Blogging Fusion Blog Directory the #1 blog directory and oldest directory online.

TechTute

Home TechTute

TechTute

Rated: 2.52 / 5 | 1,080 listing views TechTute

Sri-Lanka

 

General Audience

  • March 08, 2015 12:53:42 AM
SHARE THIS PAGE ON:

A Little About Us

TechTute brings you invaluable article in the field of IT and networking, and mainly focus on server administration, amazon web services and Cisco networking.

Listing Details

Listing Statistics

Add ReviewMe Button

Review TechTute at Blogging Fusion Blog Directory

Add SEO Score Button

My Blogging Fusion Score

Google Adsense™ Share Program

Alexa Web Ranking: 1,669,456

Alexa Ranking - TechTute

Example Ad for TechTute

This what your TechTute Blog Ad will look like to visitors! Of course you will want to use keywords and ad targeting to get the most out of your ad campaign! So purchase an ad space today before there all gone!

https://www.bloggingfusion.com

.

notice: Total Ad Spaces Available: (2) ad spaces remaining of (2)

Advertise Here?

  • Blog specific ad placement
  • Customize the title link
  • Place a detailed description
  • It appears here within the content
  • Approved within 24 hours!
  • 100% Satisfaction
  • Or 3 months absolutely free;
  • No questions asked!

Subscribe to TechTute

AWS CloudWatch Apache HTTP monitoring

AWS CloudWatch provides custom metric monitoring. It is very useful when require to monitor performance of the custom application or server. Here we are going to guide how monitor Apache HTTP server performance using AWS CloudWatch custom metrics. All the installation and configuration performed on CentOS, most of the commands work on any LINUX / … Continue reading » The post AWS CloudWatch Apache HTTP monitoring appeared first on...

AWS CloudWatch provides custom metric monitoring. It is very useful when require to monitor performance of the custom application or server. Here we are going to guide how monitor Apache HTTP server performance using AWS CloudWatch custom metrics. All the installation and configuration performed on CentOS, most of the commands work on any LINUX / UNIX like system. If you need more details, you may can visit official documentation. I always try to attach official docs where it is possible.

1) Install aws cli

 

[root@localhost centos]#pip install awscli

You can find details guidelines from official documents

Once the installation is completed, you can verify installed version using following command.

[root@localhost centos]# aws --version
aws-cli/1.14.11 Python/2.7.5 Linux/3.10.0-693.el7.x86_64 botocore/1.8.15

2) Create IAM user with “Programmatic access” and assign following policy to the user.

 

please note down “access key ID and secret access key” which is needed on next step.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:DescribeLogStreams"
            ],
            "Resource": [
                "arn:aws:logs:*:*:*"
            ]
        }
    ]
}

3) Configure AWS client

 

execute following command as root user. you must enter Key ID and secret key. you should enter region name where your EC2 instance is running.
please refer this link to obtain your region name code
you can keep output format as none.

[root@localhost centos]# aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]:
Default output format [None]:

4) Create simple shell script to push data into AWS Cloudwatch

 

you may can replace localhost with your EC2 instance private IP. Here we are interested to push Busy Workers,Idle worker and Connection Total data to CloudWatch, but there are few other metrics are available on server status page . you can get full list of metrics by visiting http://<your server IP>/server-status?auto

 

#!/bin/bash
INSTANCE_ID=`wget -q -O - http://169.254.169.254/latest/meta-data/instance-id`

# In our next two Variable we are saving our Busy and Idle workers
BUSYWORKERS=`wget -q -O - http://localhost/server-status?auto | grep BusyWorkers | awk '{ print $2 }'`
IDLEWORKERS=`wget -q -O - http://localhost/server-status?auto | grep IdleWorkers | awk '{ print $2 }'`
CONNSTOTAL=`wget -q -O - http://localhost/server-status?auto | grep ConnsTotal | awk '{ print $2 }'`

# Push Busy Workers,Idle worker and Connection Total data to Cloud Watch

/bin/aws cloudwatch put-metric-data --metric-name "httpd-BusyWorkers" --unit Count --value ${BUSYWORKERS} --dimensions InstanceId=$INSTANCE_ID --namespace EC2:HTTP-Apache

/bin/aws cloudwatch put-metric-data --metric-name "httpd-IdleWorker" --unit Count --value $IDLEWORKERS --dimensions InstanceId=$INSTANCE_ID --namespace EC2:HTTP-Apache

/bin/aws cloudwatch put-metric-data --metric-name "httpd-ConnsTotal" --unit Count --value $CONNSTOTAL --dimensions InstanceId=$INSTANCE_ID --namespace EC2:HTTP-Apache

5) Set cron job to push data

setup cronjob to execute above shell script to run every 5 minutes

*/5 * * * * /opt/scripts/apachemonitor/apachestats.sh

6) How to view AWS CloudWatch custom metrics

i) Go to AWS CloudWatch

ii) Then select Metrics menu from left hand side bottom.

iii) Select “All metrics” tab , and you can see “EC2:HTTP-Apache” under Custom Namespaces

iv) Example output of the graph is as follows.(you should send data frequently to CloudWatch to generate useful graph)

 

AWS CloudWatch custom metrics raph

The post AWS CloudWatch Apache HTTP monitoring appeared first on TechTute.


Solved – AWS RDS MySQL ERROR 1227 (42000) at line : Access denied

When your are trying to import your data into RDS MySQL, it may prompt with following error message. “ERROR 1227 (42000) at line xxx: Access denied; you need (at least one of) the SUPER privilege(s) for this operation”   This can be fixed by removing the DEFINER from MySQL dump. You can use following simple … Continue reading » The post Solved – AWS RDS MySQL ERROR 1227 (42000) at line : Access denied appeared first on...

When your are trying to import your data into RDS MySQL, it may prompt with following error message. “ERROR 1227 (42000) at line xxx: Access denied; you need (at least one of) the SUPER privilege(s) for this operation

 

Error!

ERROR 1227 (42000) at line xxx: Access denied; you need (at least one of) the SUPER privilege(s) for this operation

This can be fixed by removing the DEFINER from MySQL dump. You can use following simple command to fix this issue.

 

perl -pe 's/\sDEFINER=`[^`]+`@`[^`]+`//' < your_db_dump.sql fixed-your_db_dump.sql

there are alternative solution which provided by AWS premium support knowledge base , But that does not work for me. You can try that out if I above mentioned work around does not work.

Let’s look at why there is limited permission on RDS MySQL .

As you might be aware, AWS RDS (Relational Database Service) is a managed service  and hence in order to guarantee the stability of RDS instance, the permissions of master user (root user in RDS) are not same as root user in native mysql.

RDS Master user has the following permission:
SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* WITH GRANT OPTION, REPLICATION SLAVE (Only For Amazon RDS MySQL versions 5.6 and 5.7, Amazon RDS MariaDB)

So if you need more permission other than above, you have to request / inform it to AWS support team. they will do the necessary arrangement.

If you have any questions please do comment below. :)

have nice time !!

The post Solved – AWS RDS MySQL ERROR 1227 (42000) at line : Access denied appeared first on TechTute.


Letsencrypt ssl for a non standard web ports

In this tutorial, I would like to demonstrate how to use Letsencrypt ssl for a non standard web ports other than 80, 443 to generate a  SSL certificate for an Apache. If you wish, you can follow same method to implement SSL on other web servers such as nginx  and Tomcat as well. If you … Continue reading » The post Letsencrypt ssl for a non standard web ports appeared first on...

In this tutorial, I would like to demonstrate how to use Letsencrypt ssl for a non standard web ports other than 80, 443 to generate a  SSL certificate for an Apache. If you wish, you can follow same method to implement SSL on other web servers such as nginx  and Tomcat as well. If you are new to Letsencrypt SSL, here is the brief introduction . Letsencrypt is a free, and non-profit CA (certificate authority) which owned by Internet Security  Research Group (ISRG).

please note this is done on Centos 7

01) Install cerbot

first enable the EPEL repository

how to enable EPEL repo on RHEL / Centos read this  and enable EPEL optional channel

then install cerbot using yum as follows

#yum install certbot

02) Install SSL certificate

execute following as root
#certbot certonly –manual  –preferred-challenges dns

This is the most important command, because we generate certificate manually even though cerbot provide Apache plugin. manually generated certificates are flexible so we can integrate it to any preferred web server later :) . preferred-challenges is set to dns, so domain verification is done using  TXT records

 

After that you will get similar wizard like following image. once you submit the domain. it will give DNS TXT record as challenge
. you must create it before continue. Then after it will generate ssl certificate for your domain.

certonly with dns

03) Configure SSL on Apache

you can use following Apache virtual-host config template

 

<VirtualHost *:65006>
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.com/chain.pem
        SSLProtocol all -SSLv2 -SSLv3
        SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:E
CDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
        SSLHonorCipherOrder on
                <Directory /opt/web/testsite>
        AllowOverride All
        </Directory>
        DocumentRoot /opt/web/testsite
        ServerName yourdomain.com
        DirectoryIndex index.html index.php
</VirtualHost>

 

Letsencypt SSL for non standard port

 

04) SSL renewal

you can renew SSL certificate automatically. Add new cron just like following which runs renewal process every week. It’s recommended to reload / restart apache server, so in next line we do restart apache process as well

 

### Cerbot SSL Renew
0 3 * * 1 /usr/bin/certbot renew --quiet > /tmp/cerbot.txt
10 3 * * 1 /usr/local/apache2/bin/apachectl -k restart

 

 

The post Letsencrypt ssl for a non standard web ports appeared first on TechTute.


How to Move MySQL Data Directory to New Location on CentOS

In default MySQL installation, Data Directory pointed to “/var/lib/mysql/” . As a best practice, it’s recommended to move Data directory to new location which contains more disk space than default root partition. This tutorial guides you how to Move MySQL data directory to new location on CentOS or RHEL. Even data directory contains data, you … Continue reading » The post How to Move MySQL Data Directory to New Location on CentOS appeared first on...

In default MySQL installation, Data Directory pointed to “/var/lib/mysql/” . As a best practice, it’s recommended to move Data directory to new location
which contains more disk space than default root partition. This tutorial guides you how to Move MySQL data directory to new location on CentOS or RHEL. Even data directory contains data, you can still move it to another location, but you have to be careful if you try this on production environment. Let’s go through it quickly :-)

1) Prepare new location

#mkdir /opt/newmysql_datadir

2) Find current Data Directory location

you can get it from /etc/my.cnf if it’s defined on. To verify it or it’s not mentioned on configuration file, most probably use default location.
let’s find that out

log into mysql server and run following command

select @@datadir;
+-----------------+
| @@datadir       |
+-----------------+
| /var/lib/mysql/ |
+-----------------+
1 row in set (0.00 sec)

As per above current location is “/var/lib/mysql/

3) Shut down MySQL server

#systemctl stop mysqld

4) Copy MySQL data directory to new location

#cd /opt/newmysql_datadir
#cp -rp /var/lib/mysql .

now new location is /opt/newmysql_datadir/mysql

5) Modify SELinux to allow MySQL to use the different (non default) path

This step is mandatory if your system enabled with SELinux, otherwise you can ignore this step

#semanage fcontext -a -s system_u -t mysqld_db_t "/opt/newmysql_datadir/mysql(/.*)?"
#restorecon -Rv /opt/newmysql_datadir/mysql

6) Update new settings to my.cnf

Find the line in the [mysqld] block that begins with datadir=. Change the path which follows to reflect the new location. In addition to that, socket was previously located in the data directory,  we’ll need to update it to the new location

It should like below after updating.

[mysqld]
. . .
datadir=/opt/newmysql_datadir/mysql
socket=/opt/newmysql_datadir/mysql/mysql.sock
. . .

Apart from that we’ll need to add configuration for the MySQL client.  Insert the following settings at [client]  block which is at the bottom of the file.

[client]
port=3306
socket=/opt/newmysql_datadir/mysql/mysql.sock

7) Start MySQL server

#systemctl start mysqld

If it won’t start  , you may need to troubleshoot by checking  MySQL  error log. You can make comments any issues if you have faced here, I’m always happy to assist you !!

The post How to Move MySQL Data Directory to New Location on CentOS appeared first on TechTute.


Configure NTP server (Chrony) on CentOS / RHEL7

Classic NTP is replaced by Chrony and  CentOS / RHEL7 is no longer use it, instead it’s default is Chrony.  The Chrony is a different implementation of the network time protocol (NTP) than the network time protocol daemon (ntpd)  that is able to synchronize the system clock faster and with better accuracy than ntpd. Here … Continue reading » The post Configure NTP server (Chrony) on CentOS / RHEL7 appeared first on...

Classic NTP is replaced by Chrony and  CentOS / RHEL7 is no longer use it, instead it’s default is Chrony.  The Chrony is a different implementation of the network time protocol (NTP) than the network time protocol daemon (ntpd)  that is able to synchronize the system clock faster and with better accuracy than ntpd. Here is little comparison between Chronyd and NTPd

 

Things chrony can do better than ntp:

  • chrony can perform usefully in an environment where access to the time reference is intermittent. ntp needs regular polling of the reference to work well.
  • chrony can usually synchronise the clock faster and with better time accuracy.
  • chrony quickly adapts to sudden changes in the rate of the clock (e.g. due to changes in the temperature of the crystal oscillator). ntp may need a long time to settle down again.
  • chrony can perform well even when the network is congested for longer periods of time.
  • chrony in the default configuration never steps the time to not upset other running programs. ntp can be configured to never step the time too, but in that case it has to use a different means of adjusting the clock (daemon loop instead of kernel discipline), which may have a negative effect on accuracy of the clock.
  • chrony can adjust the rate of the clock in a larger range, which allows it to operate even on machines with broken or unstable clock (e.g. in some virtual machines).
  • chrony is smaller, it uses less memory and it wakes up the CPU only when necessary, which is better for power saving.

 

Things chrony can do that ntp can’t:

  • chrony provides support for isolated networks whether the only method of time correction is manual entry (e.g. by the administrator looking at a clock). chrony can look at the errors corrected at different updates to work out the rate at which the computer gains or loses time, and use this estimate to trim the computer clock subsequently.
  • chrony provides support to work out the gain or loss rate of the real-time clock, i.e. the clock that maintains the time when the computer is turned off. It can use this data when the system boots to set the system time from a corrected version of the real-time clock. These real-time clock facilities are only available on Linux, so far.

 

Things ntp can do that chrony can’t:

  • ntp supports all operating modes from RFC 5905, including broadcast, multicast, and manycast server/client. However, the broadcast and multicast modes are inherently less accurate and less secure (even with authentication) than the ordinary server/client mode and should generally be avoided.
  • ntp supports the Autokey protocol (RFC 5906) to authenticate servers with public-key cryptography. Note that the protocol has been shown to be insecure and it will be probably replaced with an implementation of the Network Time Security (NTS) specification.
  • ntp has been ported to more operating systems.
  • ntp includes a large number of reference clock drivers. chrony relies on other programs (e.g. gpsd) to access the timing data via the SHM or SOCK driver.

 

So let’s look at how to Configure NTP server (Chrony) on CentOS / RHEL7

1) Install Chrony

[root@localhost ~]# yum -y install chrony

 

2) Change servers for synchronization

this step is optional, you can skip if do not want to customize NTP servers

[root@localhost ~]#vim /etc/chrony.conf

 

then commented out default servers and add your own NTP servers .

#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst

 

3) Disable NTP server and start chronyd

[root@localhost ~]#systemctl mask ntpd
[root@localhost ~]#systemctl start chronyd
[root@localhost ~]#systemctl enable chronyd

 

4) Verify NTP sources

[root@localhost ~]# chronyc sources -v

chronyc sources -V

chronyc sources -V

5) Verify NTP time synchronization

[root@localhost ~]# timedatectl
Local time: Fri 2016-12-23 08:18:49 IST
Universal time: Fri 2016-12-23 02:48:49 UTC
RTC time: Fri 2016-12-23 02:48:48
Time zone: Asia/Colombo (IST, +0530)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
[root@localhost ~]#

 

Have a Nice day 😀

The post Configure NTP server (Chrony) on CentOS / RHEL7 appeared first on TechTute.


Redirect non-www requests to www using AWS Route 53

Many web masters prefer to redirect non-www request to www. There are lots of different approaches for that and most famous one is using 301 redirection on the web server to handle this redirect part. Then what happen is, server must need to put extra processing for this redirection request.  If the server have to … Continue reading » The post Redirect non-www requests to www using AWS Route 53 appeared first on...

Many web masters prefer to redirect non-www request to www. There are lots of different approaches for that and most famous one is using 301 redirection on the web server to handle this redirect part. Then what happen is, server must need to put extra processing for this redirection request.  If the server have to handle thousands of request, it would not be efficient method at all. If your domain NS (name servers) is hosted with AWS Route53, you can use their own proprietary alias “record” to solve this problem. The traditional DNS, you cannot do it at all and you have to used 301 redirect instead as I mentioned earlier. Other advantage of the redirection is SEO improvement as some search engine recognize www and non-www as two different web sites and this cause to penalize the domain considering website has duplicate content.
Here I’m going to demonstrate how to redirect non-www requests to www using AWS Route 53. So let’s look at.

1) create S3 bucket for naked domain

ex:- domain.com

2) Configure non-www request to www on AWS S3

i) Highlight previously created bucket

ii) From “Properties” expand “Static Website Hosting”

iii) Select “Redirect all request to another host name”

non-www to www redirect using AWS s3

3) Configure AWS Route53

i) select your domain from “hosted zones”

ii) point www to your server ip or ELB (Elastic Load Balancer) by creating new records

you may click on “Create Record Set” button

iii) select your naked domain record from the list

list may contains other records such MX, TXT as well, but you must select just your domain.
ex:- example.com.

when you select it, you can set following parameters from right hand side panel.

select Type as “A – IPV4 address” from drop down
select Alia as “YES
select Alias Target as previously created S3 bucket from drop down.

AWS Route53 Alias records

 

that’s how to do that. Comment here If you are having any question at all !    :-)

The post Redirect non-www requests to www using AWS Route 53 appeared first on TechTute.


Link to Category: Computer Science Blogs

Or if you prefer use one of our linkware images? Click here

Social Bookmarks


Available Upgrade

If you are the owner of TechTute, or someone who enjoys this blog why not upgrade it to a Featured Listing or Permanent Listing?


SEO friendly and human edited to ensure highest quality