Friday, December 14, 2012

Conga Cluster Commands

Redhat Cluster Commands at one go 


Here I will try to cover all the basic commands that are required to configure and work on conga cluster. The motive behind this is to remember all the related commands at one go..

For detailed information I would be writing more on the same front latter down the line... Let me know if you are interested.

 ----------------------------------------------------------------------------------------------------------

# luci_admin init
# service luci restart
# luci_admin passwd

# lvm dumpconfig | grep locking type
# lvmconf --enable -cluster
# lvm dumpconfig | grep locking type

# ip addr list
# clustat
# clustat -i 1
# css_tool addnodeid
# cman_tool status
# cman_tool nodes
# cman_tool join -p "id"
# css_tool update /etc/cluster/cluster.conf
# fence_tool join -w
# gfs_fsck
# fenced_node node1
# cman_tool kill -n node1
# service qdisk start
# mkqdisk -C device -l label
# mkqdisk -l
# clulog
# cman_tool leave|remove
# cman_tool votes -v
# cman_tool expected -e

Saturday, December 8, 2012

Umask explained in Linux


UMASK in linux not so confusing any more

What is UMASK and how to define it in Linux?

UMASK(User Mask or User file creation MASK) is the default permission or base permissions given when a new file(even folder too, as Linux treats everything as files) is created on a Linux machine. Most of the Linux distros give 022(0022) as default UMASK. In other words, It is a system default permissions for newly created files/folders in the machine.

How to calculate UMASK in Linux?

Though umask value is same for files and folders but calculation of File base permissions and Directory base permissions are different.

The minimum and maximum UMASK value for a folder is 000 and 777
The minimum and maximum UMASK value for a file is 000 and 666

Why 666 is the maximum value for file?

This is because only scripts and binaries should have execute permissions, normal and regular files should have just read and write permissions. Directories require execute permissions for viewing the contents in it, so they can have 777 as permissions.
Below are the permissions and its values used by UMASK. If you are Linux/Unix user you observe these are inverse to actual permissions values when setting up permissions to files/folders with CHMOD command.

 0 --Full permissions(Read, Write, Execute)
 1 --Write and read
 2 --Read and execute
 3 --Read only
 4 --Write and execute
 5 --Write only
 6 --Execute onlyadminadmin
 7 --No permissions
 
How to remember these and calculate the file and folder permissions?

Consider above values are inverse to actual permissions. Suppose your UMASK value is 0027(027).

For folder:
To calculate actual folder permissions from UMASK is done in two steps

Step1:Logical Negate the UMASK
Not(027) = 750

Step2: Logical AND this number with 777
777 AND 750 = 750
So actual folder permissions is 750 when its created. Owner will get full permission, group gets execute and write permissions and others no permissions
In other words and simple way..
We have to subtract 027 from 777 then we will get the actual folder permissions.
777 - 027 = 750
which is nothing but full permissions for the owner, read and execute permissions for group and no permissions for others.
For files:
To get actuall file permissions from UMASK is done in two steps

Step1:Logical Negate the UMASK
Not(027) = 750

Step2: Logical AND this number with 666
666 AND 750 = 640
For your understanding purpose we have calculated this below equation to get what actual AND operator do.
110 + 111 = 110(6)
110 + 101 = 100(4)
110 + 000 = 000(0)

How to see default UMASK?

just type umask and you will get whats the default UMASK
umask
Output
0022

Questions and Answers related to UMASK

1)How to setup or change default UMASK for all the new users?

The UMASK value can be set in /etc/profile for all the new users. Open this file as root user and given the below line in the file.
umask 027
 
2)How to setup or change default UMASK for existing users?

For existing users you can edit ~/.bashrc file in their home directory. This should be done for all the users one by one or if the machine is having lots and lots of users then you can write a shell script for this.

3)I see people are using 0022 and 022 as UMASK, is there any difference between them?

There is no difference between these two, both indicates one and the same. The preceding 0 indicates there is no SUID/SGID/Sticky bit information set.

4)What is the perferred UMASK value for a system for Security reasons?

Prefered is 027(0027) for security reasons becasue this will restrict others not to read/write/execute that file/folder

5)I see umask value as 022 in my vsftpd config file? what actually this means?

When you see 022 as umask value in vsftpd config file that indicates that users who are going to create files will get 644  and for folders its 755 respectively.
To know more about umask refer man pages and info pages.
 
man umask
info umask

YUM Server in RHEL 5 configuration


How To Install YUM Server In Red-hat(RHEL5)

In Linux you can install packages through many ways like.
1. Through RPM,
2. Through shell script
3. Through source tar balls etc.

YUM(Yellow-dog Updater and Modifier) is another and advanced way of installing the packages in Linux distro’s such as Red-hat, Fedora and CenOS.
In RHEL4 installing packages is a tedious process, some times its headache to install all the dependencies. So Red-hat come with a solution to overcome this dependencies problem in most situations, the solution for this is nothing but YUM implementation. This will resolve this dependency issue and other known issues. Here we are going to present some basic way how to use YUM utility to install packages locally(there are so many ways to install packages from different sources either local or remote such as ftp, http).

Basic YUM implementation locally:

Step1 :Copy the entire OS cd’s (DVD) content to Hard-drive as below.

#cp -ar /media/cdrom/Server/* /destinationfolder

Example :
server1#cp -ar /media/cdrom/Server/* /var/ftp/pub/Server/
Note :
1. From second cd too Server content in to our /var/ftp/pub/Server/ folder as shown below.
2. Here please take destination folder as /var/ftp/pub so that we can implement FTP server to share our repository.
3. If you have RHEL5 DVD then execute below command once.


server1#cp -ar /media/cdrom/Server/* /var/ftp/pub/Server/
 
Step2 : Now change the directory to /var/ftp/pub/Server and install the createrepo package

server1#cd /var/ftp/pub/Server
server1#rpm -ivh createrepo*   

Step3 : Specify the repository location to YUM.

server1#createrep -v .

Note:There is the dot in the above command.


Step4 :
Create a file with repo as extension and specify the YUM details in /etc/yum.repos.d folder


server1#cd /etc/yum.repos.d/
server1#vi testing.repo

Note : The directory /etc/yum.repos.d/ contaions two .repo files which should be removed or moved to other directory, so that YUM server will check default .repo file it self.

Q. What if I don’t move or remove the default .repo files from /etc/yum.repos.d/ folder?
A: Every time when you try to install packages through YUM, your yum will check all these files for repositories for getting packages which will or will not work and most probably delay is increased in getting those packages from online servers.
The new file which is created contains as follows.
[server1.example.com]
comment ="Vikas Linux Repo -- Repo 01"
baseurl=file:///var/ftp/pub/Server
gpgcheck=0
After entering these entries save and exit from the file.
Let me explain what actually these four entries mean.
[server1.example.com] ==>This informs what is the repository name.
comment ==> Its used to see the information about the repo.
baseurl ==> This is the server and path of the repo(here its a local repo so the base url is just a file:///
For example you are creating YUM client through FTP then base url should be like this

baseurl=ftp://station1.example.com/pub/Server
gpgcheck ==> This is to check the authentication of the repository, which is disabled in this case.
Local YUM repository is created, now you can install any package you want with yum command. In order to know more about YUM, Please see man pages for YUM.
Note:In-order to use yum repository we have to clean the yum meta data, so before installing any package first time use yum clean all command as shown below.


server1#yum clean all
 
Basic YUM Server Repository through FTP server :
So what about Installing packages remotely by using this repository?
Let us see how to configure client to access this repository. Before doing client configuration we have to share this repository through FTP or HTTP.

Step1 : Install vsftpd server on server

server1#yum install vsftpd

Step2 : Start the ftp service and on it
 
server1#service vsftpd restart
server1#chkconfig vsftpd on

That’s it on the server side every thing configured properly, Now move on to client machine.

Conflagration on client side :
Step3 : Remove/move the local repository file from /etc/yum.repo.d/ folder to some other location #mv /etc/yum.repo.d/* /tmp/
Step4 : Create server.repo file in /etc/yum.repo.d/ with following contents
[server1.linuxnix.com]

comment ="test"

baseurl=ftp://server1.example.com/pub/Server

gpgcheck=0
Save and exit the file Now start using yum to install packages, as follows.
client1#yum clean all
client1#yum install packagename
Example :
client1#yum install httpd
To uninstall a package through YUM
client1#yum remove httpd
To see the info of a package
client1#yum info packagename
To see the package is already installed or not
client1#rpm -qa grep packagename

Thursday, December 6, 2012

Linux Interview Questions for Senior Linux Admin

Linux Interview Questions for Senior Linux Admin

Guys below mentioned are the few questions which are common in interview pattern for CMMi level companies. Hope this helps you when you go rounds on with reputed companies like HP, ACCENTURE, MPHASIS, PATNI, YAHOO, IBM.

Q. What is the difference between NFS v3 and NFS v4 ? Configuration steps ?

Q. What are INODES? If I delete and recreate same file again will the inode number change or will remain same. Please explain why ?

Q. IF we type the command      # mkfs *  What will happen ?

Q. How to disable node in HPOV Java Console ?

Q. What is SOA in DNS ? IF deleted will DNS Work ?

Q. Suppose if you give proper commands to detect LUN and still LUN is not visible then how will you troubleshoot the problem ? 
   
Q. What are the daemons running in a Conga Cluster ? Name them with Port number used ?

Q. Steps to halt and start the Conga Cluster ? Services  stop and start order ?

Q. How to check which kernel you had boot from using TOP command ?

Q. How to upgrade ILO ?

Q. How to upgrade an Firmware ?

Q. Where do you make kernel related entries ?

Q. What are the commands in linux to disable a Firewall ?

Q. What does the 3 values of load average indicates ?

Q. Define a daemon ?

Q. Explain Boot process in linux ( Brief and my favorite )  ?

Q. How to create a daemon with shell scripting ?

Q. Can we use crontab to run a script every second ? if not why ? if yes ? How ?

Q. How to create a swap if you do not have free partition ?

Q. What is the default block size ( Chunk Size ) for a PV ?

Q. Difference between LVM 1 and LVM 2 ? 

Q. How do you configure a JBOSS Clustering ?  STEPS

Q. How does a conga cluster communicate ? Detailed explanation ?

Q. How do you stop all process except shell window ?  ( Q asked in Yahoo ) ?

Will submit the answers soon. .. Hope this helps many people....

Wednesday, December 5, 2012

Linux Port Number for Linux Administrator

Important Linux Port Number for Linux System Administrator

Hello Friends,

Here we will try to understand the role of port in a life of Linux system administrator. I will describe and mention most important ports which every system admin must remember ( useful in day to day life as well as to clear interview )

Q What is a Port ?
A port is nothing but a piece of software which is used by system to communicate with other system in space or network.

Q What is a Socket ? 
 Socket is a combination of software port + IP address.

Q. What is the range of ports or how many ports are there?
Port numbers can vary from 0 to 65535, so total we can get 65536 ports

Q. Why port numbers are just 65536?
This is because limitation in TCP/IP stack where the port number field is just 16bit size. So we get only 2^16 ports which are equal to 65536 available ports

Q.What are the well-known ports or assigned ports or default ports?
Well known ports are from 0 to 1023(total 2^10=1024 ports)

Q. What do you mean by default port?
Default port is a designated port for particular well-known server.

Q. Can we change default port for a service(example Apache, squid)?
Yes, we can change. In most apache and DNS we can change this using listen configuration entry in httpd.conf and . Squid have port entry in its squid.conf file to mention port number.

Q. What are the protocol numbers for TCP and UDP?
Do not confuse this one with port numbers. TCP and UDP have their own numbers in TCP/IP stack.
TCP protocol number:6
UDP protocol number:17

Q. Is there any way I can see all the port information in Linux?
Yes, you can get that from /etc/services files.

Q. How can I see open ports in Linux?
Use nmap command.

Well known ports

20 – FTP Data (For transferring FTP data)
21 – FTP Control (For starting FTP connection)
22 – SSH (For secure remote administration which uses SSL to encrypt the transmission)
23 – Telnet (For insecure remote administration
25 – SMTP(Mail Transfer Agent for e-mail server such as SEND mail)
53 – DNS(Special service which uses both TCP and UDP)

68 – DHCP
69 – TFTP(Trivial file transfer protocol uses udp protocol for connection less transmission of data)
80 – HTTP/WWW(apache)
88 – Kerberos
110 – POP3(Mail delivery Agent)
123 – NTP(Network time protocol used for time syncing uses UDP protocol)
137 – NetBIOS(nmbd)
139 – SMB-Samba(smbd)
143 – IMAP
161 – SNMP(For network monitoring)
389 – LDAP(For centralized administration)
443 – HTTPS(HTTP+SSL for secure web access)
514 – Syslogd(udp port)
636 – ldaps(both tcp and udp)
873 – rsync
989 – FTPS-data
990 – FTPS
993 – IMAPS
995 – POP3s
2049 – NFS(nfsd, rpc.nfsd, rpc, portmap)

3306 – MySql


Monitoring Tools port for zabbix and nagios

5666 -- Nagios Server 
5667 -- Nagios Client 

10051 -- Zabbix Client
10050 -- Zabbix Server

 Ports used in Clustering ( Conga Cluster )

5404, 5405  -- cman  (udp)
11111           -- ricci    (tcp)
14567          -- gnbd   (tcp)
16851          -- Conga Model     (tcp)
21064          -- DLM ( distributed lock manager )   (tcp)
50006,50008,50009  -- ccsd (tcp)
50007           -- ccsd (udp)
4196,4197,4198,4199   -- rgmanager (tcp)