Open Sourece Technologies: 2008

Wednesday, July 23, 2008

What Is ZFS ?

Description:

The Solaris ZFS file system is a revolutionary new file system that fundamentally changes the way file systems are administered, with features and benefits not found in any other file system available today. ZFS has been designed to be robust, scalable, and simple to administer.

ZFS Pooled Storage

ZFS uses the concept of storage pools to manage physical storage. Historically, file systems were constructed on top of a single physical device. To address multiple devices and provide for data redundancy, the concept of a volume manager was introduced to provide the image of a single device so that file systems would not have to be modified to take advantage of multiple devices. This design added another layer of complexity and ultimately prevented certain file system advances, because the file system had no control over the physical placement of data on the virtualized volumes.

ZFS eliminates the volume management altogether. Instead of forcing you to create virtualized volumes, ZFS aggregates devices into a storage pool. The storage pool describes the physical characteristics of the storage (device layout, data redundancy, and so on,) and acts as an arbitrary data store from which file systems can be created. File systems are no longer constrained to individual devices, allowing them to share space with all file systems in the pool. You no longer need to predetermine the size of a file system, as file systems grow automatically within the space allocated to the storage pool. When new storage is added, all file systems within the pool can immediately use the additional space without additional work. In many ways, the storage pool acts as a virtual memory system. When a memory DIMM is added to a system, the operating system doesn't force you to invoke some commands to configure the memory and assign it to individual processes. All processes on the system automatically use the additional memory.

Transactional Semantics

ZFS is a transactional file system, which means that the file system state is always consistent on disk. Traditional file systems overwrite data in place, which means that if the machine loses power, for example, between the time a data block is allocated and when it is linked into a directory, the file system will be left in an inconsistent state. Historically, this problem was solved through the use of the fsck command. This command was responsible for going through and verifying file system state, making an attempt to repair any inconsistencies in the process. This problem caused great pain to administrators and was never guaranteed to fix all possible problems. More recently, file systems have introduced the concept of journaling. The journaling process records action in a separate journal, which can then be replayed safely if a system crash occurs. This process introduces unnecessary overhead, because the data needs to be written twice, and often results in a new set of problems, such as when the journal can't be replayed properly.

With a transactional file system, data is managed using copy on write semantics. Data is never overwritten, and any sequence of operations is either entirely committed or entirely ignored. This mechanism means that the file system can never be corrupted through accidental loss of power or a system crash. So, no need for a fsck equivalent exists. While the most recently written pieces of data might be lost, the file system itself will always be consistent. In addition, synchronous data (written using the O_DSYNC flag) is always guaranteed to be written before returning, so it is never lost.

Checksums and Self-Healing Data

With ZFS, all data and metadata is checksummed using a user-selectable algorithm. Traditional file systems that do provide checksumming have performed it on a per-block basis, out of necessity due to the volume management layer and traditional file system design. The traditional design means that certain failure modes, such as writing a complete block to an incorrect location, can result in properly checksummed data that is actually incorrect. ZFS checksums are stored in a way such that these failure modes are detected and can be recovered from gracefully. All checksumming and data recovery is done at the file system layer, and is transparent to applications.

In addition, ZFS provides for self-healing data. ZFS supports storage pools with varying levels of data redundancy, including mirroring and a variation on RAID-5. When a bad data block is detected, ZFS fetches the correct data from another replicated copy, and repairs the bad data, replacing it with the good copy.

Unparalleled Scalability

ZFS has been designed from the ground up to be the most scalable file system, ever. The file system itself is 128-bit, allowing for 256 quadrillion zettabytes of storage. All metadata is allocated dynamically, so no need exists to pre-allocate inodes or otherwise limit the scalability of the file system when it is first created. All the algorithms have been written with scalability in mind. Directories can have up to 2⁴⁸ (256 trillion) entries, and no limit exists on the number of file systems or number of files that can be contained within a file system.

ZFS Snapshots

A snapshot is a read-only copy of a file system or volume. Snapshots can be created quickly and easily. Initially, snapshots consume no additional space within the pool.

As data within the active dataset changes, the snapshot consumes space by continuing to reference the old data. As a result, the snapshot prevents the data from being freed back to the pool.

Simplified Administration

Most importantly, ZFS provides a greatly simplified administration model. Through the use of hierarchical file system layout, property inheritance, and automanagement of mount points and NFS share semantics, ZFS makes it easy to create and manage file systems without needing multiple commands or editing configuration files. You can easily set quotas or reservations, turn compression on or off, or manage mount points for numerous file systems with a single command. Devices can be examined or repaired without having to understand a separate set of volume manager commands. You can take an unlimited number of instantaneous snapshots of file systems. You can backup and restore individual file systems.

ZFS manages file systems through a hierarchy that allows for this simplified management of properties such as quotas, reservations, compression, and mount points. In this model, file systems become the central point of control. File systems themselves are very cheap (equivalent to a new directory), so you are encouraged to create a file system for each user, project, workspace, and so on. This design allows you to define fine-grained management points.

ZFS Terminology

This section describes the basic terminology used throughout this book:

checksum

A 256-bit hash of the data in a file system block. The checksum capability can range from the simple and fast fletcher2 (the default) to cryptographically strong hashes such as SHA256.

clone

A file system whose initial contents are identical to the contents of a snapshot.

For information about clones, see ZFS Clones.

dataset

A generic name for the following ZFS entities: clones, file systems, snapshots, or volumes.

Each dataset is identified by a unique name in the ZFS namespace. Datasets are identified using the following format:

pool/path[@snapshot]

pool: Identifies the name of the storage pool that contains the dataset
path: Is a slash-delimited path name for the dataset object
snapshot: Is an optional component that identifies a snapshot of a dataset

For more information about datasets, see Chapter 5, Managing ZFS File Systems.

file system

A dataset that contains a standard POSIX file system.

For more information about file systems, see Chapter 5, Managing ZFS File Systems.

mirror

A virtual device that stores identical copies of data on two or more disks. If any disk in a mirror fails, any other disk in that mirror can provide the same data.

pool

A logical group of devices describing the layout and physical characteristics of the available storage. Space for datasets is allocated from a pool.

For more information about storage pools, see Chapter 4, Managing ZFS Storage Pools.

RAID-Z

A virtual device that stores data and parity on multiple disks, similar to RAID-5. For more information about RAID-Z, see RAID-Z Storage Pool Configuration.

resilvering

The process of transferring data from one device to another device is known as resilvering. For example, if a mirror component is replaced or taken offline, the data from the up-to-date mirror component is copied to the newly restored mirror component. This process is referred to as mirror resynchronization in traditional volume management products.

For more information about ZFS resilvering, see Viewing Resilvering Status.

snapshot

A read-only image of a file system or volume at a given point in time.

For more information about snapshots, see ZFS Snapshots.

virtual device

A logical device in a pool, which can be a physical device, a file, or a collection of devices.

For more information about virtual devices, see Virtual Devices in a Storage Pool.

volume

A dataset used to emulate a physical device in order to support legacy file systems.

ZFS Component Naming Requirements

Each ZFS component must be named according to the following rules:

Empty components are not allowed.
Each component can only contain alphanumeric characters in addition to the following four special characters:
- Underscore (_)
- Hyphen (-)
- Colon (:)
- Period (.)
Pool names must begin with a letter, except that the beginning sequence c[0-9] is not allowed. In addition, pool names that begin with mirror, raidz, or spare are not allowed as these name are reserved.
Dataset names must begin with an alphanumeric character.
ZFS Hardware and Software Requirements and Recommendations

Make sure you review the following hardware and software requirements and recommendations before attempting to use the ZFS software:
- A SPARC™ or x86 system that is running the Solaris™ Nevada release, build 27 or later.
- The minimum disk size is 128 Mbytes. The minimum amount of disk space required for a storage pool is approximately 64 Mbytes.
- Currently, the minimum amount of memory recommended to install a Solaris system is 512 Mbytes. However, for good ZFS performance, at least one Gbyte or more of memory is recommended.
- If you create a mirrored disk configuration, multiple controllers are recommended.

Creating a Basic ZFS File System

ZFS administration has been designed with simplicity in mind. Among the goals of the ZFS design is to reduce the number of commands needed to create a usable file system. When you create a new pool, a new ZFS file system is created and mounted automatically.

The following example illustrates how to create a storage pool named tank and a ZFS file system name tank in one command. Assume that the whole disk /dev/dsk/c1t0d0 is available for use.

# zpool create tank c1t0d0

The new ZFS file system, tank, can use as much of the disk space on c1t0d0 as needed, and is automatically mounted at /tank.

# mkfile 100m /tank/foo
# df -h /tank
Filesystem             size   used  avail capacity  Mounted on
tank                   80G   100M    80G     1%    /tank

Within a pool, you will probably want to create additional file systems. File systems provide points of administration that allow you to manage different sets of data within the same pool.

The following example illustrates how to create a file system named fs in the storage pool tank. Assume that the whole disk /dev/dsk/c1t0d0 is available for use.

# zpool create tank c1t0d0
# zfs create tank/fs

The new ZFS file system, tank/fs, can use as much of the disk space on c1t0d0 as needed, and is automatically mounted at /tank/fs.

# mkfile 100m /tank/fs/foo
# df -h /tank/fs
Filesystem             size   used  avail capacity  Mounted on
tank/fs                 80G   100M    80G     1%    /tank/fs

In most cases, you will probably want to create and organize a hierarchy of file systems that matches your organizational needs. For more information about creating a hierarchy of ZFS file systems, see Creating a ZFS File System Hierarchy.

Creating a ZFS Storage Pool

The previous example illustrates the simplicity of ZFS. The remainder of this chapter demonstrates a more complete example similar to what you would encounter in your environment. The first tasks are to identify your storage requirements and create a storage pool. The pool describes the physical characteristics of the storage and must be created before any file systems are created.

Identifying Storage Requirements

Determine available devices.

Before creating a storage pool, you must determine which devices will store your data. These devices must be disks of at least 128 Mbytes in size, and they must not be in use by other parts of the operating system. The devices can be individual slices on a preformatted disk, or they can be entire disks that ZFS formats as a single large slice.

For the storage example used in Creating the ZFS Storage Pool, assume that the whole disks /dev/dsk/c1t0d0 and /dev/dsk/c1t0d0 are available for use.

For more information about disks and how they are used and labeled, see Using Disks in a ZFS Storage Pool.
Choose data replication.

ZFS supports multiple types of data replication, which determines what types of hardware failures the pool can withstand. ZFS supports nonredundant (striped) configurations, as well as mirroring and RAID-Z (a variation on RAID-5).

For the storage example used in Creating the ZFS Storage Pool, basic mirroring of two available disks is used.

For more information about ZFS replication features, see Replication Features of a ZFS Storage Pool.

Creating the ZFS Storage Pool

Become root or assume an equivalent role with the appropriate ZFS rights profile.

For more information about the ZFS rights profiles, see ZFS Rights Profiles.
Pick a pool name.

The pool name is used to identify the storage pool when you are using the zpool or zfs commands. Most systems require only a single pool, so you can pick any name that you prefer, provided it satisfies the naming requirements outlined in ZFS Component Naming Requirements.
Create the pool.

For example, create a mirrored pool that is named tank.
```
# zpool create tank mirror c1t0d0 c1t1d0 
```
If one or more devices contains another file system or is otherwise in use, the command cannot create the pool.

For more information about creating storage pools, see Creating a ZFS Storage Pool.

For more information about how device usage is determined, see Detecting in Use Devices.
View the results.

You can determine if your pool was successfully created by using the zpool list command.
```
# zpool list
NAME                    SIZE    USED   AVAIL    CAP  HEALTH     ALTROOT
tank                     80G    137K     80G     0%  ONLINE     -
```
For more information about viewing pool status, see Querying ZFS Storage Pool Status.

Creating a ZFS File System Hierarchy

After creating a storage pool to store your data, you can create your file system hierarchy. Hierarchies are simple yet powerful mechanisms for organizing information. They are also very familiar to anyone who has used a file system.

ZFS allows file systems to be organized into arbitrary hierarchies, where each file system has only a single parent. The root of the hierarchy is always the pool name. ZFS leverages this hierarchy by supporting property inheritance so that common properties can be set quickly and easily on entire trees of file systems.

Determining the ZFS File System Hierarchy

Pick the file system granularity.

ZFS file systems are the central point of administration. They are lightweight and can be created easily. A good model to use is a file system per user or project, as this model allows properties, snapshots, and backups to be controlled on a per-user or per-project basis.

Two ZFS file systems, bonwick and billm, are created in Creating ZFS File Systems.

For more information on managing file systems, see Chapter 5, Managing ZFS File Systems.
Group similar file systems.

ZFS allows file systems to be organized into hierarchies so that similar file systems can be grouped. This model provides a central point of administration for controlling properties and administering file systems. Similar file systems should be created under a common name.

For the example in Creating ZFS File Systems, the two file systems are placed under a file system named home.
Choose the file system properties.

Most file system characteristics are controlled by using simple properties. These properties control a variety of behavior, including where the file systems are mounted, how they are shared, if they use compression, and if any quotas are in effect.

For the example in Creating ZFS File Systems, all home directories are mounted at /export/zfs/ user, are shared by using NFS, and with compression enabled. In addition, a quota of 10 Gbytes on bonwick is enforced.

For more information about properties, see ZFS Properties.

Creating ZFS File Systems

Become root or assume an equivalent role with the appropriate ZFS rights profile.

For more information about the ZFS rights profiles, see ZFS Rights Profiles.
Create the desired hierarchy.

In this example, a file system that acts as a container for individual file systems is created.
```
# zfs create tank/home 
```
Next, individual file systems are grouped under the home file system in the pool tank.

Set the inherited properties.

After the file system hierarchy is established, set up any properties that should be shared among all users:

# zfs set mountpoint=/export/zfs tank/home
# zfs set sharenfs=on tank/home
# zfs set compression=on tank/home
# zfs get compression tank/home
NAME             PROPERTY       VALUE                      SOURCE
tank/home        compression    on                         local

For more information about properties and property inheritance, see ZFS Properties.

Create the individual file systems.

Note that the file systems could have been created and then the properties could have been changed at the home level. All properties can be changed dynamically while file systems are in use.
```
# zfs create tank/home/bonwick
# zfs create tank/home/billm 
```
These file systems inherit their property settings from their parent, so they are automatically mounted at /export/zfs/ user and are NFS shared. You do not need to edit the /etc/vfstab or /etc/dfs/dfstab file.

For more information about creating file systems, see Creating a ZFS File System.

For more information about mounting and sharing file systems, see Mounting and Sharing ZFS File Systems.
Set the file system-specific properties.

In this example, user bonwick is assigned a quota of 10 Gbytes. This property places a limit on the amount of space he can consume, regardless of how much space is available in the pool.
```
# zfs set quota=10G tank/home/bonwick 
```
View the results.

View available file system information by using the zfs list command:
```
# zfs list
NAME                   USED  AVAIL  REFER  MOUNTPOINT
tank                  92.0K  67.0G   9.5K  /tank
tank/home             24.0K  67.0G     8K  /export/zfs
tank/home/billm          8K  67.0G     8K  /export/zfs/billm
tank/home/bonwick        8K  10.0G     8K  /export/zfs/bonwick
```
Note that the user bonwick only has 10 Gbytes of space available, while the user billm can use the full pool (67 Gbytes).

For more information about viewing file system status, see Querying ZFS File System Information.

For more information about how space is used and calculated, see ZFS Space Accounting.

Tuesday, July 22, 2008

SOLARIS DISK SUITE

DiskSuite:
SolsticeTM DiskSuiteTM 4.2.1 is a software product that manages data and disk drives.
Solstice DiskSuite 4.2.1 runs on all SPARCTM systems running SolarisTM 8, and on all x86 systems running Solaris 8.
DiskSuite's diskset feature is supported only on the SPARC platform edition of Solaris. This feature is not supported on x86 systems.

Tableof Contents
1.Advantages of Disksuite
2. Disksuite terms
3. Disksuite Packages
4. Installing DiskSuite 4.2.1 in Solaris 8
5. Creating State Database
6. Creating MetaDevices
6.1. Concatenated Metadevice
6.2. Striped Metadevice
6.3 Mirrored Metadevice
6.3.1 Simple mirror
6.3.2 Mirroring a unmountable Partition
6.3.3 root mirroring & /usr mirroring
6.3.4 Making alternate root disk bootable
6.3.5 Setting alternate boot path for root mirror
6.4 RAID 5
6.5 TransMeta Device
6.5.1 TransMeta device for unmountable partition
6.5.2 TransMeta device for non unmountable partition.
6.5.3 TransMeta device using Mirror
6.6 Hotspare Pool
6.6.1 Adding a Hotspare to Mirror
6.6.2 Adding a Hotspare to RAID5
6.6.3 Adding a disk to Hotspare Pool.
6.7 disksets
6.7.1 Creating two diskset
6.7.2 Adding disk to diskset
6.7.3 Creating Mirror in Diskset
7. TroubleShooting
7.1 Recovering from Stale State Database Replicas
7.2 Metadevice Errors

8.0 Next Steps

1. Advantages of Disksuite

Solstice disk suite provides three major functionalities :

1. Over come the disk size limitation by providing for joining of multiple disk slices to form a bigger volume.

2. Fault Tolerance by allowing mirroring of data from one disk to another and keeping parity information in RAID5.

3. Performance enhancement by allowing spreading the data space over multiple disks .

2. Disksuite terms

Metadevice :A virtual device composed of several physical devices - slices/disks . All the operations are carried out using metadevice name and transparently implemented on the individual device.
RAID : A group of disks used for creating a virtual volume is called array and depending on disk/slice arrangement these are called various types of RAID (Redundant Array of Independent Disk ).

RAID 0 Concatenation/Striping
RAID 1 Mirroring
RAID 5 Striped array with rotating parity.

Concatenation :Concatenation is joining of two or more disk slices to add up the disk space . Concatenation is serial in nature i.e. sequential data operation are performed serially on first disk then second disk and so on . Due to serial nature new slices can be added up without having to take the backup of entire concatenated volume ,adding slice and restoring backup .

Striping :Spreading of data over multiple disk drives mainly to enhance the performance by distributing data in alternating chunks - 16 k interleave across the stripes . Sequential data operations are performed in parallel on all the stripes by reading/writing 16k data blocks alternatively form the disk stripes.

Mirroring : Mirroring provides data redundancy by simultaneously writing data on to two sub mirrors of a mirrored device . A submirror can be a stripe or concatenated volume and a mirror can have three mirrors . Main concern here is that a mirror needs as much as the volume to be mirrored.

RAID 5 : RAID 5 provides data redundancy and advantage of striping and uses less space than mirroring . A RAID 5 is made up of at least three disk which are striped with parity information written alternately on all the disks . In case of a single disk failure the data can be rebuild using the parity information from the remaining disks .

3. Disksuite Packages :

Solstice disk suite is a part of server edition of the Solaris OS and is not included with desktop edition . The software is in pkgadd format & can be found in following locations in CD :

Solaris 2.6 - “Solaris Server Intranet Extensions 1.0” CD.
Solaris 7 - “Solaris Easy Access Server 3.0”
Solaris 8 - “Solaris 8 Software 2 of 2”

Solaris 2.6 & 2.7 Solstice Disk suite version is 4.2 . Following packages are part of it but only the "SUNWmd" is the minimum required package and a patch.

SUNWmd - Solstice DiskSuite
SUNWmdg - Solstice DiskSuite Tool
SUNWmdn - Solstice DiskSuite Log Daemon
Patch No. 106627-04 (obtain latest revision)

Solaris 8 DiskSuite version is 4.2.1 .Following are the minimum required packages ..

SUNWmdr Solstice DiskSuite Drivers (root)
SUNWmdu Solstice DiskSuite Commands
SUNWmdx Solstice DiskSuite Drivers (64-bit)

4. Installing DiskSuite 4.2.1 in Solaris 8

# cd /cdrom/sol_8_401_sparc_2/Solaris_8/EA/products/DiskSuite_4.2.1/sparc/Packages

# pkgadd -d .

The following packages are available:
1 SUNWmdg Solstice DiskSuite Tool
(sparc) 4.2.1,REV=1999.11.04.18.29
2 SUNWmdja Solstice DiskSuite Japanese localization
(sparc) 4.2.1,REV=1999.12.09.15.37
3 SUNWmdnr Solstice DiskSuite Log Daemon Configuration Files
(sparc) 4.2.1,REV=1999.11.04.18.29
4 SUNWmdnu Solstice DiskSuite Log Daemon
(sparc) 4.2.1,REV=1999.11.04.18.29
5 SUNWmdr Solstice DiskSuite Drivers
(sparc) 4.2.1,REV=1999.12.03.10.00
6 SUNWmdu Solstice DiskSuite Commands
(sparc) 4.2.1,REV=1999.11.04.18.29
7 SUNWmdx Solstice DiskSuite Drivers(64-bit)
(sparc) 4.2.1,REV=1999.11.04.18.29
Select 1,3,4,5,6,7 packages .

Enter ‘yes’ for the questions asked during installation and reboot the system after installation .

Put /usr/opt/SUNWmd/bin in root PATH as the DISKSUITE commands are located in this directory

5. Creating State Database :

State meta database , metadb , keeps information of the metadevices and is needed for Disksuite operation . Disksuite can not function without metadb so a copy of replica databases is placed on different disks to ensure that a copy is available in case of a complete disk failure .

Metadb needs a dedicated disk slice so create partitions of about 5 Meg. on the disks for metadb. If there is no space available for metadb then it can be taken from swap . Having metadb on two disks can create problems as DISKSUITE looks for database replica number > 50% of total replicas and if one of the two disks crashes the replica falls at 50% . On next reboot system will go to single user mode and one has to recreate additional replicas to correct the metadb errors.

The following command creates three replicas of metadb on three disk slices.

#metadb -a -f -c 3 /dev/dsk/c0t1d0s6 /dev/dsk/c0t2d0s6 /dev/dsk/c0t3d0s6

6. Creating MetaDevices :

Metadevices can be created in two ways

1. Directly from the command line
2. Editing the /etc/opt/SUNWmd/ file as per example given in the md.tab and
initializing devices on command line using metainit .

6.1 ) Creating a concatenated Metadevice :

#metainit d0 3 1 /dev/dsk/c0t0d0s4 1 /dev/dsk/c0t0d0s4 1 /dev/dsk/c0t0d0s4

d0 - metadevice name
3 - Total Number of Slices
1 - Number of Slices to be added followed by slice name.

6.2 ) Creating a stripe of 32k interleave

# metainit d10 1 2 c0t1d0s2 c0t2d0s2 -i 32k

d0 - metadevice name
1 - Total Number of Stripe
2- Number of Slices to be added to stripe followed by slice name .
-i chunks of data written alternatively on stripes.

6.3 ) Creating a Mirror :

A mirror is a metadevice composed of one or more submirrors. A submirror is made of one or more striped or concatenated metadevices. Mirroring data provides you with maximum data availability by maintaining multiple copies of your data. The system must contain at least three state database replicas before you can create mirrors. Any file system including root (/), swap, and /usr, or any application such as a database, can use a mirror.

6.3.1 ) Creating a simple mirror from new partitions

1.Create two stripes for two submirors as d21 & d22

# metainit d21 1 1 c0t0d0s2
d21: Concat/Stripe is setup
# metainit t d22 1 1 c1t0d0s2
d22: Concat/Stripe is setup

2. Create a mirror device (d20) using one of the submirror (d21)

# metainit d20 -m d21
d20: Mirror is setup

3. Attach the second submirror (D21) to the main mirror device (D20)

# metattach d20 d22
d50: Submirror d52 is attached.

4. Make file system on new metadevice

#newfs /dev/md/rdsk/d20
edit /etc/vfstab to mount the /dev/dsk/d20 on a mount point.

6.3.2.) Mirroring a Partitions with data which can be unmounted

# metainit f d1 1 1 c1t0d0s0
d1: Concat/Stripe is setup
# metainit d2 1 1 c2t0d0s0
d2: Concat/Stripe is setup
# metainit d0 -m d1
d0: Mirror is setup
# umount /local
(Edit the /etc/vfstab file so that the file system references the mirror)
#mount /local
#metattach d0 d2
d0: Submirror d2 is attached

6.3.3 ) Mirroring a Partitions with data which can not be unmounted - root and /usr

· /usr mirroring

# metainit -f d12 1 1 c0t3d0s6
d12: Concat/Stripe is setup
# metainit d22 1 1 c1t0d0s6
d22: Concat/Stripe is setup
# metainit d2 -m d12
d2: Mirror is setup
(Edit the /etc/vfstab file so that /usr references the mirror)
# reboot
...
...
# metattach d2 d22
d2: Submirror d22 is attached

· root mirroring

# metainit -f d11 1 1 c0t3d0s0
d11: Concat/Stripe is setup
# metainit d12 1 1 c1t3d0s0
d12: Concat/Stripe is setup
# metainit d10 -m d11
d10: Mirror is setup
# metaroot d10
# lockfs -fa
# reboot
…
…
# metattach d10 d12
d10: Submirror d12 is attached

6.3.4 ) Making Mirrored disk bootable

a.) # installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t1d0s0

6.3.5 ) Creating alterbate name for Mirrored boot disk

a.) Find physical path name for the second boot disk

# ls -l /dev/rdsk/c1t3d0s0

lrwxrwxrwx 1 root root 55 Sep 12 11:19 /dev/rdsk/c1t3d0s0 ->../../devices/sbus@1,f8000000/esp@1,200000/sd@3,0:a

b.) Create an alias for booting from disk2

ok> nvalias bootdisk2 /sbus@1,f8000000/esp@1,200000/sd@3,0:a

ok> boot bootdisk2

6.4 ) Creating a RAID 5 volume :

The system must contain at least three state database replicas before you can create RAID5 metadevices.

A RAID5 metadevice can only handle a single slice failure.A RAID5 metadevice can be grown by concatenating additional slices to the metadevice. The new slices do not store parity information, however they are parity protected. The resulting RAID5 metadevice continues to handle a single slice failure. Create a RAID5 metadevice from a slice that contains an existing file system.will erase the data during the RAID5 initialization process .The interlace value is key to RAID5 performance. It is configurable at the time the metadevice is created; thereafter, the value cannot be modified. The default interlace value is 16 Kbytes which is reasonable for most of the applications.

6.4.1.) To setup raid5 on three slices of different disks .

# metainit d45 -r c2t3d0s2 c3t0d0s2 c4t0d0s2
d45: RAID is setup

6.5.) Creating a Trans Meta Device :

Trans meta devices enables ufs logging . There is one logging device and a master device and all file system changes are written into logging device and posted on to master device . This greatly reduces the fsck time for very large file systems as fsck has to check only the logging device which is usually of 64 M. maximum size.Logging device preferably should be mirrored and located on a different drive and controller than the master device .

Ufs logging can not be done for root partition.

6.5.1) Trans Metadevice for a File System That Can Be Unmounted

· /home2

1. Setup metadevice

# umount /home2

# metainit d63 -t c0t2d0s2 c2t2d0s1

d63: Trans is setup

Logging becomes effective for the file system when it is remounted

2. Change vfstab entry & reboot

from
/dev/md/dsk/d2 /dev/md/rdsk/d2 /home2 ufs 2 yes -
to
/dev/md/dsk/d63 /dev/md/rdsk/d63 /home2 ufs 2 yes -
# mount /home2
Next reboot displays the following message for logging device
# reboot
...
/dev/md/rdsk/d63: is logging

6.5.2 ) Trans Metadevice for a File System That Cannot Be Unmounted

· /usr

1.) Setup metadevice

# metainit -f d20 -t c0t3d0s6 c1t2d0s1
d20: Trans is setup

2.) Change vfstab entry & reboot:

from
/dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /usr ufs 1 no -
to
/dev/md/dsk/d20 /dev/md/rdsk/d20 /usr ufs 1 no -

# reboot

6.5.3 ) TransMeta device using Mirrors

1.) Setup metadevice

#umount /home2
#metainit d64 -t d30 d12
d64 trans is setup

2.) Change vfstab entry & reboot:

from
/dev/md/dsk/d30 /dev/md/rdsk/d30 /home2 ufs 2 yes
to
/dev/md/dsk/d64 /dev/md/rdsk/d64 /home2 ufs 2 yes

6.6 ) HotSpare Pool
A hot spare pool is a collection of slices reserved by DiskSuite to be automatically substituted in case of a slice failure in either a submirror or RAID5 metadevice . A hot spare cannot be a metadevice and it can be associated with multiple submirrors or RAID5 metadevices. However, a submirror or RAID5 metadevice can only be asociated with one hot spare pool. .Replacement is based on a first fit for the failed slice and they need to be replaced with repaired or new slices. Hot spare pools may be allocated, deallocated, or reassigned at any time unless a slice in the hot spare pool is being used to replace damaged slice of its associated metadevice.

6.6.1) Associating a Hot Spare Pool with Submirrors

# metaparam -h hsp100 d10
# metaparam -h hsp100 d11
# metastat d0
d0: Mirror
Submirror 0: d10
State: Okay
Submirror 1: d11
State: Okay
...
d10: Submirror of d0
State: Okay
Hot spare pool: hsp100
...
d11: Submirror of d0
State: Okay
Hot spare pool: hsp100

6.6.2 ) Associating or changing a Hot Spare Pool with a RAID5 Metadevice

#metaparam -h hsp001 d10
#metastat d10
d10:RAID
State: Okay
Hot spare Pool: hsp001

6.6.3 ) Adding a Hot Spare Slice to All Hot Spare Pools

# metahs -a -all /dev/dsk/c3t0d0s2
hsp001: Hotspare is added
hsp002: Hotspare is added
hsp003: Hotspare is added

6.7 ) Disksets

Few important points about disksets :

* A diskset is a set of shared disk drives containing DiskSuite objects that can be shared exclusively (but not concurrently) by one or two hosts. Disksets are used in high availability failover situations where the ownership of the failed machine’s diskset is transferred to other machine . Disksets are connected to two hosts for sharing and must have same attributes , controller/target/drive , in both machines except for the ownership .

* DiskSuite must be installed on each host that will be connected to the diskset.There is one metadevice state database per shared diskset and one on the "local" diskset. Each host must have its local metadevice state database set up before you can create disksets. Each host in a diskset must have a local diskset besides a shared diskset.A diskset can be created seprately on one host & then added to the second host later.

* Drive should not be in use by a file system, database, or any other application for adding in diskset .

* When a drive is added to disksuite it is repartitioned so that the metadevice state database replica for the diskset can be placed on the drive. Drives are repartitioned when they are added to a diskset only if Slice 7 is not set up correctly. A small portion of each drive is reserved in Slice 7 for use by DiskSuite. The remainder of the space on each drive is placed into Slice 0.. After adding a drive to a diskset, it may be repartitioned as necessary, provided that no changes are made to Slice 7 . If Slice 7 starts at cylinder 0, and is large enough to contain a state database replica, the disk is not repartitioned.

* When drives are added to a diskset, DiskSuite re-balances the state database replicas across the remaining drives. Later, if necessary, you can change the replica layout with the metadb(1M) command.

* To create a diskset, root must be a member of Group 14, or the ./rhosts file must contain an entry for each host.

6.7.1 ) Creating Two Disksets

host1# metaset -s diskset0 -a -h host1 host2
host1# metaset -s diskset1 -a -h host1 host2
host1# metaset
Set name = diskset0, Set number = 1
Host Owner
host1
host2
Set name = diskset1, Set number = 2
Host Owner
host1
host2

6.7.2 ) Adding Drives to a Diskset

host1# metaset -s diskset0 -a c1t2d0 c1t3d0 c2t2d0 c2t3d0 c2t4d0 c2t5d0

host1# metaset
Set name = diskset0, Set number = 1
Host Owner
host1 Yes
host2

Drive Dbase
c1t2d0 Yes
c1t3d0 Yes
c2t2d0 Yes
c2t3d0 Yes
c2t4d0 Yes
c2t5d0 Yes

Set name = diskset1, Set number = 2
Host Owner
host1
host2

6.7.3 ) Creating a Mirror in a Diskset

# metainit -s diskset0 d51 1 1 /dev/dsk/c0t0d0s2
diskset0/d51: Concat/Stripe is setup

# metainit -s diskset0 d52 1 1 /dev/dsk/c1t0d0s2
diskset0/d52: Concat/Stripe is setup

# metainit -s diskset0 d50 -m d51
diskset0/d50: mirror is setup

# metattach -s diskset0 d50 d52
diskset0/d50: Submirror d52 is attached

7.0 Trouble Shooting

7.1 ) Recovering from Stale State Database Replicas

Problem : State database corrupted or unavailable .
Causes : Disk failure , Disk I/O error.
Symptoms : Error message at the booting time if databases are <= 50% of total database. System comes to Single user mode.

ok boot
...
Hostname: host1
metainit: Host1: stale databases
Insufficient metadevice database replicas located.
Use metadb to delete databases which are broken.
Ignore any "Read-only file system" error messages.
Reboot the system when finished to reload the metadevice
database.
After reboot, repair any broken database replicas which were
deleted.
Type Ctrl-d to proceed with normal startup,
(or give root password for system maintenance):
Entering System Maintenance Mode.

1.) Use the metadb command to look at the metadevice state database and see which state database replicas are not available. Marked by unknown and M flag.

# /usr/opt/SUNWmd/metadb -i
flags first blk block count
a m p lu 16 1034 /dev/dsk/c0t3d0s3
a p l 1050 1034 /dev/dsk/c0t3d0s3
M p unknown unknown /dev/dsk/c1t2d0s3
M p unknown unknown

2.) Delete the state database replicas on the bad disk using the -d option to the metadb(1M) command.
At this point, the root (/) file system is read-only. You can ignore the mddb.cf error messages:

# /usr/opt/SUNWmd/metadb -d -f c1t2d0s3
metadb: demo: /etc/opt/SUNWmd/mddb.cf.new: Read-only file system .

Verify deletion
# /usr/opt/SUNWmd/metadb -i
flags first blk block count
a m p lu 16 1034 /dev/dsk/c0t3d0s3
a p l 1050 1034 /dev/dsk/c0t3d0s3

3.) Reboot.

4.) Use the metadb command to add back the state database replicas and to see that the state database replicas are correct.

# /usr/opt/SUNWmd/metadb -a -c 2 c1t2d0s3
# /usr/opt/SUNWmd/metadb
flags first blk block count
a m p luo 16 1034 dev/dsk/c0t3d0s3
a p luo 1050 1034 dev/dsk/c0t3d0s3
a u 16 1034 dev/dsk/c1t2d0s3
a u 1050 1034 dev/dsk/c1t2d0s3

7.2 ) Metadevice Errors :

Problem : Sub Mirrors out of sync in "Needs maintainence" state ,
Causes : Disk problem / failure , improper shutdown , communication problems between two mirrored disks .
symptoms : "Needs maintainence" errors in metastat output

# /usr/opt/SUNWmd/metastat
d0: Mirror
Submirror 0: d10
State: Needs maintenance
Submirror 1: d20
State: Okay
...
d10: Submirror of d0
State: Needs maintenance
Invoke: "metareplace d0 /dev/dsk/c0t3d0s0 "
Size: 47628 blocks
Stripe 0:
Device Start Block Dbase State Hot Spare
/dev/dsk/c0t3d0s0 0 No Maintenance

d20: Submirror of d0
State: Okay
Size: 47628 blocks
Stripe 0:
Device Start Block Dbase State Hot Spare
/dev/dsk/c0t2d0s0 0 No Okay

Solution :

1.) If disk is all right - enable the failed metadevice with metareplace command .
If disk is failed - Replace disk create similar partitions as in failed disk and enable new device with metareplace command.
# /usr/opt/SUNWmd/metareplace -e d0 c0t3d0s0
Device /dev/dsk/c0t3d0s0 is enabled

2.) If disk has failed and you want to move the failed devices to new disk with different id (CnTnDn) - add new disk ,
format to create a similar partition scheme as in failed disk and use metarepalce command
# /usr/opt/SUNWmd/metareplace d0 c0t3d0s0

The metareplace command above can also be used for concate or strip replacement in a volme but that would involve restoring the backup if it is not mirrored.

Saturday, July 19, 2008

Bay Area Infotech India Pvt Ltd

Bay Area Infotech India Pvt Ltd is the first branch of Bay Area Technologies in India. Bay Area Technology was founded in 1992, Bay area technologies is a leading international software development, training and consulting firm that designs and presents educational programs for technical professionals and managers. We provide technical experts to assist organizations with assessment, design, implementation and performance optimization of leading edge software for IT systems and web sites, schools, hosiptals. Our capabilities target winning results by understanding your technology needs aligned to your business objectives. Our differentiator is in servicing our clients to make them win; when you talk to us, you will understand our technologists understand your business better than many other service providers. We are proactive for the challenges and our people are motivated to walk the extra mile that you require, all the time. The best way to learn about us is to talk to our clients and find out how they trust our partnership with them. BAY Area Technologies Laws adopted from Eugene, Kleiner * Make sure the dog wants to eat the dog food. No matter how ground-breaking a new technology, how large a potential market, make certain customers actually want it* Build one business at a time. Most business plans are overly ambitious. Concentrate on being successful in one endeavor first.* The time to take the tarts is when they're being passed. If an environment is right for funding, go for it. Eugene, more than anyone, knew that venture capital goes in cycles.* The problem with most companies is they don't know what business they're in.* Even turkeys can fly in a high wind. In times of strong economies, even bad companies can look good* It's easier to get a piece of an existing market than to create a new one.* It's difficult to see the picture when you're inside the frame.* After learning some of the tricks of the trade, some people think they know the trade. his reflected some of Eugene's own humility; he recognized that many venture capitalists thought they were experts when they had just a bit of knowledge.* Venture capitalists will stop at nothing to copy success.* Invest in people, not just products. Eugene always respected founding entrepreneurs. He wanted to build companies with them not just with their ideas.

Tuesday, July 15, 2008

XAMPP SERVER

What is XAMPP ?

XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start.

XAMPP Supported Platforms

a version for Linux systems (tested for Ubuntu, SuSE, RedHat, Mandrake and Debian),

a version for Windows 98, NT, 2000, 2003 and XP,

a beta version for Solaris SPARC (developed and tested under Solaris 8),
and a beta version for MacOS X.

This MacOSX and Solaris versions of XAMPP are still in the first steps of development. Use at you own risk!

Download XAMPP

http://sourceforge.net/project/showfiles.php?group_id=61776&package_id=60248

XAMPP FAQ

http://www.apachefriends.org/en/faq-xampp.html

XAMPP Addons

http://addons.xampp.org/

XAMPP Screeshots

http://www.apachefriends.org/en/xampp-linux-screenshots.html

XAMPP for Linux Packages

The distribution for Linux systems (tested for SuSE, RedHat, Mandrake and Debian) contains: Apache, MySQL, PHP & PEAR, Perl,ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm, zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl, FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.

Installing XAMPP in Linux

Download XAMPP Latest version from the following link

http://sourceforge.net/project/showfiles.php?group_id=61776&package_id=60248

At the time of writing this article XAMPP version is 1.5.3a

#wget http://kent.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz

Now you should be having xampp-linux-1.5.3a.tar.gz file in your downloaded location

Go to a Linux shell and login as root:

$su -

Extract the downloaded archive file to /opt

#tar xvfz xampp-linux-1.5.3a.tar.gz -C /opt

XAMPP is now installed below the /opt/lampp directory.

Start XAMPP Server

To start XAMPP simply call this command:

#/opt/lampp/lampp start

Starting XAMPP for Linux 1.5.3a...
XAMPP: Starting Apache with SSL (and PHP5)...
XAMPP: Starting MySQL...
XAMPP: Starting ProFTPD...
XAMPP for Linux started.

Test Your XAMPP Installation

OK, that was easy but how can you check that everything really works? Just type in the following URL at your favourite web browser:

http://localhost

XAMPP Security Configuration

As mentioned before, XAMPP is not meant for production use but only for developers in a development environment. The way XAMPP is configured is to be open as possible and allowing the developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.

Here a list of missing security in XAMPP:

The MySQL administrator (root) has no password. (Don't give Password)

The MySQL daemon is accessible via network. (Don't give Password)

ProFTPD uses the password "lampp" for user "nobody". (Don't give Password)

PhpMyAdmin is accessible via network.(Give Password)

Examples are accessible via network.

MySQL and Apache running under the same user (nobody).

To fix most of the security weaknesses simply call the following command:

#/opt/lampp/lampp security

It starts a small security check and makes your XAMPP installation more secure.

Start And Stop Server Services

start

Starts XAMPP.

stop

Stops XAMPP.

restart

Stops and starts XAMPP.

startapache

Starts only the Apache.

startssl

Starts the Apache SSL support. This command activates the SSL support permanently, e.g. if you restarts XAMPP in the future SSL will stay activated.

startmysql

Starts only the MySQL database.

startftp

Starts the ProFTPD server. Via FTP you can upload files for your web server (user "nobody", password "lampp"). This command activates the ProFTPD permanently, e.g. if you restarts XAMPP in the future FTP will stay activated.

stopapache

Stops the Apache.

stopssl

Stops the Apache SSL support. This command deactivates the SSL support permanently, e.g. if you restarts XAMPP in the future SSL will stay deactivated.

stopmysql

Stops the MySQL database.

stopftp

Stops the ProFTPD server. This command deactivates the ProFTPD permanently, e.g. if you restarts XAMPP in the future FTP will stay deactivated.

security

Starts a small security check programm.

For example: To start Apache with SSL support simply type in the following command (as root):

#/opt/lampp/lampp startssl

You can also access your Apache server via SSL under https://localhost.

Important Configuration Files And Directories

opt/lampp/bin/ - The XAMPP commands home. /opt/lampp/bin/mysql calls for example the MySQL monitor.

/opt/lampp/htdocs/ - The Apache DocumentRoot directory.

/opt/lampp/etc/httpd.conf - The Apache configuration file.

/opt/lampp/etc/my.cnf - The MySQL configuration file.

/opt/lampp/etc/php.ini - The PHP configuration file.

/opt/lampp/etc/proftpd.conf - The ProFTPD configuration file. (since 0.9.5)

/opt/lampp/phpmyadmin/config.inc.php - The phpMyAdmin configuration file.

If you want to confiure apache2 you have to use /opt/lampp/etc/httpd.conf(If you want to change Apache DocumentRoot directory you can chage in this file).If you want to configure namebased and ip based virtual hosts check here

If you want to configure proftpd check here

If you want to configure mysql check here

Stopping XAMPP

To stop XAMPP simply call this command:

#/opt/lampp/lampp stop

You should now see:

Stopping LAMPP 1.5.3a...
LAMPP: Stopping Apache...
LAMPP: Stopping MySQL...
LAMPP: Stopping ProFTPD...
LAMPP stopped.

And XAMPP for Linux is stopped.

Uninstall XAMPP From your Machine

To uninstall XAMPP just type in this command

#rm -rf /opt/lampp

Tuesday, July 8, 2008

System administrator

What is a System Administrator ?

A system administrator, systems administrator, or sysadmin, is a person employed to maintain and operate a computer system and/or network. System administrators may be members of an information technology department.
The duties of a system administrator are wide-ranging, and vary widely from one organization to another. Sysadmins are usually charged with installing, supporting, and maintaining servers or other computer systems, and planning for and responding to service outages and other problems. Other duties may include scripting or light programming, project management for systems-related projects, supervising or training computer operators, and being the consultant for computer problems beyond the knowledge of technical support staff. A System Administrator must demonstrate a blend of technical skills and responsibility.

Skills:

The subject matter of systems administration includes computer systems and the ways people use them in an organization. This entails a knowledge of operating systems and applications, as well as hardware and software troubleshooting, but also knowledge of the purposes for which people in the organization use the computers.
However, perhaps the most important skill to a system administrator is problem solving -- frequently under various sorts of constraints and stress. The sysadmin is on call when a computer system goes down or malfunctions, and must be able to quickly and correctly diagnose what is wrong and how best to fix it.
System administrators are not software engineers or developers. It is not usually within their duties to design or write new applications software. However, sysadmins must understand the behavior of software in order to deploy it and to troubleshoot problems, and generally know several programming languages used for scripting or automation of routine tasks.
Particularly when dealing with Internet-facing or business-critical systems, a sysadmin must have a strong grasp of computer security. This includes not merely deploying software patches, but also preventing break-ins and other security problems with preventative measures. In some organizations, computer security administration is a separate role responsible for overall security and the upkeep of firewalls and intrusion detection systems, but all sysadmins are generally responsible for the security of the systems in their keep.

Duties of a system administrator

A system administrator's responsibilities might include:
Analyzing system logs and identifying potential issues with computer systems.
Introducing and integrating new technologies into existing data center environments.
Performing routine audits of systems and software.
Performing backups.
Applying operating system updates, patches, and configuration changes.
Installing and configuring new hardware and software.
Adding, removing, or updating user account information, resetting passwords, etc.
Answering technical queries.
Responsibility for security.
Responsibility for documenting the configuration of the system.
Troubleshooting any reported problems.
System performance tuning.
Insuring that the network infrastructure is up and running.
In larger organizations, some tasks listed above may be divided among different system administrators or members of different organizational groups. For example, a dedicated individual(s) may apply all system upgrades, a Quality Assurance (QA) team may perform testing and validation, and one or more technical writers may be responsible for all technical documentation written for a company.
In smaller organizations, the system administrator can also perform any number of duties elsewhere associated with other fields:
Technical support
Database administrator (DBA)
Network administrator/analyst/specialist
Application analyst
Security administrator
Programmer
System administrators, in larger organizations, tend not to be system architects, system engineers, or system designers. However, like many roles in this field, demarcations between systems administration and other technical roles often are not well defined in smaller organizations. Even in larger organizations, senior systems administrators often have skills in these other areas as a result of their working experience.
In smaller organizations, IT/computing specialties are less often discerned in detail, and the term system administrator is used in a rather generic way — they are the people who know how the computer systems work and can respond when something fails.

Books:
Essential Systems Administration (O'Reilly), 3rd Edition, 2001, by Æleen Frisch
Principles of Network and System Administration (J. Wiley & Sons), 2000,2003(2ed), by Mark Burgess
The Practice of System and Network Administration (Addison-Wesley), 2001, by Thomas A. Limoncelli and Christine Hogan
The Practice of System and Network Administration (Addison-Wesley), 2nd Edition (July 5, 2007), by Thomas A. Limoncelli, Christine Hogan and Strata R. Chalup
Time Management for System Administrators (O'Reilly), 2005, by Thomas A. Limoncelli
UNIX System Administration Handbook (Prentice Hall PTR), 3rd Edition, 2000, by Evi Nemeth, Garth Snyder, Scott Seebass, Trent R. Hein

Conferences:
Large Installation System Administration Conference (LISA), sponsored by USENIX and SAGE

Online Resources:
System administrator day, the last Friday of July
The Network Engineer - Learn practical system administration.
BigAdmin - System Administrator Resources and Community
LinuxZoo - Learn system administration online using free-access virtual machines
Sysadmin wiki - Wiki for system administrators
Realtime Publishers - Free eBooks for system administrators
Research on system administration
Planet Sysadmin - Blog aggregator of sysadmin-related feeds
PlanetSysadmin.com - Another blog aggregator of sysadmin-related feeds
Wikiversity System Administration topic
The System Administrator - Free Tip and Tricks for IT System and Network Administrators
Everything Sysadmin - Blog written by authors of several sysadmin books

Thursday, July 3, 2008

SUN Solaris 10 with Zones

ENTERPRISE SECURITY CHALLENGE
While diversity of information systems and sophistication of attacks against data security continue to grow, protecting sensitive data is becoming increasingly challenging.
Regulatory compliance requirements such as SOX 404, PCI DSS, CA SB 1386 and other US Government mandates such as FISMA and HSPD-12 have become a priority for enterprises and government agencies. These issues, along with financial liabilities and the potential to damage the reputation of a company due to security breaches, have now pushed data security to the forefront of today’s business needs.

SSH TECTIA SOLUTION
SSH Tectia® is the leading end-to-end communications security solution for large enterprises, financial institutions, and government agencies worldwide. Today more than half of the Global Fortune 100 enterprises rely on SSH Tectia to ensure the confidentiality and integrity of mission-critical data throughout their internal and external networks.
Some major SSH Tectia benefits include:
:No modification to the existing infrastructure or the applications required.
:Ideal for protection of legacy applications.
:Supports Sun Solaris 8 and 9 on SPARC, and Sun Solaris 9 on SPARC and x86.
:Supports zones on Sun Solaris 10.
:Increased performance and scalability with SSH G3 architecture.
Centrally managed for easy deployment of pre-configured SSH Tectia software, policy changes and enforcement and auditing functionality to meet increasing business demands.

APPLICATION AREAS
The SSH Tectia solution addresses a variety of data security needs throughout the enterprise - secure system administration, secure file transfer and secure application connectivity.
SSH Tectia provides system administrators the ability to remotely and securely manage servers in heterogeneous environments. It provides a secure
replacement for Telnet, Unix R-utilities, and other unsecured login and remote command execution tools.
SSH Tectia is widely used for secure file transfer (SFTP), ensuring confidentiality, integrity, and
authenticity of both manual and automated file transfers throughout complex, heterogeneous enterprise networks.
SSH Tectia can be used to transparently secure virtually any TCP/IP-based application connections between user workstations and application servers. It protects data-in-transit throughout internal and external networks
without any modification to the existing infrastructure or application.
SSH Tectia Manager enables centralized deployment of pre-configured SSH Tectia software, maintenance, configuration, monitoring and auditing functionality within heterogeneous SSH Tectia environments, creating an attractive ROI while helping achieve and maintain regulatory compliance.

SUPPORT FOR SOLARIS ZONES
Solaris Zones provides service virtualization and namespace isolation to processes running in a non-global zone.
SSH Tectia can be used to protect data-in-transit to and from individual or all of the Solaris Zones giving customers the flexibility and security to meet their business-critical needs.

WORKING TOGETHER WITH SUN
Since 1995 SSH Communications Security has developed software enabling users to access SUN workstations and servers securely. Today SSH Tectia is deployed on SUN SPARC and x86 servers at thousands of sites worldwide enabling some of the worlds largest financial institutions, enterprises and government organizations to securely run their mission critical business applications. Enterprises select the enterprise class SSH Tectia over competitive or embedded products due to its wide range of features and attractive Total Cost of Ownership.
SSH

Friday, June 27, 2008

PHP

What is PHP?
PHP (recursive acronym for "PHP: Hypertext Preprocessor") is a widely-used Open Source general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.

Simple answer, but what does that mean? An example:

Example 1-1. An introductory example

Notice how this is different from a script written in other languages like Perl or C -- instead of writing a program with lots of commands to output HTML, you write an HTML script with some embedded code to do something (in this case, output some text). The PHP code is enclosed in special start and end tags that allow you to jump into and out of "PHP mode".

What distinguishes PHP from something like client-side JavaScript is that the code is executed on the server. If you were to have a script similar to the above on your server, the client would receive the results of running that script, with no way of determining what the underlying code may be. You can even configure your web server to process all your HTML files with PHP, and then there's really no way that users can tell what you have up your sleeve.

The best things in using PHP are that it is extremely simple for a newcomer, but offers many advanced features for a professional

What can PHP do?
Anything. PHP is mainly focused on server-side scripting, so you can do anything any other CGI program can do, such as collect form data, generate dynamic page content, or send and receive cookies. But PHP can do much more.

There are three main fields where PHP scripts are used.

Server-side scripting. This is the most traditional and main target field for PHP. You need three things to make this work. The PHP parser (CGI or server module), a webserver and a web browser. You need to run the webserver, with a connected PHP installation. You can access the PHP program output with a web browser, viewing the PHP page through the server. See the installation instructions section for more information.

Command line scripting. You can make a PHP script to run it without any server or browser. You only need the PHP parser to use it this way. This type of usage is ideal for scripts regularly executed using cron (on *nix or Linux) or Task Scheduler (on Windows). These scripts can also be used for simple text processing tasks. See the section about Command line usage of PHP for more information.

Writing client-side GUI applications. PHP is probably not the very best language to write windowing applications, but if you know PHP very well, and would like to use some advanced PHP features in your client-side applications you can also use PHP-GTK to write such programs. You also have the ability to write cross-platform applications this way. PHP-GTK is an extension to PHP, not available in the main distribution. If you are interested in PHP-GTK, visit its own website.

PHP can be used on all major operating systems, including Linux, many Unix variants (including HP-UX, Solaris and OpenBSD), Microsoft Windows, Mac OS X, RISC OS, and probably others. PHP has also support for most of the web servers today. This includes Apache, Microsoft Internet Information Server, Personal Web Server, Netscape and iPlanet servers, Oreilly Website Pro server, Caudium, Xitami, OmniHTTPd, and many others. For the majority of the servers PHP has a module, for the others supporting the CGI standard, PHP can work as a CGI processor.

So with PHP, you have the freedom of choosing an operating system and a web server. Furthermore, you also have the choice of using procedural programming or object oriented programming, or a mixture of them. Although not every standard OOP feature is realized in the current version of PHP, many code libraries and large applications (including the PEAR library) are written only using OOP code.

With PHP you are not limited to output HTML. PHP's abilities includes outputting images, PDF files and even Flash movies (using libswf and Ming) generated on the fly. You can also output easily any text, such as XHTML and any other XML file. PHP can autogenerate these files, and save them in the file system, instead of printing it out, forming a server-side cache for your dynamic content.

One of the strongest and most significant feature in PHP is its support for a wide range of databases. Writing a database-enabled web page is incredibly simple. The following databases are currently supported:

Adabas D Ingres Oracle (OCI7 and OCI8)
dBase InterBase Ovrimos
Empress FrontBase PostgreSQL
FilePro (read-only) mSQL Solid
Hyperwave Direct MS-SQL Sybase
IBM DB2 MySQL Velocis
Informix ODBC Unix dbm

We also have a DBX database abstraction extension allowing you to transparently use any database supported by that extension. Additionally PHP supports ODBC, the Open Database Connection standard, so you can connect to any other database supporting this world standard.

PHP also has support for talking to other services using protocols such as LDAP, IMAP, SNMP, NNTP, POP3, HTTP, COM (on Windows) and countless others. You can also open raw network sockets and interact using any other protocol. PHP has support for the WDDX complex data exchange between virtually all Web programming languages. Talking about interconnection, PHP has support for instantiation of Java objects and using them transparently as PHP objects. You can also use our CORBA extension to access remote objects.

PHP has extremely useful text processing features, from the POSIX Extended or Perl regular expressions to parsing XML documents. For parsing and accessing XML documents, we support the SAX and DOM standards. You can use our XSLT extension to transform XML documents.

While using PHP in the ecommerce field, you'll find the Cybercash payment, CyberMUT, VeriSign Payflow Pro and CCVS functions useful for your online payment programs.

What do I need?
In this tutorial we assume that your server has support for PHP activated and that all files ending in .php are handled by PHP. On most servers this is the default extension for PHP files, but ask your server administrator to be sure. If your server supports PHP then you don't need to do anything. Just create your .php files and put them in your web directory and the server will magically parse them for you. There is no need to compile anything nor do you need to install any extra tools. Think of these PHP-enabled files as simple HTML files with a whole new family of magical tags that let you do all sorts of things.
Let's say you want to save precious bandwidth and develop locally. In this case, you'll want to install a web server, such as Apache, and of course PHP. You'll most likely want to install a database as well, such as MySQL. You can install these individually or a simpler way is to locate a pre-configured package that automatically installs all of these with just a few mouse clicks. It's easy to setup a web server with PHP support on any operating system, including Linux and Windows. In linux, you may find rpmfind helpful for locating RPMs.

Tuesday, June 10, 2008

BASIC COMMANDS IN LINUX

File Commands:
ls – directory listing
ls -al – formatted listing with hidden files
cd dir - change directory to dir
cd – change to home
pwd – show current directory
mkdir dir – create a directory dir
rm file – delete file
rm -r dir – delete directory dir
rm -f file – force remove file
rm -rf dir – force remove directory dir *
cp file1 file2 – copy file1 to file2
cp -r dir1 dir2 – copy dir1 to dir2; create dir2 if it doesn't exist
mv file1 file2 – rename or move file1 to file2 if file2 is an existing directory, moves file1 into
directory file2
ln -s file link – create symbolic link link to file
touch file – create or update file
cat > file – places standard input into file
more file – output the contents of file
head file – output the first 10 lines of file
tail file – output the last 10 lines of file
tail -f file – output the contents of file as it grows, starting with the last 10 lines

Process Management:
ps – display your currently active processes
top – display all running processes
kill pid – kill process id pid
killall proc – kill all processes named proc *
bg – lists stopped or background jobs; resume a stopped job in the background
fg – brings the most recent job to foreground
fg n – brings job n to the foreground

File Permissions:
chmod octal file – change the permissions of file
to octal, which can be found separately for user,
group, and world by adding:
● 4 – read (r)
● 2 – write (w)
● 1 – execute (x)
Examples:
chmod 777 – read, write, execute for all
chmod 755 – rwx for owner, rx for group and world
For more options, see man chmod.

SSH:
ssh user@host – connect to host as user
ssh -p port user@host – connect to host on port port as user
ssh-copy-id user@host – add your key to host for user to enable a keyed or passwordless login

Searching:
grep pattern files – search for pattern in files
grep -r pattern dir – search recursively for pattern in dir
command grep pattern – search for pattern in the output of command
locate file – find all instances of file

System Info:
cal – show this month's calendar
uptime – show current uptime
w – display who is online
whoami – who you are logged in as
finger user – display information about user
uname -a – show kernel information
cat /proc/cpuinfo – cpu information
cat /proc/meminfo – memory information
man command – show the manual for command
df – show disk usage
du – show directory space usage
free – show memory and swap usage
whereis app – show possible locations of app
which app – show which app will be run by default

Compression:
tar cf file.tar files – create a tar named file.tar containing files
tar xf file.tar – extract the files from file.tar
tar czf file.tar.gz files – create a tar with Gzip compression
tar xzf file.tar.gz – extract a tar using Gzip
tar cjf file.tar.bz2 – create a tar with Bzip2 compression
tar xjf file.tar.bz2 – extract a tar using Bzip2
gzip file – compresses file and renames it to file.gz
gzip -d file.gz – decompresses file.gz back to file

Network:
ping host – ping host and output results
whois domain – get whois information for domain
dig domain – get DNS information for domain
dig -x host – reverse lookup host
wget file – download file
wget -c file – continue a stopped download

Installation:
Install from source:
./configure
make
make install
dpkg -i pkg.deb – install a package (Debian)
rpm -Uvh pkg.rpm – install a package (RPM)

Shortcuts:
Ctrl+C – halts the current command
Ctrl+Z – stops the current command, resume with fg in the foreground or bg in the background
Ctrl+D – log out of current session, similar to exit
Ctrl+W – erases one word in the current line
Ctrl+U – erases the whole line
Ctrl+R – type to bring up a recent command
!! - repeats the last command
exit – log out of current session