Search This Blog

Thursday 15 July 2010

Deporting and importing Veritas volumes- simple steps

We are going to deport chg2_dg from node1 and and import on node2.

List the existing VGs
root@node1 # vxdg list
NAME         STATE           ID
locksdg      enabled,shared,cds   1279009022.267.node1
ch2_dg       enabled,cds          1279010647.271.node1
infranet_dg  enabled,shared,cds   1279010983.273.node1

Unmount all the file systems related to ch2_dg from node1

root@node1 # df -h|grep ch2_dg
/dev/vx/dsk/ch2_dg/var_ch2_mqm_vol    48G    77M    45G     1%    /var/ch2/mqm
/dev/vx/dsk/ch2_dg/opt_ch2_mqm_vol   4.0G    18M   3.7G     1%    /opt/ch2/mqm
/dev/vx/dsk/ch2_dg/opt_ch2_rel_vol    98G    90M    92G     1%    /opt/ch2/rel
root@node1 # umount /opt/ch2/rel
root@node1 # umount /opt/ch2/mqm
root@node1 # umount /var/ch2/mqm

Stop all the Veritas volumes from node1

root@node1 # vxvol -g ch2_dg stopall

Deporting the volume

root@node1 # vxdg deport ch2_dg


Node 2:

Listing all existing volume before import.

root@node2 # vxdg list
NAME         STATE           ID
locksdg      enabled,shared,cds   1279009022.267.node1
infranet_dg  enabled,shared,cds   1279010983.273.node1

Importing DG to node2

root@node2 # vxdg import ch2_dg

Mounting file systems on node2 (if mount point is not exist, it must be created before mount.)


root@node2 # vxvol -g ch2_dg startall
root@node2 # mount -F vxfs /dev/vx/dsk/ch2_dg/opt_ch2_rel_vol /opt/ch2/rel
root@node2 # mount -F vxfs /dev/vx/dsk/ch2_dg/opt_ch2_mqm_vol /opt/ch2/mqm
root@node2 # mount -F vxfs /dev/vx/dsk/ch2_dg/var_ch2_mqm_vol /var/ch2/mqm

Tuesday 6 July 2010

Solaris Backup and Restore with ufsdump :- Some useful options-


1. Backing up to a file:

root@host #  ufsdump -0f /admin/backup/etc.dump /etc
  DUMP: Date of this level 0 dump: Mon Jul 05 16:41:36 2010
  DUMP: Date of last level 0 dump: the epoch
  DUMP: Dumping /dev/rdsk/c1t0d0s0 (cat:/) to /admin/backup/etc.dump.
  DUMP: Mapping (Pass I) [regular files]
  DUMP: Mapping (Pass II) [directories]
  DUMP: Writing 32 Kilobyte records
  DUMP: Estimated 148290 blocks (72.41MB).
  DUMP: Dumping (Pass III) [directories]
  DUMP: Dumping (Pass IV) [regular files]
  DUMP: 147902 blocks (72.22MB) on 1 volume at 8136 KB/sec
  DUMP: DUMP IS DONE


2. Restoring data from backup file.

For non interactive (this will restore everything) restore:-

ufsrestore -xvf /admin/backup/etc.dump
for interactive restore:-
ufsrestore -ivf /admin/backup/etc.dump
Here is the proceedure to restore single file named hosts.090610 only.
 ufsrestore -ivf /admin/backup/etc.dump

root@host # ufsrestore -ivf etc.dump
Verify volume and initialize maps
Media block size is 126
Dump   date: Mon Jul 05 16:41:36 2010
Dumped from: the epoch
Level 0 dump of a partial file system on cat:/etc
Label: none
Extract directories from tape
Initialize symbol table.
ufsrestore >
ufsrestore > cd /etc
ufsrestore > ls hosts*
   1378  hosts
   5795  hosts.090610
ufsrestore >
ufsrestore > add hosts.090610
Warning: ./etc: File exists
ufsrestore > extract
Extract requested files
You have not read any volumes yet.
Unless you know which volume your file(s) are on you should start
with the last volume and work towards the first.
Specify next volume #: 1
extract file ./etc/hosts.090610
Add links
Set directory mode, owner, and times.
set owner/mode for '.'? [yn] y
Directories already exist, set modes anyway? [yn] y

3. Copying the contents of a directory to another directory including symbolic links. This is useful when you want to migrate data to new mount point or different path.

Here, all the data /etc will be copied to /admin/backup/etc.

root@host #mkdir /admin/backup/etc
root@host# ufsdump -0f  - /etc|(cd /admin/backup/etc;ufsrestore -xvf -).

Just before this command finish, it may prompt for setting ownership, it must be answered as yes.

After complete above command, if  you found that its restored using relative path, you can just use mv command to move the data.

For instance, if the restoration happend /admin/backup/etc/etc, you do a mv *  /admin/backup/etc/etc/* /admin/backup/etc.


Ref:


Solaris 10 System Administration Essentials

Monday 5 July 2010

sudo to run as another non root user

sudo command is a program for some Unix and Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser, or root)

Here I explain how to edit sudoers file for granting access to another user (say monitor) to stop and start database (its a part of dba user privilege)

Stop and start scripts (/usr/local/bin/dbstop.sh and /usr/local/bin/dbstart.sh) are owned by dba user and only dba has the privileges to run it.



This is the sudo settings for monitor user to run above script as dba user.

Cmnd_Alias DBcmd=/usr/local/bin/dbstop.sh,/usr/local/bin/dbstart.sh
Runas_Alias  DBAUSER=dba 
monitor     ALL   = (DBAUSER) NOPASSWD: DBcmd

Now monitor user can run above command as dba

$sudo -u dba /usr/local/bin/dbstop.sh

Saturday 3 July 2010

Linux iptables Basic Commands-Linux as a router






iptables is the inbuilt firewall in Linux kernel. It can be used for allowing and blocking the traffic passing trough the system.


Configuring iptables to work Linux as a router:

For Linux to work as a router, there should be two NICs normally.

Here we implement the router with below network settings with two NICs

eth1 -> 192.168.15.100, net mask =255.255.255.0, Gateway: 192.168.15.1 -> connected with modem and hence internet, No other system in my LAN des not have direct acces to this modem.

eth0 -> 192.168.1.1, netmask 255.255.255.0 connected with LAN, All system in the LAN has to communicate to internet trough this host.


For Linux to act as route, 2 settings must be done.

1. IP forwarding: This can be achieved temporary by setting the status to 1 as below.

#echo 1 >/proc/sys/net/ipv4/ip_forward

For making it permanet and active on next reboot, we have to enable it by editing /etc/sysctl.conf and edit as below:
net.ipv4.ip_forward = 1
To enable this chage, run the command
sysctl -p /etc/sysctl

2. Adding iptables entry for packets routing:

Before you add any entry, make sure iptables service is running. 
[root@shimna /]# chkconfig --list|grep iptables
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
If its on yet on service level 2-5, make it on using below command.
[root@shimna /]# chkconfig iptables on

Make sure you don't have any unwanted iptables running currently

[root@shimna /]# iptables -nvL

If any unwanted iptables are running, flush all the rules using -F option and save the same.
[root@shimna /]# iptables -F
[root@shimna scripts]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@shimna scripts]#

Now you can add the entry to route the packets:

[root@shimna scripts]# iptables -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j MASQUERADE

The above setting can be verified by below command:

[root@shimna scripts]# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 19 packets, 1554 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all  --  *      eth1    192.168.1.0/24       0.0.0.0/0

Chain OUTPUT (policy ACCEPT 19 packets, 1554 bytes)
 pkts bytes target     prot opt in     out     source               destination


Now your Linux system is ready to act as a router. You can configure all other system the LAN gate way as the Linux host LAN IP.

Solaris Storage Multi pathing (MPXIO) and monitoring.


Solaris I/O multipathing gives you the ability to set up multiple redundant paths to a storage system and gives you the benefits of load balancing and failover.
Enabling Multipath

For Solaris 10: Apply the command stmsboot with below options. This require a reboot.
# stmsboot -e
WARNING: This operation will require a reboot.
Do you want to continue ? [y/n] (default: y) y
The changes will come into effect after rebooting the system.
Reboot the system now ? [y/n] (default: y) y

For Solaris 9 and below do below changes.

1. Edit the file /kernel/drv/scsi_vhci.conf 

change the setting  from
mpxio-disable="yes";
to 
mpxio-disable="no";
2. Edit 

 /kernel/drv/fp.conf
mpxio-disable="yes";
to 
mpxio-disable="no";

3. Reboot the system with "reboot -- -r" option
After reboot, if you check format, all disk will appear with a virtual controller. here its C8.
For getting the information regarding the the physical path included in this virtual dissk, you can use below command.
luxadm display /dev/rdsk/cxxxxxxs2




Below command show the traffic through each fiber channel. Path to same disk using both fiber channel are highlighted.