Ceph (I): Basic Architecture

Recently I did a basic architecture document (and training) of ceph.

This document will give you the basics to understand the role of the Ceph architecture pieces like can be:

    • Monitor Nodes
    • Disk (aka OSD) nodes
    • Metadata Nodes
    • Gateway Nodes

And what the words “RADOS” and “CRUSH” means (again is a very basic definition)

Enjoy with the document/presentation!

back2life

I’ve been thinking about performing a level+99 sorcery and trying to bring back to life my blog.
Well, the moment has arrived.
I’m on a new stage on my professional life (also my private life) and there are new acquired knowledge to share.
So… keep reading!

NFSv4 on Oracle Exadata

I suppose that this document will match more NFS clients, not only Oracle Exadata.
I’m using the Exadata name case in all the document’s I found on support, the information is WRONG:

      Oracle ZFS Storage: FAQ: Exadata RMAN Backup with The Oracle ZFS Storage Appliance(Doc ID 1354980.1)
      Sun ZFS Storage Appliance: Oracle Database 11g R2 NFS Mount Point Recommendations (Doc ID 1567137.1)
      Step by Step – Configure Direct NFS Client (DNFS) on Linux (11g) (Doc ID 762374.1)

All this documents has the following ops when mounting a NFS share:

<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=3,actimeo=0,timeo=600 0 0

I found that trying to mount with this options on the Exadata (RH6.6) will show you the wonderful message:

mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

As you can see in Doc ID 1354980.1, their instructions for mounting NFSv3 or NFSv3 are:

dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.allow
dcli -l root -g /home/oracle/dbs_group chmod 644 /etc/hosts.deny
dcli -l root -g /home/oracle/dbs_group chkconfig rpcbind on
dcli -l root -g /home/oracle/dbs_group service rpcbind start
dcli -l root -g /home/oracle/dbs_group chkconfig nfslock on
dcli -l root -g /home/oracle/dbs_group service nfslock start
dcli -l root -g /home/oracle/dbs_group chkconfig nfs on
dcli -l root -g /home/oracle/dbs_group service nfs start

Which will show an error like:

~ # service nfs start
Starting NFS services:                                     [  OK  ]
Starting NFS quotas: Cannot register service: RPC: Authentication error; why = Client credential too weak
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).
                                                           [FAILED]
Starting NFS mountd:                                       [  OK  ]
Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 13 (Permission denied)
rpc.nfsd: unable to set any sockets for nfsd
                                                           [FAILED]

So why don’t use NFSv4 which has portmapping IN the protocol?

<myIP>:/export/myshare /myshare nfs rw,bg,hard,nointr,rsize=1048576,wsize=1048576,tcp,vers=4,actimeo=0,timeo=600 0 0

That’s all, Enjoy!!!

HOWTO Debug Windows

I’ve been out xD
Nop, seriously, I’ve been working hard past months (and I’ll continue a bit more).

But I want to share a new doc I’ve just cooked on the wiki.

As I’ve been 3 days working on trying to find an error on Windows (my actual project deadline is near…) and our Windows “Sysadmins” are not able to help me, I decided to go harder and read M$ documentation about how to debug their “Operating System” (they like the “metaforas” saying that this is a real OS).

At the end? I think I will add “Windows Debugging” as a new skill on my CV.
Talking with my linux workmate, We doubt many of windows sysadmins know all this tools (maybe the most famous one, systernals):

  • Systernals
  • Windbg
  • Debug Diagnostics

Have a look at the wiki post:
http://wiki.ciberterminal.net/doku.php?id=debugging_windows

Oracle: object user grants

Oracle is Oracle… It has good and bad things.
The bad of course… it’s closed and you’ll be crazy before getting info about how to do things.
And the good is that everythings is inside!! just at 1 query distance ;-)

Some days ago I was trying to look for grants given to a user by another user (WITH ADMIN OPTION).
I was logged with sys and I used “my” 2 wonderful querys for obtaining that info (copy/pasted from the internet),

  • Direct grants:
  • SELECT owner, table_name, select_priv, insert_priv, delete_priv, update_priv, references_priv, alter_priv, index_priv 
      FROM table_privileges
     WHERE grantee = '&theUser'
     ORDER BY owner, table_name;
    
  • INdirect grants:
  • SELECT DISTINCT owner, table_name, PRIVILEGE 
      FROM dba_role_privs rp JOIN role_tab_privs rtp ON (rp.granted_role = rtp.role)
     WHERE rp.grantee = '&theUser'
     ORDER BY owner, table_name;
    

Ressult? 0 rows! WTF!
I know there’s a plenty of it!!!

Continue reading “Oracle: object user grants”

Problems after upgrade mariadb

As you should know, there’s an important bug on TLS libs on every linux OS.
So upgrade is mandatory.
There’s also another little update in mariadb if you’re using it instead of mysql.
The problem is there, but not the indicator.

The problem in my case comes from the smtp server, I got the error:

535 5.7.8 Error: authentication failed: authentication failure

While tring to send an email (only sending, receiving works fine).
Looking in mail.log:

Mar  6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: SASL authentication failure: Password verification failed
Mar  6 10:49:06 ciberterminal postfix/smtpd[29949]: warning: localhost.localdomain[127.0.0.1]: SASL authentication failed: authentication failure

Auth failed from SASL? WTF!
So i began debuging it:

/usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/saslauthd -r -n 1 -d -VVVVVVVVVV

But it only shows:

do_auth: auth failure: [user=dodger@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]

Anything else.
Searching internet, I saw that post, I forgot to look for errors on auth.log!
Here it is:

Mar  7 10:48:41 ciberterminal saslauthd[4552]: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: symbol make_scrambled_password, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference
Mar  7 10:48:41 ciberterminal saslauthd[4552]: PAM adding faulty module: pam_mysql.so
Mar  7 10:48:41 ciberterminal saslauthd[4552]: DEBUG: auth_pam: pam_authenticate failed: Module is unknown
Mar  7 10:48:41 ciberterminal saslauthd[4552]: do_auth         : auth failure: [user=trian@ciberterminal.net] [service=smtp] [realm=ciberterminal.net] [mech=pam] [reason=PAM auth error]

Continue reading “Problems after upgrade mariadb”