quanta's questions

• Ubuntu 14.04
• 克拉玛夫 0.98.7

该问题clamav-daemon几乎每天都会重新启动：

Sep  1 06:30:00 x-master clamd[6778]: Pid file removed.
clamd[6778]: --- Stopped at Tue Sep  1 06:30:00 2015
clamd[5979]: clamd daemon 0.98.7 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
clamd[5979]: Running as user root (UID 0, GID 0)
clamd[5979]: Log file size limited to 4294967295 bytes.
clamd[5979]: Reading databases from /var/lib/clamav
clamd[5979]: Not loading PUA signatures.
clamd[5979]: Bytecode: Security mode set to "TrustSigned".

如果clamdscan正在运行，则会导致问题：

/etc/cron.daily/clamav_scan:
ERROR: Could not connect to clamd on x.x.x.x: Connection refused

请注意，我在开头说“几乎”：

/var/log/syslog:Sep  1 06:30:00 x-master clamd[6778]: Pid file removed.
/var/log/syslog.1:Aug 31 06:27:54 x-master clamd[20128]: Pid file removed.
/var/log/syslog.4.gz:Aug 28 06:28:34 x-master clamd[4475]: Pid file removed.
/var/log/syslog.5.gz:Aug 27 06:27:47 x-master clamd[21466]: Pid file removed.

如你看到的：

• 它没有发生在 8 月 29 日和 30 日

• 它经常在 06:27 左右重新启动，这cron.daily是运行时间

  27 6 * * * root nice -n 19 ionice -c3 run-parts --report /etc/cron.daily
  

的内容/etc/cron.daily/clamav_scan：

find / $exclude_string ! \( -path "/tmp/clamav-*.tmp" -prune \) ! \( -path "/var/lib/elasticsearch" -prune \) ! \( -path "/var/lib/mongodb" -prune \) ! \( -path "/var/lib/graylog-server" -prune \) -mtime -1 -type f -print0 | xargs -0 clamdscan --quiet -l "$status_file" || retval=$?

clamav-daemon 有一个 logrotate 文件：

/var/log/clamav/clamav.log {
     rotate 12
     weekly
     compress
     delaycompress
     create 640  clamav adm
     postrotate
     /etc/init.d/clamav-daemon reload-log > /dev/null
     endscript
     }

但它只是重新加载日志：

Sep  1 02:30:24 uba-master clamd[6778]: SIGHUP caught: re-opening log file.

我知道我们可以auditd用来监控二进制文件，这是一个示例日志：

ausearch -f /usr/sbin/clamd                                                                                                        [2/178]
----
time->Tue Sep  1 07:56:44 2015
type=PATH msg=audit(1441094204.559:15): item=1 name=(null) inode=2756458 dev=fc:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1441094204.559:15): item=0 name="/usr/sbin/clamd" inode=3428628 dev=fc:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=CWD msg=audit(1441094204.559:15):  cwd="/"
type=EXECVE msg=audit(1441094204.559:15): argc=1 a0="/usr/sbin/clamd"
type=SYSCALL msg=audit(1441094204.559:15): arch=c000003e syscall=59 success=yes exit=0 a0=7ffd277e03dc a1=7ffd277dfa78 a2=7ffd277dfa88 a3=7ffd277df570 items=2
 ppid=5708 pid=5946 auid=4294967295 uid=109 gid=114 euid=109 suid=109 fsuid=109 egid=114 sgid=114 fsgid=114 tty=pts1 ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key=(null)

109 是...clamav用户的 UID：

getent passwd clamav clamav:x:109:114::/var/lib/clamav:/bin/false

在这种情况下是否有另一种解决方法？

回复@HBrijn：

更新 AV 定义后可能是新鲜蛤蜊？

我想过这个问题。这是日志：

Sep  1 05:31:04 x-master freshclam[16197]: Received signal: wake up
Sep  1 05:31:04 x-master freshclam[16197]: ClamAV update process started at Tue Sep  1 05:31:04 2015
Sep  1 05:31:04 x-master freshclam[16197]: main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Sep  1 05:31:05 x-master freshclam[16197]: Downloading daily-20865.cdiff [100%]
Sep  1 05:31:09 x-master freshclam[16197]: daily.cld updated (version: 20865, sigs: 1555338, f-level: 63, builder: neo)
Sep  1 05:31:10 x-master freshclam[16197]: bytecode.cvd is up to date (version: 268, sigs: 47, f-level: 63, builder: anvilleg)
Sep  1 05:31:13 x-master freshclam[16197]: Database updated (3979610 signatures) from db.local.clamav.net (IP: 168.143.19.95)
Sep  1 05:31:13 x-master freshclam[16197]: Clamd successfully notified about the update.
Sep  1 05:31:13 x-master freshclam[16197]: --------------------------------------
Sep  1 04:34:10 x-master clamd[6778]: SelfCheck: Database status OK.
Sep  1 05:31:13 x-master clamd[6778]: Reading databases from /var/lib/clamav
Sep  1 05:31:22 x-master clamd[6778]: Database correctly reloaded (3974071 signatures)

我不确定这一点，但看起来freshclam 有一个“内部机制”来通知clamd 更新。之后它可以重新加载数据库，无需重新启动进程。你确定吗？

此外，从时间戳中，我看到在freshclam 更新数据库一小时后clamav-daemon 重新启动。正常吗？

更新 9 月 1 日星期二 22:10:49 ICT 2015

但看起来freshclam有一个“内部机制”来通知clamd有关更新。之后它可以重新加载数据库，无需重新启动进程。

我可以通过测试来确认这是正确的：

• 编辑freshclam.conf 文件以将时间间隔更改为一分钟（Checks 1440）
• 重启clamav-freshclam
• cd /var/lib/clamav
• rm daily.cvd

• 等一分钟

  Sep  1 14:49:25 p freshclam[7654]: Downloading daily.cvd [100%]
  Sep  1 14:49:28 p freshclam[7654]: daily.cvd updated (version: 19487, sigs: 1191913, f-level: 63, builder: neo)
  Sep  1 14:49:28 p freshclam[7654]: Reading CVD header (bytecode.cvd):
  Sep  1 14:49:28 p freshclam[7654]: OK
  Sep  1 14:49:28 p freshclam[7654]: bytecode.cvd is up to date (version: 245, sigs: 43, f-level: 63, builder: dgoddard)
  Sep  1 14:49:31 p freshclam[7654]: Database updated (3616181 signatures) from clamav.local (IP: 10.0.2.2)
  Sep  1 14:49:31 p freshclam[7654]: Clamd successfully notified about the update.
  Sep  1 14:49:31 p freshclam[7654]: --------------------------------------
  Sep  1 14:49:32 p clamd[6693]: Reading databases from /var/lib/clamav
  Sep  1 14:49:39 p clamd[6693]: Database correctly reloaded (3610621 signatures)
  

并且 clamav-daemon 没有重新启动。

我有一些秘密文件，我想限制匿名用户查看/下载。我试图通过运行以下命令将其设为私有：

s3cmd setacl --acl-private s3://bucket/some/path/*.ext

然后我转到 S3 管理控制台，选择文件，然后单击属性，我确定每个人都未选中打开/下载权限。

但是复制链接https://s3-us-west-2.amazonaws.com/bucket/some/path/blah.ext，粘贴到新的浏览器中，仍然可以打开/下载。

我错过了什么？

我正在编写一个自定义模块来使用debmirror. 这是我的代码：

'''
Build a local mirror with debmirror.
'''

import logging
import os

import salt.utils
from salt.exceptions import CommandExecutionError


def created(arch,
            section,
            server,
            release,
            in_path,
            proto,
            out_path,
            **kwargs):
    '''
    '''
    __salt__['file.makedirs'](out_path)

    if 'gnupghome' in kwargs:
        gnupghome = kwargs.pop('gnupghome', None)
        __salt__['file.makedirs'](gnupghome)
    else:
        gnupghome = '/root/.gnupg'

    env = { 'GNUPGHOME': gnupghome }

    if 'keyid' in kwargs:
        keyid = kwargs.pop('keyid', None)
        ks = kwargs.pop('keyserver', None)
        if not keyid or not ks:
            error_str = 'both keyserver and keyid options required.'
            raise NameError(error_str)
        cmd = 'apt-key export {0}'.format(keyid)
        output = __salt__['cmd.run_stdout'](cmd, **kwargs)
        imported = output.startswith('-----BEGIN PGP')
        if ks:
            if not imported:
                cmd = ('gpg --no-default-keyring --keyring {0}/trustedkeys.gpg --keyserver {1} --recv-keys {2}')
                ret = __salt__['cmd.run_all'](cmd.format(gnupghome, ks, keyid),
                                              **kwargs)
                if ret['retcode'] != 0:
                    raise CommandExecutionError(
                        'Error: key retrieval failed: {0}'
                        .format(ret['stdout'])
                    )

    elif 'key_url' in kwargs:
        key_url = kwargs['key_url']
        cmd = 'wget -q -O- "{0}" | gpg --no-default-keyring --keyring {1}/trustedkeys.gpg --import'.format(key_url, gnupghome)
        ret = __salt__['cmd.run_all'](cmd, **kwargs)
        if ret['retcode'] != 0:
            raise CommandExecutionError(
                'Error: key retrieval failed: {0}'.format(ret['stderr'])
            )

    return __salt__['cmd.run_all']('debmirror -a {0} --no-source -s {1} -h {2} -d {3} -r {4} --progress -e {5} {6}'.format(arch, section, server, release, in_path, proto, out_path), env=env)

在 Minion 上进行测试时，此模块运行良好：

salt-call debmirror.created /home/mirrorkeyring/ \
                            i386,amd64 \
                            main,restricted,universe,multiverse \
                            ppa.launchpad.net \
                            precise \
                            /saltstack/salt/ubuntu \
                            http \
                            /saltmirror \
                            key_url='http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0x4759FA960E27C0A6'

但我想知道：如何kwargs在状态文件中定义？

{% for package in ('debmirror', 'wget', 'gnupg') %}
{{ package }}:
  pkg:
    - installed
{% endfor %}

salt-mirror:
  module:
    - run
    - name: debmirror.created
    - arch: i386,amd64
    - section: main,restricted,universe,multiverse
    - release: precise
    - server: ppa.launchpad.net
    - in_path: /saltstack/salt/ubuntu
    - proto: http
    - out_path: /saltmirror
    - <WHAT SHOULD I PUT HERE?>
    - require:
      - pkg: debmirror

我将按照本指南使用 flexAsynch 对 MySQL 集群进行基准测试，详细信息如下：

mkdir /usr/local/mysqlc732/
cd /usr/local/src/mysql-cluster-gpl-7.3.2
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysqlc732/ -DWITH_NDB_TEST=ON
make
make install

在这一步之前一切正常：

# /usr/local/mysqlc732/bin/flexAsynch -t 1 -p 80 -l 2 -o 100 -c 100 -n

FLEXASYNCH - Starting normal mode
Perform benchmark of insert, update and delete transactions
  1 number of concurrent threads 
  80 number of parallel operation per thread 
  100 transaction(s) per round 
  2 iterations 
  Load Factor is 80%
  25 attributes per table 
  1 is the number of 32 bit words per attribute 
  Tables are with logging 
  Transactions are executed with hint provided
  No force send is used, adaptive algorithm used

Key Errors are disallowed
Temporary Resource Errors are allowed
Insufficient Space Errors are disallowed
Node Recovery Errors are allowed
Overload Errors are allowed
Timeout Errors are allowed
Internal NDB Errors are allowed
User logic reported Errors are allowed
Application Errors are disallowed
Using table name TAB0

NDBT_ProgramExit: 1 - Failed

ndb_cluster.log：

警告 -- 未能在 127.0.0.1 为 API 分配 nodeid。返回错误：“未找到 mysqld(API) 的可用节点 ID。”

我也用-DWITH_DEBUG=1 -DWITH_NDB_DEBUG=1. 如何flexAsynch在调试模式下运行？

# /usr/local/mysqlc732/bin/flexAsynch -h
FLEXASYNCH
   Perform benchmark of insert, update and delete transactions

Arguments:
   -t Number of threads to start, default 1
   -p Number of parallel transactions per thread, default 32
   -o Number of transactions per loop, default 500
   -l Number of loops to run, default 1, 0=infinite
   -load_factor Number Load factor in index in percent (40 -> 99)
   -a Number of attributes, default 25
   -c Number of operations per transaction
   -s Size of each attribute, default 1 
      (PK is always of size 1, independent of this value)
   -simple Use simple read to read from database
   -dirty Use dirty read to read from database
   -write Use writeTuple in insert and update
   -n Use standard table names
   -no_table_create Don't create tables in db
   -temp Create table(s) without logging
   -no_hint Don't give hint on where to execute transaction coordinator
   -adaptive Use adaptive send algorithm (default)
   -force Force send when communicating
   -non_adaptive Send at a 10 millisecond interval
   -local 1 = each thread its own node, 2 = round robin on node per parallel trans 3 = random node per parallel trans
   -ndbrecord Use NDB Record
   -r Number of extra loops
   -insert Only run inserts on standard table
   -read Only run reads on standard table
   -update Only run updates on standard table
   -delete Only run deletes on standard table
   -create_table Only run Create Table of standard table
   -drop_table Only run Drop Table on standard table
   -warmup_time Warmup Time before measurement starts
   -execution_time Execution Time where measurement is done
   -cooldown_time Cooldown time after measurement completed
   -table Number of standard table, default 0

# ceph -v
ceph version 0.56.3 (6eb7e15a4783b122e9b0c85ea9ba064145958aa5)

# repoquery -i ceph

Name        : ceph
Version     : 0.56.3
Release     : 1.el6
Architecture: x86_64
Size        : 26734691
Packager    : Fedora Project
Group       : System Environment/Base
URL         : http://ceph.com/
Repository  : epel
Summary     : User space components of the Ceph file system
Source      : ceph-0.56.3-1.el6.src.rpm
Description :
Ceph is a distributed network file system designed to provide excellent
performance, reliability, and scalability.

从命令行手动安装工作正常：

# ceph-fuse /mnt/ceph/
ceph-fuse[28617]: starting ceph client
ceph-fuse[28617]: starting fuse

# df -h
Filesystem            Size  Used Avail Use% Mounted on
ceph-fuse              72T  2.9T   70T   4% /mnt/ceph

但我想在启动时自动执行。谷歌将我指向此页面。

/usr/sbin/mount.fuse.ceph

#!/bin/sh
#
# Helper to mount ceph-fuse from /etc/fstab.  To use, add an entry
# like:
#
# # DEVICE                           PATH         TYPE        OPTIONS
# id=admin                           /mnt/ceph    fuse.ceph   defaults   0 0
# id=myuser,conf=/etc/ceph/foo.conf  /mnt/ceph2   fuse.ceph   defaults   0 0
#
# where the device field is a comma-separated list of options to pass on
# the command line.  The examples above, for example, specify that
# ceph-fuse will authenticated as client.admin and client.myuser
# (respectively), and the second example also sets the 'conf' option to
# '/etc/ceph/foo.conf' via the ceph-fuse command line.  Any valid
# ceph-fuse can be passed in this way.

set -e

# convert device string to options
cephargs='--'`echo $1 | sed 's/,/ --/g'`

# strip out 'noauto' option; libfuse doesn't like it
opts=`echo $4 | sed 's/,noauto//' | sed 's/noauto,//'`

# go
exec ceph-fuse $cephargs $2 $3 $opts

所以我尝试将以下内容添加到/etc/fstab：

id=admin,conf=/etc/ceph/ceph.conf   /mnt/ceph       fuse.ceph   defaults    0 0

但mount -a给我：

# mount -a
unrecognized command

因为据我了解，实际上，上面的条目将按如下方式运行：

# mount -t fuse.ceph id=admin,conf=/etc/ceph/ceph.conf /mnt/ceph/
unrecognized command

我做错什么了吗？

Check_MK给我发了一封邮件如下：

***** Nagios *****

Notification Type: PROBLEM

Service: Interface 5
Host: foo
Address: x.y.z.t
State: CRITICAL

Date/Time: Fri May 3 10:02:40 ICT 2013

Additional Info: CRIT - [tunl0] (up) speed unknown, in: 3.39MB/s, out: 0.00B/s, out-errors: 100.00%(!!) = 0.1

运行ifconfig，我得到：

tunl0     Link encap:IPIP Tunnel  HWaddr   
          inet addr:x.y.z.t  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:92101704629 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:652 dropped:0 overruns:0 carrier:0
          collisions:652 txqueuelen:0 
          RX bytes:18941091817671 (17.2 TiB)  TX bytes:0 (0.0 b)

注意错误和碰撞。我知道 collisions 字段的非零值表示网络拥塞的可能性。但：

1. 确切原因可能是什么？我该如何排除故障？
2. 有没有类似ethtoolIPIP Tunnel接口的？

修改信息ipip

filename:       /lib/modules/2.6.18-194.17.1.el5/kernel/net/ipv4/ipip.ko
license:        GPL
srcversion:     288C625C7521D577F7AD9E4
depends:        tunnel4
vermagic:       2.6.18-194.17.1.el5 SMP mod_unload gcc-4.1
module_sig: 883f3504ca37590565662cff69dd0be11277ff0a08d3a3...

ip隧道秀

tunl0: ip/ip  remote any  local any  ttl inherit  nopmtudisc

更新于 5 月 6 日星期一 10:05:01 ICT 2013

@Danila Ladner：通过谷歌搜索，我发现这个链接与你的观点相同：

我的隧道不工作：

ifconfig tunl<n>报告错误和冲突

你有没有使用ifconfig, 也许是ifconfig ... pointopoint ...为了建立你的隧道？

关掉它; 删除它; 重新开始ip。

但是你能再详细说明一下吗？

@谢尔盖弗拉索夫：

tunl0     Link encap:IPIP Tunnel  HWaddr   
          inet addr:x.y.z.t  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:81621711099 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2 errors:692 dropped:0 overruns:0 carrier:0
          collisions:692 txqueuelen:0 
          RX bytes:16915649263419 (15.3 TiB)  TX bytes:120 (120.0 b)

我不明白为什么从tunl0接口发送了2个数据包？我将设置一个事件处理程序，以便在计数器增加tcpdump时运行。collisions让我们拭目以待。

更新于 5 月 7 日星期二 14:05:39 ICT 2013

@Danila Ladner：为了排除这种可能性，我已经尝试了你的建议：

ifdown tun0
modprobe -r ipip
modprobe ipip
ip addr add dev tunl0 x.y.z.t/32 brd x.y.z.t
ip link set tunl0 up

我在等着看问题是否解决：

tunl0     Link encap:IPIP Tunnel  HWaddr   
          inet addr:x.y.z.t  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:19630041 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:4083271398 (3.8 GiB)  TX bytes:0 (0.0 b)

从本主题继续，较新的内核已成功启动，但它没有看到我的sdc- 这是一个硬件 RAID 阵列（级别 10）。

我确定aacraid模块已加载：

# grep aacraid /2.6.34.14/init 
echo "Loading aacraid.ko module"
insmod /lib/aacraid.ko 

# lsmod | grep aacraid
aacraid                83347  3 
scsi_mod              154582  13 be2iscsi,ib_iser,iscsi_tcp,bnx2i,cxgb3i,libis)csi,scsi_transport_iscsi,scsi_dh,sg,usb_storage,aacraid,libata,sd_mod

我一直在尝试安装AACRAID 驱动程序，但得到以下信息：

# rpm -ivh aacraid-1.2.1-29900.rpm 
Preparing...                ########################################### [100%]
   1:aacraid                ########################################### [100%]

Adaptec aacraid driver installer - V1.5

Using GRUB configuration

Configuration [CentOS (2.6.18-274.el5)]
/boot/vmlinuz-2.6.18-274.el5 -> 2.6.18-274.el5
Installing in /lib/modules/2.6.18-274.el5/updates/
Creating initrd...

Configuration [CentOS (2.6.34.14)]
/boot/vmlinuz-2.6.34.14 -> 2.6.34.14

****** PROBLEM *******
No prebuilt aacraid module for 2.6.34.14 ia32e
driver in OS may be more advanced than package
**********************

Checking /lib/modules for any remaining kernels not yet installed

Configuration [3.0.71-1.el5.elrepo]

****** PROBLEM *******
No prebuilt aacraid module for 3.0.71-1.el5.elrepo ia32e
driver in OS may be more advanced than package
**********************

***************************************
********** 2 MODULES FAILED? **********
***************************************


Done.

我现在可以做什么来安装 Adaptec RAID 驱动程序？

我想在某些 CentOS 5 服务器上安装 Ceph FS 。由于ceph-fuse失败并出现以下错误：

# ceph-fuse --no-fuse-big-writes -m 192.168.2.15:6789 /mnt/ceph/
ceph-fuse[7528]: starting ceph client
ceph-fuse[7528]: starting fuse
fuse: unknown option `atomic_o_trunc'
2013-04-04 13:51:21.128506 2b82d6e9e8f0 -1 fuse_lowlevel_new failed
ceph-fuse[7528]: fuse finished with error 33
ceph-fuse[7526]: mount failed: (33) Numerical argument out of domain

Google 指出了这一点，但 CentOS 5.x 随内核 2.6.18 一起提供，我将编译一个支持 Ceph 的更新内核。

• 我的第一次尝试是使用来自 ELRepo 的kernel-lt 3.0.71
• 第二个是来自 kernel.org的2.6.34.14

是从运行的.config内核中复制的，带有 2 个附加设置：

CONFIG_SYSFS_DEPRECATED_V2=y
CONFIG_CEPH_FS=m

但他们都给我以下错误：

在提取内核映像并删除 2 行后，可以通过编辑初始化脚本来消除第一个警告：

echo "Loading dm-region-hash.ko module"
insmod /lib/dm-region-hash.ko 

http://funky-dennis.livejournal.com/3290.html

第二个错误怎么样：

device-mapper: table: 253:0: mirror: Error creating mirror dirty log
RAID set "ddf1_bar" was not activated

• 2.6.18 的初始化脚本： http: //fpaste.org/byZ3/
• 2.6.34.14 的：http ://fpaste.org/8COr/

除了以下模块没有加载到较新的内核之外，它们大部分是相同的：

echo "Loading dm-mem-cache.ko module"
insmod /lib/dm-mem-cache.ko 
echo "Loading dm-message.ko module"
insmod /lib/dm-message.ko 
echo "Loading dm-raid45.ko module"
insmod /lib/dm-raid45.ko 

是这个原因RAID set "ddf1_foo" was not activated吗？

更新 4 月 4 日星期四 21:40:32 ICT 2013

http://alistairphipps.com/wiki/index.php?title=Notes#LVM

类似于“镜像日志：镜像日志无法识别的同步参数：2”，“表：镜像：创建镜像脏日志时出错”的奇怪错误消息意味着您的内核设备映射器和用户空间工具版本不匹配：可能您的内核太新了你的 lvm 工具版本。从源安装最新的设备映射器和 lvm2，它应该可以工作。

我试图编译最新版本的LVM2：

# /usr/sbin/lvm version
  LVM version:     2.02.98(2) (2012-10-15)
  Library version: 1.02.67-RHEL5 (2011-10-14)
  Driver version:  4.11.6

但没有任何改变。

更新 4 月 6 日星期六 18:51:31 ICT 2013

/lib/modules/2.6.18-274.el5/kernel/drivers/md/

|-- dm-crypt.ko
|-- dm-emc.ko
|-- dm-hp-sw.ko
|-- dm-log.ko
|-- dm-mem-cache.ko
|-- dm-message.ko
|-- dm-mirror.ko
|-- dm-mod.ko
|-- dm-multipath.ko
|-- dm-raid45.ko
|-- dm-rdac.ko
|-- dm-region_hash.ko
|-- dm-round-robin.ko
|-- dm-snapshot.ko
|-- dm-zero.ko
|-- faulty.ko
|-- linear.ko
|-- multipath.ko
|-- raid0.ko
|-- raid1.ko
|-- raid10.ko
|-- raid456.ko
`-- xor.ko

/lib/modules/2.6.34.14/kernel/drivers/md/

|-- dm-crypt.ko
|-- dm-log.ko
|-- dm-mirror.ko
|-- dm-mod.ko
|-- dm-multipath.ko
|-- dm-region-hash.ko
|-- dm-round-robin.ko
|-- dm-snapshot.ko
|-- dm-zero.ko
|-- faulty.ko
|-- linear.ko
|-- multipath.ko
|-- raid0.ko
|-- raid1.ko
|-- raid10.ko
|-- raid456.ko
`-- raid6_pq.ko

更新 4 月 10 日星期三 11:22:54 ICT 2013

在源文件夹中搜索，我找到了这个：

# grep -lr 'Error creating mirror dirty log' /usr/src/linux-2.6.34.14
/usr/src/linux-2.6.34.14/drivers/md/dm-raid1.c

dm-raid1.c:

static struct dm_dirty_log *create_dirty_log(struct dm_target *ti,
                         unsigned argc, char **argv,
                         unsigned *args_used)
{
    unsigned param_count;
    struct dm_dirty_log *dl;

    if (argc < 2) {
        ti->error = "Insufficient mirror log arguments";
        return NULL;
    }

    if (sscanf(argv[1], "%u", &param_count) != 1) {
        ti->error = "Invalid mirror log argument count";
        return NULL;
    }

    *args_used = 2 + param_count;

    if (argc < *args_used) {
        ti->error = "Insufficient mirror log arguments";
        return NULL;
    }

    dl = dm_dirty_log_create(argv[0], ti, mirror_flush, param_count,
                 argv + 2);
    if (!dl) {
        ti->error = "Error creating mirror dirty log";
        return NULL;
    }

    return dl;
}

dm-log.c:

struct dm_dirty_log *dm_dirty_log_create(const char *type_name,
            struct dm_target *ti,
            int (*flush_callback_fn)(struct dm_target *ti),
            unsigned int argc, char **argv)
{
    struct dm_dirty_log_type *type;
    struct dm_dirty_log *log;

    log = kmalloc(sizeof(*log), GFP_KERNEL);
    if (!log)
        return NULL;

    type = get_type(type_name);
    if (!type) {
        kfree(log);
        return NULL;
    }

    log->flush_callback_fn = flush_callback_fn;
    log->type = type;
    if (type->ctr(log, ti, argc, argv)) {
        kfree(log);
        put_type(type);
        return NULL;
    }

    return log;
}

我将安装Gitorious作为用于故障转移目的的从属服务器，请遵循这篇博文。

gitorious.conf

NameVirtualHost *:81

<VirtualHost *:81>
    ServerName  gitorious.domain.com
    ServerAdmin quanta@domain.com
    DocumentRoot /home/git/gitorious/public
    ErrorLog  /var/log/httpd/gitorious_error.log
    CustomLog /var/log/httpd/gitorious_access.log combined
    <Directory /home/git/gitorious/public>
        AllowOverride all
        Options -MultiViews
        Satisfy Any
    </Directory>
</VirtualHost>

NameVirtualHost *:443

<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca-git.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca-git.key
    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
    ServerName  gitorious.domain.com
    ServerAdmin quanta@domain.com
    DocumentRoot /home/git/gitorious/public
    ErrorLog  /var/log/httpd/gitorious_error.log
    CustomLog /var/log/httpd/gitorious_access.log combined
    <Directory /home/git/gitorious/public>
        AllowOverride all
        Options -MultiViews
        Satisfy Any
    </Directory>
</VirtualHost>

在我尝试登录之前一切正常，Firefox 给我以下错误：

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

production.log

ActionController::UnknownHttpMethod (V^C^A, accepted HTTP methods are get, head, put, post, delete, and options):
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/request.rb:35:in `request_method_without_openid'
  vendor/plugins/open_id_authentication/lib/open_id_authentication/request.rb:11:in `request_method'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/request.rb:43:in `method'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/routing/route_set.rb:499:in `extract_request_environment_without_host'
  vendor/plugins/routing-filter/lib/routing_filter.rb:74:in `extract_request_environment'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/routing/route_set.rb:442:in `recognize'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/routing/route_set.rb:437:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/dispatcher.rb:87:in `dispatch'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/dispatcher.rb:121:in `_call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/dispatcher.rb:130:in `build_middleware_stack'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/query_cache.rb:29:in `call'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/query_cache.rb:29:in `call'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/connection_adapters/abstract/query_cache.rb:34:in `cache'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/query_cache.rb:9:in `cache'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/query_cache.rb:28:in `call'
  vendor/bundle/ruby/1.8/gems/activerecord-2.3.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:361:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/string_coercion.rb:25:in `call'
  vendor/bundle/ruby/1.8/gems/rack-1.1.6/lib/rack/head.rb:9:in `call'
  vendor/bundle/ruby/1.8/gems/rack-1.1.6/lib/rack/methodoverride.rb:24:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/params_parser.rb:15:in `call'
  vendor/bundle/ruby/1.8/gems/rails-2.3.17/lib/rails/rack/metal.rb:47:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/session/cookie_store.rb:99:in `call'
  vendor/bundle/ruby/1.8/gems/activesupport-2.3.17/lib/active_support/cache/strategy/local_cache.rb:25:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/failsafe.rb:26:in `call'
  vendor/bundle/ruby/1.8/gems/rack-1.1.6/lib/rack/lock.rb:11:in `call'
  vendor/bundle/ruby/1.8/gems/rack-1.1.6/lib/rack/lock.rb:11:in `synchronize'
  vendor/bundle/ruby/1.8/gems/rack-1.1.6/lib/rack/lock.rb:11:in `call'
  vendor/bundle/ruby/1.8/gems/actionpack-2.3.17/lib/action_controller/dispatcher.rb:106:in `call'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/rack/request_handler.rb:96:in `process_request'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_request_handler.rb:516:in `accept_and_process_next_request'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_request_handler.rb:274:in `main_loop'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/classic_rails/application_spawner.rb:321:in `start_request_handler'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `send'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `handle_spawn_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/utils.rb:470:in `safe_fork'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/classic_rails/application_spawner.rb:270:in `handle_spawn_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:357:in `__send__'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:180:in `start'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/classic_rails/application_spawner.rb:149:in `start'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/spawn_manager.rb:219:in `spawn_rails_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/spawn_manager.rb:214:in `spawn_rails_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server_collection.rb:82:in `synchronize'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/spawn_manager.rb:213:in `spawn_rails_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/spawn_manager.rb:132:in `spawn_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:357:in `__send__'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.19/helper-scripts/passenger-spawn-server:99

gitorious_access.log

[22/Feb/2013:15:42:01 +0700] "GET /login HTTP/1.1" 302 103 "http://gitorious.domain.com:81/" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0"
 - - [22/Feb/2013:15:42:01 +0700] "\x16\x03\x01" 500 1921 "-" "-"

是什么\x16\x03\x01意思？

我打算将check_mk 的多站点与 OpenLDAP集成。配置 LDAP 连接器后，打开“用户和联系人”页面时出现以下错误：

Error executing sync hook
The "Authentication Expiration" attribute (pwdchangedtime) could not
be fetchedfrom the LDAP server for user {u'cn': [u'noreply']}.

以下是我为实施密码策略覆盖所做的所有步骤：

为 OpenLDAP 服务器安装覆盖模块：

yum install openldap-servers-overlays

将以下行添加到 /etc/openldap/slapd.conf：

include     /etc/openldap/schema/ppolicy.schema

modulepath  /usr/lib64/openldap
moduleload  ppolicy.la

然后我重新启动 OpenLDAP 并尝试更改密码。我确定它已成功更改，但pwdChangedTime在运行时我没有看到该属性ldapsearch：

$ ldapsearch -x -D "cn=Manager,dc=domain,dc=com" -y .passwd.cnf "cn=noreply"
dn: cn=noreply,ou=it,dc=domain,dc=com
cn: noreply
mail: noreply at domain.com
maildrop: noreply at domain.com
sn: No
uid: noreply
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
pwdMaxAge: 31536000
pwdMinAge: 60
pwdAllowUserChange: TRUE
userPassword: {MD5}xx

我错过了什么？

我用 OCFS2 替换了一个在双主模式下运行的死节点。所有步骤都有效：

/proc/drbd

version: 8.3.13 (api:88/proto:86-96)
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by mockbuild@builder10.centos.org, 2012-05-07 11:56:36

 1: cs:Connected ro:Primary/Primary ds:UpToDate/UpToDate C r-----
    ns:81 nr:407832 dw:106657970 dr:266340 al:179 bm:6551 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0

直到我尝试挂载卷：

mount -t ocfs2 /dev/drbd1 /data/webroot/
mount.ocfs2: Transport endpoint is not connected while mounting /dev/drbd1 on /data/webroot/. Check 'dmesg' for more information on this error.

/var/log/kern.log

kernel: (o2net,11427,1):o2net_connect_expired:1664 ERROR: no connection established with node 0 after 30.0 seconds, giving up and returning errors.
kernel: (mount.ocfs2,12037,1):dlm_request_join:1036 ERROR: status = -107
kernel: (mount.ocfs2,12037,1):dlm_try_to_join_domain:1210 ERROR: status = -107
kernel: (mount.ocfs2,12037,1):dlm_join_domain:1488 ERROR: status = -107
kernel: (mount.ocfs2,12037,1):dlm_register_domain:1754 ERROR: status = -107
kernel: (mount.ocfs2,12037,1):ocfs2_dlm_init:2808 ERROR: status = -107
kernel: (mount.ocfs2,12037,1):ocfs2_mount_volume:1447 ERROR: status = -107
kernel: ocfs2: Unmounting device (147,1) on (node 1)

下面是节点 0 (192.168.3.145) 上的内核日志：

kernel: : (swapper,0,7):o2net_listen_data_ready:1894 bytes: 0
kernel: : (o2net,4024,3):o2net_accept_one:1800 attempt to connect from unknown node at 192.168.2.93
:43868
kernel: : (o2net,4024,3):o2net_connect_expired:1664 ERROR: no connection established with node 1 after 30.0 seconds, giving up and returning errors.
kernel: : (o2net,4024,3):o2net_set_nn_state:478 node 1 sc: 0000000000000000 -> 0000000000000000, valid 0 -> 0, err 0 -> -107

我确定/etc/ocfs2/cluster.conf在两个节点上都是相同的：

/etc/ocfs2/cluster.conf

node:
    ip_port = 7777
    ip_address = 192.168.3.145
    number = 0
    name = SVR233NTC-3145.localdomain
    cluster = cpc

node:
    ip_port = 7777
    ip_address = 192.168.2.93
    number = 1
    name = SVR022-293.localdomain
    cluster = cpc

cluster:
    node_count = 2
    name = cpc

他们连接得很好：

# nc -z 192.168.3.145 7777
Connection to 192.168.3.145 7777 port [tcp/cbt] succeeded!

但 O2CB 心跳在新节点 (192.168.2.93) 上未激活：

/etc/init.d/o2cb status

Driver for "configfs": Loaded
Filesystem "configfs": Mounted
Driver for "ocfs2_dlmfs": Loaded
Filesystem "ocfs2_dlmfs": Mounted
Checking O2CB cluster cpc: Online
Heartbeat dead threshold = 31
  Network idle timeout: 30000
  Network keepalive delay: 2000
  Network reconnect delay: 2000
Checking O2CB heartbeat: Not active

tcpdump以下是在节点 0 上运行并ocfs2在节点 1 上启动时的结果：

  1   0.000000 192.168.2.93 -> 192.168.3.145 TCP 70 55274 > cbt [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSval=690432180 TSecr=0
  2   0.000008 192.168.3.145 -> 192.168.2.93 TCP 70 cbt > 55274 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSval=707657223 TSecr=690432180
  3   0.000223 192.168.2.93 -> 192.168.3.145 TCP 66 55274 > cbt [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSval=690432181 TSecr=707657223
  4   0.000286 192.168.2.93 -> 192.168.3.145 TCP 98 55274 > cbt [PSH, ACK] Seq=1 Ack=1 Win=5840 Len=32 TSval=690432181 TSecr=707657223
  5   0.000292 192.168.3.145 -> 192.168.2.93 TCP 66 cbt > 55274 [ACK] Seq=1 Ack=33 Win=5792 Len=0 TSval=707657223 TSecr=690432181
  6   0.000324 192.168.3.145 -> 192.168.2.93 TCP 66 cbt > 55274 [RST, ACK] Seq=1 Ack=33 Win=5792 Len=0 TSval=707657223 TSecr=690432181

每 6个RST数据包发送一次标志。

我还能做些什么来调试这种情况？

附言：

节点 0 上的 OCFS2 版本：

• ocfs2-工具-1.4.4-1.el5
• ocfs2-2.6.18-274.12.1.el5-1.4.7-1.el5

节点 1 上的 OCFS2 版本：

• ocfs2-工具-1.4.4-1.el5
• ocfs2-2.6.18-308.el5-1.4.7-1.el5

更新 1 - 2012 年 12 月 23 日星期日 18:15:07 ICT

两个节点都在同一个局域网段上吗？没有路由器之类的？

不，它们是不同子网上的 2 个 VMWare 服务器。

哦，虽然我记得 - 主机名/DNS 所有设置和工作正常？

当然，我将每个节点的主机名和 IP 地址都添加到/etc/hosts：

192.168.2.93    SVR022-293.localdomain
192.168.3.145   SVR233NTC-3145.localdomain

他们可以通过主机名相互连接：

# nc -z SVR022-293.localdomain 7777
Connection to SVR022-293.localdomain 7777 port [tcp/cbt] succeeded!

# nc -z SVR233NTC-3145.localdomain 7777
Connection to SVR233NTC-3145.localdomain 7777 port [tcp/cbt] succeeded!

更新 2 - 2012 年 12 月 24 日星期一 18:32:15 ICT

发现线索：我的同事/etc/ocfs2/cluster.conf在集群运行时手动编辑了文件。因此，它仍然将死节点信息保存在/sys/kernel/config/cluster/：

# ls -l /sys/kernel/config/cluster/cpc/node/
total 0
drwxr-xr-x 2 root root 0 Dec 24 18:21 SVR150-4107.localdomain
drwxr-xr-x 2 root root 0 Dec 24 18:21 SVR233NTC-3145.localdomain

（SVR150-4107.localdomain在这种情况下）

我打算停止集群以删除死节点，但出现以下错误：

# /etc/init.d/o2cb stop
Stopping O2CB cluster cpc: Failed
Unable to stop cluster as heartbeat region still active

我确定该ocfs2服务已经停止：

# mounted.ocfs2 -f
Device                FS     Nodes
/dev/sdb              ocfs2  Not mounted
/dev/drbd1            ocfs2  Not mounted

没有参考了：

# ocfs2_hb_ctl -I -u 12963EAF4E16484DB81ECB0251177C26
12963EAF4E16484DB81ECB0251177C26: 0 refs

我还卸载了ocfs2内核模块以确保：

# ps -ef | grep [o]cfs2
root     12513    43  0 18:25 ?        00:00:00 [ocfs2_wq]

# modprobe -r ocfs2
# ps -ef | grep [o]cfs2
# lsof | grep ocfs2

但没有任何变化：

# /etc/init.d/o2cb offline
Stopping O2CB cluster cpc: Failed
Unable to stop cluster as heartbeat region still active

所以最后的问题是：如何在不重启的情况下删除死节点信息？

更新 3 - 2012 年 12 月 24 日星期一 22:41:51 ICT

以下是所有正在运行的心跳线程：

# ls -l /sys/kernel/config/cluster/cpc/heartbeat/ | grep '^d'
drwxr-xr-x 2 root root    0 Dec 24 22:18 72EF09EA3D0D4F51BDC00B47432B1EB2

此心跳区域的引用计数：

# ocfs2_hb_ctl -I -u 72EF09EA3D0D4F51BDC00B47432B1EB2
72EF09EA3D0D4F51BDC00B47432B1EB2: 7 refs

尝试杀死：

# ocfs2_hb_ctl -K -u 72EF09EA3D0D4F51BDC00B47432B1EB2
ocfs2_hb_ctl: File not found by ocfs2_lookup while stopping heartbeat

有任何想法吗？

我按照这个在 Gentoo 上安装和配置 Nginx、uWSGI 和 Django。在最后一步之前一切看起来都很好：Nginx 返回 502 Bad Gateway 错误并且以下内容出现在 uWSGI 日志中：

*** Starting uWSGI 1.2.4 (32bit) on [Mon Sep 10 23:41:29 2012] ***
compiled with version: 4.5.3 on 02 September 2012 22:00:55
detected number of CPU cores: 2
current working directory: /var/www/localhost/htdocs/mysite
writing pidfile to /var/run/uwsgi/trac.pid
detected binary path: /usr/bin/uwsgi
your memory page size is 4096 bytes
building mime-types dictionary from file /etc/mime.types...1017 entry found
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
uwsgi socket 0 bound to TCP address 127.0.0.1:8001 fd 3
your server socket listen backlog is limited to 100 connections
*** Operational MODE: single process ***
*** no app loaded. going in full dynamic mode ***
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 14105)
spawned uWSGI worker 1 (pid: 14108, cores: 1)
-- unavailable modifier requested: 0 --
-- unavailable modifier requested: 0 --

谷歌指出了这一点，但对于 Ubuntu。Gentoo 上的软件包的等效项是什么uwsgi-plugin-python？

/etc/nginx/nginx.conf

    location /mysite {
        root        /var/www/localhost/htdocs/mysite/polls;
        uwsgi_pass  127.0.0.1:8001;
        include     uwsgi_params;   
    }   

/etc/conf.d/uwsgi.trac

UWSGI_SOCKET="127.0.0.1:8001"
UWSGI_THREADS=0
UWSGI_PROGRAM=/var/www/localhost/htdocs/mysite/polls/tests.py
UWSGI_XML_CONFIG=
UWSGI_PROCESSES=1
UWSGI_LOG_FILE=/var/log/uwsgi/django.log
UWSGI_CHROOT=
UWSGI_DIR=/var/www/localhost/htdocs/mysite/
UWSGI_USER=uwsgi
UWSGI_EMPEROR_PATH=
UWSGI_EXTRA_OPTIONS=

我打算从 MySQL 复制迁移到Percona XtraDB Cluster。我面临的问题是一个节点在 x86 上运行，由于解决问题，我无法Percona-XtraDB-Cluster-server从Percona存储库安装：

...
--> Finished Dependency Resolution
1:Percona-XtraDB-Cluster-server-5.5.27-23.6.356.rhel5.i686 from percona has depsolving problems
  --> Missing Dependency: Percona-XtraDB-Cluster-galera is needed by package 1:Percona-XtraDB-Cluster-server-5.5.27-23.6.356.rhel5.i686 (percona)
Error: Missing Dependency: Percona-XtraDB-Cluster-galera is needed by package 1:Percona-XtraDB-Cluster-server-5.5.27-23.6.356.rhel5.i686 (percona)
 You could try using --skip-broken to work around the problem
 You could try running: package-cleanup --problems
                        package-cleanup --dupes
                        rpm -Va --nofiles --nodigest

如您所见，回购Percona-XtraDB-Cluster-galera中不存在。

我该如何解决这个问题？

问题已解决，但我正在写下来以备将来参考。

/root/.my.cnf

[mysqladmin]
user            = root
password        = pa$$w0rd

/etc/logrotate.d/mysql

/var/log/mysql-slow.log /var/log/mysqld.log {
    daily
    rotate 7
    dateext
    compress
    missingok
    #notifempty
    sharedscripts
    create 644 mysql mysql
    postrotate
        /usr/bin/mysqladmin flush-logs
    endscript
}

logrotate从命令行运行时工作正常：

# logrotate -v -f /etc/logrotate.d/mysql

但在凌晨 4 点从 cron 运行时它不起作用日志文件已轮换但 MySQL 不会将错误记录到新创建的文件中：

-rw-r--r-- 1 mysql mysql      0 Aug  7 10:13 /var/log/mysqld.log
-rw-r--r-- 1 mysql mysql     20 Aug  4 04:04 /var/log/mysqld.log-20120804.gz
-rw-r--r-- 1 mysql mysql     20 Aug  5 04:04 /var/log/mysqld.log-20120805.gz
-rw-r--r-- 1 mysql mysql     20 Aug  6 16:28 /var/log/mysqld.log-20120806.gz

由于这个问题，我将在 MySQL 服务器后端嗅探一些数据包，看看会发生什么：

# tcpdump -vv -s0 -c 100 -i bond0 tcp port 3306 and host 192.168.3.87 -w /home/quanta/3.87_aborted.pcap

如您所见，我将 snaplen 设置为 0，但仍然收到消息“捕获期间数据包大小受限”：

MySQL Protocol
    Packet Length: 579
    Packet Number: 96
    text: 336
    text: 1004352
    text: 147619
    text: 336
[Packet size limited during capture: MySQL truncated]

我界面上的卸载设置：

# ethtool -k bond0
Offload parameters for bond0:
Cannot get device rx csum settings: Operation not supported
rx-checksumming: off
tx-checksumming: on
scatter-gather: on
tcp segmentation offload: on
udp fragmentation offload: off
generic segmentation offload: off
generic-receive-offload: off

/proc/net/bonding/bond0:

Ethernet Channel Bonding Driver: v3.4.0-1 (October 7, 2008)

Bonding Mode: adaptive load balancing
Primary Slave: None
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:30:48:c3:20:be

回复@HeatfanJohn:

# ethtool -k eth1
Offload parameters for eth1:
Cannot get device udp large send offload settings: Operation not supported
rx-checksumming: on
tx-checksumming: on
scatter-gather: on
tcp segmentation offload: on
udp fragmentation offload: off
generic segmentation offload: off
generic-receive-offload: on

回复@Doon:

bond0     UP BROADCAST RUNNING MASTER MULTICAST  MTU:1500  Metric:1

嗅探-s 1500还显示：

 41  11.371783  192.168.6.7 -> 192.168.3.87 MySQL Response OK
 42  11.371974 192.168.3.87 -> 192.168.6.7  MySQL Request Ping
 43  11.371996  192.168.6.7 -> 192.168.3.87 MySQL Response OK
 44  11.378562 192.168.3.87 -> 192.168.6.7  MySQL Request Query
 45  11.379604  192.168.6.7 -> 192.168.3.87 MySQL Response
 46  11.402431 192.168.3.87 -> 192.168.6.7  MySQL Request Query
 47  11.402992  192.168.6.7 -> 192.168.3.87 MySQL Response[Packet size limited during capture]

/var/log/secure:

su: pam_keyinit(su-l:session): Unable to change UID to 500 temporarily
su: pam_keyinit(su-l:session): Unable to change UID to 500 temporarily
su: pam_unix(su-l:session): session opened for user adtech by root(uid=0)
su: pam_unix(su-l:session): session closed for user adtech

我猜这是由每个用户限制引起的，但与另一个用户相比并没有什么不同。

这是ulimit -n为了adtech：

[adtech@hmaster87 root]$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 192025
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 655360
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

这个是为了quanta：

[quanta@hmaster87 ~]$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 192025
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 655360
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

运行的进程数adtech：

[root@hmaster87 ~]# ps -U adtech | wc -l
25

还有什么要检查的吗？

更新 7 月 21 日星期六 09:21:26 ICT 2012：

# getent passwd adtech
adtech:x:500:502::/home/adtech:/bin/bash

正如我在下面的评论中所说，我的同事发现了可能是罪魁祸首的过程：

adtech 12901 1 0 08:58 ? 00:00:00 /home/adtech/nexus/bin/../bin/jsw/linux-x86-64/wrapper /home/adtech/nexus/bin/../bin/jsw/conf/wrapper.conf wrapper.syslog.ident=nexus wrapper.pidfile=/home/adtech/nexus/bin/../bin/jsw/linux-x86-64/nexus.pid wrapper.daemonize=TRUE

adtech 12903 12901 1 08:58 ? 00:00:24 java -Dsun.net.inetaddr.ttl=3600 -DbundleBasedir=. -Djava.io.tmpdir=./tmp -DjettyContext=nexus.properties -DjettyContextIncludeKeys=bundleBasedir -DjettyPlexusCompatibility=true -Djava.library.path=bin/jsw/lib -classpath bin/jsw/lib/wrapper-3.2.3.jar:./lib/plexus-classworlds-2.4.jar:./conf/ -Dwrapper.key=ejxHaBJASiFkAB8w -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.pid=12901 -Dwrapper.version=3.2.3 -Dwrapper.native_library=wrapper -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.codehaus.plexus.classworlds.launcher.Launcher ./conf/jetty.xml

通过终止这个进程，问题就消失了，但我们仍然不知道超出了哪个限制。

更新 12 月 15 日星期六 00:56:13 ICT 2012：

@favadi的回答是正确的，但我在这里更新以防有人谷歌这个线程。

日志文件说：

jvm 1    | Server daemon died!
jvm 1    | java.lang.OutOfMemoryError: unable to create new native thread
jvm 1    |      at java.lang.Thread.start0(Native Method)
jvm 1    |      at java.lang.Thread.start(Thread.java:640)
jvm 1    |      at org.tanukisoftware.wrapper.WrapperManager.privilegedStopInner(WrapperManager.java:3152)
jvm 1    |      at org.tanukisoftware.wrapper.WrapperManager.handleSocket(WrapperManager.java:3797)
jvm 1    |      at org.tanukisoftware.wrapper.WrapperManager.run(WrapperManager.java:4084)
jvm 1    |      at java.lang.Thread.run(Thread.java:662)

• Percona-XtraDB-Cluster-server-5.5.24-23.6.340.rhel5

这是一个从属服务器。mysqladmin shutdown挂在：

[Note] Event Scheduler: Purging the queue. 24 events 
[Note] Slave I/O thread killed while reading event 
[Note] Slave I/O thread exiting, read up to log 'mysql-bin.000878', position 848536790 

所以，我按下Ctrl+ C，终端显示以下警告：

Warning;  Aborted waiting on pid file: '/var/lib/mysql/x.pid' after 302 seconds

这些过程仍然存在：

root 9623 1 0 10:18 pts/8 00:00:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/lib/mysql/x.pid

mysql 10357 9623 0 10:18 pts/8 00:00:06 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/log/mysqld.log --open-files-limit=100000 --pid-file=/var/lib/mysql/x.pid --socket=/var/lib/mysql/mysql.sock

但是缺少套接字文件：

ls: /var/lib/mysql/mysql.sock: No such file or directory

3306 端口上没有任何监听。

# netstat --inet -nlp | grep :3306
# lsof -i :3306
#

向子进程发送 SIGTERM 信号 ( kill -15) 不起作用。我能做什么，但是kill -9？

• 起搏器-1.0.12-1
• corosync-1.2.7-1.1

我将按照本指南为 MySQL 复制（1 个主服务器和 1 个从服务器）设置故障转移： https ://github.com/jayjanssen/Percona-Pacemaker-Resource-Agents/blob/master/doc/PRM-setup-guide .rst

这是输出crm configure show：

node serving-6192 \
    attributes p_mysql_mysql_master_IP="192.168.6.192"
node svr184R-638.localdomain \
    attributes p_mysql_mysql_master_IP="192.168.6.38"
primitive p_mysql ocf:percona:mysql \
    params config="/etc/my.cnf" pid="/var/run/mysqld/mysqld.pid"
socket="/var/lib/mysql/mysql.sock" replication_user="repl"
replication_passwd="x" test_user="test_user" test_passwd="x" \
    op monitor interval="5s" role="Master" OCF_CHECK_LEVEL="1" \
    op monitor interval="2s" role="Slave" timeout="30s"
OCF_CHECK_LEVEL="1" \
    op start interval="0" timeout="120s" \
    op stop interval="0" timeout="120s"
primitive writer_vip ocf:heartbeat:IPaddr2 \
    params ip="192.168.6.8" cidr_netmask="32" \
    op monitor interval="10s" \
    meta is-managed="true"
ms ms_MySQL p_mysql \
    meta master-max="1" master-node-max="1" clone-max="2"
clone-node-max="1" notify="true" globally-unique="false"
target-role="Master" is-managed="true"
colocation writer_vip_on_master inf: writer_vip ms_MySQL:Master
order ms_MySQL_promote_before_vip inf: ms_MySQL:promote writer_vip:start
property $id="cib-bootstrap-options" \
    dc-version="1.0.12-unknown" \
    cluster-infrastructure="openais" \
    expected-quorum-votes="2" \
    no-quorum-policy="ignore" \
    stonith-enabled="false" \
    last-lrm-refresh="1341801689"
property $id="mysql_replication" \
    p_mysql_REPL_INFO="192.168.6.192|mysql-bin.000006|338"

crm_mon:

Last updated: Mon Jul  9 10:30:01 2012
Stack: openais
Current DC: serving-6192 - partition with quorum
Version: 1.0.12-unknown
2 Nodes configured, 2 expected votes
2 Resources configured.
============

Online: [ serving-6192 svr184R-638.localdomain ]

 Master/Slave Set: ms_MySQL
     Masters: [ serving-6192 ]
     Slaves: [ svr184R-638.localdomain ]
writer_vip    (ocf::heartbeat:IPaddr2):    Started serving-6192

编辑/etc/my.cnf错误语法的 serving-6192 以测试故障转移并且它工作正常：

• svr184R-638.localdomain 被提升为 master
• writer_vip 切换到 svr184R-638.localdomain

当前状态：

Last updated: Mon Jul  9 10:35:57 2012
Stack: openais
Current DC: serving-6192 - partition with quorum
Version: 1.0.12-unknown
2 Nodes configured, 2 expected votes
2 Resources configured.
============

Online: [ serving-6192 svr184R-638.localdomain ]

 Master/Slave Set: ms_MySQL
     Masters: [ svr184R-638.localdomain ]
     Stopped: [ p_mysql:0 ]
writer_vip    (ocf::heartbeat:IPaddr2):    Started svr184R-638.localdomain

Failed actions:
    p_mysql:0_monitor_5000 (node=serving-6192, call=15, rc=7,
status=complete): not running
    p_mysql:0_demote_0 (node=serving-6192, call=22, rc=7,
status=complete): not running
    p_mysql:0_start_0 (node=serving-6192, call=26, rc=-2, status=Timed
Out): unknown exec error

/etc/my.cnf从serving-6192 上 删除错误的语法，然后重新启动corosync，我希望看到的是 serving-6192 作为新的从站启动，但它没有：

Failed actions:
    p_mysql:0_start_0 (node=serving-6192, call=4, rc=1,
status=complete): unknown error

这是我怀疑的日志片段：

Jul 09 10:46:32 serving-6192 lrmd: [7321]: info: rsc:p_mysql:0:4: start
Jul 09 10:46:32 serving-6192 lrmd: [7321]: info: RA output:
(p_mysql:0:start:stderr) Error performing operation: The
object/attribute does not exist

Jul 09 10:46:32 serving-6192 crm_attribute: [7420]: info: Invoked:
/usr/sbin/crm_attribute -N serving-6192 -l reboot --name readable -v 0

/var/log/cluster/corosync.log: http://fpaste.org/AyOZ/

奇怪的是我可以手动启动它：

export OCF_ROOT=/usr/lib/ocf
export OCF_RESKEY_config="/etc/my.cnf"
export OCF_RESKEY_pid="/var/run/mysqld/mysqld.pid"
export OCF_RESKEY_socket="/var/lib/mysql/mysql.sock"
export OCF_RESKEY_replication_user="repl"
export OCF_RESKEY_replication_passwd="x"
export OCF_RESKEY_test_user="test_user"
export OCF_RESKEY_test_passwd="x"

sh -x /usr/lib/ocf/resource.d/percona/mysql start: http://fpaste.org/RVGh/

我做错了什么吗？

回复 @Patrick Fri Jul 13 10:22:10 ICT 2012:

我不确定为什么它会失败，因为您的日志不包含来自资源脚本（ocf_log 命令）的任何消息

我把这一切都从/var/log/cluster/corosync.log。你心里有什么理由吗？

/etc/corosync/corosync.conf

compatibility: whitetank

totem {
    version: 2
    secauth: off
    threads: 0
    interface {
        member {
            memberaddr: 192.168.6.192
        }
        member {
            memberaddr: 192.168.6.38
        }
        ringnumber: 0
        bindnetaddr: 192.168.6.0
        mcastaddr: 226.94.1.1
        mcastport: 5405
    }
}

logging {
    fileline: off
    to_stderr: yes
    to_logfile: yes
    to_syslog: yes
    logfile: /var/log/cluster/corosync.log
    debug: on
    timestamp: on
    logger_subsys {
        subsys: AMF
        debug: off
    }
}

amf {
    mode: disabled
}

手动运行脚本时脚本起作用的原因也是因为您没有设置告诉脚本它是主/从资源的变量。所以当它运行时，脚本认为它只是一个独立的实例。

谢谢。我已将以下变量附加到我的~/.bash_profile：

export OCF_RESKEY_CRM_meta_clone_max="2"
export OCF_RESKEY_CRM_meta_role="Slave"

使其生效. ~/.bash_profile并手动启动mysql资源：

sh -x /usr/lib/ocf/resource.d/percona/mysql start: http://fpaste.org/EMwa/

它工作正常：

mysql> show slave status\G
*************************** 1. row ***************************
               Slave_IO_State: Waiting for master to send event
                  Master_Host: 192.168.6.38
                  Master_User: repl
                  Master_Port: 3306
                Connect_Retry: 60
              Master_Log_File: mysql-bin.000072
          Read_Master_Log_Pos: 1428602
               Relay_Log_File: mysqld-relay-bin.000006
                Relay_Log_Pos: 39370
        Relay_Master_Log_File: mysql-bin.000072
             Slave_IO_Running: Yes
            Slave_SQL_Running: Yes
              Replicate_Do_DB: 
          Replicate_Ignore_DB: 
           Replicate_Do_Table: 
       Replicate_Ignore_Table: 
      Replicate_Wild_Do_Table: 
  Replicate_Wild_Ignore_Table: 
                   Last_Errno: 0
                   Last_Error: 
                 Skip_Counter: 0
          Exec_Master_Log_Pos: 1428602
              Relay_Log_Space: 39527
              Until_Condition: None
               Until_Log_File: 
                Until_Log_Pos: 0
           Master_SSL_Allowed: No
           Master_SSL_CA_File: 
           Master_SSL_CA_Path: 
              Master_SSL_Cert: 
            Master_SSL_Cipher: 
               Master_SSL_Key: 
        Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
                Last_IO_Errno: 0
                Last_IO_Error: 
               Last_SQL_Errno: 0
               Last_SQL_Error: 
  Replicate_Ignore_Server_Ids: 
             Master_Server_Id: 123
1 row in set (0.00 sec)

停止 MySQL，打开调试，重新启动 corosync，这是日志：http ://fpaste.org/mZzS/

如您所见，只有“未知错误”：

 1.
    Jul 13 10:48:06 serving-6192 crmd: [3341]: debug:
    get_xpath_object: No match for
    //cib_update_result//diff-added//crm_config in
    /notify/cib_update_result/diff
 2.
    Jul 13 10:48:06 serving-6192 lrmd: [3338]: WARN: Managed
    p_mysql:1:start process 3416 exited with return code 1.
 3.
    Jul 13 10:48:06 serving-6192 crmd: [3341]: info:
    process_lrm_event: LRM operation p_mysql:1_start_0 (call=4,
    rc=1, cib-update=10, confirmed=true) unknown error

有什么想法吗？

更新 7 月 14 日星期六 17:16:03 ICT 2012：

@Patrick：谢谢你的提示！

Pacemaker 使用的环境变量如下： http: //fpaste.org/92yN/

正如我在与您聊天时所怀疑的那样，该节点serving-6192是从 开始的OCF_RESKEY_CRM_meta_master_max=1，因此，由于以下代码：

/usr/lib/ocf/resource.d/percona/mysql:

if ocf_is_ms; then
    mysql_extra_params="--skip-slave-start"
fi

/usr/lib/ocf//lib/heartbeat/ocf-shellfuncs:

ocf_is_ms() {
    [ ! -z "${OCF_RESKEY_CRM_meta_master_max}" ] && [ "${OCF_RESKEY_CRM_meta_master_max}" -gt 0 ]
}

额外的参数--skip-slave-start包括：

ps -ef | grep mysql

root 18215 1 0 17:12 pts/4 00:00:00 /bin/sh /usr/bin/mysqld_safe --defaults-file=/etc/my.cnf --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock --datadir=/var/lib/mysql --user=mysql --skip-slave-start

mysql 19025 18215 1 17:12 pts/4 00:00:14 /usr/libexec/mysqld --defaults-file=/etc/my.cnf --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-slave-start --log-error=/var/log/mysqld.log --open-files-limit=8192 --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306

但 SQL 线程仍在运行：

         Slave_IO_Running: Yes
        Slave_SQL_Running: Yes

并且复制工作正常。

IFS=$'\n' ENV=( $(cat /tmp/16374.env) ); env -i - "${ENV[@]}" sh -x /usr/lib/ocf/resource.d/percona/mysql start: http://fpaste.org/x7xE/

我的头撞在墙上 (: -> |

我一直在尝试使用 Apache 2.2.3 设置冗余 LDAP 服务器。

/etc/httpd/conf.d/authn_alias.conf

<AuthnProviderAlias ldap master>
    AuthLDAPURL ldap://192.168.5.148:389/dc=domain,dc=vn?cn
    AuthLDAPBindDN cn=anonymous,ou=it,dc=domain,dc=vn
    AuthLDAPBindPassword pa$$w0rd
</AuthnProviderAlias>

<AuthnProviderAlias ldap slave>
    AuthLDAPURL ldap://192.168.5.199:389/dc=domain,dc=vn?cn
    AuthLDAPBindDN cn=anonymous,ou=it,dc=domain,dc=vn
    AuthLDAPBindPassword pa$$w0rd
</AuthnProviderAlias>

/etc/httpd/conf.d/authz_ldap.conf

#
# mod_authz_ldap can be used to implement access control and 
# authenticate users against an LDAP database.
# 

LoadModule authz_ldap_module modules/mod_authz_ldap.so

<IfModule mod_authz_ldap.c>
   <Location />
        AuthBasicProvider master slave
        AuthzLDAPAuthoritative Off
        AuthType Basic
        AuthName "Authorization required"

        AuthzLDAPMemberKey member
        AuthUserFile /home/setup/svn/auth-conf
        AuthzLDAPSetGroupAuth user
        require valid-user
        AuthzLDAPLogLevel error
   </Location>
</IfModule>

如果我理解正确，mod_authz_ldap如果第一台服务器关闭或 OpenLDAP 未运行，将尝试在第二个 LDAP 中搜索用户。

但在实践中，它不会发生。通过在主服务器上停止 LDAP 进行测试，我在访问 Subversion 存储库时收到“500 内部服务器错误” 。节目error_log：

[11061] auth_ldap authenticate: user quanta authentication failed; URI / [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server]

我误会了吗？AuthBasicProvider ldap1 ldap2仅表示如果mod_authz_ldap在 ldap1 中找不到用户，它将继续使用 ldap2。它不包括故障转移功能（ldap1 必须正在运行并且工作正常）？

• 操作系统：Gentoo、CentOS
• 版本：2.1.0

按照快速入门指南，运行时出现以下错误bootstrap-localcloud：

cloudify@default> bootstrap-localcloud
STARTING CLOUDIFY MANAGEMENT
2012-05-30 14:55:50,396  WARNING [org.cloudifysource.shell.commands.AbstractGSCommand] - ; \
Caused by: org.cloudifysource.shell.commands.CLIException: \
Error while starting agent. \
Please make sure that another agent is not already running.
Operation failed.

Cloudify 使用哪个端口来检查代理是否正在运行？

PS：在 Windows 上运行时它工作正常。

更新：5 月 30 日星期三 22:37:30 ICT 2012

回复@tamirkorem 和@Itai Frenkel：

我很确定，因为这是我第一次在 2 台服务器上运行该命令。更清楚的是，这里是输出：

cloudify@default> teardown-localcloud 
Teardown will uninstall all of the deployed services. Do you want to continue  [y/n]?
2012-05-30 22:43:33,145  WARNING [org.cloudifysource.shell.commands.AbstractGSCommand] - Teardown failed. Failed to fetch the currently deployed applications list. For force teardown use the -force flag.
Operation failed.

cloudify@default> teardown-localcloud -force
Teardown will uninstall all of the deployed services. Do you want to continue  [y/n]?
Failed to fetch the currently deployed applications list. Continuing teardown-localcloud.
.2012-05-30 22:46:39,040  WARNING [org.cloudifysource.shell.commands.AbstractGSCommand] - Teardown aborted, an agent was not found on the local machine.
Operation failed. 

这是详细的结果：

cloudify@default> bootstrap-localcloud --verbose
NIC Address=127.0.0.1
Lookup Locators=127.0.0.1:4172
Lookup Groups=localcloud
Starting agent and management processes:
gs-agent.sh gsa.global.lus 0 gsa.lus 0 gsa.gsc 0 gsa.global.gsm 0 gsa.gsm_lus 1 gsa.global.esm 0 gsa.esm 1 >/dev/null 2>&1
STARTING CLOUDIFY MANAGEMENT
2012-05-30 22:36:12,870  WARNING [org.cloudifysource.shell.commands.AbstractGSCommand] - ; Caused by: org.cloudifysource.shell.commands.CLIException: Error while starting agent. Please make sure that another agent is not already running. Command executed: /usr/local/src/gigaspaces-cloudify-2.1.0-ga/bin/gs-agent.sh gsa.global.lus 0 gsa.lus 0 gsa.gsc 0 gsa.global.gsm 0 gsa.gsm_lus 1 gsa.global.esm 0 gsa.esm 1 >/dev/null 2>&1

回复@Eliran Malka:

在端口 4172 上没有这样的进程监听：

# netstat --protocol=inet -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:9050          0.0.0.0:*               LISTEN      2363/tor            
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      2331/mysqld         
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      2293/cupsd