Tops and Tops (15 of Them)

6 May 2009 — eric

There are so many variations on the original and good old useful version of Linux top that I figured I would list a few of the ones that I find handy on occasion. As with anything else, they all have their usefulness and each one can be more useful than any other at a particular time. You will need to figure out for yourself what is the most useful for what you are trying to accomplish.

I have used all of these at one time or another. They fall into the following general categories: general, network/service, and daemon. I am sure that are plenty more than I have listed here (in fact I know there are since I didn’t include any X based programs). If there is one that you find useful, please let me know about it as I always like to learn more about whats out there.

System

  1. atop
    Atop is an ASCII full-screen performance monitor that is capable of reporting the activity of all processes (even if processes have finished during the interval), daily logging of system and process activity for long-term analysis, highlighting overloaded system resources by using colors, etc. At regular intervals, it shows system-level activity related to the CPU, memory, swap, disks, and network layers, and for every active process it shows the CPU utilization, the memory growth, priority, username, state, and exit code.
  2. htop
    This is htop, an interactive process viewer for Linux. It is a text-mode application (for console or X terminals) and requires ncurses.

Network

  1. iftop
    iftop does for network usage what top(1) does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts.
  2. jnettop
    Jnettop allows administrators of routers to watch online traffic coming across the network in a fashion similar to the way top displays statistics about processes.
  3. nettop
    This program has a top like display which shows the different packet types. Possibly useful to determine the nature of packets on a given network and how much bandwidth they are using.
  4. ntop
    ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.
  5. dnstop
    dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network.
  6. pftop
    Pftop is a small, curses-based utility for real-time display of active states and rule statistics for pf, the packet filter. for OpenBSD.
  7. iptop

    8. Network tool for monitoring IPv4 activity. Iptraf, tcpdump, trafshow have not such ability. Gives sorted traffic load speed on each IP. Helps detect the channel overload and maybe sources of attacks. Requeres ULOG target of iptables.

Daemons

  1. mtop
    mtop (MySQL top) monitors a MySQL server showing the queries which are taking the most amount of time to complete.
  2. mytop
    mytop is a console-based (non-gui) tool for monitoring the threads and overall performance of a MySQL 3.22.x, 3.23.x, and 4.x server.
  3. innotop
    innotop is a ‘top’ clone for MySQL with more features and flexibility than similar tools.
  4. pgtop
    display PostgreSQL performance info like `top’
  5. apachetop
    Apachetop is a curses-based top-like display for Apache information, including requests per second, bytes per second, most popular URLs, etc.

Untried

  1. smbtop
    This is a part of the ISIS (Integrated Samba Inspection Service) Java framework. I have never tried this myself, but it would be great to see a top of what is currently being done by Samba on a machine.
Posted in System Administration. Tags: . 3 Comments »

Apache mod_proxy

16 Sep 2008 — eric

I came up against the interesting problem of putting multiple stand alone apache tomcat instances with different virtual host names on the same machine that all needed to be accessible via port 80 (on the same IP). There is always mod_jk, but that seems like a bit too much to fix a simple problem. Being a strong believer in the right tool for the right job, I came across mod_proxy. This way I get to take advantage of apache connection handling without having to put a whole proxy server in front of it. Because there is dispatching by virtual host to do, putting apache in front just seemed to be the best idea.

Since there aren’t too many clear HOWTOs on this, it took a bit of fudging. Here is what you need to know.

Let’s create the host http://port8080.lubow.org/ to go to http://8080.lubow.org:8080/.

The first thing is a fairly common default configuration of NameVirtualHost option. This is so you can have multiple virtual hosts per IP. Unless you are crazy (or have a really good reason), you do not want to create an open proxy. So you need to globally configure the ProxyRequests variable to be off. Do the base setup for a VirtualHost of ServerName and ServerAdmin.

Setup the proxy authorizations (similar to the apache allow/denys). In order for the right HTTP headers to make it to the proxy’d virtual host, the headers will need to be rewritten. This needs to happen both going to the host and coming back from the host going to the client. This is why there is the ProxyPass and ProxyPassReverse. The first argument is the URL that on the virtual host that should match the URL (second argument) on the proxy’d virtual host. The ProxyPreserveHost option is generally not needed (but it is for the specific application I am running. Click the link above to read the description to determine whether it is right for you.

Putting it all together, you will get a file that looks like below. Make sure you replace your IPs and hostnames with what’s appropriate for your environment.

ProxyRequests Off
NameVirtualHost 1.2.3.4:80

<virtualhost 1.2.3.4:80>
     ServerAdmin webmaster@lubow.org
         ServerName port8080.lubow.org
         <proxy *>
                  Order deny,allow
                  Allow from all
         </proxy>
         ProxyPreserveHost   On
         ProxyPass   / http://8080.lubow.org:8080/
         ProxyPassReverse    / http://8080.lubow.org:8080/
</virtualhost>
Posted in Apache. Tags: , . 5 Comments »

1 Extension, Multiple Phones

15 Jan 2008 — eric

In order to setup Asterisk to ring multiple phones from the same dialed extension, you will need to create a phantom extension. I accomplished this by doing the following…

Before we go any further, let’s use the following information as true. The extension we want to have ring in multiple places is extension 100. For sanity’s sake, let’s say we want it to ring in 3 places (regardless of the reason). This means that each phone will need its own extension and auth information according to the sip.conf.

First you need to assign each device (phone), its own extension. Let’s give each device the extension of <ext><n>. Therefore our 3 phones will have the extensions of 1001,1002,1003 respectively. Their entries in the sip.conf will look like this:

[1001]
type=peer
context=internal
username=1001
callerid=Eric Lubow <100>
host=dynamic
auth=1001@192.168.1.2
call-limit=100
nat=no
canreinvite=yes
mailbox=100@allstaff
disallow=all
allow=gsm
allow=ulaw
astdb=chan2ext/SIP/1001=1001

[1002]
type=peer
context=internal
username=1002
callerid=Eric Lubow <100>
host=dynamic
auth=1002@192.168.1.2
call-limit=100
nat=no
canreinvite=yes
mailbox=100@allstaff
disallow=all
allow=gsm
allow=ulaw
astdb=chan2ext/SIP/1002=1002

[1003]
type=peer
context=internal
username=1003
callerid=Eric Lubow <100>
host=dynamic
auth=1003@192.168.1.2
call-limit=100
nat=no
canreinvite=yes
mailbox=100@allstaff
disallow=all
allow=gsm
allow=ulaw
astdb=chan2ext/SIP/1003=1003

Next, in your extensions.conf, add the entry to ring all the extensions when the phantom extension is dialed. The Dial() command should now look as follows:

exten => 100,1,Dial(SIP/1001&SIP/1002&SIP1003,18)

A nice thing to do to (in order to not confuse the user) is, in your tftp files, ensure that the label on the phone (each phone) is still the actual extension of the phone that one would dial to get to it. Label the phone elsewhere with your REAL extension to keep track of it.

Posted in Asterisk. Tags: . 1 Comment »

Deleting Lots Of Files (SysAdmin problem solving exercise)

17 Dec 2007 — eric

Since I know I am not the first (or the last) to make a typo in logrotate and not catch it for a while…someone else must have been in the position of having to delete a lot of files in the same manner. I recently learned that, as usual, there is more than one way to handle it.

To put the situation in context, I basically allowed thousands of mail.* files to be created. These files littered the /var/log/ directory and basically slowed down the entire file system access. I figured out this a number of ways.

The first way was when I tried to do an ls anywhere, it would just hang. My first reaction was to check to see what was eating up the CPU. To do this, I did a top. I noticed that logrotate was hogging all the CPU cycles. Since I know that logrotate basically only operates on one parent directory (by default) /var/log, I headed on over there and did an ls. Once again, it just hung. Then I figured the file system was slow and decided to check out some file system information. The next two commands I ran were df -h and df -i. I ran the df -h to see if we were out of disk space (and yes I lazily use human readable format). I ran the second to check to see how many inodes were in use. (For more information on inodes, check out the wikipedia entry here).

Now that I know the system is short on inodes, I checked out the output of lsof. Now I know that we have some serious problems in the /var/log dir. After some quick investigation, I realized that there were too many mail.* files. How do I get rid of them? Glad you asked… Let’s assume that we want to delete ALL the mail.* files in the /var/log directory.

1) The easiest way is to do it with find:
1a) Using find‘s delete command:

[root@eric] /var/log # find ./ -type f -name "mail.*" -delete

or
1b) using find‘s exec command with rm:

[root@eric] /var/log # find ./ -type f -name "mail.*" -exec rm -rf '{}' \;

These will work, but either will be slow since they doesn’t do batch execution.

2) A slightly more preferred way is to use bash:

[root@eric] /var/log # for n in mail.*; do rm -v $n; done;

This is a little faster, but will still be relatively slow since there is no batch execution. (Note: The -v in the rm will cause quite a bit of output since it is showing you EVERY file it deletes. Feel free to leave this out if you really screwed up.)

3) The actual preferred method is to use find:

[root@eric] /var/log # find ./ -type f -name "mail.*" | xargs rm -f

I believe this is the preferred method because although it removes the files one at a time, it is more efficient for the file system since it batches it up.

There are certainly other ways to accomplish this task. It can always be done with a Perl one-liner or even using some Perl modules to save some time. These are just a few ideas to point someone in the right direction.

Posted in System Administration. Tags: , , . No Comments »
« Older posts «
Newer posts » »