Tag: VirtualBox

Diving into the basics of IPv6

The Internet is growing. In case you are not on IPv6, for sure one day, you might need to migrate from IPv4 to IPv6. Now what kind of methodology you would apply whether a dual stack or a direct changeover depends upon a rigid observation and analysis of the network infrastructure. But, it should no more be taken as a complexity. Since a few years, many companies, government bodies, ISPs, and others are moving towards IPv6. Some are adopting dual stack. IPv6 can be said to be version 2 of the Internet. In this blog post, I will make my best to shed some basics and simple way to understand the features and benefits when using IPv6. I will also contrast it with IPv4. For research purpose, I have perused several books and blogs over the Internet and, same are referenced below. One of the challenges in Africa is to enable the smooth transition to IPv6. Whilst others are doing dual stack, others have successfully migrated the whole network infrastructure to IPv6. IPv4 has been created in the early ’80s. The Internet growth which is so huge and it will definitely need to move ahead with modern technology IPv6 running at its core. I had always admired one of the modern futurist physicist, Dr. Michio Kaku who said that “In the future, the Internet might become a brain“.

Diving into the basics of IPv6 1

So why do we really need IPv6?

Besides, from the growth of the Internet and the scarcity of  IPv4 addresses, we all knew that in IPv4, the network has been divided into two parts which are the Private IPs and the Public IPs allocation. And, those two segments which are Interconnected required NAT configuration. This breaks the contiguous of the Internet. Another reason is that there is no security in IPv4 at its core. Of course, there are other strategies to secure an IPv4 network. When it comes to data prioritization, it cannot be done at the core of IPv4 which means that there is not much of Quality of Service (QoS). In IPv4, we can configure or assigned an IP to a device or simply use an address configuration mechanism such as DHCP. But, the moment DHCP is down, we land into a problem. Here is the catch, this means that there is no way to make a device to be assigned a globally unique address. So, that’s why we need IPv6. Well, wait… What happened to IPv5 ? and what about IPv1, IPv2, and IPv3?

What happened to IPv1, IPv2, IPv3, and IPv5?

Have a look at the diagram below which makes it pretty easy to understand:

Photo Credits: tutorialspoint.com
Photo Credits: tutorialspoint.com

So, IPv0, IPv1, IPv2, and IPv3 were used in the development testing phase. Ipv5 was used while doing the Stream experimentation of the Internet.

Features of IPv6

There is no backward compatibility when using IPv6, but, the basic functions remain the same, and the features have been changed completely. Since IPv4 is a 32-bit address and IPv6 is a 128-bit address, just imagine how much bigger it is. When compared to an IPv4 address bit, IPv6 has four times more bits. We can say that there are more than 1500 IP addresses per square meter on earth.

Photo credits: transition.fcc.gov
Photo credits: transition.fcc.gov

Another feature of the IPv6 is about the header which is twice the size of IPv4.

Photo Credits: radioworld.com
Photo Credits: radioworld.com

In IPv6, there is also end-to-end connectivity which means that NAT is not required for the continuity of the Internet. Every host can reach another host over the Internet.

Photo Credits: concurrency.com
Photo Credits: concurrency.com

Other features are “auto-configuration” which can be either stateful or stateless. Stateless is a mechanism that does not require any intermediate support in the form of DHCP for IP assignment whereas Stateful serves IP addresses from a pool. Also to take into consideration is “faster routing”. In IPv6, the routing information is stored in the first part of the header which makes routing decisions faster by the router. Another feature is IPSec (IP Security). It creates an end-to-end tunnel between the source and the target though it is optional. “No Broadcast” is another feature within IPv6. Using an IPv4 network, you will notice during the IP Address configuration, the clients need to broadcast to the DHCP. In IPv6, the client doesn’t need to broadcast and instead will multicast to communicate with machines over the network. It is important to understand the difference between ‘broadcast’ (one-to-all) and ‘multicast'(one-to-many). In broadcast, clients will send messages to all hosts on the network, whereas in multicast, messages are sent to a group of stations. This allows the building of distribution networks where group management is required. IPv6 does not limits itself to multicast but also bring the ‘unicast’ (one-to-one) feature. This is used especially between routers which need to communicate to a specific router. However, if you have several routers nearby and you can choose any routers for communication, let’s say for a CDN purpose, we can use the anycast method to process efficiency packet routing.

Photo Credits: techiemaster.wordpress.com
Photo Credits: techiemaster.wordpress.com

Reading IPv6 addressing

Now, that you have grasped the basic concepts of IPv6 and why we need it, let’s see how to read IPv6. An IPv6 address is made up of 128-bits divided into 16-bits blocks. Each block is then converted into 4-digits hexadecimal numbers separated by colon symbol. For example, this is an IPv6 address in binary:

0010011000000110 0100011100000000 0000000000110000 0000000000000000 0000000000000000 0000000000000000 0110100000010010 0010100001100000

Since we have three series of zeros, it can be escaped between the two colons symbols. Leading zeros in the third block will result in 30. In case, you had one block of zeros, use one zero in the hexadecimal IP address. When converted to hexadecimal it is:

2606:4700:30::6812:2860

Let’s get into more details. There are two rules when reading an IPv6 address.

Rule1: Leading zeros should be discarded. As we can see in the 3rd block of the IPv6 address above i.e; 0000000000110000 when converted it is written as 30, because it can be read as 110000. Here is a video on how to convert Binary to Hexadecimal.

Rule2: If two or more blocks contain consecutive zeros, omit them all and replace by double colons signs. Example the three blocks of zeros in purple above have been replaced as “::“, However, if there is a single block of zero, use 0 in the IPv6 address.

Assignment of IPv6 address

Similar to IPv4, we need to understand how to identify the number of networks and hosts in IPv6. Let’s take an example from a generic unicast address which uses 64-bits as network ID and 64-bits as hosts ID. Please note from the picture below the 64-bits in the network has been shared in three distinctive fields in the IPv6 packet structure.

Photo Credits: www.networkworld.com
Photo Credits: www.networkworld.com

At this stage, it should be clear how a generic unicast address has been designed. Now, another important point is the IPv6 address scope. A scope is a region where an IPv6 address can be defined as a unique identifier of a network interface. As we can see below, there are three scopes, Global Unicast Address, Unique Local, and Link Local.

Photo Credits: steves-internet-guide.com
Photo Credits: steves-internet-guide.com

The Global Unicast Address is routed and is reachable across the Internet. Also. the prefix for global routing prefix in IPv6 has been assigned by the Internet Assigned Number Authority – IANA, so that by only looking at the prefix of an IPv6 address, you can determine if its global or not. In the picture below, you can see the first 3 bits within the global prefix. Remember, that this is unique globally.

Photo Credits: cisco.com
Photo Credits: cisco.com

Then, comes the Site level aggregator – SLA which is the subnet ID assigned to the customer by the service provider. This follows by the LAN id that is used by the customer and is free to manipulate. This address is globally unique.

Let’s take a look at a Unique Local Unicast Address. It looks like private IP addresses and is used for local communication intersite usually in a LAN and for VPN purpose. It is not routable on the Internet. 

Photo Credits: cisco.com
Photo Credits: cisco.com

The last one is the link local unicast address. This is used for communication between two IPv6 devices on the same link. By default, it is automatically assigned by the device as soon as IPv6 is enabled, and it is not routable. These types of IP addresses are identified by the first 10-bits of the address, i.e; FE80.

Photo Credits: cisco.com
Photo Credits: cisco.com

In this blog post, I took an example from only Unicast addresses. Remember, there are also Multicast and Anycast address ranges. Let’s now create some servers and perform some IPv6 configurations.

Goodbye IPv4 and, say Hello to IPv6

I created a CentOS7 machine on my VirtualBox. As you can see, the interface card enp0s8 have the IP Address 192.168.100.9 as well as fe80::9ef3:b9d3:8b87:4940. Remember, the fe80 is the Link Local Address. 

Diving into the basics of IPv6 2

You can also see the connection using the following command:

Diving into the basics of IPv6 3

To create a connection using nmcli use the following command and check back the connection. You will notice that the connection has been created without any device attached to it.

Diving into the basics of IPv6 4

I am now modifying ipv6-tunnelix and attached it to enp0s9. I will also assign it to an IPv6 address. (For learning and testing purpose, this IPv6 address has not been assigned to me, it’s that of Facebook’s public IPv6)

Diving into the basics of IPv6 5

As you can see, the address has been assigned. But remember, same as you can assign a public IPv4 address on a virtual machine, you will need to route it for connectivity. In this example, I took an example of Facebook public IP Address.

Diving into the basics of IPv6 6

Are your blog’s IPv6 ready?

In 2016, during migration on Cloudflare, tunnelix.com became dual stack i.e; both compatible for IPv4 and IPv6. You can test any website for IPv6 support at this link.

https://ipv6-test.com 

Certifications

Getting certified on IPv6 is really interesting as it can demonstrate comprehensibility. You can participate in free IPv6 training and get certified from Hurricane Electric. It is important to read the IPv6 primer.

IPv6 Certification Badge for jmutkawoa

There is also a service from Hurricane Electric, called Tunnel Broker which can facilitate you for creating a tunnel from your IPv4 static IP address to free IPv6 tunnels. In future blog posts on IPv6, I will get into more details about it. If you like the article, please comment, and share.

Sources:

MariaDB-10.1 Galera Cluster on CentOS 7

Some times back, i posted two articles on MariaDB Master-Master replication and MariaDB Master-Slave replication. Well, after several requests from friends, i was asked to blog on MariaDB Galera Cluster. MariaDB Galera Cluster is a synchronous multi-master cluster for MariaDB. It is available on Linux only, and only supports the XtraDB/InnoDB storage engines (although there is experimental support for MyISAM. – Mariadb.com. You can easily download Galera Cluster using the Repository Configuration tool. There is also a slight difference between oldest version of MariaDB compared to that of the 10.1 series. Recently, a question was asked on ServerFault to which i clarified same. Check it out for more information. Lets now have some funs with MariaDB Galera Clustering.

Photo credits:Mariadb.org
Photo credits:Mariadb.org

I have created 3 CentOS7 virtual machines on Virtual Box. Lets called each Server as Galera1 [192.168.1.9], Galera2 [192.168.1.10] and Galera3[192.168.1.11]. You need to edit the /etc/hosts file to allow each machine to ping each others via hostname. For testing purposes port 3306 which is by default listening on MySQL should be open. I have also disable SELinux and Firewalld as same are for testing purposes. Lets now install MariaDB Galera Cluster.

1.Edit the repository by using configuration as mentioned on the official MariaDB website.

# MariaDB 10.1 CentOS repository list - created 2015-11-08 17:34 UTC
# http://mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

2. Lets install some Pre-requisites and other interesting tools.

yum install rsync nmap lsof perl-DBI nc

3. Install MariaDB-server and start the Mariadb service

yum install MariaDB-server MariaDB-client MariaDB-compat galera socat jemalloc
service mysql start

4. Launch the mysql_secure_installation command to set up the username and password. At this point you can start MariaDB normally by using the mysql command and create a database.

5. After the normal procedure to set up the first database on galera1, you can create a database and dump it, then import the database on galera2 and galera3. You have now 3 independant databases on 3 different servers. I would adivce you to dump the whole database with the command

mysqldump --all-databases > db.sql

6. We will now start setting up the Galera clustering. On galera1, edit the /etc/my.cnf.d/server.cnf file on galera1 and configure it as follows. The server galera1 is the being setup as the first primary cluster. So every other cluster is going to be set up in the network that is galera2 and galera3 is going to replicate itself from galera1. Add the following parameter under the [galera] option.

[galera]
# Mandatory settings
wsrep_on=ON
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_address='gcomm://'
wsrep_cluster_name='galera'
wsrep_node_address='192.168.1.9'
wsrep_node_name='galera1'
wsrep_sst_method=rsync
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0

7. Once this is added, you can now start the first Galera cluster with the command. Make sure that the mysql service is stopped first. as at step5 we have started mysql to create a test database

service mysql start

8. You would noticed that the ports 3306 and 4567 should be listening

Screenshot from 2016-03-27 11-23-59

9. Now you would like to make galera2 joined the primary cluster i.e galera1. Simple set up the galera2 /etc/my.cnf.d/server.cnf file and under [galera] enter the following parameter. The only difference is the wsrep_node_name, wsrep_node_address and the gcomm value where you need to add the first cluster.

[galera]
# Mandatory settings
wsrep_on=ON
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_address='gcomm://192.168.1.9'
wsrep_cluster_name='galera'
wsrep_node_address='192.168.1.10'
wsrep_node_name='galera2'
wsrep_sst_method=rsync
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0

10. Once mysql is started with the command service mysql start, you would noticed that galera2 is now on replicating from cluster1. You should noticed something similar to this on your log.

Screenshot from 2016-03-27 12-33-56

11. Repeat the same procedure for galera3 by tweaking the gcomm value and modifying the wsrep_node_address etc..

If you interested in having some more ideas about the MariaDB improved security features, do check out the following link where I attended a conference on MariaDB organized by the MSCC.

Tips:

  • If  you are using the 10.0, you would need MariaDB-Galera-server package compared to 10.1 where you just need MariaDB-server.
  • There are no longer separate MariaDB Galera Cluster releases for MariaDB 10.1 and above. Simply download MariaDB (10.1 or above) and configure your cluster as normal. MariaDB-10.1 is just ‘Galera ready’.
  • If you are migrating from MariaDB-server to Galera make sure you have clean up all the residues belonging to the old versions. See http://serverfault.com/questions/646973/installing-mariadb-galera-via-yum-fails-with-no-package-mariadb-galera-server.
  • The galera package will provide you the /usr/lib64/galera/libgalera_smm.so  and several binaries for the cluster configuration. There are several cluster configuration under ws_rep see the documentation.
  • The socat package establishes two birectional byte streams and transfers data between them.
  • I would also recommend to disable SELinux on the machines.
  • When you start the mysql service, you can tail the log at /var/log/messages otherwise you can set up mysql log.
  • Use this command show status like ‘wsrep_%’; on your mysql prompt to understand the replication.
  • To know how much node in the cluster use the following command show status like ‘wsrep_cluster_size’;

Configure your LVM via Ansible

Some days back, I gave some explanations about LVM such as creations of LVM partitions and a detailed analogy of the LVM structure as well as tips for using PVMOVE. We can also automate such task using the power of Ansible. Cool isn’t it?

ansible

So, I have my two hosts Ansible1 and Ansible2. Ansible1 is the controller and has Ansible installed and Ansible2 is the hosts that the disk will be added to the LVM.

1. Here is the status of the disk of Ansible2 where a disk /dev/sdc has been added

Screenshot from 2016-03-08 11-05-29

2. I have now added a disk of 1GB from the VirtualBox settings. You can refer to the past article on LVM how to add the disk. As we can see on the screenshot below it shows the disk sdc with the size 1GB added on the machine Ansible2 which I have formatted as LVM

Screenshot from 2016-03-08 11-22-17

4. Lets now get into the controller machine – Ansible1 and prepare our Playbook. You can view it on my Git account here. The aim is to get a 500Mb from the /dev/sdc1 to create a new VG called vgdata in the LV called lvdisk.

5. Here is the output

Screenshot from 2016-03-08 11-36-00

Articles on LVM

Articles on Ansible

 

Void Linux distribution on Virtual Box

Void is a general purpose operating system, based on the monolithic Linux® kernel. Its package system allows you to quickly install, update and remove software; software is provided in binary packages or can be built directly from sources with the help of the XBPS source packages collection. Currently, there are over 6000 optimized binary packages for the x86, x86_64, ARMv6, ARMv7 architectures; also there’s the support to build (natively or cross compiling) from sources any package easily that is available in the XBPS source packages collection. ” – Void Linux

In this article, we will see the procedure for installing Void Linux on a Virtual machine using Virtual Box. So you will need to download your ISO image from the following link

1. I created a virtual machine using 1024 MB for Base Memory and 10Gb for Hard disk space. I have also enabled EFI which is under System and Motherboard category.

2. You can now boot your machine with the live ISO. A screen similar to this should be displayed to you.

Screenshot from 2016-02-07 16:05:06

3. Press enter by selecting the first option. You will be prompted to enter the username which is anon and password voidlinux which you will be used to get into the ISO.

4. Since I have added a 10Gb disk on the Virtual Box interface, an lsblk will show you the actual schema or all your disk of your machine.

Screenshot from 2016-02-07 16:09:54

5. To proceed with the installation, become root with command sudo -i and launch a void-installer

6. You now need to pass some parameters to the following parts before proceeding to the install part.

Screenshot from 2016-02-07 17:57:52

7. The keyboard, Network, Source, Hostname, Locale, Timezone and root password is self-explicit. I will not get into those details. Let’s see the Partition part. After you have press enter in the Partition Section, you will see the disk that you have created on Virtual Box. Press OK twice and you will see the following section similar to this.

Screenshot from 2016-02-07 18:02:37

8. Now, on the bottom, there is the “new” button which you can use to create a 1GB partition. It should look like this.

Screenshot from 2016-02-07 18:04:01

9. I have created 2 more 1GB partitions using the “Free space” partitions and kept the rest for the other parts of the system. The idea was to have three 1GB and one 7GB partition. It should look something like that.

Screenshot from 2016-02-07 18:07:37

10. Once those partitions are created go to the “Write” button at the bottom and press enter. Then type “yes” and quit. You would be then redirected initially to step 6

Screenshot from 2016-02-07 18:08:52

11. Now, go to the “Filesystems” section and we will now configure these partitions and mount points. The idea is to get each 1GB as /boot , /boot/efi and swap. The rest will be mounted on partition /

So, press ok for the partition chose here it is sda1

Screenshot from 2016-02-07 18:15:00

12. After pressing ok, you can choose ext3 as the filesystem and enter the path as explained in part 11 except that for the partition assigned to /boot/efi chose it as FAT32

I have noticed that after you have assigned the partitions for the /boot,  /boot/efi/, swap and / the table does not change, but you need to follow the procedure as explained.

13. Go to the bootloader section, choose your disk and press ok. You will then be prompted for the following screen.

Screenshot from 2016-02-07 18:22:38

14. Press ok and wait some minutes. You will notice that your machine is now installed with Void Linux. Since you are on Virtual Box, I would recommend you to perform a snapshot of the machine after installation.

Some Errors that you may encounter:

  • If you did not assign a FAT32 partition type to the /boot/EFI you might notice the following error. This error has been captured on TTY8

Screenshot from 2016-02-07 14:50:48

  • If you did not even activate the EFI for special OS only on the Virtual Box, you may find this error.

Screenshot from 2016-02-07 12:50:59

Add and extend disk on Virtual Box through LVM

You can easily add and extend disk on Virtual Box through some LVM manipulations. LVM (Logical Volume Partitioning) is a device mapper target that provides logical volume management for the Linux kernel. – Wikipedia. However, I have written a brief introduction about LVM on a previous post – Managing LVM with pvmove – Part 1.

Add and extend disk on Virtual Box through LVM 7


Prior the extension is made you need to assure yourself there that you already know the actual state of the machine’ s hard disk.

Those commands are helpful to perform your analysis before the operation is carried out.

>> fdisk -l

> pvdisplay >> vgdisplay >> lvdisplay

>> vgs >> lvs >> vgs

>> lsblk

 

Here is the state of the disk before the operation is carried out.

centos6

Now, you can get into your Oracle VM VirtualBox Manager to add the new disk.

The steps are :

  • Click on the ‘Settings’ option on the VirtualBox Manager after having selected your virtual machine which you intend to perform a disk extension. In my case, it’s the ‘centos6’ one.
  • Then, on the ‘Storage’ option, next to the “Controller: SATA” there is an icon to “add new hard disk”.

Screenshot from 2015-10-16 07:25:41

  • Once you have click on the “add new hard disk” it will prompt you to “cancel” “choose existing disk” and “create new disk”. Choose “create new disk”. Of course, you can also choose an existing disk, but here we are adding a completely new fresh disk.
  • Afterward, it will prompt a “create Virtual Hard Drive” box. Choose “VDI”. Click on next, then on “dynamically allocated”. Give a new name to your hard disk. In my case, I am adding a new 2GB hard disk. Click on create and you are done.
  • Boot your machine if you are on VirtualBox, then fire the lsblk command to see your new hard disk. See screenshot below. You can also check with the fdisk -l command as well as the dmesg log which is really helpful.

centos6

  • Once the disk is detected, start by converting the disk to the PV using the command pvcreate /dev/sdb. You will notice that if you launch again a pvs the new disk is now on the PV but no part of the PV is allocated to any VG. As you can see in the picture below here is the new sdb which now forms part of the PV
  • Now we will extend the actual VG called vg_labo. Use the command vgextend vg_labo /dev/sdb

Screenshot from 2015-10-16 08:26:27


  • Once this is completed, you can now choose which LV you will extend. I am choosing the LV called lv_root. Use the command lvextend -l +100%FREE /dev/vg_labo/lv_root

Screenshot from 2015-10-16 08:34:42

The disk is now extended. You can also verify with the command df -h. You can also check out the following article on how to perform a pvmove.

Tips:

    • On Virtual Box, you cannot add a new disk if your machine is running compared to VMware. To be able to solve that issue, you will need to shut down the machine to be able to add the disk.
  • If ever after adding a new hard disk, you noticed that the disk is not being detected just stay cool, as you might need to troubleshoot between LUNs on VCenter. Use the following command:

ls /sys/class/scsi_host/ | while read host ; do echo “- – -” > /sys/class/scsi_host/$host/scan ; done


  • You can also use the script rescanscsibus.sh after having to install the sg3_utils package to troubleshoot for LUN detection.