Resizing file based xen virtual machine

You can create file based xen instances (eg, blarblar.img). If you have partitions in the file and want to increase the disk space, you cannot use resize2fs straight away on it. So you need to create a new larger file, then transfer the old file data onto it:

say I want the new filesize to be 4Mb,

dd if=/dev/zeo of=newImage.img count=4000 bs=1M

now, transfer the files over. Note that notrunc is important because we still want the output file to be 4 Mb.

xm shutdown oldImage.img
dd if=oldImage.img of=newImage.img conv=notrunc

Next, rename the images and boot up!

mv oldImage.img oldImage-dd-mm-yyyy.img
mv newImage.img oldImage.img
xm create /etc/xen/newImage

you can then do resizefs once the vm is booted up. You can copy the files even if the vm is up but then there is a danger of data inconsistency. Easier to manage than using LV.

10 Things that System Administrators should Know

I got inspired by the 10 commandments for system administrators from http://www.linux.com/feature/44315

This is my list:

1. Be WARY about COST CUTTING.
(cheap hardware, cables, labour)

2. KNOW THE NETWORK well.
(keep network, routing diagrams, track public and private IP, label cables if necessary)

3. ESTABLISH STRONG SECURITY POLICIES in the system.
(Security Access, File Permission, good password choice, encryption, SetUID, LDAP, Kerberos, IPA, firewall)

4. Be the FIRST TO KNOW when something goes wrong.
(Network monitoring, Nagios, SMS, email alerts)

5. make REGULAR and COMPLETE BACKUPS.
(dd, scp, rsync, disk mirroring, backup virtual image, SVN)

6. KEEP LOGS.
(apache, maillogs, audit)

7. BE ORGANISED and DOCUMENT policies and procedures.
(twiki – how and why to do things, keep charts, flow diagram, important phone numbers, important dates)

8. PLAN FOR THE UNPLANNED.
(recovery procedures, possible points of failure, redundancy, always have a plan B for any implementation)

9. AUTOMATE REPETITIVE TASK.
(bash/perl scripting, cron)

10. UPGRADE and EXPLORE NEW TECHNOLOGIES.
(Don’t stick to old technologies. Always be ready to upgrade both software and hardware wise. Have a few test machines to explore new technologies and implement them.)

Simulate Login Checks with Nagios

If you wish to check that your web application is working fine (people are able to login), you can run a script to automate the login process. It is possible to use cron to do it but with nagios, you could do much more. Nagios is highly configurable and it makes perfect sense to write a plugin just to do that.

I wrote a perl script over the weekend to simulate logins into a website once every 2 mins. If login fails after 2 tries, an email alert will be sent to the administrator (Settings can be changed in Nagios). The script works by detecting a certain html pattern from the result generated by the login success webpage. An example of the command in action is something like this:

check_login -f 1 -u http://xxx.com/index.php -l xx -p xx -L Username -P Password -r ‘Logout.jsp’

* L is the Userid field in the form and P is the password field in the form.
* u is the FULL url including the http.
* l is the actual login name and p is the actual login password.
* r is the regex pattern to search for if the login is successful.
* f is the form number. If you have 2 forms in the login page, the 1 will be the first form.

For the script to work, you need perl and its mechanize library. Copy and paste this script into the default plugin folder – likely to be /usr/lib/nagios/plugins. Add ‘check_login’ to hosts.cfg and define it in commands.cfg (or checkcommands.cfg). Refer to the nagios doc if unsure. The script is backward compatible with netsaint.


#!/usr/bin/perl -Tw

use strict;
use Getopt::Long;
use WWW::Mechanize;
use vars qw($opt_v $opt_h $opt_u $opt_f $opt_r $opt_l $opt_L $opt_P $opt_p $PROGNAME);
use lib “/usr/lib/nagios/plugins” ;
use utils qw(%ERRORS &print_revision &support &usage);

my($PROGNAME) = $0 =~ m/([^\/]+)$/;

sub print_help ();
sub print_usage ();
delete $ENV{PATH};
delete $ENV{BASH_ENV};
delete $ENV{ENV};

Getopt::Long::Configure(‘bundling’);

GetOptions(
‘v|version’ => \$opt_v,
‘h|help’ => \$opt_h,
‘u|url=s’ => \$opt_u,
‘l|login=s’ => \$opt_l,
‘p|password=s’ => \$opt_p,
‘f|formnumber=s’ => \$opt_f,
‘r|logoutregex=s’ => \$opt_r,
‘L|loginfield=s’ => \$opt_L,
‘P|passwordfield=s’ => \$opt_P,
);

if ($opt_v) {
print_revision($PROGNAME,’$Revision: 1.0 $’);
exit $ERRORS{‘UNKNOWN’};
}
if ($opt_h) {
print_help(); exit $ERRORS{‘UNKNOWN’};
}

#### PREDEFINE FIELDS
$opt_L = ($opt_L ? $opt_L : “Username”);
$opt_P = ($opt_P ? $opt_P : “Password”);

#### CHECKING REQUIRED FIELDS
sub error($$)
{
my($code, $msg) = @_;
print($msg, “\n”);
exit $ERRORS{$code};
}
($opt_f) || error(‘UNKNOWN’, ‘You need to specify a form number.’);
($opt_u) || error(‘UNKNOWN’, ‘You need to specify a url.’);
($opt_l) || error(‘UNKNOWN’, ‘You need to specify a login name.’);
($opt_p) || error(‘UNKNOWN’, ‘You need to specify a passwd.’);
($opt_r) || error(‘UNKNOWN’, ‘You need to specify a logout regex.’);
my $agent = WWW::Mechanize->new();
$agent->get($opt_u);
$agent->form_number($opt_f);
$agent->field($opt_L,$opt_l);
$agent->field($opt_P,$opt_p);
$agent->click();

my $success = $agent->follow_link( url_regex => qr/$opt_r/i);
unless ($success) {
error(‘CRITICAL’, “$opt_u login failed.\n”);
}

error(‘OK’, “$opt_u login success.\n”);

sub print_usage ()
{
print <
Usage: $PROGNAME [-u URL] [-l login] [-p password] [-L loginfield] [-P=passwordfield] [-f formnumber] [-r logoutregex]

Required Arguments:
-u, –URL==STRING
URL of the site you want to login from.
-l, –login=STRING
login username.
-p, –password=STRING
login passwd.
-L, –loginfield=STRING
Name of the login field in the form.
-P, –passwordfield=STRING
Name of the passwd field in the form.
-f, –formnumber=INT
Form Number on the login page.
-r, –logoutregex=STRING
Regex URL to logout

END
}
sub print_help () {
print_revision($PROGNAME,’$Revision: 1.0 $’);
print <

Bernard Peh, November 2007

This nagios plugin simulates a remote login using perl mechanize library. It attempts to login from a url, check for a logout regex, then logout by itself.
This can be useful to make sure a website or database connection is alive.

END

print_usage();
support();
}