DNS失效导致CSS disable service IP

现象:app服务正常,进程正常,可以telnet private IP,但是telnet service IP不通,CSS看到端口是down的,实际上服务器上是up的
问题原因:由于DNS服务器down掉,导致CSS在bind app服务器的时候,app server反解CSS IP地址需要很长时间才能timeout,但是CSS没有得到response就timeout了,所以导致CSS认为端口是down的,所以就disable了service IP
解决方案:把CSS的IP地址加入hosts

另外一个现象:把CSS的IP加入hosts之后,service IP不down了,但是ADS服务器出问题的时候,客户连接进来还是会反解超时,导致服务中断
解决方案:把resolv.conf配置加一个options rotate,使用round-robin模式

vxfs corrupt导致cluster file system不能online

在移除CFS节点的时候,由于没有运行cfsumount再进行cfscluster stop操作,导致vxfs文件系统损坏,这样文件系统资源挂不上,并且有如下报错:
/dev/vx/dsk/ShareDG/Mainvol1 is corrupted. needs checking
Google了一下,是因为文件系统需要修复,按如下操作:
root@Rhada # /opt/VRTS/bin/fsck -F vxfs /dev/vx/dsk/ShareDG/Mainvol1
log replay in progress
log replay failed to clean file system
file system is not clean, full fsck required
full file system check required, exiting …
root@Rhada # /opt/VRTS/bin/fsck -F vxfs -y -o full /dev/vx/dsk/ShareDG/Mainvol1
log replay in progress
pass0 – checking structural files
pass1 – checking inode sanity and blocks
pass2 – checking directory linkage
pass3 – checking reference counts
pass4 – checking resource maps
au 5286 emap incorrect – fix? (ynq)y
au 5286 summary incorrect – fix? (ynq)y
free block count incorrect 94503896 expected 94536664 fix? (ynq)y
free extent vector incorrect fix? (ynq)y
OK to clear log? (ynq)y
flush fileset headers? (ynq)y
set state to CLEAN? (ynq)y
root@Rhada # hastatus -sum

Login got slow with NFS on Solaris / Solaris 在mount了NFS时login变慢

现象:登陆变得很慢,su到普通用户很慢,但是root不受影响
Issue: Login got slow, su to normal user slow, but su to root not effected

检查:在/etc/profile添加检查点,发现原因是执行 /usr/sbin/quota 这一步时很慢,但是系统没有启用quota,只是挂接了NFS
Check: Add checkpoint to /etc/profile and found the step “/usr/sbin/quota” is very slow, but the system hasn’t quota set up, only mounted NFS

原因:一般来说没有防火墙的情况下,其实rquotad也会反应很快不至于变慢,但是在防火墙未打开rquotad时,这一步会耗去很长时间去连接rquotad
Reason: Normally, it’s ok without firewall, but it’s slow when the firewall blocks the rquotad packages

解决方案:启用noquota选项来重新挂载NFS,例如:
Solution: use noquota option to mount NFS, for example:
# mount -F nfs -o noquota server1:/dir1

Done!
登陆慢的另外一个原因也可能是你的DNS server没办法解析你的地址,把ip地址加入/etc/hosts即可

逢泽莉娜

美女呀!

CentOS上开启samba配置/Enable samba with selinux/iptables on CentOS

在CentOS 6.3上开启Samba服务,其中涉及到安装samba包,编写配置文件,开启iptables,配置selinux。
1. Install samba
# yum search samba
# yum install samba.x86_64

2. Configure a simple samba,
编辑/etc/samba/smb.conf,配置你想要的内容,我只是简单的开启共享:
[global]
workgroup = workgroup
netbios name = whatever
server string = whatever
security = share
log file = /var/log/samba/%m.log
max log size = 50
[packets]
path = /data1/dir1
writeable = no
browseable = yes
guest ok = yes
public = yes

启动samba服务:
# service smb start
但是这时候你会发现能显示有个目录但是进不去

3. 配置iptables
编辑/etc/sysconfig/iptables,在REJECT那一条之前加上如下clause:
-A INPUT -m state –state NEW -m tcp -p tcp –dport 139 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 445 -j ACCEPT
-A INPUT -p udp -m udp –dport 137 -j ACCEPT
-A INPUT -p udp -m udp –dport 138 -j ACCEPT
然后重启iptables
# service iptables restart

4. 配置selinux
必须开启selinux,否则很多内容访问不了。
先查询selinux配置:
# getsebool -a | grep samba
samba_create_home_dirs –> off
samba_domain_controller –> off
samba_enable_home_dirs –> off
samba_export_all_ro –> off
samba_export_all_rw –> off
samba_run_unconfined –> off
samba_share_fusefs –> off
samba_share_nfs –> off
sanlock_use_samba –> off
use_samba_home_dirs –> off
virt_use_samba –> off
# getsebool -a | grep smb
allow_smbd_anon_write –> off

我只要简单的开启目录共享即可即可,所以只打开了一项:
# setsebool -P samba_export_all_ro on

这一段参考了:http://wiki.centos.org/HowTos/SetUpSamba
5. 完工!

配置有vlan的端口 on Solaris

Create one hostname.cenum file (hostname6.cenum file for IPv6) for each VLAN that will be configured for each adapter on the server.

Use the following naming format that includes both the VID and the physical point of attachment (PPA):

VLAN logical PPA = 1000 * VID + Device PPA ce123000 = 1000*123 + 0

For example: hostname.ce123000

VLAN logical PPA = 1000 * VID + Device PPA ce11000 = 1000*11 + 0

For example: hostname.ce11000

This format limits the maximum number of PPAs (instances) you can configure to 1000 in the /etc/path_to_inst file.

For example, on a server with the Sun Gigabit Ethernet/P 3.0 adapter having an instance of 0, that belongs to two VLANs with VIDs 123 and 224, you would use ce123000 and ce224000, respectively, as the two VLAN PPAs.

refer to: http://docs.sun.com/app/docs/doc/816-4554/bbjfdeij?a=view

Install MySQLdb module of Python on Solaris/Solaris 10上安装Python的MySQLdb模块

Reason: Solaris 10 自带的python是forte c++编译的,所以和gcc编译的软件一起工作会有很多问题。The built-in python of Solaris 10 is compiled by forte c++, normally we want to use gcc as the default compiler. This will cause some errors:

 

root@felix1 [/data1/soft/MySQL-python-1.2.4] # python setup.py build
running build
running build_py
copying MySQLdb/release.py -> build/lib.solaris-2.10-i86pc-2.6/MySQLdb
running build_ext
building ‘_mysql’ extension
creating build/temp.solaris-2.10-i86pc-2.6
/usr/lib/python2.6/pycc -DNDEBUG -KPIC -Dversion_info=(1,2,4,’final’,1) -D__version__=1.2.4 -I/opt/mysql/include -I/usr/include/python2.6 -c _mysql.c -o build/temp.solaris-2.10-i86pc-2.6/_mysql.o -g
gcc: unrecognized option `-KPIC’
In file included from _mysql.c:44

 

为了避免该问题我们可以需要使用全都用gcc编译的软件一起工作。包括python和mysql。To avoid this we need to use a python which compiled by GCC. We need a mysql compiled by GCC as well. Download python from www.sunfreeware.com and download 32bit mysql from mysql.com and install them.

从sourceforge上下载MySQLdb模块源代码,设置环境变量/Download MySQLdb from sf.net and setup the environment:

 

root@felix1 [/data1/soft/MySQL-python-1.2.4] # export LD_LIBRARY_PATH=/usr/local/mysql/lib:/opt/mysql/lib:/lib:/usr/lib:/usr/local/lib:/usr/local/mysql/lib
root@felix1 [/data1/soft/MySQL-python-1.2.4] # PATH=/usr/local/mysql/bin:$PATH
root@felix1 [/data1/soft/MySQL-python-1.2.4] # python setup.py build

running build
running build_py
copying MySQLdb/release.py -> build/lib.solaris-2.10-i86pc-2.6/MySQLdb
running build_ext
building ‘_mysql’ extension
gcc -shared build/temp.solaris-2.10-i86pc-2.6/_mysql.o -L/usr/local/mysql/lib -lmysqlclient_r -lthread -lsocket -lnsl -lm -lrt -o build/lib.solaris-2.10-i86pc-2.6/_mysql.so

root@felix1 [/data1/soft/MySQL-python-1.2.4] # python setup.py install

你就会安装MySQLdb模块到/usr/local下的python了。此时因为_mysql.so已经编译完成,所以就算你切换回系统python,执行python setup.py install,也会得到一个正确的安装的模块。
You’ll install the module to python under /usr/local. Now the _mysql.so is built, so even you switch to the /usr/bin/python, execute ‘python setup.py install’, you’ll get a good module as well