It could be sometimes quite useful to know which changes you’ve not committed. The following oneliner does exactly this:
$ find . -type d -name \.svn | sed "s/\.svn//" | xargs -L 1 svn status | sort | uniq
Configure an central CakePHP Installation on own or Uberspace Server
If you like to run several CakePHP Applications on one server and keep them up to date all the time, it makes sense to install CakePHP centralized. I’ve done this on my Ubuntu based Servers:
apt-get upgrade apt-get install php5 php5-mysql a2enmod php5 rewrite service apache2 restart cd /usr/share/ wget https://github.com/cakephp/cakephp/zipball/2.1.0 unzip 2.1.0 mv cakephp-cakephp-b522a85/ cakephp-2.1.0 ln -s /usr/share/cakephp-2.1.0 /usr/share/cakephp rm -r cakephp/app cakephp/.htaccess ln -s /usr/share/cakephp/lib/Cake/Console/cake /usr/local/bin/cake vi /etc/php5/apache2/php.ini include_path = ".:/usr/share/php:/usr/share/cakephp/lib" vi /etc/php5/cli/php.ini include_path = ".:/usr/share/php:/usr/share/cakephp/lib" service apache2 restart
And finally configure your virtualHost configuration and let the documentRoot point to the app folder of your application.
If you are a proud Ueberspace customer you can configure a Central CakePHP Environment in a similar way:
mkdir ~/lib cd ~/lib/ wget https://github.com/cakephp/cakephp/zipball/2.1.0 unzip 2.1.0 mv cakephp-cakephp-b522a85/ cakephp-2.1.0 ln -s `dirname ~/.`/lib/cakephp-2.1.0/ `dirname ~/.`/lib/cakephp rm -rf cakephp/.gitignore cakephp/.htaccess cakephp/app cakephp/build.* cakephp/index.php echo 'PATH=$PATH:~/bin' >> ~/.bashrc mkdir ~/bin ln -s `dirname ~/.`/lib/cakephp/lib/Cake/Console/cake `dirname ~/.`/bin/cake php --ini # To check which php version you'r using cp /package/host/localhost/php-5.3.5-2/lib/php.ini ~/etc/ vi ~/etc/php.ini # include_path = ".:/package/host/localhost/php-5.3.5-2/lib/php:~/lib/cakephp/lib"
Posfix and SASL Unix Auth
/etc/postfix/main.cf
Configure the Postfix MTA to support SASL
smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = cyrus
/etc/postfix/master.cf
Disable the run of the Postfix MTA in a chroot environment
smtp inet n - n - - smtpd
/etc/postfix/sasl/smtpd.conf
Tell Postfix where he finds the saselauthd socket file
pwcheck_method: saslauthd saslauthd_path: /var/run/saslauthd/mux mech_list: PLAIN LOGIN
/etc/pam.d/smtp
Configure PAM to support local unix Authentication for the SMTP Deamon
auth required pam_unix.so account required pam_unix.so password required pam_unix.so session required pam_unix.so
Finally be sure saslauthd is running and is pointing to the right directory
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Here a Python Script to Test the Auth
#!/usr/bin/python import argparse import smtplib if __name__ == '__main__': parser = argparse.ArgumentParser(description='Tests SASL') parser.add_argument('--username', '-u', dest='username', action='store', help='Username') parser.add_argument('--password', '-p', dest='password', action='store', help='Password') parser.add_argument('--host', '-H', dest='host', action='store', help='SMTP Hostname') parser.add_argument('--port', '-P', dest='port', action='store', help='SMTP Port', default='25') args = parser.parse_args() server = smtplib.SMTP(args.host, int(args.port)) server.set_debuglevel(1) server.ehlo() server.starttls() server.ehlo() server.login(args.username, args.password) server.quit() exit(0)
Icinga: Could not stat() command file
I’ve just installed Icinga 1.6x on a Ubuntu Box and was faced again with this annoying error:
Error: Could not stat() command file ‘/var/lib/icinga/rw/icinga.cmd’!
I’ve played around with chmod, chown, chgrp and with the icinga and apache user. Finally i figured out, that it could be a error in the ubuntu package. This solved the error, even if you restart the service:
service icinga stop dpkg-statoverride --update --add nagios www-data 2710 /var/lib/icinga/rw/ dpkg-statoverride --update --add nagios nagios 751 /var/lib/icinga/ service icinga start
Getting IP from Linux CLI with Bash
I’ve just wrote a bash script for an automation and for this i needed the ip of my system.
I’d like to share this little snipped with you:
/bin/ip -f inet -o addr | grep eth0 | grep -oP '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?=/)'
Do you know a better way? Feel free to comment.
Tagged: Bash, ip, Script, ShellJMeter/Java Exceptions with SSL secured websites
Last week i had to setup a JMeter Testsuite for performance measurement of an SSL Secured Website. No big deal I thought, but I was completely wrong! Finally it took about one day to get rid of this annoying error below. At this point i need to mention, the server is running with a selfsigned certificate and Apache 2.x
For each request the client throws either an NullPointerException or SSLPeerUnverifiedException.
Java HTTP Client 4.0
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:277) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043) at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416) at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271) at java.lang.Thread.run(Thread.java:680)
Java HTTP Client 3.1
javax.net.ssl.SSLException: java.lang.NullPointerException at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1692) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1675) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1601) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:93) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043) at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416) at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271) at java.lang.Thread.run(Thread.java:680) Caused by: java.lang.NullPointerException at org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139) at org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380) at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:639) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:238) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:88) ... 16 more
I spent the main time of investigation on the JMeter/Java side. I’ve played around with the Java Keystore, created new certificates and searched trough internet forums.
From one to the other second i had the solution. The Website is running in a virtualHost container in the apache. The server is configured to serve sites as namebased virtualhosts. The SSL configuration has been done also inside the virtualhost configuration. Browsers do support this configuration without any problems. Its hard to point to any error at this point. I know from my previous employer, we configured a single separate ip for each SSL secured virtualHost in apache.
After configuring the website as a standalone site, outside an virtualhost container, everything worked perfectly.
If anyone has an idea how this problem could be solved from java side or has en explanation why this is as it is, i would be interested!
Update:
There is a technologie called SNI (Server Name Indication) which is responsible to make an handshake between client and server with TLS on a hostname basis possible. I looks like Java7 will support SNI. Is there no way to support SNI with Java versions below 7?
Tagged: Java, Jmeter, SSL
Performance Test: Python, Perl, PHP, Java, Ruby, Bash and C
I’ve had just some time to do some performance test and compare different languages. I’ve created scripts in each language which does the following:
for 1’000’000 lines
“line” is empty
for 150 chars
add char “c” to the “line”
print out the “line”
Running the script and pipe the output to a file creates a 145MB file. And the most interesting result is the time each script took to run:
Shell$ time python createRandomFile.py —rows 1000000 —chars 150 > bigfile.py.txt
real 0m56.207s
user 0m55.348s
sys 0m0.607s
Shell$ time perl createRandomFile.pl -r 1000000 -c 150 > bigfile.pl.txt
real 0m37.742s
user 0m37.147s
sys 0m0.488s
Shell$ time php createRandomFile.php -r 1000000 -c 150 > bigfile.php.txt
real 1m9.357s
user 1m5.165s
sys 0m3.542s
Shell$ time java createRandomFile 1000000 150 > bigfile.java.txt
real 1m18.791s
user 1m0.689s
sys 0m11.133s
Shell$ time ruby createRandomFile.rb -r 1000000 -c 150 > bigfile.ruby.txt
real 1m44.118s
user 1m39.672s
sys 0m0.967s
Shell$ time ruby createRandomFile.sh 1000000 150 > bigfile.bash.txt
real 78m46.334s
user 56m30.018s
sys 3m5.280s
Shell$ time ./createRandmonFile -r 1000000 -c 150 > bigfile.c.txt
real 0m2.159s
user 0m1.339s
sys 0m0.425s
For me personally there are some unexpected new experiences:
-
Python takes “much” longer than perl. After performance optimizing the Python script its much faster, but still slower than the perl script. Thats really sad…
-
Not a big surprise is the fact, that the C program is the fastest. But that it is so much faster than all others is impressive.
-
Using echo instead print in the php script gets the script one second faster.
-
And the fact, java is one of the most slowest language of all competitors used here.
-
Ruby is damn slow
-
Finally, Bash IS the slowest… Damn slow! I mean, SLOOOWWW!!!
This are really interesting results!
Tagged: Bash, c, Java, performance, Perl, PHP, python, RubyGetting in contact with OpenStack
Till now, i was only able to deploy some vm’s on my MacMini Server with VMware Fusion on it. This worked oukay so far… Due to the mac mini is reaching its second birthday, it does not power vm’s very well. Also to keep the vm powered on, i need always stay logged in with the user and of course the management is only possible trough vnc directly on the server.
That was the reason for me to rent some virtual machines by rackspacecloud.com. Seriously, rackspacecloud is impressive! But keeping two or more vm’s up and running for more than a month is a really expensive playground! Moving to Amazon’s EC2 wasn’t an option too. So i decided to buy a extreme low-end cheap virutalisation capable server. After some research (Hardware should be compatible with ESXi in case of whatever) i’ve build the following server for me:
Case: Asus Vintage V8-P8H67E, Intel H67, Socket 1155, USB 3.0 (about 170$)
CPU: Intel Core i5 2500 BOX, 3.3GHz, LGA 1155, 4C/4T (about 200$)
RAM: Kingston ValueRAM, 3×4 GB, DDR3-1333, CL9 (about 60$)
Raid (optional): Adaptec RAID 2405, 4-Channel SAS/SATA, low profile (about 200$)
Additional Network: Intel PWLA8391GTBLK Pro 1000GT Gigabit Adapter PCI, Bulk (about 30$)
VLAN Gigabit Switch: HP ProCurve Switch V1810G-8 8 Port 10/100/1000 Mbps, SFP (about 110$)
Harddisk: got some at home
The Result is a Box with 100% Virtualisation Support (vPro, VT-x, VT-d, 64bit), 12GB RAM and small in form and silent too.
In the past i’ve landed several times on openstack.org during some research in automating virtualisation infrastructures. Openstack is a framework for building private clouds. Openstack promises an virtualisation ecosystem with all needed components to build a perfect world. The project looks very mature and there are a lot of partners supporting them. Openstack supports also a wide range of Hypervisors though they’r strongly recommending to use KVM for virtualistion. I will give the project a try…
Tagged: Automation, Cloud, Hardware, Openstack, Technisches, Virtualisierung, VMware
Safari 5.1 does not like https sites
After the update to OSX 10.7 Lion which ships Safari 5.1 i could no more open any HTTPS Sites with Safari. After googling around i found the Solution. You have just to delete the following file:
~/Library/Preferences/com.apple.security.revocation.plist
Thats all…
Since i’ve updated to 10.7 i’m faced with several bugs! Huge Bugs, which prevent me from working productive!
Tagged: 10.7, HTTPS, Lion, osx, SafariiTunes sharing over VPN
If your are one of those people who have VPN access to their home IT infrastructure you may have wonder why iTunes sharing does not work while connected the the VPN. This is due to a limitation of VPN which does not forward any broad/multicast messages. But there is help! With the tool Network Beacon you are able to send self created beacons over the VPN connection to a remote device. I’ve tried it, and its working like a charm !
Tagged: Beacon, Homesharing, iTunes, Sharing, vpn
