nothing is impossible!!!!

nothing is impossible!!!!

Tuesday, December 30, 2008

RRDtool in short....

Copied notes from:
- RRDtool refers to Round Robin Database tool.
- RRDtool works with with Round Robin Databases (RRDs). It stores and retrieves data from them.
- RRDtool stores all sort of time-series data.
- If you measure some value at several points in time and provide this information to RRDtool. RRDtool will be able to store it.
- RRDtool originated from MRTG.
- RRDtool create graphs in PNG formats.
- We only need sensors to measure the data and able to feed the data into RRDtool.
- Create sample Round Robin Database,
rrdtool create test.rrd --start 920804400 DS:speed:COUNTER:600:U:U RRA:AVERAGE:0.5:1:24 RRA:AVERAGE:0.5:6:10
- Update database,
rrdtool update test.rrd 920804700:12345 920805000:12357 920805300:12363
rrdtool update test.rrd 920805600:12363 920805900:12363 920806200:12373
- fetch data from database,
rrdtool fetch test.rrd AVERAGE --start 920804400 --end 920809200
- "NaN" stands for "Not A Number" - Something is wrong.
- "UNKN" stands for "UNKNOWN", which is ok.
- Create graphics,
rrdtool graph speed.png --start 920804400 --end 920808000 DEF:myspeed=test.rrd:speed:AVERAGE LINE2:myspeed#FF0000

There are several ways for RRDtool to get a rate from its input:
* GAUGE: keep it "as is". The input is already a rate. An example would be a speedometer. This is also the type used for keeping track of temperature and such.

* COUNTER: look at the difference between the previous value and the current value (the delta). An example would be an odometer. The rate is computed as: delta(counter) divided by delta(time).

* ABSOLUTE: as the odometer, but now the counter is reset every time it is read. Computed as: value divided by delta(time).

* DERIVE: as COUNTER, but now it can also go back. An example could be something monitoring a bidirectional pump. The resulting rate can be negative as well as positive.

Sunday, December 28, 2008

Redhat Directory Server

Port Numbers:
- The Directory Server instance (LDAP) has a default port number of 389.
- Administration Server port number has a default number of 9830. If the default port number for either server is in use, then the setup program randomly generates a port number larger than 1024 to use as the default.
- For LDAPS (LDAP with TLS/SSL), the default port number is 636.

Directory Manager:
- Directory Server setup creates a special user called the Directory Manager.
- A unique, powerful entry that is used to administer all user and configuration tasks.
- access controls. password policy, and database limits for size, time, and lookthrough limits do not apply to the Directory Manager.
- It is used only for authentication.
- The Directory Server setup process prompts for a distinguished name (DN) and a password for the Directory Manager.
- The default value for the Directory Manager DN is cn=Directory Manager.

Directory Administrator
- The Directory Administrator is the "super user" that manages all Directory Server and Administration Server instances through the Directory Server Console.

Administration Server User
- By default, the Administration Server runs as the same non-root user as the Directory Server.

There are important differences between the Directory Administrator and the Directory Manager:
* The administrator cannot create top level entries for a new suffix through an add operation. either adding an entry in the Directory Server Console or using ldapadd, a tool provided with OpenLDAP. Only the Directory Manager can add top-level entries by default. To allow other users to add top-level entries, create entries with the appropriate access control statements in an LDIF file, and perform an import or database initialization procedure using that LDIF file.
* Password policies do apply to the administrator, but you can set a user-specific password policy for the administrator.
* Size, time, and lookthrough limits apply to the administrator, but you can set different resource limits for this user.
- The Directory Server and Administration Server instances are created and configured through a script call
- to set the machine name, suffix, and Directory Server port of the new instance, the command is as follows:
/usr/sbin/ “slapd.Suffix=dc=example, dc=com” slapd.ServerPort=389
- When the finishes, it generates a log file in the /tmp directory called setupXXXXXX.log where XXXXXX is a series of random characters.

Friday, December 19, 2008

Difference between innodb and myisam.

- MyISAM offers speed where as InnoDB offers reliability.
- Innodb support transactions, MyISAM not.
- InnoDB also supports row-level locking, while MyISAM only supports table locking.
- InnoDB is specifically for high volume, high performance.
- With replication it's even possible to take advantage of both storage engines on one table. For example, the master could store a table as InnoDB which makes it fast for INSERTs, UPDATEs and DELETEs while the slave(s) could store the same table as MyISAM and offer the best performance for SELECTs.

Thursday, December 18, 2008

Limiting closed port RST response from 266 to 200 packets/second.

Kernel default setting for icmp response is set to 200.
net.inet.icmp.icmplim sysctl limits.

Possible reasons are,
1. This generally means the system is being portscanned or a similar activity on the machine. In worst case someone trying to do DOS attack.
I suggest that you set the following sysctl variables,

2. But it can also mean that a often-used service on the machine (like http or a database server) is down and you're getting a lot of failed connection requests from clients.

How to find out and terminate or kill the defunct processes?

lsof | grep "deleted" or
lsof | grep "process" (rather long and messy)

df command shows different used disk space than du.

If the files are deleted (by rm command) while they are being opened or used by a Linux program / process, the evil of “open file descriptor” problem arises and confuse the Linux file system on reporting the real figure of used disk space or free disk space available.

In order to resolve the fake “disk space full” problem, i.e. to reclaim “used disk space”, you need to kill or terminate the “defunct process” - in this case, the rm command that turns to be defunct process while the files are being used.

Once these defunct processes are terminated, the “open file descriptor” problem will be resolved, and both the du and df commands will agree to report the real file system used disk space or free disk space!

Use remote Linux GUI application tools locally.

You must have OpenSSH server installed.
Open SSHD configuration file /etc/ssh/sshd_config
$ sudo vi /etc/ssh/sshd_config

Turn on X11Forwarding by setting X11Forwarding parameter to yes:
X11Forwarding yes
Save and close the file.

Restart OpenSSH server you so the changes will take place:
$ sudo /etc/init.d/sshd restart

Logout and close ssh connection.

Running a command remotely
$ ssh -X /usr/bin/gnome-terminal

Another option is to connect to the remote server and use X port forwarding:
$ ssh -X {remote server}

Reference Links:
* Refer to OpenSSH man pages (man sshd, sshd_config, ssh_config)
* VNC - An alternative to X forwarding

Wednesday, December 17, 2008

Tuesday, December 16, 2008

How Solaris is different from Linux.

File system structure is same as other *nix. few differences are,
- /usr/adm is symlink to /var/adm which is similar to linux /var/log.
- /usr/sadm - Solaris admin tools like SMC (Solaris management tools)
- /usr/proc - Solaris ptools(process tools) such as pfiles, pmap, pwdx, pstack.
- /usr/X11 - X server and related tools.

Solaris doesnt contain /root directory. Root user shouldnt be doing things which requires /root directory.

In Solaris you will also not find SUDO utility because of RBAC (Role Based Access Control).

In solaris need to add NFS shares to /etc/dfs/dfstab. DFS stands for Distributed File System.

To export filesystems you can edit /etc/dfs/dfstab and run exportfs -a (or svcadm restart svc:/network/nfs/server) or you can use the share command. share allows you to quickly export a filesystem, so if you wanted to NFS share /opt you could just execute share /opt and your done.

Solaris doesn't have top. But, we have something better yet similar: prstat.

you can use the Solaris "ptools" (process tools) to learn more about a process, such as pstack `pgrep cron` to see the call stack of the cron process, or pfiles `pgrep firefox-bin` to see details about every file that Firefox has open.

Packages come in two varieties: filesystem format and datastream.
- A filesystem format package is what you'll find on Sun CD's and is really just a directory stucture containing all the various elements and files of the package.
- A datastream package is a filesystem format package thats rolled into a single file making it easy to compress and distribute over the net. Packages use a common naming convension of ORGsoftware, such as SUNWspro

Both types of packages are installed using the pkgadd command (ie: pkgadd -d ./CUDLgcc-4.0.1.pkg for datastream and pkgadd -d . for filesystem format).

Use svcs to view services, svcadm to administer them (start, stop, etc), and svccfg to add or change them.

SMF services are described in XML manifests, find the default system manifests in /var/svc/manifest. Manifests describe a service, what its dependancies are, supply optional metadata, and provide methods to start, stop, refresh, or restart a service.

The standard Solaris naming convension for disks is: c0t0d0s0, that is to say: controller 0, target 0, LUN 0, slice 0.