Sunday, January 3, 2010

iSCSI/NFS on LVM on RAID5 (Software RAID) howto guide, CentOS 5.3

This is just a quid blog to show howto, cos I found there are not much on-line tutorial cover this in a easy way.

And of course, as I keep it simple, it only cover basic stuffs. Please feel free to comment and add on better approach.

## RAID ##

= Create Partition with 'fdisk'
to create partition (with 'n')
modify the partition's label to RAID (with 't', and code is fd)
then 'w' to write the partition
repeat until the disks is done
do a 'partprobe' to make sure it's written and take effect
do 'fdisk -l' to make sure the partition tables is correct

= Assign disk to raid
mdadm -C -v /dev/md0 -l5 -n3 /dev/hdb1 /dev/hdc1 /dev/hdd1
# l5 => RAID 5, n3 => a RAID set of 3 disks
cat /proc/mdstat # make sure RAID is created. it will also show if it's sync-ing or recoverying
mdadm -D -s -v # Double check. or 'mdadm -D -s -V /dev/md0

## LVM ##

= Create Physical Volume(PV), Volume Group(VG) and Logical Volume(LV)
pvcreate /dev/md0 # assign "/dev/md0" as an PV
pvdisplay # make sure they're all set
vgcreate vg-raid /dev/md0 # create VG group "lvm-raid"
vgdisplay # Show the Volume Group status
lvcreate -n xStorage -L 40G vg-raid # Create a LV as xStorage, 40G from vg-raid
lvdisplay # Show Logical Volume status
ls /dev/vg-raid/xStorage # The created LV should be here..
mkfs.ext3 /dev/vg-raid/xStorage # format the LV to be used
mount /dev/vg-raid/xStorage /mnt # lets test if we could mount it. :-)
df -h # You should see it in your mounted list

## iSCSI ##

= Installation
yum -y install scsi-target-utils iscsi-initiator-utils
chkconfig iscsid on
chkconfig iscsi on
chkconfig tgtd on
chkconfig --list | grep iscsi
chkconfig --list | grep tdtd
/etc/init.d/iscsi restart
/etc/init.d/tgtd restart
/etc/init.d/iscsid restart

= Configuring iSCSI Target (iSCSI Server)
tgt-setup-lun -d /dev/vg-raid/xStorage -n xStore # create lun only accept client with IP
#*** NOTE: You can only setup lun with a device, not partition!! ***#
tgtadm --lld iscsi --op show --mode target # Show alll luns
iscsiadm --mode discovery --type sendtargets --portal # List lun from the server
Change iptables:
iptables -I RH-Firewall-1-INPUT -p tcp -m tcp --dport 3260 -j ACCEPT # Open the port to all NIC
iptables-save > /etc/sysconfig/iptables # Save the updated rules to iptables configuration file

= Configuring iSCSI Initiator (iSCSI Client)
iscsiadm -m discovery --type sendtargets --portal # Check if the iSCSI Target is accessable
iscsiadm -m node -T -l # -l to login to target, -u to logout
# add '--portal' for specifid server
ll /dev/sd* # The new disk should be now there.
mount /dev/sdc /mnt # Lets mount it..
df -h
touch `hostname`-`date +%Y%m%d-%H%M%S` # Test if it's writable and if it's sync over the network

## NFS ##

echo '
# Local Mount Name # Client Access List
' >> /etc/exports

exportfs -a
/etc/init.d/nfs restart # Restart nfs mount

Sunday, November 1, 2009

BASH: Using untyped variable to get unlimited parameter

I have been working a backup script at work that support MySQL, PostgreSQL and file using mysql_dump, pg_dump and duplicity commands. Since the script will be running parallel, the script will be calling up itself a lot, I need a better parameter parsing. And I absolutely do not want to use 100 lines of code to do such simple task. It will be so hard to maintain. And when I was trying to improve my parameter parsing, I found something called "untyped variable". I am not sure if it's a proper name.

Anyway, the whole point of doing this is: you do not have to use a lot of if conditions or case to sort variable one by one. You can just put the variable name in a loop, and it will parse out all recognized variable names.

I am using 'eval' to assign the values into variables. I was originally using 'export'. And I know there is actually some other way to do some, something like $($OPT)=$FIELDS, but somehow it didn't work for me. :-(

Using 'eval' to assign.

Parsing all variables and values

# Define all acceptable variable names here
ALL_OPT=(Type Host Pass User DB Table MaxTry BackupDir Src Dst Port sshUser Period dbExtra)

for WORD in $@ ; do # $WORD is the name of variable,
for OPT in ${ALL_OPT[*]} ; do # Check if I have the option in the list
case $WORD in
$OPT=?*) # To make sure it has '=' and at least one character after '='
FIELDS=${WORD:`echo ${#OPT}+1 |bc`} # grap the value
eval $OPT=$FIELDS # Assign the variable to
echo " export $OPT $FIELDS"
echo "calling up Report"
[ "$FIELDS" == "" ] || break # no value at all

Display all variable names and value

for OPT in ${ALL_OPT[*]} ; do
eval aaa=\$$OPT
echo $OPT = $aaa

Calling up the function

# Define all function names, which is the accepted variables value in first variable in ALL_OPT
ALL_TYPE=(Mysql File MySql Redmine)
[ $Type == "NULL" ] || for TypeCHK in ${ALL_TYPE[*]} ; do
if [ $Type == $TypeCHK ] ; then
ChkPeriod $Period
[ $? == 0 ] && bk$Type # Of course, you have to have the function, e.g: 'bkFile'.

All codes

Sunday, July 5, 2009

The Smallst Linux.. what can it do??

It's such an interesting product. I found it when I was thinking to build my own digital frame. This little guy runs uClinux, build-in web and telnet service. I wonder what else can it do... any one??

The Smallest Linux in the World

Saturday, July 4, 2009

Chris Tyler ROCKZZZZ!!!

Is that a Ronald USB midi guitar?? Hopefully it's Linux based LOL

This is a top secret photo. I think Chris sneaked out when he was supposed to go No Frills to buy milk for next week.. sh... don't tell Diana.. LOL

Chris and other Seneca teachers whom should not be named of...

Just a joke.. Chris.. hope you don't mind... LOL

The easiest way to setup the most unsecure sendmail service in linux

Yes, the easiest way, and yes, the most unsecure, i mean it.

I hope this blog will help you. This is what I've found after 2 days of reading and frustration of trying to set up sendmail server/client for whole day.

And trust me, never setup sendmail on Friday... @@

--- Setup Sendmail ---

-- Server --
#vi /etc/mail/
= Replace with your mail server's IP.

DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl

## and...
= find "relay_based_on_MX" and comment or replace it with "loose_relay_check"

dnl #FEATURE(`relay_based_on_MX')dnl

# then..
echo "Connect:192.168.2 RELAY" >> /etc/mail/access

-- Client --
# find following line in and change it.
[root@bb ~]# grep mail000 /etc/mail/
define(`SMART_HOST', `mail0001.test')dnl


= check if sendmail is listening to port 25
netstat -ant | grep LISTEN | grep 25

= check local or the service connect by telneting the port
telnet mail0001 25

= check sendmail status
service sendmail status

--- Links ---
-- Howto --

-- Masquerading --

-- Mail Relay --

Here is the story be hide this post. Has any one found that the documentation of sendmail is a mess?? I always found it overwhelm, all the tutorial gives you some options that you may not even understand. That's why, I think it's good to setup the most basic one and then build stuffs on top of it. Making a service work is more important than any thing after all. Well... the worst thing about the way I setup is someone may use you mail server to send spam.... well... u lose some resources cos people may use it to send spam but, you can setup other options once you make sure every thing is working.

When I read this page again, I found that the reason why I could send it, it`s because I have already accept all my internal network. After doing more configuring with sendmail, I realize it wasn`t a fully open relay. I now have SSL configured with sendmail and dovecot. I may post the tutorial later, once I`m sure that`s really working and it`s the simplest way to do.

Tuesday, June 30, 2009

Laziest way to set SSH without password

I've been crazily busy lately, finally got a chance to check our fabulous CDOT planet again. Saw a few nice posts from LUX classmates. As the king of blog in LUX class, of course I have to post something, I'm gonna beat Kezong!! hehe... (see below for Kezhong's blog)

Yesterday I just did public key authentication too. You can actually do the following to minimize all the work. All you have to do is copy and paste following and type your password twice. :-)

===== Commands =====
##### Step: 1 #####
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
Key=`cat ~/.ssh/ `
ssh -f -q "echo $Key >> .ssh/authorized_keys"

##### Step: 2 #####
ssh -f -q chmod 600 .ssh/authorized_keys

===== Verify =====
# if dosen't work, you can always use verbose/debug mode to see the ssh process..

ssh -vv

# if still dosen't work and you're sure your file and permission is right, you may want to check the server sshd config file and make sure Public Key authentication is enabled. It's enabled by default anyway. Also you may need to create and change the ~/.ssh folder permission by yourself, if you have never ssh "from" the server/target.

Just follow the official guide step by step.. :-)

=== LINK ===
OpenSSH Public Key Authentication

A professional article about Public Key Authentication from very profession LUX student

Wednesday, June 3, 2009

Weekend; Toronto Island; Unplug day..

I've been quite busy for work and things that I want to learn in this field. Last week was very busy. So, last weekend, I decided not to do any thing about computer.. well.. i did tried. I went to Toronto Island for photography. I found that's the best way to be away of computer and get some real fresh away. :-)

I did about 300, 400 photos in there, went there around 5pm and start shooting once I was on a boat. I was surprised that view was so good from Toronto Island. Too bad there were a bit of fogs. I should go there one more time when humility was low. Any way, hope you enjoy the photos. Save them as your wallpaper if you want. :-)