Jude Zhu Reading time ~1 minute

Just a basic and simple keepalived and haproxy configuration

OS : CentOS 7

haproxy1: 192.168.0.101 haproxy2: 192.168.0.102

install and configure keepalived

install keepalived

yum install -y keepalived
vim /etc/keepalived/keepalived.conf

haproxy1 keepalived.conf

vrrp_script chk_haproxy {
  script "killall -0 haproxy" # check the haproxy process
  interval 2 # every 2 seconds
  weight 2 # add 2 points if OK
}

vrrp_instance VI_1 {
  interface eth0 # interface to monitor
  state MASTER # MASTER on haproxy, BACKUP on haproxy2
  virtual_router_id 51
  priority 101 # 101 on haproxy, 100 on haproxy2
  virtual_ipaddress {
    192.168.0.100 # virtual ip address
  }
  track_script {
    chk_haproxy
  }
}

haproxy2 keepalived.conf

vrrp_script chk_haproxy {
  script "killall -0 haproxy" # check the haproxy process
  interval 2 # every 2 seconds
  weight 2 # add 2 points if OK
}

vrrp_instance VI_1 {
  interface eth0 # interface to monitor
  state BACKUP # MASTER on haproxy, BACKUP on haproxy2
  virtual_router_id 51
  priority 100 # 101 on haproxy, 100 on haproxy2
  virtual_ipaddress {
    192.168.0.100 # virtual ip address
  }
  track_script {
    chk_haproxy
  }
}

‘killall -0 haproxy’ explain : If sig is 0, then no signal is sent, but error checking is still performed; this can be used to check for the existence of a process ID or process group ID.

Start and enable keepalived

systemctl enable keepalived
systemctl start keepalived

install haproxy

yum install haproxy

configure haproxy for SELinux and HTTP

vim /etc/firewalld/services/haproxy-http.xml

add

<?xml version="1.0" encoding="utf-8"?>
<service>
<short>HAProxy-HTTP</short>
<description>HAProxy load-balancer</description>
<port protocol="tcp" port="80"/>
</service>

assign the correct SELinux context and file permissions to the haproxy-http.xml file.

cd /etc/firewalld/services
restorecon haproxy-http.xml
chmod 640 haproxy-http.xml

for https

vim /etc/firewalld/services/haproxy-https.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
<short>HAProxy-HTTPS</short>
<description>HAProxy load-balancer</description>
<port protocol="tcp" port="443"/>
</service>

cd /etc/firewalld/services
restorecon haproxy-https.xml
chmod 640 haproxy-https.xml

use openssl to generate a self-signed key for ssl put the certificate and key into a PEM file.

cat example.com.crt example.com.key > example.com.pem
cp example.com.pem /etc/ssl/private/

Configure HAProxy.

vim /etc/haproxy/haproxy.cfg

frontend http_web *:80
    mode http
    default_backend rgw

frontend rgw-https
  bind <insert vip ipv4>:443 ssl crt /etc/ssl/private/example.com.pem
  default_backend rgw

backend rgw
    balance roundrobin
    mode http
    server  rgw1 10.0.0.71:80 check
    server  rgw2 10.0.0.80:80 check

Enable/start haproxy

systemctl enable haproxy
systemctl start haproxy

test

ip addr show

to check the VIP

Jude Zhu Reading time ~1 minute

I use this script to update Racktables databases value

import MySQLdb
import xlrd
import time
import sys
reload(sys)
sys.setdefaultencoding("utf-8")

def get_table():
    FILE_NAME = 'owner.xls'
    data = xlrd.open_workbook(FILE_NAME)
    table = data.sheets()[0]
    return table

def insert_by_many(table):
    nrows = table.nrows
    param=[]
    for i in xrange(1,nrows):
        #param.append([table.cell(i, 0).value, table.cell(i, 1).value])
        #change to 3 values for the new sql script
        param.append([table.cell(i, 0).value, table.cell(i, 1).value])
        print param
    try:
        #sql = 'UPDATE AttributeValue JOIN Object ON AttributeValue.object_id = Object.id SET AttributeValue.string_value = %s WHERE AttributeValue.attr_id=14 and Object.name = %s'
        #update sql script, if not exist insert , if exist update, like "UPSERT", so param list should have three value
        sql = "insert into AttributeValue (object_id, object_tid, attr_id, string_value) select id, objtype_id, '14', %s from Object where name=%s on duplicate key update AttributeValue.string_value=%s"
        cur.executemany(sql, param)
        conn.commit()
    except Exception as e:
        print e
        conn.rollback()
    print '[insert_by_many executemany] total:',nrows-1


conn = MySQLdb.connect(host="127.0.0.1", port=3306, user="root", passwd="password", db="racktables")
cur = conn.cursor()

table = get_table()


start = time.clock()
insert_by_many(table)
end = time.clock()
print '[insert_by_many executemany] Time Usage:',end-start

if cur:
    cur.close()
if conn:
    conn.close()
Jude Zhu Reading time ~1 minute

sometimes you install a linux server and have a driver bigger than 2T, so you make two virtual disks and dont want to mount the /dev/sdb to a folder

parted --script /dev/sdb mklabel gpt
parted --script /dev/sdb mkpart primary 512 100%
pvcreate -f /dev/sdb1
vgextend vg_centos /dev/sdb1
lvresize -l 100%VG /dev/vg_centos/lv_root
xfs_growfs /dev/mapper/vg_centos-lv_root
df -h
Jude Zhu Reading time ~1 minute

Check Docker Info

Check Docker Version

docker version

check docker system info

docker info

Image

search images

docker search image_name

download images

docker puch image_name

list images

docker images

delete one or more images

docker rmi image_name

show docker image history

docker history image_name

start container

run cmd “echo” in container and output “hello world”

docker run image_name echo "hello world"

login container tty

docker run -i -t image_name /bin/bash

install package in the container

docker run image_name apt-get install -y package-name

Check container

list all the running containers

docker ps

list all the containers include offline

docker ps -a

list last time running container

docker ps -l

save modified container to a new image

docker commit ID new_image_name

container operations

delete all the containers

docker rm 'docker ps -a -q'

delete specific container

docker rm NAME/ID

start, stop, kill specific container

docker start NAME/ID
docker stop NAME/ID
docker kill NAME/ID

list the modified file or folder in the container

docker diff NAME/ID

check log of container

docker log NAME/ID

check process of the container

docker top NAME/ID

copy file from container to local path

docker cp NAME:/container_path local_path
docker cp ID:/container_path local_path

restar a running container

docker restart NAME/ID

attach container

docker attach ID

Save and load images

save image to a tar

docker save image_name -o file_path

load tar format image

docker load -i file_path

login registry server

docker login

publish an image

docker push new_image_name
Jude Zhu Reading time ~1 minute

10 commands

  • uptime
  • dmesg | tail
  • mpstat -P ALL 1
  • pidstat 1
  • iostat -xz 1
  • free -m
  • sar -n DEV 1
  • sar -n TCP,ETCP 1
  • top

maybe you need

 yum -y install procps sysstat