Monday, 5 February 2018

How to start/stop and enable/disable Firewall on Redhat 7 Linux system

In RHEL7, to stop/start and enable/disable the firewall is quite different from RHEL6. In Red hat 7 "firewalld" named service we used for local firewall. Please find the below example step by step to check the firewall status.

How to check status of RHEL7 firewall:

[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Thu 2018-02-05 12:37:47 IST; 0 months 1 days ago
Main PID: 332 (firewalld)
CGroup: /system.slice/firewalld.service
           └─332 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Feb 05 12:37:47 localhost systemd[1]: Starting firewalld - dynamic firewall daemon...
Feb 05 12:37:49 localhost systemd[1]: Started firewalld - dynamic firewall daemon.

In the above status firewall is by default enable on the linux system. It is enable automatically when system restart or on.

How to Stop and Start RHEL7 firewall:
 
Please use the below commands to start stop the firewall on redhat linux 7 operating system. 

[root@localhost ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service
Stopped firewall will start again after system's reboot.

[root@localhost ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

How to Disable and Enable RHEL7 firewall:

If you want to disable permanently firewall so that after reboot it is not enable again, please use the below command.

[root@localhost ~]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'

If you want to enable the firewall again run please use the below command.

[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.se

Tuesday, 16 January 2018

How to Flush Memory Cache and Buffer Cache on Linux Server

When you run the "free -m" command and get the below output, then you observe free memory section will be low value but comparatively buffers+cache value would be higher.

Now this is not a bad thing actually since your OS has reserved this memory to speed up your most used process by keeping them in the cache. But in case any new process is executed and your system is low on memory then these cache would be automatically released to make space for memory reservation of new processes.

[root@localhost]# free -m
             total       used       free     shared    buffers     cached
Mem:          2345       1234        1145          0         24        400
-/+ buffers/cache:        664        345
Swap:         4032          0       4032

if you want to clear or free cache/buffer memory then you need to run the below command.

[root@localhost]# echo 3 > /proc/sys/vm/drop_caches

These are the different values which you can use with the above command

echo 1 is clearing only page cache

[root@localhost]# echo 1 > /proc/sys/vm/drop_caches

echo 2 is to clear free dentries and inodes

[root@localhost]# echo 2 > /proc/sys/vm/drop_caches

echo 3 is clearing page cache, dentries and inodes

[root@localhost]# echo 3 > /proc/sys/vm/drop_caches

Thursday, 11 January 2018

SSH login without password in linux

If you want to connect one Linux host to other Linux host through SSH with password-less connection then you need to perform below steps.

Lets suppose you need password-less login from host "server01" / user "redhat" to host "server02" / user "centos".

1. First login in on "server01"as user "redhat" and generate a pair of authentication keys.

[redhat@server01]# ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa):
Created directory '/home/redhat/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/redhat/.ssh/id_rsa.
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub.
The key fingerprint is:
1e:4f:05:79:3a:9f:96:7c:2b:ad:e9:58:37:sc:37:e4 redhat@server01

Note: Do not enter a passphrase.

2. Now you use ssh to create a directory ~/.ssh as user "centos" on server02.

Note: If directory already exist, you do not create it again.

[redhat@server01]# ssh centos@server02 mkdir -p .ssh

centos@server02's password:

Finally append redhat's new public key to centos@server02:.ssh/authorized_keys and enter centos's password one last time:

3. Now copy the rsa key to server 02 ssh authorized_keys file

[redhat@server01]# cat .ssh/id_rsa.pub | ssh centos@server02 'cat >> .ssh/authorized_keys'

centos@server02's password:

Now you can log into server02 as "centos" from server01 as "redhat"a without password.

4. Now you can test the password less connection.

[redhat@server01]# ssh centos@server02

You are successfully login on the server02 without any password.

Note:  In case of any permission issue you need to set "700" permission on .ssh folder on server02.

Thursday, 21 December 2017

Multipath command with an examples

In linux operating system device mapping through multipath is widely used. Here, we can give you some example how we will use the multipath commands in Linux server

➤ Normally multipath device has a Word Wide Identifier (WWID), which is globally unique and unchanging.

➤ When new devices are brought under the control of DM-Multipath, the new devices may be seen in three different places under the /dev directory: /dev/mapper/mpathn, /dev/mpath/mpathn, and /dev/dm-n

➤ The devices in /dev/mapper are created early in the boot process. Use these devices to access the multipathed devices, for example when creating logical volumes.
The devices in /dev/mpath are provided as a convenience so that all multipathed devices can be seen in one directory. These devices are created by the udev device manager and may not be available on startup when the system needs to access them.

Note: Do not use these devices for creating logical volumes or filesystems

➤ Any devices of the form /dev/dm-n are for internal use only and should never be used.

Please find the multipath syntax which we used in the Linux operating system.


l    -> Display the current multipath configuration gathered from sysfs and the device mapper.
ll  -> Display the current multipath configuration gathered from sysfs, the device mapper, and all other available components on the system.
f    -> Remove the named multipath device.
F   -> Remove all unused multipath devices.
v   ->  Verbosity level
          . 0 no output
          . 1 print created devmap names only
          . 2 default verbosity
          . 3 print debug information
d   -> Dry run, do not create or update devmaps
r    -> Force devmap reload

⧪ How to display the current multipath configuration with all information.

[root@localhost~]# multipath -ll
Dec 21 11:27:17 | multipath.conf line 35, invalid keyword: selector
mpathf (3600c0ff00019e9e9dc94c25801000000) dm-6 HP,MSA 2040 SAN
size=466G features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=70 status=active
  |- 1:0:0:4 sdg 8:96 active ready running
  |- 2:0:0:4 sdj 8:144 active ready running
  |- 1:0:1:4 sdq 65:0 active ready running
  `- 2:0:1:4 sdt 65:48 active ready running

⧪ How to remove multipath devices with multipath Command

[root@localhost~]# multipath -f mpathf

Note: if we use -F option then it is remove all unused devices.

⧪ How to Force reload device map with multipath Command

[root@localhost~]# multipath -r

Solaris Server process Monitoring tool- prstat

We have different type of tools and command which are used in Solaris or other Unix system to monitor the system process. But if we are talking about only Sun Solaris server then we have very good process tool which is called "prstat".

In this post, we will find that how prstat is work on the Solaris platform.

   !-[solaris]# prstat

When you run the above command on the command line you will get the below output on the CLI screen which are refreshing in every few seconds and sorting all the information regarding the system resource.

  PID USERNAME  SIZE   RSS STATE  PRI NICE      TIME  CPU PROCESS/NLWP

 21322 root      11M 3236K cpu0    59    0   0:00:00 0.0% prstat/1

 21323 root      18M 4788K sleep   59    0   0:00:00 0.0% sshd/1

 22345 root      10M 2188K sleep   59    0   0:00:00 0.0% bash/1

   584 root       13M 3832K sleep   59    0   0:01:59 0.0% nscd/51

   154 root       13M 2068K sleep   59    0   0:00:00 0.0% syseventd/18

   183 root     1772K  776K sleep   59    0   0:00:13 0.0% utmpd/1

   538 root       11M 2572K sleep   59    0   0:00:00 0.0% picld/4

Total: 12 processes, 31 lwps, load averages: 0.00, 0.00, 0.00


This is a quick view of the prstat command but if you wanted to get a different view of the same info, like a summary of what users own these CPU consuming processes

   !-[solaris]# prstat -a

If you run prstat with the -a option (prstat -a) you will get an output similar to the default one, but the last few lines of it will be used for providing a really useful report of the users consuming top system resources.


  PID USERNAME  SIZE   RSS STATE  PRI NICE      TIME  CPU PROCESS/NLWP

 21322 root      11M 3236K cpu0    59    0   0:00:00 0.0% prstat/1

 21323 root      18M 4788K sleep   59    0   0:00:00 0.0% sshd/1

 22345 root      10M 2188K sleep   59    0   0:00:00 0.0% bash/1


 NPROC USERNAME  SWAP   RSS MEMORY      TIME  CPU

     5 root      52M   13M   1.3%   0:00:00 0.0%

    50 root      841M  571M    56%   0:22:22 0.0%

     2 daemon     17M 4520K   0.4%   0:00:04 0.0%

Total: 12 processes, 31 lwps, load averages: 0.00, 0.00, 0.00

We have different type of syntax which we can used to monitor the Solaris server process which are listed below.

!-[solaris]# prstat -L  -> This shows thread per line instead of one process per line
!-[solaris]# prstat -s -> prstat output can be sorted using set of sub-options .sub options are                  cpu,pri,rss,size,time 
!-[solaris]# prstat -t  -> It provides complete users resource utilization.
!-[solaris]# prstat -Z  -> It provides summary per local zone.

Sunday, 10 December 2017

How to check number of CPU and processor in linux operating system

In this post, we will find all the command using which we can find that how many CPU and processor are used in Linux operating system.

⇾ This command are applicable in both RedHat & CentOS operating machine.

➤ How to check number of processor on operating system.

      cat /proc/cpuinfo | grep "physical id" | sort -u | wc -l

   Using above command it show you the number of processor which are currently used on server.

➤ How to check number of cores on Linux operating system.

     cat /proc/cpuinfo | grep "core id" | sort -u | wc -l

➤ You can used other command as well like "lscpu" to check number of processor and core per socket.

➤ Please find the other command which are also used to check the number of processor and cores in  Linux operating system.

    cat /proc/cpuinfo | grep 'model name' | uniq
   cat /proc/cpuinfo | grep "physical id" | sort -u | wc -l
   cat /proc/cpuinfo | grep "core id" | sort -u | wc -l

Monday, 30 October 2017

How to change a disk in SVM Solaris volume manager

In this post, I will take my sparc server machine. My Sun Sparc server consist 2 hard disk, let us assume the server has 2 hard disk: c0t0d0 and c0t1d0. We will assume c0t0d0 failed and need to be replaced.

Step by Step Method as described below:

1. In the initial step, we will find that which hard disk is down or faulty. To check this we will used "format" command.

!-[solaris]## format
       0. c0t0d0 <__drive type unknown__>
          /pci@0,600000/pci@0/pci@8/pci@0/scsi@1/sd@0,0
       1. c0t1d0 <SUN146G cyl 14087 alt 2 hd 24 sec 848>
          /pci@0,600000/pci@0/pci@8/pci@0/scsi@1/sd@1,0

If you see the "format" command output, we have two disk "c0t0d0,c0t1d0". Disk "c0t0d0" is in faulty state and it's down, You can see the drive type is in unknown state.

2. If you are running the "metastat" command you can see the status of hard disk which is show status in "need maintenance".

!-[solaris]## metastat    # will show status in "need maintenance"

        flags           first blk       block count
     a        u         16              8192            /dev/dsk/c0t0d0s7
     a        u         8208            8192            /dev/dsk/c0t0d0s7
     a    p  luo        16              8192            /dev/dsk/c0t1d0s7
     a    p  luo        8208            8192            /dev/dsk/c0t1d0s7

!-[solaris]## metadb -d c0t0d0s7
!-[solaris]## metadb

Using above command we delete metadb on failing disk and check that metadb on the other disk.

4. Now, we will unconfigure the corresponding disk which is down right now. This is the main step of this post so you can more careful while running the command which is given below.

!-[solaris]## cfgadm -al
!-[solaris]## cfgadm -f -c unconfigure c0::dsk/c0t0d0
!-[solaris]## cfgadm -al

Using cfgadm command we will unconfigure the c0t0d0 faulty hard disk so that we will replace the down hard disk in next step.

5. Now you can change the faulty disk to new one and reconfigure it again with same name.

!-[solaris]## cfgadm -c configure c0::dsk/c0t0d0
!-[solaris]## cfgadm -al

6. In this steo we will duplicate partitionning schema of first disk to the second and create metadb.

!-[solaris]## prtvtoc /dev/rdsk/c0t1d0s2 | fmthard -s - /dev/rdsk/c0t0d0s2
!-[solaris]## metadb -a -f -c2 /dev/dsk/c0t0d0s7

7. In second last step you will run all the below command for replacement of the failinf SVM partition.

!-[solaris]## metastat
!-[solaris]## metareplace -ef d4 c0t0d0s4
!-[solaris]## metareplace -ef d3 c0t0d0s3
!-[solaris]## metareplace -ef d1 c0t0d0s1
!-[solaris]## metareplace -ef d0 c0t0d0s0
!-[solaris]## metareplace -ef d5 c0t0d0s5
!-[solaris]## metareplace -ef d6 c0t0d0s6
!-[solaris]## metasync d0
!-[solaris]## metasync d1
!-[solaris]## metasync d3
!-[solaris]## metasync d4
!-[solaris]## metasync d5
!-[solaris]## metasync d6
!-[solaris]## metasync d7

8. In final step you need to make the disk bootable so that operating system will be boot on the mirror disk.

!-[solaris]## installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t0d0s0

Using this step you can make a disk bootable. I hope this post is useful for you. You are requested to please comment on the post if you have any issue, I will try to back you with my answer.