Open main menu

CDOT Wiki β

Changes

Daily Infrastructure Duties
** Mount points from Hong Kong - Work Space (builder specific, and /mnt/koji).
* Back-ups - Check all automated back ups
**Back-ups are located on Ireland, New Zealand the critical management servers and iraq - /vararchive/kojiblaze-backup/***should contain backups of "/etc" and a postgresql dump, run on a daily basis at after midnight. These are cronjobs run as root for "/etc" and as koji for the postgresql dump.***Ireland should also have a full copy of "/mnt/koji". This is a cronjob run under the root account on Hong Kong.
* Check available disk space on all relevant machines - Hongkong, Ireland and New Zealand.
** /var and /mnt/koji on Hong Kong
* Edit the export file in the nfs server that holds mount koji, at this point which is chile and add the to-be-createrepo machine's info on that file and restart the nfs server
* Add mount koji through nfs in the to-be-createrepo machine (make the mounting directory and edit the fstab) and run mount all
 
 
== Bandwidth Throttling and Connection Limiting in Scotland ==
=== Throttling ===
* This script is based on [http://www.topwebhosts.org/tools/traffic-control.php Traffic Shaping script] and uses [http://linux.die.net/man/8/tc tc command]
* The bandwidth throttling script ''bwmon'' is available in /usr/local/bin in scotland
* Activate it by running the following
bwmon start
* Available options are
# bwmon [start|stop|restart|show]
 
* Script base is available [http://www.topwebhosts.org/tools/tc.bash.txt here]
* [http://www.linuxquestions.org/questions/linux-server-73/applying-download-speed-limit-iptables-842906/ External link] on bandwidth throttling.
 
=== Connection Limiting ===
* Connection will be limited 2 per host every 60 sec
* Custom netfilter tables are available in /usr/local/bin directory
 
* To enable connection limiting run the following
 
iptables-restore < /usr/local/bin/connlim.iptab
iptables-save > /etc/sysconfig/iptables
 
* To disable connection limiting run the following
iptables-restore < /usr/local/bin/regular.iptab
iptables-save > /etc/sysconfig/iptables
* More info available at [http://www.topwebhosts.org/tools/traffic-control.php Cybercity]
 
 
 
== rsync server: Scotland ==
 
* The rsync server is running at default rsync port (TCP 873)
 
* Associated files are
daemon file = /etc/rsyncd.conf
motd file = /etc/rsyncd.motd
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
* The Firewall was adjusted to accommodate the rsyncd service. Please see [http://zenit.senecac.on.ca/wiki/index.php/Fedora_ARM_Secondary_Architecture/Standard_Operating_Procedures#Connection_Limiting already implemented firewall rules]
* Available modules are test and raspberrypi
* Sample invocation method as follows
rsync -aprvz scotland.proximity.on.ca::raspberrypi /path/to/destination/directory
* Script base is available at [http://everythinglinux.org/rsync/ Everything Linux]
* Additional tutorials available at [http://zenit.senecac.on.ca/wiki/index.php/OPS335_Lab_10 Seneca Wiki]
=== Feature possibilities for the rsync server ===
* Service Command compatibility [http://www.fredshack.com/docs/rsync.html script from Fredshack] can be added
* Systemd compatibility [https://gist.github.com/1401352 script from Github] can be implemented
1
edit