Tuesday, 23 April 2013

IT the importance of planing

IT the importance of a planning

I am going to touch on a subject which I have been bragging for long time. The importance of a plan.

I have come across many IT professionals, who start a task, to find thenselves in the middle without being able to a) proceed b) to go back.
That indicates a clear lack of planning.

I'll tell you a story, I am not going to name people and I am not going to give too many details, but the point will be made.
I asked one of the Sys Admins to move a server. It is a simple task, but depending on how the server is configured and how the network is configured, it may require some thought.

Let's say each server has 6 NICs.
Each pair of NICs is bonded and connects to different networks, separeted by VLANs.
Each NIC must be plugged onto a specific switch port and specific switch.

If you have knowledge of the network and has moved servers around many times, it is probably a simple task.

But lets say, you don't have much knowledge of the netwok, then you power the server off, unplug all cables, just to find yourself stuck trying to guess where each cable should be plugged.

What could be done differently in this case scenario is
  1. Take a picture of the back of the server.
  2. Take note of how many cables are connected
  3. Where each cable is connected to
  4. Familiarise yourself with the network
  5. Try and get a Network diagram
  6. A spread sheet with all the connections
Now think about if it is in the middle of the night, you cannot contact anyone and the server must be avilable by morning?

Things can be easier, if before you start doing the work:
  1. You make a plan
  2. Break down the task into steps
  3. Gather necessary information to do your work
  4. Get someone available in case you need help.
  5. Think of what you need and prepare before starting the work
  6. Check which services were running on the server
  7. check the disks, lights, power supplies connected
  8. Test the cables or just have spare cables available
  9. If for any reason, halfway through, you cannot proceed just make sure you can at least get the server back where it was and how it was.
Let me make an analogy; if you borrow a phone from a friend, I think it is your duty to make sure you give your fried's phone back the way you received it.

Planning does take a bit of time, but in the end it will save you a lot of headaches.

Hope you enjoy this post

by Renato de Oliveira








Posted by at No comments:
Labels: , ,
Location: Cambridge, Cambridgeshire CB3, UK

Juniper Chassi Cluster - Connect from Node 0 to Node 1 and vice versa

 If you run a Juniper cluster, from time to time you need to connect from one note to another.
To reboot the second node, or to simply check the system status.

Let's say you log onto node 0 and you want to reboot node 1.


Connect to to node 1
root@firewall> request routing-engine login node 1

Once you are connected to node 1, you can just request a system reboot.

root@firewall> request system reboot

I hope you enjoy this command, it made my life easier few times.

by Renato de Oliveira

Posted by at No comments:
Labels: , ,
Location: Cambridge, Cambridgeshire CB3, UK

Tuesday, 16 April 2013

How DNS works on Linux


How DNS works on Linux

Whenever we contact a server by its name whether by ping, browsing for example, this is what happens.

Ping www.google.com

http://www.google.com

The resolver’s libraries get invoked (Resolvers are just C libraries, which look up IP addresses and map them to names). These libraries read the configuration files /etc/hosts.conf (older Linux) or /etc/nsswitch.conf (newer Linux) each time they are called.

Depending on how these libraries - /etc/hosts.conf and /etc/nsswitch.conf - are configured, the resolvers will choose to use /etc/hosts FILE, DNS or NIS for mapping IPs to names.

My Linux servers use the new glibc, so the configuration file they will check is the /etc/nsswitch.confm see a snippet of this file below:

# hosts: db files nisplus nis dns

hosts: files dns

 

This is telling us:

Check first /etc/hosts file. If the address is not found on the /etc/hosts file, check DNS.

If DNS is requested, another configuration file gets read: /etc/resolv.conf. The /etc/resolv.conf should be set with the nameservers for the network. See an example below:

 

# cat /etc/resolv.conf

domain adlinux.int

search adlinux.int

nameserver 192.168.1.22

 

The resolver’s libraries will extract the ‘nameserver’ from the resolv.conf file and query them, to map www.google.com to its IP address.

 

The nameserver in turn, if authoritative for the DNS zone where www.google.com resides, will look the name up in its own database and return Google’s IP. If the nameserver is not authoritative for the zone, which is most likely, then it will return another IP for another nameserver, which can resolve .com.

 

Then the .com nameservers will be queried and they will look up in their own databases, and return an IP address for the authoritative nameserver for google.com domain.

 

Another query will be initiated to the google.com authoritative DNS server, and this time, it will look in its own database and find an IP address which matches a host named www.

Guys, this is the first version of this post. I will try and correct the mistakes and improve it.
This should give you a good idea how names are resolved on Linux.

I hope it will be useful to you

by Renato de Oliveira
Posted by at No comments:
Labels: , , , , ,
Location: Cambridge, Cambridgeshire CB3, UK

Juniper SRX: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE


Juniper SRX: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE
 Today I looked at my Juniper firewall and I saw an amber light. This means an alarm!.
I logged to it, and I was greeted by the Warning message below:
root@192.168.1.1's password:
--- JUNOS 11.2R4.3 built 2011-11-24 08:11:51 UTC
**********************************************************************
**                                                                   **
**   WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE     **
**                                                                   **
** It is possible that the primary copy of JUNOS failed to boot up   **
** properly, and so this device has booted from the backup copy.     **
**                                                                   **
** Please re-install JUNOS to recover the primary copy in case       **
** it has been corrupted.                                            **
**                                                                   **
***********************************************************************
 
I started investigating it and this is the reason.
If your SRX Firewall is unable to boot from the primary JUNOS OS image, and instead boots from tha backup root partition, you will see this messsage.
 
The way to solve this problem is by issueing the command below:
 
root@192.168.1.1> request system snapshot slice alternate
 
Note:  After the procedure, the primary root partition will contain the same version of JUNOS as the backup root partition.
 
This will clear the alarm and make your SRX boot successfuly from the root partition.
 
Hope you enjoy this post
 
by Renato de Oliveira
 
Posted by at No comments:
Labels: , , , , ,
Location: Cambridge, Cambridgeshire CB3, UK

Monday, 15 April 2013

Eu olho pela janela

Eu olho pela janela
Vejo o ceu escuro
As estrelas sapiscam o ceu
Parecem manchas no escuro veludo
sao tao pequenas
Tao distantes
Brilham
Num ceu escuro e intrigante
Quando eu olho pro ceu
Eu penso no meu passado
Parece tao distante
Mas tao presente
Memorias
Cheiros
Cores
Fotos tiradas pelos meus olhos
Eu olho pela janela
Vejo o ceu
Pensamentos correm pela cabeca
Onde eu estou
Porque estou aqui
Quando sera que vou partir?
Nada faz sentido
Tudo se move rapido
Num constante agito
As estrelas gritam a luz
O ceu grita a escuridao
a Noite pede calma
pessoas passam pelas ruas
Acordam o silencio
mes pensamentos nunca dormem
estao sempre a passsear
correm e saltam pela minha memoria
sera que eu existo
como foi que eu vim parar aqui?
Sera que eu nao sou so um pensamento?
Eu olho pela janela
Ja nao vejo as estrelas
O ceu ta escuro e nublado
Uma neblina fina
Que cobre tudo devagar
Eu ja nao pensao mais
Talvez ja nem sinta
as horas passam
e nada muda
tudo muda,
Sera que eu nao percebi?
Nem vejo mais estrelas,
Nem sei se olho mais pela janela
Sera que a janela existe?
Sera que nao e tudo um sonho
ou um pesadelo
Atormentado
a procura de uma janela
por onde eu vejo
um ceu estrelado
que me acalma e da tranquilidade
O que e tranquilidade?

by Renato de Oliveira
Posted by at No comments:
Location: Cambridge, Cambridgeshire CB3, UK

Fim de Tarde


Fim de tarde
A luz comeca a morrer
Todas as cores se suavisam
Num tom tranquilo de pastel
O ceu vai se alaranjando
O sol devagar vai se escondendo
No horizonte suavizado de rosa
A lua vai despontando
Devagar vai surgindo
O dia vai escurecendo
Os passaros ainda cantam
Num tom meio melancolico
Como se sentissem saudades
Do dia que diz adeus
Sao tantas cores suaves
De um fim de tarde
que comeca a morrer
Morre a luz tristemente
No horizonte melado de rosa
Morre os cantos dos passaros
Que se agasalham nos seus ninhos
Tudo vai ficando devagar
Se preparando pra dormir
As estrelas comecam a pontilhar
e o dia vai morrendo
as cores desaparecendo
tudo vai escurecendo
o fim de tarde
vai acordando a noite
e a noite vai cobrindo o dia
e tanta magia
tanta beleza
Tanta tranquilidade
que nos da a natureza
um magestoso fim de tarde
Coberto de alegria e tristeza

by Renato de Oliveira
Posted by at No comments:
Location: Cambridge, Cambridgeshire CB3, UK

How to Install and configure Apache on Red Hat/Centos 6.x


How to Install and configure Apache on Red Hat/Centos 6.x

Apache is the most used web server on the Internet. It is reliable, fast, easy to set up, relatively secure and the Apache Foundation is on top of patches.

I thought you might want to see how easy and nice it is to work with it, so I decided to write a post.
I’ll show you how to get it installed, configured and set up a Name Based Virtual Host.

Packages Dependencies

·         httpd.x86_64

·         apr.x86_64                                   

·         apr-util.x86_64                                                      

·         apr-util-ldap.x86_64

·         httpd-tools.x86_64                      

·         mailcap.noarch

Install all packages

[root@centos63 dhcp]# yum install httpd.x86_64 apr.x86_64 apr-util.x86_64 apr-util-ldap.x86_64 httpd-tools.x86_64 mailcap.noarch –y

Once all the packages above have been installed, we can start configuring Apache.

Apache Configuration File

Apache main configuration files, reside on /etc/httpd/conf.

On Red Hat based distributions, Apache is named ‘httpd’, and its configuration files are located on /etc/httpd, its logs are stored on /var/log/httpd and the actual content or the root directory is located on /var/www/html.

Let’s explore it

[root@centos63 dhcp]# cd /etc/httpd/conf

[root@centos63 conf]# ls -l

-rw-r--r-- 1 root root 34418 Dec  5 08:59 httpd.conf

[root@centos63 conf]# vi httpd.conf
 

Note: Apache config file is very extensive; it has directives for many things. I’ll show you how to get it up and running quickly. I’ll show you more complex things on other posts i.e. mod proxy and mod rewrite which are quite useful, I think.
 

Directives to set

Email

ServerAdmin root@localhost

Change it to your email address, for example:

ServerAdmin linux-up@ntlworld.com

Server Name

#ServerName www.example.com:80

Uncomment the line above and change it to your Server’s name. For example:

ServerName www.renpippa.co.uk

That is how easy it is to get it up and running.

Setting up a virtual host

If you have multiple websites being hosted on the same server and the server only has a single public IP address, virtual hosts will help you immensely. This is also called ‘Named-Based Virtual Hosts’

 
[root@centos63]# cd /etc

[root@centos63 etc]# vi /etc/hosts
192.168.1.34  centos63 centos63.adlinux.int www.centos63.co.uk www.renpippa.co.uk

[root@centos63]# mkdir /var/www/www.centos63.co.uk

[root@centos63]# touch /var/www/www.centos63.co.uk/index.html

[root@centos63]# echo “Welcome to WWW.CENTOS63.CO.UK
> /var/www/www.centos63.co.uk/index.html

Note: Replace the names above with your Virtual Hosts Names, the name of the domains you with to host.

[root@centos63 conf]# vi /etc/httpd/conf/httpd.conf

Add the lines below to the bottom of the httpd.conf file, save and quit.

# Virtual Hosts Configuration
NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin webmaster@www.centos63.co.uk
    DocumentRoot /var/www/www.centos63.co.uk
    ServerName www.centos63.co.uk
    ErrorLog logs/www.centos63.co.uk-error_log
    CustomLog logs/www.centos63.co.uk-access_log common
</VirtualHost>

Restart Apache
[root@centos63]# service httpd restart

Open your browser and test teh configuration. If you are using a different PC, you need to add the Domain name to your DNS, or edit your hosts file. If your PC is Linux, all you need is to edit /etc/hosts. If your PC is Windows based, you need to edit c:\windows\system32\drivers\etc\hosts.
 
I hope you enjoy it.

 

By Renato de Oliveira
Posted by at No comments:
Labels: , , , , , ,
Location: Cambridge, Cambridgeshire CB3, UK
Subscribe to: Posts (Atom)