Linux performance problems and some helpful commands

 IT, Linux  Kommentare deaktiviert für Linux performance problems and some helpful commands
Apr 112017
 

On one of our RHEL systems we had an issue with high load. In some cases our java application crashed.

The following command helped us to find the reason (in our case it was the limit of processes per user).

vmstat -SM -t 10 10
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ ---timestamp---
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0  12448    562  36934    0    0     0     3    3    2  0  0 100  0  0       2017-04-11 17:20:38 CEST
 0  0      0  12448    562  36934    0    0     0     4 1059 1975  0  0 100  0  0       2017-04-11 17:20:48 CEST
 0  0      0  12448    562  36934    0    0     0     3 1158 2038  0  0 100  0  0       2017-04-11 17:20:58 CEST

with ulimit we could see, that the „max user processes“ was set to a very low level. That was the reason why our application crashed (java could not open addidtional threads).

ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 257569
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1000000
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1200
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

 

# show load, currently running threas/process and ?
cat /proc/loadavg
0.00 0.00 0.00 1/1570 14415

 

# with this command you can count the number of processes (limited by "max user process" of ulimits command)
ps -elfT | grep philipp | wc -l

Remove fingerprint for RSA Key for SSH connections (remove single line from file via terminal)

 Linux  Kommentare deaktiviert für Remove fingerprint for RSA Key for SSH connections (remove single line from file via terminal)
Jan 252017
 

Sometimes host key verification fails because the host was replaced, IP has changed or something like this (also it could be a man in the middle attack).

In my case I work with high availability clusters and we often have the case that there is switch of the host. To avoid manual editing of the .ssh/known_hosts file I have written a simple bashrc alias / function.

#simple function to remove a line from .ssh/known_hosts
cleanup_known_hosts(){
    if [ x$1 == x ]; then
        echo "Syntax : cleanup_known_hosts Linenumber"
    else
        \cp ~/.ssh/known_hosts ~/.ssh/known_hosts_backup.$$
        sed $1'd' ~/.ssh/known_hosts > /tmp/known_hosts_temp.$$ && \cp /tmp/known_hosts_temp.$$ ~/.ssh/known_hosts
        rm -f /tmp/known_hosts_temp.$$
        echo "Finished"
    fi
}
alias cleanup_known_hosts=cleanup_known_hosts

With small adoptions you can use this function for all situations where you have to remove a given line in a file.

Search LDAP Entries using Powershell

 IT  Kommentare deaktiviert für Search LDAP Entries using Powershell
Dez 092016
 

Below little script shows how to connect to Active Directory / LDAP and search for entries.

Docs: https://technet.microsoft.com/en-us/library/ff730967.aspx

$mySearcher = New-Object System.DirectoryServices.DirectorySearcher

# it is possible to specify manually a ldap search Path:
#$mySearcher.SearchRoot = "LDAP://DC=de,DC=myComapny,DC=com"

# or to get current ldap path (for example: DC=de,DC=myComapny,DC=com)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$mySearcher.SearchRoot = $objDomain

# search for object class "user" with attribte "name=TestUser1"
$mySearcher.Filter = "(& (objectClass=user) (name=TestUser1))"
$mySearcher.SearchScope = "sub"
$mySearcher.PageSize = 10

# specifiy the attributes you would like to retrieve
$myAttributes = ("telephonenumber", "mail", "department")
# comment below line to get all attributes
$mySearcher.PropertiesToLoad.AddRange($myAttributes)

$abc = $mySearcher.FindAll()

# show all attributes and values
foreach ($i in $abc.Properties.PropertyNames){
    Write-Host $i , "=" , $abc.Properties.$i
}

The Script will generate the following output:

mail = Testuser1@mycompany.com
telephonenumber = +49XXXXXXXX
department = MyDepartment
adspath = LDAP://<removed_by_author>

OpenDS Ldap Server: Port configuration

 IT  Kommentare deaktiviert für OpenDS Ldap Server: Port configuration
Aug 052016
 

List all conntection handlers (see also here:  http://docs.oracle.com/cd/E19476-01/821-0506/to-display-connection-handlers.html) :

 % dsconfig -h localhost -p 11998 -D "cn=Manager" -w <password> -n list-connection-handlers --trustAll
Connection Handler       : Type : enabled : listen-port : use-ssl
-------------------------:------:---------:-------------:--------
HTTP Connection Handler  : http : false   : 8080        : false
JMX Connection Handler   : jmx  : true    : 11997       : false
LDAP Connection Handler  : ldap : true    : 11999       : false
LDAPS Connection Handler : ldap : false   : 636         : true
LDIF Connection Handler  : ldif : false   : -           : -

 

Change Listen Ports (see also here: http://docs.oracle.com/cd/E19476-01/821-0506/configuring-the-ldap-connection-handler.html) :

# JMX Port
dsconfig -h localhost -p 11998 -D "cn=Manager" -w <password> -n set-connection-handler-prop \
        --handler-name "JMX Connection Handler" --set listen-port:17497  --trustAll
# LDAP Port
dsconfig -h localhost -p 11998 -D "cn=Manager" -w <password> -n set-connection-handler-prop \
          --handler-name "LDAP Connection Handler" --set listen-port:17499  --trustAll
# Admin Port
dsconfig -h localhost -p 11998 -D "cn=Manager" -w <password> -n set-administration-connector-prop \
     --set listen-port:17498  --trustAll