Simple KeepAlived Configuration ( Failover / High Availablity )

The basic setup of failover or high availability requires two servers.

Consider the below setup for example

Master1 - 192.168.0.101
Slave1 - 192.168.0.103

Floating or Live ip address 192.168.0.105

Install keepalived on both the servers

# apt-get install keepalived
or
# yum install keepalived

Edit keepalived.conf on both the servers

# vim /etc/keepalived/keepalived.conf

######################################

Add below text on Master1 server

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 10
priority 200
virtual_ipaddress {
192.168.0.105
}
}

######################################

Add below text on Slave1 server

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 10
priority 100
virtual_ipaddress {
192.168.0.105
}
}

######################################

Start keepalived daemon on both the servers

# /etc/init.d/keepalived start
or
# service keepalived start

######################################

Check /var/log/syslog or /var/log/messages on both the servers you may find below lines

On Master Server

Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE








On Slave Server

Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE

######################################

Time to test

Shutdown the Master server and check /var/log/syslog on Slave server you will see below lines which states that the virtual or floating IP has been assigned to Slave server.

Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE

Check the ip using ifconfig or ip addr command

# ifconfig
or
# ip addr

######################################

Now start the master server and check that the IP 192.168.0.105 has been assigned back to Master Server.

Check logs on both master and server, you may find below logs

On Master

Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE

On Slave

Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE

######################################

We have successfully implemented Keepalived with Failover setup

Fail2ban to avoid DOS attack on webserver

Install Fail2ban

Edit /etc/fail2ban/jail.conf

[http-get-dos]
enabled = true
port = http
filter = http-get-dos
logpath = /var/log/apache2/access.log
maxretry = 10
findtime = 5
action = iptables[name=HTTP, port=http, protocol=tcp]
bantime = 10


Edit /etc/fail2ban/filter.d/http-get-dos.conf

 [Definition]
failregex = ^<HOST>.*"GET

Restart Fail2ban

/etc/init.d/fail2ban restart

Check iptables you will see new chain

iptables -nvL

OUTPUT:-

Chain fail2ban-HTTP (1 references)
 pkts bytes target     prot opt in     out     source               destination        
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

How To Add Rows with same values in LINUX

How To Add Rows with same values in LINUX

Consider a output of your command is as below

a 10
b 20
c 23
a 85
c 73
b 111
d 69
d 88
b 94
c 33
a 61

I want to add all a,b,c and d value

# cat list | awk '{ a[$1]+= $2 }END { for (i in a) print i,a[i]}'

OUTPUT

a 156
b 225
c 129
d 157

Start Mysql Without Password

Stop Mysql.

Start Mysql with below command 

mysqld_safe --skip-grant-tables &

Loggin into mysql terminal

mysql --user=root mysql

Press enter if asked for password

Update the password

update user set Password=PASSWORD('new_Password') WHERE User='root';

Exit from mysql terminal 

Kill the process started by you

Start mysql through init script and login through your new password.

/etc/init.d/mysql start

 
mysql --user=root mysql -p

Find and execute a command on the files found

find -mtime +365 -exec mv '{}' /path/to/copy/files/ \;


Find files whose modified time 365*24 hours and "+" would give me files 365 days ago.
"-exec" will help me execute a query, where "{}" is all the files or parameters given by find command. The "{}" are quoted in single quote '.
";" sign simplifies end of command.

SMTP authentication through telnet

[paresh@pareshlinux ~]$ perl -MMIME::Base64 -e 'print encode_base64("Username")'
cWxjX3NhbWVlcg==
[paresh@pareshlinux ~]$ perl -MMIME::Base64 -e 'print encode_base64("Password")'
c2FtZWVy
[paresh@pareshlinux ~]$ telnet 10.10.10.13 25
Trying 121.241.242.215...
Connected to mail1.mailserve.net (10.10.10.13).
Escape character is '^]'.
220 host.mailserve.com ESMTP Postfix
ehlo 121.241.242.215
250-host.mailserve.com
250-PIPELINING
250-SIZE 15728640
250-VRFY
250-ETRN
250-AUTH LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
cWxjX3NhbWVlcg==
334 UGFzc3dvcmQ6
c2FtZWVy
235 2.7.0 Authentication successful

How to view files modified yesterday

find /path/to/directory/ -daystart -ctime 1

The find command helps you to find files that were changed or modified yesterday

-daystart :- will tell to begin the search from yesterday 00:00 and not - 24:-00 hours. If u don't mention it, this will show you files updated 24 hours ago from the current time.

-ctime :- will tell to look for files modified 1 day ago, to check for files n days ago specify -ctime "n", where n is the no. of day