Empulse Group a collection of notes from a sys admin, musician, and father

8May/110

RHCS: Setting up MySQL and NFS cluster



Red Hat Cluster Suite

Setting up MySQL and NFS cluster

http://www.redhat.com/cluster_suite/

This document is meant to be a guide to setting up MySQL and NFS cluster services with Red Hat Cluster Suite. A training environment is provided at training.racktools.us.

Axios Articles:

Configure Hostnames and Network:

Note that you will give up DRAC access to the cluster in our setups for fencing. Nic bonding is only for redundancy of the interfaces. In our VM training we do not currently have a way to fence devices the way DRAC would offer.


  • hostname server1.domain.com


  • /etc/sysconfig/network


  • /etc/hosts

Configure SAN:

Usually you will have SAN LUNs for NFS and MySQL services. In this training you will use devices /dev/sdb and /dev/sdc for storage.


  • create new partition with fdisk


  • refresh partition tables on both servers: partprobe


  • format to ext3 with mkfs.ext3

  • turn off fsck schedule with: tune2fs -c 0 -i 0d /dev/sdb1


Install software:


  • yum install cman rgmanager system-config-cluster fontconfig xorg-x11-fonts-Type1 xorg-x11-xauth perl-Crypt-SSLeay

Configure locations:


  • mkdir -p /san/mysql-fs
  • mkdir -p /san/nfs-fs

MySQL:

At this point we want to get MySQL running on the SAN mount, or /dev/sd{b,c} partition in this case, and create symlinks from the original directory location to the mount point.


  • Move /var/lib/{mysql,mysqllogs,mysqltmp} from one server to
    the SAN partition


  • Move /etc/my.cnf from one server to the SAN

  • symlink directories and my.cnf fron SAN to original locations
    on BOTH servers: ln -s /san/mysql-fs/mysql /var/lib/mysql


NFS:

Portmap and NFS services need to be running on each node in order for NFS cluster services to start.


  • service portmap start; chkconfig portmap on;
  • service nfs start; chkconfig nfs on;
  • echo "portmap: 10.0.0.0/255.0.0.0" >> /etc/hosts.allow

System-config-cluster:

You will create the cluster.conf file with the GUI tool 'system-config-cluster'. To enable X11 forwarding SSH to the server with the "-Y" or "-X" option.

# system-config-cluster

You will first be asked to name the cluster.

Now, with an empty configuration, you can start by adding your cluster nodes based on hostnames.

Cluster Nodes:

Click on the Cluster Nodes heading and then click the button "+Add a Cluster Node". Enter server name and set Quorum Votes to '1'. Do this for each node.

Fence Devices:

Now set up fencing for each server. Fencing is the disconnection of a node from shared storage. A fence device is a hardware device that can be used to cut a node off from shared storage. In our case we use DRAC as our fencing agent.

Source: https://access.redhat.com/kb/docs/DOC-30004

Click on the Fence Devices section and then click the button "+Add a fence device".

From the drop down list, select DRAC. The login details for DRAC in our environment are on the training page. In our Rackspace configs you would use the normal DRAC credentials.

Now, with the fencing deivces entered you need to set up fencing on each cluster node.

Under the Cluster Nodes section, highlight the first cluster node and then click the button "Managed Fencing For This Node".

Highlight the cluster node name and click the button "+Add a New Fence Level".

Now, highlight the new Fence-Level-1 and click the button "+Add a New Fence to this Level". Here you select the respective fencing device.

Managed Resources

Under the Resources section you will create resources for both the MySQL and NFS clusters. These resources are ip address, file systems, MySQL conf file, and NFS export and client settings.

Failover Domains

Set up a failover domain for each cluster service, MySQL and NFS.

If you want each server to be responsible for a particular service check "Prioritized List" and adjust priority of the cluster nodes inversely between failover domains.

Resources:

First, set up the ip address for the cluster services. We will setup the MySQL cluster first.

Set up a resource for the MySQL file system. In our environment we are using /dev/sdb and /dev/sdc disks, but in our Rackspace cluster configs we would usually SAN luns presented as /dev/emcpowerb, etc.

Set up the MySQL configuration file, /etc/my.cnf, which will be symlinked on each server to the SAN mount or /dev/sd{b,c} in our environment.

Set up the ip address for NFS cluster.

Set up the NFS file system.

Now, the NFS export

The last resource will be the NFS client. Target will be the network you want to allow. Path is not optional at all and needs to be set. You can create more NFS client resources for each network you with.

Services:

Now that we have all of our resources set we need to chain them together to make each cluster service.

Under the Failover Domain drop down select the respective failover domain.


  • click "+Add a Shared Resource to this service" and select the ip address for the MySQL cluster service.
  • highlight the ip address you just added and click "+Add a Shared Resource to the selection" and select the MySQL file system.
  • highlight the file system resource, click "+Add a Shared Resource to the selection" and select the MySQL server.

The final cluster config tree should look similar to this:

Start services:


  • for i in cman rgmanager; do service $i start; chkconfig $i on; done

Commands:


  • 'clustat' ~= Will show the status of the cluster
  • 'clusvcadm -R mysql-svc' ~= Will restart MySQL in place on the same server
  • 'clusvcadm -r mysql-svc -m ' ~= Will relocate MySQL to that node
  • 'clusvcadm -d mysql-svc' ~= Will disable MySQL
  • 'clusvcadm -e mysql-svc' ~= Will enable MySQL
  • Note: Cluster messages are logged to /var/log/messages.


Filed under: Linux No Comments
22Feb/110

Tricks with iptables

Use iptables to force mail out a specific ip address:

[root@www ~]# iptables -t nat -A POSTROUTING -p tcp --dport 25 -j SNAT --to-source 192.168.100.123

Rate limit port 80, 100 connection limit:

[root@www ~]# iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 100 -j DROP
8Jan/110

50 UNIX / Linux Sysadmin Tutorials

50 UNIX / Linux Sysadmin Tutorials.

2Jan/110

Journal Aborted

1. Blow away the journal.

[root@www ~]# tune2fs -O ^has_journal /dev/hda5

1a. If this fails because of the needs_recovery flag, you will need to run the following.

[root@www ~]# debugfs -w /dev/hda5
debugfs: features ^needs_recovery
debugfs: quit

Again, try to blow away the journal.

[root@www ~]# tune2fs -O ^has_journal /dev/hda5

2. Now, you can fsck the partition.

[root@www ~]# fsck.ext2 -f /dev/hda5

3. Rebuild the journal.

[root@www ~]# tune2fs -j /dev/hda5
2Jan/110

Linux: Find CPU architecture type

Today at work this guy needed assistance with running a binary that converts HTML to PDF. It was not able to load a specific library that I did find to be installed.

After using 'strace' I noticed that it was not looking in the /usr/lib64 directory where this library file was stored.  So, I needed to show him that the server was running in 64 bit mode which the app did not support.

[root@www ~]# uname -a
Linux www.empulsegroup.com 2.6.31-302-rs #7 SMP Thu Oct 29 22:57:03 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux
[root@www ~]# uname -m
x86_64
[root@www ~]# arch
x86_64

Kernel Version:

  • x86_64 shows that this is a 64 bit system
  • i386/i486/i586/i686 would show to be a 32 bit system
[root@www ~]# grep flag /proc/cpuinfo
flags : fpu de tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc pni cx16 popcnt lahf_lm cmp_legacy extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch
flags : fpu de tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc pni cx16 popcnt lahf_lm cmp_legacy extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch
flags : fpu de tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc pni cx16 popcnt lahf_lm cmp_legacy extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch
flags : fpu de tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc pni cx16 popcnt lahf_lm cmp_legacy extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch

CPU Modes:

  • lm flag is Long Mode CPU - 64 bit CPU
  • Real Mode is a 16 big CPU
  • Protected Mode is a 32 bit CPU

To find the architecture type of an RPM package:

[root@www ~]# rpm -qa --qf "%{n}-%{arch}\n" | grep httpd
httpd-x86_64
6Dec/100

PECL install package

If you are getting errors when trying to install a package using PECL, it may because of permissions on /tmp.

[root@www ~]# mount -o remount,exec,suid /tmp

Do a channel-update for both PEAR and PECL before install the package:

[root@www ~]# pear channel-update pear.php.net
[root@www ~]# pecl channel-update pecl.php.net
[root@www ~]# pecl install package

Add the line extension=package.so to the php.ini file.

Restart Apache.

Then don't forget to remount when you are done:

[root@www ~]# mount -o remount /tmp

Click here to read the cheap auto insurance quotes review.

28Nov/100

Optimize all MySQL tables using MyISAM

A common cause of slow sites and high server load is the MySQL server.  Many times I find the cause to be database tables that need to be optimized.

[root@www ~]# for i in `mysql -e 'select concat(table_schema,".",table_name) from information_schema.tables where engine="MyISAM"'`; do mysql -e "optimize table $i"; done
Filed under: Uncategorized No Comments
15Nov/100

Setting up vsftpd with MySQL authentication

Here we will be setting up vsftpd to use MySQL for authentication using pam_mysql.  MySQL already uses PAM so we will just need to edit the pam file for this service to use the pam_mysql module. Then, we edit the vsftpd.conf file. And finally, the user credentials will be stored in a MySQL database.

Install packages:

  • pam_mysql
  • mysql
  • vsftpd
[root@www ~]# cat /etc/pam.d/vsftpd
auth required /lib64/security/pam_mysql.so user=vsftpd passwd=foo host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime
## i will just space these 2 lines out ##
account required /lib64/security/pam_mysql.so user=vsftpd passwd=foo host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime

Note: For the crypt=x option, the following applies
-------
0 = No encryption. Passwords in database in plaintext. NOT recommended!
1 = Use crypt
2 = Use MySQL PASSWORD() function

[root@www ~]# grep -v \# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
nopriv_user=vsftpd
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
chroot_local_user=YES

Then we need to create a 'vsftpd' system user. Our virtual ftp users will have home directories under /home/vsftpd. We also have to manually create the home directory for the virutal users as specificed by the "local_root" directive in the vsftpd.conf file.

[root@www ~]# useradd --home /home/vsftpd -m --shell /bin/false vsftpd
[root@www ~]# mkdir /home/vsftpd/test3
[root@www ~]# chown vsftpd:vsftpd /home/vsftpd/test3/

CREATE DATABASE AND TABLES IN MYSQL

> create database vsftpd;
> use vsftpd;
> create table users (id int AUTO_INCREMENT NOT NULL, name char(128) binary NOT NULL, passwd char(128) binary NOT NULL, primary key(id) );
> create table logs (msg varchar(255), user char(128), pid int, host char(128), rhost char(128), logtime timestamp );
> INSERT INTO users (name, passwd) VALUES ('test5', 'test5'); // for plain text, crypt=0 in /etc/pam.d/vsftpd
> insert into users (name, passwd) values ('eric@empulsegroup.com',password('tististis')); // when using MySQL PASSWORD() function or crypt=2 in the pam file

8Nov/100

Apache Redirect or Rewrite

You can quickly create a .htaccess file to have a domain forward to a different one.

Redirect 301 / http://www.theotherdomain.com

-OR-

RewriteEngine on
rewritecond %{http_host} ^mystuff.com [nc]
rewriterule ^(.*)$ http://www.theotherdomain.com/$1 [r=301,nc]

You can then use curl to see if the headers were updated.

[root@www ~]# curl -I www.mystuff.com
HTTP/1.1 301 Moved Permanently
Date: Mon, 08 Nov 2010 23:07:56 GMT
Server: Apache/2.2.3 (Red Hat)
Location: http://www.theotherdomain.com
Cache-Control: max-age=31536000
Expires: Tue, 08 Nov 2011 23:07:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Tagged as: , No Comments
7Nov/100

HP Array Configuration Utility CLI for Linux

So today at work I needed to place a stand-alone drive in a RAID 0. This was on an HP DL385 so I had the hpacucli RAID utility available.

[root@www ~]# hpacucli
=>  ctrl all show config
Smart Array P400 in Slot 1           (sn: P61620F9VV90K4)
array A (SAS, Unused Space: 0 MB)
logicaldrive 1 (68.3 GB, RAID 1, OK)
physicaldrive 2I:1:1 (port 2I:box 1:bay 1, SAS, 72 GB, OK)
physicaldrive 2I:1:2 (port 2I:box 1:bay 2, SAS, 72 GB, OK)
unassigned
physicaldrive 2I:1:4 (port 2I:box 1:bay 4, SAS, 72 GB, OK)

Smart Array P400 in Slot 1           (sn: P61620F9VV90K4)
array A (SAS, Unused Space: 0 MB)
logicaldrive 1 (68.3 GB, RAID 1, OK)
physicaldrive 2I:1:1 (port 2I:box 1:bay 1, SAS, 72 GB, OK)      physicaldrive 2I:1:2 (port 2I:box 1:bay 2, SAS, 72 GB, OK)

unassigned
physicaldrive 2I:1:4 (port 2I:box 1:bay 4, SAS, 72 GB, OK)

=>  ctrl slot=1 create type=ld drives=2I:1:4 raid=0

=> ctrl slot=1 ld all show status
logicaldrive 1 (68.3 GB, RAID 1): OK
logicaldrive 2 (68.3 GB, RAID 0): OK

http://www.datadisk.co.uk/html_docs/redhat/hpacucli.htm

Filed under: Linux No Comments