If /etc/fstab is correct, you can simply type:
# mount -n -o remount /
If /etc/fstab is wrong, you must give the device name and possibly the
type, too: e.g.
# mount -n -o remount -t ext4 /dev/sda3 /
Pacemaker / Corosync / DRBD Cheatsheet
Monitor the status:
crm_monMigrate all resources to another node:
crm resource migrate rg_main <fqdn_node_name>Take node offline and online (be careful, this sets a ‘prefer’ to the other node to force a transition, which may or may not get removed afterwards):
crm node standby
crm node onlineStart and stop all resources (warning, this will take them completely offline, NOT migrate):
crm resource stop rg_main
crm resource start rg_mainShow configuration:
crm configure showIf resources are stuck in ‘(unmanaged) FAILED’ state, e.g. due to a failed stop action, you can clear it out:
crm_resource -P
crm resource cleanup rg_mainBe careful — this could trigger a migration if the stuck resources were preventing one. Make sure you’re ready for one.
Monitor the cluster status along with fail counts:
crm_mon --failcountOne-shot status output:
crm statusCheck DRBD status:
cat /proc/drbdDRBD split-brain cleanup on secondary node:
drbdadm disconnect main
drbdadm -- --discard-my-data connect mainDRBD split-brain cleanup on primary node:
drbdadm disconnect main
drbdadm primary main
drbdadm connect mainScheduler optimizing on large arrays (untested):
echo deadline > /sys/block/sdb/queue/scheduler
echo 0 > /sys/block/sdb/queue/iosched/front_merges
echo 150 > /sys/block/sdb/queue/iosched/read_expire
echo 1500 > /sys/block/sdb/queue/iosched/write_expireExchange 2012 Allow Relay from IP
Enable mail relaying from a specific IP or range of IPs.
1. Exchange Management Console -> Server Configuration -> Hub Transport
2. New Receive Connector
* Set remote network to the IP or range you want to allow relay from (default is any IP so watch out here)
* “Externally Secured” authentication
* “Exchange Servers” permission group
* All other options disabled
Increasing max files or folders per directory on Linux EXT filesystem
If a (poorly coded) app reaches the maximum number of files or folders per directory in Linux, you may see errors like this:
Error happened when generating Download Link.
Please try again or Contact administrator.
(ERROR:mkdir)A quick and dirty way to increase the limit (and overall performance of the system) is to add the dir_index flag to the ext filesystem, then reindex:
tune2fs -O dir_index /dev/sda3
updatedb &Reset Supermicro IPMI password with ipmitool
This will set the ‘ADMIN’ user password back to default of ‘ADMIN’. You could set it to anything you want, this is just an example.
yum -y install ipmitool
modprobe ipmi_devintf
ipmitool -I open user set password 2 ADMINStrong Password Encryption in PHP
Don’t try to reinvent a complex and highly refined wheel, especially when customer data is involved. Please use phpass on any PHP project. (that’s PH-Pass)
http://www.openwall.com/phpass/
Good reading for password hashing in general.
Cpanel Apache Symlink Protection
wget http://layer1.rack911.com/before_apache_make -O /scripts/before_apache_make
chmod 700 /scripts/before_apache_make
## Rebuild apache (might want to do it thru WHM instead)
/scripts/easyapache --buildAS Number Stats on Linux
I’ve got a couple of Linux machines that are sitting outside of the Sflow ‘zone’ and AS traffic stats go unmeasured. I wanted to get a rough idea on the number of connections per AS number so here’s a little app that parses netstat and sorts AS numbers by number of connection.
NOTE1: This won’t work on Cpanel servers due to tmp restrictions.
NOTE2: Specify an alternative (e.g newer) GeoIPASNum.dat file with the –geo option.
wget http://djlab.com/stuff/asnum
chmod +x asnum
./asnumExample output:
[root@mx1 ~]# ./asnum
(18) | RFC1918 or BOGON
(11) | AS29889 Fast Serv Networks, LLC
(4) | AS3320 Deutsche Telekom AG
(2) | AS7922 Comcast Cable Communications, Inc.Quick and (very) dirty cron script
#!/bin.sh
#/root/doasnum.sh
#*/5 * * * * /root/./doasnum.sh >> /var/log/asnum.log
thedate=`date`
echo "***********************"
echo $thedate
/root/asnum
echo "***********************"Don’t forget to rotate the logs.
#/etc/logrotate.d/asnum
/var/log/asnum.log
{
rotate 7
daily
missingok
}Obfuscate or Encrypt Perl
There are 3 primary options:
1. Use PAR with PAR::Filter::Obfuscate or PAR::Filter::Crypto
2. Use Filter::Crypto::CryptFile (requires certain modules installed on target system)
3. Encrypt modules with Module::Crypt.
Clone a live linux system with Rsync over SSH
Update: 5/3/17 — Add additional notes for CentOS7 (dracut + grub2) and XenServer targets
All commands are run on new server.
1. Boot into rescue mode (iso, pxe, ect).
2. Create partitions with ‘fdisk /dev/sda’. Type 83 for non-RAID fs, 82 for swap, type fd in the case of RAID (all partitions). Flag boot partition as bootable.
In the case of SSD, add -S 32 -H 32 to the fdisk command and start the first partition on sector 2 for proper alignment.
If using RAID, duplicate the partition table after creating it on the first disk:
dd if=/dev/sda of=/dev/sdb bs=1 count=64 skip=446 seek=4462. Create RAID array (if applicable).
# For SSD, add: --chunk=128
mdadm --create /dev/md0 -e 0.90 --level=1 --raid-devices=2 /dev/sda1 /dev/sdb1 ## /boot
mdadm --create /dev/md1 -e 0.90 --level=1 --raid-devices=2 /dev/sda2 /dev/sdb2 ## Swap
mdadm --create /dev/md2 -e 0.90 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3 ## /3. Create filesystems
For spin disk:
mkfs.ext4 /dev/md0 # /dev/sda1 for non-RAID
mkfs.ext4 /dev/md2 # /dev/sda3 for non-RAIDFor SSD (non RAID):
mkfs.ext4 -b 1024 -E stride=128,stripe-width=128 -O ^has_journal /dev/sda1
mkfs.ext4 -b 1024 -E stride=128,stripe-width=128 -O ^has_journal /dev/sda3For SSD (RAID):
mkfs.ext4 -b 1024 -E stride=128,stripe-width=256 -O ^has_journal /dev/md0 ## stripe-width = stride x N disks
mkfs.ext4 -b 1024 -E stride=128,stripe-width=256 -O ^has_journal /dev/md2 ## stripe-width = stride x N disks4. Mount filesystems
mkdir /mount
mount /dev/md2 /mount ## /dev/sda3 for non-RAID
mkdir {/mount/boot,/mount/dev,/mount/sys,/mount/proc,/mount/tmp}
mount /dev/md0 /mount/boot ## /dev/sda1 for non-RAID5. Sync filesystems with Rsync over SSH (Ex: 1.2.3.4 is source machine)
rsync -aHxv --numeric-ids --progress root@1.2.3.4:/* /mount --exclude=/dev --exclude=/proc --exclude=/sys --exclude=/tmp
rsync -aHxv --numeric-ids --progress root@1.2.3.4:/boot/* /mount/boot --exclude=/dev --exclude=/proc --exclude=/sys --exclude=/tmp ## Only if /boot is on separate partition in source machineIf applicable: stop mysql on the source machine and resync the databases to prevent corruption:
rsync -aHxv root@1.2.3.4:/var/lib/mysql/* /mount/var/lib/mysql6. Update mdadm.conf
mdadm --examine --scan > /mount/etc/mdadm.conf7. Update fstab (if needed)
ls -la /dev/disk/by-uuid # to get new UUID's
vi /mount/etc/fstab8a. Install bootloader (CentOS5, CentOS6 / grub)
grub
root (hd0,0)
setup (hd0)
root (hd1,0) ## for RAID
setup (hd1) ## for RAID
exit8b. Install bootloader (CentOS7 / grub2)
Do step 10 (chroot) first, then this
grub2-install /dev/sda # Use correct device(s), repeat as neccesary
# Good time to clean up /etc/default/grub, then:
grub2-mkconfig -o /etc/grub2.cfg
# If migrating to Xen/XenServer:
dracut --add-drivers "xen-blkfront xen-netfront xen:vbd" --regenerate-all --force9. Optional: change IP address if both machines need to be online
vi /mount/etc/sysconfig/network-scripts/ifcfg-eth010. Hint: you can chroot into the cloned filesystem – for example – initramfs rebuilding:
cd /mount/
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/
chroot .11. Cross fingers, reboot
reboot