Archive for December, 2013

24
Dec

mysql master master replication

   Posted by: admin    in Mẹo vặt của hiếu râu

MySQL Master-Master replication:
Master-1 IP: 0.0.0.1
Master-2 IP: 0.0.0.2

Master-1 my.cnf configuration:

log-bin=/usr/local/mysql/log/mysql-bin

log_warnings

log_slow_queries = /usr/local/mysql/log/slow.log

long_query_time = 5

log_long_format

tmpdir = /tmp

server-id = 1

log_slave_updates

replicate-same-server-id = 0
auto_increment_increment = 10
auto_increment_offset = 1
relay-log = mysql-relay-bin

Master-2 my.cnf configuration:

log-bin=/usr/local/mysql/log/mysql-bin

log_warnings

log_slow_queries = /usr/local/mysql/log/slow.log

long_query_time = 5

log_long_format

tmpdir = /tmp

server-id = 2

replicate-same-server-id = 0

auto_increment_increment = 2

auto_increment_offset = 2

relay-log = mysql-relay-bin

Replication procedure:

1st setup Master1 as Master and Master2 as slave for Master-1:

Follow below steps:
On Master-1:

Step 1: mysql> grant replication slave on *.* to ‘replicationuser1′@’0.0.0.2′ identified by ‘password’;

Step 2: mysql> show master status;
It shows file name and position, Use these records on Master-2 to run it as slave for Master-1.

Step 3: Now log on to master-2 and run the below query:

CHANGE MASTER TO MASTER_HOST=’0.0.0.1′, MASTER_USER=’replicationuser1′,MASTER_PASSWORD=’password’, MASTER_LOG_FILE=’mysql-bin.000017′,MASTER_LOG_POS=751;

Step 4: start slave
Step 5: show slave status \G

On this status, the following 2 records should be as follows
Slave_IO_Running: Yes
Slave_SQL_Running: Yes

These 2 records indicates Replication status. If these parameters show “Yes” that means replication is running successfully.

Setup Master2 as Master and Master1 as slave for Master-2:

On Master-2 server:

Step 1: mysql> grant replication slave on *.* to ‘replicationuser2′@’0.0.0.1′ identified by ‘password’;

Step 2: mysql> show master status;

Step 3: Now log on to master-1 and run the below query:
CHANGE MASTER TO MASTER_HOST=’0.0.0.2′, MASTER_USER=’replicationuser2′,MASTER_PASSWORD=’password’, MASTER_LOG_FILE=’mysql-bin.000002′,MASTER_LOG_POS=536;
Step 4: start slave
Step 5: show slave status \G

The following parameters should show “Yes”, so that replication is running successfully

Slave_IO_Running: Yes
Slave_SQL_Running: Yes

On both servers “slave_IO_Running” and “slave_SQL_Running” parameters should always be “Yes” for successful Master-Master Replication.

http://rajesh9333.wordpress.com/2013/09/12/mysql-master-master-replication-on-redhat-and-centos-servers/

This is the full step-by-step procedure to resync a master-slave replication from scratch:

At the master:

RESET MASTER;
FLUSH TABLES WITH READ LOCK;
SHOW MASTER STATUS;

And copy the values of the result of the last command somewhere.

Wihtout closing the connection to the client (because it would release the read lock) issue the command to get a dump of the master:

mysqldump -uroot -p --all-databases > /a/path/mysqldump.sql

Now you can release the lock, even if the dump hasn’t end. To do it perform the following command in the mysql client:

UNLOCK TABLES;

Now copy the dump file to the slave using scp or your preferred tool.

At the slave:

Open a connection to mysql and type:

STOP SLAVE;

Load master’s data dump with this console command:

mysql -uroot -p < mysqldump.sql

Sync slave and master logs:

RESET SLAVE;
CHANGE MASTER TO MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=98;

Where the values of the above fields are the ones you copied before.

Finally type

START SLAVE;

And to check that everything is working again, if you type

SHOW SLAVE STATUS;

you should see:

Slave_IO_Running: Yes
Slave_SQL_Running: Yes

That’s it!

http://stackoverflow.com/questions/2366018/how-to-re-sync-the-mysql-db-if-master-and-slave-have-different-database-incase-o

17
Dec

Linux Disk Monitoring - SMARTCTL

   Posted by: admin    in Mẹo vặt của hiếu râu

#lspci

01:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)

01:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)

02:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)

02:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)

03:00.0 RAID bus controller: LSI Logic / Symbios Logic MegaRAID SAS 2108 [Liberator] (rev 05)

08:03.0 VGA compatible controller: Matrox Electronics Systems Ltd. MGA G200eW WPCM450 (rev 0a)

#smartctl -d megaraid,0 -a /dev/sda
#smartctl -d megaraid,2 -a /dev/sda
#smartctl -d megaraid,3 -a /dev/sda
Vendor:               SEAGATE
Product:              ST3146855SS
Revision:             0002
User Capacity:        146,815,737,856 bytes [146 GB]
Logical block size:   512 bytes
Logical Unit id:      0×5000c50002fc27b3
Serial number:        3LN2T8WQ000098183TGT
Device type:          disk
Transport protocol:   SAS
Local Time is:        Tue Dec 17 09:27:58 2013 ICT
Device supports SMART and is Enabled
Temperature Warning Enabled
SMART Health Status: OK
Current Drive Temperature:     37 C
Drive Trip Temperature:        68 C
———————-
google MegaCLI linux IBM Support download
;
#rpm -ivh Lib_Utils-1.00-09.noarch.rpm
#rpm -e srvadmin-storelib-sysfs
#rpm -ivh MegaCli-8.04.10-1.noarch.rpm
#cd /opt/MegaRAID/MegaCli/
———————
follow this script
#./megalsi.sh status
Adapter 0 — Virtual Drive Information:
Virtual Drive: 0 (Target Id: 0)
Name                :
RAID Level          : Primary-5, Secondary-0, RAID Level Qualifier-3
Size                : 272.25 GB
Parity Size         : 136.125 GB
State               : Optimal
Strip Size          : 64 KB
Number Of Drives    : 3
Span Depth          : 1
—————-
# ./megalsi.sh drives
Slot Number: 0 - Online, Spun Up
Slot Number: 1 - Online, Spun Up
Slot Number: 2 - Online, Spun Up
Slot Number: 3 - Hotspare, Spun Up
16
Dec

sshd 5 on Centos 5

   Posted by: admin    in Mẹo vặt của hiếu râu

# yum install gcc
# yum install openssl-devel
# yum install pam-devel
# yum install rpm-build

http://vault.centos.org download the source package

mc src.rpm -> containIO -> F5 the source .tar.bz2

tar -jxvf openssh-5.3p1-noacss.tar.bz2

cd openssh-5.3p1

# cp contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
# cp ../openssh-5.3p1-noacss.tar.bz2 /usr/src/redhat/SOURCES/openssh-5.3p1.tar.bz2
# cd /usr/src/redhat/SPECS
# perl -i.bak -pe ’s/^(%define no_(gnome|x11)_askpass)\s+0$/$1 1/’ openssh.spec
# rpmbuild -bb openssh.spec
# cd /usr/src/redhat/RPMS/

rpm -Uvh openssh-*.rpm ; chu y, co the die service sshd

/usr/sbin/sshd -p 443

16
Dec

sudoers

   Posted by: admin    in Mẹo vặt của hiếu râu

# %wheel        ALL=(ALL)       NOPASSWD: ALL

thttpd  ALL=(ALL)    NOPASSWD: /bin/ls, /bin/w, /bin/whoami

Defaults:thttpd        !requiretty

14
Dec

VNC linux

   Posted by: admin    in Mẹo vặt của hiếu râu

yum install vnc-server

vi /etc/sysconfig/vncservers

VNCSERVERS=”2:root”

#VNCSERVERARGS[2]=”-geometry 1080×720″

VNCSERVERARGS[2]=”-geometry 1280×960″

# -nolisten tcp -nohttpd -localhost”

————-
mkdir /root/.vnc
cd /root/.vnc
vncpasswd
vi xtartup
yum install gnome-session
#!/bin/sh
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#setroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
#twm &
gnome-wm &
7
Dec

vmstat - Linux IO monitoring

   Posted by: admin    in Mẹo vặt của hiếu râu

[root@proxy4 ~]# vmstat 2

procs ———–memory———- —swap– —–io—- –system– —–cpu—–

r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st

0  0   2568 154420 163468 1357600    0    0     0    36    1   10  1  0 97  1  0

0  0   2568 154420 163468 1357600    0    0     0    28   59   97  1  0 99  0  0

2  0   2568 153464 163468 1357600    0    0     0    54  112  183  4  1 95  0  0

0  0   2568 153416 163468 1357600    0    0     0     0   80  107  2  1 97  0  0

------------SSH-----------
# yum install pam-devel make gcc-c++ wget
https://google-authenticator.googlecode.com
# tar -jxvf libpam-google-authenticator-1.0-source.tar.bz2
# cd libpam-google-authenticator-1.0
# make
# make install
# google-authenticator
Open the PAM configuration file ‘/etc/pam.d/sshd‘ and add the to the top .
auth       required     pam_google_authenticator.so

Open file ‘/etc/ssh/sshd_config

ChallengeResponseAuthentication yes
restart sshd-> done
----------------vsftpd use password as PIN+OTP--------------------
auth       required     pam_google_authenticator.so try_first_pass forward_pass
https://github.com/chregu/GoogleAuthenticator.php/blob/master/example.php

——————- sFTP ——————

Subsystem     sftp   internal-sftp
Match Group sftpgroup
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no
—–
%h = HOME_DIR 755 root:root,
mkdir public_html, chown user:sftpgroup public_html
usermod -g sftpgroup user
mkdir otp; chown user
mv .google_au* otp
/etc/pam.d/sshd
auth required pam_google_authenticator.so \
try_first_pass forward_pass \
secret=${HOME}/otp/.google_authenticator

————— Apache ——————-

svn checkout http://google-authenticator-apache-module.googlecode.com/svn/trunk/ google-authenticator-apache-module-read-only
make; make install
Loadmodule authn_google_module modules/mod_authn_google.so
.htaccess
AuthType Basic
AuthName "BasicAuth with OTP"
AuthBasicProvider "google_authenticator"
Require valid-user
GoogleAuthUserPath /home/www/xxx/otp/site
GoogleAuthCookieLife 3600
GoogleAuthEntryWindow 4
--file /home/www/xxx/otp/site/username--
ZZZAAAOTPPINCODEAAAZZZ
"PASSWORD=mySecret
------
auth with username, password = mySecret+OTP