How Linux sets NFS filesystem ID on the wire

Filed under: Geekiness — iain @ 13:43:46

These tests were peformed by capturing NFS traffic with Wireshark and looking for the fsid major and minor numbers.

    # tshark -T fields -e nfs.fsid4.major -e nfs.fsid4.minor port 2049

Errors and omissions excepted. All mistakes my own. If you don’t know what I’m talking about or why this would be useful to know then this post will not be very interesting.



My name is not Lain

Filed under: Rants — iain @ 22:44:39

My name is not Lain it is Iain. India Alpha India November not Lima Alpha India November.



NSSM 2.16

Filed under: Geekiness — iain @ 05:56:43

The next release of NSSM will be version 2.16 and it will include a feature which has been requested a number of times over the years, namely the ability to redirect the standard I/O streams which UNIX users know as stdin, stdout and stderr.



Policing and monitoring

Filed under: Geekiness — iain @ 12:17:38

Last year I configured my Cisco 877 router to rate-limit downloads so as not to exceed my ISP’s monthly quota. Later I realised that rate-limiting is not the best method to cap downstream traffic and switched to policing instead. My method worked but with some changes to the implementation I have since been able to simplify the management and get access to more useful stats.



libvirtd Kerberos

Filed under: Geekiness — iain @ 10:24:35

I had some fun getting libvirtd to work with GSSAPI. It looked like it should be easy but documentation was thin on the ground and some key points were glossed over. Eventually I did figure it out. Here’s how.



Error messages

Filed under: Geekiness,Rants — iain @ 12:51:18

The command: snapdrive storage list -all

The error message displayed to the user: Status call to SDU daemon failed

The error hidden in the Snapdrive trace log: Fatal error: Assertion detected in production code: ../sbl/StorageOperation.cpp:182: Test ‘osAssistants.size() == 1′ failed

The actual problem: /etc/redhat-release contains the string CentOS not Red Hat.


Policing vs rate-limiting

Filed under: Geekiness — iain @ 06:31:51

I read some Cisco documentation recommending the use of traffic policing in a service policy over rate-limiting on an interface. I already used a policy to set DSCP values which later controlled the rate-limiting so switching to policing would cut out the middle man and be easier to understand. That being said, my goal is not to enter my router into some kind of Cisco guideline conformance competition but to get it to to what I want efficiently. The fact that Cisco recommend doing things differently is not in itself reason to switch. For that I looked at the rather harsh effects of rate-limiting.



Rate limiting stats

Filed under: Geekiness — iain @ 13:03:48

My experiment with rate limiting downloads seems to be largely successful, modulo a few typos and omissions. I accidentally set the HTTP class as a match-all rule rather than a match-any rule, meaning it would always fail to match as traffic cannot be both HTTP and HTTPS traffic simultaneously. I also forgot to add SSH to a policy class. As a result both these protocols ended up being the default (slow) group. Everything else is working well so far.



Cisco 877 download rate limiting

Filed under: Geekiness — iain @ 16:37:16

I’m in the process of migrating to a different ISP. Whereas until now I have been on a flat rate for download usage, the new provider charges significantly more for downloads between 0900 and 1800 on weekdays.

As I have a Cisco 877 router I should be able to throttle downloads during peak times and save myself money compared to the plan I’ve been using.



Automount trickery, submounts, cross-platform stuff etc

Filed under: Geekiness — iain @ 21:48:23

Hands up if your home directory is full of crap. Mine is. It has junk going back to 1999. As a measure of just how much junk I have let me tell you that at time of writing my home directory is 20Gb in size. In addition to having eleven years’ worth of files that I never got round to deleting, a large chunk of that disk usage comes from my Mac in the form of the Library subdirectory which contains pretty much everything Macs need in a user account as well as my Firefox and Thunderbird profiles. Needless to say these are huge.

In fact my home directory is only as small as it is because I moved a wodge of files to a separate storage area. The Documents directory, in which my Mac wants to save … pretty much anything … is actually a symlink to /files/iain/Documents which is automounted from somewhere else. And since my documents are the kind of things which I like to have available all over the place, that same directory is also shared by Samba and my Windows roaming profile knows to go there when I try to open (My) Documents. Some other directories are similarly shared across operating systems, including Desktop, Pictures and Movies.

I’d been thinking for a while that it might be better to move these well-known file stores into their own separate ZFS filesystems on my fileserver. Things came to a head this very evening when I downloaded Steam for Mac only to have it refuse to install because Library/Application Support/Steam wasn’t on a case-insensitive filesystem. It occurred to me that if Library were its own filesystem as I’d been considering, I could make it case-insensitive and trim the size of my home directory by a considerable margin. Although I wouldn’t advocate actually doing it in so crude a way, I believe that a home directory should be small enough that if you were given a UNIX account on a new system you should be able to get yourself up to speed by quickly transferring your entire home area from another environment. A home directory should be for dotfiles, SSH keys and the like. Everything else (real documents) should go Somewhere Else.

Since I use the automounter for everything I figured this would be pretty simple. As it turns out it actually is. The syntax works with Mac, Solaris and Linux as is documented to a greater or lesser extent in each system’s AutoFS manpages. The only potential stumbling block was getting it to work with LDAP but ended up being just as simple as you might hope.

The syntax to have the automounter mount a subdirectory of a configured mount is as follows, in auto.home for instance:

    * / files:/export/home/& /Library files:/export/library/&

So for all x /home/x will be mounted from fileserver:/export/home/x and /home/x/Library will be mounted from fileserver:/export/library/x.

On Linux I found I didn’t need the initial / by itself but both Mac and Solaris didn’t work without it. Another gotcha was that the Library directory had to actually exist in the original directory for it to be mounted from the specified location. In other words it wasn’t sufficient to export /export/home/iain and /export/library/iain from my file server. I also needed to create /export/home/iain/Library for it to be mounted.

In LDAP speak my auto.home became:

    dn: cn=/,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: /
    automountInformation: -fstype=nfs,tcp,rw,intr / files:/export/home/&
     /Library files:/export/library/&

To automount more subdirectories it suffices to add more bits to the automount entry.

    dn: cn=/,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: /
    automountInformation: -fstype=nfs,tcp,rw,intr / files:/export/home/&
     /Library files:/export/library/& /Documents files:/export/documents/&

And by redirecting my Windows shell folders to point to these filesystems in their CIFS form I can share them between operating systems.

Next Page

Powered by WordPress