Tag Archives: os

Linux’s ctrl-alt-SysRq – Magic SysRq Key

http://en.wikipedia.org/wiki/Magic_SysRq_key

Wow, awesome.

Looks like you can do lots of fun stuff here in case you get a stalled system.

Quite fun that this is a quite useful thing and I have never heard of this before. Maybe Linux community is being quiet about this because it’s close to ctrl-alt-del :)

mnemonic: BRUISER (REISUB)

unRaw      (take control of keyboard back from X),
 tErminate (send SIGTERM to all processes, allowing them to terminate gracefully),
 kIll      (send SIGKILL to all processes, forcing them to terminate immediately),
  Sync     (flush data to disk),
  Unmount  (remount all filesystems read-only),
reBoot.

openstack testing day

Only one day late!

I actually started installing this on the 8th but I forgot to install it to hdd so the ‘yum update’ failed and broke the machine with I/O errors :)

Installing it in a VMWare Workstation (fedora 64-bit type, 2, cores, 4G RAM, 20G disk).

http://fedoraproject.org/wiki/Test_Day:2012-03-08_OpenStack_Test_Day

Basic Setup

1

http://fedoraproject.org/wiki/QA:Testcase_install_OpenStack_packages – No problem.

2

http://fedoraproject.org/wiki/QA:Testcase_setup_OpenStack_Nova –

Says that if you are doing this in a VM you need to “configure nova to use qemu without KVM and hardware virtualization:”. This is not true, as VMWare Workstation 8 has virtualization pass-through.

[root@localhost mart]# vgcreate nova-volumes $(sudo losetup --show -f /var/lib/nova/nova-volumes.img)
  No physical volume label read from /dev/loop0
  Writing physical volume data to disk "/dev/loop0"
  Physical volume "/dev/loop0" successfully created
  Volume group "nova-volumes" successfully created
openstack-nova-db-setup

Gives this error, which already is reported:

Verified connectivity to MySQL.
Creating 'nova' database.
Asking openstack-nova to sync the databse.
2012-03-09 07:28:26 WARNING nova.utils [-] /usr/lib/python2.7/site-packages/nova/db/sqlalchemy/migrate_repo/versions/075_convert_bw_usage_to_store_network_id.py:49: SADeprecationWarning: useexisting is deprecated.  Use extend_existing.
  useexisting=True)

2012-03-09 07:28:28 WARNING nova.utils [-] /usr/lib/python2.7/site-packages/nova/db/sqlalchemy/migrate_repo/versions/081_drop_instance_id_bw_cache.py:40: SADeprecationWarning: useexisting is deprecated.  Use extend_existing.
  useexisting=True)

Complete!

3

[root@localhost nova]# ADMIN_PASSWORD=$OS_PASSWORD openstack-keystone-sample-data
The default service password has been detected.  Please consider
setting an actual password in environment variable SERVICE_PASSWORD

But after that it generates users.

4

No problems, should ‘glance index’ return anything at this stage?

5

No problems.

6 Add SSH keypair

No problems, just do exactly what the instructions say (don’t try to be smart and put them in .sh files for example :P).

7 Register Guest Images

At this point the wiki went down :/

[root@localhost ~]# glance add name=f16 is_public=true disk_format=qcow2 container_format=ovf copy_from=http://berrange.fedorapeople.org/images/2012-02-29/f16-x86_64-openstack-sda.qcow2
Failed to add image. Got error:
Unexpected response: 500
Note: Your image metadata may still be in the registry, but the image's status will likely be 'killed'.

Yes, this is where it fall short. Manpage for clance doesn’t even have the ‘copy_from’. Maybe it could be downloaded? ‘glance index’ doesn’t work either.

 

[root@localhost ~]# glance index
Failed to show index. Got error:
Internal Server error: Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/eventlet/wsgi.py", line 336, in handle_one_response
    result = self.application(self.environ, start_response)
  File "/usr/lib/python2.7/site-packages/webob/dec.py", line 147, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/lib/python2.7/site-packages/webob/dec.py", line 210, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/lib/python2.7/site-packages/glance/common/wsgi.py", line 279, in __
    response = req.get_response(self.application)
  File "/usr/lib/python2.7/site-packages/webob/request.py", line 1086, in get_re
    application, catch_exc_info=False)
  File "/usr/lib/python2.7/site-packages/webob/request.py", line 1055, in call_a
    app_iter = application(self.environ, start_response)
  File "/usr/lib/python2.7/site-packages/keystone/middleware/auth_token.py", lin
    valid = self._validate_claims(claims)
  File "/usr/lib/python2.7/site-packages/keystone/middleware/auth_token.py", lin
    return self._validate_claims(claims, False)
  File "/usr/lib/python2.7/site-packages/keystone/middleware/auth_token.py", lin
    self.admin_password)
  File "/usr/lib/python2.7/site-packages/keystone/middleware/auth_token.py", lin
    return json.loads(data)["access"]["token"]["id"]
  File "/usr/lib64/python2.7/json/__init__.py", line 326, in loads
    return _default_decoder.decode(s)
  File "/usr/lib64/python2.7/json/decoder.py", line 366, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib64/python2.7/json/decoder.py", line 384, in raw_decode
    raise ValueError("No JSON object could be decoded")
ValueError: No JSON object could be decoded

[root@localhost ~]# cd images/
[root@localhost images]# ls
aki-tty  ami-tty  ari-tty
[root@localhost images]# http://berrange.fedorapeople.org/images/2012-02-29/f16-                                                                                        x86_64-openstack-sda.qcow2^C
[root@localhost images]# glance add name=aki-tty is_public=true container_format                                                                                        =aki disk_format=aki < aki-tty/image
=================================================[100%] 7.79M/s, ETA  0h  0m  0s
=[  2%]                                                 1.25M/s, ETA  0h  0m  3s                                                                                        Failed to add image. Got error:
You are not authorized to complete this action.
Details: 401 Unauthorized

This server could not verify that you are authorized to access the document you                                                                                         requested. Either you supplied the wrong credentials (e.g., bad password), or yo                                                                                        ur browser does not understand how to supply the credentials required.


Note: Your image metadata may still be in the registry, but the image's status w                                                                                        =================================================[100%] 20.9M/s, ETA  0h  0m  0s
[root@localhost images]#

Stuck!

CentOS 5.8 Released

CentOS 5.8 was released today 8th of March.

http://wiki.centos.org/Manuals/ReleaseNotes/CentOS5.8

You can download it from many mirrors, for example from FUNET: http://ftp.funet.fi/pub/Linux/INSTALL/Centos/

It installs just fine on an HP DL360 G7 with P410 and P411 controller.

CentOS has as far as I understand been slower at releasing updates than Scientific Linux (for example 6.2 was out 5 days earlier on SLC than on CentOS), this was not the case today though, SLC 5.8 is not available yet. Why?

Compare release dates here:

http://en.wikipedia.org/wiki/CentOS#Release_history

http://en.wikipedia.org/wiki/Scientific_linux#Release_history

Dragonfly – Testing another OS

http://www.dragonflybsd.org/

Install

It’s based on … BSD! (FreeBSD 4.8 is apparently what dragonfly span off from)

What’s weird is that while VMWare Workstation scans the iso (to find which OS it is) it stops responding (other VMs are unaffected).
It finds FreeBSD 64-bit.

It has a ‘hammer’ filesystem.
Apparently this is unsupported for FS under 10GB and not recommended for under 50G and will apparently require a lot of things (period clean-up job) occasionally.

     HAMMER file systems are designed for large storage systems, up to 1
     Exabyte, and will not operate efficiently on small storage systems.  The
     minimum recommended file system size is 50GB.  HAMMER must reserve 500MB
     to 1GB of its storage for reblocking and UNDO/REDO.  In addition, HAMMER
     file systems operating normally, with full history retention and daily
     snapshots, do not immediately reclaim space when files are deleted.  A
     regular system maintenance job runs once a day by periodic(8) to handle
     reclamation.

 

Nice and straight-forward console-based installation.

Quick and easy!

Configure

As it’s BSD, add the user to the ‘wheel’ group so that it can become super-user.

Guide to get sshd working (basically set PasswordAuthentication = yes). The guide mentions a lot of other things, but in 3.0.1 sshd is on by default and the keys have been generated.

Install  software

Edit /usr/pkg/etc/pkgin/repositories.conf and add the URL to a repository near you.

pkgin update

pkgin full-update

pkgin search packagename

pkgin install bash

This installs bash to /usr/pkg/bin/bash

It’s not enough to just edit /etc/passwd to get the new shell, you need to edit it via ‘chsh’.

To install screen you need to

ln -s /usr/lib/libcrypt.so.4 /usr/lib/libcrypt.so.3

or it will complain that libcrypt.so.3 doesn’t exist.

The HAMMER filesystem

All commands start with ‘hammer’. Like ‘hammer info’.

 

Conclusion

While looking at it from the above angle (quite distant) – this doesn’t appear to be very different from other bsd/unix/linux distributions, a bit different commands to do some things but that’s not so odd in itself.

Personally I like the name, maybe that’s enough to use it? =)

Install FreeBSD in VirtualBox

The Past

I used to run FreeBSD 5 and 6 about eight years ago on a Pentium III 900MHz machine with maybe 768MB RAM. It was very slow but after a lot of tinkering with the kernel I got it to boot and run very nicely.

Fluxbox was the window manager I used then together with Eterm and pico :)

The Install

Installing it $today in a VirtualBox 4.1.6 on an IBM T40 running RHEL 6 x64.

I used the ‘disc1’ .iso of FreeBSD 8.2. Give it enough of RAM and bridged networking is probably what you want. If you have it set to NAT and then want to change you can do that ‘online’ while the virtual machine is online. Might be good to run another dhcp discover after though. And also don’t forget to remove default route before that. (route del default).

Defaults are pretty OK I suppose on a VM. No need to mess around with the partitions or labels.

It’s all done in the console menus and you can go back and forth between the menus. You probably want to enter the ‘post-install’ section to set ip, password, chose to install sshd. Add a new user and add it to the group ‘wheel’. That way you can hit ‘su -‘ to get root access.

Using FreeBSD

After it’s up you probably want to get root access: ‘su -‘
Run ‘dhclient INTERFACE’ to get a dhcp ip. Find the interface name via ifconfig.

Install Bash

If you chose to install Ports during install, you can go to /usr/ports and hit ‘make search name=”bash”. You can use this to search for packages called bash. Then cd /usr/ports/shells/bash; make; make install; make clean

Then ‘chsh’ and change to /usr/local/bin/bash. Vi-syntax works so press i to insert, r to replace, x to remove or :wq! to write and quit.

Update and use ports.

You can also search on freshports.org.

csup is a tool that you use to update the ports collection. Another is portsnap.
Portsnap appears to be a bit simpler and it came by default when I installed it.

portsnap fetch; portsnap extract; port portsnap update

Basically Ports consists of softwares’ make files and some files pointing where to download the softwares when you decide to install them. You only need to run the portsnap extract the first time. Rest of the times fetch and update should do it. Or ‘portsnap cron’ if you do it in the scheduler/crontab.

Portaudit is a tool that checks for vulnerabilities in the softwares you use. This was very quick to install though. To see if you have any issues, hit ‘portaudit -Fda’.

Each port or software should have a file called pkg-descr, you can use this to see what it does.

portsearch is one that you can use to search for ports instead of the ‘make search’.

sshd

You can ssh into the machine directly after installing, as long as it has IP connectivity (if you can ping it). You also cannot ssh in as root by default.

firewalling

the firewall is ‘ipfw’. This is not enabled by default. To enable it set firewall_enable to YES in /etc/rc.conf. Make sure you add some good fw rules first. Or you can set firewall_type=”open” in rc.conf and then firewall_script=”/etc/ipfw.rules”.

See http://www.freebsd.org/doc/handbook/firewalls-ipfw.html . There is a sample called ‘inclusive ruleset’. This one you can paste into /etc/ipfw.rules , edit to your liking (change your public interface name, add dns-servers, comment out services you don’t need (like port 80 if you for example do not have a web-server). You could then edit this script to have a

$cmd 00411 allow tcp from 192.168.0.0/24 to me 22 in via $pif setup limit src-addr 2

This would allow only addresses from the 192.168.0.0/24 network to ssh into your machine if you comment the rule that allows incoming on port 22 from anywhere.

ipfw list # to see the current firewall

Conclusion

FreeBSD is special compared to a few other operating systems because you get to compile all the software. You can of course get binaries if you want and install via pkg_add. But that’s not so cool right? It’s also a good idea to tweak the kernel, especially if you have a little slower system and want some better performance. If you have a slower system (like in a virtual machine), it could be painfully slow to install something. For example bash took what felt like forever to install for me.

This means a bit more patience is required with FreeBSD, but on the other hand maybe this way there will much be less crap installed.

Apparently FreeBSD 8.2 is not so cool because there is a 9 in beta or PC-BSD. If you want you can even get a ‘snapshot’ in the CURRENT subset, which is basically as new as it gets.