mysql_query(”SET character_set_results = ‘utf8′, character_set_client = ‘utf8′, character_set_connection = ‘utf8′, character_set_database = ‘utf8′, character_set_server = ‘utf8′”);
enable epel
wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
yum install glances
glances
http://repoforge.org/use/
rpm -ivh rpmf……rpm
yum install bonnie
bonnie -s 2000
yum install iperf
iperf -s
iperf -c [hostname/ip]
dd
if
=/dev/zero of=speetest bs=1M count=
1000
conv=fdatasync
hdparam -T/-t /dev/sda
#yum install conspy
#conspy 1
======= on public ip vps ===============================
#ip tunnel add gre1 mode gre local [public_ip] remote [openvz_ip]
#ifconfig gre1 192.168.1.1 pointopoint 192.168.1.2
#route add [local_ip] gw 192.168.1.2
*nat
:PREROUTING ACCEPT [25003:1664683]
:POSTROUTING ACCEPT [168001:10091407]
:OUTPUT ACCEPT [168000:10091367]
-A PREROUTING -d [public_ip] -p tcp -m tcp –dport 80 -j DNAT –to-destination [local_ip]:80
-A PREROUTING -d [public_ip] -p tcp -m tcp –dport 22 -j DNAT –to-destination [local_ip]:22
-A POSTROUTING -s [local_ip] ! -d [public_ip] -j SNAT –to-source [public_ip]
COMMIT
#ifconfig gre1 192.168.1.2 pointopoint 192.168.1.1
# /sbin/ip rule add from [local_ip] table gre_1 # /sbin/ip route add throw [openvz_ip] table gre_1 # /sbin/ip route add default via 192.168.1.1 table gre_1
PowerDNS pdns
wget http://downloads.powerdns.com/releases/pdns-3.3.1.tar.gz
tar -zxvf pdns-3.3.1.tar.gz
cd pdns-3.3.1
./configure –with-modules=”gmysql” –without-lua
make && make install
vi /usr/local/etc/pdns.conf
launch=gmysql
#gmysql-host=127.0.0.1
gmysql-socket=/var/run/mysql/mysql.sock
gmysql-user=xxx
gmysql-dbname=pdns
gmysql-password=xxx
——– SQL ———
CREATE TABLE `records` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`domain_id` int(11) DEFAULT NULL,
`name` varchar(255) DEFAULT NULL,
`type` varchar(10) DEFAULT NULL,
`content` varchar(64000) DEFAULT NULL,
`ttl` int(11) DEFAULT NULL,
`prio` int(11) DEFAULT NULL,
`change_date` int(11) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `nametype_index` (`name`,`type`),
KEY `domain_id` (`domain_id`)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=latin1
CREATE TABLE `domains` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL,
`master` varchar(128) DEFAULT NULL,
`last_check` int(11) DEFAULT NULL,
`type` varchar(6) NOT NULL,
`notified_serial` int(11) DEFAULT NULL,
`account` varchar(40) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name_index` (`name`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1
+—-+————–+——–+————+——–+—————–+———+
| id | name | master | last_check | type | notified_serial | account |
+—-+————–+——–+————+——–+—————–+———+
| 1 | macatung.com | NULL | NULL | NATIVE | NULL | NULL |
+—-+————–+——–+————+——–+—————–+———+
+—-+———–+——————-+——+——————————-+——-+——+————-+
| id | domain_id | name | type | content | ttl | prio | change_date |
+—-+———–+——————-+——+——————————-+——-+——+————-+
| 1 | 1 | macatung.com | SOA | localhost info@macatung.com 1 | 86400 | NULL | NULL |
| 2 | 1 | macatung.com | NS | ns1.macatung.com | 86400 | NULL | NULL |
| 3 | 1 | macatung.com | NS | ns2.macatung.com | 86400 | NULL | NULL |
| 4 | 1 | www.macatung.com | A | 127.0.0.1 | 120 | NULL | NULL |
| 5 | 1 | mail.macatung.com | A | 127.0.0.2 | 120 | NULL | NULL |
| 6 | 1 | macatung.com | MX | mail.macatung.com | 120 | 5 | NULL |
+—-+———–+——————-+——+——————————-+——-+——+————-+
apache mod proxy
ProxyPass /g2auth http://127.0.0.1:808/g2auth
ProxyPreserveHost On
——————————————-
ProxyPass /cacti http://192.168.205.1/cacti
ProxyPassReverse /cacti http://192.168.205.1/cacti
ProxyPass /nagios http://192.168.205.1/nagios
ProxyPassReverse /nagios http://192.168.205.1/nagios
PAM on Slackware
mount -o loop slackware1337.iso /mnt
installpkg /a/ap/l/d/n/*.txz
cd /mnt/extra/source/pam
./pam.SlackBuild
installpkg /tmp/pam-1.1.3-x86_64-1.txz
——————-
cp -R /mnt/source/a/shadow /tmp/shadow
cd /tmp/shadow
edit shadow.SlackBuild
insert “read -p ‘Modify code now. Enter when complete…’” before ./configure
./shadow.SlackBuild
When asked for Modify code, open new ssh session, modify code on /tmp/shadow-4.1.4.3/libmisc/chkname.c
save / close ssh session
press Enter on other ssh session
removepkg shadow
installpkg /tmp/shadow-4.1.4.3-x86_64.txz
cd /etc/pam.d
root@slax:/etc/pam.d# cat login
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat common-auth
auth sufficient pam_unix.so
auth required pam_deny.so
root@slax:/etc/pam.d# cat common-account
account sufficient pam_unix.so
account required pam_permit.so
root@slax:/etc/pam.d# cat common-password
password sufficient pam_unix.so
password required pam_deny.so
root@slax:/etc/pam.d# cat common-session
session sufficient pam_mkhomedir.so skel=/etc/skel umask=0022
session sufficient pam_unix.so
session required pam_deny.so
root@slax:/etc/pam.d#login
edit /etc/login.defs , comment (#) out warnings
root@slax:/etc/pam.d# cat sshd
#%PAM-1.0
auth required pam_google_authenticator.so try_first_pass forward_pass secret=${HOME}/otp/.google_authenticator
auth required pam_unix.so use_first_pass
#auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat su
#%PAM-1.0
auth sufficient pam_rootok.so
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat passwd
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat useradd
#%PAM-1.0
auth sufficient pam_rootok.so
account required pam_permit.so
password include common-password
———————-
open-ssh, edit slackBuid, replace –without-pam with –with-pam, edit sshd_config , UsePAM yes
# cat /etc/pam.d/sshd
#%PAM-1.0
auth sufficient pam_radius_auth.so
account required pam_unix.so
account required pam_permit.so
password sufficient pam_unix.so
password required pam_deny.so
session sufficient pam_unix.so
session required pam_deny.so
MySQL Master-Master replication:
Master-1 IP: 0.0.0.1
Master-2 IP: 0.0.0.2
Master-1 my.cnf configuration:
log-bin
log_warnings
log_slow_queries = /var/lib/mysql/slow.log
long_query_time = 5
tmpdir = /tmp
server-id = 1
auto_increment_increment = 2
auto_increment_offset = 1
relay-log = mysql-relay-bin
Master-2 my.cnf configuration:
log-bin
log_warnings
log_slow_queries = /var/lib/mysql/slow.log
long_query_time = 5
tmpdir = /tmp
server-id = 2
auto_increment_increment = 2
auto_increment_offset = 2
relay-log = mysql-relay-bin
Replication procedure:
1st setup Master1 as Master and Master2 as slave for Master-1:
Follow below steps:
On Master-1:
Step 1: mysql> grant replication slave on *.* to ‘replicationuser1′@’0.0.0.2′ identified by ‘password’;
Step 2: mysql> show master status;
It shows file name and position, Use these records on Master-2 to run it as slave for Master-1.
Step 3: Now log on to master-2 and run the below query:
CHANGE MASTER TO MASTER_HOST=’0.0.0.1′, MASTER_USER=’replicationuser1′,MASTER_PASSWORD=’password’, MASTER_LOG_FILE=’mysql-bin.000017′,MASTER_LOG_POS=751;
Step 4: start slave
Step 5: show slave status \G
On this status, the following 2 records should be as follows
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
These 2 records indicates Replication status. If these parameters show “Yes” that means replication is running successfully.
Setup Master2 as Master and Master1 as slave for Master-2:
On Master-2 server:
Step 1: mysql> grant replication slave on *.* to ‘replicationuser2′@’0.0.0.1′ identified by ‘password’;
Step 2: mysql> show master status;
Step 3: Now log on to master-1 and run the below query:
CHANGE MASTER TO MASTER_HOST=’0.0.0.2′, MASTER_USER=’replicationuser2′,MASTER_PASSWORD=’password’, MASTER_LOG_FILE=’mysql-bin.000002′,MASTER_LOG_POS=536;
Step 4: start slave
Step 5: show slave status \G
The following parameters should show “Yes”, so that replication is running successfully
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
On both servers “slave_IO_Running” and “slave_SQL_Running” parameters should always be “Yes” for successful Master-Master Replication.
[root@api01 ~]# cat /etc/snmp/mysql.sh
#!/bin/bash
if [ "$1" == "processlist" ]; then
echo -n “0″
echo “select count(id) from information_schema.processlist;” | mysql –defaults-extra-file=/root/my.key | tail -n 1
exit
fi
echo “update SYNC.SYNC set Dt=NOW() where id=1;” | mysql –defaults-extra-file=/root/my.key > /dev/null 2>&1
echo “show slave status\G;” | mysql –defaults-extra-file=/root/my.key | grep Read_Master | awk ‘{print 0$2}’
create database SYNC;
create table SYNC (id int, dt datetime);
exec mysqlslave /etc/snmp/mysql.sh
exec mysqlprocess /etc/snmp/mysql.sh processlist
===== mysql 8.x
root@mysql02:~# while true; do if [[ $(mysql -e "SHOW SLAVE STATUS\G" | grep "Last_SQL_Error:" | grep -c "test.sync") -gt 0 ]]; then mysql -e “STOP SLAVE; SET GLOBAL SQL_SLAVE_SKIP_COUNTER = 1; START SLAVE;”; else break; fi; sleep 1; done
====
This is the full step-by-step procedure to resync a master-slave replication from scratch:
At the master:
RESET MASTER;
FLUSH TABLES WITH READ LOCK;
SHOW MASTER STATUS;
And copy the values of the result of the last command somewhere.
Wihtout closing the connection to the client (because it would release the read lock) issue the command to get a dump of the master:
mysqldump -uroot -p --all-databases > /a/path/mysqldump.sql
Now you can release the lock, even if the dump hasn’t end. To do it perform the following command in the mysql client:
UNLOCK TABLES;
Now copy the dump file to the slave using scp or your preferred tool.
At the slave:
Open a connection to mysql and type:
STOP SLAVE;
Load master’s data dump with this console command:
mysql -uroot -p < mysqldump.sql
Sync slave and master logs:
RESET SLAVE;
CHANGE MASTER TO MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=98;
Where the values of the above fields are the ones you copied before.
Finally type
START SLAVE;
And to check that everything is working again, if you type
SHOW SLAVE STATUS;
you should see:
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
That’s it!
#lspci
01:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)
01:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)
02:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)
02:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20)
03:00.0 RAID bus controller: LSI Logic / Symbios Logic MegaRAID SAS 2108 [Liberator] (rev 05)
08:03.0 VGA compatible controller: Matrox Electronics Systems Ltd. MGA G200eW WPCM450 (rev 0a)