Installing VNC on Solaris

I found this in my old notes from Solaris 8 times.
For Solaris 8 you can install vnc package for Solaris 9 from sunfreeware.com

pkgadd -d vnc...

Let’s set vnc password

vncpasswd

Modify /etc/profile to include

PATH=$PATH:/usr/X/bin

Let’s start VNC server on Display 1

vncserver :1

Modify file $HOME/.vnc/xstartup
Change last line

twm

to

/usr/dt/bin/dtwm &\n

Kill current session on Display 1

vncserver -kill :1

Start it again

vncserver :1

And connect

vncviewer hostname :1
Posted in Solaris | Tagged | Leave a comment

Cheap inter vlan routing

I often find myself working on a systems that have multiple vlans and those vlans need to be able to talk to each other and that means that router or L3 switch is a must in such setup. Unfortunately while building systems customer networking is not always ready, so all I have is a blade chassis with a bunch of blades, pass through modules and a couple of L2 switches.

As a temporal solution while waiting for a customer networking to be ready I’ve used a Linux laptop to route between vlans. But recently I’ve discovered an inexpensive alternative –  routers made by a company called MikroTik – http://routerboard.com/about.
This is the best cheap inter vlan routing solution that I have found so far.

Their cheapest router starts at just 39.95$ at the time of this writing

http://routerboard.com/RB750

And you can buy them in US via many resellers http://routerboard.com/distributors

I will describe below steps that I’ve used to setup inter vlan routing on RB751G router + AP http://routerboard.com/RB751G-2HnD

Once you plug in power cord it will start to broadcast with SSID by default set to MikroTik and no encryption. So first thing to do – secure it.

Once you connect – default IP address of the MikroTik device is 192.168.88.1, so connect to it via browser and setup WIFI encryption settings and admin password for web/ssh/telnet access.

After you click apply you will be disconnected from MikroTik SSID and will need to reconnect with the Password that you just entered in the Pre-Shared Key field.

I have 2 below vlans and I need to setup my router to do inter vlan routing

  • 620 10.189.118.0/26 gateway 10.189.118.62
  • 621 10.189.118.64/26 gateway 10.189.118.126

I have a trunk coming out of HP Procurve switch that carries both VLANs, so I need to configure one interface of the MikroTik to be so called “router on a stick”.

This is described here http://wiki.mikrotik.com/wiki/Testwiki/VLANs

So connect to 192.168.88.1 via ssh. Login as admin and password is whatever you set in the previous step.

Let’s create VLANs 620 and 621 and assign them to one interface of the MikroTik

/interface vlan add name=VLAN-620 vlan-id=620 interface=ether1 disabled=no
/interface vlan add name=VLAN-621 vlan-id=621 interface=ether1 disabled=no

And let’s assign IP addresses to these VLANs

/ip address add address=10.189.118.62/26 interface=VLAN-620
/ip address add address=10.189.118.126/26 interface=VLAN-621

And that’s it! Now we have router on a stick that does inter vlan routing.
So connect your trunk cable to port 1 of the MikroTik router and enjoy.
And one more thing – by default it allows multicast traffic. So if you are building RedHat cluster or Oracle RAC and you are wondering if multicast is enabled in this router – it is enabled by default.

Now let’s extend our configuration a bit.
I need to connect my laptop to vlan 621.
I can either do it at the HP Procurve switch or I can configure one of the ports on the MikroTik to be “access” port in the cisco terminology.

There is a nice description on how to do this on this page
http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment

Let’s create a bridge

/interface bridge add name=br-vlan-621 disabled=no

And now let’s add our vlan interface to this bridge

/interface bridge port add interface="VLAN-621" bridge="br-vlan-621" disabled=no

And now let’s add to this bridge our MikroTik interface, for example ether3.

/interface bridge port add interface="ether3" bridge="br-vlan-621" disabled=no
failure: device already enslaved

Which fails.
It fails for the reason that by default ethernet ports 3 – 5 are enslaved to master port ether 2.
Explanation for this can be found here http://wiki.mikrotik.com/wiki/Manual:Default_Configurations

So what we need to do – we need to change ether3 configuration as following

/interface ethernet set ether3-slave-local master-port=none

After that we should be able to bridge it to br-vlan-621

/interface bridge port add interface="ether3" bridge="br-vlan-621" disabled=no

Let’s confirm that our bridge br-vlan-621 indeed bridges VLAN-621 and ether3 port

 /interface bridge port print
Flags: X - disabled, I - inactive, D - dynamic
 #    INTERFACE                        BRIDGE                        PRIORITY  PATH-COST    HORIZON
 0 I  wlan1                            bridge-local                      0x80         10       none
 1    ether2-master-local              bridge-local                      0x80         10       none
 2 I  VLAN-621                         br-vlan-621                       0x80         10       none
 3 I  ether3-slave-local               br-vlan-621                       0x80         10       none

Now I can connect my laptop to port 3, set IP address to the range of the vlan 621, make sure that my gateway is set to 10.189.118.126 and I can successfully access vlan 620.

Posted in Networking | Tagged | 1 Comment

Controlling VMware ESXi server from VSphere client via SSH tunnel

Recently I was facing an issue of accessing ESXi servers in the lab network. This lab network topology is presented below (off course for this post all IP addresses are changed from the real ones). As one can see all the access to the internal lab network is going through the multihomed server running SSH, VNC and NX.

vmware esxi on the firewalled lab network

The problem with controlling ESXi hosts is that vSphere client can only be installed on Windows PC and this lab had no Windows PCs.

SSH port forwarding to the rescue

I figured – OK, I will try to do dynamic ssh port forwarding, but …

vSphere client doesn’t seem to support SOCKS proxy settings, which means that I needed to figure out ports involved in communication between vSphere client and ESXi host and then do ssh local port forwarding.

At this point I had to go to the lab, connect my Windows laptop to the switch and run wireshark while I was accessing ESXi hosts via vSphere client. Wireshark capture showed that only ports involved into communication on the ESXi side are ports :

  • 443
  • 902

At this point I left lab and went back to my desk.

Connected to SSH server in the lab with the following command


ssh -L 443:10.0.0.2:443 -L 902:10.0.0.2:902 user@10.1.0.1

Well, actually since I was on a Windows machine I had to use putty, so my settings were

ssh port forwarding putty settings for ESXi

And I tried to connect via vSphere to 127.0.0.1

esxi connection to localhost

vSphere didn’t like that.

esxi via ssh tunnel error

And the reason is – our forwarded ports are listening on the localhost 127.0.0.1

But vSphere for some reason resolves 127.0.0.1 to my host name and then to my host name IP address of the Network Interface Card which is off course not 127.0.0.1

I found two possible solutions to that

Solution 1

Updating Windows hosts file with bogus host name pointing to 127.0.0.1 helped to fix this issue

esxi access via ssh Windows hosts workaround

After that modification I was able to connect to ESXi. Accessing console of the VMs worked fine too.

esxi access via ssh tunnel success

Solution 2

We can tell ssh to bind not to our localhost but to the IP address of the Network Interface Card.

For example IP address of my NIC was 192.168.0.32, so I did following adjustments in the putty

esxi access via ssh tunnel putty settings solution 2

After that I was able to connect just by entering 127.0.0.1 in the vSphere IP address field

esxi access via ssh tunnel success solution 2

Posted in VMware | Tagged , , | 7 Comments

Solaris cheat sheet

How to find list of files installed by a package on Solaris

# pkgchk -l SUNWlibgcrypt|egrep “Pathname|Type”
Pathname: /usr/bin
Type: directory
Pathname: /usr/bin/libgcrypt-config
Type: regular file
Pathname: /usr/lib
Type: directory
Pathname: /usr/lib/libgcrypt.so
Type: symbolic link
Pathname: /usr/lib/libgcrypt.so.1
Type: symbolic link
Pathname: /usr/lib/libgcrypt.so.1.5.1
Type: regular file

How to see what package a file is associated with on Solaris

pkgchk -l -p /path/to/filename

Use of find command

I have a directory with the bunch of files and directories. I want to zip all directories that are exactly 8 symbols. Somehow below doesn’t work

find ./ -name "????????" -exec zip -r {}.zip {} \;

I had to use xargs to achieve this task

find ./ -name "????????" | xargs -I {} zip -r {}.zip {}

Also see this post on efficiency of the find -exec versus find | xargs
Good find tutorial

Working with cpio archives

To create archive

find . -depth -print | cpio -o > archivename

Extract to current dir

cpio -i < archivename

List files in archive

cpio -it < archivename

Sending MIME e-mails from Solaris via script

mutt can be installed on Solaris to send MIME e-mails from command line.

Check if package

 
SUNWopenssl-libraries 

installed

Modify LD_LIBRARY_PATH as follows

LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/sfw/lib
export LD_LIBRARY_PATH
REPLYTO="yourname@yoursite.com"
export REPLYTO

And now to send multiple e-mails

files="-a file1 -a file2 -a file3"
/usr/local/bin/mutt $files -s "Your subject line" $emaillist < MessageBody.txt

Sending e-mails via sendmail

cat filename | /usr/lib/sendmail -F "Your Name" -ONoRecepientAction=add-to name1@site1.com name2@site2.com

How to restore files with Solstice Backup

cd /usr/bin/nsr
./nwrecover

From nwrecover we can change Browse Time, check files that we want to restore and restore them.

Details are in the document Solstice Backup 6.1 Administrator’s Guide

How to copy VTOC from one disk to another

prtvtoc -h /dev/rdsk/c0d0s2 > vtoc.txt
fmthard -s ./vtoc.txt /dev/rdsk/c1d0s2

How to create iso

mkisofs -l -L -J -o filename path
lofiadm -a fullpathtoiso
mount -F hsfs -O /dev/lofi/1 /mnt   ### -O is overlay mode, mount over

For importing SW to Radio Commander relnotes needs to be lowercase, files – upper case.

LDAP client commands

getent passwd (works not only for ldap, depends on nsswitch.conf)
ldaplist -l passwd username

Connecting to Solaris via XDMCP from Linux

X :1 -query hostname    ### Make sure that ports for XDMCP are open, otherwise won't work
Posted in Solaris | Tagged | Leave a comment

Registering hosts manually in EMC Clarion / VNX

If you use powerpath – this article won’t apply, but if you are using Linux native multipath and need to register many servers in EMC manually – read on.
I will describe below method to register hosts via CLI.

First of all we need to obtain so called Worl Wide Names of the Host Bus Adapters – HBA.

You can use below script for this (tested on RedHat 5 & RedHat 4)

#!/bin/bash
#######################
#   
#    Script will display WWNs of the Host Bus Adapter Cards on the system
#
#######################

##### Check RedHat release
grep "release 5" /etc/redhat-release > /dev/null
if [ $? -eq 0 ]
 #### Found RedHat 5.x version
 then
  for path in `ls -1 /sys/class/fc_host/`
   do
    node=`sed 's/^0x//' /sys/class/fc_host/$path/node_name|awk 'BEGIN{FIELDWIDTHS = "2 2 2 2 2 2 2 2"}; {print $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ":" $7 ":" $8}'`
    port=`sed 's/^0x//' /sys/class/fc_host/$path/port_name|awk 'BEGIN{FIELDWIDTHS = "2 2 2 2 2 2 2 2"}; {print $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ":" $7 ":" $8}'`
    echo $node:$port
   done
 #### Found RedHat 4 (it's not entirely true, it could be RedHat 6 for example)
 else
  for i in `ls /proc/scsi/qla2xxx/*`
   do
    NODE=`grep adapter-node $i | awk  -F= '{print $2}'| sed s/\;//| awk 'BEGIN{FIELDWIDTHS = "2 2 2 2 2 2 2 2"}; {print $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ":" $7 ":" $8}'`
    PORT=`grep adapter-port $i | awk  -F= '{print $2}'| sed s/\;//| awk 'BEGIN{FIELDWIDTHS = "2 2 2 2 2 2 2 2"}; {print $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ":" $7 ":" $8}'`
    echo $NODE:$PORT
  done
 fi

To register above found WWNs you will need to have storage group created.
Create storage group with the below CLI command

naviseccli -User emc -Password emc -Scope 0 -h 172.20.149.153  storagegroup -create -gname bottom

Now it’s time to register WWNs with the storage group.
Off course adjust you username, password, storage group name and port numbers accordingly.

/opt/Navisphere/bin/naviseccli -User emc -Password emc -Scope 0 -h 172.20.149.153  storagegroup -setpath -o -gname bottom -hbauid 50:01:43:80:14:0f:cb:5d:50:01:43:80:14:0f:cb:5c -sp a -spport 0 -ip 172.20.149.1 -host ds1 -failovermode 4 -arraycommpath 1 
/opt/Navisphere/bin/naviseccli -User emc -Password emc -Scope 0 -h 172.20.149.153  storagegroup -setpath -o -gname bottom -hbauid  50:01:43:80:14:0f:cb:5f:50:01:43:80:14:0f:cb:5e -sp b -spport 0 -ip 172.20.149.1 -host ds1 -failovermode 4 -arraycommpath 1

And the beauty of it – it all can be scripted.

Posted in EMC | Tagged | 1 Comment

Extending perl include directory

http://stackoverflow.com/questions/841785/how-do-i-include-a-perl-module-thats-in-a-different-directory

http://www.perlhowto.com/extending_the_library_path

http://www.rocketaware.com/perl/perlfaq8/How_do_I_add_a_directory_to_my_i.htm

Posted in Perl | Tagged | Leave a comment

cpan cheat sheet

Installing modules from CPAN

perl -MCPAN -e shell 

if you know the name of the module, you can install it directly without interacting with the CPAN shell

perl -MCPAN -e 'install Time::JulianDay' 

Within the CPAN shell

i /expression/ 

will search for a Perl module containing expression, and

install module 

will install the module. For example

perl -MCPAN -e shell
i /JulianDay/
install Time::JulianDay

If you are behind the firewall you can use http_proxy environmenatl variable.
See here

http_proxy=http://my.proxy.net:8080
export http_proxy

And configure CPAN mirrors that are http based, see here CPAN mirrors

Posted in Perl | Tagged | Leave a comment

Connecting to Oracle from perl

Installing DBI module for connecting to Oracle database

Install DBI module with dependencies

perl -MCPAN -e shell
install DBI

Once DBI is installed – install DBD::Oracle

install DBD::Oracle

Connecting to Oracle from perl

According to DBI Documentation here it’s possible to connect to the Oracle Database without having to modify tnsnames.ora file

use DBI;
$dbh = DBI->connect("dbi:Oracle:host=$host;sid=$sid", $user, $passwd);

However I had issues with this way of connecting to RAC databases, probably cause RAC will do load balancing and will try to force connection to a different host. Don’t know, but here is what worked
Create connection in the tnsnames.ora file. For this check environmental variable TNS_ADMIN

$ env|grep -i tns
TNS_ADMIN=/opt/oracle/product/10.2.0/db_1/network/spots_ora_admin
$ cd $TNS_ADMIN
$ ls -l
total 8
-rw-rw-rw-   1 root     other       1318 Nov 17  2008 listener.ora
-rw-rw-rw-   1 root     other       1543 Jul 20 23:15 tnsnames.ora
$ tail -15 tnsnames.ora
MYRAC =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = host1.rac.com)(PORT = 1701))
(ADDRESS = (PROTOCOL = TCP)(HOST = host2.rac.com)(PORT = 1701))
(ADDRESS = (PROTOCOL = TCP)(HOST = host3.rac.com)(PORT = 1701))
(ADDRESS = (PROTOCOL = TCP)(HOST = host4.rac.com)(PORT = 1701))
(LOAD_BALANCE = ON)
(FAILOVER = ON)
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = MY_RAC)
)
)

Now use SID to connect to RAC

#!/usr/bin/perl
use DBI;

$user="yourusername";
$pass="yourpasswd";

$dbh = DBI->connect("DBI:Oracle:MYRAC",$user,$pass) || die( $DBI::errstr . "\n" );

$dbh->disconnect;
Posted in Oracle, Perl | Leave a comment

CPAN for non root user

Below is inspired by Installing Perl Modules as a Non-Root User

Modify your .profile file

if [ -z "$PERL5LIB" ]
then
# If PERL5LIB wasn't previously defined, set it...
PERL5LIB=~/myperl/lib
else
# ...otherwise, extend it.
PERL5LIB=$PERL5LIB:~/myperl/lib
fi

MANPATH=$MANPATH:~/myperl/man

export PERL5LIB MANPATH

Create directories

mkdir -p ~/myperl/lib
mkdir -p ~/myperl/man/man1
mkdir -p ~/myperl/man/man3

During cpan initial configuration when asked for extra arguments enter

LIB=~/myperl/lib INSTALLSITEMAN1DIR=~/myperl/man/man1 INSTALLSITEMAN3DIR=~/myperl/man/man3
Posted in Perl | Tagged | Leave a comment

CPAN on Solaris

This was a very useful link for me OpenSolaris: How to Build CPAN Perl Modules with GCC Instead of the Sun Compiler

 #!/usr/bin/python
# cc(1) wrapper to build CPAN Perl modules with GCC on OpenSolaris. -mrb
import os, sys
path = '/usr/gnu/bin/cc'
args = []
i = 0
while i < len(sys.argv):
       if i == 0:
               args.append(path)
       elif sys.argv[i] == '-KPIC':
               args.append('-fPIC')
       elif sys.argv[i] == '-xO3':
               args.append('-O3')
       elif sys.argv[i] == '-xspace':
               pass
       elif sys.argv[i] == '-xildoff':
               pass
       else:
               args.append(sys.argv[i])
       i += 1
os.execv(path, args)

But code taken from the above link seems to be missing one extra argument that gcc doesn’t understand arch=v8. Below is my own perl script that does the argument conversion

#!/usr/bin/perl

push(@args,"/usr/sfw/bin/gcc");

foreach $arg (@ARGV)
{
        $arg =~ s/-KPIC/-fPIC/;
        $arg =~ s/-xO3/-O3/;
        if(($arg =~ /-xspace/) || ($arg =~ /-xildoff/) || ($arg =~ /arch=v8/))
        {
                next;
        }
        push(@args,$arg);
}

printf "Executing gcc with following arguments\n";

foreach (@args)
{
        print "$_ \n";
}

system(@args);
Posted in Perl, Solaris | Tagged | Leave a comment