Archive for Uncategorized

install mysql on centos7 with RPM

brian asked:

When I try to install mysql via the rpm:

wget http://dev.mysql.com/get/Downloads/MySQL-5.6/MySQL-  5.6.19-1.linux_glibc2.5.x86_64.rpm-bundle.tar
tar xf MySQL-5.6.19-1.linux_glibc2.5.x86_64.rpm-bundle.tar
rpm -ivh MySQL-shared-compat-5.6.19-1.linux_glibc2.5.x86_64.rpm
rpm -ivh MySQL-shared-5.6.19-1.linux_glibc2.5.x86_64.rpm
rpm -ivh MySQL-server-5.6.19-1.linux_glibc2.5.x86_64.rpm

I get the errors:

file /usr/share/mysql/charsets/README from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/czech/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64

file /usr/share/mysql/danish/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/dutch/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/english/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/estonian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/french/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/german/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/greek/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/hungarian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/italian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/japanese/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/korean/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/norwegian-ny/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/norwegian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/polish/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/portuguese/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/romanian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/russian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/serbian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/slovak/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/spanish/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/swedish/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/ukrainian/errmsg.sys from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/Index.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/armscii8.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/ascii.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp1250.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp1251.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp1256.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp1257.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp850.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp852.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/cp866.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/dec8.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/geostd8.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/greek.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/hebrew.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/hp8.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/keybcs2.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/koi8r.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/koi8u.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/latin1.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/latin2.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/latin5.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/latin7.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/macce.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/macroman.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64
file /usr/share/mysql/charsets/swe7.xml from install of MySQL-server-5.6.19-1.linux_glibc2.5.x86_64 conflicts with file from package mariadb-libs-1:5.5.37-1.el7_0.x86_64

I had a similar issue with CentOS 6 except it was mysql instead of mariadb

All the suggestions I found on the internet:

  1. install shared-compat first – didn’t work
  2. yum remove mysql-libs. This removes libs I don’t want to. i.e. kills cron.
  3. using a -force option for the rpm install. This seems to have the same effect as #2

I played with the yum version:

wget http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm
yum localinstall mysql-community-release-el6-5.noarch.rpm
yum install mysql-community-server 

And it wants to replace mariadb-libs.x86_64 1:5.5.37-1.el7_0. I don’t want to use the yum method since I want to keep yum update to just be the OS. All the other software is compiled from source.

Is there a way to get the rpm to work without overwritting the existing software? If not, will compile from source work?


I answered:

Wow, they still haven’t fixed their packages. It’s been years.

I don’t recommend using the MySQL-built RPMs, primarily for this reason that you’re experiencing, but if you insist, then you need to switch out the conflicting packages at the same time. You can use yum shell to do this.

yum shell
> remove mariadb-libs
> localinstall MySQL-shared-compat-5.6.19-1.linux_glibc2.5.x86_64.rpm
> run

After the package is switched out, you can install the rest of them normally.


Or you can just do the yum install method that you say you don’t want to do, which would be simpler.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Mail Server Running but not receiving emails

Archie Makuwa asked:

I am running Ubuntu and I am trying to setup my mail server using ISPConfig 3. Here is the error I am getting:

Mail Queue (Server : droplet.domain.co.za)
Data from: 2014-07-16 12:40
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
0D0FA25451 627 Wed Jul 16 03:21:02 root@droplet.domain.co.za
(connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
archie@domain.co.za

AC0AF23289 628 Wed Jul 16 12:19:01 root@droplet.domain.co.za
(mail transport unavailable)
moshidi@domain.co.za

AE3462545B 679 Wed Jul 16 06:55:19 root@droplet.domain.co.za
(mail transport unavailable)
root@droplet.domain.co.za

50C5425443 679 Wed Jul 16 01:24:04 amavis@droplet.domain.co.za
(connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
amavis@droplet.domain.co.za

-- 3 Kbytes in 4 Requests.

NB: domain (my domain is not domain) 

Whenever I sent emails to the created mailboxes, they do not come through. An error from my gmail account is as followS:

Technical details of temporary failure:

The recipient server did not accept our requests to connect. 
Learn more at http://support.google.com/mail/bin/answer.py?answer=7720
[(0) domain.co.za. [192.xxx.xxx.xx]:25: Connection dropped]

I answered:

Whatever service you configured to run on port 10024 is not running. Inspect your /etc/postfix/master.cf to find out what service it is, if you don’t already know, and then start the service.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Nginx unmet dependencies over Vagrant / Puppet

Roman Newaza asked:

I have no such issue on 64bit Ubuntu Precise, but once I tried to start 32bit machine, it failed on this command:

# /usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold --force-yes install nginx=1.6.0-1+precise0
Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 nginx : Depends: nginx-full (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-light (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-extras (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-naxsi (>= 1.6.0-1+precise0) but it is not going to be installed
         Depends: nginx-full (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-light (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-extras (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-naxsi (< 1.6.0-1+precise0.1~) but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

I can see 1.6.0-1+precise0 present on the instance:

# apt-cache show nginx
Package: nginx
Version: 1.6.0-1+precise0
Architecture: all
Maintainer: Kartik Mistry <kartik@debian.org>
Installed-Size: 45
Depends: nginx-full (>= 1.6.0-1+precise0) | nginx-light (>= 1.6.0-1+precise0) | nginx-extras (>= 1.6.0-1+precise0) | nginx-naxsi (>= 1.6.0-1+precise0), nginx-full (<< 1.6.0-1+precise0.1~) | nginx-light (<< 1.6.0-1+precise0.1~) | nginx-extras (<< 1.6.0-1+precise0.1~) | nginx-naxsi (<< 1.6.0-1+precise0.1~)
Filename: ./nginx/nginx_1.6.0-1+precise0_all.deb
Size: 22514
MD5sum: 510911ed565fba855485f4d25bfd5af6
SHA1: ca3f54a5bb48dd9d806c9c2d92e87ae8b9b96358
SHA256: 1c604932660e160bdc52c0d4fc565263c8ca6ef6ddf130ff29ad08a314c75a88
Section: httpd
Priority: optional
Homepage: http://nginx.net
Description: small, powerful, scalable web/proxy server
 Nginx ("engine X") is a high-performance web and reverse proxy server
 created by Igor Sysoev. It can be used both as a standalone web server
 and as a proxy to reduce the load on back-end HTTP or mail servers.
 .
 This is a dependency package to install either nginx-full (by default) or
 nginx-light.

Puppet module:

class nginx::install {

  # Required by nginx image_filter module
  package { ['libgd2-xpm','libgd2-xpm-dev']:
    ensure => 'latest',
  }

  package { 'init-system-helpers':
    ensure => '1.7~precise1~ppa1',
  }

  package { 'nginx':
    ensure => '1.6.0-1+precise0',
    require => Package['libgd2-xpm','libgd2-xpm-dev','init-system-helpers'],
  }

  package { 'nginx-common':
    ensure => '1.6.0-1+precise0',
    require => Package['libgd2-xpm','libgd2-xpm-dev','init-system-helpers','nginx'],
  }

  package { 'nginx-full':
    ensure => '1.6.0-1+precise0',
    require => Package['libgd2-xpm','libgd2-xpm-dev','init-system-helpers','nginx-common'],
  }

}

Installing it manually, leads to the same error:

apt-get install nginx
...
The following packages have unmet dependencies:
 nginx : Depends: nginx-full (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-light (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-extras (>= 1.6.0-1+precise0) but it is not going to be installed or
                  nginx-naxsi (>= 1.6.0-1+precise0) but it is not going to be installed
         Depends: nginx-full (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-light (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-extras (< 1.6.0-1+precise0.1~) but it is not going to be installed or
                  nginx-naxsi (< 1.6.0-1+precise0.1~) but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

How to fix it?


I answered:

You have your dependencies backward.

The nginx package requires one of those four named packages to be installed, so you should ensure that one of them (e.g. nginx-full) is installed first. Since it could be any of the four, no choice is made for you automatically.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Can I use Bash interpreter in service/daemon scripts?

Edouard Lopez asked:

I’m writing a Debian/Ubuntu service that should start on at runlevel 2-5.

Most of the existing services I came accross are written using /bin/sh (Shell) interpreter while /bin/bash (Bash) offer lot of improvement and simplification.

So is there good reasons to avoid the use of bash, when targets are limited to debian 6+ and ubuntu 12.04 ?


I answered:

Bash might not be installed.

Unlike other distributions, Debian and Ubuntu use dash, a stripped down Bourne shell, as the default /bin/sh shell.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

How to prevent nginx caching blank pages?

DisgruntledGoat asked:

I have nginx 1.4.3 running on a Ubuntu 12.04 machine. I have nginx set up to cache pages (they are database-driven but stay fairly static). I’m using MySQL and PHP-FPM.

However, I found that I would intermittently get blank pages cached. There were no errors of any kind, and as soon as I delete the appropriate file from /var/cache/nginx the page would come back.

After some investigation, I have found the issue is that if a HEAD request is received, nginx caches a blank response as the full response for that URL. So HEAD /example stores a blank file in the cache file for the /example page, and a subsequent GET /example returns a blank page. (I seem to get HEAD requests regularly from various search engines and bots.)

Here is the relevant site config:

location ~ .php$ {
  try_files $uri =404;

  fastcgi_cache one;
  fastcgi_cache_key $scheme$host$request_uri;
  fastcgi_cache_valid  200 5m;
  fastcgi_cache_valid  301 302 304 12h;

  include /etc/nginx/fastcgi_params;
  fastcgi_pass 127.0.0.1:9000;
  fastcgi_index index.php;
  fastcgi_param SCRIPT_FILENAME /srv/www/mysite/public$fastcgi_script_name;
  fastcgi_param HTTPS off;
}

Is this a known bug in nginx? I haven’t been able to find any information on this though various searches.

Is there a workaround? There is no way to prevent caching HEAD requests according to this.

I thought maybe there is some ‘request method’ variable that could be added to fastcgi_cache_key, so that HEAD and GET requests are cached separately. But I cannot find anything.


I answered:

Yes, the variable is $request_method and that’s what you will want to add to fastcgi_cache_key. This will cause GET and HEAD requests to be cached separately.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

OpenVZ Local Network

ImThatPedoBear asked:

I recently aquired 7 OpenVZ Virtual Private Servers for a load balanced website.

  • 2 Load Balancers
  • 3 Web Servers + MySQL API Server + MySQL Storage Server
  • 2 Storage Servers (For PHP Sessions and Uploaded content)

Though, my problem is I only have public IPv4s to connect them with and no LAN Network.
So I was wondering if it’s possible to connect them locally.
I’ve found the following posts:
http://openvz.org/Virtual_Ethernet_device
http://www.linuxweblog.com/blogs/sandip/20080814/bridge-networking-on-openvz-containers-using-veth-devices

I’m running on a 64 Bit CentOS 6.5

Thanks in advance!


I answered:

Yes, if your provider also provides a separate network for this purpose. Otherwise just use the public IP addresses. Though in this case, if you use SSL you will have to pass it all the way through to your backend servers rather than terminating it at the load balancers, to ensure that other customers’ virtual machines cannot sniff your traffic. You’ll also have to encrypt your MySQL connections and the connections to your storage servers…You may as well just set up a VPN between all your boxes.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Cannot set MX of other server on my domain

Farhan asked:

in bind, i am trying to set MX servers for my domain, but i get the domainname.com appended to the MX server. i do now know how to avoid it.

here is my entry in MX zone file

example.com.    120 IN  MX  10 mx00.1and1.co.uk
example.com.    120 IN  MX  20 mx01.1and1.co.uk

But when do a DIG MX of example.com, i get this:

example.com.          120     IN      MX      10 mx00.1and1.co.uk.example.com.
example.com.          120     IN      MX      20 mx01.1and1.co.uk.example.com.

How to avoid it?


I answered:

You forgot to put the dot . at the end of your FQDN.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

iptables prerouting with match-set

lhovo asked:

I’m trying to create a iptables entry to redirect a list of ip’s to another port.

Using ipset I can setup and add lists of ip’s and reject them with this command

iptables -t nat -A INPUT -p tcp -m tcp -m set -j REJECT --reject-with icmp-port-unreachable  --match-set myipsetlist src

I have also found this command to route ports to work

-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

My question is there anyway to combine the two?

Preroute 80 to 8080 if ip in ipset?

If not with iptables, is there another way I could do this?


I answered:

Of course you can do that. Try adding the obvious:

-m set --match-set myipsetlist src

to your rule, which will then become:

-A PREROUTING -p tcp -m tcp --dport 80 -m set --match-set myipsetlist src -j REDIRECT --to-ports 8080

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Use iptables to forward ipv6 to ipv4?

Eli asked:

Currently I have a setup where, due to configuration that would take forever to fix, I have a server that can only be accessed by ipv4. I also, however, have a server that can be accessed by ipv6.
I was wondering if I could use iptables to forward ipv6 traffic on a certain port from one of the servers to another server using ipv4 traffic.


I answered:

Recent versions of xinetd can also listen on IPv6 and then forward the connection to an IPv4 address.

A sample configuration which listens for IPv6 connections on port 3389 and forwards them to port 3389 of an internal IPv4 address:

service rdp_port_forward
{
    flags           = IPv6
    disable         = no
    type            = UNLISTED
    socket_type     = stream
    protocol        = tcp
    user            = nobody
    wait            = no
    redirect        = 10.187.20.42 3389
    port            = 3389
}

This may be useful in more restricted environments since xinetd is likely to be installed with your base system or available in approved vendor repositories.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Swap memory exhausting server even site has small visitors

CONtext asked:

I have CentOs 6.5 running on a 32bit VPS host. It is running only php-fpm, nginx, and mysql.

I have a site that gets on average 20 visitors per day, but I am recently getting this message from my host provider.

This is an automated notification to inform you that your VPS named ‘name.here’ has been severely slowed down the past hour because of swapping.

Swapping is the result of a lack of memory. If the memory of a VPS is completely filled, parts of memory are written to hard disk to prevent the server from crashing. Because hard disks are many times slower than memory your server performance is severely reduced.

I am trying to make a sense of that. How can a site with small content getting 20 visits consumes that much memory?

I am not sure if this is from php, centos … or other. But I have some outputs here that someone may determine core of the problem.

[root@site.name~]# free -m
             total       used       free     shared    buffers     cached
Mem:           498        489          9          0          1         19
-/+ buffers/cache:        469         29
Swap:         1022        180        842

top - 18:33:36 up 65 days, 1 min,  1 user,  load average: 0.00, 0.02, 0.00
Tasks: 109 total,   1 running, 108 sleeping,   0 stopped,   0 zombie
Cpu(s):  1.0%us,  0.3%sy,  0.0%ni, 98.3%id,  0.3%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:    510868k total,   503092k used,     7776k free,     1904k buffers
Swap:  1047544k total,   185096k used,   862448k free,    20956k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 7435 mysql     20   0  352m 7752 2852 S  1.0  1.5  56:23.52 mysqld
17806 nginx     20   0 50088  12m 2640 S  0.7  2.5  18:13.65 php-fpm
  984 root      20   0  8940  372  272 S  0.3  0.1   0:29.68 sshd
 3148 root      20   0  2692 1128  880 R  0.3  0.2   0:00.15 top
    1 root      20   0  2900  416  292 S  0.0  0.1   0:07.29 init

What could be the problem here? Is there any fix to it ?


UPDATE

@Michael Hampton Output for top > Shift M

top - 14:34:29 up 66 days, 20:02,  2 users,  load average: 0.00, 0.00, 0.00
Tasks: 110 total,   1 running, 109 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.3%us,  0.0%sy,  0.0%ni, 99.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:    510868k total,   504528k used,     6340k free,     3084k buffers
Swap:  1047544k total,   179784k used,   867760k free,    19532k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
19041 nginx     20   0 58672  22m 2660 S  0.0  4.5  24:00.18 php-fpm
17805 nginx     20   0 58672  22m 2688 S  0.0  4.5  16:46.40 php-fpm
19040 nginx     20   0 58776  17m 2684 S  0.0  3.6  24:27.53 php-fpm
19046 nginx     20   0 53412  17m 2692 S  0.0  3.5  22:51.54 php-fpm
17796 nginx     20   0 53604  16m 2648 S  0.0  3.3  15:14.62 php-fpm
19042 nginx     20   0 52144  15m 2660 S  0.0  3.0  22:16.40 php-fpm
17186 nginx     20   0 52208  15m 2656 S  0.0  3.0  25:22.13 php-fpm
24580 nginx     20   0 50600  14m 2660 S  0.0  3.0  13:23.23 php-fpm
19014 nginx     20   0 52084  14m 2692 S  0.0  3.0  22:16.57 php-fpm
19007 nginx     20   0 58724  14m 2724 S  0.0  3.0  25:09.20 php-fpm
19032 nginx     20   0 50156  14m 2692 S  0.0  3.0  24:25.53 php-fpm
17830 nginx     20   0 50088  14m 2696 S  0.0  2.9  16:37.53 php-fpm
17816 nginx     20   0 49996  14m 2768 S  0.0  2.9  18:57.37 php-fpm
19043 nginx     20   0 50140  14m 2648 S  0.0  2.9  23:30.66 php-fpm
17806 nginx     20   0 50088  14m 2656 S  0.0  2.9  19:38.99 php-fpm
17188 nginx     20   0 50100  14m 2656 S  0.0  2.9  22:46.46 php-fpm
17817 nginx     20   0 49836  14m 2660 S  0.0  2.9  18:29.45 php-fpm
17820 nginx     20   0 48892  13m 2972 S  0.0  2.8  18:01.07 php-fpm
19030 nginx     20   0 58824  13m 2652 S  0.0  2.8  23:40.90 php-fpm
17798 nginx     20   0 48780  13m 2696 S  0.0  2.7  17:09.82 php-fpm
17187 nginx     20   0 58672  13m 2716 S  0.0  2.7  23:04.46 php-fpm
17807 nginx     20   0 52076  13m 2660 S  0.0  2.6  16:45.52 php-fpm
19029 nginx     20   0 58924  12m 2688 S  0.0  2.6  24:00.66 php-fpm
17808 nginx     20   0 58676  12m 2688 S  0.0  2.6  17:31.33 php-fpm
17799 nginx     20   0 50088  12m 2660 S  0.0  2.6  17:41.13 php-fpm
19015 nginx     20   0 58680  12m 2656 S  0.0  2.6  21:59.83 php-fpm
18295 nginx     20   0 48512  12m 2692 S  0.0  2.6  16:57.08 php-fpm
19027 nginx     20   0 48368  12m 2656 S  0.0  2.6  24:40.65 php-fpm
17819 nginx     20   0 48208  12m 2656 S  0.0  2.5  16:43.87 php-fpm
19031 nginx     20   0 49960  12m 2648 S  0.0  2.5  23:28.34 php-fpm
17832 nginx     20   0 47884  12m 2660 S  0.0  2.5  16:04.87 php-fpm
17818 nginx     20   0 47884  12m 2660 S  0.0  2.5  16:03.53 php-fpm
17831 nginx     20   0 47864  12m 2696 S  0.0  2.5  16:43.48 php-fpm
18249 nginx     20   0 47884  12m 2664 S  0.0  2.5  16:27.29 php-fpm
 7435 mysql     20   0  352m 7780 2872 S  0.3  1.5  62:00.00 mysqld
19033 nginx     20   0 42540 7368 2676 S  0.0  1.4  24:04.93 php-fpm
31015 root      20   0 12028 3708 2940 S  0.0  0.7   0:00.17 sshd
30826 postfix   20   0 13628 2260 1640 S  0.0  0.4   0:00.00 pickup
30995 root      20   0  5252 1704 1412 S  0.0  0.3   0:00.03 bash
31020 root      20   0  5256 1704 1416 S  0.0  0.3   0:00.03 bash
19028 nginx     20   0 58668 1648 1528 S  0.0  0.3   9:11.84 php-fpm

I answered:

We can see from your updated output that you have 34 PHP workers running (not counting the master process), all of which are taking up memory and completely idle. This means you have tuned php-fpm to run on a much larger capacity machine with far more than the traffic you are actually getting. Or, perhaps, have not tuned it at all.

At the moment, those processes are taking up over 3/4 of your VM’s RAM and giving you absolutely no benefit.

So, check the tuning in the php-fpm pool configuration, e.g. the default /etc/php-fpm.d/www.conf. For a small VPS like that I would probably start somewhere around:

pm = dynamic
pm.max_children = 10
pm.start_servers = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 5

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.