Linux: Difference between revisions
From Cheatsheet
Jump to navigationJump to search
(→Other) |
|||
| Line 292: | Line 292: | ||
<section end="linuxsyslog"/> | <section end="linuxsyslog"/> | ||
== Ceph == | |||
<syntaxhighlight lang="bash"> | |||
# ceph osd lspools | |||
List all available pools | |||
# List available volumes within the openstackvolumes pool | |||
rbd ls openstackvolumes | |||
# List all available snapshots for object volume-asd9p12o3-90b2-1238-1209-as980d7213hs, which resides in pool ghgvolumes | |||
rbd snap ls ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs | |||
# Map the volume-object to the local filesystem | |||
rbd-nbd map ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs | |||
# Map the volume-object as read-only to the local filesystem | |||
rbd-nbd map --read-only ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs | |||
# List currently mapped objects | |||
rbd-nbd list-mapped | |||
# Check what filesystem and partition the device contains | |||
fdisk -l /dev/nbd1 | |||
# Mount the device to a local folder | |||
mount /dev/nbd1p1 /mnt/storage | |||
# Unmount the device from the local folder | |||
umount /mnt/storage | |||
# 2 methods to unmap | |||
# Unmap the mapped object | |||
rbd-nbd unmap /dev/nbd2 | |||
# Unmap the mapped object | |||
rbd-nbd unmap volume-asd9p12o3-90b2-1238-1209-as980d7213hs | |||
</syntaxhighlight> | |||
== User management == | == User management == | ||
Revision as of 09:13, 4 September 2023
Checks
Monitoring
# See CPU + RAM usage, system stats and open processes top # Only list processes making active use of the CPU top -i # Only list processes making active use of the CPU, and include the entire command being instead of just the tool-name top -ci # Prettier version of top that can be customized htop # Reimagined version of top, includes network and disk usage by default btop
Systemd
# Open journalctl starting from the beginning journalctl -b # Open journalctl starting from the end journalctl -e # Show journalctl logs for the sshd service, starting from the end journalctl -u sshd -e
OS & Distribution
# Print OS and host information hostnamectl # Show OS and distribution information cat /proc/version # Show OS and distribution information cat /etc/os-release # Print distribution-specific information lsb_release -a
Hardware & kernel
# List installed kernel modules lsmod # Print Kernel messages dmesg # Print Kernel messages with humanized timestamps dmesg -T # SCSI hardware information cat /proc/scsi/scsi # Print hardware/BIOS information dmidecode # Print hardware/BIOS information of a specific type dmidecode -t 1 # List all connected hardware lshw # List physical network hardware lshw -short -class network # List physical memory hardware lshw -class memory # Show PCI information lspci # Show verbose PCI information lspci -v # List all block/filesystem devices lsblk # List block devices and partition tables fdisk -l
Filesystems
# List clients connected to the local filesystem showmount
SMB/CIFS
# Samba checks smbstatus smbstatus -S smbstatus -b # Samba set debug mode smbcontrol smbd debug 1
NFS
https://www.ibm.com/docs/en/aix/7.2?topic=troubleshooting-identifying-nfs-problems
# NFS nfsstat # Detailed RPC and package information nfsstat -o all # Every RPC "program" is bound to a specific NFS version. Use NFS/CTDB logs in combination with the program ID to identify the failing component rpcinfo -p
UFW
# Show summary of UFW status ufw status # Show verbose UFW status ufw status verbose # Show UFW rules numbered ufw status numbered
CTDB
# CTDB checks in a cluster ctdb status ctdb ip ctdb scriptstatus ctdb event status ctdb uptime ctdb statistics # Use the onnode command to execute a command on all cluster nodes onnode all ctdb status
Pacemaker
# Show status of the pacemaker cluster pcs cluster status # Show status of the pacemaker service pcs status # Show configured pacemaker resources pcs resource config # Show a specific configured resource pcs resource show ResourceNameHere
Services
NTP
Timedatectl
# Show the current status of timedatectl timedatectl # List available timezones timedatectl list-timezones # Set the timezone to Amsterdam timedatectl set-timezone Europe/Amsterdam # Show verbose sync information timedatectl timesync-status
SNMPv3 client installation
https://kifarunix.com/quick-way-to-install-and-configure-snmp-on-ubuntu-20-04/
apt install snmpd snmp libsnmp-dev cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak systemctl stop snmpd net-snmp-create-v3-user -ro -X <CRYPTO-PASSWORD> -a SHA -X <PASSWORD> -x AES <USERNAME>
# /etc/snmp/snmpd.conf sysLocation NL;Zuid-Holland;Rotterdam, 78 MyStreet;2nd Floor;Server Room;Rack sysContact Me <me@example.org> agentaddress 192.168.0.10
systemctl start snmpd systemctl enable snmpd
# Test snmpwalk -v3 -a SHA -A "CRYPTO" -x AES -X "PASSWORD" -l authPriv -u "USER" localhost | head
CTDB
# Stop a ctdb cluster member ctdb stop # Start a stopped ctdb cluster member ctdb continue
Firewalls
UFW
# Allow access from a specific IP to a port and add a comment that show in the status ufw allow from 10.0.0.253 to any port 22 proto tcp comment 'Allow SSH access from XYZ location' # Delete numbered Firewall rule 56 ufw delete 56 # Disable UFW logging (prevent syslog spam) ufw logging off # Set UFW logging back to the default ufw logging low
Firewalld
#placeholder to fill in later
SNMP access
vim /etc/firewalld/services/snmp.xml <?xml version="1.0" encoding="utf-8"?> <service> <short>SNMP</short> <description>SNMP protocol</description> <port protocol="udp" port="161"/> </service>
firewall-cmd --reload firewall-cmd --zone=public --add-service snmp --permanent firewall-cmd --reload
Syslog
Legacy
#/etc/rsyslog.d/70-local-to-rsyslog-server.conf # Define the hostname to send to the syslog server $template SendHostname, "<%pri%> %timestamp% myhost.mydomain.nl %syslogtag% %msg%\n" $ActionForwardDefaultTemplate SendHostname *.warning @10.77.0.1
Rainerscript
Rainerscript: https://rsyslog.readthedocs.io/en/latest/rainerscript/control_structures.html
# /etc/rsyslog.d/70-local-to-rsyslog-server.conf # Define a template and specify a hostname to send as: template(name="SendHostname" type="string" string="%timestamp% myhost.mydomain.nl %syslogtag% %msg%\n" ) # Send logs to target syslog server and port *.warning action(type="omfwd" Target="10.0.33.10" Template="SendHostname" Port="514" Protocol="udp")
Testing
# Use the logger tool to test syslog server reception logger -p local0.error 'Hello World!'
Ceph
# ceph osd lspools List all available pools # List available volumes within the openstackvolumes pool rbd ls openstackvolumes # List all available snapshots for object volume-asd9p12o3-90b2-1238-1209-as980d7213hs, which resides in pool ghgvolumes rbd snap ls ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs # Map the volume-object to the local filesystem rbd-nbd map ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs # Map the volume-object as read-only to the local filesystem rbd-nbd map --read-only ghgvolumes/volume-asd9p12o3-90b2-1238-1209-as980d7213hs # List currently mapped objects rbd-nbd list-mapped # Check what filesystem and partition the device contains fdisk -l /dev/nbd1 # Mount the device to a local folder mount /dev/nbd1p1 /mnt/storage # Unmount the device from the local folder umount /mnt/storage # 2 methods to unmap # Unmap the mapped object rbd-nbd unmap /dev/nbd2 # Unmap the mapped object rbd-nbd unmap volume-asd9p12o3-90b2-1238-1209-as980d7213hs
User management
Create user (RHEL)
# Create user with a home-folder and add him to the wheel group useradd -m john -G wheel # Set a password for the john user passwd john # Create the SSH folder for john mkdir -p /home/john/.ssh # Add a public key to john's account echo "ssh rsa-123980idfas89132hadsckjh871234" >> /home/john/.ssh/authorized_keys # Set proper permissions for the .ssh folder and authorized_keys chown -R john:john /home/john/.ssh chmod 700 /home/john/.ssh chmod 600 /home/john/.ssh/authorized_keys
Other
Throughput test
# Test bandwidth throughput with iperf # Listen on server-A on port 5101 iperf3 -s -p 5101 # Connect to server-A from server-B iperf3 -c 192.168.0.1 -p 5101
# Testing disk/share throughput # Create "testfile" of size 1710x1M in current folder time dd if=/dev/zero of=testfile bs=1M count=1710 # Create "'testfile2" of size 5x1G in current folder time dd if=/dev/zero of=testfile2 bs=1G count=5 # Show copy-time of "testfile" to disk or share time cp testfile /mnt/btfrs/data/<LOCATION>/ # Methods of testing disk or share throughput # show read-time from the mount to null time cat /mnt/btfrs/data/<FILE> > /dev/null # show copy-time from the mount to null time dd if=/mnt/btfrs/data/<FILE> of=/dev/null bs=1M # show copy-time from the mount to the current folder time cp /mnt/btfrs/data/<FILE> . # Copy one folder to another with rsync while showing progress rsync -avhW --no-compress --progress <source>/ <destination>/
Create different temp folder
# Create a temporary TMP folder mkdir -p /scratch/tmp/ # Activate temporary TMP folder export TMPDIR=/scratch/tmp
Inodes
Every file on a filesystem has a corresponding inode file. An inode file of a folder carries names of the files and folders that exist within itself. The name of each filesystem-object refers to an inode file. The inode file of a file contains a kind of metadata about the file, such as the type, Inode ID, timestamp, filename and size.
