Monday, February 8, 2016

Docker on CentOS 7 - proxies, yum repo, LVM, ...

By default CentOS 7 (and RHEL) use a not-so-good filesystem for Docker.
Here's the instructions to use Copy-on-Write LVM volumes instead.  This will give a vastly superior experience when using Docker on CentOS 7.
## Setup LVM
rm -rf /var/lib/docker
pvcreate /dev/
vgcreate docker /dev/
lvcreate -l 95%VG -n data docker  ## creates a large data partition
lvcreate -l 100%FREE -n meta docker  ## creates a small metadata partition


You'll need to reconfigure the service too.  This is done by a "drop-in" file for systemd.
If you need proxies for the Docker Engine, configure them here too.

## Reconfigure the service
mkdir /etc/systemd/system/docker.service.d
tee /etc/systemd/system/docker.service.d/custom.conf <<-'EOF'
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=devicemapper --storage-opt dm.datadev=/dev/docker/data --storage-opt dm.metadatadev=/dev/docker/meta --iptables=false
Environment='HTTP_PROXY=http://192.0.2.22:8080' 'NO_PROXY=localhost'
EOF
## if this is modified later, do this: systemctl daemon-reload


Now add the Docker Inc. yum repo & install docker:

## Docker repo & install rpm
tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
yum install docker-engine -y

## Systemd service
systemctl enable docker
service docker start

Monday, April 7, 2014

Using parted on large (>2TB) drives

Making aligned partitions, etc.

parted -a optimal /dev/sdx
mklabel gpt
mkpart primary 0% 100%

Use %'s to avoid alignment issues.

Alternatively:
unit bytes
mkpart ...

if you want to get into the guts of things.


Bonus: you can optionally "mark" partitions as their function.
- set 1 lvm on  [for LVM]
- set 1 raid on  [for MD RAID]

Mounting VMDK files in Linux

This is pretty awesome - useful for recovery.

From: http://cromoteca.com/en/blog/mountflatvmwarediskimagesunderlinux/
Here's my extra notes.

First, mount the flat vmdk file as loop0, eg:
losetup /dev/loop0 /srv/data/deadserver-flat.vmdk

Now, investigate the structure with parted, eg:
# parted /dev/loop0
GNU Parted 2.1
Using /dev/loop0
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) unit bytes
(parted) print
Model:  (file)
Disk /dev/loop0: 12884901888B
Sector size (logical/physical): 512B/512B
Partition Table: msdos

Number  Start       End           Size          Type     File system  Flags
 1      32256B      131604479B    131572224B    primary  ext3         boot
 2      131604480B  238533119B    106928640B    primary               raid
 3      238533120B  12880788479B  12642255360B  primary               lvm


The figures in the start column can be used as offsets into the loop device to get to the partitions stuck in the vmdk file.

Next, mount the partition from within the vmdk as another loop device, eg:
losetup -o 238533120 /dev/loop2 /dev/loop0

Finally, confirm it worked:
# blkid /dev/loop2
/dev/loop2: UUID="oc9FXU-tSLN-jdy9-1Zpy-XpA1-qgkI-Ng2l4w" TYPE="LVM2_member"


Cool.  Now you can use loop2 as a block-device.

Thursday, August 25, 2011

NSS_LDAP timeout towards Active Directory

Suffering from LDAP timeouts on Unix, where it thought it had a TCP connection to Active Directory LDAP - but it didn't really?

ie:
"nss_ldap: reconnected to LDAP server ldap://ad.in.company.com/"
or...
"nscd: nss_ldap: could not search LDAP server - Server is unavailable"

Here's one possible solution: increase the idle timeout in the Active Directory LDAP policies. By default it is 900 seconds.
(ref: http://support.microsoft.com/kb/315071)

> ntdsutil.exe
: LDAP Policies
: connections
: connect to server ad.in.company.com
: q
: Show Values
: set MaxConnIdleTime to 129600
: Show Values
: Commit Changes
: Show Values
: q
: q

This effects all DC's (as far as I can tell).


Now create a cron job in Unix to query the Active Directory (i.e. getent passwd) at an interval of less than MaxConnIdleTime.

Monday, April 11, 2011

Cross platform shell script / batch file (Windows NT & Unix)

Here's a neat little hack I've come up with to script across both Windows and Unix.

It requires a ".bat" extension under Windows, and the execute bit set under Unix.

It uses the GOTO command in Windows to skip the Unix part, and it abuses the stderr redirect in Unix to effectively ignore the Windows IF and GOTO commands on line 1.


if %OS% == Windows_NT goto WINDOWS
then
:
## Hack to make a cross-OS compatible script
fi 2> /dev/null

# ------------------------------------------------------------------------------
# Unix execution
# ------------------------------------------------------------------------------

NAME=$0
NAME=${NAME%.bat}
NAME=${NAME##*/}

echo "My name is ${NAME}, and I work in Unix environments"

exit

# ------------------------------------------------------------------------------
# Windows execution
# ------------------------------------------------------------------------------

:WINDOWS
@echo off

set NAME=%~n0

echo My name is %NAME%, and I work in Windows NT environments"

# ------------------------------------------------------------------------------

Tuesday, December 28, 2010

esxi raw disk pass through

As a follow up to this post, I have migrated to ESXi.

Here's how to pass through drives as raw in ESXi:

(from the SSH tech support console)

# fdisk -l

Have a look at all the drives on the system, then check how they map to "vml" descriptors:

# ls /dev/disks/ -l

Hopefully you can see something like this:

vml.01000000002020202020202020202020203956533030524859535433313530 -> t10.ATA_____ST31500341AS________________________________________9VS00RHY

Now create a spot for the mappings... such as: /vmfs/volumes/system/rdms/

# cd /vmfs/volumes/system/
# mkdir rdms
# cd rdms

Then create the mapping:

# vmkfstools -z /vmfs/devices/disks/vml.010000000020202020202020202020202039565330344d4254535433313530 rdm02.vmdk -a lsilogic

You should end up with a nicely formatted .vmdk file:

# cat rdm01.vmdk
# Disk DescriptorFile
version=1
encoding="UTF-8"
CID=fffffffe
parentCID=ffffffff
isNativeSnapshot="no"
createType="vmfsPassthroughRawDeviceMap"

# Extent description
RW 2930277168 VMFSRDM "rdm01-rdmp.vmdk"

# The Disk Data Base
#DDB

ddb.virtualHWVersion = "7"
ddb.longContentID = "b2fb0907ebc87f39d99073f1fffffffe"
ddb.uuid = "60 00 C2 9b 29 b5 6d ec-bd 59 29 42 64 db 45 46"
ddb.geometry.cylinders = "182401"
ddb.geometry.heads = "255"
ddb.geometry.sectors = "63"
ddb.adapterType = "lsilogic"


Now head back to the GUI and add the harddrive to the desired VM.

( Thank you http://www.vm-help.com/esx40i/SATA_RDMs.php )

Thursday, October 21, 2010

Windows Home Premium (Vista) username troubles

The trouble with Windows Vista Home Premium is that it doesn't allow access to the local users and groups snap-in. This means that usernames expected by network devices (other computers, i.e. file servers) cannot be specified for users whilst keeping "pretty names" such as "Joe Blogs" (username: joeb).

Solution is to use: Netplwiz.exe in system32.