Saturday, 26 April 2014

automount configuration from NFS

Objective:  Execute shared scripts from NFS server to local server, which is configured via auto-mounts.

Environment: CentOS 6.3 32-bit

Package version:  autofs-5.0

Why do we need to use an autofs ?

One drawback to using /etc/fstab is that, regardless of how infrequently a user accesses the NFS mounted file system, the system must dedicate resources to keep the mounted file system in place. This is not a problem with one or two mounts, but when the system is maintaining mounts to many systems at one time, overall system performance can be affected. An alternative to /etc/fstab is to use the kernel-based automount utility. An automounter consists of two components. One is a kernel module that implements a file system, while the other is a user-space daemon that performs all of the other functions. The automount utility can mount and unmount NFS file systems automatically (on demand mounting) therefore saving system resources.

On RPM based systems, autofs is not installed by default, hence I would assume you might be knowing on how to install the 'auotfs' package using package manager. 
All my scripts are been placed in the central server which is NFS, and I would share to my local client which is configured via auto-mounts in-order to save the system performance.

NFS config's:

The directory containing the scripts are shared in /etc/exportfs and access controls are provided to the client servers. Once your configurations are completed, make sure to start the nfs services.

#vi /etc/exporfs
/scripts    <IP address of the client>(ro,sync)

You can get the system information script from getsysinfo.sh. The same file will be shared to all the clients.

 autofs config's:

The primary configuration file for the automounter is /etc/auto.master, also referred to as the master map which may be changed. The master map lists autofs-controlled mount points on the system, and their corresponding configuration files or network sources known as automount maps.

# cat /etc/auto.master
/autofs         /etc/auto.fs    --timeout=3
#

I use a shorter time vaule common user will not recognize as a timespan or anything the user could get nervous about when waiting. 


# tail -2 /etc/auto.fs
scripts -rw,soft,intr,rsize=8192,wsize=8192     nfs.domain.com:/scripts
#

Save the file and make sure you start the service.
#service autofs start

Now, you can traverse to the directoy which will mount when in use and unmounts when not in use. 

#df -h /autofs/scripts
Filesystem            Size  Used Avail Use% Mounted on
nfs.domain.com:/scripts  8.7G  4.1G  4.3G  49% /autofs/scripts

# ls -l  /autofs/scripts
total 8
-rwxr-xr-x 1 root root 7391 Sep  1  2013 getsysinfo.sh
#

You could also use the same for the local file system. I would conclude this article here and the 'automounts' can be configured for NIS, CIFS where I may explain in coming articles.

Sunday, 6 April 2014

Configure log rotation - Solaris 10

In order to have an easy administration of systems which generates large number of log files, you can configure your log files according by an utility called logroate, which allows automatic rotation, compression, removal and also mailing of log files which can be handled daily, weekly or when it grows too large.

Objective: compress and rotate logs after certain threshold on the file size.

Environment: Solaris 10 32-bit

The system log rotation is defined in the /etc/logadm.conf file. This file includes log rotation entries for processes such as syslogd. For example, one entry in the /etc/logadm.conf file specifies that the /var/log/ciscofirewall.log file is rotated weekly unless the file is empty. The most recent ciscofirewall.log file becomes ciscofirewall.log.0, the next most recent becomes ciscofirewall.log.1, and so on. Eight previous ciscofirewall log files are kept.
The /etc/logadm.conf file also contains time stamps of when the last log rotation occurred.
# vi /etc/logadm.conf 
/var/log/ciscofirewall.log -C 9 -s 10240k -z 4 -N -a 'kill -HUP `cat /var/run/syslog.pid`'
#

where, 
     -C = expire old logs until count remain.( 9 log files created and rotated )
     -N = not an error if log file nonexistent.
     -s = only rotate if given size or greater.
     -a = execute command after taking actions.
     -z = gzip old logs except most recent count ( last 5 log files would be compressed )

- Restart the syslogd to take changes effectively.

The command is often run on a cron job, which has the effect of fully automatic log rotation.

# crontab -l 
10 3 * * * /usr/sbin/logadm

# ls -l /var/log/ciscofirewall*.log.* | wc -l
       9
#

# ls -l /var/log/ciscofirewall*.log.*.gz | wc -l
       5

# ls -ltr /var/log/ciscofirewall.log*
-rw-r--r--   1 root     root       41048 Apr  6 14:38 /var/log/ciscofirewall.log.8.gz
-rw-r--r--   1 root     root       42076 Apr  6 14:39 /var/log/ciscofirewall.log.7.gz
-rw-r--r--   1 root     root       41621 Apr  6 14:40 /var/log/ciscofirewall.log.6.gz
-rw-r--r--   1 root     root       41524 Apr  6 14:41 /var/log/ciscofirewall.log.5.gz
-rw-r--r--   1 root     root       41410 Apr  6 14:42 /var/log/ciscofirewall.log.4.gz
-rw-r--r--   1 root     root     21510944 Apr  6 14:43 /var/log/ciscofirewall.log.3
-rw-r--r--   1 root     root     21139079 Apr  6 14:44 /var/log/ciscofirewall.log.2
-rw-r--r--   1 root     root     21536814 Apr  6 14:45 /var/log/ciscofirewall.log.1
-rw-r--r--   1 root     root     21399755 Apr  6 14:46 /var/log/ciscofirewall.log.0
-rw-r--r--   1 root     root     16434041 Apr  6 14:46 /var/log/ciscofirewall.log

all your logs has been rotated in a discipline manner, which would be easy to troubleshoot in-case of any errors.