Making aligned partitions, etc.
parted -a optimal /dev/sdx
mklabel gpt
mkpart primary 0% 100%
Use %'s to avoid alignment issues.
Alternatively:
unit bytes
mkpart ...
if you want to get into the guts of things.
Bonus: you can optionally "mark" partitions as their function.
- set 1 lvm on [for LVM]
- set 1 raid on [for MD RAID]
Monday, April 7, 2014
Mounting VMDK files in Linux
This is pretty awesome - useful for recovery.
From: http://cromoteca.com/en/blog/mountflatvmwarediskimagesunderlinux/
Here's my extra notes.
First, mount the flat vmdk file as loop0, eg:
losetup /dev/loop0 /srv/data/deadserver-flat.vmdk
Now, investigate the structure with parted, eg:
# parted /dev/loop0
GNU Parted 2.1
Using /dev/loop0
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) unit bytes
(parted) print
Model: (file)
Disk /dev/loop0: 12884901888B
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start End Size Type File system Flags
1 32256B 131604479B 131572224B primary ext3 boot
2 131604480B 238533119B 106928640B primary raid
3 238533120B 12880788479B 12642255360B primary lvm
The figures in the start column can be used as offsets into the loop device to get to the partitions stuck in the vmdk file.
Next, mount the partition from within the vmdk as another loop device, eg:
losetup -o 238533120 /dev/loop2 /dev/loop0
Finally, confirm it worked:
# blkid /dev/loop2
/dev/loop2: UUID="oc9FXU-tSLN-jdy9-1Zpy-XpA1-qgkI-Ng2l4w" TYPE="LVM2_member"
Cool. Now you can use loop2 as a block-device.
From: http://cromoteca.com/en/blog/mountflatvmwarediskimagesunderlinux/
Here's my extra notes.
First, mount the flat vmdk file as loop0, eg:
losetup /dev/loop0 /srv/data/deadserver-flat.vmdk
Now, investigate the structure with parted, eg:
# parted /dev/loop0
GNU Parted 2.1
Using /dev/loop0
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) unit bytes
(parted) print
Model: (file)
Disk /dev/loop0: 12884901888B
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start End Size Type File system Flags
1 32256B 131604479B 131572224B primary ext3 boot
2 131604480B 238533119B 106928640B primary raid
3 238533120B 12880788479B 12642255360B primary lvm
The figures in the start column can be used as offsets into the loop device to get to the partitions stuck in the vmdk file.
Next, mount the partition from within the vmdk as another loop device, eg:
losetup -o 238533120 /dev/loop2 /dev/loop0
Finally, confirm it worked:
# blkid /dev/loop2
/dev/loop2: UUID="oc9FXU-tSLN-jdy9-1Zpy-XpA1-qgkI-Ng2l4w" TYPE="LVM2_member"
Cool. Now you can use loop2 as a block-device.
Thursday, August 25, 2011
NSS_LDAP timeout towards Active Directory
Suffering from LDAP timeouts on Unix, where it thought it had a TCP connection to Active Directory LDAP - but it didn't really?
ie:
"nss_ldap: reconnected to LDAP server ldap://ad.in.company.com/"
or...
"nscd: nss_ldap: could not search LDAP server - Server is unavailable"
Here's one possible solution: increase the idle timeout in the Active Directory LDAP policies. By default it is 900 seconds.
(ref: http://support.microsoft.com/kb/315071)
> ntdsutil.exe
: LDAP Policies
: connections
: connect to server ad.in.company.com
: q
: Show Values
: set MaxConnIdleTime to 129600
: Show Values
: Commit Changes
: Show Values
: q
: q
This effects all DC's (as far as I can tell).
Now create a cron job in Unix to query the Active Directory (i.e. getent passwd) at an interval of less than MaxConnIdleTime.
ie:
"nss_ldap: reconnected to LDAP server ldap://ad.in.company.com/"
or...
"nscd: nss_ldap: could not search LDAP server - Server is unavailable"
Here's one possible solution: increase the idle timeout in the Active Directory LDAP policies. By default it is 900 seconds.
(ref: http://support.microsoft.com/kb/315071)
> ntdsutil.exe
: LDAP Policies
: connections
: connect to server ad.in.company.com
: q
: Show Values
: set MaxConnIdleTime to 129600
: Show Values
: Commit Changes
: Show Values
: q
: q
This effects all DC's (as far as I can tell).
Now create a cron job in Unix to query the Active Directory (i.e. getent passwd) at an interval of less than MaxConnIdleTime.
Monday, April 11, 2011
Cross platform shell script / batch file (Windows NT & Unix)
Here's a neat little hack I've come up with to script across both Windows and Unix.
It requires a ".bat" extension under Windows, and the execute bit set under Unix.
It uses the GOTO command in Windows to skip the Unix part, and it abuses the stderr redirect in Unix to effectively ignore the Windows IF and GOTO commands on line 1.
if %OS% == Windows_NT goto WINDOWS
then
:
## Hack to make a cross-OS compatible script
fi 2> /dev/null
# ------------------------------------------------------------------------------
# Unix execution
# ------------------------------------------------------------------------------
NAME=$0
NAME=${NAME%.bat}
NAME=${NAME##*/}
echo "My name is ${NAME}, and I work in Unix environments"
exit
# ------------------------------------------------------------------------------
# Windows execution
# ------------------------------------------------------------------------------
:WINDOWS
@echo off
set NAME=%~n0
echo My name is %NAME%, and I work in Windows NT environments"
# ------------------------------------------------------------------------------
It requires a ".bat" extension under Windows, and the execute bit set under Unix.
It uses the GOTO command in Windows to skip the Unix part, and it abuses the stderr redirect in Unix to effectively ignore the Windows IF and GOTO commands on line 1.
if %OS% == Windows_NT goto WINDOWS
then
:
## Hack to make a cross-OS compatible script
fi 2> /dev/null
# ------------------------------------------------------------------------------
# Unix execution
# ------------------------------------------------------------------------------
NAME=$0
NAME=${NAME%.bat}
NAME=${NAME##*/}
echo "My name is ${NAME}, and I work in Unix environments"
exit
# ------------------------------------------------------------------------------
# Windows execution
# ------------------------------------------------------------------------------
:WINDOWS
@echo off
set NAME=%~n0
echo My name is %NAME%, and I work in Windows NT environments"
# ------------------------------------------------------------------------------
Tuesday, December 28, 2010
esxi raw disk pass through
As a follow up to this post, I have migrated to ESXi.
Here's how to pass through drives as raw in ESXi:
(from the SSH tech support console)
# fdisk -l
Have a look at all the drives on the system, then check how they map to "vml" descriptors:
# ls /dev/disks/ -l
Hopefully you can see something like this:
vml.01000000002020202020202020202020203956533030524859535433313530 -> t10.ATA_____ST31500341AS________________________________________9VS00RHY
Now create a spot for the mappings... such as: /vmfs/volumes/system/rdms/
# cd /vmfs/volumes/system/
# mkdir rdms
# cd rdms
Then create the mapping:
# vmkfstools -z /vmfs/devices/disks/vml.010000000020202020202020202020202039565330344d4254535433313530 rdm02.vmdk -a lsilogic
You should end up with a nicely formatted .vmdk file:
# cat rdm01.vmdk
# Disk DescriptorFile
version=1
encoding="UTF-8"
CID=fffffffe
parentCID=ffffffff
isNativeSnapshot="no"
createType="vmfsPassthroughRawDeviceMap"
# Extent description
RW 2930277168 VMFSRDM "rdm01-rdmp.vmdk"
# The Disk Data Base
#DDB
ddb.virtualHWVersion = "7"
ddb.longContentID = "b2fb0907ebc87f39d99073f1fffffffe"
ddb.uuid = "60 00 C2 9b 29 b5 6d ec-bd 59 29 42 64 db 45 46"
ddb.geometry.cylinders = "182401"
ddb.geometry.heads = "255"
ddb.geometry.sectors = "63"
ddb.adapterType = "lsilogic"
Now head back to the GUI and add the harddrive to the desired VM.
( Thank you http://www.vm-help.com/esx40i/SATA_RDMs.php )
Here's how to pass through drives as raw in ESXi:
(from the SSH tech support console)
# fdisk -l
Have a look at all the drives on the system, then check how they map to "vml" descriptors:
# ls /dev/disks/ -l
Hopefully you can see something like this:
vml.01000000002020202020202020202020203956533030524859535433313530 -> t10.ATA_____ST31500341AS________________________________________9VS00RHY
Now create a spot for the mappings... such as: /vmfs/volumes/system/rdms/
# cd /vmfs/volumes/system/
# mkdir rdms
# cd rdms
Then create the mapping:
# vmkfstools -z /vmfs/devices/disks/vml.010000000020202020202020202020202039565330344d4254535433313530 rdm02.vmdk -a lsilogic
You should end up with a nicely formatted .vmdk file:
# cat rdm01.vmdk
# Disk DescriptorFile
version=1
encoding="UTF-8"
CID=fffffffe
parentCID=ffffffff
isNativeSnapshot="no"
createType="vmfsPassthroughRawDeviceMap"
# Extent description
RW 2930277168 VMFSRDM "rdm01-rdmp.vmdk"
# The Disk Data Base
#DDB
ddb.virtualHWVersion = "7"
ddb.longContentID = "b2fb0907ebc87f39d99073f1fffffffe"
ddb.uuid = "60 00 C2 9b 29 b5 6d ec-bd 59 29 42 64 db 45 46"
ddb.geometry.cylinders = "182401"
ddb.geometry.heads = "255"
ddb.geometry.sectors = "63"
ddb.adapterType = "lsilogic"
Now head back to the GUI and add the harddrive to the desired VM.
( Thank you http://www.vm-help.com/esx40i/SATA_RDMs.php )
Thursday, October 21, 2010
Windows Home Premium (Vista) username troubles
The trouble with Windows Vista Home Premium is that it doesn't allow access to the local users and groups snap-in. This means that usernames expected by network devices (other computers, i.e. file servers) cannot be specified for users whilst keeping "pretty names" such as "Joe Blogs" (username: joeb).
Solution is to use: Netplwiz.exe in system32.
Solution is to use: Netplwiz.exe in system32.
Sunday, October 17, 2010
Samba / Winbind auth to ADS 2008 R2
I'd been having problems connecting CentOS 5.5 to a Active Directory 2008 R2 domain.
1) use the samba3x packages
Winbind would refuse to show entries in getent passwd, and Samba would not allow domain users access to shares. There were problems observable in a packet trace... for example Wireshark would decode STATUS_LOGON_FAILURE in SMB transactions.
Anyway, it turns out that you MUST specify a "idmap config" for the domain! Otherwise UID/GID mappings fail and then users cannot login.
2) use idmap config configuration options
Resulting configuration looks like this:
[global]
log level = 0
workgroup = ad
password server = ad-box-1.ad.local ad-box-2.ad.local
realm = AD.LOCAL
security = ads
encrypt passwords = yes
idmap uid = 1500-999999
idmap gid = 1500-999999
idmap backend = ad
idmap config AD : backend = ad
idmap config AD : range = 1500-999999
template shell = /bin/bash
ldap ssl ads = no
preferred master = no
local master = no
domain master = no
winbind use default domain = true
winbind offline logon = true
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
winbind separator = +
server string = File server
[temp]
comment = samba test server tmp directory
path = /tmp
valid users = @AD+Administrators
read only = No
writeable = Yes
guest ok = No
browseable = Yes
1) use the samba3x packages
Winbind would refuse to show entries in getent passwd, and Samba would not allow domain users access to shares. There were problems observable in a packet trace... for example Wireshark would decode STATUS_LOGON_FAILURE in SMB transactions.
Anyway, it turns out that you MUST specify a "idmap config
2) use idmap config
Resulting configuration looks like this:
[global]
log level = 0
workgroup = ad
password server = ad-box-1.ad.local ad-box-2.ad.local
realm = AD.LOCAL
security = ads
encrypt passwords = yes
idmap uid = 1500-999999
idmap gid = 1500-999999
idmap backend = ad
idmap config AD : backend = ad
idmap config AD : range = 1500-999999
template shell = /bin/bash
ldap ssl ads = no
preferred master = no
local master = no
domain master = no
winbind use default domain = true
winbind offline logon = true
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
winbind separator = +
server string = File server
[temp]
comment = samba test server tmp directory
path = /tmp
valid users = @AD+Administrators
read only = No
writeable = Yes
guest ok = No
browseable = Yes
Subscribe to:
Posts (Atom)
