2014¶

July 1, 2014
in sysadmin
2 min read

Installing Postfix with Auth SASL and LDAP Support on FreeBSD

Install packages using FreeBSD port.

1. Install postfix

# Options for postfix-2.11.0,1
_OPTIONS_READ=postfix-2.11.0,1
_FILE_COMPLETE_OPTIONS_LIST=BDB CDB INST_BASE LDAP_SASL LMDB MYSQL NIS OPENLDAP PCRE PGSQL SASL2 SPF SQLITE TEST TLS VDA DOVECOT DOVECOT2 SASLKRB5 SASLKMIT
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_SET+=CDB
OPTIONS_FILE_UNSET+=INST_BASE
OPTIONS_FILE_SET+=LDAP_SASL
OPTIONS_FILE_UNSET+=LMDB
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_UNSET+=NIS
OPTIONS_FILE_SET+=OPENLDAP
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_SET+=SASL2
OPTIONS_FILE_UNSET+=SPF
OPTIONS_FILE_UNSET+=SQLITE
OPTIONS_FILE_SET+=TEST
OPTIONS_FILE_SET+=TLS
OPTIONS_FILE_UNSET+=VDA
OPTIONS_FILE_UNSET+=DOVECOT
OPTIONS_FILE_UNSET+=DOVECOT2
OPTIONS_FILE_UNSET+=SASLKRB5
OPTIONS_FILE_UNSET+=SASLKMIT

2. install openldap

# Options for openldap-client-2.4.38
_OPTIONS_READ=openldap-client-2.4.38
_FILE_COMPLETE_OPTIONS_LIST=FETCH
OPTIONS_FILE_UNSET+=FETCH

3. install cyrus-sasl2

# Options for cyrus-sasl-2.1.26_4
_OPTIONS_READ=cyrus-sasl-2.1.26_4
_FILE_COMPLETE_OPTIONS_LIST=ALWAYSTRUE AUTHDAEMOND KEEP_DB_OPEN  OBSOLETE_CRAM_ATTR BDB MYSQL PGSQL SQLITE2 SQLITE3 CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM
OPTIONS_FILE_UNSET+=ALWAYSTRUE
OPTIONS_FILE_SET+=AUTHDAEMOND
OPTIONS_FILE_UNSET+=KEEP_DB_OPEN
OPTIONS_FILE_SET+=OBSOLETE_CRAM_ATTR
OPTIONS_FILE_UNSET+=BDB
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE2
OPTIONS_FILE_UNSET+=SQLITE3
OPTIONS_FILE_SET+=CRAM
OPTIONS_FILE_SET+=DIGEST
OPTIONS_FILE_SET+=LOGIN
OPTIONS_FILE_SET+=NTLM
OPTIONS_FILE_SET+=OTP
OPTIONS_FILE_SET+=PLAIN
OPTIONS_FILE_SET+=SCRAM

4. install cyrus-sasl2-saslauthd

# Options for cyrus-sasl-saslauthd-2.1.26
_OPTIONS_READ=cyrus-sasl-saslauthd-2.1.26
_FILE_COMPLETE_OPTIONS_LIST=BDB HTTPFORM OPENLDAP
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_SET+=HTTPFORM
OPTIONS_FILE_SET+=OPENLDAP

5. install postfwd

# Options for postfix-postfwd-1.32_1
_OPTIONS_READ=postfix-postfwd-1.32_1
_FILE_COMPLETE_OPTIONS_LIST=DOCS EXAMPLES POSTFWD2
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=POSTFWD2

6. configure /usr/local/lib/sasl2/smtpd.conf

log_level: 3
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

7. configure /usr/local/etc/saslauthd.conf

ldap_servers:
ldap_bind_dn:
ldap_bind_pw:
ldap_search_base:
ldap_auth_method: ssha
ldap_time_limit: 4
ldap_filter:

8. configure /usr/local/etc/postfix/main.cf

mtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtp_sasl_type = cyrus
smtpd_sasl_security_options = noanonymous

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination

9. configure /usr/local/etc/postfwd.conf

id=RULE001
 sasl_username=~/^(\S+)$/
 action=rcpt(sasl_username/200/3600/DEFER Too much emails for $$sasl_username)

10. configure /etc/rc.conf

postfix_enable="YES"
saslauthd_enable="YES"
saslauthd_flags="-a ldap"
postfwd_enable="YES"

Reference: http://ashterix.blogspot.com/2008/10/freebsd-postfix-sasl-openldap.html

July 1, 2014
in sysadmin
1 min read

iSCSI+LVM: Automatically Enable Volume Group Contain iSCSI Disk Physical Volume

When using iSCSI and LVM, sometimes we have to manually enable iSCSI disk that used as a physical volume in LVM. This is because LVM service is started earlier than iSCSI service so the iSCSI disk containing the physical volume is not present yet. Solution to this problem is to enable lvmetad in /etc/lvm/lvm.conf. The lvmetad is "LVM metadata daemon" that acts as in-memory cache of LVM metadata gathered from devices as they appear in the system. Whenever a block device appears and has PV label on it, it is automatically scanned via an udev rule. This update the lvmetad daemon with the LVM metadata found. Once the VG is complete (all the PVs making up the VG are present), the VG is activated. The lvmetad daemon is required for this LVM event-based autoactivation to work and the iSCSI disk must be present in the system after boot time.

enable lvmetad in lvm.conf

use_lvmetad = 1

Reference: https://bugzilla.redhat.com/show_bug.cgi?id=474833

July 1, 2014
in sysadmin
1 min read

LVM: Adding New Physical Volume to Volume Group

Linux LVM is a logical volume manager for Linux kernel. Logical volume manager provides method of allocation space in mass storage device that more flexible than traditional partitioning scheme. Logical volume manager can create, resize, and combine partitions, potentially without interrupting system. (Wikipedia)

schema: new device /dev/sda

1. create needed partitions, label them with 8e (Linux LVM)

# fdisk /dev/sda

2. format partitons

# mkfs.ext4 /dev/sda1

3. create physical volume

# pvcreate /dev/sda1

4. extend existing volume group

# vgextend VolGroup00 /dev/sdb1

5. extend existing logical volume

extend LogVol01 to 16GB
# lvextend -L 16G /dev/VolGroup00/LogVol01
adding 1GB to LogVol01
# lvextend -l+1G /dev/VolGroup00/LogVol01

6. resize logical volume to new size

# resize2fs /dev/VolGroup00/LogVol01

7. create new logical volume

create new logical volume with size 16GB
# lvcreate -L 16GB -n LogVol02 VolGroup00
create new logical volume with all free space
# lvcreate -l+100%FREE -n LogVol02 VolGroup00

8. format new logical volume

# mkfs.ext4 /dev/VolGroup00/LogVol02

Reference: http://sujithemmanuel.blogspot.com/2007/04/how-to-add-disk-to-lvm.html

July 1, 2014
in sysadmin
2 min read

SMTP: Debugging SMTP with TLS/SSL and Auth

SMTP use TLS/SSL to secure connection to server and AUTH so only authenticated user can use the SMTP service. This tutorial will show steps to debug SMTP TLS/SSL and AUTH from Linux/Unix terminal.

encode your login information in base64, the following perl command which requires MIME::Base64 will do encoding

perl -MMIME::Base64 -e 'print encode_base64("\000your_username\000your_password")'
# example output
# AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==

connect to smtp server

# normal non-secured SMTP
$ telnet smtp.yourdomain.com 25

# TLS connection, check STARTTLS support with EHLO command
$ telnet smtp.yourdomain.com 25

220 SMTP banner
EHLO smtp.yourdomain.com
250 SMTP banner
250-smtp.yourdomain.com
250-PIPELINING
250-SIZE 36360000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit

$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25

# SSL connection
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

check AUTH support with EHLO command

# Connect to secure SMTP using TLS or SSL
$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25
# Or
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

EHLO smtp.yourdomain.com
250-smtp.yourdomain.com
250-PIPELINING
250-SIZE 36360000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit

use AUTH command to authenticate

# connect to secure SMTP using TLS or SSL
$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25
# OR
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

HELO smtp.yourdomain.com
250 smtp.yourdomain.com
AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==
235 2.7.0 Authentication successful
if failed
535 5.7.8 Error: authentication failed: authentication failure

test sending message

$ openssl s_client -crlf -connect smtp.yourdomain.com:465

HELO smtp.yourdomain.com
250 smtp.yourdomain.com
AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==
235 2.7.0 Authentication successful
MAIL FROM: <your_username@yourdomain.com>
250 2.1.0 OK
RCPT TO: <your_destination@domain.com>
250 2.1.5 OK
DATA
354 End data with <CR><LF>.<CR><LF>
From: Your Name <your_username@yourdomain.com>
To: Your Destination Name <your_destination@domain.com>
Subject: Your Email Subject
Your Email Content
.
250 2.0.0 Ok: queued as 6A4C1D5153E
quit
Connection closed by foreign host.
Reference: <https://qmail.jms1.net/test-auth.shtml>

March 12, 2014
in sysadmin
2 min read

Find A Virtual Machine by MAC Address with VSphere Client and PowerCLI

It is usual task to find someone computer by its MAC address when there is an issue related to his computer in the local network. The common case is IP conflict or network abuse. But, if the MAC Address shows that machine is one of many scattered VMware virtual machine out there, how do we find it?

vSphere Client

If you have an VMware ESX or ESXi server, vSphere Client is tool to manage your virtual machines from remote computer. But, vSphere Client cannot tell the MAC Address of virtual machines from version 10 or higher and to find virtual machine based on MAC Address we must open the virtual machine Setting one by one. It is still possible when there are few virtual, but it is exhausting when we have many virtual machine.

vSphere PowerCLI

There is alternative method by using vSphere PowerCLI, a command-line tools to manage virtual machines in conjunction with vSphere Client. You can install vSphere PowerCLI by referring to this page. To find the virtual machine based on its MAC Address, open vSphere PowerCLI. powercli1

Connect to your Virtual Machine Server (ESX or ESXI) by using command Connect-VIServer. powercli2

After pressing [Enter] twice, you will be presented by a logon window. powercli3

Login to your Virtual Machines Server. powercli4

Then you can find the virtual machine by its MAC Address using this command Get-VM | Get-NetworkAdapter | Where {$_.MacAddress -eq "AA:BB:CC:DD:EE:FF"} | Format-List powercli5

The highlighted one is the virtual machine name in your server. Good luck!

Reference

Finding a virtual machine in VMware vSphere by the MAC address

February 27, 2014
in sysadmin
2 min read

Installing Zimbra Collaboration Server 8 FOSS on CentOS 6.5

Zimbra is a well known collaboration suite which includes email, calendaring, file sharing, activity streams, social communities and more. The most popular product from Zimbra is Zimbra Collaboration Server. Zimbra Collaboration Server comes with two version: Network Edition and Open Source Edition (FOSS). This documentation shows a simple way to install Zimbra Collaboration Server Open Source Edition in CentOS 6.5.

Zimbra Logo

Getting Started

Prepare the system

# yum update

Disable SELinux

# vi /etc/sysconfig/selinux
 SELINUXTYPE=disabled

Disable firewall

# service iptables stop
# service ip6tables stop
# chkconfig iptables off
# chkconfig ip6tables off

Disable postfix

# service postfix stop
# chkconfig postfix off

Edit hosts file

# vi /etc/hosts
 192.168.1.91 your.zimbra-domain.com

Install dependencies

# yum install nc wget nano make nc sudo sysstat libtool-ltdl glibc perl ntp

Edit ntp configuration file

# vi /etc/ntp.conf
 #server 3.centos.pool.ntp.org iburst
 server your.ntp-server.com iburst

Start ntpdate service

# service ntpdate start
# chkconfig ntpdate on

Make sure you have setup your NS records for your ZCS

your.zimbra-domain.com IN A  192.168.1.91
      IN MX 10 your.zimbra-domain.com

Zimbra Installation

Download zimbra collaboration server open source edition from here

# cd /tmp
# wget http://files2.zimbra.com/downloads/8.0.6_GA/zcs-8.0.6_GA_5922.RHEL6_64.20131203103705.tgz

Extract ZCS

# tar zxvf zcs-8.0.6_GA_5922.RHEL6_64.20131203103705.tgz

Install ZCS and follow the instructions

# cd zxvf zcs-8.0.6_GA_5922.RHEL6_64.20131203103705
# ./install.sh

Set http for web access

# su zimbra
$ zmtlsctl http
$ zmcontrol restart

Now you can access your new ZCS installation in http://your.zimbra-domain.com/.

February 19, 2014
in compsci
13 min read

Quantum Espresso 5.0.3 Using Intel Math Kernel Library 11.0 Optimization

Quantum Espresso is a software for electronic-structure calculations and materials modeling at the nanoscale. The installation of Quantum Espresso is quite easy because it includes external libraries which it needs. But we are encouraged to install Quantum Espresso using our own machine optimized external libraries such as Basic Linear Algebra Subprograms (BLAS), Linear Algebra Package (LAPACK), Scalable LAPACK (SCALAPACK), and Fastest Fourier Transform in the West (FFTW).

External Libraries

There are several repositories or development teams which provide external libraries. For example is Netlib which provides BLAS, LAPACK, and SCALAPACK. But, for machines with Intel processor, maybe the best external libraries out there is Intel® Math Kernel Library which has a non-commercial version as standalone or included in Intel® Parallel Studio XE 2013 for Linux that can be downloaded in Intel Non-Commercial Software Development. Intel® Math Kernel Library provides BLAS, LAPACK, SCALAPACK, and even FFTW interfaces.

Getting Started

My test machine is Supermicro X9DRD-7LN4F which has Intel(R) Xeon(R) CPU E5-2660 0 @ 2.20GHz with 8 cores and 16 threads and 64 GB RAM. For compilers I will be using Intel compilers which is included in Intel® Parallel Studio XE 2013 for Linux and OpenMPI for parallelization.

Installing Intel® Parallel Studio XE 2013 for Linux

tar zxvf sources/parallel_studio_xe_2013_sp1_update1.tgz
./parallel_studio_xe_2013_sp1_update1/install.sh

Please make your selection by entering an option.
Root access is recommended for evaluation.

1. Run as a root for system wide access for all users [default]
2. Run using sudo privileges and password for system wide access for all users
3. Run as current user to limit access to user level

h. Help
q. Quit

Please type a selection [1]: 3

Step 1 of 7 | Welcome
--------------------------------------------------------------------------------
Welcome to the Intel(R) Parallel Studio XE 2013 SP1 Update 1 for Linux*
installation program.


--------------------------------------------------------------------------------
You will complete the steps below during this installation:
Step 1 : Welcome
Step 2 : License agreement
Step 3 : Activation
Step 4 : Intel(R) Software Improvement Program
Step 5 : Options
Step 6 : Installation
Step 7 : Complete

--------------------------------------------------------------------------------
Press "Enter" key to continue or "q" to quit: [Enter]

Step 1 of 7 | Welcome > Missing Optional Prerequisite(s)
--------------------------------------------------------------------------------
There are one or more optional unresolved issues. It is highly recommended to
resolve them all before you continue the installation. You can fix them without
exiting from the installation and re-check. Or you can quit from the
installation, fix them and run the installation again.
--------------------------------------------------------------------------------
Missing optional prerequisites
-- Intel(R) Fortran Composer XE 2013 SP1 Update 1 for Linux*: Unsupported OS
-- Intel(R) C++ Composer XE 2013 SP1 Update 1 for Linux*: Unsupported OS
-- Power analysis is not enabled.
--------------------------------------------------------------------------------
1. Skip missing optional prerequisites [default]
2. Show the detailed info about issue(s)
3. Re-check the prerequisites

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

--------------------------------------------------------------------------------
Do you agree to be bound by the terms and conditions of this license agreement?
Type 'accept' to continue or 'decline' to go back to the previous menu: accept

Step 3 of 7 | Activation
--------------------------------------------------------------------------------
If you have purchased this product and have the serial number and a connection
to the internet you can choose to activate the product at this time. Activation
is a secure and anonymous one-time process that verifies your software licensing
rights to use the product. Alternatively, you can choose to evaluate the product
or defer activation by choosing the evaluate option. Evaluation software will
time out in about one month. Also you can use license file, license manager, or
remote activation if the system you are installing on does not have internet
access activation options.
--------------------------------------------------------------------------------
1. Use existing license [default]
2. I want to activate my product using a serial number
3. I want to evaluate my product or activate later
4. I want to activate either remotely, or by using a license file, or by using a license manager

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Step 4 of 7 | Intel(R) Software Improvement Program
--------------------------------------------------------------------------------
Help improve your experience with Intel(R) software
Participate in the design of future Intel software. Select 'Yes' to give us permission to learn about how you use your Intel software and we will do the rest.
    - No personally identifiable information is collected
    - There are no additional follow-up emails by opting in
    - You can stop participating at any time

    Learn more about the Intel(R) Software Improvement Program
    http://software.intel.com/en-us/articles/software-improvement-program

With your permission, Intel may automatically receive anonymous information about how you use your current and future Intel(R) Software Development Products.
--------------------------------------------------------------------------------
1. Yes, I am willing to participate and improve Intel software. (Recommended)
2. No, I don't want to participate in the Intel(R) Software Improvement Program
at this time.

b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection: 2

Step 5 of 7 | Options > Pre-install Summary
--------------------------------------------------------------------------------
Install location:
    /home/pras/intel/parallel_studio_xe_2013

Component(s) selected:
    Intel(R) VTune(TM) Amplifier XE 2013 Update 13                         544MB
        Command line interface
        Sampling Driver kit
        Power Driver kit
        Graphical user interface

    Intel(R) Inspector XE 2013 Update 8                                    296MB
        Command line interface
        Graphical user interface

    Intel(R) Advisor XE 2013 Update 5                                      470MB
        Command line interface
        Graphical user interface

    Intel(R) Fortran Compiler XE 14.0 Update 1                             612MB
        Intel Fortran Compiler XE

    Intel(R) C++ Compiler XE 14.0 Update 1                                 580MB
        Intel C++ Compiler XE

    Intel(R) Debugger 13.0                                                 533MB
        Intel Debugger

    Intel(R) Math Kernel Library 11.1 Update 1                             2.0GB
        Intel MKL core libraries
        Intel(R) Xeon Phi(TM) coprocessor support
        Fortran 95 interfaces for BLAS and LAPACK
        GNU* Compiler Collection support

    Intel(R) Integrated Performance Primitives 8.0 Update 1                2.8GB
        Intel IPP single-threaded libraries

    Intel(R) Threading Building Blocks 4.2 Update 1                        127MB
        Intel TBB

    GNU* GDB 7.5                                                           170MB
        GNU* GDB 7.5 on Intel(R) 64 (Provided under GNU General Public License
v3)
        GDB Eclipse* Integration on Intel(R) 64 (Provided under Eclipse Public
License v.1.0)

Install Space Required:     7.1GB

Driver parameters:
    Sampling driver install type: Driver kit files will be installed only
    Power driver install type: Driver kit files will be installed only
    Drivers will be accessible to everyone on this system. To restrict access, select Customize Installation > Change advanced options > Driver is accessible to and set group access.


1. Start installation Now [default]
2. Customize installation

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 2

Step 5 of 7 | Options > Architecture selection
--------------------------------------------------------------------------------
Select the architecture(s) where your applications will run. If unsure, accept the default options below or see
http://software.intel.com/en-us/articles/about-target-architecture-selection-during-installation for more information.

Target Architecture(s) of your applications:
--------------------------------------------------------------------------------
1. [x]    IA-32
2. [x]    Intel(R) 64

3. Finish architecture selection [default]

Note: This system is an Intel(R) 64 architecture system.
Your application may be built to run on either IA-32 or Intel(R) 64
architectures.

b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [3]: 3

Step 5 of 7 | Options
--------------------------------------------------------------------------------
You are now ready to begin installation. You can use all default installation
settings by simply choosing the "Start installation Now" option or you can
customize these settings by selecting any of the change options given below
first. You can view a summary of the settings by selecting "Show pre-install
summary".
--------------------------------------------------------------------------------
1. Start installation Now [default]

2. Change install directory      [ /home/pras/intel/parallel_studio_xe_2013 ]
3. Change components to install  [ Custom ]
4. Show pre-install summary

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 3

Step 5 of 7 | Options > Component selection
--------------------------------------------------------------------------------
Select the component you wish to install. When you have completed your changes,
select option 1 to continue with the installation.
--------------------------------------------------------------------------------
1. Finish component selection [default]

2. Intel(R) VTune(TM) Amplifier XE 2013 Update 13 [All]
3. Intel(R) Inspector XE 2013 Update 8 [All]
4. Intel(R) Advisor XE 2013 Update 5 [All]
5. Intel(R) Fortran Compiler XE 14.0 Update 1 [All]
6. Intel(R) C++ Compiler XE 14.0 Update 1 [All]
7. Intel(R) Debugger 13.0 [All]
8. Intel(R) Math Kernel Library 11.1 Update 1 [Custom]
9. Intel(R) Integrated Performance Primitives 8.0 Update 1 [Custom]
10. Intel(R) Threading Building Blocks 4.2 Update 1 [All]
11. GNU* GDB 7.5 [Custom]

Install Space Required:     7.1GB

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 8

Step 5 of 7 | Options > Component selection
--------------------------------------------------------------------------------
You may choose not to install some components of this product. Optional
components are shown with an option number of the left. Entering that number
will select/unselect that component for installation. When you have completed
your changes, select option 1 to return to previous menu.
--------------------------------------------------------------------------------
1. Finish component selection [default]

2. [x] Intel(R) Math Kernel Library 11.1 Update 1
3.     [x] Intel MKL core libraries
4.     [x] Intel(R) Xeon Phi(TM) coprocessor support
5.     [x] Fortran 95 interfaces for BLAS and LAPACK
6.     [x] GNU* Compiler Collection support
7.     [ ] PGI* compiler support
8.     [ ] SP2DP interface for Intel(R) 64
9.     [ ] Cluster support

Install Space Required:     2.0GB

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 2

Step 5 of 7 | Options > Component selection
--------------------------------------------------------------------------------
You may choose not to install some components of this product. Optional
components are shown with an option number of the left. Entering that number
will select/unselect that component for installation. When you have completed
your changes, select option 1 to return to previous menu.
--------------------------------------------------------------------------------
1. Finish component selection [default]

2. [ ] Intel(R) Math Kernel Library 11.1 Update 1
3.     [ ] Intel MKL core libraries
4.     [ ] Intel(R) Xeon Phi(TM) coprocessor support
5.     [ ] Fortran 95 interfaces for BLAS and LAPACK
6.     [ ] GNU* Compiler Collection support
7.     [ ] PGI* compiler support
8.     [ ] SP2DP interface for Intel(R) 64
9.     [ ] Cluster support

Install Space Required:       0MB
For successful functioning of the selected components, selection of additional
components will be changed.

Intel(R) Xeon Phi(TM) coprocessor support
Fortran 95 interfaces for BLAS and LAPACK
GNU* Compiler Collection support


h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 2

Step 5 of 7 | Options > Component selection
--------------------------------------------------------------------------------
You may choose not to install some components of this product. Optional
components are shown with an option number of the left. Entering that number
will select/unselect that component for installation. When you have completed
your changes, select option 1 to return to previous menu.
--------------------------------------------------------------------------------
1. Finish component selection [default]

2. [x] Intel(R) Math Kernel Library 11.1 Update 1
3.     [x] Intel MKL core libraries
4.     [x] Intel(R) Xeon Phi(TM) coprocessor support
5.     [x] Fortran 95 interfaces for BLAS and LAPACK
6.     [x] GNU* Compiler Collection support
7.     [x] PGI* compiler support
8.     [x] SP2DP interface for Intel(R) 64
9.     [x] Cluster support

Install Space Required:     2.1GB

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Step 5 of 7 | Options > Component selection
--------------------------------------------------------------------------------
Select the component you wish to install. When you have completed your changes,
select option 1 to continue with the installation.
--------------------------------------------------------------------------------
1. Finish component selection [default]

2. Intel(R) VTune(TM) Amplifier XE 2013 Update 13 [All]
3. Intel(R) Inspector XE 2013 Update 8 [All]
4. Intel(R) Advisor XE 2013 Update 5 [All]
5. Intel(R) Fortran Compiler XE 14.0 Update 1 [All]
6. Intel(R) C++ Compiler XE 14.0 Update 1 [All]
7. Intel(R) Debugger 13.0 [All]
8. Intel(R) Math Kernel Library 11.1 Update 1 [All]
9. Intel(R) Integrated Performance Primitives 8.0 Update 1 [Custom]
10. Intel(R) Threading Building Blocks 4.2 Update 1 [All]
11. GNU* GDB 7.5 [Custom]

Install Space Required:     7.2GB

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Step 5 of 7 | Options
--------------------------------------------------------------------------------
You are now ready to begin installation. You can use all default installation
settings by simply choosing the "Start installation Now" option or you can
customize these settings by selecting any of the change options given below
first. You can view a summary of the settings by selecting "Show pre-install
summary".
--------------------------------------------------------------------------------
1. Start installation Now [default]

2. Change install directory      [ /home/pras/intel/parallel_studio_xe_2013 ]
3. Change components to install  [ Custom ]
4. Show pre-install summary

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Installation of Open Source Components
--------------------------------------------------------------------------------
Open source components provided under GNU General Public License v3 or Eclipse
Public License v.1.0 will be installed.

Includes:
    GNU* GDB 7.5 (Provided under GNU General Public License v3)
    GDB Eclipse* Integration (Provided under Eclipse Public License v.1.0)

For further details, please refer to the product Release Notes.
--------------------------------------------------------------------------------
1. Continue the installation [default]

b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Step 5 of 7 | Options > Missing Optional Prerequisite(s)
--------------------------------------------------------------------------------
There are one or more optional unresolved issues. It is highly recommended to
resolve them all before you continue the installation. You can fix them without
exiting from the installation and re-check. Or you can quit from the
installation, fix them and run the installation again.
--------------------------------------------------------------------------------
Missing optional prerequisites
-- No compatible Java* Runtime Environment (JRE) found
-- 32-bit libraries not found
--------------------------------------------------------------------------------
1. Skip missing optional prerequisites [default]
2. Show the detailed info about issue(s)
3. Re-check the prerequisites

h. Help
b. Back to the previous menu
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [1]: 1

Step 6 of 7 | Installation
--------------------------------------------------------------------------------
Each component will be installed individually. If you cancel the installation,
some components might remain on your system. This installation may take several
minutes, depending on your system and the options you selected.
--------------------------------------------------------------------------------
Installing Command line interface component... done
--------------------------------------------------------------------------------
Installing Sampling Driver kit component... done
--------------------------------------------------------------------------------
Installing Power Driver kit component... done
--------------------------------------------------------------------------------
Installing Graphical user interface component... done
--------------------------------------------------------------------------------
Installing Command line interface component... done
--------------------------------------------------------------------------------
Installing Graphical user interface component... done
--------------------------------------------------------------------------------
Installing Command line interface component... done
--------------------------------------------------------------------------------
Installing Graphical user interface component... done
--------------------------------------------------------------------------------
Installing Intel Fortran Compiler XE for IA-32 component... done
--------------------------------------------------------------------------------
Installing Intel Fortran Compiler XE for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel C++ Compiler XE for IA-32 component... done
--------------------------------------------------------------------------------
Installing Intel C++ Compiler XE for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel Debugger for IA-32 component... done
--------------------------------------------------------------------------------
Installing Intel Debugger for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel MKL core libraries for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel(R) Xeon Phi(TM) coprocessor support component... done
--------------------------------------------------------------------------------
Installing Fortran 95 interfaces for BLAS and LAPACK for Intel(R) 64
component... done
--------------------------------------------------------------------------------
Installing GNU* Compiler Collection support for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel MKL core libraries for IA-32 component... done
--------------------------------------------------------------------------------
Installing Fortran 95 interfaces for BLAS and LAPACK for IA-32 component... done
--------------------------------------------------------------------------------
Installing GNU* Compiler Collection support for IA-32 component... done
--------------------------------------------------------------------------------
Installing Intel IPP single-threaded libraries for IA-32 component... done
--------------------------------------------------------------------------------
Installing Intel IPP single-threaded libraries for Intel(R) 64 component... done
--------------------------------------------------------------------------------
Installing Intel TBB component... done
--------------------------------------------------------------------------------
Installing GNU* GDB 7.5 on Intel(R) 64 (Provided under GNU General Public
License v3) component... done
--------------------------------------------------------------------------------
Installing GDB Eclipse* Integration on Intel(R) 64 (Provided under Eclipse
Public License v.1.0) component... done
--------------------------------------------------------------------------------
Finalizing product configuration...
--------------------------------------------------------------------------------
Preparing driver configuration scripts... done
--------------------------------------------------------------------------------
Press "Enter" key to continue
[Enter]

Step 7 of 7 | Complete
--------------------------------------------------------------------------------
Thank you for installing and for using the Intel(R) Parallel Studio XE 2013 SP1
Update 1 for Linux*.

Support services start from the time you install or activate your product. If
you have not already done so, please create your support account now to take
full advantage of your product purchase.

Your support account gives you access to free product updates and upgrades as
well as interactive technical support at Intel(R) Premier Support.

To create your support account, please visit the Intel(R) Software Development
Products Registration Center web site
https://registrationcenter.intel.com/RegCenter/registerexpress.aspx?media=GPZ
--------------------------------------------------------------------------------
q. Quit
--------------------------------------------------------------------------------
Please type a selection or press "Enter" to accept default choice [q]: q

$ vi ~/.bashrc

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

# User specific aliases and functions
export PATH=/home/<user>/intel/bin:$PATH
export LD_LIBRARY_PATH=/home/<user>/intel/lib/intel64:/home/<user>/intel/mkl/lib/intel64:$LD_LIBRARY_PATH

export PATH=/home/<user>/intel/bin:$PATH
export LD_LIBRARY_PATH=/home/<user>/intel/lib/intel64:/home/<user>/intel/mkl/lib/intel64:$LD_LIBRARY_PATH

Installing OpenMPI

tar zxvf sources/openmpi-1.6.5.tar.tar.gz
cd openmpi-1.6.5/
./configure --prefix=/home/<user>/openmpi-install CC=icc FC=ifort F77=ifort CXX=icpc 2>&1 | tee c.txt
make all install 2>&1 | tee m.txt

$ vi ~/.bashrc

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

# User specific aliases and functions
export PATH=/home/<user>/openmpi-install/bin:/home/<user>/intel/bin:$PATH
export LD_LIBRARY_PATH=/home/<user>/openmpi-install/lib:/home/<user>/intel/lib/intel64:/home/<user>/intel/mkl/lib/intel64:$LD_LIBRARY_PATH

export PATH=/home/<user>/openmpi-install/bin:$PATH
export LD_LIBRARY_PATH=/home/<user>/openmpi-install/lib:$LD_LIBRARY_PATH

Compiling Intel MKL FFTW Interface

cd ~/intel/mkl/interfaces/fftw3x_cdft/
make libintel64 compiler=intel mpi=openmpi INSTALL_DIR=/home/<user>/fftw3x_cdft-install 2>&1 | tee m.txt

Installing Quantum Espresso 5.0.3

cd ~/sources/
tar zxvf espresso-5.0.2.tar.gz
mv -v espresso-5.0.2 ~/espresso-5.0.2-mkl
cd ~
cp -v ~/espresso-5.0.2/archive/* ~/espresso-5.0.2-mkl/archive/
cp -v ~/espresso-5.0.2/pseudo/* ~/espresso-5.0.2-mkl/pseudo/
cp -v ~/sources/espresso-5.0.2-5.0.3.diff ~/espresso-5.0.2-mkl/
cd ~/espresso-5.0.2-mkl/
tar zxvf ~/sources/PHonon-5.0.2.tar.gz
patch -p1 < espresso-5.0.2-5.0.3.diff
./configure --enable-parallel --with-scalapack CXX=icpc SCALAPACK_LIBS="-lmkl_scalapack_lp64 -lmkl_blacs_openmpi_lp64" BLAS_LIBS="-L/home/<user>/intel/mkl/lib/intel64 -lmkl_intel_lp64 -lmkl_sequential -lmkl_core" LAPACK_LIBS="-L/home/<user>/intel/mkl/lib/intel64 -lmkl_lapack95_lp64" MPI_LIBS="-L/home/<user>/intel/mkl/lib/intel64 -lmkl_blacs_openmpi_lp64" FFT_LIBS="-L/home/<user>/fftw3x_cdft-install -lfftw3x_cdft_lp64" FCFLAGS="-O2 -xavx" CFLAGS="-O2 -xavx" FFLAGS="-O2 -xavx" 2>&1 | tee c.txt
make all 2>&1 | tee m.txt
cd PW/tests
./check.pw.j

If you do not have previous Quantum Espresso installation, don't worry, the installer and test program will automatically download required files for you. When you compare between Quantum Espresso installation with internal libraries and Quantum Espresso with Intel MKL libraries, you can expect 25% speed up. Good luck!

February 12, 2014
in sysadmin
2 min read

Installing Cacti on Scientific Linux 6.4

Cacti is a network graphic monitoring tools which used the potential of RRDTool. RRDTool is a data logging and graphing system for time series data. Cacti can show us a real time performance of network or servers which make this software become one of the most popular open source monitoring software. Cacti Logo

Getting Started

Always update your box before we install new software.

# yum update

Install dependencies for cacti.

# yum install mysql-server mysql php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-snmp php-pear-Net-SMTP php-mysql httpd

Then create database for cacti.

# mysql -uroot -p
mysql> create database cacti;
mysql> grant all privileges on cacti.* to cacti@localhost identified by 'password';
mysql> flush privileges;
mysql> quit

Install SNMPD

Install net-snmpd.

# yum install net-snmp-utils php-snmp net-snmp-libs

Edit net-snmpd config file snmpd.conf.

# vi /etc/snmp/snmpd.conf

com2sec local     localhost           public
group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
view all    included  .1                               80
access MyRWGroup ""      any       noauth    exact  all    all    none
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root  (configure /etc/snmp/snmp.local.conf)
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

Start snmpd.

# /etc/init.d/snmpd start
# chkconfig snmpd on

Install Cacti

Install cacti from EPEL Repository.

# yum --enablrepo=epel install cacti

Import cacti database.

# mysql -ucacti -p cacti < /usr/share/doc/cacti-*version*/cacti.sql

Then edit cacti configuration file db.php

# vi /etc/cacti/db.php

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "password";
$database_port = "3306";

Configure cacti httpd configuration to allow cacti in your network.

# vi /etc/httpd/conf.d/cacti.conf

 Allow from 192.168.45.0/24

Restart httpd.

# service httpd restart

Uncomment cacti cronjob in cron directory.

# vi /etc/cron.d/cacti

*/5 * * * *     cacti   /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

Then, run cacti installer by opening your cacti URL in web browser.

http://yourdomain/cacti

Follow the instruction and wait several moment while cacti gather the data from log files. Log in to cacti and check your graph.

Reference

http://www.cyberciti.biz/faq/fedora-rhel-install-cacti-monitoring-rrd-software/

February 12, 2014
in sysadmin
2 min read

Installing Icinga on Scientific Linux 6.4

Icinga is a well-known server or network monitoring that runs in many Unix/Linux distribution. Server/Network monitoring is an essential part of Network Operations Center because by monitoring network engineers can always get the feedback and status from network and production servers. This is a simple documentation of Icinga installation in Scientific Linux 6.4 server.

Getting started

Before we install icinga, it best to keep our system updated.

# yum update

Search icinga package using yum search in RPMForge repository.

# yum --enablerepo=rpmforge search icinga
Loaded plugins: priorities, refresh-packagekit, security
=============================== N/S Matched: icinga ==============================
icinga-api.x86_64 : PHP api for icinga
icinga-devel.x86_64 : Provides include files that Icinga-related applications may compile against
icinga-doc.x86_64 : documentation icinga
icinga-gui.x86_64 : Web content for icinga
icinga-idoutils.x86_64 : database broker module for icinga
icinga-idoutils-libdbi-mysql.x86_64 : database broker module for icinga
icinga-idoutils-libdbi-pgsql.x86_64 : database broker module for icinga
icinga-web-module-pnp.noarch : PNP Integration module for Icinga Web
icinga.x86_64 : Open Source host, service and network monitoring program
icinga-web.noarch : Open Source host, service and network monitoring Web UI
nagios-plugins.x86_64 : Host/service/network monitoring program plugins for Nagios/Icinga
nagios-plugins-setuid.x86_64 : Host/service/network monitoring program plugins for Nagios/Icinga requiring setuid
Name and summary matches only, use "search all" for everything.

Install icinga and the dependencies.

# yum --enablerepo=rpmforge install icinga icinga-gui icinga-doc icinga-idoutils-libdbi-mysql
# yum install mysql-server mysql-client libdbi libdbi-devel libdbi-drivers libdbi-dbd-mysql

Create database for icinga.

# mysql -uroot -p
mysql> CREATE DATABASE icinga;
mysql> GRANT USAGE ON icinga.* TO 'icinga'@'localhost' IDENTIFIED BY 'icinga' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga.* TO 'icinga'@'localhost';
mysql> FLUSH PRIVILEGES;
mysql> quit

After we create database for icinga, import the database template to icinga database.

# mysql -uicinga -p icinga < /usr/share/doc/icinga-idoutils-libdbi-mysql-1.8.4/db/mysql/mysql.sql

Don't forget to disable Selinux if you do not use it. Insert database credential into file ido2db.cfg.

# vi /etc/icinga/ido2db.cfg

db_name=icinga
db_user=icinga
db_pass=icinga

Now we can start icinga and don't forget to start ido2db too.

# /etc/rc.d/init.d/ido2db start
# /etc/rc.d/init.d/icinga start
# /etc/rc.d/init.d/httpd restart
# chkconfig ido2db on
# chkconfig icinga on

Add icinga user or update password of existing one using command below.

# htpasswd /etc/icinga/passwd youradmin

Testing Icinga

We can now access icinga via this URL on browser.

http://yourdomain/icinga

Review the status and fix errors if any. Now you have your own icinga up and running. Congrats!

February 9, 2014
in sysadmin
4 min read

Installing BIND DNS Server on CentOS 6.5

When we rent a VPS, we will get a public IP address so we can access our VPS from anywhere in this world. But, sometimes we want a better way to access our VPS using Domain Name. We will have to rent a domain name from a Domain Name Registrar and then set up our Name server so that our domain name refer to our IP address. There is usually an easier way by using our registrar control panel to set up NS records. But, if you still want to set up your own Name server, I hope this documentation will be useful for you.

BIND Name Server

BIND or Berkeley Internet Domain Name is open source software that implements the Domain Name System protocols. This is a documentation of installing BIND on CentOS 6.5 operating system.

Getting Started

Before we install BIND, or another software, always upgrade our system first.

# yum update

Install BIND using yum.

# yum install bind bind-utils

Use this if you don't use IPv6.

# echo 'OPTIONS = "4"' >> /etc/sysconfig/named

Edit file named.conf.

# vi /etc/named.conf

options {
   listen-on-v6 port 53 { none; };
   directory       "/var/named";
   dump-file       "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
   memstatistics-file "/var/named/data/named_mem_stats.txt";
   allow-query     { any; };
   allow-transfer  { localhost; };
   recursion no;

   dnssec-enable yes;
   dnssec-validation yes;
   dnssec-lookaside auto;

   /* Path to ISC DLV key */
   bindkeys-file "/etc/named.iscdlv.key";

   managed-keys-directory "/var/named/dynamic";
};

logging {
   channel default_debug {
           file "data/named.run";
           severity dynamic;
   };
};

zone "." IN {
   type hint;
   file "named.ca";
};

zone "server.net" {
   type master;
   file "/etc/server.net.hosts";
   allow-update { none; };
};

zone "45.168.192.in-addr.arpa" IN {
   type master;
   file "/etc/45.168.192.db";
   allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

Configure zone server.net.hosts.

# vi /etc/server.net.hosts

$TTL 86400
@       IN      SOA     ns1.server.net. server.server.net. (
                2014011807      ;serial, todays date + todays serial
                28800           ;refresh, seconds
                7200            ;retry, seconds
                604800          ;expire, seconds
                86400           ;minimum, seconds;
)
server.net.   NS      ns1.server.net.
server.net.   NS      ns2.server.net.
ns1             A       192.168.45.32
ns2             A       192.168.45.32
server          A       192.168.45.32
mail            A       192.168.45.32
server.net.     A       192.168.45.32
                MX 10   mail.server.net.
www             A       192.168.45.32

Configure reverse 45.168.192.db.

# vi /etc/45.168.192.db

$TTL 86400
@       IN      SOA     ns1.server.net. server.server.net. (
             2014011807      ;serial, todays date + todays serial #
             28800           ;refresh, seconds
             7200            ;retry, seconds
             604800          ;expire, seconds
             86400           ;minimum, seconds;
)
45.168.192.in-addr.arpa.        IN      NS      ns1.server.net.
45.168.192.in-addr.arpa.        IN      NS      ns2.server.net.
32                              IN      PTR     deuterion.net.

Start BIND.

# service named start
# chkconfig named on

For PTR record, if you are having difficulties to set the PTR record in your NS server (the IP still does not point to your domain name), ask your registrar to configure it for you.

Testing NS Server

Change your DNS resolver to your NS server.

# vi /etc/resolv.conf

nameserver 192.168.45.32

Try to resolve domain names and IP address.

# dig server.net

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @192.168.45.32 server.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35404
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;server.net.                 IN      A

;; ANSWER SECTION:
server.net.          86400   IN      A       192.168.45.32

;; AUTHORITY SECTION:
server.net.          86400   IN      NS      ns2.server.net.
server.net.          86400   IN      NS      ns1.server.net.

;; ADDITIONAL SECTION:
ns1.server.net.      86400   IN      A       192.168.45.32
ns2.server.net.      86400   IN      A       192.168.45.32

;; Query time: 0 msec
;; SERVER: 192.168.45.32#53(192.168.45.32)
;; WHEN: Sun Feb  9 21:10:38 2014
;; MSG SIZE  rcvd: 115

# dig -x 192.168.45.32

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @192.168.45.32 -x 192.168.45.32
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50675
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;32.45.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
32.45.168.192.in-addr.arpa. 86400 IN   PTR     server.net.

;; AUTHORITY SECTION:
45.168.192.in-addr.arpa. 86400  IN      NS      ns1.server.net.
45.168.192.in-addr.arpa. 86400  IN      NS      ns2.server.net.

;; ADDITIONAL SECTION:
ns1.server.net.      86400   IN      A       192.168.45.32
ns2.server.net.      86400   IN      A       192.168.45.32

;; Query time: 0 msec
;; SERVER: 192.168.45.32#53(192.168.45.32)
;; WHEN: Sun Feb  9 21:13:23 2014
;; MSG SIZE  rcvd: 140

That's all, we have a working NS server.