Archives pour la catégorie ‘Système’

Debian : migrer son système sous systemd

# apt-get update
# apt-get install systemd systemd-sysv
# reboot
# ls -al /sbin/init 
lrwxrwxrwx 1 root root 20 Apr 23 01:46 /sbin/init -> /lib/systemd/systemd
# apt-get --purge remove sysvinit

Pour activer les logs persistants de journald :

# mkdir /var/log/journal
# chgrp systemd-journal /var/log/journal
# chmod g+rwx /var/log/journal

Fleet : déploiement d’un service global avec une template

# vim zabbix@.service
[Unit]
Description=zabbix %i
Requires=docker.service
After=docker.service

[Service]
ExecStartPre=-/usr/bin/docker kill zabbix%i
ExecStartPre=-/usr/bin/docker rm zabbix%i
ExecStartPre=/usr/bin/docker pull bhuisgen/docker-zabbix-coreos
ExecStart=/usr/bin/docker run --name zabbix%i -p 1050%i:10050 -v /var/run/docker.sock:/coreos/var/run/docker.sock -v /proc:/coreos/proc:ro -v /sys:/coreos/sys:ro -v /dev:/coreos/dev:ro -v /dev/log:/dev/log --restart=always bhuisgen/docker-zabbix-coreos zabbix%i.my.domain 80.81.82.83
ExecStop=/usr/bin/docker stop zabbix%i
TimeoutStartSec=900

[X-Fleet]
Global=true
# export FLEETCTL_TUNNEL="cluster.my.domain"
# fleetctl submit zabbix@.service
# fleetctl load zabbix@.service
# fleetctl start zabbix@{0..4}

Unbound : mise en place d’un fake DNS

La mise en place d’une cache DNS peut être nécessaire pour bypasser le résultat de requêtes DNS.

# apt-get install unbound
# vim /etc/resolv.conf
# cat /etc/unbound/unbound.conf
 
server:
    local-zone: "my.domain." static
    local-data: "fake.my.domain. IN A 10.20.2.22"
    local-data-ptr: "10.20.2.22 fake.my.domain"

X.org : configuration multi-écrans avec le driver nouveau

# lspci -nn|grep VGA
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation G86 [Quadro NVS 290] [10de:042f] (rev a1)
02:00.0 VGA compatible controller [0300]: NVIDIA Corporation G86 [Quadro NVS 290] [10de:042f] (rev a1)
# ls -l /sys/class/drm/
total 0
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card0 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/drm/card0
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card0-DVI-I-1 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/drm/card0/card0-DVI-I-1
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card0-DVI-I-2 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/drm/card0/card0-DVI-I-2
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card1 -> ../../devices/pci0000:00/0000:00:1c.0/0000:02:00.0/drm/card1
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card1-DVI-I-3 -> ../../devices/pci0000:00/0000:00:1c.0/0000:02:00.0/drm/card1/card1-DVI-I-3
lrwxrwxrwx 1 root root    0 Mar 11 09:57 card1-DVI-I-4 -> ../../devices/pci0000:00/0000:00:1c.0/0000:02:00.0/drm/card1/card1-DVI-I-4
lrwxrwxrwx 1 root root    0 Mar 11 09:57 controlD64 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/drm/controlD64
lrwxrwxrwx 1 root root    0 Mar 11 09:57 controlD65 -> ../../devices/pci0000:00/0000:00:1c.0/0000:02:00.0/drm/controlD65
lrwxrwxrwx 1 root root    0 Mar 11 09:57 ttm -> ../../devices/virtual/drm/ttm
-r--r--r-- 1 root root 4096 Mar 11 09:57 version
# vim /etc/X11/xorg.conf
Section "ServerLayout"
    Identifier  "Layout0"
    Option      "Xinerama" "on"
    Option      "Clone" "off"
    Screen   0  "Screen0"
    Screen   1  "Screen1" RightOf "Screen0"
    Screen   2  "Screen2" Below "Screen0"
    Screen   3  "Screen3" RightOf "Screen2"
EndSection

Section "Device"
    Identifier  "Device0"
    Driver      "nouveau"
    BusID       "PCI:1:0:0"
    Option      "ZaphodHeads" "DVI-I-1"
    Screen      0
EndSection

Section "Device"
    Identifier  "Device1"
    Driver      "nouveau"
    BusID       "PCI:1:0:0"
    Option      "ZaphodHeads" "DVI-I-2"
    Screen      1
EndSection

Section "Device"
    Identifier  "Device2"
    Driver      "nouveau"
    BusID       "PCI:2:0:0"
    Option      "ZaphodHeads" "DVI-I-3"
    Screen      0 
EndSection

Section "Device"
    Identifier  "Device3"
    Driver      "nouveau"
    BusID       "PCI:2:0:0"
    Option      "ZaphodHeads" "DVI-I-4"
    Screen      1
EndSection

Section "Screen"
    Identifier  "Screen0"
    Device      "Device0"
EndSection

Section "Screen"
    Identifier  "Screen1"
    Device      "Device1"
EndSection

Section "Screen"
    Identifier  "Screen2"
    Device      "Device2"
EndSection

Section "Screen"
    Identifier  "Screen3"
    Device      "Device3"
EndSection

Linux : détecter si un disque est SSD ou mécanique

Cas d’un SSD

# cat /sys/block/sda/queue/rotational
0

Cas d’un disque mécanique

# cat /sys/block/sdb/queue/rotational
1

CoreOS : fix crash du network stack sous Xen 4.2

Dec 16 11:30:08 ip-172-10-4-2.ap-southeast-1.compute.internal kernel: xen_netfront: xennet: skb rides the rocket: 19 slots, 65226 bytes
# ethtool -K eth0 sg off

Amazon EC2 : fix de configuration Xen avec instance HVM

# dmsg
[335773.344080] xen:balloon: Cannot add additional memory (-17)
[335805.413385] xen:balloon: Cannot add additional memory (-17)
[335837.536078] xen:balloon: Cannot add additional memory (-17)
 
# cat /sys/devices/system/xen_memory/xen_memory0/info/current_kb > /sys/devices/system/xen_memory/xen_memory0/target_kb

CoreOS : cloud config pour instance EC2 avec stockage local Docker + swap

Le fichier cloud-config ci-dessous initialise une instance EC2 CoreOS avec les options suivantes :

  • paramétrage des timeout fleet et etcd
  • swap d’1 Go sur le disque local (/dev/xvdb1)
  • partition BRTFS pour les containers Docker sur disque local (/dev/xvdb2)
  • désactivation du reboot automatique par sécurité (locksmithd)
#cloud-config

coreos:
  update:
    reboot-strategy: off
  etcd:
    # generate a new token for each unique cluster from https://discovery.etcd.io/new
    discovery: https://discovery.etcd.io/7c024472504cf1cef428ccc8af8e63f0
    # multi-region and multi-cloud deployments need to use $public_ipv4
    addr: $private_ipv4:4001
    peer-addr: $private_ipv4:7001
    peer-election-timeout: 6000
    peer-heartbeat-interval: 1500
    snapshot: true
    snapshot-count: 100
  fleet:
    public-ip: $public_ipv4
    metadata: region=eu-west
    etcd-request-timeout: 1500
  units:
    - name: etcd.service
      command: start
    - name: fleet.service
      command: start
    - name: format-ephemeral.service
      command: start
      content: |
        [Unit]
        Description=Formats the ephemeral drive
        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStartPre=/usr/sbin/wipefs -f /dev/xvdb
        ExecStartPre=/usr/bin/sh -c "(/usr/bin/echo ',1024,S' && /usr/bin/echo ';')|/usr/sbin/sfdisk /dev/xvdb -uM"
        ExecStartPre=/usr/sbin/mkswap -f /dev/xvdb1
        ExecStartPre=/usr/sbin/swapon /dev/xvdb1
        ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvdb2
    - name: var-lib-docker.mount
      command: start
      content: |
        [Unit]
        Description=Mount ephemeral to /var/lib/docker
        Requires=format-ephemeral.service
        After=format-ephemeral.service
        Before=docker.service
        [Mount]
        What=/dev/xvdb2
        Where=/var/lib/docker
        Type=btrfs

CoreOS : désactivation des mises à jour automatiques

# systemctl stop update-engine.service
# systemctl mask update-engine.service

Btrfs : No space is left on device

# btrfs fi balance start -dusage=5 /
Done, had to relocate 5 out of 32 chunks

En cas d’opération longue, le statut peut être vérifié par la commande :

# btrfs balance status /
Balance on '/' is running
1 out of about 7 chunks balanced (2 considered),  86% left
Haut de page