Monday, October 26, 2015

Common iptables commands

A few years ago I wrote a iptables tutorial explaining the basics of the topic. This post is just a small cheat sheet of most simple and effective commands that I end up using very frequently. I am assuming that we are operating for IP 1.1.1.1 and using INPUT chain of the iptables.
  1. Block an IP
    iptables -A INPUT -s 1.1.1.1 -j DROP
  2. Block an IP range
    iptables -A INPUT -s 1.1.1.1/24 -j DROP
  3. List current rule set
    iptables --list
  4. List current rules set with numbers
    iptables --line-numbers --list
  5. Delete a rule by rule
    iptables -D INPUT -s 1.1.1.1 -j DROP
  6. Delete a rule by number
    iptables -D INPUT 7
  7. Save iptables rules to a file
    iptables-save > iptables.dat
  8. Load iptables rules from a file
    iptables-restore < iptables.dat

Thursday, October 22, 2015

The LVM Beginner's Guide

Logical Volume Manager (LVM) helps in managing disk partitions irrespective of underlying disk layouts. In simple terms, this helps in extending a filling partition easily by just adding a disk. This is very useful in cloud based environments where adding a disk is very easy but extending a partition, if it is not LVM, might be very difficult.

Components of LVM:
  1. Physical Volume (PV): These are the underlying disk partitions that builds up to volume group. 
  2. Volume Group (VG): Analogous of an actual disk drive. A bunch of partitions (PVs) will combine to build a volume group. 
  3. Logical Volume (LV): Analogous to partitions on a disk. They are carved out of volume groups. 
  4. Physical Extent (PE): The unit which makes up logical volume. The smallest amount of the disk that can be given to a logical volume and further additions are done in multiples of physical extent.

Installation:
On Fedora or Centos or Red Hat, do the following:
# sudo yum install lvm2

How to create a LVM?
  1. To prepare a disk for using in LVM, we need to create an actual partition and set the type of the partition as LVM. Assuming that the disk is attached to the system at /dev/sdb, following are the steps:
    # fdisk /dev/sdb
    This command will open the fdisk prompt. Type "n" followed by "p" to create a new primary partition. On a new disk, this would be the first partition, so hit "1". Accepting default for next prompts, until we reach "Command (m for help):" would be fine. Now we have a new partition.
    To set the type of partition as LVM, hit "t" followed by "8e".
    Finally, to write these changes to the disk, hit "w".

  2. The above exercise would produce a partition /dev/sdb1. We will use this to create a PV.
    # pvcreate /dev/sdb1
      Physical volume "/dev/sdb1" successfully created

    Let us check out what we created:
    # pvdisplay
    "/dev/sdb1" is a new physical volume of "15.00 GiB"
    --- NEW Physical volume ---
    PV Name /dev/sdb1
    VG Name
    PV Size 15.00 GiB
    Allocatable NO
    PE Size 0
    Total PE 0
    Free PE 0
    Allocated PE 0
    PV UUID tAo1Xk-1N5g-Q9EM-1s7h-EinR-lFv5-DSgkLe


    Note that the VG Name line is empty which signifies that this PV is currently not a part of any VG.

  3. Now let us create a volume group and add the PV created in previous step.
    # vgcreate testvg /dev/sdb1
      Volume group "testvg" successfully created

    Let us check out the VG, we just created:
    # vgdisplay
    --- Volume group ---
    VG Name testvg
    System ID
    Format lvm2
    Metadata Areas 1
    Metadata Sequence No 1
    VG Access read/write
    VG Status resizable
    MAX LV 0
    Cur LV 0
    Open LV 0
    Max PV 0
    Cur PV 1
    Act PV 1
    VG Size 15.00 GiB
    PE Size 4.00 MiB
    Total PE 3839
    Alloc PE / Size 0 / 0
    Free PE / Size 3839 / 15.00 GiB
    VG UUID d2i9eU-4cXQ-cytm-dsLG-EOzb-1e6M-AkjKIb

  4. Let us create a logical volume now.
    # lvcreate --name testlv --size 5G testvg
      Logical volume "testlv" created.

    Let us check out our LV
    # lvdisplay
    --- Logical volume ---
    LV Path /dev/testvg/testlv
    LV Name testlv
    VG Name testvg
    LV UUID ZSrEP2-ibK6-wrbq-8ckc-5SxL-WppL-4QY3Sq
    LV Write Access read/write
    LV Creation host, time localhost, 2015-10-22 18:34:57 +0000
    LV Status available
    # open 0
    LV Size 5.00 GiB
    Current LE 1280
    Segments 1
    Allocation inherit
    Read ahead sectors auto
    - currently set to 8192
    Block device 253:1

  5. Our volume group is ready. Let us create a filesystem on that. For most of the regular usage, ext4 is a reasonable choice.
    # mkfs.ext4 /dev/testvg/testlv
    We can mount it and use it now.
How to extend LVM or add disk to LVM Partition?
LVM offers flexibility of letting us add the disk over a period of time without the need of taking down the current processes that might be using the disk. So let us see how to add a new disk and extend the logical volume. Check out the steps 1 and 2 from "How to create a LVM?". They are the same for adding a new disk to a LVM.
  1. Once we are done with the first two steps, we got the disk added in the PV. Now let us extend the volume group.
    # vgextend testvg /dev/sdc1
    Volume group "testvg" successfully extended
  2. After extending the volume group, we need to increase the logical volume.
    # lvextend /dev/testvg/testlv /dev/sdc1
    Size of logical volume testvg/testlv changed from 5.00 GiB (1280 extents) to 9.00 GiB (2303 extents).
    Logical volume testlv successfully resized
  3. Once we have more space in the partition, we can extend our filesystem to claim that space.
    # resize2fs /dev/testvg/testlv