kursa

svētdiena, 2012. gada 1. jūlijs

OpenVZ on KVM virtual machine. Network configuration

Required scenario:

Build Linux machines as OpenVZ containers (CT101, CT102, ... ) on OpenVZ host, which itself is a KVM virtual machine KvmH on KVM virtualization host HstA.
Both OpenVZ host KvmH and KVM host HstA uses internal network by default, but OVZ virtual hosts should be direct connected to external net or other internal nets, which are separated by VLAN's.
The KVM host HstA should be connected to switch with two ethernet cards, which are bonded for redundancy/bandwidth/NAS reasons.

HstA network configuration

OS - Ubuntu 12.04 server

... install ifenslave, bridge-utils, vlan ...

/etc/network/interfaces:

# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.

auto lo 

iface lo inet loopback

auto bond0
iface bond0 inet manual
    post-up    ifenslave bond0 eth0 eth1
    pre-down ifenslave -d bond0 eth0 eth1
    dns-nameservers 10.0.0.1
    dns-search internal.example.com

## - br0 IntLAN A  - on default VLAN
auto br0
iface br0 inet manual
    up ifconfig  bond0 up
    up brctl addbr br0
    up brctl addif br0 bond0
    up brctl stp  br0 on
    up ifconfig br0 10.0.0.11 netmask 255.255.0.0
    up route add default gw 10.0.0.1
    down brctl delbr br0

## - br4 - on tagged ExtLAN VLAN4 -  (192.0.2.0/24)
auto vlan4
iface vlan4 inet manual
    up ifconfig vlan4 up
    vlan_raw_device bond0

auto br4
iface br4 inet manual
    up ifconfig vlan4 up
    up brctl addbr br4
    up brctl addif br4 vlan4
    up brctl stp br4 on
    up ifconfig br4 0.0.0.0 up
    down brctl delif br4 vlan4
    down brctl delbr br4

## - br6 - on tagged intLAN B VLAN6 -  (192.168.1.0/24)
auto vlan6
iface vlan6 inet manual
    up ifconfig vlan6 up
    vlan_raw_device bond0

auto br6
iface br6 inet manual
    up ifconfig vlan6 up
    up brctl addbr br6
    up brctl addif br6 vlan6
    up brctl stp br6 on
    # up ifconfig br6 192.168.1.2 netmask 255.255.255.0
    up ifconfig br6 0.0.0.0 up
    down brctl delif br6 vlan6
    down brctl delbr br6

##  - br8 - on tagged intLAN C VLAN8 (192.168.2.0/24)
auto vlan8
iface vlan8 inet manual
    up ifconfig vlan8 up
    vlan_raw_device bond0

auto br8
iface br8 inet manual
    up ifconfig vlan8 up
    up brctl addbr br8
    up brctl addif br8 vlan8
    up brctl stp br8 on
    # up ifconfig br8 192.168.2.2 netmask 255.255.255.0
    up ifconfig br8 0.0.0.0 up
    down brctl delif br8 vlan8
    down brctl delbr br8

/etc/modprobe.d/bonding.conf

alias bond0 bonding
options bonding mode=4 miimon=100

KvmH network configuration:

OS - CentOS 6.2

Virtual NIC eth0 is connected to br0 on HstA
Virtual NIC eth1 is connected to br4 on HstA

... install vzkernel vzctl vzquota bridge-utils ...
... configure/disable iptables, allow ip_forwarding via systctl ...

/etc/sysconfig/network-scripts/ifcfg-eth0:

DEVICE="eth0"
TYPE="Ethernet"
HWADDR="52:54:00:E3:AB:CD"
BOOTPROTO=none
ONBOOT="yes"
NM_CONTROLLED="no"
TYPE="Ethernet"
BRIDGE=vzbr0

/etc/sysconfig/network-scripts/ifcfg-vzbr0:

DEVICE=vzbr0
TYPE=Bridge
IPADDR=10.0.0.4
NETMASK=255.255.0.0
ONBOOT=yes
BOOTPROTO=static
NM_CONTROLLED=no
DEALAY=0

/etc/sysconfig/network-scripts/ifcfg-eth1:

DEVICE="eth1"
TYPE="Ethernet"
BOOTPROTO=none
ONBOOT="yes"
NM_CONTROLLED="no"
TYPE="Ethernet"
BRIDGE=vzbr4

/etc/sysconfig/network-scripts/ifcfg-vzbr4:

DEVICE=vzbr4
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
NM_CONTROLLED=no
DEALAY=0

/etc/sysconfig/network:

NETWORKING=yes
HOSTNAME=kvmh.int.test
GATEWAY=10.0.0.1

Prepare VZ to automatically add configured container veth interfaces to host bridges

http://wiki.openvz.org/Virtual_Ethernet_device#Making_a_bridged_veth-device_persistent

Just create /etc/vz/vznet.conf containing the following.

#!/bin/bash
EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr"

Build containers:

Download OpenVZ template:

cd /vz/template/cache
wget http://download.openvz.org/template/precreated/ubuntu-12.04-x86.tar.gz

Create container:

vzctl create 101 --ostemplate ubuntu-12.04-x86

Add veth interface:

vzctl set 101 --netif_add eth0,,,,vzbr0 --save

Start container and check if veth101.0 is added to bridge vzbr0

vzctl start 101
brctl show

Go inside container 101 (vzctl enter 101), and configure eth0 as usualy ( .. /etc/network/interfaces)

Add other containers and bridges:

vzctl create 102 --ostemplate ubuntu-12.04-x86
vzctl set 102 --netif_add eth0,,,,vzbr4 --save

vzctl create 145 --ostemplate ubuntu-12.04-x86
vzctl set 145 --netif_add eth0,,,,vzbr0 --save
vzctl set 145 --netif_add eth1,,,,vzbr4 --save

pirmdiena, 2012. gada 27. februāris

Tīkla karšu apvienošana, pieslēgšana Procurve slēdzim ar statisko LACP maģistrāli.

Angliski nosaukums varētu skanēt sekojoši:
Network interface bonding with Procurve LACP static trunk and VLAN tagging.

Ja serverim ir 2 vai vairāk tīkla kartes, tad varētu būt lietderīgi tās apvienot (NIC bonding, teaming), lai sasniegtu lielāku caurlaides spēju, kā arī nodrošinātu bojājumpiecietību.

Sekojošais tika veikts uz Ubuntu servera un Procurve tīkla slēdža.

Uz servera

Uzstādam ifenslave, moduli un parametrus.
apt-get install ifenslave

echo alias bond0 bonding > /etc/modprobe.d/bonding.conf

echo options bonding mode=4 miimon=100 >> /etc/modprobe.d/bonding.conf
Pārbaudām, kā ielādējies bonding modulis:

===== cat /proc/net/bonding/bond0 ======
Ethernet Channel Bonding Driver: v3.2.3 (December 6, 2007)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: down
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
bond bond0 has no active aggregator
=============================================

Konfigurējam tīkla saskarni bond0, rediģējot failu /etc/network/interfaces:

===== cat /etc/network/interfaces ======
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto bond0
iface bond0 inet static
address 10.0.0.4
netmask 255.255.0.0
gateway 10.0.0.1
post-up ifenslave bond0 eth0 eth1
pre-down ifenslave -d bond0 eth0 eth1

==============================================

Uz Procurve

Tranka izveidošana

Ja nevēlas izmantot VLAN'us, tad var vienkārši salikt visus interesējošos slēdža portus LACP active vai passive(?) modē - un piespraužot konfigurētā servera tīkla portus, autormātiski tiks izveidoti dinamiskie tranki kā Dyn1 u.t.t.. Diemžēl uz dinamiskajiem trankiem nav iespējams uzlikt VLAN marķējumus, tāpēc ir jāveido statiskie tranki:

config t
trunk 9-10 trk5 lacp

Lai pārbaudītu izveidoto tranku:
show lacp
....

LACP

PORT LACP TRUNK PORT LACP LACP
NUMB ENABLED GROUP STATUS PARTNER STATUS

---- ------- ------- ------- ------- -------

9 Active Trk5 Down No Success

10 Active Trk5 Down No Success

VLAN'a pieslēgšana

Tos pieslēdz kā parasti, bet slēdža porta vietā jānorāda Trk5, piem.,:

vlan 8 tagged Trk5

Servera pieslēgšana trankam

Serveri pārslēgt no viena vada pieslēguma uz LACP tranku iespējams "hotswap" režīmā:

1. Pieslēdzam tīkla vadu no līdz šim neizmantotās tīkla saskarnes (piem., eth1) Trk5 portam (piem. 10)
2. Uz servera apturam darbojošos esošo tīkla saskarni eth0 un uzreiz startējam bond0 -
ifconfig eth0 down
ifconfig bond0 up
3. Pēc 1-2 sekunžu pātraukuma sāk darboties bond0 tīkla saskarne
4. Pārslēdzam arī līdz šim izmantotās tīkla saskarnes (eth0) uz jauno tranku (9. tīkla slēdža portam).

Kad serveris pieslēgts:

==== cat /proc/net/bonding/bond0 =====
Ethernet Channel Bonding Driver: v3.2.3 (December 6, 2007)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
Active Aggregator Info:
Aggregator ID: 2
Number of ports: 2
Actor Key: 17
Partner Key: 289
Partner Mac Address: 00:1f:fe:1f:92:c0

Slave Interface: eth0
MII Status: up
Link Failure Count: 5
Permanent HW addr: 00:15:17:5e:d8:34
Aggregator ID: 2

Slave Interface: eth1
MII Status: up
Link Failure Count: 2
Permanent HW addr: 00:15:17:5e:d8:35
Aggregator ID: 2
========================================

piektdiena, 2011. gada 14. oktobris

Svītru kodi komandrindas režīmā

Ģenerājam PS failu ar svītru kodiem, kas atrodas failā kodi.txt.
barcode -i kodi.txt -e code39 -o mee.ps -t 7x18+5+18-5-10 -u mm

svētdiena, 2011. gada 31. jūlijs

How to create PDF photo album with ImageMagick


rinda=""; a=1 ; p=1 ; 
for fails in ./*JPG  
  do 
   rinda=$rinda" "$fails[200x150]  
   a=$(($a+1))  
      if [ $a == 37 ] 
      then
        echo "processing $p set"  
        montage -label '%f' -tile 6x  $rinda  -page A4 index-$p.pdf 
        a=1 ; p=$(($p+1)) ; rinda=""  
      fi  
   done 
echo "processing last set"
montage -label '%f'  $rinda  -page A4 index-$p.pdf

Update
OMG. The following simple line just works and puts all thumbnails in one PDF file - 35 frames per PDF page.


montage -label "%f" -tile 5x7 -page A4 ../*JPG[200x150] index.pdf

piektdiena, 2011. gada 15. jūlijs

DHCP kļūda pie LTSP instalēšanas

Vasarā lēnām migrējam serverus uz jaunām versijām un virtuālām mašīnām.
Pēc DHCP servera pārcelšanas no Debian Etch uz Debian Squeeze vairs nestartējās LTSP mašīnas - LTSP Etherboot saņem gan IP adresi gan PXE, bet tālāk turpinot ielādi - apstājas.

Ar Wireshark tika noskaidrots, ka "vainīgais" ir atkārtots DHCP pieprasījums no LTSP klienta. Ja DHCPD3 uz Etch deva atpakaļ pieprasītos datus, tad DHCPD3 (isc-dhcp-server 4.1.1-P1-15+squeeze2) atmeta šādu atbildi:

...
Unexpected hash function at hash.c:53.
DHCPDISCOVER from 08:00:27:36:2e:d3 via eth0
DHCPOFFER on 10.0.3.41 to 08:00:27:36:2e:d3 via eth0
DHCPREQUEST for 10.0.3.41 (10.0.0.1) from 08:00:27:36:2e:d3 via eth0: lease 10.0.3.41 unavailable.
DHCPNAK on 10.0.3.41 to 08:00:27:36:2e:d3 via eth0
...

Risinājums tika atrasts te: http://www.nubae.com/logs/ltsp20110317_pg2.html

Jeb, failam /var/lib/tftpboot/ltsp/i386/pxelinux.cfg/default galā ir jāpieraksta "IPAPPEND 3" un tā saturs ir šāds:

default ltsp
label ltsp
kernel vmlinuz
append ro initrd=initrd.img quiet splash nbdport=2000
IPAPPEND 3

trešdiena, 2011. gada 18. maijs

Total traffic counter from MRTG log files

Script to count total traffic for last day for switch port from MRTG log files, and output file name, if total traffic is more than 10GB.


# period
sakums=`date -d -1day +%s`
# 1GB
ttrafic=$((1024*1024*1024))

pushd /var/www/mrtg
for fails in `find *log -mtime -1`
do tail -n +4 $fails | 
 awk -vsakums=$sakums -vfails=$fails   -vttrafic=$ttrafic '{ if ($1 > sakums)  
    {intr += ($2*300); outtr += ($3*300) }} 
    END   { if (outtr > 10000000000) 
    printf("%s\t%10.2f\t%10.2f\n",fails,intr/ttrafic,outtr/ttrafic) }'
done

sestdiena, 2010. gada 4. decembris

Dell PERC H700 RAID kontroliera testi

RAID kontrolieris: LSI MegaSAS 9260
Failu serveris: 8GB RAM
EXT4 Failu sistēma

Kontroliera RAID policy - write back (tāpēc "izcili" rakstīšanas ātrumi)

RAID5:
11 diski *1,5TB SATA 7200


Command line used: iozone -i0 -i1 -i2 -c -e -a -n 4g -g 16g -y 2048 -s 2048 -q 8192 -f /media/iozone

                                                           random  random
             KB  reclen   write rewrite    read    reread    read   write
        4194304    2048  507265  601835  5217335  6075021 6059073  204259
        4194304    4096  545864  613254  4900901  5980252 5960771  304020
        4194304    8192  484461  494155  3393424  3486067 3487220  339015
        8388608    2048  535145  647667   228315   230911  178499  158751
        8388608    4096  522054  603106   242188   239015  262852  278510
        8388608    8192  511561  547605   238473   238133  450990  325700
       16777216    2048  535339  602858   169483   170419   62861  144048
       16777216    4096  504894  608561   171000   168866  111390  255407
       16777216    8192  547588  627476   167334   170551  177473  315782

RAID6


Command line used: iozone -i0 -i1 -i2 -c -e -a -n 4g -g 16g -y 2048 -s 2048 -q 8192 -f /media/iozone
                                                           random  random
             KB  reclen   write rewrite    read    reread    read   write
        4194304    2048  485579  674330  4778832  6087938 6077705  234536
        4194304    4096  516627  625204  4709220  5904143 5801122  308782
        4194304    8192  577226  695833  3320708  3436157 3439575  326137
        8388608    2048  597535  637466  1034064  1108340  200691  182545
        8388608    4096  566840  653885  1011363  1134390  333880  298285
        8388608    8192  565815  586244   880734   954526  534508  314980           
       16777216    2048  603074  592641   880728   932588   74480  170545
       16777216    4096  589522  606359   882282   930832  135046  283768
       16777216    8192  601818  634115   815697   845830  237286  307365

RAID50 (3 x (RAID5 no 4 diskiem))


Command line used: iozone -i0 -i1 -i2 -c -e -a -n 4g -g 16g -y 2048 -s 2048 -q 8192 -f /media/iozone
                                                           random  random
             KB  reclen   write rewrite    read    reread    read   write
        4194304    2048  565397  622376  4765631  6042603 6073691  305175 
        4194304    4096  594191  692283  4799720  5840998 5833904  363215
        4194304    8192  566268  641491  3323537  3471235 3468972  353852
        8388608    2048  597915  682548   227525   229925  177328  263220 
        8388608    4096  597083  655845   236983   234054  261084  366365
        8388608    8192  593327  647889   232636   227249  436282  340496
       16777216    2048  602848  675974   175752   177381   68520  234357
       16777216    4096  610316  695315   173770   173823  114449  367738
       16777216    8192  615497  662729   172606   175156  184357  328476