Posts Tagged ‘linux’

DRBD with OCFS2 and fstab

Sunday, May 28th, 2017

Two-nodes active/active DRBD cluster implemented on Debian Jessie with OCFS2 on top of it, so the file system can be mounted and accessed on both nodes at the same time. Sounds like a easy-peasy task considering the amount of articles on the web (mainly copy/paste of the same content though).

So, you finish with the setup, everything is synced and shiny, you edit fstab, perform the final reboot, and… oopsie daisy, nothing is mounted. You start digging into _netdev direction, or suspecting that perhaps an order in which drbd and ocfs2 are started is to blame, or putting mount stanza into rc.local — none of this helps. You might even come up with an excuse that you will not reboot those servers often, however, the fact that you need to manually perform some post-reboot actions doesn’t sound promising at all. Particularly if it’s an unexpected reboot over a weekend. Particularly if it happened some years after the installation hence you need to find (and most importantly, keep in mind about) those notes. Particularly if you already quit this job, and there is another poor fella taking care of the servers. And finally, to make things even more complicated, you might have services that actually depend on the availability of the mounted drive after the reboot (Apache or Samba for example).

Obviously, this needs to be fixed once and for all, and I have good news for you. :) If you were vigilant enough during troubleshooting you’d notice that a) if you try to mount the drive through /etc/rc.local there will be a warning thrown at boot time (something about missing device), and b) when you mount drbd drive manually it’s not mounted instantly — there is several seconds delay before the disk is successfully attached. That brought me to the suspicion that perhaps drbd is actually not ready at the time mount in /etc/rc.local is executed, and by deliberately introducing some delay things can be improved. And voila — it really did seem to do the trick!

Here is my /etc/fstab entry:

  1. /dev/drbd0   /var/www   ocfs2   noauto,noatime   0   0

And here is my /etc/rc.local introducing 30 seconds delay prior to mount, to give enough time for DRBD to cool down:

  1. sleep 30
  2. mount /dev/drbd0
  3. exit 0

Now, I’m not sure whether this is by design, since DRBD nodes do have to communicate with each other (initial election and/or sync), and that contributes to the delay in creating /dev/drbd0, OR, my environment is generally slow (everything is virtualized on not-so-super-fast SATA drives), but it works.

Viewing package ChangeLog with rpm

Monday, April 4th, 2016

Here is how to view the ChangeLog of installed package using rpm under CentOS:

  1. rpm -q —-changelog libuuid-2.23.2-26.el7_2.2.x86_64 | more
  2.  
  3. * Wed Mar 16 2016 Karel Zak <kzak@redhat.com> 2.23.2-26.el7_2.2
  4. – fix #1317953 – lslogins crash when executed with buggy username

Same applies to the kernel. By adding -p switch you can actually check the rpm file itself without installing it:

  1. rpm -qp —-changelog kernel-plus-3.10.0-327.13.1.el7.centos.plus.x86_64.rpm | more
  2.  
  3. * Thu Mar 31 2016 Akemi Yagi <toracat@centos.org> [3.10.0-327.13.1.el7.centos.plus]
  4. – Apply debranding changes
  5. – Roll in i686 mods
  6. – Modify config file for x86_64 with extra features turned on including

Unattended installation of CentOS 7 with Kickstart

Sunday, March 13th, 2016

While setting up my first Hadoop cluster I faced with the dilemma of how to perform installations of CentOS 7 on multiple servers at once. If you have 20 data nodes to deploy, anything you chose to automate an installation will greatly reduce the deployment time, but most importantly, it will eliminate the possibility of human error (typo for example).

Initially, I started looking at the disk cloning direction. Since all my data nodes are identical, I was thinking to prepare one data node server, then dd the system drive, place it on a NFS share, boot the server and re-image the system drive using dd image from the share. Clonezilla and DRBL seem to be the perfect pair for a such scenario. And although you will spend some time configuring, testing and tuning it, it was still worth to look into it.

Then I realized that even if I manage to establish the setup above, I’ll still have to deal with manual post-installation tweaks, like regeneration of SSH keys and probably adjusting of MAC addresses. On top of that, to transfer raw dd image (in my case it was ~30GB) might take longer than initial installation itself. Therefore I ended up using Kickstart method. I’m pretty sure there are more efficient solutions and if you happen to know one I’d love to hear your comments.

(more…)

Configuring shared network with DHCP

Monday, August 20th, 2012

Say you have a DHCP server in the LAN serving /24 network and one day you’re running out of IP addresses. You want to add additional /24 network that should be distributed in the same LAN. Ugly, but what to do.

According to man dhcpd.conf:

The shared-network statement is used to inform the DHCP server that some IP subnets actually share the same physical network. Any subnets in a shared network should be declared within a shared-network statement. Parameters specified in the shared-network statement will be used when booting clients on those subnets unless parameters provided at the subnet or host level override them. If any subnet in a shared network has addresses available for dynamic allocation, those addresses are collected into a common pool for that shared network and assigned to clients as needed. There is no way to distinguish on which subnet of a shared network a client should boot.

Here is how you add additional network to be included into DHCP scope. Done on Ubuntu 9.10 (karmic) and ISC DHCP v3.1.2.

  1. shared-network "officea01" {
  2.   option domain-name "officea01.domain.org";
  3.   option domain-name-servers 192.168.1.1;
  4.     subnet 192.168.1.0 netmask 255.255.255.0 {
  5.       authoritative;
  6.       option routers 192.168.1.1;
  7.       allow unknown-clients;
  8.       range 192.168.1.10 192.168.1.254;
  9.     }
  10.     subnet 192.168.2.0 netmask 255.255.255.0 {
  11.       authoritative;
  12.       option routers 192.168.1.1;
  13.       allow unknown-clients;
  14.       range 192.168.2.10 192.168.2.254;
  15.     }
  16.   }

Instructions below are not necessary, however I decided to add an alias to the LAN interface so I can see 192.168.2.0/24 addresses in the ARP table.

  1. ifconfig eth1:0 192.168.2.1 netmask 255.255.255.0 up

And to make it permanent edit /etc/network/interfaces:

  1. auto eth1:0
  2. iface eth1:0 inet static
  3. address 192.168.2.1
  4. netmask 255.255.255.0
  5. broadcast 192.168.2.255
  6. network 192.168.2.0

Selective NAT with iptables

Thursday, January 6th, 2011

Here is a quick note on how to exclude one particular network from the NAT while the rest to be remained NATed. Done on Ubuntu with iptables running.

  1. iptables -t nat -A POSTROUTING -o eth0 ! -d 10.0.0.0/8 -j MASQUERADE

In case you need one more network to be excluded:

  1. iptables -t nat -A POSTROUTING -o eth0 -d 192.168.0.0/16 -j RETURN
  2. iptables -t nat -A POSTROUTING -o eth0 ! -d 10.0.0.0/8 -j MASQUERADE

Injecting multiple networks into VPN tunnel

Wednesday, January 5th, 2011

We have a number of IPSec tunnels running on Linux Ubuntu with Openswan installed. Here is the typical configuration for a site:

(more…)