monitor Apache memory usage

Posted on August 26, 2013 by ForDoDone

When looking at a webserver for memory usage, it’s important to consider the VSZ and RSS memory usage.

This little one liner gets the Total and Average VSZ and RSS usage as well as thread count, and prints those statistics every 5 seconds:

# while true; do ps auxfww | grep apache | grep -v -e cronolog -e grep | awk '{ vsum+=$5; rsum+=$6 } END { print "VSZ:", vsum, "(", vsum/NR, ") RSS:", rsum, "(", rsum/NR, ") Procs:", NR }'; sleep 5; done;
VSZ: 9896272 ( 341251 ) RSS: 1716216 ( 59179.9 ) Procs: 29
VSZ: 9547608 ( 340986 ) RSS: 1650100 ( 58932.1 ) Procs: 28
VSZ: 9546328 ( 340940 ) RSS: 1649044 ( 58894.4 ) Procs: 28
VSZ: 9861976 ( 340068 ) RSS: 1687968 ( 58205.8 ) Procs: 29
VSZ: 9868632 ( 340298 ) RSS: 1694496 ( 58430.9 ) Procs: 29
VSZ: 9853272 ( 339768 ) RSS: 1679112 ( 57900.4 ) Procs: 29
VSZ: 9853272 ( 339768 ) RSS: 1679264 ( 57905.7 ) Procs: 29
^C
#

So there are around 29 threads running right now on this server. The threads are using an average of 340MB per thread VSZ, and 59MB per thread RSS. The total of around 1.7GB of RSS looks good, on a machine with 8G physical memory.

get absolute path of running script

Posted on August 25, 2013 by ForDoDone

Using $0 or basename in a script works well if you are calling it using it’s absolute path or if it’s in $PATH. The test script shows how basename and $0 are displayed. Calling the test script from within /usr/local/sbin, does not give any absolute path.

# pwd
/usr/local/sbin
#
# cat test.sh
#!/bin/bash
echo $0
echo `basename $0`
#
#
#
# test.sh 
/usr/local/sbin/test.sh
test.sh
#
# ./test.sh
./test.sh
test.sh
#
#echo 'echo $(readlink -f $0)' >> test.sh
#
# ./test.sh 
./test.sh
test.sh
/usr/local/sbin/test.sh

readlink gives us the full path to the script, no matter how it’s called.

F5 BigIP ssh monitor

Posted on August 24, 2013 by ForDoDone

I created a pool of load balanced ssh servers. In order to monitor them for availability, I needed to create a custom monitor. This is a very old F5 load balancer:

# uname -r
BIG-IP 4.5.14

It seems like the easiest way to monitor ssh servers would be with ssh. After tinkering with it, I didn’t like the idea. I didn’t like the interactive quality of ssh, and didn’t want to make a custom user just for health checks. I also, didn’t want to put shared keys on the load balancers themselves. These are very custom ssh servers, and trigger filesystem mounting, and all sorts of other auth methods. I don’t actually want to ssh to them, I just want to see if ssh port is open. expect or nc or nmap were not available. I hit tab a few times and viewed the 500 or so commands available. I saw curl and gave that a try.

For our purposes, all we care about is that the port is open and we get a response to a request on that port:

#!/bin/sh
node_ip=`echo $1 | sed 's/::ffff://'`

pidfile="/var/run/`basename $0`.$node_ip..$2.pid"
if [ -f $pidfile ]
then
   kill -9 `cat $pidfile` > /dev/null 2>&1
fi
echo "$$" > $pidfile

curl http://${node_ip}:22 --connect-timeout 5 > /dev/null 2>&1

status=$?
if [ $status -eq 0 ]
then
    echo "UP"
fi

rm -f $pidfile

If the server is down completely, curl returns 7. If sshd has crashed the port is closed and curl again returns 7. If the port is open, curl exits 0.

NetApp show disk firmware progress

Posted on August 23, 2013 by ForDoDone

During disk firmware upgrades, you may wonder how long it’s taking or how it’s moving along. Use this one liner to count how many disks have the old and new firmware versions:

# ssh toaster "sysconfig -a" | grep NA0 | awk '{ if (/NA06/)i++; if (/NA01/)j++; } END{ print "NA01: "j" NA06: "i}'
NA01: 133 NA06: 91

So it’s moving along.

scan range of IP addresses

Posted on August 22, 2013 by ForDoDone

nmap is an amazing utility. With all of it’s flags and options it really gives you the power to know what is out in a network.

I used this to do a simple ping scan of my home network:

# nmap -nsP 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2013-08-22 09:06 MST
Host 192.168.1.1 is up (0.0051s latency).
MAC Address: 00:18:39:4E:82:60 (Cisco-Linksys)
Host 192.168.1.90 is up.
Nmap done: 256 IP addresses (2 hosts up) scanned in 5.51 seconds
#

Hosts that allow icmp echo requests will show up. I can see my router and my workstation, but no other hosts (no other pingable hosts at least). I’m looking for a RPi that I recently plugged into the network. It doesn’t look like it’s up. Time to drag out the spare monitor and keyboard…

simple df available space monitor

Posted on August 16, 2013 by ForDoDone

#!/bin/bash
# FILE: df_space_check.sh
# AUTHOR: ForDoDone 
# DATE: 2013/08/16
# NOTES: 
# 

j=`df | grep nfs0[3-6]\/vol1 | awk '{if ($3 < 100000000) print $5}'`; if [ "$j" != "" ]; then echo "vol $j ALMOST FULL" | mail <verizonnumber>@vtext.com; fi;

comment entries in etc fstab

Posted on August 15, 2013 by ForDoDone

#for i in `seq 271 350`; do ssh www$i "sed -i \"/servername\volumename/s/^/#/\" /etc/fstab"; done;
#
#for i in `seq 271 350`; do ssh www$i "umount -lf /mnt/servername/volumename"; done;
#

use smbclient to connect to CIFS share from linux

Posted on August 13, 2013 by ForDoDone

To connect to a Windows network drive, or CIFS share, you can use a simple Linux utility called smbclient. This is much faster than trying to map a network drive through Windows. You can use this simple tool to test that the file server is working correctly.

# smbclient --user="DOMAIN\fordodone" //10.107.0.101/share_name
Enter DOMAIN\fordodone's password:
Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
smb: \>

You can use commands like cd, ls, cp, etc. to interact with the share (similar to FTP).

NetApp decode acp domain option

Posted on August 12, 2013 by ForDoDone

How does this option function to set a network? The acp.domain option is a convoluted decimal representation of the network portion of the IP address used for acp.

toaster*> options acp
acp.domain 65193
acp.enabled on
acp.netmask 65535
acp.port e0f

Take 65193 and convert it to binary: 1111111010101001. Then split it up into two (or more) octets: 11111110 10101001. Then convert each of the octets back to decimal: 254 169. Then reverse the order: 169 254. That is the acp network. The netmask portion is more straightforward. In this case our ACP network is 169.254/16.

You could hack a quick little one liner:

# for i in `echo "obase=2;65193" |bc | awk 'BEGIN{FS=""} {for(i=1;i<33;i++){printf $i; if(i==8)printf " ";}printf "\n"}'`; do echo "ibase=2;$i" |bc; done|tac | paste - - | sed 's/\t/./'
169.254
#

NetApp remove disk ownership without reboot

Posted on August 9, 2013 by ForDoDone

To remove disk ownership without going into maintenance mode, you can use these commands. Pro Tip: Don’t remove ownership from disks in an online aggregate, such as the one with your root volume in it.

toaster> priv set diag
Warning: These diagnostic commands are for use by NetApp
         personnel only.
toaster*> disk assign 0a.16 -s unowned -f

ForDoDone

Tales from the Command Line…

Author Archives: ForDoDone