Friday, May 23, 2014

Vyatta Firewall Configuration backup

Vyatta Firewall Automated Backup 


1. Script to backup the vyatta configuration thorugh ssh. Save this file as /home/vyatta/backup_expect.sh.
Modify User name ,Password and IP address details.

#!/usr/bin/expect 
set timeout 1
spawn $env(SHELL)
send "configure\r"
expect -re  ".*# $"
sleep 5
send "save scp://vyatta:password@[ip-address]/home/vyatta/R1-config.boot.`date +%Y%m%d-%H%M`\r"
expect -re  ".*# $"
send "exit\r"
exit
expect eof

2.Enable the crontab entry for vyatta user

SHELL=/bin/vbash
0 20 * * * /home/vyatta/backup_expect.sh > /tmp/backup-out

Posted by at No comments:

Monday, April 28, 2014

SSH Proxy command

SSH Proxy command Diagram
Note: Refer http://blog.tjll.net/ssh-kung-fu/ for more info
Posted by at No comments:

Friday, April 25, 2014

iSCSI Administration

iSCSI Target and Initiator configuration


Summary:

                 In this article we will see about how to configure RedHat server as iSCSI Target and iSCSI Initiator. 

iSCSI Target (Server) configuration

  • Installing the required Package for target configuration. 
    [root@iscsi-target yum.repos.d]# yum groupinstall "Network Storage Server"
....... 
Dependencies Resolved

=============================================================================================================
 Package                                      Arch            Version            Repository         Size
=============================================================================================================
Installing:
 scsi-target-utils                            x86_64          1.0.24-2.el6        RHEL-CD          170 k
Installing for dependencies:
 libibverbs                                   x86_64          1.1.6-4.el6         RHEL-CD           45 k
 librdmacm                                    x86_64          1.0.15-2.el6        RHEL-CD           29 k
 perl-Config-General                          noarch          2.44-1.el6          RHEL-CD           68 k
 sg3_utils                                    x86_64          1.28-4.el6          RHEL-CD          471 k
 sg3_utils-libs                               x86_64          1.28-4.el6          RHEL-CD           51 k

Transaction Summary
===============================================================================================================
Install       6 Package(s)

Total download size: 833 k
Installed size: 2.1 M
Is this ok [y/N]: y
     
  • We have a logical Volume "/dev/vg_iscsidisk/lv_lun1" which will be used in the iSCSI Target configuration as a lun.
    • [root@iscsi-target yum.repos.d]# cat /etc/tgt/targets.conf
default-driver iscsi
<target iqn.2014-04.com.example:iscsi-target:storage>
        backing-store /dev/vg_iscsidisk/lv_lun1 
</target>

  • Restart the tgtd service and make it persistent after reboot.   
    • [root@iscsi-target yum.repos.d]# /etc/init.d/tgtd restart
Stopping SCSI target daemon:                               [  OK  ]
Starting SCSI target daemon:                               [  OK  ]
[root@iscsi-target yum.repos.d]# chkconfig tgtd on

  • Listing the Lun details.
    • [root@iscsi-target yum.repos.d]# tgt-admin -s
Target 1: iqn.2014-04.com.example:iscsi-target:storage
    System information:
        Driver: iscsi
        State: ready
    I_T nexus information:
    LUN information:
        LUN: 0
            Type: controller
            SCSI ID: IET     00010000
            SCSI SN: beaf10
            Size: 0 MB, Block size: 1
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: null
            Backing store path: None
            Backing store flags: 
        LUN: 1
            Type: disk
            SCSI ID: IET     00010001
            SCSI SN: beaf11
            Size: 4295 MB, Block size: 512
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: rdwr
            Backing store path: /dev/vg_iscsidisk/lv_lun1
            Backing store flags: 
    Account information:
    ACL information:
        ALL

iSCSI Initiator (Client) Configuration 

  •  Installing the required package for initiator
    • [root@iscsi-initiator ~]# yum groupinstall "iSCSI Storage Client"
......
Resolving Dependencies
--> Running transaction check
---> Package iscsi-initiator-utils.x86_64 0:6.2.0.872-41.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                   Arch       Version                 Repository   Size
================================================================================
Installing:
 iscsi-initiator-utils     x86_64     6.2.0.872-41.el6        RHEL-CD     654 k

Transaction Summary
================================================================================
Install       1 Package(s)

Total download size: 654 k
Installed size: 2.2 M
Is this ok [y/N]: y

  • iSCSI Qualified Name (IQN) configuration 
    • [root@iscsi-initiator ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2014-04.com.example:iscsi-initiator

  • iSCSI initiator consist of 2 services iscsi and iscsid. We will start the service and make it persistent.
    • [root@iscsi-initiator ~]# service iscsi restart
Stopping iscsi:                                            [  OK  ]
[root@iscsi-initiator ~]# service iscsid restart
Stopping iscsid: 
Starting iscsid:                                           [  OK  ]
[root@iscsi-initiator ~]# chkconfig iscsi on
[root@iscsi-initiator ~]# chkconfig iscsid on
  • Discovering the the presented LUN using iscsiadm command.
    • [root@iscsi-initiator ~]# iscsiadm  -m discovery -t sendtargets -p 192.168.122.101
192.168.122.101:3260,1 iqn.2014-04.com.example:iscsi-target:storage
  • Login to the lun. Once you login you can see the disk in "fdisk -l" command
    • [root@iscsi-initiator ~]# iscsiadm --mode node --targetname iqn.2014-04.com.example:iscsi-target:storage --portal 192.168.122.101:3260 --login
Logging in to [iface: default, target: iqn.2014-04.com.example:iscsi-target:storage, portal: 192.168.122.101,3260] (multiple)
Login to [iface: default, target: iqn.2014-04.com.example:iscsi-target:storage, portal: 192.168.122.101,3260] successful.

  • Seeing the newly discovered LUN details in "fdis-l -l" command
    • [root@iscsi-initiator ~]# fdisk -l

Disk /dev/vda: 8589 MB, 8589934592 bytes
16 heads, 63 sectors/track, 16644 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0004fd53

   Device Boot      Start         End      Blocks   Id  System
/dev/vda1   *           3        1017      512000   83  Linux
/dev/vda2            1018       16645     7875584   8e  Linux LVM

Disk /dev/sda: 4294 MB, 4294967296 bytes
133 heads, 62 sectors/track, 1017 cylinders
Units = cylinders of 8246 * 512 = 4221952 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

  • Now we can create a partition and use it as normal disk
    • [root@iscsi-initiator ~]# fdisk /dev/sda 
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0x305c97fa.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
         switch off the mode (command 'c') and change display units to
         sectors (command 'u').

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-1017, default 1): 
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-1017, default 1017): 
Using default value 1017

Command (m for help): p

Disk /dev/sda: 4294 MB, 4294967296 bytes
133 heads, 62 sectors/track, 1017 cylinders
Units = cylinders of 8246 * 512 = 4221952 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x305c97fa

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1        1017     4193060   83  Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
[root@iscsi-initiator ~]# partprobe /dev/sda
[root@iscsi-initiator ~]# pvcreate /dev/sda1 
  Writing physical volume data to disk "/dev/sda1"
  Physical volume "/dev/sda1" successfully created
[root@iscsi-initiator ~]# vgcreate vg_iscsi /dev/sda1 
  Volume group "vg_iscsi" successfully created
[root@iscsi-initiator ~]# lvcreate -l 100%FREE -n lv_lun1 vg_iscsi
  Logical volume "lv_lun1" created
[root@iscsi-initiator ~]# vgs
  VG                #PV #LV #SN Attr   VSize VFree
  vg_iscsi            1   1   0 wz--n- 4.00g    0 
  vg_iscsiinitiator   1   2   0 wz--n- 7.51g    0 
[root@iscsi-initiator ~]# lvs
  LV      VG                Attr     LSize Pool Origin Data%  Move Log Copy%  Convert
  lv_lun1 vg_iscsi          -wi-a--- 4.00g                                           
  lv_root vg_iscsiinitiator -wi-ao-- 5.54g                                           
  lv_swap vg_iscsiinitiator -wi-ao-- 1.97g  
[root@iscsi-initiator ~]# mkfs.ext3 /dev/vg_iscsi/lv_lun1

  • Adding fstab entry. _netdev option is important.If you donot provide that we will have issue when we reboot the system. Provide UUID instead of device file name
    • [root@iscsi-initiator ~]# blkid /dev/vg_iscsi/lv_lun1 
/dev/vg_iscsi/lv_lun1: UUID="f9b2d5e1-f10b-4aa2-9367-64cda002bbc7" TYPE="ext3"
[root@iscsi-initiator ~]# cat /etc/fstab | grep net
UUID=f9b2d5e1-f10b-4aa2-9367-64cda002bbc7 /iscsi   ext3 _netdev  0 0
[root@iscsi-initiator ~]# mkdir /iscsi
[root@iscsi-initiator ~]# mount /iscsi
[root@iscsi-initiator ~]# df -hT /iscsi
Filesystem    Type    Size  Used Avail Use% Mounted on
/dev/mapper/vg_iscsi-lv_lun1
              ext3    4.0G   73M  3.7G   2% /iscsi
  • You can use iscsiadm command to find which disk is iSCSI disk.
    • [root@iscsi-initiator ~]# iscsiadm -m session -P 3 | grep Atta
  Attached SCSI devices:
   Attached scsi disk sda  State: running
Now we completed the iSCSI Initiator configuration.

Removing iSCSI Disk

Now we will see how to Delete or remove the iSCSI disk from the Initiator.
  • Disable or logout from an iSCSI Target.
    • [root@iscsi-initiator ~]# iscsiadm -m node -T iqn.2014-04.com.example:iscsi-target:storage --portal 192.168.122.101:3260 --logout
Logging out of session [sid: 4, target: iqn.2014-04.com.example:iscsi-target:storage, portal: 192.168.122.101,3260]
Logout of [sid: 4, target: iqn.2014-04.com.example:iscsi-target:storage, portal: 192.168.122.101,3260] successful.Delete the target record
  • Delete the iSCSI target record
    • [root@iscsi-initiator ~]# iscsiadm -m node -o delete -T iqn.2014-04.com.example:iscsi-target:storage --portal 192.168.122.101:3260
  • Stop the iscsi and iscsid service.
    • [root@iscsi-initiator ~]# chkconfig iscsi off
[root@iscsi-initiator ~]# chkconfig iscsid off
[root@iscsi-initiator ~]# service iscsi stop
Stopping iscsi:                                            [  OK  ]
[root@iscsi-initiator ~]# service iscsid stop
Stopping iscsid:                                           [  OK  ]
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)