Initializing Amazon EBS Volumes

nohup seq 0 $(($(cat /sys/block/xvda/size) / (1 << 10))) | xargs -n1 -P8 -I {} sudo dd if=/dev/xvda of=/dev/null skip={}k count=1 bs=512 > /dev/null 2>&1 &”

AWS NVME problem with kernel prior 4.9

Reference https://medium.com/@KimiHuang/upgrading-aws-ec2-instances-from-m4-to-m5-type-ad6413f9f4e9

 

sudo vim /boot/grub/grub.cfg

add nvme.io_timeout=4294967295 parameter in grub configuration

Example:

linux /boot/vmlinuz-4.4.0-1057-aws root=UUID=60d051e7-7afa-41f2-1e3-df75bd6ff8bb ro console=tty1 console=ttyS0 nvme.io_timeout=4294967295

cat /sys/module/nvme/parameters/io_timeout

Advertisement

Could not open a connection to your authentication agent

Sometimes when you try to use ssh client remotely you get this problem “Could not open a connection to your authentication agent”, to solve this:

 

eval `ssh-agent -s`
ssh-add

Using Linux SysRq

On x86   - You press the key combo 'ALT-SysRq-<command key>'. Note - Some
           keyboards may not have a key labeled 'SysRq'. The 'SysRq' key is
           also known as the 'Print Screen' key. Also some keyboards cannot
	   handle so many keys being pressed at the same time, so you might
	   have better luck with "press Alt", "press SysRq", "release SysRq",
	   "press <command key>", release everything.

*  What are the 'command' keys?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'b'     - Will immediately reboot the system without syncing or unmounting
          your disks.

'c'	- Will perform a system crash by a NULL pointer dereference.
          A crashdump will be taken if configured.

'd'	- Shows all locks that are held.

'e'     - Send a SIGTERM to all processes, except for init.

'f'	- Will call the oom killer to kill a memory hog process, but do not
	  panic if nothing can be killed.

'g'	- Used by kgdb (kernel debugger)

'h'     - Will display help (actually any other key than those listed
          here will display help. but 'h' is easy to remember :-)

'i'     - Send a SIGKILL to all processes, except for init.

'j'     - Forcibly "Just thaw it" - filesystems frozen by the FIFREEZE ioctl.

'k'     - Secure Access Key (SAK) Kills all programs on the current virtual
          console. NOTE: See important comments below in SAK section.

'l'     - Shows a stack backtrace for all active CPUs.

'm'     - Will dump current memory info to your console.

'n'	- Used to make RT tasks nice-able

'o'     - Will shut your system off (if configured and supported).

'p'     - Will dump the current registers and flags to your console.

'q'     - Will dump per CPU lists of all armed hrtimers (but NOT regular
          timer_list timers) and detailed information about all
          clockevent devices.

'r'     - Turns off keyboard raw mode and sets it to XLATE.

's'     - Will attempt to sync all mounted filesystems.

't'     - Will dump a list of current tasks and their information to your
          console.

'u'     - Will attempt to remount all mounted filesystems read-only.

'v'	- Forcefully restores framebuffer console
'v'	- Causes ETM buffer dump [ARM-specific]

'w'	- Dumps tasks that are in uninterruptable (blocked) state.

'x'	- Used by xmon interface on ppc/powerpc platforms.
          Show global PMU Registers on sparc64.
          Dump all TLB entries on MIPS.

'y'	- Show global CPU Registers [SPARC-64 specific]

'z'	- Dump the ftrace buffer

'0'-'9' - Sets the console log level, controlling which kernel messages
          will be printed to your console. ('0', for example would make
          it so that only emergency messages like PANICs or OOPSes would
          make it to your console.)

More info :
https://www.kernel.org/doc/Documentation/sysrq.txt

NGINX redirect 404 and 403

location / {
error_page 404 = @foo;
error_page 403 = @foo;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
#Redirect to root
location @foo {
rewrite .* / permanent;
}

Discover MySQL database size

 

SELECT table_schema “DATABASE_NAME”,
sum( data_length + index_length ) / 1024 / 1024 “Data Base Size in MB”,
sum( data_free )/ 1024 / 1024 “Free Space in MB”
FROM information_schema.TABLES
GROUP BY table_schema ;

Adding 2 Elastic IPS in a EC2

• Create a routing table, I am using the name  eth1_route

echo ‘2 eth1_route’ >> /etc/iproute2/rt_tables

• Create the interface configuration /etc/network/interfaces

vi /etc/network/interfaces

auto eth1
iface eth1 inet static
address 172.31.100.5
netmask 255.255.255.0
network 172.31.100.0
broadcast 172.31.100.255
up ip route add default via 172.31.100.1 dev eth1 table eth1_route
up ip rule add from 172.31.100.0/24 lookup eth1_route prio 1000

Done!

Reducing TIME_WAIT sockets in Nginx and Apache

Edit /etc/sysctl.conf and add

# Enables fast recycling of TIME_WAIT sockets.
# (Use with caution according to the kernel documentation!)
net.ipv4.tcp_tw_recycle = 1

# Allow reuse of sockets in TIME_WAIT state for new connections
# only when it is safe from the network stack’s perspective.
net.ipv4.tcp_tw_reuse = 1

After this run in terminal

sysctl -p

 

PS: DO NOT USE THIS IF YOUR CLIENTS ARE BEHIND A NAT (Thanks Jero).

Reverse SSH, using SSH tunnel to bypass NAT

If you want to connect using SSH in a machine that is behind a NAT and have no wait to configure a port forward, here goes the way to do it.

#Execute this in machine behind NAT

ssh -o StrictHostKeyChecking=no -C -N -f -R 2222:127.0.0.1:22 user@remote_host_with_public_ip

#Execute this in server with public IP

ssh -p 2222 localhost -l root

Clear iptables rules

To clear all iptables rules you can simple execute this in your terminal ( using root user)

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT