Re: [CentOS] rename network card device /dev/p3p2 to /dev/eth0
On Thu, Sep 27, 2012 at 05:36:36AM +, KNOPS Manfred wrote: > Hi digimer, > > Sorry, I made a mistake. > "... After rebooting centos generates a device called /dev/et0. ..." > should be > "... After rebooting centos generates a device called /dev/eth0. ..." > > CentOS made it. I got what I want. > > Where is the general guide? I didn't understood what you mean. the keywork you are looking for is biosdevname Lan-On-Motherboard interfaces em (ethernet-on-motherboard <1,2,..>) PCI add-in interfacesi pp_ [tru@fural ~]# biosdevname -d | awk '/BIOS device/ {new=$3} /Kernel name/ {old=$3} /Assigned MAC/ {mac=$4; print old" "new" "mac}' eth0 em1 00:25:90:66:AA:48 eth1 em2 00:25:90:66:AA:49 eth2 p4p1 A0:36:9F:03:28:64 eth3 p4p2 A0:36:9F:03:28:65 eth4 p4p3 A0:36:9F:03:28:66 eth5 p4p4 A0:36:9F:03:28:67 ref: http://linux.dell.com/files/whitepapers/consistent_network_device_naming_migration_guide_rhel_6.pdf http://linux.dell.com/files/whitepapers/consistent_network_device_naming_in_linux-v1.3.pdf Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B pgpQZqHPfrDxR.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] 11TB ext4 filesystem - filesystem alternatives?
Hi All. I have a CentOS server: CentOS 5.6 x86_64 2.6.18-238.12.1.el5.centos.plus e4fsprogs-1.41.12-2.el5.x86_64 which has a 11TB ext4 filesystem. I have problems with running fsck on it and would like to change the filesystem because I do not like the possibility of running long fsck on it, it's a production machine. Also I have some problems with running fsck (not enough RAM, problem with scratch_files option) and if the filesystem will need intervention I will be in a problematic situation. Which other mature and stable filesystem can you recommend for such large storage? Best regards, Rafal Radecki. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 27.09.2012 09:10, Rafał Radecki wrote: > Hi All. > > I have a CentOS server: > > CentOS 5.6 x86_64 > 2.6.18-238.12.1.el5.centos.plus > e4fsprogs-1.41.12-2.el5.x86_64 > > which has a 11TB ext4 filesystem. I have problems with running fsck > on it > and would like to change the filesystem because I do not like the > possibility of running long fsck on it, it's a production machine. > Also I > have some problems with running fsck (not enough RAM, problem with > scratch_files option) and if the filesystem will need intervention I > will > be in a problematic situation. > > Which other mature and stable filesystem can you recommend for such > large > storage? Never had to deal with such a large filesystem, yet, but I'd try XFS on it. Alternatively you can look at less supported filesystems such as BTRFS. Or even http://zfsonlinux.org/. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] High memory needs
We have a computing cluster running Sun Grid Engine, which considers this value to check if a process exceeds the memory limit or not. So somehow I'm bound to consider it. I installed a machine from scratch with CentOS 6.2 x64, nothing else, I open a terminal, I run this simple bash script and VIRT goes beyond 100MB for it. I understand it may not be very precise, however I still don't understant the difference compared to other x64 ditributions, under CentOS the value is 7 times higher! 2012/9/27 Gordon Messmer : > On 09/26/2012 09:14 AM, Jérémie Dubois-Lacoste wrote: >> 1. Run a python script and check the memory that >> it requires (field "VIRT" of the "top" command). > > Don't use VIRT as a reference for memory used. RES is a better > indication, but even that won't tell you anything useful about shared > memory, and will lead you to believe that a process is using more memory > than it is. > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] vsFTP and shorewall
Dear all, Dear support and users: Sorry to trouble you! I configure the shorewall firewall to forward ftp and ssh port to another server, but failed. Can you help me check? I cannot login both SSH and ftp! Below is my environment: (attachment is shorewall dump) 1. Gateway (FC6) 1.1) eth0: lan static IP: 192.168.1.20 1.2) eth1: external public static IP: 113.89.142.80 2.3) Shorewall-3.2.8 is running 2. FTP Server: (Centos63, iptables and selinux are off) 2.1) eth0: lan static IP: 192.168.1.231 2.2) Open SSH port 22 and FTP port 20, 21 already (tested) 2.3) vsftp.conf : use default settings and it works for internal users 3. I want to forward internet access FTP and SSH to FTP Server: 3.1) 113.89.142.80: 20 -> 192.168.1.231:20 udp(FTP) 3.2) 113.89.142.80: 21 -> 192.168.1.231:21 tcp (FTP) 3.3) 113.89.142.80: -> 192.168.1.231:22 tcp (SSH) 4. Shorewall settings: 4.1 interfaces #ZONE INTERFACE BROADCAST OPTIONS net eth1 113.89.142.255 norfc1918,arp_filte lan eth0detect arp_filter ovpntun0- #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE 4.2 zones #ZONE TYPEOPTIONS IN OUT # OPTIONS OPTIONS fw firewall net ipv4 lan ipv4 ovpnipv4 #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE 4.3 policy #SOURCE DESTPOLICY LOG LIMIT:BURST # LEVEL fw all ACCEPT lan net ACCEPT lan fw ACCEPT lan ovpnACCEPT ovpnlan ACCEPT net all DROP all all REJECT #LAST LINE -- DO NOT REMOVE 4.4 rules #SECTION RELATED SECTION NEW ACCEPT all fw tcp ftp <<< it works for local FTP service (tested) ACCEPT all fw udp ftp <<< it works for local FTP service ACCEPT all fw tcp ACCEPT all fw tcp ssh,domain Ping/ACCEPT net fw ACCEPT all fw tcp 5222 ACCEPT all fw udp 5222 ACCEPT:info all $FW tcp 22 DNATnet lan:192.168.1.231 tcp 21 DNATnet lan:192.168.1.231 udp20 DNATnet lan:192.168.1.231:22 tcp #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE 5. # cat /proc/sys/net/ipv4/ip_forward 1 6. more /etc/sysconfig/iptables-config IPTABLES_MODULES="ip_conntrack_netbios_ns ip_nat_ftp ip_conntrack_ftp" Chain net_dnat (1 references) pkts bytes target prot opt in out source destination 3 156 DNAT tcp -- * * 0.0.0.0/00.0.0.0/0 tcp dpt:21 to:192.168.1.231 0 0 DNAT udp -- * * 0.0.0.0/00.0.0.0/0 udp dpt:20 to:192.168.1.231 5 260 DNAT tcp -- * * 0.0.0.0/00.0.0.0/0 tcp dpt: to:192.168.1.231:22 do you know what's wrong? Thanks and best regards! Muiz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 09/27/12 1:52 AM, Nux! wrote: > Never had to deal with such a large filesystem, yet, but I'd try XFS on > it. XFS is fairly memory intensive.11TB file systems tend to mean millions and millions of files. frankly, I wouldn't run this on CentOS 5.6, I would upgrade to CentOS 6.latest and then I would use XFS support for EXT4 and XFS is rather sketchy with the old kernel in 5.x (and why aren't you at 5.8 or whatever is current in the 5 series anyways?!?) -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
>> Which other mature and stable filesystem can you recommend for such >> large >> storage? > > Never had to deal with such a large filesystem, yet, but I'd try XFS on > it. > > Alternatively you can look at less supported filesystems such as BTRFS. > Or even http://zfsonlinux.org/. > Since its for production, i would avoid both zfs and btrfs. But i guess there aren't many options available a.t.m. Best is to wait for btrfs to be production ready. Wouldn't splitting the 11TB filesystem to smaller filesystems work ? You wont able able to avoid the fsck or disruption in service, but atleast you can bring up critical mounts faster. - jb ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
Am 27.09.2012 um 10:10 schrieb Rafał Radecki: > Hi All. > > I have a CentOS server: > > CentOS 5.6 x86_64 > 2.6.18-238.12.1.el5.centos.plus > e4fsprogs-1.41.12-2.el5.x86_64 > > which has a 11TB ext4 filesystem. I have problems with running fsck on it > and would like to change the filesystem because I do not like the > possibility of running long fsck on it, it's a production machine. Also I > have some problems with running fsck (not enough RAM, problem with > scratch_files option) and if the filesystem will need intervention I will > be in a problematic situation. > > Which other mature and stable filesystem can you recommend for such large > storage? what about: $ man tune2fs "maximum / mount count / time" can be changed. and to boot "faster" just do $ touch /fastboot $ reboot -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vsFTP and shorewall
Am 27.09.2012 um 10:58 schrieb muiz: > Dear support and users: > Sorry to trouble you! I configure the shorewall firewall to forward ftp and > ssh port to another server, but failed. Can you help me check? > I cannot login both SSH and ftp! > Below is my environment: (attachment is shorewall dump) what about the shorewall mailing list? -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On Thu, Sep 27, 2012 at 5:52 AM, Nux! wrote: > Alternatively you can look at less supported filesystems such as BTRFS. What do you mean by "less suported" ? https://events.linuxfoundation.org/events/linuxcon-japan/bo --- LinuxCon Japan 2012 | Presentations "On The Way to a Healthy Btrfs Towards Enterprise" by Liu Bo, Fujitsu --- Let me quote: "Btrfs has been on full development for about 5 years and it does make lots of progress on both features and performance, but why does everybody keep tagging it with ""experimental""? And why do people still think of it as a vulnerable one for production use? As a goal of production use, we have been strengthening several features, making improvements on performance and keeping fixing bugs to make btrfs stable, for instance, ""snapshot aware defrag"", ""extent buffer cache"", ""rbtree lock contention"", etc. This talk will cover the above" --- From its web "Liu Bo has been working on linux kernel development since late 2010 as a Fujitsu engineer. He has been working on filesystem field and he's now focusing on btrfs development". RHEL 7 to get Btrfs support http://www.h-online.com/open/imgs/45/8/8/4/6/5/1/43-6b4e69889ee000ca.png "RHEL 7 will support ext4, XFS, and Btrfs (boot and data)" Then you have SuSE: https://www.suse.com/releasenotes/x86_64/SUSE-SLES/11-SP2/ "With SUSE Linux Enterprise 11 SP2, the btrfs file system joins ext3, reiserfs, xfs and ocfs2 as *commercially supported file systems*. Each file system offers disctinct advantages. While the installation default is ext3, we recommend xfs when maximizing data performance is desired, and *btrfs as a root file system when snapshotting and rollback capabilities are required. Btrfs is supported as a root file system (i.e. the file system for the operating system) across all architectures of SUSE Linux Enterprise 11 SP2*. " https://blogs.oracle.com/wim/entry/oracle_linux_6_update_3 "OL6.3 that boots up uek (2.6.39-200.24.1) as install kernel and uses btrfs as the default filesystem for installation. So latest and greatest direct access to btrfs, a modern well-tested, current kernel, freely available. " So, again, what´dya mean by "less supported"?. It´s in the mainline kernel since February so with the adoption by RHEL 7, it´ll become mainstream sooner rather than later... Just my $0.02... FC ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 9/27/12, Fernando Cassia wrote: > So, again, what´dya mean by "less supported"?. It´s in the mainline > kernel since February so with the adoption by RHEL 7, it´ll become > mainstream sooner rather than later... > > Just my $0.02... Thats the whole point isn't it. Until RHEL includes its (rather than as a technology preview), you probably shouldn't use it as a production file system and definitely not with the 5.x CentOS the OP is using - jb ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
You should upgrade to a newer kernel - there are lots of improvements to ext4 since the rhel5 kernel... rhel/centos 6 is a start but if you don't need rhel/centos you could try Ubuntu 12.04 to see how the 3.2.x kernel handles it. cheers On 27 September 2012 10:47, joel billy wrote: > On 9/27/12, Fernando Cassia wrote: > >> So, again, what´dya mean by "less supported"?. It´s in the mainline >> kernel since February so with the adoption by RHEL 7, it´ll become >> mainstream sooner rather than later... >> >> Just my $0.02... > > Thats the whole point isn't it. Until RHEL includes its (rather than > as a technology preview), you probably shouldn't use it as a > production file system and definitely not with the 5.x CentOS the OP > is using > > - jb > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On Thu, Sep 27, 2012 at 10:10 AM, Rafał Radecki wrote: > Which other mature and stable filesystem can you recommend for such large > storage? > > I recommend XFS BR Bent ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 27.09.2012 10:08, John R Pierce wrote: > On 09/27/12 1:52 AM, Nux! wrote: >> Never had to deal with such a large filesystem, yet, but I'd try XFS >> on >> it. > > XFS is fairly memory intensive.11TB file systems tend to mean > millions and millions of files. > > frankly, I wouldn't run this on CentOS 5.6, I would upgrade to CentOS > 6.latest and then I would use XFS support for EXT4 and XFS is > rather sketchy with the old kernel in 5.x (and why aren't you at 5.8 > or > whatever is current in the 5 series anyways?!?) Oh yeah, definitely upgrade to Centos 6. Maybe even go for the elrepo kernel-ml a go, too. They usually provide the latest. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
Definitely shoot for CentOS 6.3 ... XFS with a kernel _more recent_ than 2.6.36 (currently shipped with CentOS6) has more improvements to the XFS code. Youtube video on XFS [0] - I believe the kernel version noted is 2.6.39 (watch the video!) [2]. And there's also a Youtube video on BTRFS [1] that was linked to/shared by Fernando. [0] http://lists.centos.org/pipermail/centos/2012-August/128119.html [1] http://lists.centos.org/pipermail/centos/2012-August/128110.html [2] http://lwn.net/Articles/438671/ ---~~.~~--- Mike // SilverTip257 // On Thu, Sep 27, 2012 at 5:08 AM, John R Pierce wrote: > On 09/27/12 1:52 AM, Nux! wrote: >> Never had to deal with such a large filesystem, yet, but I'd try XFS on >> it. > > XFS is fairly memory intensive.11TB file systems tend to mean > millions and millions of files. > > frankly, I wouldn't run this on CentOS 5.6, I would upgrade to CentOS > 6.latest and then I would use XFS support for EXT4 and XFS is > rather sketchy with the old kernel in 5.x (and why aren't you at 5.8 or > whatever is current in the 5 series anyways?!?) > > > > > > -- > john r pierceN 37, W 122 > santa cruz ca mid-left coast > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On 09/26/2012 11:57 PM, Manish Kathuria wrote: > On Thu, Sep 27, 2012 at 7:46 AM, Gordon Messmer wrote: >> On 09/26/2012 09:15 AM, Steve Clark wrote: >>> Is there a way to make this work correctly? > In addition, you should ideally applying the following patches for > Static, Alternative Routes, Dead Gateway Detection & NAT and recompile > the kernel: > > http://www.ssi.bg/~ja/#routes Hmmm... not being a kernel guru, correct me if I am wrong but isn't the route patch used to detect dead nexthops? I am already doing that from userspace. The second set looks like is calls the routing logic after the SNAT, is that correct? This could solve the problem. Why aren't these patches in the kernel? Thanks, -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On 09/26/2012 10:16 PM, Gordon Messmer wrote: > On 09/26/2012 09:15 AM, Steve Clark wrote: >> Is there a way to make this work correctly? > Shorewall will generate a proper configuration if you specify the > "track" option in the "providers" file. It might be a good idea to use > that to generate your configs rather than building them by hand. > > I believe that you need to mark your connections and use the marks to > select the routing table, in addition to using the "from" rules that you > posted. Otherwise, nothing binds the connection to a fixed > route/interface in a load balanced configuration. I was trying to figure out what criteria to use to mark the connection. FTP is such a braindead application, using to channels and active and passive mode. What really needs to happen is someway to tell the kernel to recheck the routing after SNAT. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vsFTP and shorewall
From: muiz > Sorry to trouble you! I configure the shorewall firewall to forward ftp > and > ssh port to another server, but failed. Can you help me check? > I cannot login both SSH and ftp! http://www.shorewall.net/FAQ.htm#faq1a JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On Thu, Sep 27, 2012 at 7:04 PM, Steve Clark wrote: > On 09/26/2012 11:57 PM, Manish Kathuria wrote: > > On Thu, Sep 27, 2012 at 7:46 AM, Gordon Messmer wrote: > > On 09/26/2012 09:15 AM, Steve Clark wrote: > > Is there a way to make this work correctly? > > In addition, you should ideally applying the following patches for > Static, Alternative Routes, Dead Gateway Detection & NAT and recompile > the kernel: > > http://www.ssi.bg/~ja/#routes > > > Hmmm... not being a kernel guru, correct me if I am wrong but isn't the > route patch used to detect dead nexthops? > I am already doing that from userspace. > > The second set looks like is calls the routing logic after the SNAT, is that > correct? This could solve the problem. > Why aren't these patches in the kernel? > > Thanks, > The routes-x.y-z.diff is a unified patch containing different parts which include support for Dead Gateway Detection as well. However, since that is limited to the first hop, it is preferable to have a userspace script as you are doing. I also use a script to check the accessibility of a remote popular site from each of the ISPs and based upon the response the links are treated alive or dead and the default gateway is changed. However, the routing problem as described by you will only be solved after applying this patch (routes-x.y-z.diff). As for marking the incoming packets to ensure that they go out from the same interface they came from, you could do something like the following: Using iptables mark the incoming traffic from external interfaces /sbin/iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark /sbin/iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark /sbin/iptables -t mangle -A PREROUTING -i eth1 -j MARK --set-mark 1 /sbin/iptables -t mangle -A PREROUTING -i eth1 -j CONNMARK --save-mark /sbin/iptables -t mangle -A PREROUTING -i eth2 -j MARK --set-mark 2 /sbin/iptables -t mangle -A PREROUTING -i eth2 -j CONNMARK --save-mark Add the following rules to your existing ones for policy routing /sbin/ip rule add fwmark 1 table T1 /sbin/ip rule add fwmark 2 table T2 Thanks, -- Manish Kathuria ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On 09/27/2012 06:36 AM, Steve Clark wrote: > I was trying to figure out what criteria to use to mark the connection. > FTP is such a > braindead application, using to channels and active and passive mode. > What really > needs to happen is someway to tell the kernel to recheck the routing > after SNAT. I'm mostly sure that if you mark the *connection* to the FTP server, the related data will follow its path. Again, multipath routing is complex, and Shorewall will do it properly. At the very least, I recommend building a working configuration with Shorewall and then reading the rules that it compiles to understand why it handles routing the way that it does. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On 09/27/2012 11:01 AM, Manish Kathuria wrote: > On Thu, Sep 27, 2012 at 7:04 PM, Steve Clark wrote: >> On 09/26/2012 11:57 PM, Manish Kathuria wrote: >> >> On Thu, Sep 27, 2012 at 7:46 AM, Gordon Messmer wrote: >> >> On 09/26/2012 09:15 AM, Steve Clark wrote: > The routes-x.y-z.diff is a unified patch containing different parts > which include support for Dead Gateway Detection as well. However, > since that is limited to the first hop, it is preferable to have a > userspace script as you are doing. I also use a script to check the > accessibility of a remote popular site from each of the ISPs and based > upon the response the links are treated alive or dead and the default > gateway is changed. However, the routing problem as described by you > will only be solved after applying this patch (routes-x.y-z.diff). > > As for marking the incoming packets to ensure that they go out from > the same interface they came from, you could do something like the > following: > > Using iptables mark the incoming traffic from external interfaces > > /sbin/iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark > /sbin/iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark > /sbin/iptables -t mangle -A PREROUTING -i eth1 -j MARK --set-mark 1 > /sbin/iptables -t mangle -A PREROUTING -i eth1 -j CONNMARK --save-mark > /sbin/iptables -t mangle -A PREROUTING -i eth2 -j MARK --set-mark 2 > /sbin/iptables -t mangle -A PREROUTING -i eth2 -j CONNMARK --save-mark > > Add the following rules to your existing ones for policy routing > > /sbin/ip rule add fwmark 1 table T1 > /sbin/ip rule add fwmark 2 table T2 Hi Manish, Thanks for the info. The one question I have is about /sbin/iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark I thought the OUTPUT chain was only for packets originating locally. I am only concerned with clients behind my Linux router, do I still need this? Again, thanks much for responding. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] High memory needs
On 09/27/2012 01:57 AM, Jérémie Dubois-Lacoste wrote: > We have a computing cluster running Sun Grid Engine, which > considers this value to check if a process exceeds the memory > limit or not. So somehow I'm bound to consider it. > > I installed a machine from scratch with CentOS 6.2 x64, nothing > else, I open a terminal, I run this simple bash script and VIRT > goes beyond 100MB for it. > I understand it may not be very precise, however I still don't > understant the difference compared to other x64 ditributions, > under CentOS the value is 7 times higher! OK, so compare the memory map of the process on the two systems. For example, I've included the output of 'pmap $$' on two CentOS 6 systems. One is 32bit, the other is 64. VIRT on the 32 bit system is ~5MB. On the 64 bit system, VIRT is ~116MB. Why? Well, most of the VIRT size is a mmapped file, /usr/lib/locale/locale-archive. That file isn't resident in memory for the most part, but because the process addresses the contents of that file as if they were memory, rather than as if the content were a file, it's accounted as part of the VIRT size. My login shell on the 64 bit host is only using 3.5MB of RAM total (including libraries shared with other processes), but its VIRT size is ~116MB. If your vendor is using VIRT to make decisions about available resources, they're doing their job profoundly wrong. RES would be better, but still would represent far more memory use than is accurate, especially on systems with many active processes. 64 bit system: [gordon@vagabond:~]$ pmap $$ 23966: bash 0040872K r-x-- /usr/bin/bash 006d9000 4K r /usr/bin/bash 006da000 36K rw--- /usr/bin/bash 006e3000 24K rw---[ anon ] 008e2000 36K rw--- /usr/bin/bash 0122d000 1836K rw---[ anon ] 00383c00128K r-x-- /usr/lib64/ld-2.15.so 00383c21f000 4K r /usr/lib64/ld-2.15.so 00383c22 4K rw--- /usr/lib64/ld-2.15.so 00383c221000 4K rw---[ anon ] 00383c40 1712K r-x-- /usr/lib64/libc-2.15.so 00383c5ac000 2048K - /usr/lib64/libc-2.15.so 00383c7ac000 16K r /usr/lib64/libc-2.15.so 00383c7b 8K rw--- /usr/lib64/libc-2.15.so 00383c7b2000 20K rw---[ anon ] 00383cc0 12K r-x-- /usr/lib64/libdl-2.15.so 00383cc03000 2044K - /usr/lib64/libdl-2.15.so 00383ce02000 4K r /usr/lib64/libdl-2.15.so 00383ce03000 4K rw--- /usr/lib64/libdl-2.15.so 00384d00148K r-x-- /usr/lib64/libtinfo.so.5.9 00384d025000 2044K - /usr/lib64/libtinfo.so.5.9 00384d224000 16K r /usr/lib64/libtinfo.so.5.9 00384d228000 4K rw--- /usr/lib64/libtinfo.so.5.9 7f8ae82aa000 48K r-x-- /usr/lib64/libnss_files-2.15.so 7f8ae82b6000 2044K - /usr/lib64/libnss_files-2.15.so 7f8ae84b5000 4K r /usr/lib64/libnss_files-2.15.so 7f8ae84b6000 4K rw--- /usr/lib64/libnss_files-2.15.so 7f8ae84b7000 102580K r /usr/lib/locale/locale-archive 7f8aee8e4000 16K rw---[ anon ] 7f8aee8f5000 8K rw---[ anon ] 7f8aee8f7000 28K r--s- /usr/lib64/gconv/gconv-modules.cache 7f8aee8fe000 4K rw---[ anon ] 7fff5010a000132K rw---[ stack ] 7fff501ff000 4K r-x--[ anon ] ff60 4K r-x--[ anon ] total 115904K 32 bit: enetics@firewall:~$ pmap $$ 32629: -bash 00291000 4K r-x--[ anon ] 00952000120K r-x-- /lib/ld-2.12.so 0097 4K r /lib/ld-2.12.so 00971000 4K rw--- /lib/ld-2.12.so 00978000 1584K r-x-- /lib/libc-2.12.so 00b04000 8K r /lib/libc-2.12.so 00b06000 4K rw--- /lib/libc-2.12.so 00b07000 12K rw---[ anon ] 00b0c000 12K r-x-- /lib/libdl-2.12.so 00b0f000 4K r /lib/libdl-2.12.so 00b1 4K rw--- /lib/libdl-2.12.so 00b39000 48K r-x-- /lib/libnss_files-2.12.so 00b45000 4K r /lib/libnss_files-2.12.so 00b46000 4K rw--- /lib/libnss_files-2.12.so 00b7d000 88K r-x-- /lib/libtinfo.so.5.7 00b93000 12K rw--- /lib/libtinfo.so.5.7 08047000836K r-x-- /bin/bash 08118000 20K rw--- /bin/bash 0811d000 20K rw---[ anon ] 08b43000232K rw---[ anon ] b7682000 28K r--s- /usr/lib/gconv/gconv-modules.cache b7689000 2048K r /usr/lib/locale/locale-archive b7889000 8K rw---[ anon ] b788f000 12K rw---[ anon ] bff3f000 84K rw---[ stack ] total 5204K ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] High memory needs
On Thu, Sep 27, 2012 at 10:46 AM, Gordon Messmer wrote: > >> I understand it may not be very precise, however I still don't >> understant the difference compared to other x64 ditributions, >> under CentOS the value is 7 times higher! This might explain it: https://bugzilla.redhat.com/show_bug.cgi?id=156477 The mmapped local-archive contains all languages even though only the ones you use are accessed from it. Other distros split them and the installers only install what you want. > 64 bit system: > 7f8ae84b7000 102580K r /usr/lib/locale/locale-archive > > 32 bit: > b7689000 2048K r /usr/lib/locale/locale-archive That's an interesting difference on its own, since the underlying files are about 95M and 54M respectively. Does the 32 bit kernel use some tricks to sparsely map files where the 64 bit one does it directly with page tables? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 2012-09-27, John R Pierce wrote: > > XFS is fairly memory intensive.11TB file systems tend to mean > millions and millions of files. > > frankly, I wouldn't run this on CentOS 5.6, I would upgrade to CentOS > 6.latest and then I would use XFS support for EXT4 and XFS is > rather sketchy with the old kernel in 5.x (and why aren't you at 5.8 or > whatever is current in the 5 series anyways?!?) I have a ~20TB XFS filesystem on CentOS 5. Support for xfs in the CentOS 5 kernels is now built-in, so you don't have to rely on the old buggy XFS modules from centosplus. (I have yet to xfs_repair this filesystem; I did repair it back when it was ~12TB, and it ran fine.) I have also run xfs_repair on a 17TB XFS filesystem on a machine with about 4GB of memory. It ran fine in less than one hour (~30m IIRC; that filesystem is on CentOS 6). I definitely agree that CentOS 6 is a better way to go, but XFS can be done on CentOS 5 too. Just make sure you are completely up to date. For the OP, what are the fsck times currently like for your ext4 filesystem? If they are already less than one hour, you may not see any benefit from switching. --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 09/27/12 11:15 AM, Keith Keller wrote: > I have also run xfs_repair on a 17TB XFS filesystem on a machine with > about 4GB of memory. It ran fine in less than one hour (~30m IIRC; that > filesystem is on CentOS 6). with XFS at least (and probably ext4) what counts is how many files are in the file system more than the absolute size.if you have 17000 1gb files, its one thing, if you have 17,000,000,000 1K files, its another thing entirely. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
On 2012-09-27, John R Pierce wrote: > On 09/27/12 11:15 AM, Keith Keller wrote: >> I have also run xfs_repair on a 17TB XFS filesystem on a machine with >> about 4GB of memory. It ran fine in less than one hour (~30m IIRC; that >> filesystem is on CentOS 6). > > with XFS at least (and probably ext4) what counts is how many files are > in the file system more than the absolute size.if you have 17000 1gb > files, its one thing, if you have 17,000,000,000 1K files, its another > thing entirely. Good point. Just for a data point, I've probably got on the order of a few dozen million files of widely varying sizes on this particular filesystem. (So more than 10 million files but fewer than 100 million.) --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] kernel 2.6.32-279.9.1.el6.x86_64 does not build from the source rpm's
kernel 2.6.32-279.9.1.el6.x86_64 does not build from the source rpm's using the UNmodified config file and following the directions explicitly. Previous kernels build fine from the same directions. A little help from the developers would be greatly appreciated. while building I get this output: c1: warnings being treated as errors drivers/base/platform.c:621: error: 'platform_legacy_suspend' defined but not used drivers/base/platform.c:633: error: 'platform_legacy_resume' defined but not used make[2]: *** [drivers/base/platform.o] Error 1 make[1]: *** [drivers/base] Error 2 make[1]: *** Waiting for unfinished jobs make: *** [drivers] Error 2 make: *** Waiting for unfinished jobs error: Bad exit status from /var/tmp/rpm-tmp.wfx1kU (%build) Bad exit status from /var/tmp/rpm-tmp.wfx1kU (%build) The first line is what troubles me as there are usually warning when building a kernel. Thanks in advance for some help. Seth Bardash Integrated Solutions and Systems LLC Colorado Springs, CO 80921 s...@integratedsolutions.org Failure cannot survive knowledge and perseverance! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kernel 2.6.32-279.9.1.el6.x86_64 does not build from the source rpm's
On Thu, Sep 27, 2012 at 3:03 PM, Seth Bardash wrote: > kernel 2.6.32-279.9.1.el6.x86_64 does not build from the source rpm's > using the UNmodified config file and following the directions explicitly. > Previous kernels build fine from the same directions. A little help from > the developers would be greatly appreciated. Which "config" are you referring to by "UNmodified"? config-x86-generic ?? Unless it is a rhel-modified version, there could be errors like that if the code is not part of what is compiled in the RHEL/CentOS kernel. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 11TB ext4 filesystem - filesystem alternatives?
Current CentOS 6 is 2.6.32, not 2.6.36 In that XFS Youtube video, Dave Chinner says upstream 3.0 kernel or RHEL 6.2 [at 45:20 of the video]. Other sources [0] [1] agree. [0] http://lwn.net/Articles/476616/ [1] http://jira.funtoo.org/browse/FL-38 ---~~.~~--- Mike // SilverTip257 // On Thu, Sep 27, 2012 at 8:46 AM, SilverTip257 wrote: > Definitely shoot for CentOS 6.3 ... > > XFS with a kernel _more recent_ than 2.6.36 (currently shipped with > CentOS6) has more improvements to the XFS code. Youtube video on XFS > [0] - I believe the kernel version noted is 2.6.39 (watch the video!) > [2]. > > And there's also a Youtube video on BTRFS [1] that was linked > to/shared by Fernando. > > [0] http://lists.centos.org/pipermail/centos/2012-August/128119.html > [1] http://lists.centos.org/pipermail/centos/2012-August/128110.html > [2] http://lwn.net/Articles/438671/ > > ---~~.~~--- > Mike > // SilverTip257 // > > > On Thu, Sep 27, 2012 at 5:08 AM, John R Pierce wrote: >> On 09/27/12 1:52 AM, Nux! wrote: >>> Never had to deal with such a large filesystem, yet, but I'd try XFS on >>> it. >> >> XFS is fairly memory intensive.11TB file systems tend to mean >> millions and millions of files. >> >> frankly, I wouldn't run this on CentOS 5.6, I would upgrade to CentOS >> 6.latest and then I would use XFS support for EXT4 and XFS is >> rather sketchy with the old kernel in 5.x (and why aren't you at 5.8 or >> whatever is current in the 5 series anyways?!?) >> >> >> >> >> >> -- >> john r pierceN 37, W 122 >> santa cruz ca mid-left coast >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Routing issue
On Thu, Sep 27, 2012 at 8:55 PM, Steve Clark wrote: > On 09/27/2012 11:01 AM, Manish Kathuria wrote: > > On Thu, Sep 27, 2012 at 7:04 PM, Steve Clark wrote: > > On 09/26/2012 11:57 PM, Manish Kathuria wrote: > > On Thu, Sep 27, 2012 at 7:46 AM, Gordon Messmer wrote: > > On 09/26/2012 09:15 AM, Steve Clark wrote: > > The routes-x.y-z.diff is a unified patch containing different parts > which include support for Dead Gateway Detection as well. However, > since that is limited to the first hop, it is preferable to have a > userspace script as you are doing. I also use a script to check the > accessibility of a remote popular site from each of the ISPs and based > upon the response the links are treated alive or dead and the default > gateway is changed. However, the routing problem as described by you > will only be solved after applying this patch (routes-x.y-z.diff). > > As for marking the incoming packets to ensure that they go out from > the same interface they came from, you could do something like the > following: > > Using iptables mark the incoming traffic from external interfaces > > /sbin/iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark > /sbin/iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark > /sbin/iptables -t mangle -A PREROUTING -i eth1 -j MARK --set-mark 1 > /sbin/iptables -t mangle -A PREROUTING -i eth1 -j CONNMARK --save-mark > /sbin/iptables -t mangle -A PREROUTING -i eth2 -j MARK --set-mark 2 > /sbin/iptables -t mangle -A PREROUTING -i eth2 -j CONNMARK --save-mark > > Add the following rules to your existing ones for policy routing > > /sbin/ip rule add fwmark 1 table T1 > /sbin/ip rule add fwmark 2 table T2 > > Hi Manish, > > Thanks for the info. The one question I have is about > /sbin/iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark > > I thought the OUTPUT chain was only for packets originating locally. I am > only concerned > with clients behind my Linux router, do I still need this? Yes you are right but in case if you have any services running on the linux router itself (for example sshd) and accessible from the internet, it would help. > > Again, thanks much for responding. > > -- > Stephen Clark > NetWolves > Director of Technology > Phone: 813-579-3200 > Fax: 813-882-0209 > Email: steve.cl...@netwolves.com > http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Changes to inodes discovered by aide
Hi. On one of my servers aide just reported inode changes to a large bunch of files in a variety of directories, e.g. /usr/bin, /usr/sbin etc. This machine sits behind a couple of firewalls and it would be hard to get to. The day before I updated "clam*" and updated the aide database right after that: -rw--- 1 root root 7407412 Sep 26 10:58 aide.db.gz The problem was that the changes were made when no-one was in the office, here are a few: Directory: /usr/sbin Mtime: 2012-09-26 10:55:15 , 2012-09-27 06:36:42 Ctime: 2012-09-26 10:55:15 , 2012-09-27 06:36:42 File: /usr/sbin/wpa_supplicant Ctime: 2012-09-07 06:39:44 , 2012-09-27 06:36:40 Inode: 2490595 , 2490536 MD5 : IVNJESmXwIG9XY0MowL3CA== , DUQMpFMsKqlZgjOmJIp3OQ== RMD160 : 4xuWhqqliTLM5Jx6zAvQ9f1PY1c= , AlSPQGiVe+/T8YdHDSIypI904kA= SHA256 : OaUWNIGUS9AhXEjV3p8Cg4TeIEjuQ/tu , z1c9XCKVyjDzDuN7t32B+sbj6nil90TK File: /usr/sbin/clamav-milter Size : 202453 , 206637 Ctime: 2012-09-26 10:55:15 , 2012-09-27 06:36:37 Inode: 2490507 , 2490625 MD5 : HoONWy9q+qbRzHtlTeR6Wg== , klWTxNFmL8MEAQmIPwvHxg== RMD160 : lfa72Vrh6Q2DWjf+UIxREAK4V1Y= , MPbEoKH/ws3aWA+sBuycRvU9DP0= SHA256 : aFRvKcA999IPRFJ2qByu8aKB6QmHpW5i , u0oTtBkHjchhlY8AIejOfKPoJRencpmK Yum does not report anything (last 4 lines os yum.log) Sep 21 10:40:11 Installed: ghostscript-fonts-5.50-13.1.1.noarch Sep 26 10:55:14 Updated: clamav-0.97.6-1.el5.rf.x86_64 Sep 26 10:55:15 Updated: clamd-0.97.6-1.el5.rf.x86_64 Sep 26 10:55:15 Updated: clamav-milter-0.97.6-1.el5.rf.x86_64 I ran (a fresh install) of rkhunter, did not find a thing ... Is it possible that a change to one file sets of a domino effect of indode changes? thanks Jobst -- Diplomacy: The art of saying, "Nice Doggy," until you can find a stick. | |0| | Jobst Schmalenbach, jo...@barrett.com.au, General Manager | | |0| Barrett Consulting Group P/L & The Meditation Room P/L |0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] centos6 - failsafe terminal on login screen
I have some clients that run centos6 and I need to have users be able to access the "failsafe terminal" from the login screen. The old options (from 4/5) for choosing your session aren't present. I've googled a bit on this but don't seem to be using a good search string as most of the hits have nothing to do with this and the rest aren't helpful. So, just wondering if anyone knows what I need to do to "turn on" session choosing from the login screen, and how to include the failsafe terminal. Thanks! Miranda ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vsFTP and shorewall
thanks very much. JD I study this FAQ 1a/1b before. but still failed:( 在 2012-09-27 21:51:32,"John Doe" 写道: >From: muiz > >> Sorry to trouble you! I configure the shorewall firewall to forward ftp >> and >> ssh port to another server, but failed. Can you help me check? >> I cannot login both SSH and ftp! > >http://www.shorewall.net/FAQ.htm#faq1a > >JD >___ >CentOS mailing list >CentOS@centos.org >http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos