$ sudo apt-get install vlan
edit /etc/network/interfaces:
auto vlan150
iface vlan150 inet static
address 172.0.0.150
netmask 255.255.255.0
vlan_raw_device eth0
As root, bring the interface up:
# ifup vlan150
You can also use vconfig and ifconfig:
# vconfig add eth0 150
Added VLAN with VID == 150 to IF -:eth0:-
# ifconfig eth0.150
Now you could try tcpdumping on it for example:
# tcpdump -i eth0 vlan 150
Thursday, October 29, 2009
Remove passphrase from an openssl certificate
This bugs me so much, and yet I can't seem to remember it.
openssl rsa -in file1.key -out file2.key
openssl rsa -in file1.key -out file2.key
Configuring CARP on Debian GNU/Linux
Two machines will share on virtual IP for failover/redundancy purposes.
The shared IP will be 192.168.162.30.
Machine 1: 192.168.162.150 master
Machine 2: 192.168.162.151 backup
Required packages: ucarp iputils-arping
##### machine1
## See manual of ucarp for more information. -v = virtual id,
## -P preempt master, -k = skew (priority if you like), etc..
# /etc/network/interfaces
iface eth0 inet static
address 192.168.162.150
netmask 255.255.255.0
network 192.168.162.0
broadcast 192.168.162.255
gateway 192.168.162.254
dns-nameservers 192.168.162.25 192.168.162.26
up ucarp -i eth0 -s 192.168.162.150 -v 150 -p secretPassword -a 192.168.162.30 \
--upscript=/etc/ucarp/vip-150.up.sh --downscript=/etc/ucarp/vip-150.down.sh \
-P -z -k 10 --daemonize
down pkill ucarp
# vip-150.up.sh
#!/bin/sh
exec 2> /dev/null
/sbin/ip addr add 192.168.162.30/24 dev "$1"
start-stop-daemon --start --pidfile /var/run/ucarp-arping.192.168.162.30 --make-pidfile --background --exec /usr/sbin/arping -- -q -U 192.168.162.30
# vip-150.down.sh
#!/bin/sh
exec 2> /dev/null
/sbin/ip addr del 192.168.162.30/24 dev "$1"
start-stop-daemon --stop --pidfile /var/run/ucarp-arping.192.168.162.30 --exec /usr/sbin/arping
rm /var/run/ucarp-arping.192.168.162.30
Now you do the same on the backup host, and of course change .150 to .151 in the example above :)
If you ping the shared IP, and bring down the masters eth0, you'll see that the backup will take over the shared IP within a second or so. you can easily verify with arp!
The shared IP will be 192.168.162.30.
Machine 1: 192.168.162.150 master
Machine 2: 192.168.162.151 backup
Required packages: ucarp iputils-arping
##### machine1
## See manual of ucarp for more information. -v = virtual id,
## -P preempt master, -k = skew (priority if you like), etc..
# /etc/network/interfaces
iface eth0 inet static
address 192.168.162.150
netmask 255.255.255.0
network 192.168.162.0
broadcast 192.168.162.255
gateway 192.168.162.254
dns-nameservers 192.168.162.25 192.168.162.26
up ucarp -i eth0 -s 192.168.162.150 -v 150 -p secretPassword -a 192.168.162.30 \
--upscript=/etc/ucarp/vip-150.up.sh --downscript=/etc/ucarp/vip-150.down.sh \
-P -z -k 10 --daemonize
down pkill ucarp
# vip-150.up.sh
#!/bin/sh
exec 2> /dev/null
/sbin/ip addr add 192.168.162.30/24 dev "$1"
start-stop-daemon --start --pidfile /var/run/ucarp-arping.192.168.162.30 --make-pidfile --background --exec /usr/sbin/arping -- -q -U 192.168.162.30
# vip-150.down.sh
#!/bin/sh
exec 2> /dev/null
/sbin/ip addr del 192.168.162.30/24 dev "$1"
start-stop-daemon --stop --pidfile /var/run/ucarp-arping.192.168.162.30 --exec /usr/sbin/arping
rm /var/run/ucarp-arping.192.168.162.30
Now you do the same on the backup host, and of course change .150 to .151 in the example above :)
If you ping the shared IP, and bring down the masters eth0, you'll see that the backup will take over the shared IP within a second or so. you can easily verify with arp!
Thursday, October 22, 2009
APACHE2 + mod_jk
# workers.properties, using one tomcat.
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/java/j2sdk
ps=/
worker.list=tomcat1
worker.tomcat1.port=8009
worker.tomcat1.host=localhost
worker.tomcat1.type=ajp13
worker.tomcat1.lbfactor=100
# Apache conf
JkWorkersFile /etc/apache2/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel errors
JkMount /*.jsp tomcat1
JkMount /*.pack tomcat1
JkMount /*.do tomcat1
JkAutoAlias /usr/local/tomcat/conf/Catalina/localhost
you might need JkMounts in the VirtualHost directive too.
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/java/j2sdk
ps=/
worker.list=tomcat1
worker.tomcat1.port=8009
worker.tomcat1.host=localhost
worker.tomcat1.type=ajp13
worker.tomcat1.lbfactor=100
# Apache conf
JkWorkersFile /etc/apache2/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel errors
JkMount /*.jsp tomcat1
JkMount /*.pack tomcat1
JkMount /*.do tomcat1
JkAutoAlias /usr/local/tomcat/conf/Catalina/localhost
you might need JkMounts in the VirtualHost directive too.
Subscribe to:
Posts (Atom)