Archive for November, 2009

Mysql server master master active active replication

Tuesday, November 24th, 2009

Ref: http://www.howtoforge.com/mysql_master_master_replication

a) Create user name and password for replication on both servers by using this command

GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO noslave@’host-name’ IDENTIFIED BY ’some-pass’;

b) Configuration for Server 1 To make it primary Server for Server2

vi /etc/my.cnf

log-bin=mysql-bin
binlog-do-db=fosiul # which Database to replicate
binlog-do-db=hesk # Which Database to replicate
binlog-ignore-db=mysql # Which Database to ignore
binlog-ignore-db=test # Which Database to ignore
server-id = 1 # Primary Server id
auto_increment_increment= 2 # to solved the issue for auto indexing problem
auto_increment_offset = 1 # to solved the issue for auto indexing problem

Configuration For server2 to make as Slave for Server1

server-id = 2

master-host = IP_Of_Server1
master-user =noslave
master-password = SomeStrongPassword
master-port = 3306
auto_increment_increment= 2 # Avoid Auto Indexing problem
auto_increment_offset = 2

Now restart both Server and look for bellow report:

For Server 1 (Master Report):

mysql> show master status;
+——————+———-+————–+——————+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+——————+———-+————–+——————+
| mysql-bin.000008 | 565444 | fosiul,hesk | mysql,test |
+——————+———-+————–+——————+
1 row in set (0.00 sec)

For Server2:( Slave report)

mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: IP-Of-Server1
Master_User: noslave
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000008
Read_Master_Log_Pos: 565444
Relay_Log_File: web-relay-bin.000092
Relay_Log_Pos: 153971
Relay_Master_Log_File: mysql-bin.000008
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 565444
Relay_Log_Space: 154124
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 0
Last_IO_Error:
Last_SQL_Errno: 0
Last_SQL_Error:
1 row in set (0.00 sec)

ERROR:
No query specified

note :

a) Make sure Master_Log_File: mysql-bin.000008 From Slave Report matches with the Master_Log_file name with Master Reports.

b)Make sure Read_Master_Log_Pos: 565444 at Slave Report matches with Position field at Master Reports

c) Make sure Seconds_Behind_Master is always 0(Zero)

Click on the picture to view

Verify Log File

Master(Server1) Slave (Server2)

c)Configuration for server 2 as Master for Server1

#Bellow section for acting as Master for server1

log-bin=mysql-bin

binlog-do-db=fosiul # Which Database to repliacate
binlog-do-db=hesk # Which Database to replicate
binlog-ignore-db=mysql # Which Database to ignore
binlog-ignore-db=test # Which Database to ignore

#Configuration for Server1 to make as slave for Server 2

master-host = IP-Of-Server2
master-user = noslave
master-password = SomeSTrongPassowrd
master-port = 3306
log-slave-updates # To make this Master Server act as slave

d) Now Restart both mysql server and look for bellow report:

Slave Status report for Server1

mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: IP_OF_Sever2
Master_User: noslave
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000006
Read_Master_Log_Pos: 106
Relay_Log_File: mail-relay-bin.000025
Relay_Log_Pos: 251
Relay_Master_Log_File: mysql-bin.000006
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 106
Relay_Log_Space: 550
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 0
Last_IO_Error:
Last_SQL_Errno: 0
Last_SQL_Error:
1 row in set (0.00 sec)

Master Report for Server2 :

mysql> show master status;
+——————+———-+————–+——————+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+——————+———-+————–+——————+
| mysql-bin.000006 | 106 | fosiul,hesk | mysql,test |
+——————+———-+————–+——————+
1 row in set (0.01 sec)

Note :

a) Make sure Master_Log_File: mysql-bin.000006 From Slave Report matches with the Master_Log_file name with Master Report.

b)Make sure Read_Master_Log_Pos: 106 at Slave Report matches with Position field at Master Report.

c) Make sure Seconds_Behind_Master is always 0(Zero)

Click on the picture to view

Slave(Server1) and Master (Server2)

Slave(Server1) and Master (Server2)

How to install innotop

Thursday, November 19th, 2009

a)Download innotop from http://code.google.com/p/innotop/

b)cd /tmp

c) tar -xvzf innotop-1.7.2.tar.gz

d) cd innotop-1.7.2

e) perl per Makefile.PL

f) Make install

NOte : if you see error like this :

Looks good
Warning: prerequisite DBD::mysql 1 not found.
Warning: prerequisite DBI 1.13 not found.
Warning: prerequisite Term::ReadKey 2.1 not found.
Writing Makefile for innotop

Solution :

yum install perl-DBD-MySQL

yum install perl-TermReadKey

Run innotop : perl /usr/bin/innotop –password “your password”

How to install chkrootkit/rootkit hunter

Thursday, November 19th, 2009

a) Download latest rootkithunter from http://www.chkrootkit.org/download/ (latest version is chkrootkit-0.49 but its has bugs)

mv chkrootkit.tar.gz /usr/local/
cd /usr/local/
tar xvfz chkrootkit.tar.gz
ln -s chkrootkit-0.43/ chkrootkit
(replace 0.43 with the right version number)
cd chkrootkit/
make sense

You will now find the chkrootkit program under /usr/local/chkrootkit. Run it by typing

cd /usr/local/chkrootkit/ && ./chkrootkit

How to install portsentry

Thursday, November 19th, 2009

Install PortsEntry

Portsentry is a tool to detect port scans and log it. Download the sorce package of portsentry from sourceforge.net

wget http://path/to/portsentry-1.2.tar.gz
tar zxf portsentry-1.2.tar.gz
make linux
make install

If you get errors like while compiling

make linux
SYSTYPE=linux
Making
gcc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \
./portsentry_io.c ./portsentry_util.c
./portsentry.c: In function ‘PortSentryModeTCP’:
./portsentry.c:1187: warning: pointer targets in passing argument 3 of ‘accept’ differ in signedness
./portsentry.c: In function ‘PortSentryModeUDP’:
./portsentry.c:1384: warning: pointer targets in passing argument 6 of ‘recvfrom’ diffe r in signedness
./portsentry.c: In function ‘Usage’:
./portsentry.c:1584: error: missing terminating ” character
./portsentry.c:1585: error: ‘sourceforget’ undeclared (first use in this function)
./portsentry.c:1585: error: (Each undeclared identifier is reported only once
./portsentry.c:1585: error: for each function it appears in.)
./portsentry.c:1585: error: expected ‘)’ before ‘dot’
./portsentry.c:1585: error: stray ‘\’ in program
./portsentry.c:1585: error: missing terminating ” character
./portsentry.c:1595: error: expected ‘;’ before ‘}’ token
make: *** [linux] Error 1

To fix:

Open portsentry.c and look for the following line. There will be a extra carriage return breaking the line and you have to delete the carriage return and make single line. It should look like below.

printf (“Copyright 1997-2003 Craig H. Rowland <craigrowland at users dot sourceforget dot net>\n”);

Then run make and make install. That should fix it!

To launch portsentry

/usr/local/psionic/portsentry/portsentry -stcp
/usr/local/psionic/portsentry/portsentry -sudp

check the log files /var/log/secure or /var/log/messages on what portsentry is active or not.

Invalid method in request \x80O\x01\x03

Wednesday, November 18th, 2009

Make sure the IP of the server and the Ip in Virutal host (ssl configuraiton ) are same.

<VirtualHost xx.xx.xx.xx:443>

</VirtualHost>

How to configure nagios to work with apache source install(/usr/local/apache)

Monday, November 16th, 2009

Ref:http://nagios.sourceforge.net/docs/3_0/quickstart-fedora.html

Basic nagios setup works well if you install apache server by yum. But if you install and configure Apache from source to run different directory(i.e /usr/local/apache) other then /etc/httpd/conf then then the default nagios web interface would not work because , by default nagios creates nagios.conf file in /etc/httpd/conf.d directory for fedora.

So if you have already installed apache from source then do the following:

Follow step 1 to 5 as documented in nagios website (Except htpasswd section)

(a)

I assume , you have configured your Apache to run from /usr/local/apache , and your apache configuration file is in /usr/local/apache/conf/

copy nagios.conf file from /etc/httpd/conf.d to /usr/local/apache/conf/extra

cp /etc/httpd/conf.d/nagios.conf /usr/local/apache/conf/extra/

Edit httpd.conf which located in /usr/local/apache/conf/httpd.conf and add the bellow line

Include conf/extra/nagios.conf

(b)

Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account – you’ll need it later.

/usr/local/apache/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Restart Apache to make the new settings take effect.

stop the apache server by /usr/local/apache/bin/apachectl stop

start the Apache server by /usr/local/apache/bin/apachectl start

Then Follow rest of the steps .

Extra note:

if you did install apache by yum , then you might see error like bellow :

[root@web nagios-3.2.0]# make install-webconf
/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/httpd/conf.d/nagios.conf
/usr/bin/install: cannot create regular file `/etc/httpd/conf.d/nagios.conf’: No such file or directory
make: *** [install-webconf] Error 1

Solution : mkdir /etc/httpd/conf.d , now run

make install-webconf

So it will install nagios.conf file in /etc/httpd/conf.d directory. Now follow form (a) to (b)

Note : I am assuming you have configured apache to install on /usr/local/apache directory

Apache performace tunning

Monday, November 16th, 2009

Ref: http://httpd.apache.org/docs/2.2/mod/prefork.html

Ref:http://www.devside.net/articles/apache-performance-tuning

Ref:http://en.wikipedia.org/wiki/Slowloris

Sample Configuration for prefork setting

<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

StartServers :

The StartServers directive sets the number of child server processes created on startup. So after restart the apache if we take a snapshot of how many process is running

[root@mail extra]# ps aux | grep -v grep | grep httpd
daemon 5384 0.0 0.7 15788 7532 ? S 17:45 0:00 /usr/local/apache/bin/httpd -k start
daemon 5385 0.0 0.7 15788 7532 ? S 17:45 0:00 /usr/local/apache/bin/httpd -k start
daemon 5386 0.0 0.7 15788 7532 ? S 17:45 0:00 /usr/local/apache/bin/httpd -k start
daemon 5387 0.0 0.7 15788 7532 ? S 17:45 0:00 /usr/local/apache/bin/httpd -k start
daemon 5388 0.0 0.7 15788 7532 ? S 17:45 0:00 /usr/local/apache/bin/httpd -k start
root 13326 0.0 0.8 15788 8596 ? Ss Nov07 0:00 /usr/local/apache/bin/httpd -k start
[root@mail extra]# ps aux | grep -v grep | grep httpd | wc -l
6

so after restart the server, its start of with 5 child process

MinSpareServer:

The MinSpareServers directive sets the desired minimum number of idle child server processes. An idle process is one which is not handling a request.

MaxSpareServers:

The MaxSpareServers directive sets the desired maximum number of idle child server processes. An idle process is one which is not handling a request. If there are more than MaxSpareServers idle, then the parent process will kill off the excess processes.

Extra Note :

Here By setting MinSpareServer and MaxSpareServer, we are telling apache how many child process would be idle at a time. According to the above configuration there would be always minimum of 5 Child process would be ide .So , now if 5 child process is busy,t hen apache will create another 5 child process so it would be 5+5=10 child process, 5 is busy and 5 is idle. Now if all of them 10 child process is busy, apache will create another 5 child process,so total child process would be 5+5+5=15. apache will create child process till 150 , because Maximum client is set to 150

How to compile php for GD library

Friday, November 13th, 2009

Install necessary software by yum or from source

yum install gd gd-devel yum install zlib zlib-devel

then

a) Download the php source from here : http://www.php.net/downloads.php
b) Download the source file in to /tmp directory
c) Here I am gussing the php version is php-5.3.0.tar.gz
d) Tar –xvzf php-5.3.0.tar.gz
e) Cd php-5.3.0
f)

 ./configure --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql --enable-mbstring –-with-gd –-with-zlib –-with-jpeg-dir-with-png-dir

g) make
h) make install
i) setup your php.ini : cp php.ini-dist /usr/local/lib/php.ini
j) Stop apache /usr/local/apache/bin/apachectl1 stop
k) Restart apache /usr/local/apache/bin/apachectl1 start

How to check :

create a file phpinfo.php

<?php
phpinfo();
?>

Open the file in your browser , http://localhost/phpinfo.php

and Look for 2 section , GD and ZLIB. You should see something like bellow pictures