snmpd.conf --
#existing line
rocommunity  public localhost

#added by me
com2sec   publicdefault   public
group publicv1   public
group publicv2c  public
group publicusm  public
view  all  included  .1
accesspublic   any  noauthexact all  none none
 end 


As expected, MRTG behaviour remains unchanged. In fact, looking at the
mrtg log, with the default blank mrtg.cfg it does not even appear to
be trying to poll SNMP. This is because if I added the target lines
myself, MRTG would at least scream at me if SNMP does not return
values or cannot find the variable name.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Simple AD authentication for Samba share

2009-06-11 Thread The Small Box Admin

I have a CentOS box that I'm basically using for file sharing with
Samba.  Currently I'm mapping the drive from an XP box with a Samba
username/password combination.  Is there a simple way to use AD or
Windows authentication to allow the users to map the drive without
having to use a separate username/password?  That is without having to
install LDAP and kerberos or whatever is needed to join the CentOS box
to the AD.

Thanks,
Ken

-- 
The Small Box Admin
http://smallboxadmin.blogspot.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Getting ready for CentOS 5.4

2009-03-28 Thread Noob Centos Admin

2009/3/27 Spiro Harvey sp...@knossos.net.nz:
 required? How do you figure anything is *required* of volunteers?
 Show me your support contract.

 If you're worried that CentOS is late or is stopping you from
 fulfilling your own contractual obligations, perhaps you should stop
 being a tight-arse and pay for RedHat support.

 When you pay nothing, you have no right to expect anything. Unless
 they're your slaves, and I'm pretty sure that's not the case here.


 And as long as CentOS stays a relevant distro the pressure (not
 only from me) will continue to raise.

 This is just rude.

I think you're over-reacting or maybe just misunderstanding what I
believe the OP was trying to put across.

Personally, even when I volunteer to do something, I do my best to do
a good job of it. If something's worth doing, it's worth doing it
right, paid or otherwise. So even on a personal level, there are
requirements and pressure. If you are organising a charity event,
would you accept a team of helpers who may or not may not show up
simply because they are volunteers?

Now, I don't think any of us here are demanding the CentOS to meet
strict deadlines or some corporate standards of performance here.
Nobody's saying the CentOS developers can't take a vacation, can't
fall sick, etc.

If you read our posts, most of us are wondering where did the snags
occur, how we can help to ease such problems, how we can help prevent
these from recurring. These are issues that must be tackled if we want
the CentOS project to flourish. Like mbneto said, as things grow,
pressure  expectations will increase.

I don't think we want to see the team get frustrated and give up due
to these pressures or expectations. One of the best way to deal with
expectations/pressure is good communications. It doesn't even matter
if the communications is that there are delays due to personal issues.
People read it, people understand and nobody bugs the team about
what's going on, they will feel less pressured.

Similarly, if there's a way for us as non-development-savvy folks to
contribute our resources, it would also help relieve pressure on the
team.

All we are trying to achieve with this discussion, I believe, is to
identify problem areas, see if we can help out. So as to keep the
project fun for the developers to continue and not one day burn out
because they feel so unsupported, unappreciated and harrassed.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Getting ready for CentOS 5.4

2009-03-28 Thread Noob Centos Admin

On Sun, Mar 29, 2009 at 3:13 AM, William L. Maltby
centos4b...@triad.rr.com wrote:
 As a step to reducing the pressure and dissatisfaction of Are We
 There Yet? (When will xxx be released?), a simple publication of a
 projected time line will help. It should be updated as needed. It should
 understood that this could be another source of pressure as a release
 date nears and folks realize it may be missed.

I'll suggest that instead of a timeline, which would be a source of
pressure like you said, a weekly progress update would be just fine.
Similar to what Karanbir, IIANW, has done on his twitter/blog
recently. Maybe something like

CentOS 5.4 Progress: Completed 2/7 Stages.
Stage 3 estimated 5% completed.
No progress expected for next two weeks due to XYZ convention

The main thing is actually the VISIBILITY part. Putting it on CentOS
frontpage would cut down a lot of the unnecessary when/where
questions and leave the developers in peace :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing on LVM on SW-RAID

2009-03-28 Thread Noob Centos Admin

On Sat, Mar 28, 2009 at 9:58 PM, Robert Heller hel...@deepsoft.com wrote:
 At Fri, 27 Mar 2009 23:48:04 -0300 CentOS mailing list centos@centos.org 
 wrote:
 Yes, the root file system has to be outside of the LVM -- the initrd
 does not start LVM, so LVM volumes are not available for mounting at
 that point.

As Norberto pointed out, root file system can be inside the LVM. It's
/boot that has to be outside. That said, my own unpleasant and
unfortunate experience suggests that everything essential to
boot/recover the system should be outside lvm since rescue mode is
unable to mount lvm without manual intervention after booting.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Getting ready for CentOS 5.4

2009-03-23 Thread Noob Centos Admin

On Mon, Mar 23, 2009 at 11:49 PM, Ray Van Dolson ra...@bludgeon.org wrote:
 There maybe needs to be a community leizon of some sort to help
 leverage these types of offers for help.  Many of us are willing to
 help, but certainly don't have the necessary time cycles to do so as
 effectively as some of the rest of the core team.  If there was a way
 to make jumping in and helping out with a few mundane tasks or throwing
 spare CPU cycles at tasks I think a lot of the weekend warriors could
 be more effectively leveraged.

Excellent suggestion! I'm sure I'm not the only one who would love to
contribute but quite obvious lack the skills to do anything really
advanced.

There was a somewhat similar in spirit thread on CentOS forum about
PHP5.2 and somebody mentioned things are slow because none of us are
willing to help test. When I saw it, the only thing came to mind was
How?

So if it's possible, I'd be more than happy to throw in spare CPU
cycles to help compile some binaries or run automated tests etc!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Being Green, Time to make the servers sleep!

2009-03-21 Thread Noob Centos Admin

On Thu, Mar 19, 2009 at 10:22 PM, John Hinton webmas...@ew3d.com wrote:
 ATX, just
 powers down the computer, leaving the PS in a lowered power state, but
 apparently this can draw up to 60% of the working power needed.

60% would be a gross exaggeration, off the top of my head, an OFF
ATX PSU draws less than 10W, maybe a few more in terms of VA due to
inefficiency at really low power. But certainly no way near 60% unless
you are referring to one of those new Atoms/Nano platform. Even then,
they usually come with PSU optimized for low power operation.

 It would be interesting to put a wattmeter inline on the power cord to
 see how much current it's drawing running vs. in sleep state. I guess
 with an AT machine, one would have to use one of those old timers that
 switch on a plug something else that uses a bit of electricity, but
 I bet less than a power supply in sleep mode.

Including conversion inefficiency, my gaming PC sucks some 180W on
idle, I just sent it into standby and my wattmeter says 4W. It isn't
spec'd to be accurate at less than 10W so the actual draw could range
from 2W to 8W. Certainly nothing too significant, the total
environmental cost including materials and energy is likely less than
a new timer :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Being Green, Time to make the servers sleep!

2009-03-21 Thread Noob Centos Admin

On Thu, Mar 19, 2009 at 7:13 PM, James Bensley jwbens...@gmail.com wrote:
 Shadies and Mentlemen;

 I am trying to be green and put our backup servers to sleep during the
 day and have them wake on LAN and fire back up at night for our
 nightly backups as sleep is a sort of low power usage mode.

Make sure you are not using Seagate 7200.11 series hard disks for this
unless you've somehow obtained and updated the firmwire. Frequent
power cycles increases the chances that you will hit their firmware
bug that apparently bricks the drive if the drive internal log is at
some specific entry number before the power cycle. Was part of the
recent Seagate fiasco.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Easiest way to get samba up and working for Windows users?

2009-03-06 Thread Noob Centos Admin

I was back onsite and trying it again, in vain. Copied the conf from
another site's working setup and dumped directly, recreated with the
same names and all. No go.

So again removed and install samba again, made a blank conf file, fire
up SWAT and did the most basic config.

Even chmod 777 the directory.

Conf file
[global]
workgroup = MKSC52
netbios name = MKSC52
security = SHARE
log level = 2
os level = 35

[staff]
comment = Staff Share
path = /home/staff
valid users = jackie @staff


I've changed one of the Windows machine workgroup to a fresh one as
above, in case the existing WIndows 2000 domain controller was somehow
interfering.  The pc name was also changed to the user's name. But no
joy either.

But at least Samba is logging something after that

# [2009/03/06 17:38:31, 2] smbd/reply.c:reply_special(324)
  netbios connect: name1=MKS2009C52  name2=JACKIE

[2009/03/06 17:38:31, 2] smbd/reply.c:reply_special(331)
  netbios connect: local=mks2009c52 remote=jackie, name type = 0

[2009/03/06 17:40:31, 2] smbd/process.c:timeout_processing(1363)
  Closing idle connection

On the windows side, there was a brief pause before Windows tells me I
have no permission to access the network resource. No prompt for
password.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5.x SElinux issues

On Thu, Mar 5, 2009 at 3:09 AM, Chuck Campbell campb...@accelinc.com wrote:
 Do I need to start over with a clean install again, and how do I avoid this
 problem the next time I try to run updates after the install?

Just my noob opinion, that if there's no practical and definitive
benefit from enabling SELinux, for the time being until it is matured,
the best thing to do is just set it to off. Otherwise, it just
generally causes trouble and runs up tons of log as it is.

I'd love to be enlightened on this though :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Easiest way to get samba up and working for Windows users?

On Fri, Mar 6, 2009 at 3:57 AM, Scott Silva ssi...@sgvwater.com wrote:

 Learn to use a file editor and edit the configs yourself. That is the only way
 to have the best control.

That's generally how I try to do things, except sometimes hand
written doesn't work the way I expect it to. Then I'd like to have a
GUI that does works, then learn from the conf file it creates if
possible. Unfortunately, in this case they didn't work either! :D


Once you have a working config, copy and modify it
 for the next share.

That's the part of the problem I'm facing, getting a working config to
be working on another machine where things might not be exactly be the
same and the whole voodoo ritual starts anew.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] SELinux resource hog

Spinning off from the other thread about SELinux, I just tried to
re-enable SELinux on my personal server hosting just email and forum
for a small local community.

Average load for this Intel Core 2 Duo box with 2GB of ram (usually
with some 1GB free) was generally below 0.4 for the last 24hrs,
averaging 0.23 based on MRTG.

Once I did setenforce 1, load shot through the roof to fluctuate
between 3 to 5. As per my past experience setroubleshootd started
chewing up ram more than 600M and 500M worth of virt and res based on
top. The server started crawling and php apps stopped communicating
with mysql.

I had to kill setroubleshootd in order to return things to normal.

This again reflects my original experience with SELinux: massive
resource hog and this is just a lowly loaded webserver. Naturally it
seems to me that this doesn't seem like it should be the norm.

What could be going on here or rather what could be wrong here?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SELinux resource hog