LINUX AND VMWARE STUFF

This Blog is to share our knowledge and expertise on Linux System Administration and VMware Administration

Wednesday, February 28, 2018

How to kill the IDLE pts/tty session in Linux Server?

Wednesday, February 28, 2018 0
 Kill the IDLE pts/tty session in Linux Server

Situation:
    Sometime script command may not be completed properly or sometime improperly closed ssh session makes the idle pts/tty session.
           
[root@dbserver ~]# w
 14:18:28 up 31 days,  4:18,  4 users,  load average: 3.35, 3.42, 3.41
USER     TTY      FROM  LOGIN@   IDLE     JCPU   PCPU  WHAT
root        pts/2    -            27Jan18   31days  0.00s  0.00s   script -a /os_backup_fs/patches/DB_Server/logs/dbserver_Postwork-1.log

 Solution:
Here, sometime ps -ft command will not respond

[root@dbserver ~]# ps -ft pts/2
UID         PID   PPID  C STIME TTY          TIME CMD

So, search with process and kill the process id.

[root@dbserver ~]# ps -ef | grep -i /os_backup_fs/patches/DB_Server/logs/dbserver_Postwork-1.log
root     202948 185999  0 14:18 pts/4    00:00:00 grep -i /os_backup_fs/patches/DB_Server/logs/dbserver_Postwork-1.log
root     271243 113886  0 Jan27 pts/1    00:00:00 script -a /os_backup_fs/patches/DB_Server/logs/dbserver_Postwork-1.log
root     271245 271243  0 Jan27 pts/1    00:00:00 script -a /os_backup_fs/patches/DB_Server/logs/dbserver_Postwork-1.log
[root@dbserver ~]# kill -9 271243

Hope it helps.
Tags # Linux Troubleshooting Continue Reading
By v�o l�c No comments:
Labels:

Monday, February 26, 2018

How to create VLAN interface by using comand line in RHEL7

Monday, February 26, 2018 0
By using nmcli command we can craete the VLAN interface in RHEL7.

VLANs are isolated broadcast domains that run over a single physical network. They allow you to segment a local network and also to "stretch" a LAN over multiple physical locations. Most enterprises implement this on their network switching environment, but in some cases, the tagged VLANs reach your server.

For this case, our physical network interface is called enp0s3. The VLAN's ID is 501, and the IPv4 address is 192.168.1.10, with a subnet mask of 255.255.255.0 and a default gateway of 192.168.1.1.

Create vlan
[root@nsk ~]# nmcli connection add type vlan dev enp0s3 id 501 ip4 192.168.1.10/24 gw4 192.168.1.1
Connection 'vlan' (a01bd6a3-a486-4c5b-83af-73d7344cc388) successfully added.

Activate the connection
[root@nsk ~]# nmcli connection up vlan
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

Check the Connection
[root@nsk ~]# nmcli connection show
NAME     UUID                                                                 TYPE                   DEVICE
enp0s3  191fbaab-7ac3-4616-9368-3b006cba3574      802-3-ethernet     enp0s3
vlan        a01bd6a3-a486-4c5b-83af-73d7344cc388      vlan                      enp0s3.501

[root@nsk ~]# nmcli device status
DEVICE          TYPE           STATE         CONNECTION
enp0s3          ethernet       connected    enp0s3
enp0s3.501   vlan              connected    vlan
lo                  loopback       unmanaged   --

[root@nsk ~]# nmcli device show enp0s3.501
GENERAL.DEVICE                   :    enp0s3.501
GENERAL.TYPE                      :      vlan
GENERAL.HWADDR                :     08:00:27:93:16:4B
GENERAL.MTU                        :    1500
GENERAL.STATE                    :    100 (connected)
GENERAL.CONNECTION        :   vlan
GENERAL.CON-PATH             :    /org/freedesktop/NetworkManager/ActiveConnection/3
IP4.ADDRESS[1]                     :      192.168.1.10/24
IP4.GATEWAY                         :      192.168.1.1
IP6.ADDRESS[1]                     :       fe80::ecb7:3969:728f:a67b/64
IP6.GATEWAY                         :       --
[root@nsk ~]#

The command line to create a VLAN with nmcli is very basic as it uses default values.

Below command will full option to create detailed VLAN interface.
[root@nsk ~]# nmcli con add help
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Saturday, February 17, 2018

How to change the Linux user's password in single command

Saturday, February 17, 2018 0
Changing the Linux user's password in one command

 Chpasswd reads a list of user name and password pairs from standard input and uses this information to update a group of existing users

 chpasswd - update passwords in batch mode

 Syntax    -  user_name:password

  By default the supplied password must be in clear-text. Also the password age will be updated, if present.

 #echo user:password | /usr/sbin/chpasswd
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Friday, February 16, 2018

Default Physical extent size in RHEL5, RHEL6 and RHEL7

Friday, February 16, 2018 0
Default Physical extent size in RHEL5, RHEL6 and RHEL7

Each physical volume is divided chunks of data, known as physical extents, these extents have the same size as the logical extents for the volume group.

Making the PE too small wouldn't be recommended, as the maximum volume size is 65,536 PEs, so if you reduce this to 1MB, you end up with volumes not larger than 64GB.

RHEL 5 - 32 M
RHEL 6 - 4 MB  (maximum we can create 256 GB file system)
RHEL 7 - 4 MB
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Thursday, February 15, 2018

Working with Docker Container - Labeling and filtering containers

Thursday, February 15, 2018 0
Labeling and filtering containers

 With Docker 1.6, a feature has been added to label containers and images, through which we can attach arbitrary key-value metadata to them. You can think of them as environment variables, which are not available to running applications inside containers but they are available to programs (Docker CLI) that are managing images and containers. Labels attached to images also get applied to containers started via them. We can also attach labels to containers while starting them.

Docker also provides filters to containers, images, and events, which we can use in conjunction with labels to narrow down our searches.

For this document, let's assume that we have an image with the label, distro=centos.

root@Docker:~# docker images
REPOSITORY                 TAG                 IMAGE ID                CREATED            SIZE
nskselvan/nsk                   latest              b2f0c17eed23        2 months ago        197MB
centos-latest                     latest              2083898799b1       2 months ago        197MB
wordpress                         latest              224b7eef6944        3 months ago        408MB
mysql                                 5.7                 b4e78b89bcf3        3 months ago        412MB
registry                               2                    28525f9a6e46       3 months ago        33.2MB
localhost:5000/reg            latest               28525f9a6e46       3 months ago        33.2MB
centos                               latest              196e0ce0c9fb        3 months ago        197MB
localhost:5000/centos-ka  latest              196e0ce0c9fb        3 months ago        197MB

As you can see from the preceding screenshot, if we use filters with the docker images command, we only get an image where the corresponding label is found in the image's metadata.

To start the container with the --label/-l option, run the following command:
root@Docker:~# docker run --label environment=test centos date
Thu Feb 15 06:21:09 UTC 2018

Let's start a container without a label and start two others with the same label:
root@Docker:~# docker run --name container1 centos date
Thu Feb 15 06:22:13 UTC 2018
root@Docker:~# docker run --name tcontainer1 --label environment=test centos date
Thu Feb 15 06:23:01 UTC 2018
root@Docker:~# docker run --name tcontainer2 --label environment=test centos date
Thu Feb 15 06:23:20 UTC 2018

If we list all the containers without a label, we will see all the containers, but if we use label, then we get only containers, which matches the label.

Docker attaches label metadata to containers while starting them and matches the label while listing them or other related operations
We can list all the labels attached to a container through the inspect command

root@Docker:~# docker inspect -f '{{.Config.Labels}}' tcontainer1
map[build-date:20170911 environment:test license:GPLv2 name:CentOS Base Image vendor:CentOS]
root@Docker:~# docker inspect -f '{{.Config.Labels}}' tcontainer2
map[license:GPLv2 name:CentOS Base Image vendor:CentOS build-date:20170911 environment:test]
Tags # Docker Continue Reading
By v�o l�c No comments:
Labels:

Wednesday, February 14, 2018

Working with Docker Container - Docker info Command

Wednesday, February 14, 2018 0
Docker info Command

As we know, images are required to run containers. You can either use existing images or create new custom images. You will need to create custom images to suit your development and deployment environment. Once you create an image, you can share it through the public or private registry. Before we explore more about Docker images, let's look at the output of the docker info command:

root@Docker:~# docker info
Containers: 26
 Running: 5
 Paused: 0
 Stopped: 21
Images: 6
Server Version: 17.09.0-ce
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 87
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 3f2f8b84a77f73d38244dd690525642a72156c64
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-96-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 3.859GiB
Name: Docker
ID: S3LP:G73H:NJWO:SVEG:I7U5:UB5M:B3LC:WAQV:AINP:7YYE:I7EN:MRFF
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: nskselvan
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support
root@Docker:~#

The preceding command gives the current system-wide info as follows:

It has 26 containers and 6 images.

The current storage driver, devicemapper, and its related information, such as thin pool name, data, metadata file, and so on. Other types of storage drivers are aufs, btrfs, overlayfs, vfs, and so on. Devicemapper, btrfs, and overlayfs have native support in the Linux kernel. AUFS support needs a patched kernel. 

To leverage the kernel features that enable containerization, the Docker daemon has to talk to the Linux kernel. This is done through the execution driver. libconatiner or native is one of that type. The others are libvirt, lxc, and so on.

The kernel version on the host operating system.
The user account that is registered on the registry mentioned in the next section to pull/push images.
Tags # Docker Continue Reading
By v�o l�c No comments:
Labels:

Saturday, February 10, 2018

Why does vncserver fails with "Starting VNC server: Fatal server error"

Saturday, February 10, 2018 0
Issue:
        vncserver service failed to start with below error
[orpmtn1o@Servername ~]$ vncserver

 WARNING: The first attempt to start Xvnc failed, possibly because the font
catalog is not properly configured.  Attempting to determine an appropriate
font path for this system and restart Xvnc using that font path ...
Could not start Xvnc.

 _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root

 Xvnc TigerVNC 1.1.0 - built Sep 22 2014 07:15:59
Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11500000, The X.Org Foundation

 Initializing built-in extension Generic Event Extension
Initializing built-in extension SHAPE
Initializing built-in extension MIT-SHM
Initializing built-in extension XInputExtension
Initializing built-in extension XTEST
Initializing built-in extension BIG-REQUESTS
Initializing built-in extension SYNC
Initializing built-in extension XKEYBOARD
Initializing built-in extension XC-MISC
Initializing built-in extension XFIXES
Initializing built-in extension RENDER
Initializing built-in extension RANDR
Initializing built-in extension DAMAGE
Initializing built-in extension MIT-SCREEN-SAVER
Initializing built-in extension DOUBLE-BUFFER
Initializing built-in extension RECORD
Initializing built-in extension DPMS
Initializing built-in extension X-Resource
Initializing built-in extension XVideo
Initializing built-in extension XVideo-MotionCompensation
Initializing built-in extension VNC-EXTENSION
Initializing built-in extension GLX

 Sat Feb 10 01:18:59 2018
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5901
 vncext:      created VNC server for screen 0
[dix] Could not init font path element catalogue:/etc/X11/fontpath.d, removing from list!
[dix] Could not init font path element built-ins, removing from list!
(EE)
Fatal server error:
(EE) could not open default font 'fixed'(EE)
_XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root

 Xvnc TigerVNC 1.1.0 - built Sep 22 2014 07:15:59
Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11500000, The X.Org Foundation

 Initializing built-in extension Generic Event Extension
Initializing built-in extension SHAPE
Initializing built-in extension MIT-SHM
Initializing built-in extension XInputExtension
Initializing built-in extension XTEST
Initializing built-in extension BIG-REQUESTS
Initializing built-in extension SYNC
Initializing built-in extension XKEYBOARD
Initializing built-in extension XC-MISC
Initializing built-in extension XFIXES
Initializing built-in extension RENDER
Initializing built-in extension RANDR
Initializing built-in extension DAMAGE
Initializing built-in extension MIT-SCREEN-SAVER
Initializing built-in extension DOUBLE-BUFFER
Initializing built-in extension RECORD
Initializing built-in extension DPMS
Initializing built-in extension X-Resource
Initializing built-in extension XVideo
Initializing built-in extension XVideo-MotionCompensation
Initializing built-in extension VNC-EXTENSION
Initializing built-in extension GLX

 Sat Feb 10 01:19:02 2018
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5901
 vncext:      created VNC server for screen 0
[dix] Could not init font path element /usr/share/X11/fonts/misc, removing from list!
[dix] Could not init font path element built-ins, removing from list!
(EE)
Fatal server error:
(EE) could not open default font 'fixed'(EE)

 Resolution:
First install the below packages on server.

 tigervnc-server 
tigervnc-server-module 
libXfont 
pixman 
xterm 
xorg-x11-twm

 Add the below lines under /etc/sysconfig/vncservers
VNCSERVERS="2:root"
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -nohttpd -localhost"

 Next, stop the local firewall.
[root@Servername ~]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                                   [  OK  ]
iptables: Unloading modules:                                       [  OK  ]

 Now Vncserver should work.
[orpmtn1o@Servername~]$ vncserver
New 'Servername.localhost.com:1 (orpmtn1o)' desktop is Servername.localhost.com:1
Creating default startup script /home/orpmtn1o/.vnc/xstartup
Starting applications specified in /home/orpmtn1o/.vnc/xstartup
Log file is /home/orpmtn1o/.vnc/Servername.localhost.com:1.log
Hope it helps.
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Sunday, February 4, 2018

Working with Docker Container - Creating an image from the container

Sunday, February 04, 2018 0

Creating an image from the container

There are a couple of ways to create images, one is by manually committing layers and the other way is through Dockerfiles.

 As we start a new container, a read/write layer gets attached to it. This layer will get destroyed if we do not save it. In this recipe, we will see how to save that layer and make a new image from the running or stopped container using the docker commit command.

 Syntax: docker commit -a|--author[=""] -m|--message[=""] CONTAINER [REPOSITORY[:TAG]]

 root@Docker:~# docker run -i -t centos /bin/bash
[root@91fb5dbccd0b /]# yum install -y httpd
Loaded plugins: fastestmirror, ovl
base                                                                | 3.6 kB  00:00:00
extras                                                              | 3.4 kB  00:00:00
updates                                                           | 3.4 kB  00:00:00
(1/4): base/7/x86_64/group_gz                       | 156 kB  00:00:00
(2/4): extras/7/x86_64/primary_db                  | 166 kB  00:00:00
(3/4): base/7/x86_64/primary_db                    | 5.7 MB  00:00:11
(4/4): updates/7/x86_64/primary_db               | 6.0 MB  00:00:13
...........
...........

As you can see, the new image is now being committed to the local repository with  nskselvan/centos  as a name and httpd as a tag.

 we saw that while starting a container, a read/write filesystem layer will be created on top of the existing image layers from which the container started, and with the installation of a package, some files would have been added/modified in that layer. All of those changes are currently in the ephemeral read/write filesystem layer, which is assigned to the container. If we stop and delete the container, then all of the earlier mentioned modifications would be lost.

 Using commit, we create a new layer with the changes that have occurred since the container started, which get saved in the backend storage driver.
root@Docker:~# docker diff 91fb5dbccd0b
C /.wh..wh.plnk
A /.wh..wh.plnk/1010.142994
.....................
A /boot/grub/splash.xpm.gz
C /etc/group
...................
C /etc/gshadow-
A /etc/httpd
A /etc/httpd/conf
A /etc/httpd/conf/httpd.conf
A /etc/httpd/conf/magic
A /etc/httpd/conf.d
...................
A /etc/httpd/conf.modules.d

 We can see a prefix before each entry of the output. The following is a list of those prefixes:

     A: This is for when a file/directory has been added
    C: This is for when a file/directory has been modified
    D: This is for when a file/directory has been deleted
For more details, please check docker commit --help 
Tags # Docker Continue Reading
By v�o l�c No comments:
Labels:

Friday, February 2, 2018

Working with Docker Container - Injecting a new process to a running container

Friday, February 02, 2018 0

 Injecting a new process to a running container

 While doing development and debugging, we might want to look inside the already running container. There are a few utilities, such as nsenter (https://github.com/jpetazzo/nsenter), that allow us to enter into the namespace of the container to inspect it. With the exec option, we can inject a new process inside a running container.

Syntax:
    docker exec [-d|--detach[=false]] [--help] [-i|--interactive[=false]] [-t|--tty[=false]] CONTAINER COMMAND [ARG...]

Let's start an centos container and then inject uptime into that

root@Docker:~# id='docker run -d mysql'
root@Docker:~# docker run -it $id bash
root@b4e78b89bcf3#

For help with the docker run use --help
Tags # Docker Continue Reading
By v�o l�c No comments:
Labels:

Thursday, February 1, 2018

User not allowed to access to (crontab) because of pam configuration - SOLVED

Thursday, February 01, 2018 0
Situation:
While running the crontab command user getting the below error.
[root@testserver ~]# su - user13
[user13@testserver ~]$ crontab -l
Authentication token is no longer valid; new one required
You (user13) are not allowed to access to (crontab) because of pam configuration.

Solution:
First check the age before adding the user in /etc/security/access.conf
If it is expired, set the password.

[root@testserver ~]# chage -l user13
Last password change                                                    : Sep 06, 2017
Password expires                                                            : Dec 05, 2017
Password inactive                                                           : never
Account expires                                                              : never
Minimum number of days between password change    : 1
Maximum number of days between password change   : 90
Number of days of warning before password expires     : 7

Set the password
[root@testserver ~]# passwd user13
Enter new password:
Re-type new password:
passwd: all authentication tokens updated successfully.

[root@testserver ~]# chage -l user13
Last password change                                                     : Jan 31, 2018
Password expires                                                             : May 01, 2018
Password inactive                                                            : never
Account expires                                                               : never
Minimum number of days between password change     : 1
Maximum number of days between password change    : 90
Number of days of warning before password expires      : 7

Then now add the user in /etc/security/access.conf file above -: ALL : ALL line.
+ : user13 : cron crond crontab

[root@testserver ~]# su - user13
[user13@testserver ~]$ crontab -l
no crontab for user13
[user13@testserver ~]$ exit

Hope it is help.
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels: