Parallels the vendor of Virtualization platform Virtouzzo use a hardware id to maintain and associate the Virtouzzo licenses.

You will need this hardware id ( hwid ) when you install a license on new server/node or when you upgrade the license on an existing node for any reason, e.g. increasing the license from 20 vps support to 30 vps support or if you change the network card on the server.

This hardware id is located at /proc/vz/hwid and you can get the info using below command :

cat /proc/vz/hwid

e.g.

[root@vznode ~]# cat /proc/vz/hwid
1DF8.F514.74DB.1867.C81D.07B5.74A8.A38E
[root@vznode ~]#

In some cases it may report multiple ids, you should use the first one in that case. I will address installing licenses , checking limits and related issues on virtouzzo nodes in an another post.

Happy Licensing :)

Tags: , , , ,

Samba is normally used when you want to share disk space between Linux and Windows machines. The Network File System protocol (NFS) is used when disks/directories need to be shared between different Linux servers, and for that its a preferred choice.

The data storage disks on Linux  contain files stored in filesystems with a standardized directory structure.  The new  disks are added by attaching or mounting the directories of their filesystems to a directory of an already existing filesystem. This essentially makes the new hard disk to transparently appear as a subdirectory of the filesystem to which it is attached.

NFS was developed to allow a computer systems to access directories on remote computers by mounting them on a local filesystem as if they were a local disk. The systems administrator on the NFS server has to define the directories that need to be activated or exported for access by the NFS clients.

This helps if you have cluster of systems or if you are looking to keep some data like big videos or data collection on one shared file server and want clients to access them on central repository.

NFS is reasonably easy to setup. For the NFS server setup you will need install the nfs-utils and rpcbind rpm package. On CentOS , RHEL or any RHEL family distros that support yum, it can be installed as below :


yum install nfs-utils rpcbind

The main configuration file for nfs is /etc/exports , which essentially defines below three things :
– What will be exported
– To Whom it will be available
– The properties of export, like readonly or read-write etc

A sample /etc/export file will look like below :


/etc/exports
/data/files *(ro,sync)
/home 192.168.1.0/24(rw,sync)
/data/videos hostOne.domain.com(rw,sync)
/data/databases hostTwo.domain.com(rw,sync)

This /etc/exposts file does following :

– Exports /data/files to all network/systems with read-only option
– Exports /home to network 192.168.1.0/24 with read-write option
– Exports /data/videos to computer system hostOne.domain.com with read-write option
– Exports /data/databases to computer system hostTwo.domain.com with read-write option

There are other options as well that you can mention on either a per-host or per-network basis, including the no_root_squash option which will not prevent root on a client machine from writing files to the server as root; by default, NFS will map any requests from root on the client to the ‘nobody’ user on the server.

The other two files which control the exports on the server are /etc/hosts.allow and /etc/hosts.deny .
This is particularly necessary if you are using wildcards or broad network specifications in /etc/exports; using hosts.allow and hosts.deny you can fine-tune which clients do and don’t have access. For instance, you may add in /etc/hosts.deny:


portmap:ALL

and then in /etc/hosts.allow:

portmap: 192.168.1.1, 192.168.1.2, 192.168.1.3

This would only allow the hosts specified in /etc/hosts.allow to connect to the portmap service. You can get it more fine tuned and also add entries for lockd, rquotad, mountd, and statd.

Then you can start the NFS sharing on the server , which would require starting following services :

Finally, to start NFS sharing, on the server you need to start a few services:

( before starting the services they should be enabled on run level 3 to 5 , using chkconfig –level 35 SERVICENAME on )


service portmap start
service nfs start
service nfslock start
service rpcbind start

To check if the service is running correctly you can run below command , it will list the services and should list mountd , nfs and portmapper :


[root@LinuxServer tmp]# rpcinfo -p localhost
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100021 1 udp 1024 nlockmgr
100021 3 udp 1024 nlockmgr
100021 4 udp 1024 nlockmgr
100005 1 udp 1042 mountd
100005 1 tcp 2342 mountd
100005 2 udp 1042 mountd
100005 2 tcp 2342 mountd
100005 3 udp 1042 mountd
100005 3 tcp 2342 mountd
[root@LinuxServer tmp]#

To see what filesystems are exported you can use the 'exportfs' command, and when ever you make any changes to the /etc/exports then you will need to run 'exportfs -ra' so that NFS re-reads the configuration.

Now your NFS server is setup and ready to accept connections from the remote client. Testing can be done from the client by mounting one of the exported partitions , this can done in following way :

mkdir /mnt/files
ls /mnt/files
mount -t nfs 192.168.1.100:/data/files /mnt/files

If mount works and mounts the remote filesystem successfully then it means its all working correctly.

You can add the mount command to /etc/fstab to make sure the mounts remain after the reboots.

NFS is very easy to use and works pretty good and can be used to solve many sharing requirements.

Do try it , its easy and quick !

Tags: , , , , ,

Riz Khan on December 2nd, 2010

Ever faced a problem with your ssh connection dying in middle of an installation Or in middle of data transfer ? scp rsync stopping in middle due to a ” Connection Closed ” message ?

Linux has a solution for you for this very scenario.  It has a utility that allows you to run any task in the background , without worrying about the connection breaking down due to internet or network cable or any other issue, its called screen. screen will keep things running for you in the background and you can again connect to the screen process and the task would be running as it is.  So how do we install and use it ? . Lets start with the installation.

Installing screen :

You can check if screen binary already exist by using below command :

root@CentOS5Server [~]# which screen
/usr/bin/screen
root@CentOS5Server [~]#

If it is already available you are good to go and can move on next step of utilizing this binary/utility.

If its not installed on your machine then you can install it using simple yum command on CentOS , RHEL or any RHEL family distros. You can do it as follows :


yum install screen

Now we can learn how to use the screen command :

Utilizing the screen command :

You can create a simple screen process by just typing the command ‘screen‘ and it will create a screen for you and move the control inside the screen session. Usually its recommended to use some the naming parameters with the command so you can create a screen with a required name and it can be referred to later with that name, specially when there going to be more than one screens and where more than one admins work on one  server. This can done using below command :


screen -mdS TransferingXYZDir

The above command will create a screen process in background with name  ‘TransferingXYZDir’ , you can choose any name. This will not switch the control to the screen session, the control and cursor will remain in the normal shell.

Writing just ‘screen’ will also create a screen session and will also switch the control and cursor to inside the screen session.

You can see the list of available screen processes at any time using the command ‘screen -ls’ as below :

root@CentOS5Server [~]# screen -ls
There is a screen on:
1468.TransferingXYZDir (Detached)

1 Socket in /var/run/screen/S-root.
root@CentOS5Server [~]#

As you can see the screen we just created above is now available in screen -ls , we can create more screen for our specific purpose and then connect to any of the screen and can also move out of any screen, this is called ‘attaching’ and ‘detaching’ from a screen.

You can connect or attach to any screen using below command :

screen -x TransferingXYZDir

If there is only one screen process then typing ‘screen -x‘ will attach you to that screen. When you have more than one screen process you will need to mention its id or name. The screen session created above can also be attached using command ‘screen -x 1468‘.

Detaching from screen requires a below key combination :

‘Ctrl A’ ‘D’

Pressing the three keys in above sequence will detach you from screen.

The screen process can be killed by only pressing ‘Ctrl D‘ or writing ‘exit‘ will also kill/close the active screen process.

The below demo commands will show the screen attaching/detaching and killing commands execution in sequence :

--------
root@CentOS5Server [~]# screen -x TransferingXYZDir

root@CentOS5Server [~]# This is our Screen.
root@CentOS5Server [~]#

[detached]

root@CentOS5Server [~]# screen -x TransferingXYZDir

root@CentOS5Server [~]# This is our Screen.
root@CentOS5Server [~]# exit

[screen is terminating] ( by pressing Ctrl D )
root@CentOS5Server [~]#

—————

I wrote the line ‘This is our Screen’ in the screen session to show that the console is changing to a screen from normal shell.

The above commands should be enough to get you started and do all basic functions of using screen. For further details you can see the man pages for screen.

Have happing ‘screen’ ing :)

Tags: , , ,

Riz Khan on November 28th, 2010

When its comes to optimizing and tuning Mysql the most important aspect is to identify the inefficient/slow queries.
So the question arises how we can find the queries which are taking long time to execute so we can optimize/improve them to improve the overall performance.
Mysql helps us with its built in support for logging slow queries.

Activating the slow query logging :

We need check if slow query loggin is already enabled or not , it can be checked as below :

mysqladmin var |grep log_slow_queries
| log_slow_queries | OFF

If its already set to ON then you are set, if its set to OFF like above then you will need to enable slow query logging.

The mysql variable long_query_time (default 1) defines what is considered as a slow query. In the default case, any query that takes more than 1 second will be considered a slow query.

Now to enable the slow query logging we will need following entries in the /etc/my.cnf mysql configuration file.

[mysqld]
long_query_time = 1
log-slow-queries = /var/log/mysql/mysql-slow.log

You can define the path for logging according to your requirements. Also the log query time which is by default 1 sec can be adjusted according to your needs.

Once you have done the configuration, restart mysql service to load the new configurations.

Once slow query logging is enabled we can check the log file for each slow query that was executed by the server.
Different details are logged to help you understand how was the query executed:

Time:  the time it took to execute the query
Lock:  how long was a lock required
Rows: how many rows were investigated by the query
Host: this is the actual host that launched/initiated the query
Query: The actual mysql query.

This information will help us to see what queries need to be optimized.

Tags: , , ,

Riz Khan on November 20th, 2010

Munin is a networked resource monitoring tool that can help analyze resource  trends and usage. It can monitor a wide variety of servers and equipment e.g.  servers, vpss, networks, applications etc.

Munin provides very useful graphs with resource usage listed for different time periods like , daily , weekly and monthly graphs.

Installation of Munin as plugin on cPanel servers or vpss is very easy and straight forward.

Go to below link in your WHM interface :

WHM >> cPanel >> Manage Plugins

You will find the Munin in the plugins section. Just check the check box in that section which says ‘ Install and keep updated ‘ and press save from the bottom of the page.

You will see the installation steps in the gui and it will complete in 5 to 10 minutes.

Once the installation is complete, you will find the plugin available at below path :

WHM >> Plugins >> Munin Service Monitor

In some cases you may encounter a blank page when you click on this link , in that case upgrade cpanel to latest CURRENT/STABLE release depending on your requirements using /scripts/upcp.

At this link you will find graphs for following services and equipment :

Apache, Disk, Exim, Mysql, Network, Other, Processes, System

Be default both daily and weekly graphs for each the above are available. Which give you very good idea on your resource consumption and to identify any bottle necks.

Its also a very good tool to identify if and when you need to upgrade to a higher plan for your hosting requirements.

For a non cPanel server you can do the installation by downloading the source directly and then install it. Or you can also do simple yum based installation.

After the installation you will need to configure the related files at /etc/munin path.  I will not be covering the manual installation details in this article , however the steps are not difficult and you can find plenty of articles covering them on internet.

Tags: , , , ,

Emails not getting delivered to inbox of yahoo, hotmail and gmail is a common problem that many users face due to different reasons, many times its IP reputation or the email activity on the shared environment.

spf and domainkeys can help with this situation to get the emails delivered directly to inbox. cPanel documentation has good definition for both of these terms :

DomainKeys An email authentication method that attempts to verify that a message actually came from the domain it appears to have come from.

SPF (Sender Policy Framework) A feature that allows a recipient server to verify that an email message has really been sent from the domain specified in the From: field. Enabling SPF can prevent your server from receiving replies to spam that has forged your domain name as part of the sender’s address. SPF only works if both the sending and receiving mail servers have SPF enabled.

To enable domain keys and spf cPanel provides built in scripts which can be used.

For root level handling below scripts are available which cna be used.

/usr/local/cpanel/bin/domain_keys_installer CPANELUSER
/usr/local/cpanel/bin/spf_installer CPANELUSER

Where CPANELUSER will be the actual cPanel user of the related account/domain.

Similarly below scripts can be used to uninstall/remove DomainKeys and SPF :

/usr/local/cpanel/bin/domain_keys_uninstaller CPANELUSER
/usr/local/cpanel/bin/spf_uninstaller CPANELUSER

For providing the option of enabling/disabling these at User level i.e. for clients to do it from their cPanel, the ‘Email Authentication‘ option will need to be enabled in WHM at below link :

WHM >> Packages >> Feature Manager

If you want the accounts to be created with both DomainKeys and SPF enabled by default then you can add this to /scripts/postwwwacct script. You will need to follow the syntax and format that cPanel requires for any post account creation setups in this script.

Other than adding these, follow some simple tips below for getting your email to third party providers Inbox instead of spam/junk folders :

– Make sure to create a proper RDNS/PTR entry for the main IP or the IP you are using for Exim in case its different
– Set the catchall address to ” :fail: ” ( without quotes )
– Reduce/Avoid setting up forwarders from the domain on the server/vps to third party provider emails

Have a nice Email experience !

Tags: , , , , ,