Header Shadow Image


Archive for the 'NIX Posts' Category

Atlassian Confluence: Reducing GlusterFS IO, Disk Log Usage, and DEBUG Logging.

So it became apparent that, while sitting on a GlusterFS on two of my nodes, Confluence was dumping 18GB of logs to catalina.out. Unfortunately, there isn't a good way to rotate that file: https://confluence.atlassian.com/confkb/catalina-logs-are-not-rotated-or-removed-289276264.html All the while writing to the GlusterFS, which by itself network copies this to the secondary host, atlas01: atlas02 # du […]

OpenVPN: Cannot ping or access internal VLAN’s

Seeing timed out accessing external and internal VLAN's after connecting to the OpenVPN server? Reply from 98.136.103.23: bytes=32 time=673ms TTL=47 Request timed out. Request timed out. Reply from 10.3.0.100: bytes=32 time=673ms TTL=47 Request timed out. Request timed out. Moreover, also seeing timeout on accessing local VLAN's? root@DD-WRT-INTERNET-ASUS:~# tail -f /var/log/messages|grep -Ei "DROP"|grep -Ei "10.3.0.100" Nov […]

OpenWRT: Disable invalid default gateway selection

It indeed happened that the default GW provided on various network interfaces was the router that we do not want to be the GW.  In our case the OpenWRT Raspberry Pi 2 became the GW for any hosts dynamically getting an IP.  So all requests, were sent via the Raspberry Pi 2, which is not […]

OpenWRT: Resolving the /etc/resolv.conf lack of proper DNS resolution.

OpenWRT links /etc/resolv.conf to /tmp/resolv.conf and only adjust entries in /tmp/resov.conf if $localuse is enabled in the UI: The above entered as text, is: DHCP and DNS -> [General Settings] -> [Local domain] : openwrt.mds.xyz mds.xyz nix.mds.xyz mws.mds.xyz DHCP and DNS -> [General Settings] -> Allow localhost : Yes DHCP and DNS -> [General Settings] -> Local Service […]

Your connection is not private: Trusting your own LAB SelfSigned Certificates in Kaspersky, Windows and Chrome

This use case scenario is aimed at those folks who are developing on their local environment and need to trust a set of certificates. This is so they are not always prompted for verification to a domain they know is already trusted and safe.  Despite that site having self signed certificates as is the case […]

Adjusting Memory in Atlassian Confluence

Adjusted the bolded lines for optimum startup and performance: # pwd ?/atlas/atlassian/confluence/bin # cat setenv.sh # Set the JVM arguments used to start Confluence. # For a description of the vm options of jdk 8, see: # http://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html # For a description of the vm options of jdk 11, see: # https://docs.oracle.com/en/java/javase/11/tools/java.html CATALINA_OPTS="-XX:+IgnoreUnrecognizedVMOptions ${CATALINA_OPTS}" CATALINA_OPTS="-XX:-PrintGCDetails […]

ERR – dse_check_file – The backup file /etc/dirsrv/slapd-NIX-MDS-XYZ/dse.ldif.bak has zero length, refusing to restore it.

Recover the backup from the OK copy, literally: /etc/dirsrv/slapd-NIX-MDS-XYZ# ls -altri total 1904      2076 -rw——-. 1 dirsrv root   197845 May 24  2020 dse.ldif.ipa.b22658eb606be0d2    249372 -rw-r–r–. 1 dirsrv root   197954 May 24  2020 dse.ldif.modified.out    130281 -rw——-. 1 dirsrv dirsrv 197835 Mar  7 15:50 dse.ldif.startOK    456855 -rw——-. 1 dirsrv dirsrv […]

OpenVpn: Can’t browse web when connected and VPN is active.

Configured your OpenVPN, however now you can't browse the web when connected?  Turns out the following NAT rule was missing from the F/W configuration on the OpenVPN router: iptables -t nat -I POSTROUTING -s 10.1.1.0/24 -j SNAT –to $(nvram get wan_ipaddr) Our VPN subnet is 10.1.1.0/24 but no rule existed to route traffic to the […]

OpenShift w/ Kubernetes Setup: Installing using the UPI Method

Building an OpenShift Kubernetes Cluster. Method used here will be the UPI installation method.  Start off by loading the official page from RedHat: Before you begin, ensure the following files are downloaded off the RedHat OpenShift pages (see links in the above document): /root/openshift # ls -altri total 439680 201572861 -rw-r–r–.  1 root     […]

Firewalld. Add VLAN’s to allowed trusted / public zone rules.

Short list of commands for adding VLAN's to trusted zones: firewall-cmd –zone=trusted –add-source=192.168.0.0/24 firewall-cmd –zone=trusted –add-source=10.0.0.0/24 firewall-cmd –zone=trusted –add-source=10.1.0.0/24 firewall-cmd –zone=trusted –add-source=10.2.0.0/24 firewall-cmd –zone=trusted –add-source=10.3.0.0/24 cat /etc/firewalld/zones/public.xml firewall-cmd –runtime-to-permanent cat /etc/firewalld/zones/public.xml Result of this is: cat /etc/firewalld/zones/trusted.xml <?xml version="1.0" encoding="utf-8"?> <zone target="ACCEPT">   <short>Trusted</short>   <description>All network connections are accepted.</description>   <source address="192.168.0.0/24"/>   <source […]


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License