SRC – Gerenciamento de daemons no AIX

O AIX tem um gerenciador de daemons, chamado SRC, em inglês, “System Resource Controller“.
Através do SRC podemos verificar se um serviço está ativo, parar, iniciar ou reinicializar um serviço.

Isto pode ser feito através dos seguintes comandos:

startsrc: iniciar
refresh: reiniciar
stopsrc: parar
lssrc: verificar status

O SRC permite trabalharmos com um serviço ou um grupo de serviços. Para um serviço, usamos a opção “-s” e para um grupo, “-g”.
Por exemplo, para gerenciar os serviços de NFS:
Verificando status do grupo de serviços:

# lssrc -g nfs
Subsystem            Group    PID    Status
biod                nfs                                     inoperative
nfsd                nfs                inoperative
rpc.statd         nfs                inoperative
rpc.lockd         nfs                inoperative
rpc.mountd          nfs                inoperative

Iniciando um serviço:

# startsrc -s nfsd
# lssrc -g nfs
Subsystem         Group            PID     Status
nfsd             nfs              23672   active
biod             nfs                      inoperative
rpc.statd        nfs                      inoperative
rpc.lockd        nfs                      inoperative
rpc.mountd       nfs                      inoperative

Iniciando um grupo de serviços:

# startsrc -g nfs
0513-059 The biod Subsystem has been started. Subsystem PID is 17242.
0513-029 The nfsd Subsystem is already active.
Multiple instances are not supported.
0513-059 The rpc.statd Subsystem has been started. Subsystem PID is 19862.
0513-059 The rpc.lockd Subsystem has been started. Subsystem PID is 24236.
0513-059 The rpc.mountd Subsystem has been started. Subsystem PID is 6802.

# lssrc -g nfs
Subsystem         Group            PID     Status
nfsd             nfs              23672   active
biod             nfs              17242   active
rpc.statd        nfs              19862   active
rpc.lockd        nfs              24236   active
rpc.mountd       nfs              6802    active

Parando um grupo de serviços:

# stopsrc -g nfs
0513-044 The nfsd Subsystem was requested to stop.
0513-044 The biod Subsystem was requested to stop.
0513-044 The rpc.statd Subsystem was requested to stop.
0513-044 The rpc.lockd Subsystem was requested to stop.
0513-044 The rpc.mountd Subsystem was requested to stop.

# lssrc -g nfs
Subsystem         Group            PID     Status
biod             nfs                      inoperative
nfsd             nfs                      inoperative
rpc.statd        nfs                      inoperative
rpc.lockd        nfs                      inoperative
rpc.mountd       nfs                      inoperative

Fonte: http://www.unixnotes.org/2007/01/31/src-gerenciamento-de-daemons-no-aix 

AIX - Identificando portas abertas

É muito importante conhecer o ambiente que está sendo administrado. Em se tratando de servidores, muitas vezes temos em um ambiente muitas portas abertas (em modo listen), e é importante saber qual processo está ouvindo em uma determinada porta, por questões de segurança e até em situações de troubleshooting.

A dica de hoje é identificar, no AIX, qual processo está sendo executado em uma porta específica.

Método 1 - Usando os comandos netstat e rmsock

Protocolo TCP:

# netstat -Aan |grep *.1334
f1000e0002b753b0 tcp4       0      0  *.1334             *.*                LISTEN

# rmsock f1000e0002b753b0 tcpcb
The socket 0x2b75008 is being held by proccess 5701822 (writesrv).

# ps -ef |grep 5701822
root  5701822  1507536   0   Jun 10      -  0:00 /usr/sbin/writesrv

Como podem ver o processo writesrv está sendo executado na porta 1334.

Protocolo UDP:
# netstat -Aan |grep *.514
f1000e0002a67e00 udp4       0      0  *.514              *.*

# rmsock f1000e0002a67e00 inpcb
The socket 0x2a64c08 is being held by proccess 5308580 (syslogd).

# ps -ef |grep 5308580
root  5308580  1507536   0   Jun 10      -  0:36 /usr/sbin/syslogd

A porta 514 UDP está sendo utilizada pelo processo do syslogd.

Método 2 - Utilizando os comandos netstat e kdb (kernel debuger)

# netstat -Aan |grep 1334
f1000e0002b753b0 tcp4       0      0  *.1334             *.*                LISTEN

# kdb
(0)>
(0)> sockinfo f1000e0002b753b0 tcpcb

[... A saída do comando kdb é bem detalhado, e por isso foi truncado. O importante para nós é a ultima linha, como mostrado abaixo ... ]

proc/fd: 87/3
proc/fd: fd: 3
              SLOT NAME     STATE      PID    PPID          ADSPACE  CL #THS

pvproc+015C00   87*writesrv ACTIVE 05700BE 01700D0 0000001190239480   0 0001

O importante é saber o PID do processo, que está em hexadecimal na coluna PID.
 
Para converter de hexadecimal para decimal, basta utilizar o comando hcal, dentro do prompt do kdb. Como mostrado abaixo.

(0)>
(0)>
(0)> hcal 05700BE
Value hexa: 005700BE          Value decimal: 5701822
(0)> quit

De volta ao shell, verificar qual programa pertence ao PID 5701822.

# ps -ef |grep 5701822
root  5701822  1507536   0   Jun 10      -  0:00 /usr/sbin/writesrv

O mesmo procedimento pode ser utilizado para portas UDP, sempre trocando o parâmetro tcpcb por inpcb.

Dica válida para AIX versões 5.3 e 6.1

Fonte: http://www.vivaolinux.com.br/dica/AIX-Identificando-portas-abertas

Internet Explorer deixa de ser preferência da maioria dos usuários

Após décadas de domínio, o IE passa a deter menos de 50% dos acessos à world wide web no mundo.

Leia mais em: http://www.tecmundo.com.br/internet/14949-internet-explorer-deixa-de-ser-preferencia-da-maioria-dos-usuarios.htm#ixzz1d0qoOwpb

Fita HP LTO Ultrium 5 3TB - PN: C7975A

Especificações técnicas
Tecnologia de gravação	LTO-5 Ultrium
Etiquetas de suportes	Write-on Labels in box
Quantidade por embalagem	1
Capacidade de armazenamento	3.0 TB; Compressed 2:1; Supported
Cor de produto	Light Blue
Comprimento de tape	846 m
Largura da fita	12.65 mm
Espessura de tape	6.4 um
Força magnética coerciva	2500-2700 Oe
Formato do suporte	Re-Writable

Itens incluídos
Declaração de garantia standard	Limited Lifetime

Compatibilidade
Compatibilidade de unidade	Storage Media Compatibility Matrix
url de compatibilidade de unidade	http://www.hptapecompat.com

Kilobytes, Megabytes, Gigabytes, Terabytes... e agora, os Zettabytes!

Um zettabyte corresponde ao número 1 seguido de 21 zeros. Computação em nuvem deverá ser a responsável por armazenar tanta informação.

1 Bit = Um dígito binário
8 Bits = 1 Byte
1024 Bytes = 1 Kilobyte
1024 Kilobytes = 1 Megabyte
1024 Megabytes = 1 Gigabyte
1024 Gigabytes = 1 Terabyte
1024 Terabytes = 1 Petabyte
1024 Petabytes = 1 Exabyte
1024 Exabytes = 1 Zettabyte
1024 Zettabytes = 1 Yottabyte
1024 Yottabytes = 1 Brontobyte
1024 Brontobytes = 1 Geopbyte

How to convert MBps to IOPS or calculate IOPS from MB/s

Most SSDs have two speed ratings for reading as well as for writing.  The first rating is the sustained MB/s performance, which is the main marketing most manufacturers use.  The second rating is the 4K Random IOPS performance, which gives a much better idea of how the drive will perform in the real world.  The sustained MB/s rating is the sequential transfer rate the SSD will maintain continuously, such as over a period of 30 seconds.  The 4K Random IOPS on the other hand is how many 4K (4096 byte) operations the drive will handle per second with each block being read or written to a random position. 
Usually when a Random 4K IOPS figure is given, it may state that this is at a certain queue depth, such as 4, 16, 32 or 64.  With a queue depth of 4, this means that there are 4 separate threads taking place with the drive, each thread independently running its own transfers.  With the use of Native Command Queuing (NCQ), the SSD can handle these threads simultaneously to improve the overall throughput compared to running a single thread.  While many hard disks use native command queuing to line up read/write operations to minimise seek times between each read/write operation, SSDs can read from and write to multiple NAND cells simultaneously, where as the read/write head in a hard disk can only be in one physical place at any time.
While it is nice to see how many IOPS a drive is capable of, it is also useful to see how this translates into actual throughput or even vice versa.  For example, most benchmark tools such as CrystalDiskMark and AS SSD report the random 4K performance in throughput, i.e. MB/s, while the SSD’s specifications usually rates the 4K performance in IOPS.
To see how to translate MBps into IOPS and vice versa, we need to do a little math:

IOPS = (MBps Throughput / KB per IO) * 1024
Or
MBps = (IOPS * KB per IO) / 1024

So let’s say we have an SSD claiming a Random 4K write speed of 20,000 IOPS and it achieves 76.2MB/s in the CrystalDiskMark with the QD32 write test.
To convert the 76.2MB/s to IOPS, we perform the following calculation:

IOPS = (76.2 / 4) * 1024
IOPS = 19.1 * 1024
IOPS = 19,558.4

To see what throughput we need to achieve to match the actual 20,000 IOPS claim, we can perform this calculation in reverse:

MBps = (20,000 * 4) / 1024
MBps = 80,000 / 1024
MBps = 78.125MB/s

Note that each manufacturer uses its own method of coming up with their SSD IOPS ratings.  Besides separate IOPS ratings for read and write speeds, a given SSD can behave quite different depending on the type of data being read or written, as well as the duration this transfer takes place.  For example, an SSD that achieves 5,000 Random 4K IOPS sustained write over a period of 30 seconds may only achieve 1,000 IOPS sustained write over a period of 5 minutes.  For SSDs using the SandForce processor, the compressibility of the data also has an impact, so two benchmark tools may show completely different IOPS readings if one tool sends uncompressible data and the other tool sends highly compressible data and also if one runs the benchmark for longer duration than the other.

Maintain wtmp on AIX

In /var/adm/wtmp on AIX maintains a list of past user sessions and information about the restart/shutdown of that particular system. While this file is normally very small in terms of file size, on an active box, this can grow if not properly maintained. You can use the “last” command to read wtmp, or export it to a text file for further processing with “fwtmp”. While you can simply redirect nothing into wtmp to empty it out “>/var/adm/wtmp”, it’s always a good idea to keep this file (or at least a backup) for security/auditing reasons.

Below is a simple script which will rotate the last 1000 entries in wtmp and discard the rest.

#!/bin/ksh 
#
# Maintain the last 1000 lines in /var/adm/wtmp
# and discard the rest.
#
if [ -s /var/adm/wtmp ]; then 
   /usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp.tmp 
   /usr/bin/tail -1000 /tmp/wtmp.tmp | /usr/sbin/acct/fwtmp -ic > /var/adm/wtmp 
   /usr/bin/rm /tmp/wtmp.tmp
else 
   continue 
fi

Linux on Power Systems Servers overview
 

IBM® Power Systems™ Servers allow you to run Linux® applications, while taking advantage of POWER® hardware performance, availability, and reliability features.

You can use the IBM Installation Toolkit to install Linux on your Power Systems server. Then, virtualize your system and configure open source workloads using the IBM Installation Toolkit for Linux Simplified Setup Tool (Simplified Setup Tool).

• Installing Linux with the IBM Installation Toolkit
  The IBM Installation Toolkit for Linux provides a set of tools and functions that simplifies the installation of Linux on Power Systems Servers.
• Linux on Power Systems Servers and open source workloads
  This topic collection guides you through configuring the file and print server, web server, network infrastructure server, and mail server open source workloads on the Linux on Power system using the IBM Installation Toolkit Simplified Setup Tool (Simplified Setup Tool). This topic collection also instructs you on setting up a virtualized environment in which to run the open source workloads.

Continue with the following topics for information about supported features, supported distributions, and additional resources for installing Linux on Power Systems Servers.

• Supported features for Linux on Power Systems servers
  Use this chart to find the Linux distribution version that supports each system feature. Feature support is shown for Red Hat Enterprise Linux and Novell SUSE Linux Enterprise Server (SLES).
• Supported Linux distributions for POWER7 and POWER6 Servers
  Use these charts to find the supported Linux distributions for Power Systems servers.
• Resources for installing Linux on Power Systems Servers
  Use these information resources to install Linux on Linux on Power Systems Servers.

Building Apache2 From Source on Linux (Redhat 8)

 

This page shows the steps used to compile and build apache2 on linux. The example uses Apache 2.0.46 on Redhat 8 using a bash shell, you will need gcc installed. You can find Apache's install instructions here
Downlaod the latest tar.gz file for apache2

You can download it from httpd.apache.org.
Login as root

You can type su to switch to root. Then run source /etc/profile to ensure that your path environment variable is setup properly.
Extract the source code

In this example we extract the source code to a directory under /usr/local/src/

cp httpd-2.0.46.tar.gz /usr/local/src

 cd /usr/local/src

 gunzip httpd-2.0.46.tar.gz

 tar -xvf httpd-2.0.46.tar

 rm -f httpd-2.0.46.tar

 cd httpd-2.0.46

Now you should be in the directory that contains the source code. Set compiler options (optional)

If you want you can set some compiler options, this is typically done to create optimized code. One very common thing to do is to set CFLAGS=-O2 or CFLAGS=-O3 (that's an Oh, not a Zero) that tells the compiler how much code optimization to do, setting it to a higher value does more optimization, but also takes longer to compile and may potentially cause unexpected things (not common). O2 is a fairly safe level to use. To do this type the following:

export CFLAGS=-O2

You can also tell the compiler what kind of CPU you have to perform more optimizations, I'm not going to get into that here, but if your interested check out the GCC manual. Run autoconf (configure)

Now you need to set the configuration options, and check that all libraries needed to compile are present. This is done with a script called configure, to find out what options you can set type the following:

./configure --help

You will see quite a few options there, we will set the prefix (the directory to install apache, we picked /usr/local/apache2) and also tell it which modules to compile and install. We will tell configure to compile and install all modules as shared DSO libraries, that way we can easily enable and disable them in the httpd.conf file. Here's how we ran configure:

configure --prefix=/usr/local/apache2 --enable-mods-shared=all

Compile Apache

Now to compile apache we run make this compiles the source code into executable binaries.

make

Installing Apache

The next step copies the binaries into the install directory, and sets up the modules.

make install

Starting/Stopping/Restarting Apache

Now to start/stop apache use apachectl in the bin directory of your install dir.

cd /usr/local/apache2/bin
 
 ./apachectl start
 
 ./apachectl stop
 
 ./apachectl restart

A script for init.d (optional)

Here's a script you can save to /etc/init.d/httpd it is a modified version of the one that came in the rpm for Apache 2.0.40

#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server.  It is used to serve \
#              HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache2/logs/httpd.pid
# config: /usr/local/apache2/conf/httpd.conf

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/httpd ]; then
        . /etc/sysconfig/httpd
fi

# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""

# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/apache2/bin/apachectl
httpd=/usr/local/apache2/bin/httpd
pid=$httpd/logs/httpd.pid
prog=httpd
RETVAL=0


# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure.  So we just do it the way init scripts
# are expected to behave here.
start() {
        echo -n $"Starting $prog: "
        daemon $httpd $OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
        return $RETVAL
}
stop() {
        echo -n $"Stopping $prog: "
        killproc $httpd
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd $pid
}
reload() {
        echo -n $"Reloading $prog: "
        killproc $httpd -HUP
        RETVAL=$?
        echo
}

# See how we were called.
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        status $httpd
        RETVAL=$?
        ;;
  restart)
        stop
        start
        ;;
  condrestart)
        if [ -f $pid ] ; then
                stop
                start
        fi
        ;;
  reload)
        reload
        ;;
  graceful|help|configtest|fullstatus)
        $apachectl $@
        RETVAL=$?
        ;;
  *)
        echo $"Usage: $prog {start|stop|restart|condrestart|reload|status"
  echo $"|fullstatus|graceful|help|configtest}"
        exit 1
esac

exit $RETVAL

Next run chkconfig to setup runlevels for which httpd will run:

 chkconfig --add httpd
 
 chkconfig --level 2345 httpd on
 
 chkconfig --list
 

Uninstall old rpm packages (Optional)

If you have old rpm apache packages installed, you can check by running:

rpm -q httpd
 

In my case it lists the following:

redhat-config-httpd-1.0.1-13
httpd-2.0.40-11.3
httpd-manual-2.0.40-11.3

To uninstall one of the rpm's type rpm -e packagename

rpm -e httpd-2.0.40-11.3
 

It may tell you that you have other packages that depend on httpd, you will have to uninstall them first before you can remove the old httpd server.