пятница, 27 ноября 2015 г.

Linux LVM Root VG extension

# fdisk -l
To see the new disk size on /dev/sda which we just extended, or to see new disks we just presented (/dev/sdb, /dev/sdc, etc.)
# fdisk /dev/sda
To create new partitions for the OS to use. These new partitions will be added to the VG so we can extend the LV that the “/” partition is on. My newly created partition in the example is /dev/sda3. For new disks you would use /dev/sdb, or /dev/sdc. If you are using an extended /dev/sda like in my case, you will need to reboot for the changes to be seen
# fdisk -l
To see the new partitions
# pvdisplay
View current physical volumes a.k.a. pv
# pvcreate /dev/sda3
Allow Linux OS to use the new partition in LVM
# pvdisplay
See the new pv /dev/sda3
# vgdisplay
View the current volume groups
# vgextend VolumeGroupName /dev/sda3
Add the new PV /dev/sda3 to the existing VG VolumeGroupName
# vgdisplay
Now you can see the new size of the VG VolumeGroupName. Note the new amount of free PE’s (physical extents)
# lvdisplay
View the current LV. In my example, /dev/VolumeGroupName/lv_root which is the root partition
# lvextend -l +2559 /dev/VolumeGroupName/lv_root
Now make the LV larger. Growing the LV /dev/VolumeGroupName/lv_root by 2559 PEs
# lvdisplay
Now you can see the larger size of the LV
# resize2fs /dev/VolumeGroupName/lv_root
Online resize of the actual filesystem now on that LV
# df -h
You can see the new size now using the “df” command

четверг, 22 октября 2015 г.

понедельник, 19 октября 2015 г.

среда, 16 сентября 2015 г.

среда, 26 августа 2015 г.

Sandbox with openvswitch and virtualbox

Let assume, that you already have installed openvswitch and virtulabox.

First you also need to create virtual switch

~ # ovs-vsctl add-br lan0

You can add script shown below to /etc/rc.local or somewhere to startup scripts.

#!/bin/bash

br=lan0
ip=192.168.189.1/24

for tap in `seq 0 15`; do
        ip tuntap del mode tap dev lan0p$tap
        ip tuntap add mode tap lan0p$tap
done;

for tap in `seq 0 15`; do
        ip link set lan0p$tap up
done;

for tap in `seq 0 15`; do
        ovs-vsctl -- --if-exists del-port $br lan0p$tap
        ovs-vsctl add-port $br lan0p$tap
done;

ip addr add $ip dev $br0
ip link set $br up

This small script will create switch lan0 with 16 ports. After this we can use virtalbox VMs and attache them to created ports.
This is just beginning...

понедельник, 17 августа 2015 г.

IPIP over IPSEC on Linux

In this article, I'm just posting working config files for ipsec tunnel. You can use it either with strongswan or with openswan package. There three main files:

- /etc/ipsec.conf
- /etc/ipsec.secrets
- /etc/ipsec.d/tunnel.conf

I'm very lazy, that's why I'm not going to explain my config line by line, if you need you can find all information in man and google.

  ~ $ cat /etc/ipsec.conf  
 version     2.0  
 config setup  
      interfaces=%none  
      protostack=netkey  
      nat_traversal=yes  
      virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12  
      nhelpers=2  
      oe=off  
      plutoopts="--perpeerlog"  
 conn %default  
      ike=aes128-sha1;modp2048  
      phase2alg=aes128-sha1;modp2048  
      ikelifetime=12h  
      salifetime=2h  
      keyingtries=%forever  
      rekey=yes  
      pfs=yes  
      compress=no  
      dpddelay=30  
      dpdtimeout=120  
      dpdaction=restart_by_peer          # hold, restart_by_peer, restart, clear  
 include /etc/ipsec.d/*.conf  


 ~ $ cat /etc/ipsec.secrets  
 #Tunnel 1  
 1.1.1.1     2.2.2.2     : PSK     "Your first PSK" 
 #Tunnel 2
 1.1.1.1     3.3.3.3     : PSK     "Your second PSK"

 ~ $ cat /etc/ipsec.d/tunnel1.conf   
 #Connection name shown in network configuration files  
 conn tunnel1  
      auto=start  
      type=transport  
      authby=secret  
      pfs=yes  
      ike=aes128-sha1-modp2048  
      phase2alg=aes128-sha1;modp2048  
      left=1.1.1.1  
      leftprotoport=ipencap  
      right=2.2.2.2  
      rightprotoport=ipencap  

In the end of this small note, I decided to post small example of configuring connection IPIP over IPSEC. Often you need to configure IPIP over IPSEC or GRE over IPSEC or something else over IPSEC =) . Below you can find configuration of one side of tunnel:

 auto tunnel1  
 iface tunnel1 inet static  
     address YOUR-TUNNEL-IP  
     netmask NETMASK-IN-TUNNEL  
     pointopoint YOUR-TUNNEL-NEIGHBOUR-IP  
     mtu MTU-SIZE-OPTIONAL  
     pre-up ip tunnel add $IFACE mode ipip local 1.1.1.1 remote 2.2.2.2 ttl 64 tos inherit || true  
     post-down ip tunnel del $IFACE  

воскресенье, 16 августа 2015 г.

Adding RAM and CPU in Linux Vmware Guest

Again I'm posting simple lifehack, which you can just copy, paste and use.
Everybody using cool vmware features, like adding ram, cpu and network cards, this is just simple actions in gui, but how to say linux guest vm to recognise new ram and cpu, use for it code shown below.
Adding RAM

 for ram in /sys/devices/system/memory/memory*/online; do echo "1" > "$ram"; done  

Adding CPU

 for cpu in /sys/devices/system/cpu/cpu*/online; do echo "1" > "$cpu"; done  

Another method is adding udev rule file, but I'm lazy... anyway, below is example for cpu:

 cat /etc/udev/rules.d/99-vmware-cpuhotplug-udev.rules  
 ACTION=="add", SUBSYSTEM=="cpu", ATTR{online}="1"   

пятница, 14 августа 2015 г.

Full server copy using tar

Just in case when you need to full clone your server, you can use the command shown below:

 tar -zcvpf /backups/fullbackup.tar.gz --directory=/ --exclude=proc --exclude=sys --exclude=dev/pts --exclude=backups .  

To untar created archive you can use another options of tar shown below

 tar -zxvpf /fullbackup.tar.gz  

четверг, 13 августа 2015 г.

Using TAR over SSH example

Today I decided to post this little note regarding transferring data (many small files) with preserving ownership and permissions in Linux

Example #1

You want copy data from remote server to server on which you're logged in

 ssh user@remote-server "tar czpf - /your/important/data" | tar xzpf - -C /new/location/on/current/server  


Example #2

Reverse, you want to copy data from server on which you're logged in, to remote server.

 tar cpf - /your/important/data | ssh user@remote-server "tar xpf - -C /new/location/on/remote/server"  

среда, 29 июля 2015 г.

FreeBSD guest hangs in KVM

   Recently I find the problem when FreeBSD guest in KVM environment was hanging during reboot from console. After googling and tying to understand this problem, I found, that problem was only with freebsd systems which had more than one virtual cpu.  The reason was enabled option in kvm_intel module.
   In my example my host system was ubuntu 14.04 and guest system was freebsd with 2 virtual cpu. Parameter you should change is shown below:

 ~ $ cat /sys/module/kvm_intel/parameters/enable_apicv   
 Y  

It should be - N.

You can do it by adding appropriate command in modules configuration file, for exmaple in /etc/modprobe.d. You can't do it "on the fly" because this module are used constantly and changes for this module locked.

вторник, 28 июля 2015 г.

Elementary OS: Do nothing when close lid

This script is small handy solution for disabling close lid action, my code is not so pretty but it's working, you can just copy and paste it.

Script: Lid-action.sh

 #!/bin/bash  
 grep "HandleLidSwitch" /etc/systemd/logind.conf | grep ignore >/dev/null 2>&1  
 if [ $? -eq 0 ]; then  
     sed -i 's/HandleLidSwitch=ignore/HandleLidSwitch=suspend/' /etc/systemd/logind.conf && restart systemd-logind >/dev/null 2>&1; echo "Suspending enabled"   
 else  
     sed -i 's/HandleLidSwitch=suspend/HandleLidSwitch=ignore/' /etc/systemd/logind.conf && restart systemd-logind >/dev/null 2>&1; echo "Suspending disabled" 
 fi  


Add permissions to launch with sudo without password:

 maugli@calipso:~$ sudo cat /etc/sudoers | grep maugli  
 maugli ALL=(root) NOPASSWD: /home/maugli/lid-action.sh  


Don't forget to use visudo when're changing sudoers file.

Runnning script:

 sudo /home/maugli/lid-action.sh  

понедельник, 27 июля 2015 г.

Simple rsync launch

   This is first article in my new cycle "Copy, Paste and Use". This series of articles will consist of the configuration files or several commands that can be copied and pasted into your console and this will work.
   First article is about rsync, when you need to sync some files from remote system, you can use rsync server on the remote system site, and rsync command on the client side, also don't forget to open apropriate ports on your firewall.

Rsync server configuration file:

# /etc/rsyncd.conf

# Minimal configuration file for rsync daemon
# See rsync(1) and rsyncd.conf(5) man pages for help

# This line is required by the /etc/init.d/rsyncd script
pid file = /var/run/rsyncd.pid
use chroot = yes
read only = yes

# Simple example for enabling your own local rsync server
[root]
    path = /
    comment = My Rsync Server
    uid = root
    gid = root
    hosts allow = IP addresses of allowed hosts

Launch configured server:

rsync --daemon --address=Bind_to_address --config=/etc/rsyncd.conf

Client side:

rsync -avh --progress rsync://Rsync_server_address/root/source_directory /destintaion/directory

On client site you also can limit bandwith and enable compression, but this is another story.