Nginx – Deploy SSL certificate

 

These steps are used to to deploy SSL certificate issued by digicert.

Before starting make sure that you download ssl certificate issued by digicert.

Now create single file by concatenating  your_domain_com.crt and DigiCertCA.crt, name it as chained.crt

You can use following command to generate chained.crt

$ cat your_domain_com.crt DigiCertCA.crt > chained.crt

chained.crt file is used as ssl_certificate in nginx in this case.

Now configure nginx virtual hosts file for the website you wanted to secure as shown below:

server {

 listen 443 ssl default_server;
 ssl_certificate    /etc/nginx/ssl/chained.crt
 ssl_certificate_key    /etc/nginx/ssl/your_domain_name.key;

 server_name your.domain.com;

 access_log /var/log/nginx/access.log;
 error_log /var/log/nginx/error.log;

 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
}

}

Finally restart nginx.

 

$ service nginx restart

After restarting your website can be accessed with https.

Advertisements

Hadoop High Availability – FATAL ha.ZKFailoverController: Unable to start failover controller. Parent znode does not exist

 

Recently on working hadoop (version 2.5.1) cluster we got this issue while starting ZookeepreFailOverController(zkfc).

After debugging we found its due to missing/corrupted parent znode in zookeepre cluster.

This fix this we have used following command:

$ bin/hdfs zkfc -formatZK

 

We ran this command before starting hdfs.

After formating, zkfc started and everything started working smoothly.

vim – set tab space

 

To change tab space width to 4 spaces add following code in /etc/vim/vimrc file

filetype plugin indent on
"to show existing tab with 4 spaces width
set tabstop=4
"when indenting with '>', use 4 spaces width
set shiftwidth=4
"On pressing tab, insert 4 spaces
set expandtab

This will convert all existing tabs to 4 spaces width & also all new tabs with 4 spaces width.

Quick way to add swap – Ubuntu

 

One of the quickest way to avoid out of memory errors is by adding some swap space. Swap is an area on hard drive where operating system can temporally store data that it can no longer hold in RAM.

Use following way to add additional swap space in Ubuntu:

First check about swap space with free command:

free -m

Lets say if we need 10GB of swap, for this first create a 10GB file with following command:

sudo fallocate -l 10G /swapfile

View details about created swapfile:

ls -hl /swapfile

Output:

-rw-r–r– 1 root root 10G May 19 06:54 /swapfile

Change permissions of swapfile:

sudo chmod 600 /swapfile

Set swap space with following command:

sudo mkswap /swapfile

Check for new swap space:

sudo swapon -s

Output:

Filename                Type        Size    Used    Priority
/swapfile                               file        10485756    2700    -2

Make swap file permanent by adding it in /etc/fstab

/swapfile none swap sw 0 0

Get Thread and Heap dump – Java

 

Thread and Heap dumps are useful for debugging any Java programme.

To get thread dump:

By using jstack command we can get thread dump of a Java process.

Example:

$ jstack PID

where PID is Java process id for which we want to get thread dump.

To get heap dump:

By using jmap command we can get heap dump of a Java process.

Exmaple:

$ jmap -heap PID

where PID is Java process id for which we want to get heap dump.

ping ip with port

 

Ports are a concept of UDP and TCP. Ping messages are technically referred to as ICMP Echo Request and ICMP Echo Reply which are part of ICMP. ICMP, TCP, and UDP are “siblings”; they are not based on each other, but are three separate protocols that run on top of IP.

Therefore you can not ping a port. What you can do, is use a port scanner like nmap and check if ip/host and port are accessible.

$ nmap -p 80 www.google.com

Output:

Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-02 14:38 IST
Nmap scan report for http://www.google.com (74.125.200.106)
Host is up (0.085s latency).
Other addresses for http://www.google.com (not scanned): 74.125.200.147 74.125.200.104 74.125.200.103 74.125.200.105 74.125.200.99
rDNS record for 74.125.200.106: sa-in-f106.1e100.net
PORT STATE SERVICE
80/tcp open http

Nmap done: 1 IP address (1 host up) scanned in 0.64 seconds

You can also use telnet onofri.org 80