WORLD OF LINUX: July 2012

Tuesday 31 July 2012

Migrating-openvz-virtual-servers-from one hardware node to another

The following steps are used to migrate VPS from one Hardware node to another:-
On the hardware node check were the VPS already exists,
# wget http://files.soluslabs.com/solusvm/scripts/keyput.sh

 #  chmod a+x keyput.sh

 #  ./keyput.sh <DN_ip> <DN_port>

DN_ip

& DN_port = the ip and ssh port of the node you want to transfer the VPS

to.(Destination_node)

Next, we need to know the id of the VPS which is to be transfered, for that,

run this on the server that contains the VPS

# vzlist or vzlist -a (to get all the nodes present in the main node)

 then,

# vzmigrate -v --ssh="-p <DN_port>" <DN_ip> <VPS_id>

once it is completed you have to update SolusVM master.

On the solusvm master node run:

# /scripts/vm-migrate <VSERVER_ID> <NEWNODE_ID>

<VSERVER_ID> is the ID listed in your VM list in SolusVM

<NEWNODE_ID> is the ID of the node listed in your node list in SolusVM

WHM showing diskquota unlimited for all users in OpenVZ VPS

# vi /etc/vz/vz.conf ( Should contain the following parameters to make sure that quota is enabled in Hardware node.)

## Disk quota parameters

DISK_QUOTA=yes

VZFASTBOOT=no

# vi /etc/fstab

none /dev/pts devpts rw 0 0 // fstab entry is like this in case of VPS

# /scripts/fixquotas

Error obtained running the above command: No filesystems with quota detected.

# quotacheck -vagum

quotacheck: Can't find filesystem to check or filesystem not mounted with quota option

SOLUTION:

Let the openVZ ID be 100

( In Hardware node) # vzctl set 100 --quotaugidlimit 10000 --save
( In Hardware node) # vzquota off 100
( In Hardware node) # vzquota on 100 -s 1

Setting the "quotaugidlimit" parameter is a must for 2nd level quota activation. However, not enough. The key point is the "s" parameter in the "vzquota on 10 -s 1" command.

# vzctl restart 100 // restart the vps

Monday 23 July 2012

Checking if IP is blocked from Iptables

How to check if IP is blocked from Iptables

Check if IP is blocked:
# iptables -L -n --line | grep [IP Address]

If IP appear as DROP or REJECT, the IP has been blocked
Unblock the IP Address:
# iptables -I INPUT -s [IP Address] -j ACCEPT

Blocking back an IP Address:
# iptables -A INPUT -d [IP Address] -j DROP

service iptables save
Note: Full path to IPTABLES is /sbin/iptables, you can replace command # iptables with /sbin/iptables

Wednesday 18 July 2012

Quota showing "Unlimited " in WHM !!!!!

For recently created users, quota is not working properly in WHM.

While running # /scripts/fixquotas , error obtained as follows:

Resetting quota for user1 to 10000 M
edquota: Quota write failed (id 517): Invalid argument
Resetting quota for user2 to 300 M
edquota: Quota write failed (id 507): Invalid argument
........................................

SOLUTION :

Run the following command:

# quotacheck -vagum

v : quotacheck report its operation as it progresses

g : Only group quotas listed in /etc/mtab or on the filesystems specified are to be checked

u : Only user quotas listed in /etc/mtab or on the filesystems specified will be checked

m : Don't try to re-mount file system as Readonly.

a : Check all mounted non-NFS filesystems in /etc/mtab

It will take a long time to complete the quotacheck. After completing the quotacheck, run /scripts/fixquotas

The issue has been fixed now..!!!!!!!

Migrating Single cPanel account

Taking Back-up of cPanel account:

# cd /scripts
# ./pkgacct username
( Replace username with the cpanel account you wish to backup)

There will be a file now in /home called cpmove-username.tar.gz .

Then,move the cpmove-username.tar.gz to the new server to which you want to migrate

# scp cpmove-username.tar.gz root@host:/home/

Now , the cpmove-username.tar.gz is in the /home of new server. Then, run restore function

# /scripts/restorepkg username

Thats it!!!

Monday 16 July 2012

NAGIOS CONFIGURATION

Following steps will take place when Nagios (installed on Nagios server) monitors a service (eg: server load) on the remote host

1) Nagios will execute check_nrpe command on nagios-server and will request it to monitor disk usage on remote host using check_load command.
2) The check_nrpe on the nagios-server will contact the NRPE daemon on remote host and will request it to execute the check_load on remote host.
3) The results of the check_load command will be returned back by NRPE daemon to the check_nrpe on nagios-server.

Nagios Server (check_nrpe) ~~> Remote host (NRPE deamon) ~~> check_load

Nagios Server (check_nrpe) <~~ Remote host (NRPE deamon) <~~ check_load (returns the server load)

Before we begin, we need to install some packages on the remote host for Nagios to work fine.

# yum install elinks gcc make gcc-c++
# yum -y install openssl-devel
# useradd nagios
# passwd nagios
# cd /usr/src/

Then install Nagios plugin and NRPE on remote host.

Install Plug-in
# wget http://sourceforge.net/projects/nagiosplug/files/nagiosplug/1.4.15/nagios-plugins-1.4.15.tar.gz/download
# tar -zxvf nagios-plugins-1.4.15.tar.gz && cd nagios-plugins-1.4.15
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
# make
# make install
# chown nagios:nagios /usr/local/nagios
# chown -R nagios:nagios /usr/local/nagios/libexec
# cd ..

Install NRPE
#wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# ./configure
# make all
# make install-plugin
# make install-daemon
# make install-daemon-config
# make install-xinetd
Edit Xinetd NRPE entry
# vi /etc/xinetd.d/nrpe
only_from = 127.0.0.1 Server-IP (nagios monitoring server ip-address is: )
:wq (save and exit)

Edit services file entry
# vi /etc/services
nrpe 5666/tcp # Entry for NRPE daemon
:wq (save and exit)

Restart xinetd
# service xinetd restart

Verify whether NRPE is listening
# netstat -at |grep nrpe # output -: tcp 0 0 *:nrpe *.* LISTEN
Verify to make sure the NRPE is functioning properly
# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

Configuring Nagios monitoring server to monitor the remote host

# cd /usr/src
# wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# yum -y install openssl-devel
# yum install perl
# ./configure
# make all
# make install-plugin

Create a command definition
# vi /home/nagios/public_html/etc/objects/commands.cfg
Add the following:

# NRPE CHECK COMMAND
# Command to use NRPE to check remote host systems
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

Create configuration file for remote host
# cp –prf /home/nagios/www/etc/objects/ localhost.cfg /home/nagios/www/etc/objects/remotehost.cfg
# vi /home/nagios/www/etc/objects/remotehost.cfg
Replace the values “host_name” “alias” “address” with the values that match your setup:

** The “host_name” you set for the “define_host” section must match the “host_name” in the “define_service” section **

# Define a host for the remote machine
define host{
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name alpha235
alias alpha235
address 62.75.215.12
}
# SERVICE DEFINITIONS
# Define a service to "ping" the local machine

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}

# Define a service to check the disk space of the root partition.

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Root Partition
check_command check_nrpe!check_disk
}

# Define a service to check the number of currently logged in users on the remotehost.

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Users
check_command check_nrpe!check_users
}

# Define a service to check the number of currently running processes on the remote host.

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Total Processes
check_command check_nrpe!check_total_procs
}
# Define a service to check the load on the remote host.

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Load
check_command check_nrpe!check_load
}

# Define a service to check SSH on the remote host.
# Disable notifications for this service by default, as not all users may have SSH enabled.

define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description SSH
check_command check_nrpe!check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the remote host.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description HTTP
check_command check_nrpe!check_http
notifications_enabled 0
}

Activate the remotehost.cfg template
# vi /usr/local/nagios/etc/nagios.cfg
Definitions for monitoring remote Linux machine
cfg_file=/home/nagios/www/etc/objects/remotehost.cfg
Verify Nagios Configuration Files
# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# /home/nagios/public_html/bin/nagios -v /home/nagios/public_html/etc/nagios.cfg (In our server)
Output : ...
...
Things look okay - No serious problems were detected during the pre-flight check

Verify whether nagios monitoring server can talk to the remote host
# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12
NRPE v2.12

Start nagios
# /home/nagios/www/bin/nagios -d /home/nagios/www/etc/nagios.cfg

Restart nagios (if already running)
# kill -HUP <nagios_pid>

# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12 -c check_load (To check the load of the remote server)
OK - load average: 0.35, 0.30, 0.23|load1=0.350;15.000;30.000;0; load5=0.300;10.000;25.000;0; load15=0.230;5.000;20.000;0;

(Usage: check_nrpe -H <host> [-n] [-u] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>])