The document provides instructions for installing and configuring LVS (Linux Virtual Server) on a Slackware 11 system. It describes compiling a new 2.4.33 kernel with LVS support, enabling necessary networking and netfilter options. It also covers installing the ipvsadm package for administering LVS, and ensuring the ip_vs module loads on boot. Key steps include compiling the kernel, configuring LILO, installing ipvsadm, and loading the required ip_vs module.
A Performance Characterization of Postgres on Different Storage SystemsDong Ye
Performance is an important factor when considering different storage systems for Postgres. In this talk we present a detailed performance characteristics on a number of different storage systems including Fibre Channel SAN, Enterprise NAS, and local storage (SSD and SAS disks) behind hardware RAID controller with battery backed write cache. We look at both OLTP and OLAP workloads.
Presented at Postgres Open 2014
A Performance Characterization of Postgres on Different Storage SystemsDong Ye
Performance is an important factor when considering different storage systems for Postgres. In this talk we present a detailed performance characteristics on a number of different storage systems including Fibre Channel SAN, Enterprise NAS, and local storage (SSD and SAS disks) behind hardware RAID controller with battery backed write cache. We look at both OLTP and OLAP workloads.
Presented at Postgres Open 2014
It's my works portfolio! Advance SSH, FTP DHCP server installing command.and FirewallD. I hope you guys need to import to this presentation! Linux RED HAT ENTERPRISE 7.1 version server config!
take it enjoy
Slides of the Belgian Puppet User Group Meetup "something about MCollective" we held on the 24 of June 2014.
The source of these slides can be found at https://github.com/witjoh/BPUG_MCollective
PostgresOpen 2013 A Comparison of PostgreSQL Encryption OptionsFaisal Akber
Are you looking to encrypt your data within PostgreSQL? We will review the various options available for encrypting data with PostgreSQL. We will also look at various options available to employ encryption and review various configuration and performance for using encryption.
There are a number of options available when encrypting data with PostgreSQL. When determining the mechanisms to use, it is important to understand the data, the application and how it is being used. We will compare different methods of encrypting data in their feature-sets and performance.
We will try to answer the following questions: Where do I enable the encryption? Where is my data safe and where is it exposed? Why should I use the various encryption modules available?
Foreman Discovery is the Foreman project's solution to Metal as a Service. It can discover, register, and provision bare metal systems without knowing anything about them beforehand. Now, with the latest version of Discovery, you're able to boot hosts using the Discovery image directly instead of relying on DHCP and PXE, by mounting the ISO or burning to a CD-ROM or USB stick. In this talk, we'll do a quick introduction to Discovery, before going on to cover the new PXEless features.
How to shutdown and power up of the netapp cluster mode storage systemSaroj Sahu
This slide will guide you how to shutdown and power up of the Netapp cluster mode storage system in command mode. (It will depict you environmental shutdown process (SAN environment in a DataCenter)
It's my works portfolio! Advance SSH, FTP DHCP server installing command.and FirewallD. I hope you guys need to import to this presentation! Linux RED HAT ENTERPRISE 7.1 version server config!
take it enjoy
Slides of the Belgian Puppet User Group Meetup "something about MCollective" we held on the 24 of June 2014.
The source of these slides can be found at https://github.com/witjoh/BPUG_MCollective
PostgresOpen 2013 A Comparison of PostgreSQL Encryption OptionsFaisal Akber
Are you looking to encrypt your data within PostgreSQL? We will review the various options available for encrypting data with PostgreSQL. We will also look at various options available to employ encryption and review various configuration and performance for using encryption.
There are a number of options available when encrypting data with PostgreSQL. When determining the mechanisms to use, it is important to understand the data, the application and how it is being used. We will compare different methods of encrypting data in their feature-sets and performance.
We will try to answer the following questions: Where do I enable the encryption? Where is my data safe and where is it exposed? Why should I use the various encryption modules available?
Foreman Discovery is the Foreman project's solution to Metal as a Service. It can discover, register, and provision bare metal systems without knowing anything about them beforehand. Now, with the latest version of Discovery, you're able to boot hosts using the Discovery image directly instead of relying on DHCP and PXE, by mounting the ISO or burning to a CD-ROM or USB stick. In this talk, we'll do a quick introduction to Discovery, before going on to cover the new PXEless features.
How to shutdown and power up of the netapp cluster mode storage systemSaroj Sahu
This slide will guide you how to shutdown and power up of the Netapp cluster mode storage system in command mode. (It will depict you environmental shutdown process (SAN environment in a DataCenter)
Slides de suporte da aula de Redes de Computadores - Continuar pesquisas nas bibliografias:
HUNT, Craig. Linux Servidores de rede. Editora Ciência Moderna. Rio de Janeiro. 2004.
TANENBAUM, Andrew S. Redes de Computadores. Editora Campus, 4 Edição. 2003.
COMER, Douglas E. Interligação de Redes com TCP/IP, volume 1. Editora Campus, 5 Edição. 2006.
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPWalid Umar
Panduan diatas dikhusukan untuk siswa dan guru TKJ yang hendak mempraktekkan tentang panduan untuk membangun sebuah server gateway dengan fitur proxy, webserver dan dhcp
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...Liz Warner
There are lot of SRIOV features which are not yet exposed to cloud to make the best use of the underlying fabric ethernet and due to lack of tooling on kernel and OS these features couldn’t be used by Virtual Network Functions workloads. This presentation will explain all the new NIC card features that can be used by SRIOV workloads to get the best out of the fabric. We will also discuss the changes required at kernel level drivers to expose those features so that cloud workloads can leverage these by OS APIs for orchestration. We will also demo one of the hardware features and also go over Its implementation details including development and test pipeline using zuulv3.
Securing the network for VMs or ContainersMarian Marinov
Securing the network on the host machine for VMs and/or containers is important!
This presentation, shows you how you can prevent ARP spoofing and IP spoofing on the host node.
Memcacheas UDP Reflectors: A Massive Amplified DDoSthe World(Attack Formulation and Mitigation) by
Muhammad Morshed Alam, AmberIT Limited.morshed@amberit.com.bd
The latest releases of today’s popular Linux distributions include all the tools needed to do interesting things with Linux containers.
For the Makefile MicroVPS project, I set out to build a minimal virtual private server-like environment in a Linux container from scratch.
These are my requirements for the MicroVPS:
Minimal init sequence
Most of what happens in a rc.sysinit file is not needed (or wanted) in a container. However, to work like a virtual private server, the MicroVPS will need some kind of init system. The absolute minimum would be enough to start the network and at least one service.
Native network namespace
The MicroVPS will have a dedicated network namespace. It should be easy to configure.
Native package management
The package set installed in the container image will be managed using native tools like deb or rpm.
Automated build
An automated repeatable build process is a must.
Fast iteration cycle
The building and testing cycle must be fast enough not to drive me insane.
Easy management
It should be easy to distribute, monitor, and run a MicroVPS container.
In this tutorial, I will show how to use the tools included with Linux to build a virtual private server in a Linux container from scratch, using GNU Make to automate the build process.
1. Instalando o LVS no Slackware 11
1 - Compilar o kernel 2.4.33 para dar suporte ao LVS:
a) Configurando o kernel:
# cd /usr/src/linux
# make menuconfig
b) Deixar o Kernel com as seguintes funcionalidades:
b.1) Nas configurações de rede em Networking options --->:
Networking options --->
<*> Packet socket
[ ] Packet socket: mmapped IO
[*] Kernel/User netlink socket
[*] Routing messages
<*> Netlink device emulation
[*] Network packet filtering (replaces ipchains)
[*] Network packet filtering debugging
[*] Socket Filtering
<*> Unix domain sockets
[*] TCP/IP networking
[ ] IP: multicasting
[*] IP: advanced router
[*] IP: policy routing
[*] IP: use netfilter MARK value as routing key
[*] IP: fast network address translation
[*] IP: equal cost multipath
[*] IP: use TOS value as routing key
[*] IP: verbose route monitoring
[*] IP: large routing tables
[*] IP: kernel level autoconfiguration
[ ] IP: BOOTP support
[ ] IP: RARP support
<M> IP: tunneling
< > IP: GRE tunnels over IP
[ ] IP: multicast routing
[ ] IP: ARP daemon support (EXPERIMENTAL)
[ ] IP: TCP Explicit Congestion Notification support
[ ] IP: TCP syncookie support (disabled per default)
IP: Netfilter Configuration --->
IP: Virtual Server Configuration --->
< > The IPv6 protocol (EXPERIMENTAL)
< > Kernel httpd acceleration (EXPERIMENTAL)
[ ] Asynchronous Transfer Mode (ATM) (EXPERIMENTAL)
-->
2. b.2) Em IP: Netfilter Configuration ---> (dentro de Networking options).
O Netfilters deve seguir basicamente o seguinte padrão:
<M> Connection tracking (required for masq/NAT)
<M> FTP protocol support
<M> Userspace queueing via NETLINK (EXPERIMENTAL)
<M> IP tables support (required for filtering/masq/NAT)
<M> limit match support
<M> MAC address match support
<M> netfilter MARK match support
<M> Multiple port match support
<M> TOS match support
<M> Connection state match support
<M> Unclean match support (EXPERIMENTAL)
<M> Owner match support (EXPERIMENTAL)
<M> Packet filtering
<M> REJECT target support
<M> MIRROR target support (EXPERIMENTAL)
<M> Full NAT
<M> MASQUERADE target support
<M> REDIRECT target support
<M> Packet mangling
<M> TOS target support
<M> MARK target support
<M> LOG target support
< > ipchains (2.2-style) support
< > ipfwadm (2.0-style) support
No NetFilter tenha certeza de desabilitar o ipchains, já que ele e o iptables
não é compatível e gera alguns problemas ao LVS.
b.3) Em IP: Virtual Server Configuration ---> (dentro de Networking
options) devem estar da seguinte forma:
<M> virtual server support (EXPERIMENTAL)
[*] IP virtual server debugging (NEW)
(12) IPVS connection table size (the Nth power of 2) (NEW)
--- IPVS scheduler
<M> round-robin scheduling (NEW)
<M> weighted round-robin scheduling (NEW)
<M> least-connection scheduling scheduling (NEW)
<M> weighted least-connection scheduling (NEW)
<M> locality-based least-connection scheduling (NEW)
<M> locality-based least-connection with replication scheduling (NEW)
<M> destination hashing scheduling (NEW)
<M> source hashing scheduling (NEW)
--- IPVS application helper
<M> FTP protocol helper (NEW)
*** OUTRA SOLUÇÃO É COPIAR O ARQUIVO .config NO ALUNO ON-
LINE PARA O DIRETÓRIO /usr/src/linux!!!
c) Agora compile o kernel:
# make bzImage && make modules && make modules_install && make
install
3. # cp /usr/src/linux/arch/i386/boot/bzImage /boot/kernel-2.4-lvs
d) Agora vamos configurar o gerenciador de boot (/etc/lilo.conf):
# vi /etc/lilo.conf
# LILO configuration file
boot = /dev/hda
message = /boot/boot_message.txt
prompt
timeout = 1200
# Override dangerous defaults that rewrite the partition table:
change-rules
reset
# VESA framebuffer console @ 1024x768x256
vga = 773
# Windows bootable partition config begins
other = /dev/hda1
label = Windows
table = /dev/hda
# Windows bootable partition config ends
# Linux bootable partition config begins
image = /boot/vmlinuz
root = /dev/hda7
label = Linux-ADS
read-only
#
image = /boot/vmlinuz
root = /dev/hda8
label = Linux-SI
read-only
#
image = /boot/vmlinuz
root = /dev/hda9
label = Linux-REDES
read-only
# /boot/kernel-2.4-lvs
image = /boot/kernel-2.4-lvs
root = /dev/hda9
label = Linux-REDES-lvs
read-only
# Linux bootable partition config ends
e) Instale o novo lilo:
# lilo
* Não esqueça de digitar o comando lilo após alterar o lilo.conf
d) Reinicie o computador com o novo kernel!
2 – Instalando o ipvsadmin:
4. a) Carregue o módulo do LVS:
# modprobe ip_vs
* Atenção! Toda vez que o micro for desligado o modulo ip_vs deve ser
carregado caso contrário o LVS não funcionará corretamente!
a) Faça no aluno on-line o download ipvsadmin (ipvsadm-1.21-11.tar.gz).
b) Extraia o pacote ipvsadm-1.21-11.tar.gz:
# tar vzxf ipvsadm-1.21-11.tar.gz -C /tmp
# cd /tmp/ipvsadm-1.21-11
c) Instale o pacote:
# make install
* Nota! Não é necessário executar o comando make!
Pronto o LVS já deve estar funcionando e pronto para ser executado através
do ipvsadm!