| January 28, 2013
No comments

A better status bar for irssi

IRC is pretty great, and my client of choice is irssi – I can get my chat on inside a console window, running locally or remote over SSH. Since I’m a linux guy, it might even look like i’m doing work while I have irssi open; and since Linux folks gather around IRC for support (developers and users alike), I might actually be doing work when that window is open.

It’s not easy to use for beginners though, and even as a competent user I find the statusbar to be a little weak. I did some googling, and one thing that kept popping up was this “Advanced Window List” script, but i couldn’t find a homepage for it, other than the code. No description, no documentation, no screenshot. Fortunately, Evgeni Golov over at http://www.die-welt.net/ has us covered. Check out his post on the Advanced Windows List.

Evgeni doesn’t mention that putting the script in ~/.irssi/scripts means you have to issue /script load adv_windowlist.pl EVERY time you start irssi. Do yourself a favor and put the file in the ~/.irssi/scripts/autorun directory instead.

Also, he notes that you should change the awl_display_nokey and _key entries; this is good, but the default isn’t SO bad, if you have a billion windows open. I try to keep it under 10 windows at any time, so I found the following setting to be about right for my needs;

/set awl_display_key [$H$N$S]$H$C$S

You can set “awl_display_nokey” to the same value; i’m not sure what the difference is. The adv_windowlist.pl file has comments at the top that very helpfully define all the expandable variables that you can use; however, it does not help in understanding ALL of the options.

One final note – If you find that you are curious about what a variable contains before you /set it, you can do /eval echo $variable to display it.

Category: Uncategorized |
| October 18, 2012
No comments

PHP Weathermap


You guys, PHP Weathermap is awesome.

You might be rocking Cacti in your environment to keep tabs on bandwidth utilization, but here’s the problem with that: You can’t just stare at a grid of Cacti graph thumbnails and intuit a problem.

PHP Weathermap bridges the gap. Between the web-based visual editor (included) and the docs / your favorite text editor, you place your nodes and define links. The links reference the RRD files you are already populating with Cacti.

I got it set up in my lab. I can keep track of:

  • Utilization of the my internet connection at the gateway
  • Utilization of the wireless link between my upstairs / downstairs (Thanks DD-WRT!)
  • Bandwidth utilization of all my VMs
  • VMotion bandwidth, as well as iSCSI bandwidth between the ESX nodes and the SAN

Installation is cake. Just follow the docs.

Defining a simple map is pretty easy, especially if you’re using data that you already have in Cacti.It got a little hairy for me because I have some crossover cables in the mix between the ESX nodes and from each node to the SAN. Creating the map is a lot like editing a visio doc, without the helpful interface. You can’t really snap to grid, making the links not trample eachother / be readable is a challenge. Fortuantely, you can edit your config in vi and see the results by refreshing the page.

What’s interesting is that you don’t necessarily have to graph bandwidth. The tool is flexible enough; if you can gather / store data about it with Cacti you can represent it with Weathermap.

Next up, I want to see if i can integrate Nagios status on the same map. I know about nagvis, but i’d like to have a single map with everything on there. In the mean time, next time Netflix is slow, I’ll have a place to start looking. :)

–bschaefe

Category: Uncategorized |
| October 15, 2012
No comments

Creating a multi-os LiveUSB thumb drive with GRUB2

In the beginning…

… there was a LiveCD. Then, there was dd and USB sticks. Now, there are a few GUI options out there to help you go from Live ISO to LiveUSB stick. However, only a few will help you do multiple distros on the same stick; xboot and yumi come to mind, but they’re windows only.

Having recently come into an extra 64GB USB Thumb Drive (Sandisk Cruzer), I figured I finally have time / space to create a multiboot USB stick that will allow me to “be prepared” with both Live environments and install capabilities. I managed to cram all of the following into a single USB stick with a single GRUB2 menu:

  • Darick’s Boot and Nuke (DBAN)
  • SystemRescueCD
  • Backtrack 5R3 KDE (32 and 64)
  • Fedora 17 KDE Live (32 and 64)
  • Fedora 17 LXDE Live (32 and 64)
  • Fedora 17 XFCE Live (32 and 64)
  • Ubuntu 12.04 Live (32 and 64)
  • CentOS 6.3 DVD1 (32 and 64)

I feel like this thumb drive has me prepared for the following situations:

  • Fixing PCs at family events (it’s inevitable)
  • Installing CentOS on spare PCs for use as servers
    • or occasionally, on my fileserver which had a bad disk for root
  • My occasional forray into BackTrack, which is a lot of fun to play with
  • Creating more unordered lists on my blog

Click below and I’ll share what I’ve learned, some examples, and even my current grub.cfg.

Read more

Category: Uncategorized |
| October 2, 2012
No comments

X Forwarding Through Multiple SSH hops

Just ran across a great article that lays x-forwarding wide open: http://factorial.hu/articles/20080302/more-robust-remote-x-tunneling. The way I access my lab is to PuTTY from my workstation at the office to my home lab, where I have a jump server. From the jump, I run tmux, mutt, irssi, and ssh to all my other lab boxes. I wanted to play with an x aplication on a lab sevrer, but didn’t want to poke yet another hole in the firewall.

Using the information in the link above, I got things working like this:

  • Open SSH connection to home jump, with a remote forward. Jump server will listen on port 6000 and forward this back across my SSH tunnel to my workstation at the office, which has an X server listening on 6000
  • Open SSH connection from jump to app server, with a remote forward again. App server will forward localhost 6000 back to the SSH origin on 6000.

To recreate this:

  1. Edit the putty settings. Under Connection->SSH->Tunnels, select Remote underneath Destination.
  2. Populate Source Port with 6000
  3. Populate Destination with localhost:6000
  4. Save the changes.
  5. Log in to your jump server via the newly configured putty session.
  6. Issue “ssh -R 6000:localhost:6000 remotehost”, where remotehost is the server where you’ll be running an x application.
  7. You can do this as many times as you need, but performance will suffer with each hop.
  8. Make sure your DISPLAY variable is set – we’re doing port 6000, so that’s localhost:0. 6001 would be localhost:1, and on up.
  9. Launch the app – xeyes is great for testing functionality, as is xterm.

This even works through TMUX. :)

More tips:

  • Enable compression between the most bottlenecked part. You don’t want compression between the nodes on the LAN, probably just across the WAN. In my case, this meant checking the compression option in PuTTY from my workstation at work to my home lab, but not using the -C option from my jump server to the app server.
  • Use blowfish encryption. It’s reasonably secure, and it provides another little boost in speed between the links. You’ll want to re-order your ciphers in PuTTY AND use the “-c blowfish-cbc” option between links on the lan.
Category: Uncategorized |
| October 2, 2012
No comments

Daniel Robbins’ Introduction to Sed

Courtesy Reddit’s /r/commandline, here’s a set of three articles introducing you to sed. Daniel start of slow and builds steam quickly, showing by example the power of sed. He covers backreferences, and something new to me, inserting before / appending after a line.

I mostly just do the usual “sed -e ‘s/foo/bar/g’”, but it was nice to see examples of the more advanced features.

Part 1 – http://www.ibm.com/developerworks/linux/library/l-sed1/
Part 2 – http://www.ibm.com/developerworks/linux/library/l-sed2/
Part 3 – http://www.ibm.com/developerworks/linux/library/l-sed3/

Category: Uncategorized |
| September 21, 2012
No comments

Taking TMUX to the next level

Tmux is the hottest terminal multiplexer since Screen. Why is tmux good?

  • Vertical splits. Nuff said.
  • You can un-split a window and send the extra pane to a new window

Status bar enhancements

I like my status bar to have a little more info. Here’s what it looks like: 

scom:[0] 0:irssi*                                    Load: 0.00,/0.01,/0.05 Memory: 145/1352 Bw: 0.21/0.00/6912.00 10:27 04-Oct-11

There are a couple things you need to do this. First, set up your tmux.conf like this: 

set -g status-left "#H:[#S]"
set -g status-left-length 10
set -g status-right "#(tmuxload) #(tmuxmem) Bw: #(tmuxbw) %H:%M %d-%b-%y"
set -g status-right-length 90

This sets the left hand status to hostname:[session name], with a max length of 10. I don’t name my sessions, so it’s [0] in the above sample. The next line sets the right hand status. The stuff in #() is executed and the result is displayed. I wrote custom scripts to put in there, but that could almost as easily be a simple bash one-liner. The far right is the date.

Subscripts

You’ll need these subscripts to get the status bar update to work. I stick them in /usr/local/bin, follow your heart (and your $PATH)

tmuxbw

Uses bwm-ng to gather interface stats. At the end, where you see “7077888/1024″, this value should represent your total bandwidth. The value provided is for a 54Mbps wireless link – that was the bottleneck for my server. You could use the output of mii-tool to programatically populate this, or you could calculate it for a known bottleneck, such as a wireless router or your cable modem. The output from bwm-ng is in bytes, so we use awk to divide by 1024 for KB. Therefore, if you want the bw chart to be of meaning, the final value should be the saturation value of <whatever bottleneck> in KBps. 

#!/bin/bash
bwm-ng -o csv  -c1 u bytes -I eth0 | awk -F';' 'NR>1{exit}; 1{printf "%.2f/%.2f/%.2f\n", $4/1024, $3/1024, 7077888/1024}'

tmuxload

Grabs the 3 last fields from the “uptime” command – the load. 

#!/bin/bash
uptime | awk '{print "Load: "$(NF-2)"/"$(NF-1)"/"$NF}'

tmuxmem

Expresses free memory, in MB, accounting for buffers / cache. 

#!/bin/bash
free -m | grep "buffers.cache" | awk '{print "Memory: "$3"/"$4}'

Colors

Theming

You can use this block to apply a theme fairly quickly. 

#Colours
set -g status-bg green
set -g status-fg black
set -g message-bg red
set -g message-fg white
set -g pane-active-border-fg green
set -g pane-active-border-bg default
set -g pane-border-fg default
set -g pane-border-bg default

Sharing a tmux session

  1. User Alpha creates session named “main” in 
    [Alpha@server ]$ tmux -L main
  2. User Alpha finds session Socket location, /tmp/tmux-<uid>/<socketname> 
    [Alpha@server ]$ ls -lart /tmp |grep tmux
drwx------  2 Alpha  admins         4096 Oct  7 17:08 tmux-6421
  3. User Alpha changes permissions on Socket dir 
    [Alpha@server ]$ chmod 770 /tmp/tmux-6421/main
  4. User Bravo attached to session “main” which exists beneath the Socket dir 
    [Bravo@server ]$ tmux -S /tmp/tmux-6421/main attach
  5. User Bravo detaches from the shared session when finished as to not kill the session.
  6. User Alpha changes permissions on Socket dir back to 700 
    [Alpha@server ]$ chmod 700 /tmp/tmux-6421/main

More on Tmux

This HawkHost entry got posted to Reddit’s /r/linux a while back, and that’s what really sold me on Tmux. Cody does a great job introducing tmux and some of the better features.

Category: Uncategorized |
| September 20, 2012
No comments

Working with NTP

Introduction

NTP is used to keep the time in sync across servers. You can be within milliseconds of the time used by government agencies. This is useful in your environment for log syncronization / corelation of events, and may be critical for proper app/db interaction.

Troubleshooting it can be less than straightforward though, because the man page doesn’t clearly define what all those numbers mean, or how you can interpret them.

This page is here to help. Read more

Category: Uncategorized |
| September 19, 2012
2 comments

Going from professional dishwasher to professional Linux SysAdmin

Introduction

I see it all the time – “I wish I could get a job doing Linux professionally.” This is my advice, the same advice that has worked for some of my closest friends who went from burger king to sysadmin in a year. I followed part of this path myself to get where I am now, and to some extent, so did some of my peers. If you follow my advice here, you should be able to get your foot the door doing linux work somewhere.

You can’t really go to school for this. I’ve talked to people who have taken “Linux” classes in college / university, and it’s not geared towards production servers. It’s geared towards some antiquated world where you might edit a spreadsheet in AWK or use home directories as a department document management system. This doesn’t compare to how Linux is used on The Internet.

So what does an entry level linux pro do?

  • First line of troubleshooting:
    • I can’t log in to this server
    • Disk space is getting full
    • Loss of network connectivity
    • Add / remove users
    • Reset passwords
    • Grant SUDO privileges

So, to get started in this business, I recommend undertaking a series of projects, using Google as your tutor. The project I always have my apprentices start with is this:

When I pull up your-name-lab.com, I end up at a webpage with a picture of you. This webpage is running on Apache, running on a gui-less Linux server in your house.

If you can get through all of the stuff involved in making this happen, you will have essentially bumped into every part of the usual Production Linux workflow. You won’t necessarily do it the right or best way, but you’ll have a really nice grip on the concepts involved. Read more

Category: Uncategorized |
| September 18, 2012
No comments

Probably going to need a better theme

This one isn’t quite wide enough. My LDAP how-to is suffocating. Need something that lets my content have the full available screen width. Would also love something console-looking or 8-bit.

Category: Uncategorized |
| September 17, 2012
No comments

LDAP Deployment on CentOS, with AutoFS and Posix Schema

Introduction

I recently built an ESX lab and wanted central authentication. I’m a linux guy, so AD would be of minimal utility. Instead, I decided to dedicate one of my spare PCs as DNS, DHCP, LDAP, and SysLog. I decided to conquer LDAP first. It turns out to be kind of tricky.

  • The openldap packages will get the server up, but you wont’ have the necessary base to add users / groups.
  • Another goal is automounted NFS home directories – the Centos6 RPMs don’t have the autofs.schema file that makes this possible.
  • All of the docs you’ll read will talk about modifying slapd.conf; meanwhile, the latest versions of openldap have deprecated slapd.conf in favor of slapd.d.

At it’s core, I did the following:

  1. Install the openldap packages from centos repo
  2. Acquired the migrationtools to create the base.ldif
    1. The migrationtools are made by the same folks that make the nss-pam-ldap stuff, so I figured this was the best way to get a compliant directory structure.
  3. Acquired the autofs.schema file from the CentOS 5 repo, it has the necessary file.
    1. You’ll still need to build the necessary entries for autofs in the LDAP directory, I followed this guy’s guide.
  4. I used phpLDAPadmin to browse the directory and add entries manually.
    1. You’ll need to modify selinux to get this thing working right in apache.
    2. I’ve heard Apache Directory Studio is also pretty nice, but I haven’t checked it out.

Update 11/21: Trying to get a slave set up and I noticed that my config doesn’t allow you to interact with the cn=config DIT. Updated that section.

Let’s begin, shall we? Read more

Category: Uncategorized |
« Older Entries