msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

13 Jan 2012 Using Lsyncd to perform “live” syncronization of a local directory to a remote directory

This post is a short HOWTO and describes how you can install and run lsyncd to perform a rsync syncronization from local to a remote server using SSH.
Lsyncd is a daemon to continuously synchronize directory trees and relies on inotify. If you need real live syncronization DRBD might be a better alternative since it is a block level syncronization.

Installing Lsyncd 2.0 from source on CentOS 6
Lsyncd is not included as a package in CentOS 6, so you need to download the source file from http://code.google.com/p/lsyncd/downloads/list.
You should have rsync, GCC and lua-devel installed on your system before you continue installing Lsyncd.

# yum install rsync lua-devel

Unpack the lsyncd source file and run the following commands from the unpacked file

# configure 
# make
# make install

make install copies the compiled files and install them to the right directories in your system.

I need to configure a non password SSH communication between the two servers with a shared SSH key.
On the source server run the following command to generate a SSH key, if you have not done this already.
Remember to do this as the user you are going to perform the sync with.

# ssh-keygen

Secure copy the generated SSH key from the source server to your target server

# scp ~/.ssh/id_rsa.pub root@remoteserver:/tmp

On the target server you need to add the copied SSH key to your existing authorized keys file.
Also remember to do this with the user you are going to connect with from the source server.

# cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys

If you do not have this file, just create it using the touch command described below

# touch ~/.ssh/authorized_keys

Test if you can ssh without a password from your source server to the target server.

I have made a config file, /root/scripts/lsyncd.conf that tells Lsyncd where to put the log- and statusfile. That it should be running as a daemon in the background, and a sync should occur after 900 seconds (15 minutes) if there have not been any filesystem changes and there should not be more than 6 parallell Lsyncd processes.

settings = {
   logfile      = "/tmp/lsyncd.log",
   statusFile   = "/tmp/lsyncd.status",
   nodaemon     = false,
   maxDelays    = 900,
   maxProcesses = 6,
}

sync{default.rsyncssh, source="/path/on/source/", host="hostnam.target.server.tld", targetdir="/path/on/target/"}

To start lsyncd you run the command

# lsyncd /root/scripts/lsyncd.conf

You should now see a Lsyncd process running as a daemon on your system. It performs a sync when you start and then waits for any filesystem changes or sync after 900 seconds.

If you would like Lsyncd to start at boot, just add the following line to the bottom of file /etc/rc.local

lsyncd /root/scripts/lsyncd.conf

You do now have a working secure rsync syncronization between two servers.

What directories you are syncing

# tail -f /tmp/lsyncd.status

What is happening now

# tail -f /tmp/lsyncd.log

Tags: , , , , ,

Posted by

09 Dec 2011 Disable IPv6 on Ubuntu 11.10

This is a short HOWTO on disabling IP version 6 support on your ethernet devices like eth0 on Ubuntu 11.10.
I guess you can do this on earlier version of Ubuntu as well.

  • Add the following line to the end of the file /etc/sysctl.conf (as root or use sudo)
  • net.ipv6.conf.all.disable_ipv6 = 1
  • Run the following command to make this change effective immediately

    # sudo sysctl -p

    A result from this command could be like this

    net.ipv6.conf.all.disable_ipv6 = 1

    To check that IPv6 has been disabled or not, run the following command from your console window

    # ip a | grep inet

    IPv6 has been disabled if this command does not return any IPv6 addresses.

    Tags: , , , , , ,

    Posted by

    01 Jun 2011 NetBackup 7.x port usage

    If you are unsure what ports Symantec NetBackup 7.x master or media Windows server uses, just open the following file

    %SYSTEMROOT%\system32\drivers\etc\services

    The content in this file could be like this if you have not made any changes to the default configuration

    bpcd		13782/tcp
    bprd		13720/tcp
    vnetd		13724/tcp
    vopied		13783/tcp
    bpdbm		13721/tcp
    bpjobd		13723/tcp
    bpjava-msvc		13722/tcp
    NB_dbsrv		13785/tcp
    vmd		13701/tcp
    tldcd		13711/tcp
    tl8cd		13705/tcp
    tl4d		13713/tcp
    tlmd		13716/tcp
    tlhcd		13717/tcp
    acsd		13702/tcp

    Tags: , ,

    Posted by

    19 Jan 2010 Change ethernet settings using ethtool

    Force network speed on a network card to 100 MBit Full Duplex and in the same time disable auto negotiation

    # ethtool -s eth0 speed 100 duplex full autoneg off

    These settings are active until you reboot the machine or restart the network.

    In order to keep this change on each system reboot, append the following line in the following Redhat file /etc/sysconfig/network-scripts/ifcfg-eth0

    ETHTOOL_OPTS="speed 100 duplex full autoneg off"

    An alternative tool to use to change the settings is mii-tool.

    Tags: ,

    Posted by

    05 Oct 2009 iptables connection tracking table full

    I’ve recently experienced that my workstation (Ubuntu Jaunty Jackalope, 9.04, x86_64) “hangs” periodically when my internet browser, Mozilla Firefox, has a lot of active tabs.
    In my case I had > 100 active tabs in more than 20 windows. I know I should have closed some of them but that is not an option right now.

    The problem reveiled itself doing a dmesg on my workstation

    # dmesg
    
    [1737157.057528] nf_conntrack: table full, dropping packet.
    [1737157.160357] nf_conntrack: table full, dropping packet.
    [1737157.260534] nf_conntrack: table full, dropping packet.
    [1737157.361837] nf_conntrack: table full, dropping packet.
    [1737157.462305] nf_conntrack: table full, dropping packet.
    [1737157.564270] nf_conntrack: table full, dropping packet.
    [1737157.666836] nf_conntrack: table full, dropping packet.
    [1737157.767348] nf_conntrack: table full, dropping packet.
    [1737157.868338] nf_conntrack: table full, dropping packet.
    [1737157.969828] nf_conntrack: table full, dropping packet.
    [1737162.214064] __ratelimit: 53 callbacks suppressed
    

    This bahaviour looks like Denial-Of-Service and is caused by a full iptables connection_table.

    The default size of the iptables connection tracing table is

    # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
    65536

    The solution I went for was to double the size of connection table to 131072 and restarted firefox.

    # echo "131072" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max

    This value is a 32-bit integer so the table size can be quite large and you will need much more RAM before you can use this size.

    To make this solution permanent I added the following line to /etc/sysctl.conf

    net.ipv4.netfilter.ip_conntrack_max = 131072

    You can test this by executing the following command

    # sysctl -p
    131072

    This command loads the /etc/sysctl.conf settings.

    Tags: , ,

    Posted by