Exit in case of failed pipe
If you use such pipes:
mysqldump db | gzip > backup.gz && echo "Ok"
You can get faled backups: cause it’s gzip always do gzip and return True. So for fixing use next bash variables:
set -o pipefail
Recent Updates RSS Toggle Comment Threads | Keyboard Shortcuts
-
Sov1et
-
Sov1et
Pacemaker and Corosync cluster FAQ
How can I check corosync status:
corosync-cfgtool -s
Corosync members:
corosync-objctl | grep member
How can I get attribute of ping resource in my scripts:
crm_attribute -G -t status -N `hostname` -n pingnet1
How can I update attribute of ping resource in my scripts:
attrd_updater -n pingnet1 -v 111 -d 5
How can I look at my resources location score:
ptest -sL
What is the DC
DC – Designated Coordinator – the "master node" in the cluster. It is the node, where logs are the most interesting.
How can I update my heartbeat/corosync configuration without downtime:
Set all cluster resources in unmanaged mode
-
Sov1et
Awesome video from Florian and Hastexo:
-
Sov1et
Turn off nagios checks from the bash
For example you have Mysql Slave monitoring. But every day you create mysql backups with server stops or it is stopping SQL replication threat. In this case you will have notification and error on email. For prevent this behavior you can stop checks in the web interface. But native nagios doesn’t have CLI for this. So I write wrapper for this. It uses curl and some black magic ;)
cat ./nagios_cli.sh
#!/bin/sh HOST="server-name" SERVICE="mysql-server" DISABLE_ACTIVE_CHECKS="6" ENABLE_ACTIVE_CHECKS="5" DISABLE_NOTIFICATIONS_CHECKS="23" ENABLE_NOTIFFICATIONS_CHECKS="22" function do_what_i_say(){ PARAM="cmd_typ=$1&cmd_mod=2&host=$2&service=$3&btnSubmit=Commit" curl --silent --insecure -K "config.curl" -d "$PARAM" 'https://example.com/nagios/cgi-bin/cmd.cgi' > /dev/null return $? } case "x$1" in xenable_checks) do_what_i_say ${ENABLE_ACTIVE_CHECKS} ${HOST} ${SERVICE} ;; xdisable_checks) do_what_i_say ${DISABLE_ACTIVE_CHECKS} ${HOST} ${SERVICE} ;; xenable_notif) do_what_i_say ${ENABLE_NOTIFFICATIONS_CHECKS} ${HOST} ${SERVICE} ;; xdisable_notif) do_what_i_say ${DISABLE_NOTIFICATIONS_CHECKS} ${HOST} ${SERVICE} ;; *) echo "" echo "Usage: $0 [enable_checks|disable_checks|enable_notif|disable_notif]" echo "" exit 0 ;; esac
Config for basic authentication:
cat ./config.curl
user-agent = "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13" user = "username:password"
Don’t forget to change right permissions to this file:
chmod 600 ./config.curl
-
Sov1et
Pacemaker symmetric-cluster
If you want to start cluster resources only when you exactly set it location than use “symmetric-cluster”
Default it TRUE. This mean that all resources can run on any node by default. Change this:
crm configure property symmetric-cluster="false"Now if you don’t set location for resource — it can’t start.
-
Sov1et
Sphinx HA and index replication
There are two ways to reaching high available Sphinx solution:
- Active/Passive Sphinx HA;
- Active/Hot Standby Sphinx instances.
Benefits of the first solution isn’t using extra system resources. But we have additional time for start sphinx in failover cause. Second don’t have this limitations, but use extra resources. So we create pacemaker configurations. First of all install sphinx, pacemaker, corosync … etc.
-
Sov1et
Csync2 is a cluster synchronization tool
-
Sov1et
Fincore — what pages are cached in OS memory and Mysql
Description:
Find out which blocks of file are in the cache with the fincore tool.
It is very useful when you are tuning Mysql MyISAM data bases. Cause the use system caches and it is a good to know how it cached.
Install:
wget http://net.doit.wisc.edu/~plonka/fincore/fincore sudo apt-get install -y libinline-perl perl-modules chmo u+x ./fincore
Get help:
./fincore -help
Example:
du -h base_080318.MYD 1.1G base_080318.MYD ./fincore --justsummarize base_080318.MYD page size: 4096 bytes 28415 pages, 111.0 Mbytes in core for 1 file; 28415.00 pages, 111.0 Mbytes per file.
Links:
-
Sov1et
Deploying php code and atomic operations
Tools for deploying PHP code
Capistrano
https://github.com/capistrano/capistrano
Maybe the most popular deploying system for RoR and PHP code written ob ruby. GitHub loves it very much: http://help.github.com/capistrano/
Fabric
http://docs.fabfile.org/en/1.0.1/index.html
Fabric is a Python (2.5 or higher) library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks.
Cool stuff, but it depends on python 2.5. RHEL 5/CentOS 5 out of the box use python 2.4. =(
Pake
https://github.com/indeyets/pake
Pake is a command line utility for executing predefined tasks, inspired by rake. It is written in PHP and the tasks are also described in PHP. Pake can be used for compiling projects from different pieces, generating code, preprocessing templates and deploying projects.
Phing
PHing Is Not GNU make; it’s a PHP project build system or build tool based on Apache Ant. You can do anything with it that you could do with a traditional build system like GNU make, and its use of simple XML build files and extensible PHP “task” classes make it an easy-to-use and highly flexible build framework. If you find yourself writing custom scripts to handle the packaging, deploying, or testing of your applications, then we suggest looking at the Phing framework.
Deploying strategy
A common strategy is use a directory version control with symlink:
0.9.9 1.0.1 1.0.2 current -> 1.0.2So when you want to deploy a new version — you upload it in the directory 1.0.3 and change symlink to it. But this is not a good idea. Why?
If you update high load web aplication with a lot of network traffic and requests per second, than you have to think about atomic update. If you do something like this:
ln -snf v1.0.3 current
It isn’t atomic. Let’s look at the strace command:
strace ln -snf v1.0.3 current | grep link symlink("v1.0.2", "current") = -1 EEXIST (File exists) unlink("current") = 0 symlink("v1.0.3", "current") = 0
As you can see, at first symlink check for file exists, than removes this link and than creates new.
So for transform this operation in the atomic we can use mv command:
ln -s v1.0.3 current.new; mv -Tf current.new current
It might not be 100% atomic but it’s really the best I can get right now. POSIX says its atomic so right now I’ll trust it.
-
Sov1et
Error: Neighbour table overflow
Появление в логах ошибки вида:
Nov 14 11:29:00 sov1et-laptop kernel: [ 1988.507584] Neighbour table overflow.
говорит нам о том что у вас исчерпался лимит кеширования arp-таблиц. Это связанно либо с тем, что вас активно сканируют, либо ддосят синами, либо у вас и вправду не хватает кеша под arp-запси. ;)
Увеличиваем:
net.ipv4.neigh.default.gc_thresh1=512 net.ipv4.neigh.default.gc_thresh2=2048 net.ipv4.neigh.default.gc_thresh3=4096
где
gc_thresh3 — это жёсткий лимит, он никогда не будте превышен;
gc_thresh2 — мягкий лимит, при его достижении начинается очистка таблицы от мусора;
gc_thresh1 — лимит до которого ничего не происходит и таблица просто наполняется.Соотношение этих параметров должно быть 1x, 4x и 8x соответственно.