Linux

MDADM: Convert RAID5 to RAID10

 Linux, RAID  No Responses »
Sep 042016
 

Based on Changing a RAID-10 into a RAID-5

It is usually assumed that the best HDD organization on a backup server is a RAID5, since it provides a fairly good price/volume. Unfortunately, increasing of disk count affect to some RAID5 disadvantages, in particular the in reliability and recovery speed. For example if the server has RAID5 of 6 (six) SATA disk drives (even it’s reliable enough, such as WD Re), with one disk replacement, array recovery time is about 10 hours (in my case). At the recovery time reservation is absent, the load on the disks are increased, that increases the probability of failure of the remaining disks, and if all the disks have same series, the probability of another disk will deteriorate during the recovery, increase even more.
In this regard, it was decided to convert the existing disk array from RAID5 to RAID10 with the addition of two drives, that in theory should lead to increasing of server performance and improving reliability.

Continue reading »

Access to HP ILO2 via OpenSSH v6.2 and higher

 HP ILO, Linux  1 Response »
Feb 272016
 

When you try to access HP ILO2 console via some new version of OpenSSH you have error.
For OpenSSH v.6
# ssh ilouser@iloserver
Received disconnect from iloserver: 2: Client Disconnect

Solution: add option -o MACs=hmac-sha1 to ssh:

# ssh -o MACs=hmac-sha1 ilouser@iloserver
ilouser@iloserver's password:

For OpenSSH v.7
# ssh ilouser@iloserver
Unable to negotiate with UNKNOWN: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

Solution: add option -o KexAlgorithms=diffie-hellman-group1-sha1 -o MACs=hmac-sha1 to ssh:

# ssh -o KexAlgorithms=diffie-hellman-group1-sha1 -o MACs=hmac-sha1 ilouser@iloserver
ilouser@iloserver's password:

Access to HP ILO remote console via SSH

 HP ILO, Linux  2 Responses »
Feb 272016
 

From Pinoy UNIX Administrations

There are times when you want to have a quick access to the remote console of a server like HP’s ILO but you don’t want (not able) to open a web browser just to access it. But there is an ability to access it via SSH (text console only).

  1. Open a ssh connection to the ILO’s IP address.
    # ssh ilo_admin@ip_address

  2. Enter your ILO admin account and password. After that you will see the ILO prompt.
    hpILO->

  3. To access the remote console of the server at the ILO prompt type “TEXTCONS”
    hpILO->TEXTCONS

  4. You will be presented with the Login: console. Enter your root or user account of the server to gain access.
    Login:

Create virtual machine in XenServer from command line

 Linux, VM, XenServer  3 Responses »
Sep 232012
 

I need to create virtual machine on XenServer (6.2.0) but I have access to console/SSH only

Solution:

  1. Virtual machine based on template. For select template execute: 
    xe template-list
  2. After selecting template, create VM: 
    xe vm-install template="Debian Wheezy 7.0 (32-bit)" new-name-label="newVM"

    so VM based on Debian Wheezy 7.0 (32-bit) template, VM name is newVM
    Last command execution produced UUID for created VM

    3. Continue reading »

Интеграция OpenLDAP и Kerberos, SingleSignOn, MultiDomain, часть 3 – автоматическое изменение паролей Kerberos и Samba

 Kerberos, LDAP, Linux  No Responses »
Aug 022012
 

Для автоматического изменения паролей дополнительных сервисов (Kerberos, Samba и т.д.) была выбрана возможность протоколирования изменений дерева OpenLDAP через сокет.

Необходимо выполнить следующие шаги:

  1. Добавить в OpenLDAP модули (если у вас их еще нет) для протоколирования и использования в качестве базы скриптов:
    ldapmodify -xWD cn=admin,cn=config << __EOF__
    dn: cn=module{0},cn=config
    changetype: modify
    add: olcModuleLoad
    olcModuleLoad: back_sock
    -
    add: olcModuleLoad
    olcModuleLoad: accesslog
    __EOF__

    2. Continue reading »

Интеграция OpenLDAP и Kerberos, SingleSignOn, MultiDomain, часть 1

 Kerberos, LDAP, Linux  1 Response »
Jul 172012
 

Установка производится на Debian Squeeze (6.0)

Задачи: интегрировать OpenLDAP и Kerberos, получив в итоге:

  1. единый пароль для всех сервисов (в том числе Samba3)
  2. поддержку мультидоменной архитектуры – возможность иметь несколько Kerberos realm

Continue reading »

Поиск системы авторизации/аутентификации

 Kerberos, LDAP, Linux  No Responses »
Jul 132012
 

Предпосылки/требования к системе:
1. работа под Linux
2. уменьшение затрат на серверное ПО/клиентские лицензии
3. возможность работы нескольких не связанных организаций на одном сервере – т.е. древовидная структура
4. кластеризация
5. поддержка SSO (single sign on)

Continue reading »