Kevin Hatfield's Blog

Kevin's blurry train of thought……

Posts Tagged ‘unix’

Zero downtime with server restarts using HAProxy

Tuesday, March 24th, 2009

HAProxy is a high availability, software-based HTTP load balancing tool that I’ve seen gaining a lot of traction in large server cluster and cloud computing environments. I’m currently using it as part of a pre-built, cluster image that a third party vendor is maintaining, and it’s performance impressed me enough that I’ve started to look into its capabilities further. Because it’s a software solution, it gives you a lot of flexibility to customize it’s configuration.

One of the neat features I came across is a configuration that will allow you to reboot servers in a cluster without a single user experiencing a 404 error, down-time, or lost sessions. The trick is to use an iptables rule to have Apache respond to two ports, say 80 and 81. Apache really runs on port 80, and then port 81 is configured to forward to port 80. HAProxy is then configured to use the application server’s port 81, and the same server at port 80 is defined as the hot backup.

The igvita.com blog has a good howto on doing just this:

Instead of specifying a physically different app server, we’re going to define our backup instance to be the exact same application server in each case, but with one minor difference: the status port, for the main app server will be different from the one we use on the backup.

Now, if we want to put the server into maintenance mode, we remove the IPTables rule for the forwarded port, and wait a few seconds so that our upstream HAProxy instance recognizes that the server is no longer available for new connections – this is key, it means that no client is dropped in the process. Now, once the server is out of rotation in HAProxy, we can do a graceful restart, add the IPTables rule back in, and we’re live!

What’s cool is that without any reconfiguration on the proxy, you can pull a machine offline gracefully. You simply disable the iptables port forward, HAProxy will notice that port 81 went offline and start sending existing users to port 80 with their current cookies. In reality, it’s the exact same Apache instance, so all session information remains intact. New sessions will all be sent to your other servers, and you can wait until nobody is left using the maintenance-mode machine before taking it offline.

HAProxy
Zero-Downtime Restarts with HAPRoxy
Official HAProxy Documentation (see section 4.2, soft-stop using backup servers)

Tags: , , , , , , , , ,
Posted in Daily Blog, Daily Linux Tip, Open Source Projects, Tech Blog | No Comments »

Adding a user in Solaris 10

Wednesday, February 4th, 2009

To add a user in Solaris 10:
# useradd -c ‘Full Name’ -d /export/home/username -m -s /bin/bash username
(to add an admin user, add -g staff in there)

Then add a password for the user:
# passwd username

Tags: , , , , ,
Posted in Daily Linux Tip, Open Source Projects, Tech Blog | No Comments »

UNIX Commands Cheat List!

Tuesday, January 13th, 2009


Unix commands cheat list

This is nothing more than a place for me to jot down all the *nix commands that I have a hard time remembering. It is not a tutorial, and all the information here is to be used at your own risk. The commands here are used for either freeBSD 5.3, OS X 10.3 or both.

1. Flush the DNS cache:

lookupd -flushcache

2. Run CPAN in shell mode:

perl -MCPAN -e shell

3. Start, Stop, Restart Apache:

apachectl start
apachectl stop
apachectl restart

4. Shutdown and reboot:

shutdown -R now

5. Show disk space:

df -k (in Kb)
df -m (in Mb)
df -g (in Gb)

6. Show disk usage:

du -hc

7. Show disk usage one folder deep:

du -hc -d1

8. Show running processes:

ps aux

9. Edit the Apache configurations file (for freeBSD):

pico /usr/local/etc/apache/httpd.conf

10. Edit the Apache configurations file (for OS X):

pico /private/etc/httpd/httpd.conf (for Apache 1.3)

11. Run the install utility for freeBSD:

/stand/sysinstall

12. Rebuild the access or virtualusertable databases after editing /etc/mail/access or /etc/mail/virtusertable :

make maps

13. Dump a MySQL database:

mysqldump -u USER -pPASSWORD DBNAME > filename.sql

14. Import from a dump file into MySQL:

mysql -u USER -p DBNAME < filename.sql

15. Grab your most important configuration files and email them to yourself:

tar cvfz - /etc/rc.conf /etc/master.passwd /etc/fstab /usr/local/etc | uuencode seedfiles.tgz | mail -s “Web Server Seed Files” someguy@someserver.com

16. Configure Apache 2 from source with the proper modules:

sudo ./configure --prefix=/apache2 --enable-cgi=yes --enable-cgid=yes --enable-dav=yes --enable-expires=yes --enable-headers=yes --enable-info=yes --enable-rewrite=yes --enable-so=yes --enable-speling=yes --enable-ssl=yes --enable-usertrack=yes --enable-vhost-alias=yes

17. Change the mySQL password:

mysqladmin -u root password 'new password goes here'

18. rsync for dummies:

rsync -r --stats --progress --exclude 'some wildcard' /from/some/folder /to/some/other/folder

19. PHP5 on OS X:

http://www.entropy.ch/software/macosx/php/ has a ready to run installer with every possible option turned on. Saves a hell of a lot of hassle.

20. CVS – How to set the CVSROOT in bash:

Put this in .bashrc:
CVSROOT=/usr/local/cvsroot
export CVSROOT

21. CVS – How to set your default editor to pico instead of vi:

EDITOR=pico
export EDITOR

22. CVS – Checkout

(from the folder you want to hold the checked out code)

cvs checkout project

23. CVS – Commit

(from within the working folder)

cvs commit

It will open pico so you can type an explanation of the changes commited.

24. CVS – Refresh working copy

(from within the working folder)

cvs update

I don’t trust this one 100%, so every now and then I re-check out the source.

25. Webmin

A great way to easily manage *nix servers is Webmin. I use it on both freeBSD and it is pretty damn nice. While some of its modules are a bit rustic, overall it beats the hell out of having to use the CLI for annoying stuff.

26. Split a file based on a separation string

csplit -k -f output_file_prefix source_file_name '/separation string/' {99}

99 is the number of times top repeat the command. In the unix flavor of split you can do {*}, but OS X doesn’t like it so I am setting it to 99.

27. Run the Apache Bench:

ab -n100 -c20 http://www.mydomain.com/

Where 100 is the number of iterations and 20 is the number of concurrent hits.

28. Default admin web site for Smoothwall Express:

https://smoothwall.yourdomain.com:441/

29. Recursive find:

find . -iname "*\?*"

finds anything with the escaped character (in this case a question mark) within your current folder.

30. ftp upload from command line:

This one falls under “annoying quirks of OS X.” I wasted over one hour trying to decypher the man page for ftp for 10.4 because it would not let me upload a file from a compressed one-line command within a bash script. Here is the one that worked:

ftp -u ftp://$USER:$PASSWORD@$FTPSERVER/$FTPFOLDER/$REMOTE_FILENAME $LOCAL_FILENAME

This one worked like a champ.

Tags: , , , , , ,
Posted in Daily Blog, Daily Linux Tip, Tech Blog | No Comments »

« Older Entries