Tuesday, June 30, 2009

Character Encoding mismatch with (iso-8859-1) for (utf-8) !

The character encoding specified in the HTTP header (iso-8859-1) is different from the value in the element (utf-8). I will use the value from the HTTP header (iso-8859-1) for this validation.

Resolution:

Add the following line to the .htaccess file of the website.

AddDefaultCharset utf-8

Save the file.

Reload Apache.

Done.

Tuesday, June 23, 2009

Which ports should be opened on Virtuozzo hardware node and Service VE?

Resolution

Parallels Virtuozzo Containers 4.0

Hardware node:

  • 4433 - TCP VZAgent non-crypted XML connections to VZAgent
  • 4434 - TCP VZAgent SSL (crypted) XML connections to VZAgent
  • 4435 - TCP VZAgent binary data transfer connections to VZAgent
  • 4646 - TCP VZAgent SOAP
  • 4643 - Parallels Infrastructure Manager
  • 80 - HTTP redirect for Parallels Infrastructure Manager
  • 443 - Parallels Infrastructure manager
  • 22* - SSH. Used in case when Service CT is created in compat mode
  • 8443, 8080 - Plesk integration
  • 3389 - Remote Desktop
If you would like to close required ports on the node you can use the following script (to apply it please create .cmd file and just copy script commands there):

netsh firewall set opmode enable
netsh firewall set portopening protocol=TCP port=3389
netsh firewall set portopening protocol=TCP port=22 name="SSH/VZAagent"
netsh firewall set portopening protocol=TCP port=4643 name="VZCP"
netsh firewall set portopening protocol=TCP port=4646 name="SOAP"
netsh firewall set portopening protocol=TCP port=8443 name="Plesk-VZPP1"
netsh firewall set portopening protocol=TCP port=8080 name="Plesk-VZPP2"
netsh firewall set portopening protocol=TCP port=443 name="HTTPS redirect for Parallels Infrastructure Manager"
netsh firewall set portopening protocol=TCP port=80 name="HTTP redirect for Parallels Infrastructure Manager"
netsh firewall set portopening protocol=TCP port=4433 name="TCP VZAgent non-crypted XML connections to VZAgent"
netsh firewall set portopening protocol=TCP port=4434 name="TCP VZAgent SSL (crypted) XML connections to VZAgent"
netsh firewall set portopening protocol=TCP port=4435 name="TCP VZAgent binary data transfer connections to VZAgent"
pause

Service Container

  • 22* - SSH. Used in case when Service CT is created in compat mode
  • 8443, 8080 - Plesk integration
  • 4646 - TCP VZAgent SOAP
  • 4643 - Parallels Infrastructure Manager
  • 4450,4452 - used for connection to ADAM and PIM authorization
  • 1433 - Used by PMC, to retrive statistics from MSSQL database inside SCT
If you would like to close required ports inside service container directly from the node you can use the following script (to apply it please create .cmd file and just copy script commands there):

vzctl exec 1 netsh firewall set opmode enable
vzctl exec 1 netsh firewall set portopening protocol=TCP port=22 name="SSH/VZAagent"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4643 name="Parallels Infrastructure Manager"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4646 name="SOAP"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4450 name="ADAM and PIM authorization 4450"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4452 name="ADAM and PIM authorization 4452"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=1433 name="for PMC, to retrive statistics from MSSQL database"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=8443 name="Plesk-VZPP 8443"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=8080 name="Plesk-VZPP 8080"
pause 10


Virtuozzo 3.5.1


The following ports should be opened on hardware node and service VE:

- 22: this port should be opened inside the Service VE and is needed to be able to establish an SSH connection to the Service VE from the computer where VZMC is installed;

- 4643: this port should be opened inside the Service VE and is needed to be able to connect to the Service VE and other VEs on the Node thru VZCC/VZPP.

- 4646 - SOAP

- 3141: this port should be opened on the Hardware Node and is needed to be able to view the information on the current HN resources consumption on the Monitor Node or thru a standard Web browser.

- 3389: this port should be opened on the Hardware Node and is needed to connect to your Virtual Environments(for 3.5.1 version) by means of the standard Windows Remote Desktop Connection (RDP) application.

Note: Starting from Virtuozzo 3.5.1 Service Pack 1 , 3389 port should be opened inside each VE because each VE has its own Terminal Server inside.

- 8049: this port should be opened on the Hardware Node and is needed to check the information on the current state of the Hardware Node thru a standard Web browser.

- 139 and 445 for name pipes, as VZAgent communicates with VZAOP service on the node via it.

- 8443 port should be opened inside Service VE. It’s required for Plesk/VZPP integration.

If you would like to close required ports inside service VE directly from the node you can use the following script (to apply it please create .cmd file and just copy script commands there):

vzctl exec 1 netsh firewall set opmode enable
vzctl exec 1 netsh firewall set portopening protocol=TCP port=3389
vzctl exec 1 netsh firewall set portopening protocol=TCP port=22 name="SSH/VZAagent"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4643 name="VZCP"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=4646 name="SOAP"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=8443 name="Plesk-VZPP"
vzctl exec 1 netsh firewall set portopening protocol=TCP port=139 scope=all profile=all
vzctl exec 1 netsh firewall set portopening protocol=TCP port=445 scope=all profile=all
pause 10

Saturday, June 20, 2009

Check the process running in Linux and Windows

Linux:

root@localhost# top

Windows:

C:\> tasklist

Friday, June 19, 2009

Forgot Administrator's password. How can I log in now?(Confixx)

Resolution

You can use the reset_admin_pw.pl utility which will reset administrator's password to random value. Then it will inform you about administrator's login and password.

Just enter your box via ssh/telnet/another console session. After that:

1. Enter your Parallels Confixx installation directory (typically /root/confixx)

# cd /root/confixx


2. Run the reset_admin_pw.pl

# ./reset_admin_pw.pl
New password for Confixx login "admin" is: zxCexZro


3. Enter the web panel with the new login/password and change them to the desired values.

You can also try --password key to set the password not to random value but to the value you specified:

# ./reset_admin_pw.pl --password MyPassword
New password for Confixx login "admin" is: MyPassword

Qmail Service does not start in Plesk :

/etc/xinetd.d/smtp_psa file could be edited manually:

Hence replace smtp_psa file with default settings.
Try restart Qmail.

Restarted services:
root@uhweb28187:/# /etc/init.d/xinetd restart Stopping internet superserver: xinetd.
Starting internet superserver: xinetd.
root@uhweb28187:/# /etc/init.d/qmail restart Starting qmail: done

Done,...

Cannot find 'key 0' network adapter for container

Network Adapter failure on container

dentify Network Adapter failure:

VPS does not have an IP:

If tried to set with IP :

Error:

Cannot find 'key 0' network adapter for container 2203

Resolution:
Use the following command to add interface:
vzctl set VEID --netif_add
Make this interface as preferred one to add IP address and do any other per-interface operations:

e.g.
vzctl set VEID –netif --ipadd

Thursday, June 18, 2009

Find Plesk password in Windows & Linux:

Windows:

C:/>"C:\SWSoft\Plesk\admin\bin\plesksrvclient.exe" -get
Getting Plesk Administrator Password


Linux:

root@localhost#cat /etc/psa/.psa.shadow
Password

Virtuozzo Container RDP not working

Login to HW Node:
First try set command:
vzctl set VEID --tsmode admin --save
Enter into container:
Check services running on the container using command:
net start
If terminal service is not enabled
netstat -aon |findstr 13389
Restart the container.

(SSH) Error: Starting OpenBSD Secure Shell server: sshd/var/run/sshd must be owned by root and not group or world-writable.

SSH not working on Linux VPS - Network time out or connection refused.

/etc/init.d/ssh start
Error:
Starting OpenBSD Secure Shell server: sshd/var/run/sshd must be owned by root and not group or world-writable.

Permissions have been modified for folder /var/run/sshd hence SSH is not working

Resolution

rm -rf /var/run/sshd/

invoke-rc.d ssh restart

Virtuozzo VPN activation on Linux VPS

Step 1:

Make sure the tun module has been already loaded on the hardware node:
# lsmod | grep tun

If it is not there, use the following command to load tun module:
# modprobe tun

Step2:

Granting container an access to TUN/TAP

Allow the container to use the tun/tap device:

vzctl set CTID --devices c:10:200:rw --save

vzctl set CTID --capability net_admin:on --save

And create the character device file inside the container:

vzctl exec CTID mkdir -p /dev/net

vzctl exec CTID mknod /dev/net/tun c 10 200

vzctl exec CTID chmod 600 /dev/net/tun

VPN Parameters have been activated to the container

Virtuozzo VZPP and Plesk services not available in Node- Resolutions

There are several reasons for VZPP and Plesk service failing on Node

Here are a list of resolutions which might help us

1) If this is for an Individual container (Apply commands for containers):
vzctl set CTID --offline_management no --save

vzctl set CTID --offline_management yes --save

2) If VZPP and Plesk services does not work for all containers:

Try restarting ServiceCT - (vzctl restart 1)

Try restarting vzoap service-

net stop vzoap

net start vzoap

Finally try recreating ServiceCT by following the procedure:

Check if unrequired Microsoft security updates are installed on the Node:Like update KB938464

Uninstall the update and install if any new Virtuozzo auto updates are available

Reboot the node

After reboot, stop Service Ct for recreation

vzctl stop 1

Destroy Service Ct -> vzctl destroy 1

Recreate ServceCT-> vzsveinstall -s IPADDRESS -w -f

Apply the commands for all containers

vzctl set CTID --offline_management no --save

vzctl set CTID --offline_management yes --save

After applying the commands VZPP and Plesk services should work fine
Thanks,

Bundling a Linux/UNIX instance

A root file system image needs to be bundled as an AMI in order to be used with the Amazon EC2 service. The bundling process first compresses the image to minimize bandwidth usage and storage requirements. The compressed image is then encrypted and signed to ensure confidentiality of the data, and authentication against the creator. The encrypted image is finally split into manageable parts for upload. A manifest file is created containing a list of the image parts with their checksums. This chapter provides an overview of the AMI tools that automate this process and some examples of their use.
The AMI tools are three command-line utilities:
1. ec2-bundle-image bundles an existing AMI
2. ec2-bundle-vol creates an AMI from an existing machine or installed volume
3. ec2-upload-bundle uploads a bundled AMI to S3 storage






Attaching an Elastic Block Store(EBS):

Creating a EBS & attaching to running instance:

1)Launch Server
2)Click on the “Volumes and Snapshots” tab in Elasticfox.
3)Press the green (+) symbol in the “Volumes” box.
4)Type in the size in gigabytes (GB) of the volume you would like between 1 and 1000. For the purposes of this demo, please use “50” to specify a 50 GB drive.
*Note: A volume must be in the same availability zone as an instance.
5)Click the OK button, and your Amazon EBS volume will be created. Take note of the volume id of the Amazon EBS volume you just created, because we will use it later.

After Few Minutes:

6)Login to Server
7)Select Start and click Run.
8)Type diskmgmt.msc and click OK. The Disk Management utility opens.
9)Right-click the Amazon EBS volume, select Initialize, and follow the on-screen prompts.
10)Format and use as local drive.





Installing the AMI Tools
The AMI tools are packaged as an RPM suitable for running on Fedora Core 3/4 with Ruby 1.8.2 (or greater) installed. On Fedora Core 4 Ruby can be installed by following the steps below. You will need root privileges to install the software. You can find the AMI tools RPM from our public S3 downloads bucket.
First install Ruby using the yum package manager.
# yum install ruby
Install the AMI tools RPM.
# rpm -i ec2-ami-tools-x.x-xxxx.i386.rpm
Installation Issues
The AMI tools libraries install under /usr/lib/site_ruby. Ruby should pick up this path automatically, but if you see a load error when running one of the AMI utilities, it may be because Ruby isn't looking there. To fix this, add /usr/lib/site_ruby to Ruby's library path, which is set in the RUBYLIB environment variable.

Documentation
The manual describing the operation of each utility can be displayed by invoking it with the --manual parameter. For example:
# ec2-bundle-image --manual
Invoking a utility with the --help parameter displays a summary and list of command line parameters. For example:
# ec2-bundle-image --help
Using the AMI Tools
Once a machine image has been created it must be bundled as an AMI for use with Amazon EC2, as follows. Use ec2-bundle-image to bundle an image that you have prepared in a loopback file, as described in the previous section.
# ec2-bundle-image -i my-image.img -k my-private-key.key -u 12345678
This will create the bundle files:
image.part.00
image.part.01
...
image.part.NN
image.manifest
Alternatively an AMI could be created by snapshotting the local machine root file system and bundling it all at once by using ec2-bundle-vol. (note: you will need to have root privileges to do this and SELinux must be disabled). Use ec2-bundle-vol to re-bundle a (modified) running instance of an existing AMI, as described in the previous section.
# ec2-bundle-vol -k my-private-key.key -s 1000 -u 495219933132
As with ec2-bundle-image, ec2-bundle-vol will create image parts files and a manifest file.
Note: If selinux is enabled when ec2-bundle-vol is run, the filesystem creation step may fail. Selinux should be disabled while this is done.

Uploading a Bundled AMI
The bundled AMI needs to be uploaded for storage in Amazon S3 before it can be accessed by Amazon EC2. Use ec2-upload-bundle to upload the bundled AMI that you created as described above. S3 stores data objects in buckets, which are similar in concept to directories. Buckets must have globally unique names. The ec2-upload-bundle utility will upload the bundled AMI to a specified bucket. If the specified bucket does not exist it will be created. However, if the specified bucket already exists, and belongs to another user, then ec2-upload-bundle will fail.
# ec2-upload-bundle -b my-bucket -m image.manifest -a my-aws-access-key-id -s my-secret-key-id
The AMI manifest file and all image parts are uploaded to S3. The manifest file is encrypted with the Amazon EC2 public key before being uploaded.

Bundling an Instance into an AMI (Windows):

S3 Bucket
S3 is a persistent data store that enables you to store objects, like an AMI. The bucket is similar to a folder on a file system so that you can keep your objects organized. The bucket name though is unique across all S3 users.

Bundling
Bundling is a method of taking a snapshot of the file system, so you can later boot from it. You can make a new AMI by modifying and extending an existing image (such as the one you just booted and logged onto), and then bundling it to use later.

Windows Operating Systems

Step 1: Make any Modifications
The first step in creating any AMI is to make any modifications to your running instance. To create a running instance, please follow the steps provided above.
Step 2: Bundle the Image
Once your modifications have been made to a running instance, you can bundle your instance into an AMI. This will automatically shut down your instance, take a snapshot, and restart it for you. To take the snapshot:
1. Launch Elasticfox by clicking on the “Tools” menu in Firefox, and selecting Elasticfox.
2. Click on the “AMIs and Instances” tab.
3. Refresh the “Your Instances” . This will ensure you have the most up to date list of instances shown on your screen.
4. Right click on the instance to bundle, and select “Bundle into an AMI”.

5. Enter in a S3 bucket name to store the AMI in and a name for the image, then click “OK”. Please ensure that the bucket name hasAssuming you have entered a valid bucket and image name, this will cause you to be switched to the “Bundle Tasks” tab where it will show you the status of the bundling process.

Step 3: Register the Image

Once the image has reached the “completed” state in the “Bundle Tasks” tab, you just need to register the AMI to make it available for you to use. To do this:

Amazon EC2 Elasticfox

1. Ensure you are on the “Bundle Tasks” tab, by clicking on the “Bundle Tasks” tab.

2. Right click on the bundle to register, and select “Register a new AMI”. If successful,

this will take you back to the “AMIs and Instances” page and select the newly created AMI. Now you can launch that instance if you need.

(Or)

S3Fox

1. Start Firefox->Tools->S3 Organizer--->

2. Alert box : Click OK

3. Manage Accounts--->







4. The buckets loads after authentication.

5. To boot the bundled instance(Windows only).





*Start Elasticfox-->









After Registering AMI.

Search the AMI in the list of instances & Launch as usual.




To boot the Instance:(*Instances are Server images)

Step1:
Sign up for AWS, Ec2, S3,

aws.amazon.com/ec2/
Resources
Developer Resources

*Amazon Machine Images(AMIs)

Search for publicly available instances.

Select the desired instance.

Copy the AMI ID (Amazon Machine Image ID) to clipboard
eg: AMI ID: ami-9b3cd8f2


Step2:

Goto
aws.amazon.com/ec2/--> Your Account--> Access Identifiers (*) Click-->


1) Copy the Access key ID to notepad & save




2) Generate new Secret Access key &Copy the Secret Access key ID to notepad & save



3) X.509 Certificate--> Generate new certificate--> Download --> Upload the downloaded certificate.

Step3:

Download Elastic Fox plug-in for Firefox Browser to access Ec2.

http://s3.amazonaws.com

/ec2-downloads/elasticfox.xpi

Install-->Restart Browser.


1) Credentials:

Click credentials button--> Give Account Id(Generally Username

Given)


--> Access Key ID ----------------- (Saved in step2)

--> SecretAccessKey Id------------ (Saved in step2)

--> Click Add--> Close

After giving these info ElasticFox

authenticates and loads all instances into the browser.

2) Security Group:

Security Group tab--> (+) Click to add Security options

eg: Allowed incoming IP,Protocols,Ports etc,..

*Give a Group Name & Simple

description.-->Create Group



3) Keypair:

Keypairs tab--> (/) Click to create

a new key pair.-->Give a name for

Keypair-->OK



For Server Authentication.

Save the key file to local system.


Types of Instances:

Small - 32 bit platform

Large - 64 bit platform

Extra Large - 64 bit platform

_______________________________________________________________________

Step5:

AIM's & Instance Tab--> Select the

needed instance-->(Right Click)

Launch instance(s) of

AMI-->Select keypair-->Select

Security Groups to Lauch in

tab-->Launch(takes few mins to boot)




*Search box can be used to Search the instance, or give the Searched instance AMI ID to boot.

Step6:

For Windows instances:

->Your Instances Tab--> Select Instance (Right Click)->Show Console Output.Wait till the message Windows is Ready,

->Select Instance (Right Click)->Get Administrator Password-->Copy to clipboard->OK-->open notepad->paste & save,

->Select Instance (Right Click)->Connect to public DNS->Remote desktop connection is established, Login with the password.



For Linux:

->Convert the (keypair).pem file to .ppk using puttyGen.

->Select Instance (Right Click)->Connect to public DNS->Putty logs in as root,