1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries tagged sysadmin
</title>
5 <description>Entries tagged sysadmin
</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>Detecting NFS hangs on Linux without hanging yourself...
</title>
11 <link>http://people.skolelinux.org/pere/blog/Detecting_NFS_hangs_on_Linux_without_hanging_yourself___.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Detecting_NFS_hangs_on_Linux_without_hanging_yourself___.html
</guid>
13 <pubDate>Thu,
9 Mar
2017 15:
20:
00 +
0100</pubDate>
14 <description><p
>Over the years, administrating thousand of NFS mounting linux
15 computers at the time, I often needed a way to detect if the machine
16 was experiencing NFS hang. If you try to use
<tt
>df
</tt
> or look at a
17 file or directory affected by the hang, the process (and possibly the
18 shell) will hang too. So you want to be able to detect this without
19 risking the detection process getting stuck too. It has not been
20 obvious how to do this. When the hang has lasted a while, it is
21 possible to find messages like these in dmesg:
</p
>
23 <p
><blockquote
>
24 nfs: server nfsserver not responding, still trying
25 <br
>nfs: server nfsserver OK
26 </blockquote
></p
>
28 <p
>It is hard to know if the hang is still going on, and it is hard to
29 be sure looking in dmesg is going to work. If there are lots of other
30 messages in dmesg the lines might have rotated out of site before they
31 are noticed.
</p
>
33 <p
>While reading through the nfs client implementation in linux kernel
34 code, I came across some statistics that seem to give a way to detect
35 it. The om_timeouts sunrpc value in the kernel will increase every
36 time the above log entry is inserted into dmesg. And after digging a
37 bit further, I discovered that this value show up in
38 /proc/self/mountstats on Linux.
</p
>
40 <p
>The mountstats content seem to be shared between files using the
41 same file system context, so it is enough to check one of the
42 mountstats files to get the state of the mount point for the machine.
43 I assume this will not show lazy umounted NFS points, nor NFS mount
44 points in a different process context (ie with a different filesystem
45 view), but that does not worry me.
</p
>
47 <p
>The content for a NFS mount point look similar to this:
</p
>
49 <p
><blockquote
><pre
>
51 device /dev/mapper/Debian-var mounted on /var with fstype ext3
52 device nfsserver:/mnt/nfsserver/home0 mounted on /mnt/nfsserver/home0 with fstype nfs statvers=
1.1
53 opts: rw,vers=
3,rsize=
65536,wsize=
65536,namlen=
255,acregmin=
3,acregmax=
60,acdirmin=
30,acdirmax=
60,soft,nolock,proto=tcp,timeo=
600,retrans=
2,sec=sys,mountaddr=
129.240.3.145,mountvers=
3,mountport=
4048,mountproto=udp,local_lock=all
55 caps: caps=
0x3fe7,wtmult=
4096,dtsize=
8192,bsize=
0,namlen=
255
56 sec: flavor=
1,pseudoflavor=
1
57 events:
61063112 732346265 1028140 35486205 16220064 8162542 761447191 71714012 37189 3891185 45561809 110486139 4850138 420353 15449177 296502 52736725 13523379 0 52182 9016896 1231 0 0 0 0 0
58 bytes:
166253035039 219519120027 0 0 40783504807 185466229638 11677877 45561809
59 RPC iostats version:
1.0 p/v:
100003/
3 (nfs)
60 xprt: tcp
925 1 6810 0 0 111505412 111480497 109 2672418560317 0 248 53869103 22481820
63 GETATTR:
61063106 61063108 0 9621383060 6839064400 453650 77291321 78926132
64 SETATTR:
463469 463470 0 92005440 66739536 63787 603235 687943
65 LOOKUP:
17021657 17021657 0 3354097764 4013442928 57216 35125459 35566511
66 ACCESS:
14281703 14290009 5 2318400592 1713803640 1709282 4865144 7130140
67 READLINK:
125 125 0 20472 18620 0 1112 1118
68 READ:
4214236 4214237 0 715608524 41328653212 89884 22622768 22806693
69 WRITE:
8479010 8494376 22 187695798568 1356087148 178264904 51506907 231671771
70 CREATE:
171708 171708 0 38084748 46702272 873 1041833 1050398
71 MKDIR:
3680 3680 0 773980 993920 26 23990 24245
72 SYMLINK:
903 903 0 233428 245488 6 5865 5917
73 MKNOD:
80 80 0 20148 21760 0 299 304
74 REMOVE:
429921 429921 0 79796004 61908192 3313 2710416 2741636
75 RMDIR:
3367 3367 0 645112 484848 22 5782 6002
76 RENAME:
466201 466201 0 130026184 121212260 7075 5935207 5961288
77 LINK:
289155 289155 0 72775556 67083960 2199 2565060 2585579
78 READDIR:
2933237 2933237 0 516506204 13973833412 10385 3190199 3297917
79 READDIRPLUS:
1652839 1652839 0 298640972 6895997744 84735 14307895 14448937
80 FSSTAT:
6144 6144 0 1010516 1032192 51 9654 10022
81 FSINFO:
2 2 0 232 328 0 1 1
82 PATHCONF:
1 1 0 116 140 0 0 0
83 COMMIT:
0 0 0 0 0 0 0 0
85 device binfmt_misc mounted on /proc/sys/fs/binfmt_misc with fstype binfmt_misc
87 </pre
></blockquote
></p
>
89 <p
>The key number to look at is the third number in the per-op list.
90 It is the number of NFS timeouts experiences per file system
91 operation. Here
22 write timeouts and
5 access timeouts. If these
92 numbers are increasing, I believe the machine is experiencing NFS
93 hang. Unfortunately the timeout value do not start to increase right
94 away. The NFS operations need to time out first, and this can take a
95 while. The exact timeout value depend on the setup. For example the
96 defaults for TCP and UDP mount points are quite different, and the
97 timeout value is affected by the soft, hard, timeo and retrans NFS
98 mount options.
</p
>
100 <p
>The only way I have been able to get working on Debian and RedHat
101 Enterprise Linux for getting the timeout count is to peek in /proc/.
103 <ahref=
"http://docs.oracle.com/cd/E19253-
01/
816-
4555/netmonitor-
12/index.html
">Solaris
104 10 System Administration Guide: Network Services
</a
>, the
'nfsstat -c
'
105 command can be used to get these timeout values. But this do not work
106 on Linux, as far as I can tell. I
107 <ahref=
"http://bugs.debian.org/
857043">asked Debian about this
</a
>,
108 but have not seen any replies yet.
</p
>
110 <p
>Is there a better way to figure out if a Linux NFS client is
111 experiencing NFS hangs? Is there a way to detect which processes are
112 affected? Is there a way to get the NFS mount going quickly once the
113 network problem causing the NFS hang has been cleared? I would very
114 much welcome some clues, as we regularly run into NFS hangs.
</p
>
119 <title>Debian Jessie, PXE and automatic firmware installation
</title>
120 <link>http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</link>
121 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Jessie__PXE_and_automatic_firmware_installation.html
</guid>
122 <pubDate>Fri,
17 Oct
2014 14:
10:
00 +
0200</pubDate>
123 <description><p
>When PXE installing laptops with Debian, I often run into the
124 problem that the WiFi card require some firmware to work properly.
125 And it has been a pain to fix this using preseeding in Debian.
126 Normally something more is needed. But thanks to
127 <a href=
"https://packages.qa.debian.org/i/isenkram.html
">my isenkram
128 package
</a
> and its recent tasksel extension, it has now become easy
129 to do this using simple preseeding.
</p
>
131 <p
>The isenkram-cli package provide tasksel tasks which will install
132 firmware for the hardware found in the machine (actually, requested by
133 the kernel modules for the hardware). (It can also install user space
134 programs supporting the hardware detected, but that is not the focus
135 of this story.)
</p
>
137 <p
>To get this working in the default installation, two preeseding
138 values are needed. First, the isenkram-cli package must be installed
139 into the target chroot (aka the hard drive) before tasksel is executed
140 in the pkgsel step of the debian-installer system. This is done by
141 preseeding the base-installer/includes debconf value to include the
142 isenkram-cli package. The package name is next passed to debootstrap
143 for installation. With the isenkram-cli package in place, tasksel
144 will automatically use the isenkram tasks to detect hardware specific
145 packages for the machine being installed and install them, because
146 isenkram-cli contain tasksel tasks.
</p
>
148 <p
>Second, one need to enable the non-free APT repository, because
149 most firmware unfortunately is non-free. This is done by preseeding
150 the apt-mirror-setup step. This is unfortunate, but for a lot of
151 hardware it is the only option in Debian.
</p
>
153 <p
>The end result is two lines needed in your preseeding file to get
154 firmware installed automatically by the installer:
</p
>
156 <p
><blockquote
><pre
>
157 base-installer base-installer/includes string isenkram-cli
158 apt-mirror-setup apt-setup/non-free boolean true
159 </pre
></blockquote
></p
>
161 <p
>The current version of isenkram-cli in testing/jessie will install
162 both firmware and user space packages when using this method. It also
163 do not work well, so use version
0.15 or later. Installing both
164 firmware and user space packages might give you a bit more than you
165 want, so I decided to split the tasksel task in two, one for firmware
166 and one for user space programs. The firmware task is enabled by
167 default, while the one for user space programs is not. This split is
168 implemented in the package currently in unstable.
</p
>
170 <p
>If you decide to give this a go, please let me know (via email) how
171 this recipe work for you. :)
</p
>
173 <p
>So, I bet you are wondering, how can this work. First and
174 foremost, it work because tasksel is modular, and driven by whatever
175 files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the
176 isenkram-cli package place two files for tasksel to find. First there
177 is the task description file (/usr/share/tasksel/descs/isenkram.desc):
</p
>
179 <p
><blockquote
><pre
>
180 Task: isenkram-packages
182 Description: Hardware specific packages (autodetected by isenkram)
183 Based on the detected hardware various hardware specific packages are
185 Test-new-install: show show
187 Packages: for-current-hardware
189 Task: isenkram-firmware
191 Description: Hardware specific firmware packages (autodetected by isenkram)
192 Based on the detected hardware various hardware specific firmware
193 packages are proposed.
194 Test-new-install: mark show
196 Packages: for-current-hardware-firmware
197 </pre
></blockquote
></p
>
199 <p
>The key parts are Test-new-install which indicate how the task
200 should be handled and the Packages line referencing to a script in
201 /usr/lib/tasksel/packages/. The scripts use other scripts to get a
202 list of packages to install. The for-current-hardware-firmware script
203 look like this to list relevant firmware for the machine:
205 <p
><blockquote
><pre
>
210 isenkram-autoinstall-firmware -l
211 </pre
></blockquote
></p
>
213 <p
>With those two pieces in place, the firmware is installed by
214 tasksel during the normal d-i run. :)
</p
>
216 <p
>If you want to test what tasksel will install when isenkram-cli is
217 installed, run
<tt
>DEBIAN_PRIORITY=critical tasksel --test
218 --new-install
</tt
> to get the list of packages that tasksel would
221 <p
><a href=
"https://wiki.debian.org/DebianEdu/
">Debian Edu
</a
> will be
222 pilots in testing this feature, as isenkram is used there now to
223 install firmware, replacing the earlier scripts.
</p
>
228 <title>Scripting the Cerebrum/bofhd user administration system using XML-RPC
</title>
229 <link>http://people.skolelinux.org/pere/blog/Scripting_the_Cerebrum_bofhd_user_administration_system_using_XML_RPC.html
</link>
230 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Scripting_the_Cerebrum_bofhd_user_administration_system_using_XML_RPC.html
</guid>
231 <pubDate>Thu,
6 Dec
2012 10:
30:
00 +
0100</pubDate>
232 <description><p
>Where I work at the
<a href=
"http://www.uio.no/
">University of
233 Oslo
</a
>, we use the
234 <a href=
"http://sourceforge.net/projects/cerebrum/
">Cerebrum user
235 administration system
</a
> to maintain users, groups, DNS, DHCP, etc.
236 I
've known since the system was written that the server is providing
237 an
<a href=
"http://en.wikipedia.org/wiki/XML-RPC
">XML-RPC
</a
> API, but
238 I have never spent time to try to figure out how to use it, as we
239 always use the bofh command line client at work. Until today. I want
240 to script the updating of DNS and DHCP to make it easier to set up
241 virtual machines. Here are a few notes on how to use it with
244 <p
>I started by looking at the source of the Java
245 <a href=
"http://cerebrum.svn.sourceforge.net/viewvc/cerebrum/trunk/cerebrum/clients/jbofh/
">bofh
246 client
</a
>, to figure out how it connected to the API server. I also
247 googled for python examples on how to use XML-RPC, and found
248 <a href=
"http://tldp.org/HOWTO/XML-RPC-HOWTO/xmlrpc-howto-python.html
">a
249 simple example in
</a
> the XML-RPC howto.
</p
>
251 <p
>This simple example code show how to connect, get the list of
252 commands (as a JSON dump), and how to get the information about the
253 user currently logged in:
</p
>
255 <blockquote
><pre
>
256 #!/usr/bin/env python
259 server_url =
'https://cerebrum-uio.uio.no:
8000';
260 username = getpass.getuser()
261 password = getpass.getpass()
262 server = xmlrpclib.Server(server_url);
263 #print server.get_commands(sessionid)
264 sessionid = server.login(username, password)
265 print server.run_command(sessionid,
"user_info
", username)
266 result = server.logout(sessionid)
268 </pre
></blockquote
>
270 <p
>Armed with this knowledge I can now move forward and script the DNS
271 and DHCP updates I wanted to do.
</p
>
projects / homepage.git / blob