Wednesday, February 12, 2014

ubuntu share internet

Before I begin this post, I want to thank Internet Connection Sharing – Ubuntu 10.04 NAT Gateway Setup (Abridged Version) for providing the bulk of the tutorial. I have made some modifications for Ubuntu 12.04.
The setup is simple: a single Ubuntu server will act as a gateway and DHCP server for a local network. All other machines on the local network will receive their IPs from the DHCP server. To make things easier, I’ll call this Ubuntu server “Skyray” for the rest of the post.
Skyray has two network interfaces, eth0 and eth1. eth0 is on the 10.20.30.0/24 subnet and this is the Internet facing interface. eth1 is on the 172.22.22.0/24 subnet, where all other machines are also present. Basically, eth0 will connect to the Internet and eth1 will serve DHCP requests and act as the gateway.

/etc/network/interfaces

First you need to configure eth0 and eth1 for Skyray. Edit the file and make sure it has at least the following settings (or whatever settings are appropriate for your environment).
sudo vim /etc/network/interfaces
(:wq save and quit, i insert mode , esc exit insert mode, :q! exit not save)
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet static
    address 192.168.10.1
    netmask 255.255.255.0
    network 192.168.10.0
    broadcast 192.168.10.255

/etc/sysctl.conf

You need to enable IPv4 forwarding. To do so, edit this file.
sudo vim /etc/sysctl.conf
And uncomment the line
# net.ipv4.ip_forward=1
so that it now appears as
net.ipv4.ip_forward=1
Save the file and run the following command to make the change effective without a reboot.
sudo sysctl -w net.ipv4.ip_forward=1

/etc/rc.local

You’ll need to allow iptables rules for NAT to work. Edit the file and save it.
sudo vim /etc/rc.local
Make sure the following two lines appear before the exit 0 line in the file.
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
To make these iptables rules active without rebooting, run the following commands:
sudo iptables -P FORWARD ACCEPT
sudo iptables –-table nat -A POSTROUTING -o eth0 -j MASQUERADE

Tuesday, February 4, 2014

Applying Hotfixes on Citrix Xenserver 6.2 hypervisor without XenCenter

Citrix Xenserver is a beautiful open source (from 6.2 edition and later) hypervisor that tries to grab as much as possible market share on virtualization/cloud world. It carries many years of development efforts by Citrix, many well established implementations and a broad support community.
XenMotion, High Availability and all the great features of Xenserver are available on the licensed and unlicensed versions of the hypervisor. The licensed version includes automated patches and updates through XenCenter console and 24×7 Citrix Technical Support. On the unlicensed version, the administrator should apply the xenserver patches by himself through an ssh console. XenCenter still notifies the availability of new patches.
So, on XenCenter when you goto Tools – Install Updates, you get grayed out options like this
XenCenter Upadtes Installation
XenCenter Upadtes Installation
So, first of all we should download the new patches from Citrix webserver, XenCenter will help you to do so. Then unzip the contents of the downloaded files and secure ftp them on XenServer.
Ftp the updates to XenServer
Ftp the updates to XenServer
I use filezilla to sftp the updates to XenServer in binary transfer mode and upload them to /var/tmp directory. Then ssh to XenServer (I use putty utility to do so but you can use anything you are comfortable with). Login as root and run the following command
xe patch-upload file-name=/var/tmp/
this command produces a uuid alphanumeric string. Copy it to the clipboard and on XenCenter notice the yellow down icons that appear, indicating that a hotfix or update exists but has not been applied.
XenCenter warning icon
XenCenter warning icon
Run
xe patch-pool-apply uuid=
pasting the uuid string. You may verify the applied patches by running
xe patch-list
Verifying patches
Verifying patches
If the update has been successful, the hosts field should contain the uuids of all the hosts in the pool. Finally, run
xe-toolstack-restart
to reload the toolstack on all hosts, you may loose the connection if you run it on Pool Master.
Applying Patches
Applying Patches
Now, your XenServer is patched!