Category: linux

Categories
linux perisian

RDP CentOS 6

yum install xrdp tigervnc-server

Tetapan selinux

chcon -t bin_t /usr/sbin/xrdp
chcon -t bin_t /usr/sbin/xrdp-sesman

Tetapan iptables

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3389 -j ACCEPT

Categories
linux virtualbox

Pasang VirtualBox 5.0 Guest Additions pada CentOS 6

yum install gcc kernel-devel kernel-headers
yum update kernel*

Selepas “Insert guest addition CD image…”

mount /dev/cdrom /mnt
cd /mnt
./VBoxLinuxAdditions.run

Categories
internet linux pemasangan

SSL Owncloud 8.0 pada Debian 7

Buatkan CSR dengan openssl dari PC anda.

openssl genrsa -des3 -out owncloud_domain_com.key 2048
openssl req -new -key owncloud_domain_com.key -out owncloud_domain_com.csr

Setelah memuatnaik CSR dan dapat zip file dari COMODO, unzip, kemudian buatkan chain certificate.

cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >> bundle.crt

Uji self-sign ssl terlebih dahulu.

a2enmod ssl
a2ensite default-ssl
service apache2 restart

Jika OK, teruskan:

Muatnaik bundle.crt ke /etc/apache2/ssl.crt/

Muatnaik owncloud_domain_com.key ke /etc/ssl/private/

Muatnaik owncloud_domain_com.crt ke /etc/ssl/certs/

Contoh yang diubah pada /etc/sites-enabled/default-ssl

SSLCertificateFile /etc/ssl/certs/owncloud_domain_com.crt
SSLCertificateKeyFile /etc/ssl/private/owncloud_domain_com.key
SSLCertificateChainFile /etc/apache2/ssl.crt/bundle.crt

Tambah juga tetapan berikut untuk melumpuhkan POODLE

SSLProtocol All -SSLv2 -SSLv3

Mulakan semula apache2

service apache2 restart

Categories
email linux

Status servis pada Zimbra Multiserver

OS: CentOS 6
ZCS: v8.6

Lakukan pada semua server zimbra

Buang tanda pound ‘#’ dalam /etc/rsyslog.conf pada

$ModLoad imudp
$UDPServerRun 514

Configure rsyslog untuk zimbra

/opt/zimbra/libexec/zmsyslogsetup

Mulakan semula servis zimbra

service zimbra restart

Mulakan semula service rsyslog

/etc/init.d/rsyslog restart

Categories
linux pengkalan data

Apabila semua nod kluster Galera MariaDB shutdown

Tambah atau benarkan “enable_autorecovery=0” pada /etc/cmon.cnf pada nod ClusterControl.

Mulakan semula cmon

admin@cc:~$ sudo service cmon restart

Perhatikan perbezaan nombor “Recovered position” selepas tanda kolon.

admin@db2:~$ sudo mysqld_safe --wsrep-recover
150408 09:38:59 mysqld_safe Logging to '/var/log/mysql.log'.
150408 09:38:59 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
150408 09:38:59 mysqld_safe WSREP: Running position recovery with --log_error='/var/lib/mysql/wsrep_recovery.x2Epct' --pid-file='/var/lib/mysql/db2-recover.pid'
150408 09:39:25 mysqld_safe WSREP: Recovered position 00000000-0000-0000-0000-000000000000:-1
150408 09:39:34 mysqld_safe mysqld from pid file /var/lib/mysql/mysqld.pid ended

admin@db1:~$ sudo mysqld_safe --wsrep-recover
150408 09:40:22 mysqld_safe Logging to '/var/log/mysql.log'.
150408 09:40:22 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
150408 09:40:22 mysqld_safe WSREP: Running position recovery with --log_error='/var/lib/mysql/wsrep_recovery.ISjnrN' --pid-file='/var/lib/mysql/db1-recover.pid'
150408 09:40:32 mysqld_safe WSREP: Recovered position 1f6e96d3-dd06-11e4-a086-1a4287304197:92216

Berdasarkan situasi diatas, data db1 lebih terkini, jadi kita bootstrap db1.

admin@db1:~$ sudo mysqld --wsrep_cluster_address=gcomm://

admin@db1:~$ sudo tailf /var/log/mysql.log

Tunggu sampai ada mesej berikut di dalam /var/log/mysql.log

[Note] mysqld: ready for connections.

admin@db2:~$ sudo service mysql start

Tunggu sampai ada mesej berikut di dalam /var/log/mysql.log

[Note] /usr/sbin/mysqld: ready for connections.

Buang tetapan “enable_autorecovery=0” pada /etc/cmon.cnf pada nod ClusterControl.

Mulakan semula cmon

Siap.

Categories
linux

Tetapan untuk log haproxy

/etc/haproxy/haproxy.cfg

[code lang=’plain’]global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice[/code]

/etc/rsyslog.conf

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
$ModLoad imudp
$UDPServerRun 514
$UDPServerAddress 127.0.0.1
$KLogPermitNonKernelFacility on
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$RepeatedMsgReduction on
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog
$WorkDirectory /var/spool/rsyslog
$IncludeConfig /etc/rsyslog.d/*.conf

/etc/rsyslog.d/haproxy.conf

if ($programname == 'haproxy') then -/var/log/haproxy.log

Categories
linux load test

Formula mengira pm.max_children untuk PHP FPM

Dapatkan jumlah RAM dalam MB dan /run/shm dalam MB

[code lang=’plain’]$ awk ‘/MemTotal/ {printf(“%.2f\n”,$2/1024)}’ /proc/meminfo
128756.27

$ df -m
Filesystem 1M-blocks Used Available Use% Mounted on
/dev/mapper/app1–vg-root 541986 42284 475016 9% /
none 1 0 1 0% /sys/fs/cgroup
udev 64368 1 64368 1% /dev
tmpfs 12876 2 12875 1% /run
none 5 0 5 0% /run/lock
none 64379 0 64379 0% /run/shm
none 100 0 100 0% /run/user
/dev/sda2 237 45 180 20% /boot
/dev/sda1 511 4 508 1% /boot/efi
/dev/dm-2 307196 83294 223903 28% /var/www[/code]

Formula:

(((TotalMemoryinMB-TMPFSinMB)*.8)/75)

(((128756.27-64379)*.8)/75) = 686

Sumber: http://ispeakl33t.com/calculate-pm-max_children

Categories
linux load test

Menetapkan bilangan maksimum pengguna pada tsung

Tetapkan maxuser pada teg clients

[code lang=’xml’]


[/code]

Tetapkan maxnumber pada teg users

[code lang=’xml’]




[/code]

Categories
linux pengkalan data

Ralat “ib_logfile0 is of different size”

Masalah ini berlaku semasa cuba bootstrap nod pertama galera cluster selepas konfigurasi my.cnf

InnoDB: Error: log file ./ib_logfile0 is of different size 0 5242880 bytes
InnoDB: than specified in the .cnf file 0 536870912 bytes!

Buang fail yang bermasalah

sudo rm /var/lib/mysql/ib_logfile*

Bootstrap semula nod tadi

sudo mysqld --wsrep_cluster_address=gcomm://

Categories
linux

iSCSI target dengan Ubuntu 14.04

IP target (sumber storan):
192.168.56.212

Logical volume yang hendak digunakan: /dev/vgtarget00/lvtarget00

IP initiator(dari mana akan diakses):
192.168.56.213
192.168.56.214

Pasang iscsitarget pada sumber
sudo apt-get install iscsitarget iscsitarget-dkms

Contoh tetapan pada /etc/default/iscsitarget

[code lang=’plain’]ISCSITARGET_ENABLE=true
ISCSITARGET_OPTIONS=”–address 192.168.56.212″[/code]

Contoh tetapan pada /etc/iet/ietd.conf

[code lang=’plain’]Target iqn.2015-01.iscsi:target00
Lun 0 Path=/dev/vgtarget00/lvtarget00,Type=blockio
initiator-address 192.168.56.213
initiator-address 192.168.56.214[/code]

Contoh tetapan pada /etc/iet/initiators.allow

ALL ALL

Mulakan semula servis iscsitarget
sudo /etc/init.d/iscsitarget restart

Pasang iscsi-initiator pada server yang akan mengakses storan iscsi (initiator)
sudo apt-get install open-iscsi

Contoh tetapan pada /etc/iscsi/iscsid.conf

[code lang=’plain’]iscsid.startup = /usr/sbin/iscsid
node.startup = automatic
node.leading_login = No
node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.initial_login_retry_max = 8
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.xmit_thread_priority = -20
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
node.session.nr_sessions = 1
node.session.iscsi.FastAbort = Yes[/code]

Mulakan semula servis initiator
sudo /etc/init.d/open-iscsi restart

Akses storan pada target
sudo iscsiadm -m discovery -t sendtargets -p 192.168.56.212
sudo iscsiadm -m node --login