Blog

Saturday, June 01, 2013

Setting up DHCP on an Enslaved VLAN Bridge on CentOS Linux

I had to setup a single interface on a server, with dual DHCP IP addresses that were obtained on the native untagged interface along with a tagged interface enslaved to VLAN bridge in order to rollout Enomaly SpotCloud. Thus the primary interface obtains its IP address via DHCP along with the bridged interface on a VLAN. To set this up :

1. cd /etc/sysconfig/network-scripts

2. vi ifcfg-eth0 so it looks like (change your MAC address accordingly):

DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HWADDR=f4:ce:46:82:55:f4 

3. Then create your VLAN interface configuration. So vi ifcfg-eth0.1051:

DEVICE=eth0.1051
BOOTPROTO=dhcp
VLAN=yes
BRIDGE=virbr0
ONBOOT=yes

4. Then create your bridge interface configuration: So vi ifcfg-virbr0:

DEVICE=virbr0
TYPE=Bridge
ONBOOT=yes
DELAY=0
BOOTPROTO=dhcp

Note that TYPE must be Bridge with a capital B - otherwise it won't work. And there you have it - when the box boots it gets a DHCP lease on eth0 and on virbr0 which is on VLAN 1051.

Friday, May 10, 2013

Configuring iSCSI on CentOS 5.6

I recently had to load CentOS 5.6 on several HP BL2x220C blade servers to run Enomaly SpotCloud. One of the requirements was to provision disk for KVM virtual machine storage. This could be local disk or optionally iSCSI disk. The following describes the steps I went through to configure iSCSI successfully.

1. You will need to configure your storage system. I was using a HDS HNAS Mercury cluster. The configuration of the HNAS is probably beyond the scope of this post but in essence you need to create a File System of your required size. Then assign that File System to an EVS (Hitachi terminology for a virtual storage system) with an assigned cluster node and IP address on the storage VLAN. You then need to create iSCSI Logical Units within the File System. One LUN will be required for each host. Lastly create iSCSI targets within the EVS iSCSI domain with access configuration only permitted from the host that will use it along with the LUN ID and LUN name. You will end up with is a series of Globally Unique Names that are of a finite size (eg. 500GB)  that are only accessible from a single host: iqn.2011-04.spotcloud:sc-evs-iscsi01.sc-target01.

2. Back to the CentOS side of things - make sure your interfaces are configured correctly and you can ping the storage system. I have two Virtual Connect modules in the HP C7000 enclosure - hence two interface were available. Static IPs were used on the storage network. I edited:

/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth1
/etc/sysconfig/network

3. Make sure the iSCSI daemons are installed. You can do this via yum or from the original source media. Via yum:

yum install iscsi

Via virtual media:

mount /dev/cdrom /mnt
cd /mnt/CentOS
rpm -ivh iscsi*
cd /
umount /mnt

Don't forget to eject the virtual media.

4. Make sure iSCSI starts on boot and start the daemon:

chkconfig iscsi on
service iscsi start

5. Discover your iSCSI targets:

iscsiadm -m discovery -t sendtargets -p 10.255.4.10

The IP address is that of the storage system.

6. Delete any unnecessary iSCSI nodes:

service iscsi stop
iscsiadm -m node <nodename> -o delete
service iscsi start

The <nodename> is the UIN mentioned earlier. Sometimes you will always discover multiple nodes - so you need to configure the storage system to filter available LUNs by client source IP address.

7. Work out which device is the iSCSI node:

fdisk -l

8. Create a partition then format it:

fdisk /dev/sdb
mkfs.ext4 /dev/sdb1

9. Label the device:

e2label /dev/sdb1 /sc-node01

10. Configure the mount in /etc/fstab (note the _netdev mount option to ensure the iSCSI LUN is mounted after networking has been brought up):

LABEL=/sc-node01 /var/lib/xen/images ext3 defaults,_netdev,noatime 0 0

And that's it - you are in business. Lastly, if you are interested here is the Virtual Connect configuration used to configure the blades. This configures blade 1A and 1B interfaces 1 and 2. Interface 1 is assigned untagged VLAN of 1050 (eth0) and tagged VLAN 1051 (eth0.1051). Interface 2 is assigned untagged VLAN 1052 (eth1) - which is the storage network.

add profile D4-C2-B01 -NoDefaultEnetConn -NoDefaultFcConn -NoDefaultFcoeConn
add enet-connection D4-C2-B01
add enet-connection D4-C2-B01
add server-port-map D4-C2-B01:1 SC-Management VlanID=1050 Untagged=True
add server-port-map D4-C2-B01:1 SC-VM VlanID=1051
add server-port-map D4-C2-B01:2 SC-iSCSI VlanID=1052 Untagged=True
assign profile D4-C2-B01 enc0:1A

add profile D4-C2-B02 -NoDefaultEnetConn -NoDefaultFcConn -NoDefaultFcoeConn
add enet-connection D4-C2-B02
add enet-connection D4-C2-B02
add server-port-map D4-C2-B02:1 SC-Management VlanID=1050 Untagged=True
add server-port-map D4-C2-B02:1 SC-VM VlanID=1051
add server-port-map D4-C2-B02:2 SC-iSCSI VlanID=1052 Untagged=True
assign profile D4-C2-B02 enc0:1B
Tuesday, March 05, 2013

FireDaemon Service does run and Process ID changes every few seconds

If the process of your FireDaemon Service is changing rapidly, it's probably because it's crashing, not starting correctly or terminating. Generally it can be a pain to troubleshoot this kind of problem, but there are a few things you can do to fix it:

  1. Check the windows event logs, they usually reveal exactly what's happening.
  2. Try running your service as the user you installed the application as. This user should be a local or domain administrator. To change the service's user credentials set them in the Login section in the Settings tab: /manual/SettingsTab.html
  3. The local file system permissions might be wrong, see http://forums.firedaemon.com/threads/system-permission-on-local-drives.648/ for more information.
  4. If the executable is on a mapped drive or UNC path, your path might be in the wrong format, see http://forums.firedaemon.com/threads/how-do-i-use-mapped-drives-and-or-unc-paths.38/ for more information.
  5. Are you remotely connected via RDP?  Make sure the "Shadow Console" is enabled.  See
    http://forums.firedaemon.com/threads/accessing-the-shadow-console-via-remote-desktop-rdp-using-mstsc-admin-or-console.397/ for more information.
  6. If all else fails, then enable Debug Logging in the FireDaemon Service, let the service run a few times and then look at the debug log to see what's happening.  If you don't understand it, you can send a support ticket and attach the debug log to your ticket.
Saturday, January 26, 2013

Application doesn't launch under FireDaemon

Often FireDaemon services are run off other local drives eg. E: F: etc. These drives could be a new local disk array, iSCSI targets or SAN LUNs. If you find your app is not launching under FireDaemon control then ensure you have checked that the Security permissions includes SYSTEM / Full Control. You need to check this as when you add a new drive to a machine and format with NTFS this permission is not automatically set. To check this:

  1. Go to My Computer and look for the local drive you want to check.
  2. Right click on the local drive and select Properties.
  3. Click on the Security tab
  4. In the list of "Group or user names" look for SYSTEM. If it is not there click Edit
  5. A new dialog box will be displayed titled "Permissions for E:"
  6. Click Add
  7. A new dialog box will be displayed titled "Select Users or Groups"
  8. In the "Enter the object names to select" type SYSTEM and click the Check Names button.
  9. Click OK
  10. Then in "Permssions for E:" dialog check Full Control
  11. Then click OK twice.
Your FireDaemon apps should launch correctly.
Monday, December 31, 2012

Application Window is not visible when logged into remote desktop

When you log into a computer remotely, by default you are only seeing the desktop of the user that you logged in as. Interactive services (including FireDaemon ones) are only visible on the shadow console session or on session 0. This is covered in the following article:

http://forums.firedaemon.com/threads/accessing-the-shadow-console-via-remote-desktop-rdp-using-mstsc-admin-or-console.397/

Tuesday, December 18, 2012

Are administrative rights necessary to run FireDaemon?

The FireDaemon Pro's GUI must be run as an administrator to function correctly on Windows XP and Windows 2003 Server.  On Windows Vista, 2008 and 7 the GUI's elevate correctly so the user should not need to be an administrator. Services can be run as any user,  however the privilege of that user will determine whether the service can interact with the desktop, access network resources and so forth. As a rule of thumb services should be run as Localsystem (that's the default). If network access is required then generally run your service as an administrator. FireDaemon will automatically grant user accounts "Log on as Services" rights.

 

Thursday, December 13, 2012

Useful Software: Monitor and Control Bandwidth Traffic with NetLimiter

NetLimiter is a great application that displays bandwidth usage on a computer or server. It's really useful when you want to see how much bandwidth a specific process is using.

You can use NetLimiter to set download/upload transfer rate limits for applications or even single connection and monitor their internet traffic.

Along with this unique feature, Netlimiter offers comprehensive set of internet statistical tools. It includes real-time traffic measurement and long-term per-application internet traffic statistics

There are 3 versions, all can display the bandwidth usage of applications as well as history graphs but only the shareware/full versions can limit bandwidth of processes (the shareware versions costs, while the Freeware version is free).

Monitor and control bandwidth

Monitor and Control Bandwidth Traffice with NetLimiter

Sunday, October 21, 2012

Useful Software: Startup Delayer - delays the startup of applications when windows loads

Startup Delayer does just what it says; it delays the startup of applications when windows loads. By default when windows loads (after you log in), all your programs load at the same time. This can seriously slow down the load time as all the applications are competing for CPU and Hard Disk accesses. Startup Delayer solves this by allowing you to setup how many seconds after Windows has started to load each program.

Delay Start up of a application in Windows -Startup Delayer

Startup Delayer is freeware and compatible with Windows 98/ME/2000/XP/XP64/Vista You can download it from http://www.r2.com.au/page/products/show/startup-delayer/

Monday, October 15, 2012

Useful Software: QTTabBar - extension that gives Windows Explorer windows a tab bar

QTTabBar is an extension that gives Windows Explorer windows a tab bar (similar to Firefox/IE Tabs). Rather than using a separate program that displays multiple views, you can keep on using your Windows Explorer! This is very useful when dealing with multiple folders since you can have them all in the same window and switching to them is easy.

QTTabBar

There is some tweaking you will need to do to get it to display. Once you install it and log off, go to Internet Explorer. Right click the favorites bar and select "QT TabBar" and "QT Tab Standard Buttons". Once these are visible in your Internet Explorer, they will be visible in Windows Explorer. QTTabBar is freeware and is officially compatible with Windows XP and Windows Vista. I have personally tested it on two Windows 2003 Server boxes and it works fine with no problems. You can download it at http://qttabbar.wikidot.com

Monday, October 08, 2012

Useful Software: PeerBlock - an IPBlocker

PeerBlock is an IPBlocker that let's you control who your computer can communicate with on the internet. You can block communications with advertising or spyware oriented servers, computers monitoring your p2p activities, computers which have been "hacked", even entire countries! PeerBlock is the successor to PeerGuardian (the original IPBlocker). To give you an idea of just how powerful PeerBlock is, my PeerBlock is configured to block Hijacked, Hacked and P2P IP's and in total 911,675,868 IP's are blocked for me!

PeerBlock"

PeerBlock is freeware and compatible with Windows 2000, XP, Vista and 7 (32bit and 64bit). You can download it at http://www.peerblock.com/ Wikipedia: http://en.wikipedia.org/wiki/PeerBlock


Recent Posts



Tags


Archive

    Sign up for Product Updates and Discounts
    Captcha Image
    ×