iLO port forwards
Wednesday, 08. 5. 2009 – Category: stash
(woah, neglected blog)
HPaq’s iLO is a strange beast, its functionality seems split between the SSH CLI and the web interface. Depending on your particular mission, some goals are only achievable using the whole ActiveX / Java remote console in IE. Sigh.
To get this flying from virtualised VMware, here’s the full SSH mutter to forward the ports via an access host. I’m always forgetting it, thus this post.
sudo ssh -g -L 80:${IP}:80 -L 3389:${IP}:3389 -L 443:${IP}:443 -L 17988:${IP}:17988 -L 17990:${IP}:17990 -L 23:${IP}:23 access005.example.com
IP is the iLO’s address. -g allows the port forwards to be reachable via other LAN hosts (eg: the VMware guest). The sudo sorts the forwards for those super-privileged < 1024 ports.
Yes, that really is port 23 – telnet.
It’s always great to discover a feature in a tool you use everyday. Someone pointed out to me that, in addition to local and remote port forwarding, OpenSSH also offers what it calls dynamic application-level port forwarding. Put more simply, OpenSSH can act as a local SOCKS proxy punting the traffic out the remote end of the connection:
ssh -Dlocalhost:1080 -C host.example.com
You can now aim your browser’s SOCKS settting at localhost:1080. Bonus points for using a locally-hosted PAC file to determine which traffic is routed via the proxy:
function FindProxyForURL(url, host) {
if (shExpMatch(host, "*.example.com"))
return "SOCKS 127.0.0.1:1080"
else
return "DIRECT";
}
For getting sight of servers behind a firewall without remote proxies (hello Privoxy) and continual browser fiddling this is ideal. Thanks Murb!
MySQL replication health
Tuesday, 09. 30. 2008 – Category: sw
It’s possible for MySQL’s statement-based replication to get out of sync. I’ve yet to see a real example myself, perhaps because the DB abstraction layers I encounter not creating the “dangerous” queries that can make this happen. Still, other than monitoring replication health with SHOW SLAVE STATUS and friends I’ve sometimes been concerned about whether my MySQL slaves are faithful copies of the master. Finding that out during a failover moment is the wrong time.
The author of the piece linked above has scratched this itch with Maatkit, a suite of replication-focused MySQL tools which include some for checksumming tables.
This can run with standalone instances but most appealing is the way it runs across a replication chain: the statements to perform the table checksums are themselves introduced into the replication and store their results in a table alongside the master’s checksums. You can then compare and contrast on each slave: neat. All straightforward to roll into Nagios or other monitoring.
Recent articles
- Getting paranoid about ssh-agent
(Wednesday, 09. 1. 2010 – 1 Comment) - cron
(Wednesday, 02. 24. 2010 – 6 Comments) - SOAP in unexpected “actually, quite easy” incident.
(Wednesday, 09. 30. 2009 – No Comments) - ipmitool for OSX
(Tuesday, 09. 29. 2009 – No Comments)
Archives
- September 2010
- February 2010
- September 2009
- August 2009
- January 2009
- September 2008
- August 2008
- July 2008
- May 2008
- April 2008
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- August 2007
- December 2006
- November 2006
- August 2006
- June 2006
- May 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005