This article was posted in the latest IBM Systems Magazine:
http://ibmsystemsmag.com/ibmi/trends/ibmannouncements/power8_first_look/
Tuesday 20 May 2014
Sunday 18 May 2014
Linux Systemd cheatsheet
Linux development continues at breakneck pace and commands are being replaced and updated. Most administrators will be familiar with the "service" command, which is very similar to the AIX "stop|start|lssrc" command set. It has now been superceded by "systemctl". The old command will continue to be available for some time to come. Here is a useful quick-reference:
http://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet
http://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet
Friday 16 May 2014
Installing MySQL on AIX
I am always looking for ways to improve the integration of AIX systems into open-source and Linux environments and thought MySQL would be particularly useful.
1. Start by downloading the following RPMs from http://www.perzl.org/:
mysql-5.1.73-1.aix5.1.ppc.rpm
mysql-bench-5.1.73-1.aix5.1.ppc.rpm
mysql-devel-5.1.73-1.aix5.1.ppc.rpm
mysql-libs-5.1.73-1.aix5.1.ppc.rpm
mysql-server-5.1.73-1.aix5.1.ppc.rpm
mysql-test-5.1.73-1.aix5.1.ppc.rpm
perl-5.8.8-2.aix5.1.ppc.rpm
perl-DBD-MySQL-4.022-1.aix5.1.ppc.rpm
perl-DBI-1.622-1.aix5.1.ppc.rpm
perl-suidperl-5.8.8-2.aix5.1.ppc.rpm
unixODBC-devel-2.3.2-1.aix5.1.ppc.rpm
NOTE: You may need some others to satisfy the RPM prereqs
2. Install the RPMs
# rpm -Uvh perl-5.8.8-2.aix5.1.ppc.rpm
# rpm -Uvh perl-suidperl-5.8.8-2.aix5.1.ppc.rpm
# rpm -Uvh ./perl-DBD-MySQL-4.022-1.aix5.1.ppc.rpm ./perl-DBI-1.622-1.aix5.1.ppc.rpm ./mysql-libs-5.1.73-1.aix5.1.ppc.rpm ./mysql-5.1.73-1.aix5.1.ppc.rpm ./mysql-libs-5.1.73-1.aix5.1.ppc.rpm --nodeps
# rpm -Uvh ./mysql-server-5.1.73-1.aix5.1.ppc.rpm ./mysql-test-5.1.73-1.aix5.1.ppc.rpm ./mysql-bench-5.1.73-1.aix5.1.ppc.rpm
3. Start the MYSQL server:
# /opt/freeware/libexec/mysqld &
Note: you can use lsof or netstat -an to check that the listener is up
# lsof -i :3306
lsof: WARNING: compiled for AIX version 6.1.3.0; this is 6.1.0.0.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld_64 9044136 mysql 4u IPv4 0xf1000500012793b8 0t0 TCP *:mysql (LISTEN)
lsof: WARNING: /home/root/.lsof_p520-aix61 was updated.
4. Create the MySQL admin user passwords
# /opt/freeware/bin/mysqladmin -u root password 'password'
# /opt/freeware/bin/mysqladmin -u root -h p520-aix61 password 'password'
5. Test the databases have been correctly installed:
# su - mysql
$ /opt/freeware/bin/mysqlcheck --databases mysql -p
Enter password:
mysql.columns_priv OK
mysql.db OK
mysql.event OK
mysql.func OK
mysql.general_log
Error : You can't use locks with log tables.
status : OK
mysql.help_category OK
mysql.help_keyword OK
mysql.help_relation OK
mysql.help_topic OK
mysql.host OK
mysql.ndb_binlog_index OK
mysql.plugin OK
mysql.proc OK
mysql.procs_priv OK
mysql.servers OK
mysql.slow_log
Error : You can't use locks with log tables.
status : OK
mysql.tables_priv OK
mysql.time_zone OK
mysql.time_zone_leap_second OK
mysql.time_zone_name OK
mysql.time_zone_transition OK
mysql.time_zone_transition_type OK
mysql.user OK
6. Ensure that the database server is configured as per your requirements:
# cat /opt/freeware/etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# To allow mysqld to connect to a MySQL Cluster management daemon, uncomment
# these lines and adjust the connectstring as needed.
#ndbcluster
#ndb-connectstring="nodeid=4;host=localhost:1186"
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
[ndbd]
# If you are running a MySQL Cluster storage daemon (ndbd) on this machine,
# adjust its connection to the management daemon here.
# Note: ndbd init script requires this to include nodeid!
connect-string="nodeid=2;host=localhost:1186"
[ndb_mgm]
# connection string for MySQL Cluster management tool
connect-string="host=localhost:1186"
7. Attempt to run a query:
# ./bin/mysql -p mysql
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.1.73 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
23 rows in set (0.00 sec)
mysql> select * from db;
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| Host | Db | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Create_tmp_table_priv | Lock_tables_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Execute_priv | Event_priv | Trigger_priv |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| % | test | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
| % | test\_% | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
2 rows in set (0.00 sec)
mysql> bye;
8. To shutdown MySQL run:
# /opt/freeware/bin/mysqladmin shutdown -p
Enter password:
140516 9:18:07 [Note] /opt/freeware/libexec/mysqld: Normal shutdown
140516 9:18:07 [Note] Event Scheduler: Purging the queue. 0 events
140516 9:18:07 [Note] /opt/freeware/libexec/mysqld: Shutdown complete
[1] + Done /opt/freeware/libexec/mysqld &
Here is the official MySQL installation page:
http://dev.mysql.com/doc/refman/5.1/en/binary-installation.html
1. Start by downloading the following RPMs from http://www.perzl.org/:
mysql-5.1.73-1.aix5.1.ppc.rpm
mysql-bench-5.1.73-1.aix5.1.ppc.rpm
mysql-devel-5.1.73-1.aix5.1.ppc.rpm
mysql-libs-5.1.73-1.aix5.1.ppc.rpm
mysql-server-5.1.73-1.aix5.1.ppc.rpm
mysql-test-5.1.73-1.aix5.1.ppc.rpm
perl-5.8.8-2.aix5.1.ppc.rpm
perl-DBD-MySQL-4.022-1.aix5.1.ppc.rpm
perl-DBI-1.622-1.aix5.1.ppc.rpm
perl-suidperl-5.8.8-2.aix5.1.ppc.rpm
unixODBC-devel-2.3.2-1.aix5.1.ppc.rpm
NOTE: You may need some others to satisfy the RPM prereqs
2. Install the RPMs
# rpm -Uvh perl-5.8.8-2.aix5.1.ppc.rpm
# rpm -Uvh perl-suidperl-5.8.8-2.aix5.1.ppc.rpm
# rpm -Uvh ./perl-DBD-MySQL-4.022-1.aix5.1.ppc.rpm ./perl-DBI-1.622-1.aix5.1.ppc.rpm ./mysql-libs-5.1.73-1.aix5.1.ppc.rpm ./mysql-5.1.73-1.aix5.1.ppc.rpm ./mysql-libs-5.1.73-1.aix5.1.ppc.rpm --nodeps
# rpm -Uvh ./mysql-server-5.1.73-1.aix5.1.ppc.rpm ./mysql-test-5.1.73-1.aix5.1.ppc.rpm ./mysql-bench-5.1.73-1.aix5.1.ppc.rpm
3. Start the MYSQL server:
# /opt/freeware/libexec/mysqld &
Note: you can use lsof or netstat -an to check that the listener is up
# lsof -i :3306
lsof: WARNING: compiled for AIX version 6.1.3.0; this is 6.1.0.0.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld_64 9044136 mysql 4u IPv4 0xf1000500012793b8 0t0 TCP *:mysql (LISTEN)
lsof: WARNING: /home/root/.lsof_p520-aix61 was updated.
4. Create the MySQL admin user passwords
# /opt/freeware/bin/mysqladmin -u root password 'password'
# /opt/freeware/bin/mysqladmin -u root -h p520-aix61 password 'password'
5. Test the databases have been correctly installed:
# su - mysql
$ /opt/freeware/bin/mysqlcheck --databases mysql -p
Enter password:
mysql.columns_priv OK
mysql.db OK
mysql.event OK
mysql.func OK
mysql.general_log
Error : You can't use locks with log tables.
status : OK
mysql.help_category OK
mysql.help_keyword OK
mysql.help_relation OK
mysql.help_topic OK
mysql.host OK
mysql.ndb_binlog_index OK
mysql.plugin OK
mysql.proc OK
mysql.procs_priv OK
mysql.servers OK
mysql.slow_log
Error : You can't use locks with log tables.
status : OK
mysql.tables_priv OK
mysql.time_zone OK
mysql.time_zone_leap_second OK
mysql.time_zone_name OK
mysql.time_zone_transition OK
mysql.time_zone_transition_type OK
mysql.user OK
6. Ensure that the database server is configured as per your requirements:
# cat /opt/freeware/etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# To allow mysqld to connect to a MySQL Cluster management daemon, uncomment
# these lines and adjust the connectstring as needed.
#ndbcluster
#ndb-connectstring="nodeid=4;host=localhost:1186"
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
[ndbd]
# If you are running a MySQL Cluster storage daemon (ndbd) on this machine,
# adjust its connection to the management daemon here.
# Note: ndbd init script requires this to include nodeid!
connect-string="nodeid=2;host=localhost:1186"
[ndb_mgm]
# connection string for MySQL Cluster management tool
connect-string="host=localhost:1186"
7. Attempt to run a query:
# ./bin/mysql -p mysql
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.1.73 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
23 rows in set (0.00 sec)
mysql> select * from db;
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| Host | Db | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Create_tmp_table_priv | Lock_tables_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Execute_priv | Event_priv | Trigger_priv |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| % | test | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
| % | test\_% | | Y | Y | Y | Y | Y | Y | N | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
+------+---------+------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
2 rows in set (0.00 sec)
mysql> bye;
8. To shutdown MySQL run:
# /opt/freeware/bin/mysqladmin shutdown -p
Enter password:
140516 9:18:07 [Note] /opt/freeware/libexec/mysqld: Normal shutdown
140516 9:18:07 [Note] Event Scheduler: Purging the queue. 0 events
140516 9:18:07 [Note] /opt/freeware/libexec/mysqld: Shutdown complete
[1] + Done /opt/freeware/libexec/mysqld &
Here is the official MySQL installation page:
http://dev.mysql.com/doc/refman/5.1/en/binary-installation.html
Thursday 15 May 2014
LUN locking problems on VIO servers
I had this problem and I think it is due to the order in which the VIOS servers were powered-up and claimed the LUNS. The biggest clue is if you run "lspv isize" on your VIOS servers you get different answers for the sizes and PVIDs.
Here is an example of querying and releasing locks where required.
1. run # lsattr -El hdisk0 -a reserve_policy for each of your disks and ensure that only the VIOS internal disks are set to "reserve_policy single_path". Al the others should be "no reserve". If they need to be changed use the "-P" option and then reboot and check again.
2. Once all the disks are shown as shared, check their status as follows
# devrsrv -c query -l hdisk11
3. If any are still reserved attempt to break the locks as follows:
Use either depending which host has this LUN.
# devrsrv -c release -l hdisk11
or
# devrsrv -f -l hdisk11
Please check this link for disk reservation release: http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds2%2Fdevrsrv.htm
3. Check the system error log using "errpt" and "lspath".
4. Check all your FC adapters are set with "dynamic tracking" and "fast failover" eg.
# lsattr -El fscsi0
attach switch How this adapter is CONNECTED False
dyntrk yes Dynamic Tracking of FC Devices True
fc_err_recov fast_fail FC Fabric Event Error RECOVERY Policy True
scsi_id 0xc80100 Adapter SCSI ID False
sw_fc_class 3 FC Class for Fabric True
http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.prftungd%2Fdoc%2Fprftungd%2Fdynamic_tracking.htm
5. Login to each of the nodes and attempt to rediscover the virtual disks and VSCSI.
6. Ensure that the VSCSIs have "heartbeat checking" activated.
Note: You may have to delete and rediscover your devices a couple of times and do various reboots before you get this absolutely right.
Once you think everything is working OK clear all your error logs and and power-down all the clients and VIOS servers, then power everything up in the normal order and check that all the locs, paths, etc have taken as expected, and there are no further errors.
Here is an example of querying and releasing locks where required.
1. run # lsattr -El hdisk0 -a reserve_policy for each of your disks and ensure that only the VIOS internal disks are set to "reserve_policy single_path". Al the others should be "no reserve". If they need to be changed use the "-P" option and then reboot and check again.
2. Once all the disks are shown as shared, check their status as follows
# devrsrv -c query -l hdisk11
3. If any are still reserved attempt to break the locks as follows:
Use either depending which host has this LUN.
# devrsrv -c release -l hdisk11
or
# devrsrv -f -l hdisk11
Please check this link for disk reservation release: http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds2%2Fdevrsrv.htm
3. Check the system error log using "errpt" and "lspath".
4. Check all your FC adapters are set with "dynamic tracking" and "fast failover" eg.
# lsattr -El fscsi0
attach switch How this adapter is CONNECTED False
dyntrk yes Dynamic Tracking of FC Devices True
fc_err_recov fast_fail FC Fabric Event Error RECOVERY Policy True
scsi_id 0xc80100 Adapter SCSI ID False
sw_fc_class 3 FC Class for Fabric True
http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.prftungd%2Fdoc%2Fprftungd%2Fdynamic_tracking.htm
5. Login to each of the nodes and attempt to rediscover the virtual disks and VSCSI.
6. Ensure that the VSCSIs have "heartbeat checking" activated.
Note: You may have to delete and rediscover your devices a couple of times and do various reboots before you get this absolutely right.
Once you think everything is working OK clear all your error logs and and power-down all the clients and VIOS servers, then power everything up in the normal order and check that all the locs, paths, etc have taken as expected, and there are no further errors.
Wednesday 14 May 2014
IBM Announces Elastic Storage
IBM has been busy lately developing it's own cloud products as it attempts to re-invent itself. In the past few days they announced an extension to their GPFS (Global Parallel File System), and rebranded it as elastic storage:
http://www-03.ibm.com/systems/technicalcomputing/platformcomputing/products/gpfs/
It will be interesting to see how this fares against Redhat's Gluster-based Open Storage offerings, however the future direction is now clearly away from tradition dedicated SAN and NAS devices. Having said that I think there will be a role for both because Gluster was not designed for multiple high-speed communications as SAN was, but it is the lear winner on cost and flexibility.
http://www-03.ibm.com/systems/technicalcomputing/platformcomputing/products/gpfs/
It will be interesting to see how this fares against Redhat's Gluster-based Open Storage offerings, however the future direction is now clearly away from tradition dedicated SAN and NAS devices. Having said that I think there will be a role for both because Gluster was not designed for multiple high-speed communications as SAN was, but it is the lear winner on cost and flexibility.
Tuesday 13 May 2014
Safer browsing
Think before you click on that convenient short-URL in Twitter or Facebook. Do you know where it will take you, and could you be inviting a virus or malware into your environment?
Fortunately there is a way you can expand a short-link to its original URL without having to open the page, simply visit: http://longurl.org/ and paste in the link. This protects you in two ways:
Fortunately there is a way you can expand a short-link to its original URL without having to open the page, simply visit: http://longurl.org/ and paste in the link. This protects you in two ways:
- You can see that the URL under the link is really the same as the one you see in the text.
- You can decide whether or not to visit the site before actually risking your system.
Which Linux is best for me
As businesses look to free themselves from expensive support agreements and vendor lock-in they enevitibly look toward Linux. Here is an excellent article comparing the major versions:
http://searchdatacenter.techtarget.com/feature/Compare-popular-Linux-distributions-for-servers
http://searchdatacenter.techtarget.com/feature/Compare-popular-Linux-distributions-for-servers
Monday 12 May 2014
IBM Faces a rocky time (Latest press release)
Maybe it is just me but I read this article (http://www.zdnet.com/ibm-faces-rocky-time-but-transformation-holds-the-key-ceo-7000029321) and could not help thinking that this is probably the biggest missed opportunity of the century?
If you ask any IT Manager what they are doing they will doubtless tell you that "they are moving to the cloud" or "going opensource", however the reality is always something different. It is a bit like asking somebody "how often they have sex". They will almost never give you an honest answer, but more likely one that sounds "normal" or makes them sound good etc.
There will always be a gap between our desires and aspirations, and the harsh reality of day to day life, and IT is no different. Even if you wish to get rid of every piece of IBM equipment, or trace of AIX or i5OS, the reality is that this can take a huge amount of planning, and years of effort to achieve. It is because of this that I think IBM really screwed-up by effectively abandoning their OS users.
If I were in charge of AIX/i5 development I would be looking for as many ways as possible to build-in tools and utilities that made migration easier whilst providing more compatibility and lower licencing costs. This would mean that users were more likely to stick with their Power hardware whilst running parallel Linux and AIX/i5 workloads.
If you ask any IT Manager what they are doing they will doubtless tell you that "they are moving to the cloud" or "going opensource", however the reality is always something different. It is a bit like asking somebody "how often they have sex". They will almost never give you an honest answer, but more likely one that sounds "normal" or makes them sound good etc.
There will always be a gap between our desires and aspirations, and the harsh reality of day to day life, and IT is no different. Even if you wish to get rid of every piece of IBM equipment, or trace of AIX or i5OS, the reality is that this can take a huge amount of planning, and years of effort to achieve. It is because of this that I think IBM really screwed-up by effectively abandoning their OS users.
If I were in charge of AIX/i5 development I would be looking for as many ways as possible to build-in tools and utilities that made migration easier whilst providing more compatibility and lower licencing costs. This would mean that users were more likely to stick with their Power hardware whilst running parallel Linux and AIX/i5 workloads.
Friday 9 May 2014
OpenStack
IBM is moving ever closer to a Linux/Open-source future, and with that in mind I found this really useful source of OpenStack tutorials:
http://opensource.com/business/14/5/new-openstack-tutorials?sc_cid=70160000000dF0mAAE&elq=4e804775974e4c989362db76275d4960&elqCampaignId=19892
http://opensource.com/business/14/5/new-openstack-tutorials?sc_cid=70160000000dF0mAAE&elq=4e804775974e4c989362db76275d4960&elqCampaignId=19892
Wednesday 7 May 2014
Viewing the contents of a disk without varying on the VG
It can be very dangerous to attempt to import or varyon a disk that has been used as a boot disk because if it has the same logical volume names as those in your rootvg, it will render the system unbootable.
To view a disk without varying it on:
# lqueryvg -p hdisk0 -L
00c9b8fb00004c000000013a8c97f698.1 backup_lv 1
00c9b8fb00004c000000013a8c97f698.2 loglv01 1
00c9b8fb00004c000000013a8c97f698.3 fslv19 1
00c9b8fb00004c000000013a8c97f698.4 was70bkp 1
00c9b8fb00004c000000013a8c97f698.5 paging00 1
00c9b8fb00004c000000013a8c97f698.6 fixes_lv 1
The above disk would not be a problem, however if it contained a rootvg you should not vary it on:
# lqueryvg -p hdisk2 -L
00c9b8fb00004c0000000132da76b3ae.1 hd5 1
00c9b8fb00004c0000000132da76b3ae.2 hd6 1
00c9b8fb00004c0000000132da76b3ae.3 hd8 1
00c9b8fb00004c0000000132da76b3ae.4 hd4 1
00c9b8fb00004c0000000132da76b3ae.5 hd2 1
00c9b8fb00004c0000000132da76b3ae.6 hd9v
To view a disk without varying it on:
# lqueryvg -p hdisk0 -L
00c9b8fb00004c000000013a8c97f698.1 backup_lv 1
00c9b8fb00004c000000013a8c97f698.2 loglv01 1
00c9b8fb00004c000000013a8c97f698.3 fslv19 1
00c9b8fb00004c000000013a8c97f698.4 was70bkp 1
00c9b8fb00004c000000013a8c97f698.5 paging00 1
00c9b8fb00004c000000013a8c97f698.6 fixes_lv 1
The above disk would not be a problem, however if it contained a rootvg you should not vary it on:
# lqueryvg -p hdisk2 -L
00c9b8fb00004c0000000132da76b3ae.1 hd5 1
00c9b8fb00004c0000000132da76b3ae.2 hd6 1
00c9b8fb00004c0000000132da76b3ae.3 hd8 1
00c9b8fb00004c0000000132da76b3ae.4 hd4 1
00c9b8fb00004c0000000132da76b3ae.5 hd2 1
00c9b8fb00004c0000000132da76b3ae.6 hd9v
Tuesday 6 May 2014
Installing Apache, MySQL, and PHP on AIX
This is useful if you are looking to use your AIX webserver with PHP scripts:
http://www.scheerer.co.uk/2013/05/installing-apache-php-and-mysql-on-ibm-aix-7-1/
http://www.scheerer.co.uk/2013/05/installing-apache-php-and-mysql-on-ibm-aix-7-1/
Cross-Platform Managed File Transfer solution
Are you struggling to control and maintain all your current file transfers and data connections? If so check-out: GoAnyWhere MFT from Linoma Software. The software is written in java and runs on Windows, Linux, and Power (AIX and i5OS), so ideal if you have a mixed estate or are looking to migrate to Linux.
A menu driven interface for the HMC
If you are struggling to remember the syntax of your HMC shell commands, this opensource project is for you: http://ezh.sourceforge.net/
It not only provides a menu script, but also contains a list of most of the useful commands along with examples.
It not only provides a menu script, but also contains a list of most of the useful commands along with examples.
Updating firmware using the HMC hard drive
This is a really interesting way of applying firmware updates:
https://www.ibm.com/developerworks/community/blogs/brian/entry/doing_power_system_firmware_updates_from_the_hmc_hard_drive?lang=en
https://www.ibm.com/developerworks/community/blogs/brian/entry/doing_power_system_firmware_updates_from_the_hmc_hard_drive?lang=en
Friday 2 May 2014
Heartbleed - Checking your OpenSSL version
The OpenSSL project describes HeartBleed as follows:
"“A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server,”
Unfortunately it is quite normal to have multiple versions of openSSL installed on your system, as well as multiple certificates and keys, therefore you may have to check in several places:
1. To check the version installed as a standard IBM LPP (Licenced program product):
# lslpp -l openssl.base
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
openssl.base 1.0.1.500 COMMITTED Open Secure Socket Layer
Path: /etc/objrepos
openssl.base 1.0.1.500 COMMITTED Open Secure Socket Layer
[root@p520-aix61:/opt/syslog-ng]
# /usr/bin/openssl version
OpenSSL 1.0.1e 11 Feb 2013
2. To check the version installed using an RPM:
# rpm -qi openssl
Name : openssl Relocations: (not relocateable)
Version : 1.0.1g Vendor: (none)
Release : 1 Build Date: Tue Apr 8 18:49:04 CEST 2014
Install date: Mon Apr 14 11:59:33 CEST 2014 Build Host: aix51.perzl.org
Group : System Environment/Libraries Source RPM: openssl-1.0.1g-1.src.rpm
Size : 56530184 License: OpenSSL License
URL : http://www.openssl.org/
Summary : Secure Sockets Layer and cryptography libraries and tools
Description :
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
....
..
# /opt/freeware/bin/openssl version
OpenSSL 1.0.1g 7 Apr 2014
3. You should now use the find command to ensure that there are no manually installed versions.
4. Check which is your default version, ie the one that is called when you issue a call without specifying a pathname
# type openssl
openssl is /usr/bin/openssl
5. Finally visit IBM's security pages for the latest information:
http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq
In my example the LPP version 1.0.1.500 of OpenSSL is susceptible to heartbleed and should be replaced with version v1.0.1.502, The RPM version 1.0.1g is not affected. The updated install package can be obtained from:
https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssl&cp=UTF-8
Once the update has been installed you need to configure your system as per the instructions in the IBM security bulletin:
http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq?mode=18&ID=3494&myns=pwraix71&mync=E
Once you have completed the update you can use this site to test your system:
https://filippo.io/Heartbleed/
It is worth remembering that your data may already have been stolen and thus you still need to take action such as reseting all your web user accounts etc. and checking your system has not been compromised in other ways.
"“A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server,”
Unfortunately it is quite normal to have multiple versions of openSSL installed on your system, as well as multiple certificates and keys, therefore you may have to check in several places:
1. To check the version installed as a standard IBM LPP (Licenced program product):
# lslpp -l openssl.base
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
openssl.base 1.0.1.500 COMMITTED Open Secure Socket Layer
Path: /etc/objrepos
openssl.base 1.0.1.500 COMMITTED Open Secure Socket Layer
[root@p520-aix61:/opt/syslog-ng]
# /usr/bin/openssl version
OpenSSL 1.0.1e 11 Feb 2013
2. To check the version installed using an RPM:
# rpm -qi openssl
Name : openssl Relocations: (not relocateable)
Version : 1.0.1g Vendor: (none)
Release : 1 Build Date: Tue Apr 8 18:49:04 CEST 2014
Install date: Mon Apr 14 11:59:33 CEST 2014 Build Host: aix51.perzl.org
Group : System Environment/Libraries Source RPM: openssl-1.0.1g-1.src.rpm
Size : 56530184 License: OpenSSL License
URL : http://www.openssl.org/
Summary : Secure Sockets Layer and cryptography libraries and tools
Description :
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
....
..
# /opt/freeware/bin/openssl version
OpenSSL 1.0.1g 7 Apr 2014
3. You should now use the find command to ensure that there are no manually installed versions.
4. Check which is your default version, ie the one that is called when you issue a call without specifying a pathname
# type openssl
openssl is /usr/bin/openssl
5. Finally visit IBM's security pages for the latest information:
http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq
In my example the LPP version 1.0.1.500 of OpenSSL is susceptible to heartbleed and should be replaced with version v1.0.1.502, The RPM version 1.0.1g is not affected. The updated install package can be obtained from:
https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssl&cp=UTF-8
Once the update has been installed you need to configure your system as per the instructions in the IBM security bulletin:
http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq?mode=18&ID=3494&myns=pwraix71&mync=E
Once you have completed the update you can use this site to test your system:
https://filippo.io/Heartbleed/
It is worth remembering that your data may already have been stolen and thus you still need to take action such as reseting all your web user accounts etc. and checking your system has not been compromised in other ways.
Thursday 1 May 2014
Useful AIX command (chdef)
I am always on the lookup for commands that can improve the way we work, and reduce time and mistakes. I recently found this blog from a fellow AIX professional that gives a really nide explanation of the chdef (Change Definitions command). If you don't have time to read the full article, The chdef command modifies the default value of a predefined attribute of a specified device type. The idea is (for instance) that if you create a lot of fibre LUNS and always need to set the hcheck interval to 60, you can make this the default for every new device instead of having to remember to change it later.
https://www.ibm.com/developerworks/community/blogs/brian/entry/change_aix_device_default_attributes_with_chdef_command?lang=en
https://www.ibm.com/developerworks/community/blogs/brian/entry/change_aix_device_default_attributes_with_chdef_command?lang=en
Processor Value Unit (PVU)
In 2006 IBM introduced the concept of a PVU, the idea being that all processors are not created equal and thus a Power-8 core is capable of doing much more work than an Intel Itanium. The PVU value of your system is then used to calculate the number of software licences you require.
This table provides a list of the power-ratings of each processor-type and enables you to calculate the PVU rating of your system:
http://www-01.ibm.com/software/passportadvantage/pvu_licensing_for_customers.html
Whilst this is a very handy reference I would still recommend that you contact IBM directly in order to negotiate a discount. Remember that you can also use virtualisation and workload management technologies to control the allocation of your resources in order to save money.
This table provides a list of the power-ratings of each processor-type and enables you to calculate the PVU rating of your system:
http://www-01.ibm.com/software/passportadvantage/pvu_licensing_for_customers.html
Whilst this is a very handy reference I would still recommend that you contact IBM directly in order to negotiate a discount. Remember that you can also use virtualisation and workload management technologies to control the allocation of your resources in order to save money.
Power-8 Performance optimisation
I know that the Power-8 range has just been announced, however there is already a performance RedBook that has some interesting insights into the latest improvements:
http://www.redbooks.ibm.com/redpieces/abstracts/sg248171.html?Open
http://www.redbooks.ibm.com/redpieces/abstracts/sg248171.html?Open
IBM Launches cloud marketplace
IBM is now a major player in the cloud market and you can expect to see a lot more announcements in this area:
http://www.computerweekly.com/blogs/cwdn/2014/04/ibm-cloud-marketplace-not-late-just-deeper.html
http://www.computerweekly.com/blogs/cwdn/2014/04/ibm-cloud-marketplace-not-late-just-deeper.html
Interest article regarding IBM's possible future direction
This is an interesting article and I think that the survey results are accurate, and some of the feedback is also very imformative:
http://searchdatacenter.techtarget.com/opinion/What-will-power-IBM-Power-servers
http://searchdatacenter.techtarget.com/opinion/What-will-power-IBM-Power-servers
Subscribe to:
Posts (Atom)