How to Resolve java.lang.OutOfMemoryError: unable to create new native thread

How to Resolve java.lang.OutOfMemoryError: unable to create new native thread

Normally In Java there are 2 type of Out of Memory errors:

1. The java.lang.OutOfMemoryError Java heap space error : This exception trigger when the application attempts to allocate more data into the heap space area, but there is not enough room for it. Although there might be plenty of memory available on your machine, you have hit the maximum amount of memory allowed by your JVM, which can be set through the -Xmx parameter
 

2. The java.lang.OutOfMemoryError: Unable to create new native thread happens whenever the JVM asks for a new thread from the OS. If the underlying OS cannot allocate a new native thread, this OutOfMemoryError will be thrown.

There are Following Steps to identifying these issues:-

Step 1. Check Threads system wide Settings

             The /proc/sys/kernel/threads-max file provides a system-wide limit for the number of threads. The root user can change that value if u want.

$ echo 100000 > /proc/sys/kernel/threads-max

You can check the current number of running threads through the /proc/loadavg filesystem.

$ cat /proc/loadavg
0.41 0.45 0.57 3/749 28174

Step 2. Check number of processes per user

            On a Linux box, threads are essentially just processes with a shared address space. Therefore, you have to check if your OS allows you enough processes for user. we can check via below

ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 515005
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 4096
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

The default number of process per users is 1024 by default. At this point we will count the number of processes running. The number of processes running can be counted with a ps output:

$ ps -elf | wc -l 
230 

This number however does not consider the threads which can be spawned by a process. If you try to run ps with a -T you will see all of the threads as well:

$ ps -elfT | wc -l 
380

As you can see the process count increased significantly due to threads. Normally this is never any type of problem, However in Java based applications this can cause your system to run into system limits! Let's continue our investigation. Let's see how many Threads are spawned by your JBoss Process. You can do it in at least two ways:

$ ps -p JBOSSPID -lfT | wc -l

 The above shell will return the number of Lightweight Processes created for a Process indicated by the PID. This should match with the Thread Dump count generated by jstack:

$ jstack -l JBOSSPID | grep tid | wc -l

Now you should have evidence or not that you need to increase the number of processes for the user. This can be done with the following command:

$ ulimit -u 4096

Step 3: Check your threads PID limit
            Once that you have counted the number of threads, then you should verify that you are not hitting system limits, specified by the kernel.pid_max limit parameter. You can check this value by executing below command.

$ sysctl -a | grep kernel.pid_max  

kernel.pid_max = 32768

Step 4: Reduce the Thread Stack size
             Another option which you can use, if you are not able to modify the OS settings is reducing the stack size. The JVM has an interesting implementation, by which the more memory is allocated for the heap (not necessarily used by the heap), the less memory available in the stack, and since threads are made from the stack, in practice this means more “memory” in the heap sense (which is usually what people talk about) results in less threads being able to run concurrently.
First of all check the default Thread Stack size which is dependent on your Operating System:

$  java -XX:+PrintFlagsFinal -version | grep ThreadStackSize
intx ThreadStackSize                           = 1024                   {pd product}

As you can see, the default Thread Stack Size is 1024 kb in our machine. In order to reduce the stack size, add “-Xss” option to the JVM options. In JBoss EAP 6 / WildFly the minimum Thread stack size is 228kb. You can change it in Standalone mode by varying the JAVA_OPTS as in the following example:

JAVA_OPTS="-Xms128m -Xmx1303m -Xss256k"

In Domain Mode, you can configure the jvm element at various level (Host, Server Group, Server). There you can set the requested Stack Size as in the following section:

           
           
               
               
           

this article ref is mastertheboss.com

Read more...

How To Set Android *.APK MIME-TYPE For NGINX Web Server

How To Set Android *.APK MIME-TYPE For NGINX Web Server

Below are steps for how to add mime-type for Android APK file for Nginx web server.


Step 1:  Open /etc/nginx/mime.types And Android type
              sudo vi /etc/nginx/mime.types

             In “mime.types” file, add this line within the “types” block
types {
     ...
     ...
     application/vnd.android.package-archive     apk;
     ...
     ...
}

Step 2: Restart nginx server
            sudo service nginx restart 

Read more...

How to automatically recover Tomcat from crashes

How to automatically start Tomcat if tomcat automatically down :-

There are 2 Process :-

1. if your tomcat running via /etc/init.d/tomcat than we can use below shell script

#! /bin/sh 
SERVICE=/etc/init.d/tomcat 
STOPPED_MESSAGE="Tomcat Servlet Container is not running." 
 
if [ "`$SERVICE status`" == "$STOPPED_MESSAGE"]; 
then 
{ 
  $SERVICE start 
} 
fi 


2. if I don’t have /etc/init.d/tomcat* script than use below shell script


#! /bin/sh   
CATALINA_PID=/var/run/tomcat.pid; export CATALINA_PID

TOMCAT_HOME=/usr/local/tomcat   
if [ -f $TOMCAT_HOME/bin/tomcat.pid ] 
then 
  echo "PID file exists" 
  pid="`cat $TOMCAT_HOME/bin/tomcat.pid`" 
  if [ "X`ps -p $pid | awk '{print $1}' | tail -1`" != "XPID"] 
  then 
    echo "Tomcat is running" 
  else 
    echo "Tomcat had crashed" 
    $TOMCAT_HOME/bin/startup.sh 
  fi 
else 
  echo "PID file does not exist. Restarting..." 
  $TOMCAT_HOME/bin/startup.sh 
fi


Set your cron job via
crontab -e 

# monitor tomcat every 10 minutes 
*/10 * * * * /root/recover-tomcat.sh

or

# monitor tomcat every 2 minutes  
*/2 * * * * /root/recover-tomcat.sh  
 

Read more...

6 Graphical Interface for Git Client in Linux

6 Graphical Interface for Git Client in Linux : -

1. Git-cola :-
Git-cola comes with the usual pull, push, commit functions. and comes with a diff-viewer and file staging mode.

we can install Git Cola In Ubuntu via below command:-

sudo apt-get install git-cola

2. Gitg :-
Gitg comes commit changes and view the repositories in graphical display. and comes with diff viewer and a file browser.

we can install Gitg In Ubuntu via below command:-

sudo apt-get install gitg

3. SmartGit :-
SmartGit comes with pull, push, commit, track changes, clone, stage, branch and access remote repo. and also comes with support for GitHub, Beanstalk, Codebase and Unfuddle. it doesn’t work with BitBucket.

we can install SmartGit In Ubuntu via below steps :-

1. Download SmartGit.

2. Extract the tar file to your home folder.

3. Open a file manager and navigate to the bin folder inside the smartgit directory. Open the “smartgit.sh” file with a text editor.

Change the line

#SMARTGIT_JAVA_HOME=/usr/lib/java
to

SMARTGIT_JAVA_HOME=/usr/lib/jvm/java-1.6.0-openjdk/jre
At the last line of code, change the line:

$_JAVA_EXEC $_VM_PROPERTIES -Xmx${MAXIMUM_HEAP_SIZE} -Dsmartgit.vm-xmx=${MAXIMUM_HEAP_SIZE} -jar "$SMARTGIT_HOME/lib/smartgit.jar" "$@"
to

$_JAVA_EXEC $_VM_PROPERTIES -Xmx${MAXIMUM_HEAP_SIZE} -Dsmartgit.checkIncompatibleJava=false -Dsmartgit.vm-xmx=${MAXIMUM_HEAP_SIZE} -jar "$SMARTGIT_HOME/lib/smartgit.jar" "$@"
Save the file and close it.

4. Lastly, click the “smartgit.sh” file and select Run when prompted.


4. Giggle :-
Giggle comes with view the files and changes that you have previously committed, but you are not able to commit changes or pull/push from/to the git server.

we can install Giggle In Ubuntu via below command:-

sudo apt-get install giggle

5. Git Gui :-
Git Gui comes with stage, merge, commit, push changes to the remote server. It might not have a long feature list as SmartGit.

we can install Git Gui In Ubuntu via below command:-

sudo apt-get install git-gui

6. qGit :-
qgit is a git viewer based on the qt framework.

it comes with a diff viewer and a revision log viewer, and you can easily switch between both. also create Actions to pull, push, commit the changes rather than doing it on the terminal or other git client.

Read more...

Methods of Domain Control Validation (DCV)

Methods of Domain Control Validation (DCV) : -

All Comodo certificates must pass through DCV. before they are issued. Domain Control Validation is a mechanism used to prove ownership or control of a registered domain name.

There are 3 mechanisms for Domain Control Validation:

1. eMail-based DCV (Traditional) :-
You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control.

Valid email addresses are:
Any email address which our system can scrape from a port 43 whois check;

The following generic admin type email addresses @ the domain for which the certificate is being applied:
admin@
administrator@
postmaster@
hostmaster@
webmaster@

2. DNS CNAME-based :-
The CSR you submit to Comodo will be hashed. The hash values are provided to you and must be entered as a DNS CNAME record for your domain.

The hashes are to be entered as follows:

.yourdomain.com. CNAME .comodoca.com.


Note: Please take notice the trailing period/fullstop at the tail end of each of the TLDs as this is required to make the entry fully-qualified.

Note2: yourdomain.com in the example above (and below in the HTTP(S) method instructions) means the Fully Qualified Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC certificate, separate CNAME records must be created for EACH FQDN in your order.

Examples:
.subdomain1.yourdomain.com. CNAME .comodoca.com.
.subdomain2.yourdomain.com. CNAME .comodoca.com.

3. HTTP(S)-based DCV :-

The CSR you submit to Comodo will be hashed. The hash values are provided to you and you must create a simple plain-text file and place this in the root of your webserver and served over HTTP-only! 

The file and it's content should be as follows:

http://yourdomain.com/.txt

Content (as a plain text file): 

 

comodoca.com

Note: The DCV will fail if any redirection is in place.

Note 2: yourdomain.com in the example above (and in the CNAME method instructions; above) means the Fully Qualifed Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC, each FQDN in the certificate MUST have the TXT file in place in its root folder.

Examples: 

     subdomain1.yourdomain.com/.txt

     subdomain2.yourdomain.com/.txt

this content is powered by comodo.com. and ref source of this article is below.

https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/791/0/alternative-methods-of-domain-control-validation-dcv

Read more...

Connecting mobile with display to tv

Connecting mobile with display to HD TV :-

 to connect mobile screen to TV/ projector for live demo purpose.

There are 3 ways to get this working - wired; wireless devices; wired/wireless with apps/ emulators. Among these, wired is the best - no lag and maximum reliability.

Wired:-
Slimport to hdmi cable - This is the best solution however there are few things to note.
Works with only a few devices; check the list here - http://www.slimportconnect.com/slimport-supported-devices/ I personally prefer a (refurbished) Nexus 5 for this (~$100 on Amazon). Fire HD 6 tablet is a cheap tablet (~$69) that works with this.
Not every HDMI cable works with this - HDMI 1.4 or above should work which practically means all the recent HDMI cables but I carry a compatible one just to be on the safer side.
HDMI to VGA converter paired with VGA cable doesn't work.
Slimport to VGA cable paired with VGA cable doesn't work for me.
MHL to hdmi cable - This is as good as the previous one. Only issue is that there are different standards within MHL compatible devices so cable-device combination needs to be carefully chosen. I use this one https://www.amazon.com/Aibocn-Adapter-Samsung-Galaxy-N9008V/dp/B00DUCB65I/
Supported devices - http://www.mhltech.org/devices.aspx?tid=1


Wireless:-
WiDi - This is like Chromecast but better; creates its own network. Works with Oneplus one/ Surface and other Wifi Direct compatible phones. Standards and compatibility all over the place. I use this one - https://www.amazon.com/gp/product/B00O14JG2Y/ref=oh_aui_detailpage_o05_s00?ie=UTF8&psc=1 with Oneplus phones.
Chromecast - Laggy, depends on wifi strength; not recommended.
Apps/ Emulators:
Laggy, high latency, has never worked satisfactorily for me.
Popular apps - Airdroid 3, Vysor, Mirror
PFB a note prepared by Arpit on how to use this.

Other:-
Chromebooks will soon be able to run play store apps; this can be a good solution in 3-6 months' time-frame.
App runtime for Chrome - ARC; this should work but hasn't for me. https://developer.chrome.com/apps/getstarted_arc
USB-C to hdmi / displayport - This should be ubiquitous in an year's time. This is a really good solution but currently only few devices support it a la HTC 10


Note on screen mirroring using ADB

Phones
1. We are using MotoG 3rd Gen devices. Everyone can collect them from Priyanka tomorrow at their own convenience.

2. Everyone should install their respective apps / demo content on their phones

3. Please ensure that USB debugging is enabled on the phones. For detailed instructions on activating USB debugging, please visit http://www.gizmotimes.com/smartphones/how-to/turn-usb-debugging-mode-on-moto-g-3rd-gen/1436

Macs
1. Please install Chrome browser on your systems (if not already installed).

2. Install Vysor chrome app from https://chrome.google.com/webstore/detail/vysor-beta/gidgenkbbabolejbgbpnhbimgjbffefm

Mirroring
1. To mirror the phone on the laptop screen, connect the phone to the laptop via USB and start the Vysor app.

Read more...

How To Add Hosts file entry in Windows to verify websites

How To Add Hosts file entry in Windows to verify websites :-

Adding host file entry to verify websites via below steps-

Steps 1. Add an entry in your system’s hosts file.

Hosts File Location for Windows :
%SystemRoot%\system32\drivers\etc\ (system root is c:\windows usually )

What we needs to be appended to this file ?

We need to append, for eg.:
182.17.10.1 example.info www.example.info

What it does ?
It tells our computer not to use the ip defined in DNS records, but use the one we appended.

now need to test via browser.

Read more...

Rotating Mysql Slow Query Log

How To Rotating Mysql Slow Query Log :-

as assumptions.
1. Your mysql user is “mysql”
2. Your mysql slow query log is /var/log/mysql/mysql-slow.log

The script is written to perform the following actions:
1. Rotate weekly
2. Retain 3 rotations (3 files + live log)
3. Compress on rotate (gzip)
4. Create new logfile with 660 permissions chowned to mysql:mysql
5. Run: mysqladmin flush-logs

Note- Please be aware that the flush logs command will also rotate any binary logging currently in place, Note:- please ensure this will not adversely affect your deployment prior to use
Note:- Please ensure you carry out your own testing prior to deploying this script into a live environment.

#
# place this script in /etc/logrotate.d/ or your appropriate logrotate dir.
#
# NOTE: if you are reliant on binlogs i.e. for replication, 'flush logs' closes the current binlog and moves to the next itteration of log files
# You should test this does not cause an issue with your deployment before using this script
# 
/var/log/mysql/mysql-slow.log {
    weekly
    rotate 3
    compress
    missingok
    notifempty
    sharedscripts
    create 660 mysql mysql
    postrotate
        /usr/bin/mysqladmin flush-logs
    endscript
}

Read more...

How can we audit a MySQL server ?

How can we audit a MySQL server ?


Below are the various loging technologies available on a MySQL server for auditing :

1. The error log
2. The slow query log
3. The binary log
4. Custom made triggers
5. Using MySQL Proxy
6. The general  log


1. Using the error log :-

The error log contains information indicating when mysqld was started and stopped and also any critical errors.
The log_warnings system variable can be used to control warning logging to the error log.  If enabled aborted connections are written to the error log, and access-denied errors for new connection attempts are written.

mysql> set global log_warnings=2;
if we generate a connection with wrong password we get in the error log

$ mysql --protocol=TCP -hlocalhost -u root -P3309 -pxxx2

$ tail -f serge.err
...
130403 15:24:19 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
Unfortunately the error log does not contain any information about the queries run against the database so it cannot be used as the basis of an auditing solution.

2. Using the he slow query log :-

Can we use the MySQL Slow  Query log as an audit solution ? It give some info but unfortunately this is not enough to be considered as an audit solution.
The slow query log consists of SQL statements that took more than long_query_time seconds to execute. The long _query_time can be set to 0 to log everything. Catching all queries through the slow query log can be costly as timing information is also collected and written.

mysql> set global slow_query_log=on;
mysql> set global long_query_time=0;
mysql> set global log_queries_not_using_indexes=on;
For a givent query we got in the log :

Time Id Command Argument
# Time: 140504 16:56:46
# User@Host: root[root] @ localhost [127.0.0.1] Id: 1
# Query_time: 0.492536 Lock_time: 0.032216 Rows_sent: 200 Rows_examined: 39222
use test;
SET timestamp=1466887444;
select * from (SELECT title, post_url,date(post_date) dt, author, MATCH(title,extract) AGAINST (' backup restore' in boolean mode) as Relevance FROM post where post_date > '2010-01-01'ORDER BY Relevance DESC limit 200) xx order by dt desc;
All statement are logged (select, insert update, delete). Connections are missing. We do not get  trace of failed requests.  There is no idea of filtering on users / schemas / tables. It is an everything or nothing mechanism. The impact on performance can be big.

3. Using binary log :-

The binary log contains only queries that have modified the data through commited transactions. So if a suspicious select is generated it will not appear here. This can however (if no other audit information is available) be used to discover when a modification was made. The binary log can be read an filtered to discover the modification.

4. Using triggers :-

Another sometimes used solution would be to use triggers on critical table. This solution is painful to maintain. Like with binary logs this only deals with data modification tracking. There is no trigger on connection or on select. Moreover as MySQL allow only one trigger per table this can become complicated for application requiring triggers for other purposes.

5. Using the MySQL Proxy :-

http://dev.mysql.com/doc/refman/5.6/en/mysql-proxy.html MySQL Proxy when it firs appeared has raised a lot of expectations. It can effectively be used to implement auditing, policy enforcement. Unfortunately the MySQL Proxy product has remained in the alpha status since many years. Because of this alpha status and total lack of visibility it cannot be part of a production long term solution.

6. Using the general log :-

The general log is a logging capability of the MySQL server allowing to log all queries recieved  by the server. As it logs all the queries it gives more info than the precedent techniques.

Let us try it

[user@user ~]$ mysql --protocol=TCP -hlocalhost -u root -P3306 -pmanager1
...
mysql> use test;
mysql> show tables;
mysql> create table titi(col1 int);
mysql> insert into titi values(3);
mysql> commit;
mysql> exit;

let do a failing connection :

[sfrezefo@serge ~]$ mysql --protocol=TCP -hlocalhost -u root -P3309 -pmanager2

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

This is what we get int the general log

Time Id Command Argument
130327 10:51:34 2 Connect root@localhost on
                2 Query select @@version_comment limit 1
130327 10:55:03 2 Quit
130327 10:55:07 3 Connect root@localhost on
                3 Query select @@version_comment limit 1
130327 10:55:15 3 Query SELECT DATABASE()
                3 Init DB test
                3 Query show databases
                3 Query show tables
                3 Field List planetpost
130327 10:55:26 3 Query show tables
130327 10:55:50 3 Query create table titi(col1 int)
130327 10:56:08 3 Query insert into titi values(3)
130327 10:56:13 3 Query commit
130327 13:33:41 3 Quit
130327 13:33:47 4 Connect root@localhost on

                4 Connect Access denied for user 'root'@'localhost' (using password: YES)

What is missing ? We  get the successful or failed connection. Subsequent queries are linked to the opened sessions  We get  trace of failed request except when syntactically invalid.  There is no idea of filtering on users/schemas/tables. It is an everything or nothing mechanism. The impact on performance can be big.

Conclusion :-


None of the technique presented carry enough information or flexibility to be considered as  auditing solutions.

Read more...

How to solve java.sql.SQLNonTransientConnectionException: Could not read resultset: Connection reset?

How to solve java.sql.SQLNonTransientConnectionException: Could not read resultset: Connection reset?

MariaDB server closing client connections unexpectedly ?

how to drop MySQL's autoReconnect=true from Confluence ?

Exceptions are blow --

java.sql.SQLNonTransientConnectionException: Could not read resultset: Connection reset
        at org.mariadb.jdbc.internal.SQLExceptionMapper.get(SQLExceptionMapper.java:136)
        at org.mariadb.jdbc.internal.SQLExceptionMapper.throwException(SQLExceptionMapper.java:106)
        at org.mariadb.jdbc.MySQLStatement.executeQueryEpilog(MySQLStatement.java:264)
        at org.mariadb.jdbc.MySQLStatement.execute(MySQLStatement.java:288)
        at org.mariadb.jdbc.MySQLStatement.executeQuery(MySQLStatement.java:302)
        at org.mariadb.jdbc.MySQLStatement.executeQuery(MySQLStatement.java:361)
        at org.apache.commons.dbcp.DelegatingStatement.executeQuery(DelegatingStatement.java:208)
        at org.apache.commons.dbcp.DelegatingStatement.executeQuery(DelegatingStatement.java:208)
        at com.vimba.database.DBFactory.attemptLoginWithTempPasswordDetails(DBFactory.java:181)
        at com.vimba.database.DBFactory.authenticate(DBFactory.java:131)
        at com.vimba.service.ExposedFunctions.login(ExposedFunctions.java:88)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:483)
        at com.sun.xml.ws.api.server.InstanceResolver$1.invoke(InstanceResolver.java:210)
        at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:132)
        at com.sun.xml.ws.server.sei.EndpointMethodHandler.invoke(EndpointMethodHandler.java:241)
        at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:74)
        at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:559)
        at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:518)
        at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:503)
        at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:400)
        at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:226)
        at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:375)
        at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:175)
        at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:134)
        at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doPost(WSServletDelegate.java:159)
        at com.sun.xml.ws.transport.http.servlet.WSServlet.doPost(WSServlet.java:49)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.mariadb.jdbc.internal.common.QueryException: Could not read resultset: Connection reset
        at org.mariadb.jdbc.internal.mysql.MySQLProtocol.getResult(MySQLProtocol.java:926)
        at org.mariadb.jdbc.internal.mysql.MySQLProtocol.executeQuery(MySQLProtocol.java:991)
        at org.mariadb.jdbc.MySQLStatement.execute(MySQLStatement.java:281)
        ... 40 more
Caused by: java.net.SocketException: Connection reset


Solution is :-

ValidationQuery
Setting the validationQuery attribute to valid query for MySQL (e.g. "SELECT 1") prevents connection problems when using a data source in Tomcat (version tested is Tomcat 6.0.26 as used in Confluence 3.4 standalone) which is using DBCP.
autoReconnect is not required for this configuration.
                   
                        username="USER"
                        password="PASSWORD"
                        driverClassName="com.mysql.jdbc.Driver"
                        url="jdbc:mysql://localhost:3306/confluence?useUnicode=true&characterEncoding=utf8"
                        maxActive="15"
                        maxIdle="7"
                        validationQuery="Select 1" />

Note: Setting the validationQuery option on the database connection pool will have a performance impact as DBCP will use this query to validate connections before returning them to the caller.

Using autoReconnect without using the validationQuery does not prevent {{com.mysql.jdbc.exceptions.jdbc4.CommunicationsException}}s!


Or

you can use sessionVariables in the client's JDBC URL like so:
jdbc:mysql://hostname:3306/schema?sessionVariables=wait_timeout=600

u can try autoreconect also
jdbc:mysql://hostname:3306/schema?sessionVariables=wait_timeout=600&autoReconnect=true

Or

mysql://db_user:db_user@localhost/mydb?autoReconnect=true&useUnicode=yes

Read more...

SVN to GIT Migration Steps in BitBucket

SVN to GIT Migration Steps in BitBucket

Below are the Steps for migration from SVN to GIT


One time steps:-

Step 1. Install Git
            >apt-get install git

Step 2. Install GIT-SVN
           >sudo apt-get install git-svn

Step 3. Download svn migration JAR and place in root folder
            https://bitbucket.org/atlassian/svn-migration-scripts/downloads

Step 4. Check If all requirements are OK using verify command
            >java -jar ~/svn-migration-scripts.jar verify

This should give git version, svn version and git-svn version.



Steps to migrate a repository:-

Step 1. Export SVN authors
            java -jar ~/svn-migration-scripts.jar authors svn://192.16.32.10/repoName > authors.txt
or
            java -jar ~/svn-migration-scripts.jar authors svn://localhost/repoName > /usr/temp/repoNameAuthors.txt
This will create authors of SVN which will be mapped to GIT users during migration

Step 2. Change this authors file manually so that user names and email adresses are proper. Save this authors file. This file will be used while SVN to GIT conversion

Step 3. Convert SVN repository to GIT repository
git svn clone --stdlayout --authors-file= svn://
E.g.
git svn clone --stdlayout --authors-file=MyProjectauthors.txt svn://localhost/MyProject /root/GitProjects/MyProject

Step 4. Change directory to GIT repository
E.g. cd /root/GitProjects/MyProject

Step 5. Clean the tags. (To see which tags will be cleaned use below command. Note it will not make any changes)
java -Dfile.encoding=utf-8 -jar ~/svn-migration-scripts.jar clean-git

Step 6. Actually clean the tags.
java -Dfile.encoding=utf-8 -jar ~/svn-migration-scripts.jar clean-git --force

Step 7. Now a git repository is created which is on our local system. we need to import this on bitbucket

Step 8. Go to bitbucket and create a GIT repository

Step 9. On our system on command line change directory to git repository folder

Step 10. Add bitbucket repository as origin repository. From local system where we have converted repository execute this command
git remote add origin https://@bitbucket.org//.git
e.g.
git remote add origin https://gs51@bitbucket.org/gs51/MyProject.git

Step 10. Actually push the contents
              git push -u origin --all

Step 11. Push Tags
              git push --tags

Thanks

Read more...

WSO2 API Manager - Apache Reverse Proxy Configuration

How To Configure WSO2 API Manager in Apache Reverse Proxy :-

Architecture Like Below as Example

Public Urls

https://myexample.com/store
https://myexample.com/publisher
https://myexample.com/admin-dashboard

http://api.myexample.com
https://api.myexample.com


Apache 2

API Manager Server
apps internal Urls
https://backserver1.myexample.com:9443/store
https://backserver1.myexample.com:9443/publisher
https://backserver1.myexample.com:9443/admin-dashboard
https://backserver1.myexample.com:9443/carbon

gateway internal Urls
http://backserver1.myexample.com:8280/
http://backserver1.myexample.com:8243/

Apache Configuration

This configuration has been tested with WSO2 API Manager 1.9 on RHEL 6.6 and Apache 2.2.15 and on Debian Jessie and Apache 2.4.10.

Apache modules pre-requisites

We need modules proxy, proxy_http, ssl and rewrite.

Virtuals hosts configuration

Below, configuration for the gateway virtual host.



              DocumentRoot /var/www/apim
              ServerName api.mycompny.com
              UseCanonicalName On
              ProxyRequests Off

              ProxyPass / http://bckserver1.mycompany.com:8280/
              ProxyPassReverse / http://bckserver1.mycompany.com:8280/
              CustomLog /var/log/httpd/api.mycompany.com.access.log combined
              ErrorLog /var/log/httpd/api.mycompany.com.error.log


              DocumentRoot  /var/www/apim
              ServerName api.mycompany.com
              ProxyRequests Off
              UseCanonicalName On
              SSLEngine on
              SSLCertificateFile /etc/httpd/ssl/ssl.crt/api.mycompany.com.crt
              SSLCertificateKeyFile /etc/httpd/ssl/ssl.key/api.mycompany.com.key
              SSLCertificateChainFile /etc/httpd/ssl/ssl.crt/MyCA.crt

              SSLProxyEngine On
              SSLProxyCheckPeerCN off
              SSLProxyCheckPeerExpire off

              ProxyPass / https://bckserver1.mycompany.com:8243/
              ProxyPassReverse / https://bckserver1.mycompany.com:8243/

              CustomLog /var/log/httpd/api.mycompany.com.access.log combined
              ErrorLog /var/log/httpd/api.mycompany.com.error.log


And below configuration for apps virtual host.


        DocumentRoot /var/www/apim
        ServerName myexample.com
        UseCanonicalName On
        CustomLog /var/log/httpd/myexample.com.access.log combined
        ErrorLog /var/log/httpd/myexample.com.error.log

        RewriteEngine On
        RewriteCond %{HTTP_HOST} ^myexample.com
        RewriteRule (.*)        https://myexample.com%{REQUEST_URI} [R=permanent,L]


        ServerName myexample.com
        DocumentRoot /var/www/apim
        UseCanonicalName On

        CustomLog /var/log/httpd/myexample.com.log combined
        ErrorLog /var/log/httpd/myexample.com.error.log

        SSLEngine on
        SSLCertificateFile /etc/httpd/ssl/ssl.crt/myexample.com.crt
        SSLCertificateKeyFile /etc/httpd/ssl/ssl.key/myexample.com.key
        SSLCertificateChainFile /etc/httpd/ssl/ssl.crt/myCA.crt

        SSLProxyEngine On
        SSLProxyCheckPeerCN Off
        SSLProxyCheckPeerExpire Off
        ProxyRequests Off
       
                ProxyPass https://backserver1.myexample.com:9443/$1registry$2
       
       
                ProxyPass https://backserver1.myexample.com:9443/$1registry$2
       
       
                ProxyPass https://backserver1.myexample.com:9443/store
                ProxyPassReverse https://backserver1.myexample.com:9443/store
       
       
                ProxyPass https://serverbck1.myexample.com:9443/publisher
                ProxyPassReverse https://serverbck1.myexample.com:9443/publisher
       
       
                ProxyPass https://backserver1.myexample.com:9443/registry
                ProxyPassReverse https://backserver1.myexample.com:9443/registry
       
       
                ProxyPass https://backserver1.myexample.com:9443/admin-dashboard
                ProxyPassReverse https://backserver1.myexample.com:9443/admin-dashboard
       


Note 2 specials rules for store and publisher that needs to send some requests to registry (for example, to download pictures or resources linked to APIs).

Of course, we only expose apps ; we don’t expose carbon admin console or some others apps.

For now, that’s all I need. But I suppose that later I will have to expose other URI like/services or /oauth2. I will then edit this post in this case to update configuration.

WSO2 API Manager Configuration

In the API Manger, I needed to edit some configuration files :

In $APIM_HOME/repository/conf/tomcat/catalina-server.xml, add proxyPort and hostname in the SSL Connector :

         port="9443"
         proxyPort="443"
         hostname="myexample.com"

In $APIM_HOME/repository/conf/axi2/axis2.xml, add proxyPort and hostname in the HTTP and HTTPS receiver :


        8280
        true
        80
        api.myexample.com

<...>

  
        8243
        true
        443
        api.myexample.com


In $APIM_HOME/repository/conf/api-manager.xml, modify Gateway URLs :



       
       
               
               
                        Production and Sandbox
                    Description of environment
                       
                        https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
                       
                        admin
                       
                        admin
                       
                        http://api.myexample.com:80,https://api.myexample.com:443
               
       


Following WSO2 Documentation, I also needed need to edit store and publisher configuration files :

In $APIM_HOME/repository/deployement/server/jaggeryapps/store/site/conf/site.json :

"reverseProxy" : {
        "enabled" : true,    // values true , false , "auto" - will look for  X-Forwarded-* headers
        "host" : "myexample.com", // If reverse proxy do not have a domain name use IP
        "context":"/store",
      //"regContext":"" // Use only if different path is used for registry
    },



In $APIM_HOME/repository/deployement/server/jaggeryapps/publisher/site/conf/site.json :

"reverseProxy" : {
        "enabled" : true,    // values true , false , "auto" - will look for  X-Forwarded-* headers
        "host" : "myexample.com", // If reverse proxy do not have a domain name use IP
        "context":"/publisher",
      //"regContext":"" // Use only if different path is used for registry
    },


keytool -import -file myexample.crt -keystore client-truststore.jks -storepass wso2carbon -alias myexample


Finally, Restart everything!

Read more...

User-Agent based redirect in haproxy

How To Do User-Agent based redirect in haproxy :-

below are the steps:-

1) Create new ACL to identifiy user-agent:

acl mobile_user_agent hdr_sub(User-Agent) -i iphone

2) We didn't want to redirect any requests for .css, .js, .bmp, .jpg, .png, .jpeg, .gif and .ico so created a new ACL


acl is_static_file url_reg .*\.(css|js)\?[0-9.]+
acl is_static_img url_reg .*\.(png|bmp|jpg|jpeg|gif|ico)\?[0-9a-z.]+
acl is_static url_reg .*\.(css|js|png|bmp|jpg|jpeg|gif|ico)

3) If request was for /mobile/* we didn't want to redirect so yet another ACL :)

acl is_mobile url_reg ^\/mobile.*

4) Do a URL rewrite as follows:

reqrep ^([^\ ]*)\ /(.*)   \1\ /mobile/\2 if iphone !is_static_file !is_static_img !is_static !is_mobile

So now any request coming from a mobile device for any thing other than .css, .js, .png, .gif, .bmp, .jpg, .jpeg, ico will be redirected to /mobile/.

So a request like www.example.com/pqr will become www.example.com/mobile/pqr !

Read more...

Nginx - Redirect Mobile / Smart Phone Traffic To Mobile Version Of the Web Site

How to Redirect Mobile / Smart Phone Traffic To Mobile Version Of the Web Site Via Nginx :-

Nginx configurations:-
Edit nginx.conf file and append the following after server directive:-

set $mobile_rewrite do_not_perform;

## chi http_user_agent for mobile / smart phones ##
if ($http_user_agent ~* "(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino") {
  set $mobile_rewrite perform;
}

if ($http_user_agent ~* "^(1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-)") {
  set $mobile_rewrite perform;
}

## redirect to m.example.com ##
if ($mobile_rewrite = perform) {
  rewrite ^ http://m.example.com$request_uri? redirect;
  break;
}



Adding exceptions:-
You can allow user to browse and view desktop version of your site if url has www.example.com/?desktop=true. You can set cookie as follows:-

set $force_dt_cookie  "";
if ($args ~ 'desktop=true') {
  set $mobile_rewrite do_not_perform;
  set $force_dt_cookie  "desktop=true";
}
add_header Set-Cookie $force_dt_cookie;
if ($http_cookie ~ 'desktop=true') {
  set $mobile_rewrite do_not_perform;
}

Save and close the file. Restart or reload the nginx server, enter:
# /usr/sbin/nginx -s reload
OR
# /etc/init.d/nginx reload


Test it:-

Use the curl command as follows to see redirection:

curl -I -A "UserAgentString" http://www.example.com
curl -I -A "Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543a Safari/419.3" http://www.example.com
curl -I -A "Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543a Safari/419.3" 'http://www.example.com/?desktop=true'

Read more...

Install iptables and Disable Firewalld on CentOS 7 / RHEL 7

Install iptables and Disable Firewalld on CentOS 7 / RHEL 7 :- 

There are below Steps to install iptables and disable firewalld :-

Step 1:- Disable Firewalld Service
            [root@server ~]# systemctl mask firewalld

Step 2:- Stop Firewalld Service
            [root@server ~]# systemctl stop firewalld

Step 3:- Install iptables service related packages
          [root@server ~]# yum -y install iptables-services

Step 4:- Make sure service starts at boot
           [root@server ~]# systemctl enable iptables

          # If you do not want ip6tables, You can skip following command.
         [root@server ~]# systemctl enable ip6tables

Step 5:- Now, Finally Let’s start the iptables services
          [root@server ~]# systemctl start iptables
         
          # If you do not want ip6tables, You can skip following command
          [root@server ~]# systemctl start ip6tables 

Read more...

How to Install Apache on CentOS 7

How to Install Apache on CentOS 7 :-

Following Steps to install apache on CentOS7.

Step 1:- Install Apache
          # sudo yum clean all
          # sudo yum -y update
          # sudo yum -y install httpd

Step 2:- Allow Apache via Firewall
          Allow the default HTTP and HTTPS port, ports 80 and 443, through firewalld:
         # sudo firewall-cmd --permanent --add-port=80/tcp
         # sudo firewall-cmd --permanent --add-port=443/tcp

         And reload the firewall:
         # sudo firewall-cmd --reload

Step 3:- Configure Apache to Start on Boot
         # sudo systemctl start httpd
         # sudo systemctl enable httpd
         # sudo systemctl status httpd

         To stop Apache:
         # sudo systemctl stop httpd

Read more...

Installing MariaDB In Centos 7 With Yum

Installing MariaDB In Centos 7 With Yum :-

Following Steps

1. Add the MariaDB YUM Repository :-
  [root@server ~]# touch /etc/yum.repos.d/MariaDB.repo

   [root@server ~]# vi /etc/yum.repos.d/MariaDB.repo
    and add below entry 

  [mariadb]
  name = MariaDB
  baseurl = http://yum.mariadb.org/10.1/centos7-amd64
  gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
  gpgcheck=1

2. Install MariaDB with YUM :-
    [root@server ~]#  sudo yum install MariaDB-server MariaDB-client

3. Set Password :-
  
[root@server ~]# /usr/bin/mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
 - Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
 ... Failed!  Not critical, keep moving...
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

4. systemctl start mariadb

Be sure that MySQL/MariaDB starts at boot:

systemctl enable mariadb

5. To check the status of MySQL/MariaDB:

systemctl status mariadb

6. To stop MySQL/MariaDB:

systemctl stop mariadb

7. Check the installation with the command client:

mysql

Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 10.1.40-MariaDB MariaDB Server

Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
 

Read more...

How to Install and Configure HAProxy on CentOS (RHEL) 7 and 6 and 5

How to Install and Configure HAProxy on CentOS/RHEL 7/6/5

There are following steps :-

1. Install HAProxy :-
    [root@mylappy ~]# yum -y install haproxy

2. Configure HAProxy :-
    
[root@mylappy ~]# mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.org
[root@mylappy ~]# vi /etc/haproxy/haproxy.cfg
# create new
 global
      # for logging section
    log         127.0.0.1 local2 info
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
      # max per-process number of connections
    maxconn     256
      # process' user and group
    user        haproxy
    group       haproxy
      # makes the process fork into background
    daemon

defaults
      # running mode
    mode               http
      # use global settings
    log                global
      # get HTTP request log
    option             httplog
      # timeout if backends do not reply
    timeout connect    10s
      # timeout on client side
    timeout client     30s
      # timeout on server side
    timeout server     30s

# define frontend ( set any name for "http-in" section )
frontend http-in
      # listen 80
    bind *:80
      # set default backend
    default_backend    backend_servers
      # send X-Forwarded-For header
    option             forwardfor

# define backend
backend backend_servers
      # balance with roundrobin
    balance            roundrobin
      # define backend servers
    server             wwwserver1 10.0.0.1:80 check
    server             wwwserver2 10.0.0.2:80 check
   
[root@mylappy ~]# systemctl start haproxy
[root@mylappy ~]# systemctl enable haproxy

3. Configure Rsyslog to get logs for HAProxy :-
   [root@mylappy ~]# vi /etc/rsyslog.conf
# line 15,16: uncomment, lne 17: add
$ModLoad imudp
$UDPServerRun 514
$AllowedSender UDP, 127.0.0.1
# line 54: change like follows
*.info;mail.none;authpriv.none;cron.none,local2.none   /var/log/messages
 local2.*                                                /var/log/haproxy.log

[root@mylappy ~]# systemctl restart rsyslog

4. Change httpd settings on Backends to logging X-Forwarded-For header :-
[root@mylappy ~]# vi /etc/httpd/conf/httpd.conf
# line 196: change like follows
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
[root@mylappy ~]# systemctl restart httpd

5. Enable and start the haproxy service on each server:-
[root@mylappy ~]# systemctl enable haproxy
ln -s '/usr/lib/systemd/system/haproxy.service' \
  '/etc/systemd/system/multi-user.target.wants/haproxy.service'
[root@mylappy ~]# systemctl start haproxy
If you change the HAProxy configuration, reload the haproxy service:

[root@mylappy ~]# systemctl reload haproxy


6. Make sure all works fine to access to the frontend server from a Client with HTTP to check in browser

Read more...

-bash: bzip2: command not found on contos

-bash: bzip2: command not found on centos :-

if you get below message in your screen than install bzip2 via below command :-

yum install bzip2

Read more...

How to Set Date, Time, Zone on linux sever

How to Set Date, Time, Zone on linux server ?


To Check current date and time Use Date Command :-
date
Fri June 14 21:22:41 CET 2012

How To Set Date:-
Use below comand to set new data and time:

date set="STRING"
example like :

date -s "28 May 2012 17:00:00"

How To Set Time:-
Use below Command To set time:

date +%T -s "06:11:16"
Where:

06: Hour (hh)
11: Minute (mm)
16: Second (ss)


Change timezone :-

/etc /localtime file has details about time zone. The Zone information file is located at /usr/share/zoneinfo and this depends on your distribution.

cd /etc/
ln -sf /usr/share/zoneinfo/EST localtime

If you want to set to IST (Asia/Calcutta):

ln -sf /usr/share/zoneinfo/Asia/Calcutta localtime

Read more...

How to reset root users privileges in MySQL

How to reset root users privileges in MySQL

when ever you lost root user privileges. or you see below error multiple times.

"#1045 - Access denied for user 'root'@'localhost' (using password: YES)"

So How can I restore the MySQL root user’s full privileges? If the GRANT ALL doesn't work.

Don't Worry below steps Help to restore root user privileges.

Step 1:- Stop mysqld
          > /etc/init.d/mysqld stop
         
Step 2:- Start it with the --skip-grant-tables option.
         > /etc/init.d/mysqld start --skip-grant-tables

Step 3:- Connect to the mysqld server with just: mysql,  no -u, -p option required
          > mysql

Step 4:- Use Mysql
         > use mysql;

Step 5:- Update root privileges
           >update user set Select_priv='Y', Insert_priv='Y',Update_priv='Y',Delete_priv='Y',
        Create_priv='Y',Drop_priv='Y',Reload_priv='Y',Shutdown_priv='Y',
        Process_priv='Y',File_priv='Y',Grant_priv='Y',References_priv='Y',
        Index_priv='Y',Alter_priv='Y',Show_db_priv='Y',Super_priv='Y',
        Create_tmp_table_priv='Y',Lock_tables_priv='Y',Execute_priv='Y',
        Repl_slave_priv='Y',Repl_client_priv='Y',Create_view_priv='Y',
        Show_view_priv='Y',Create_routine_priv='Y',Alter_routine_priv='Y',
        Create_user_priv='Y',Event_priv='Y',Trigger_priv='Y' where User='root';

Step 6:- Give All Privileges to user
             GRANT ALL ON *.* TO 'root'@'localhost';

After that, you just need to stop the MySQL and start again.

Read more...