Господа, кто имеет опыт со сбором метрик по snmp с его демонов на Линукс серверах, где получить самую актуальную информацию относительно метрик, которые собирает snmp daemon на линукс сервере? может ли snmp daemon собирать мои кастомные метрики? вроде grep megaparameter /path/to/superfile ?
вопрос именно про сбор метрик с линукс серверов, а не про сетевое оборудование.
Подскажите пожалуйста, возможно ли, добавить MAC адрес для сетевого интерфейса ( какого-либо) внутри OpenVZ не внося изменения на хост машине.
Т.е у меня на venet0 MAC - все нули. добавляю ещё подинтерфейсы, - там теже нули.
Возможно ли как-то добавить mac?
Подскажите пожалуйста, а что стало с nebula от NASA? она жива или перелилась в OpenStack - OpenNebula ?
кто знает?
Подскажите пожалуйста, как программно на linux, возможно реализовать балансировку трафика к серверам на которых стоит HAProxy ( т.е. другой балансировщик).
Предположим, что у нас три сервера с HAProxy. Нужно чтобы запросы одновременно проходили через все три эти сервера, чтобы была модель active\active.
Как это возможно реализовать программно на linux?
если используется движок innodb у mysql и база к примеру 10ГБ, все в одном ibdata1. изменится ли скорость работы mysql с параметром: innodb_file_per_table (после естественно перезагрузки данных)
и почему должна изменится или не изменится скорость?
Подскажите пожалуйста, какой бесплатный гипервизор может принять в качестве гостя HP-UX?
mysql включен бинарный лог если посмотреть сам бинарный файл, то запросы присутствуют которые выполнялись
но если сделать
mysqlbinlog -s -r out.sql /path/to/my/binary_log
в out.sql нету этих запросов.
Почему такое может быть?
Всем привет
Может ли mysql восстановить из binary log только одну базу данных, а другие не трогать?
Грубо говоря, делается бэкап раз в сутки, и постоянно пишутся binary logs,
в случае восстановления, изменения по binary logs нужно применить только по одной базе данных?
Спасибо за ссылки, и личный опыт.
всем привет
есть sssd + AD ОС centos
в домен через keytab, через sssd не получается настроить аутентификацию
rpm -qa |grep sssd
sssd-tools-1.9.2-129.el6_5.4.x86_64
sssd-1.9.2-129.el6_5.4.x86_64
sssd-client-1.9.2-129.el6_5.4.x86_64
cat /etc/sssd/sssd.conf
[sssd]
config_file_version=2
services=nss, pam
domains=BANANA.COM
[domain/BANANA.COM]
debug_level = 10
id_provider=ad
access_provider=ad
dyndns_update=false
enumerate=true
#ldap_id_mapping=true
#krb5_realm=BANANA.COM
krb5_keytab=/etc/krb5.keytab
krb5_canonicalize = False
ad_hostname = comp1.banana.com
#ldap_schema = ad
access_provider = simple
вывод в логи
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): dbus conn: 2594380
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): Dispatching.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_subdomains] (0x2000): Undefined backend target.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): dbus conn: 2594380
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): Dispatching.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=uu]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_account_info] (0x0100): Request processed. Returned 1,11,Fast reply - offline
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_step] (0x4000): beginning to connect
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x1000): Port status of port 389 for server 'win-tcba4j6tnvm.banana.com' is 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x0100): Reseting the status of port 389 for server 'win-tcba4j6tnvm.banana.com'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x1000): Saving the first resolved server
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x0200): Found address for server win-tcba4j6tnvm.banana.com: [10.229.78.140] TTL 7200
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://win-tcba4j6tnvm.banana.com'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_ldap_init_send] (0x4000): Using file descriptor [21] for LDAP connection.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_ldap_connect_callback_add] (0x1000): New LDAP connection to [ldap://win-tcba4j6tnvm.banana.com:389/??base] with fd [21].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_send] (0x4000): Getting rootdse
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [*]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [altServer]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [namingContexts]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedControl]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedExtension]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedFeatures]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedLDAPVersion]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedSASLMechanisms]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [domainControllerFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [defaultNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [lastUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [highestCommittedUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[0x25a44a0], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_ENTRY]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_entry] (0x4000): OriginalDN: [].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [currentTime]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [subschemaSubentry]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [dsServiceName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [namingContexts]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [defaultNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [schemaNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [configurationNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [rootDomainNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedControl]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedLDAPVersion]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedLDAPPolicies]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [highestCommittedUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedSASLMechanisms]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [dnsHostName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [ldapServiceName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [serverName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedCapabilities]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [isSynchronized]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [isGlobalCatalogReady]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedExtension]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [domainFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [forestFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [domainControllerFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[0x25a44a0], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_RESULT]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg set
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_done] (0x2000): Got rootdse
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_done] (0x2000): Skipping auto-detection of match rule
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_server_opts_from_rootdse] (0x4000): USN value: 16416 (int: 16416)
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_send] (0x0400): Attempting kinit (/etc/krb5.keytab, host/comp1.banana.com, BANANA.COM, 86400)
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_next_kdc] (0x1000): Resolving next KDC for service AD
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x1000): Saving the first resolved server
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x0200): Found address for server win-tcba4j6tnvm.banana.com: [10.229.78.140] TTL 7200
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_kdc_resolved] (0x1000): KDC resolved, attempting to get TGT...
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [create_tgt_req_send_buffer] (0x1000): buffer size: 63
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_handler_setup] (0x2000): Setting up signal handler up for pid [1386]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_handler_setup] (0x2000): Signal handler set up for pid [1386]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[(nil)], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: ldap_result found nothing!
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [write_pipe_handler] (0x0400): All data has been sent!
==> /var/log/sssd/ldap_child.log <==
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x0400): ldap_child started.
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x2000): context initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): total buffer size: 63
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): realm_str size: 10
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got realm_str: BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): princ_str size: 21
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got princ_str: host/comp1.banana.com
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): keytab_name size: 16
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got keytab_name: /etc/krb5.keytab
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): lifetime: 86400
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x2000): getting TGT sync
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): Kerberos context initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): got realm_name: [BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x0100): Principal name is: [host/comp1.banana.com@BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x0100): Using keytab [/etc/krb5.keytab]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): keytab ccname: [FILE:/var/lib/sss/db/ccache_BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584607: Getting initial credentials for host/comp1.banana.com@BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584752: Looked up etypes in keytab: des-cbc-crc, des, des-cbc-crc, rc4-hmac, aes256-cts, aes128-cts
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584812: Sending request (209 bytes) to BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.585032: Sending initial UDP request to dgram 10.229.78.140:88
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586755: Received answer from dgram 10.229.78.140:88
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586920: Response was from master KDC
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586976: Received error from KDC: -1765328359/Additional pre-authentication required
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587044: Processing preauth types: 16, 15, 19, 2
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587083: Selected etype info: etype rc4-hmac, salt "(null)", params ""
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587156: Retrieving host/comp1.banana.com@BANANA.COM from FILE:/etc/krb5.keytab (vno 0, enctype rc4-hmac) with result: 0/Success
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587215: AS key obtained for encrypted timestamp: rc4-hmac/A0CB
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587298: Encrypted timestamp (for 1397634371.587245): plain 301AA011180F32303134303431363037343631315AA105020308F5ED, encrypted BC2AC55D1D43B6FC2736D5B8D71C3B88CB440F0BC5D20CA1046766499EB08DCACAEC50FCE01A5DF4CC6141D185A5171B2CBC1B0A
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587340: Preauth module encrypted_timestamp (2) (flags=1) returned: 0/Success
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587369: Produced preauth for next request: 2
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587408: Sending request (285 bytes) to BANANA.COM (master)
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587483: Sending initial UDP request to dgram 10.229.78.140:88
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588351: Received answer from dgram 10.229.78.140:88
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588454: Salt derived from principal: BANANA.COMhostcomp1.banana.com
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588515: AS key determined by preauth: rc4-hmac/A0CB
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588575: Decrypted AS reply; session key is: rc4-hmac/E3B7
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588605: FAST negotiation: unavailable
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): credentials initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588706: Initializing FILE:/var/lib/sss/db/ccache_BANANA.COM with default princ host/comp1.banana.com@BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588917: Removing host/comp1.banana.com@BANANA.COM -> krbtgt/BANANA.COM@BANANA.COM from FILE:/var/lib/sss/db/ccache_BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588954: Storing host/comp1.banana.com@BANANA.COM -> krbtgt/BANANA.COM@BANANA.COM in FILE:/var/lib/sss/db/ccache_BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): credentials stored
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): Got KDC time offset
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [prepare_response] (0x0400): Building response for result [0]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [pack_buffer] (0x2000): response size: 58
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [pack_buffer] (0x1000): result [0] krberr [0] msgsize [38] msg [FILE:/var/lib/sss/db/ccache_BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x0400): ldap_child completed successfully
==> /var/log/sssd/sssd_BANANA.COM.log <==
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [read_pipe_handler] (0x0400): EOF received, client finished
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/ccache_BANANA.COM], expired on [1397670371]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_cli_auth_step] (0x1000): the connection will expire at 1397635271
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: host/comp1.banana.com
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_sig_handler] (0x1000): Waiting for child [1386].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_sig_handler] (0x0100): child [1386] finished successfully.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_child_handler] (0x2000): waitpid failed [10]: No child processes
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'win-tcba4j6tnvm.banana.com' as 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_handle_release] (0x2000): Trace: sh[0x25a5880], connected[1], ops[(nil)], ldap[0x2597860], destructor_lock[0], release_memory[0]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [remove_connection_callback] (0x4000): Successfully removed connection callback.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x4000): attempting failover retry on op #1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_step] (0x4000): beginning to connect
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x1000): Port status of port 389 for server 'win-tcba4j6tnvm.banana.com' is 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_done] (0x1000): Server resolution failed: 5
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error])
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_mark_offline] (0x2000): Going offline!
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x4000): notify offline to op #1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.BANANA.COM], [2][No such file or directory]
как вот эту ошибку обойти ?
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)]
есть linux samba\winbind + ad Из AD несколько групп замаченны в локальные
пример: net groupmap add sid=S-1-.. unixgroup=admin
если сделать net cache flush то маппинг слетает, т.е. заходим под пользователем из домена, а у него отображаются доменные группы
( id uid=103743(usertest) gid=20513(domain users group) )
если удалить мапиинг и создать заново, то группы отображают корректно до следующего сброса кэша
id uid=103743(usertest) gid=500(admin)
как сделать так, чтобы сброс\устаревание кэша не влиял на mapping групп ?
временно сделал так: запускаю команду раз в минуту cat /sys/block/vda/stat | awk '{sum+=$1+$5} END { print sum}' и отправляется в zabbix, где обрабатывать как дельту.
но: не всегда выполняется раз в минуту получается количество IOPS всего в минуту, не видно пиков.
Как лучше мониторить количество IOPS'ов ?
Есть приложение которое пишет логи в файл Есть настроенный r\syslog, который отправляет логи на удалённую машину. В самом приложении использовать rsyslog не предусмотрено.
Возможно ли как-то логи из файла засунуть в syslog? Чтобы отправлять на удалённую машину.
Насоветуйте пожалуйста шкурку для graphite, но чтобы интерфейс был как по дефолту, только сильно симпатичней. То что видел, нужно описывать графике в конфиги, или использует промежуточную БД.
Т.е. есть виртуальная машина, у неё 10ГБ на /dev/vda мы виртуальной машине дали 20 ГБ
и хотим, на РАБОТАЮЩЕЙ системе изменить размер СМОНТИРОВАННОГО раздела /dev/vda с 10 ГБ до 20ГБ
ну а потом на него fsadm
как это можно сделать?
подскажите как собирать логи от uwsgi в rsyslog ? прописываю logger=syslog и logger=rsyslog логи не появляются, только перестают писать в обычный файл
Как хостеры рассчитывают объём нагрузки на один физический CPU одного виртуального CPU. Для виртуальных машин, например для KVM
т.е. сколько можно уместить виртуальных машин ( с одним процом) на сервере с 32 ядрами?
32 или 320 ?
А можно ли в mysql сделать так, чтобы у одного сервера, было два мастера? Каждый мастер отвечает за отдельную БД.
(bd1) Master1 ->>>>> server (bd1,bd2) <<<<<<- Master2 (bd2)
если да, то как?
Подскажите пожалуйста, возможно ли синхронизировать ( сделать единую базу) ACL на двух и более серверов под linux?
настроил redis + sentinel , три хоста
При падении хоста с ролью мастером, роль мастер корректно переползает на один из слэйвов.
Вопрос, как обращаться только к мастеру? ( чтобы можно было выполнять запросы запись\чтение
порт sentinel'a - только для служебных запросов
Если поставить перед этими хостами HAproxy, как поставить запросы только к мастер ноде ?
есть хост и его ip 1.1.1.1 , это линукс, на нём нужно сделать так, чтобы при обращении к 10.10.10.10 порт 8888 был редирект на 1.1.1.1 8888, как это сделать?
пытаюсь что-то вроде
iptables -t nat -A PREROUTING --dst 10.10.10.10 -p tcp --dport 8888 -j DNAT --to-destination 1.1.1.1:8888
делаю telnet 10.10.10.10 8888 подключение не проходит, в tcpdump:
1.1.1.1.45542 > 10.10.10.10.webcache: 1.1.1.1.45542 > 1.1.1.1.webcache:
что ещё нужно добавить в правила itpables, что заработала переадресация при обращение к другому хосту на локальный ip адрес ?
| следующие → |