Why ISCSI Multipath?

By now, you’ve heard from a hundred different sources that moving your operations to the cloud is better, save you money and all the incredible things can be done on Cloud and not on the conventional hosting infra. Frankly, many web hosters jumped on the cloud bandwagon with smaller investment and little knowledge.

Getting a cloud infra connected to internet and having a resilient cloud infra are entirely different matters. I’ve been hearing many cases of VM failed due to missing drive and data corruption, which has been identified one of the common short fall on connectivity redundancy from servers to storage.

Main purpose of multi-path connectivity is to provide redundant access to the storage devices when one or more of the components in a path fail. Another advantage of multi-pathing is the increased throughput by way of load balancing. Common example for the use of multi-pathing is a iSCSI SAN connected storage device. You will have redundancy and maximum performance and especially important feature to be deployed for a more populated cloud environment.

How To Set Up Master Slave Replication in MySQL

It’s pretty straight forward to setup Master and Slave replication that might sound complicated. It’s obvious that you 1st need two MySQL running instances and identify which is your master and which is your slave.

On your Master MySQL configuration file, vi /etc.my.cnf
 server-id = 1
 log-bin = mysql-bin
 log-bin-index = mysql-bin.index
 expire-logs-days = 10
 max-binlog-size = 100M
 binlog-do-db = newdatabase

Restart MySQL:service mysqld restart

A new SQL user needs to be created on the master:

create user mysqslave;
 create user 'mysqlslave'@'*';
 grant replication slave on *.* to mysqlslave identified by 'NEWPASSOWRD';
 flush privileges;

Next we need to extract some information on the Master MySQL with this command
show master status G

You will probably see something similar
*************************** 1. row ***************************
File: mysql-bin.000001
Position: 199
Binlog_Do_DB: newdatabase
1 row in set (0.00 sec)

Go to Slave MySQL server
Open up my.cnf and insert these


save and service mysqld restart

Now enter MySQL admin with root to insert this

change master to
 start slave;

Now, check status with
 show slave status G

Look for error if any. Common mistake is usually on the master_log_pos is wrong if you have cut and pasted my command from this tutorial 😛

Congratulation, you have completed the Master and Slave MySQL replication.

“Screen” is very useful

The 1st thing I would tell a junior engineer, learn how to use “screen”. It’s extremely important tool allowing us to run scripts or commands in their own virtual window within the terminal, essentially allowing us to have a terminal on multi-tasking environment where we can switch between windows or another users at will. These are useful features that may help you in your daily administration tasks.

  • Use multiple shell windows from a single SSH session.
  • Keep a shell active even through network disruptions.
  • Disconnect and re-connect to a shell sessions from multiple locations.
  • Run a long running process without maintaining an active shell session.


If you do not have screen, then you can install it easily from an RPM or the package file for your system. For example, on CentOS you can install screen with yum: yum install screen

Basic but useful command with Screen
List a particular users screen sessions:

screen -list username/

(it’s important to have forward slash)

List your own active screen sessions:

 screen -ls

Re-attach to  users screen and session:

screen -x username/shared-session

Start a screen session and give it a unique name:

screen -S desired name

Detach from a running screen session leaving it running in the background:
Hit the key combination: Control + A/a + D/d (not case sensitive)
Re-attach to a specific screen you’ve named:

 screen -R "the screen name to be re-attached"

Power detach a screen that you are logged into from another location:
This is helpful if you’ve been accidentally disconnected from ssh while in a remote screen session and it’s still attached.

screen -D "the screen name to be detached"

Website is not showing up

In spite of the DNS and Zone records have been filled in correctly, website is still showing the cPanel Default Page. This is usually caused by IP has been wrongly assigned on WHM during setup of the account.

  • If you 2 or more IP address on your VPS, check the domain name has been assigned to the correct one that has been used in your DNS Zone records.
  • If you have only been assigned with only 1 IP address, verify the IP address beside your domain name in WHM under List Accounts from the side menu. If the IP address is different with your assigned IP, this is likely you have a mis-configured cPanel or the shared IP has not been configured correctly. To correct this, find Basic WHM/ cPanel setup, scroll down to shared IP section [* The IP address (only one address) that will be used for setting up shared IP virtual hosts.], update the IP with the correctly assigned one and save changes. Next, select Change Site’s IP address from side menu and update the IP for the domain accordingly.


PLESK Subscription expiration

Since PLESK 10, I’ve observed that one of the most common mistake made on Plesk is the subscription expiration. This is usually neglected when PLESK is created under service provider view. Any subscription created with default settings has a 12 month validity period and will be automatically suspended by PLESK when it is expired. If you are seeing website returns a 503 page or service unavailable and this is likely the cause.

To verify your settings, sign in as admin, root or administrator to your Plesk Panel. From the menu on left hand side, select Subscription. Now, select the subscription highlighted in “RED” with an exclamation mark and choose “Customize”.

Scroll all the way down, you will find the expiration date section. To rectify, check on unlimited or select a later date and “Update”.

Remember to hit on the “Activate button” if your subscription has been suspended.






Why SAS Hard Drives are better

At Vastspace, we insist on only SAS Hard Drives or Enterprise SSDs for our servers. It’s because SAS Hard Drives are the most reliable, maintain their performance under more difficult conditions, and perform much better than compares to either Near Line SAS or SATA disks.

In reliability, SAS hard drives are an order of magnitude safer than either Near Line SAS or SATA disks. The metric is measured in bit error rate (BER), or how often bit errors may occur on the media. With SAS hard drives, the BER is generally 1 in 10^16 bits. Read differently, that means you may see one bit error out of every 10,000,000,000,000,000 (known as 10 quadrillion) bits. By comparison, SATA drives have a BER of 1 in 10^15 (1,000,000,000,000,000 or 1 quadrillion). Although this does make it seem that SATA disks are pretty reliable, when it comes to absolute data protection, that factor of 10 can be major.

SAS hard drives are also built to more exacting standards than other kind of hard drives. SAS hard drives have a mean time between failure (MTBF) of 1.4 million hours or higher compared to 1 million hours or lower for most SATA hard drives.

Here’s a good article on Choosing Between SAS vs. SATA Hard Disk for Your Server RAID System from Intel: http://download.intel.com/support/motherboards/server/sb/enterprise_class_versus_desktop_class_hard_drives_.pdf

If your computer is infected?

LastPass has created a Web tool that makes it easy to check to see if your computer is infected. You can check by simply clicking on this link. To manually check for the Superfish adware and uninstall it, head to the Windows Control Panel, select Programs and click Uninstall a Program. Search the list for VisualDiscovery. If it is there, click the program and select Uninstall.
You’re not finished yet, though, there is one more step. You must also uninstall the Superfish certificates. Start by clicking the Windows Start button and typing certmgr.msc in the search box.
Launch the certmgr.msc program, click on Trusted Root Certification Authorities, followed by Certificates. Search through the certificates for anything mentioning Superfish Inc. Once you have found the certificates, right-click them and select Delete. To make sure you have fully removed the program, restart your browser and revisit the LastPass web tool.

WHM/ cPanel Version 11.42 Now EOL

cPanel & WHM software version 11.42 has now reached End of Life.
In accordance with cPanel EOL policy [http://go.cpanel.net/longtermsupport], 11.42 will continue functioning on servers. The last release of cPanel & WHM 11.42,, will remain on cPanel mirrors indefinitely. However, no further updates, such as security fixes and installations, will be provided for 11.42. Older releases of cPanel & WHM 11.42 will be removed from their mirrors.
If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at http://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that cPanel knowledgeable support team can provide recommendations, migration assistance, and more.

Squid Proxy with multiple outgoing IP

1. SSH to your Linux Cloud Server or SSD Cloud Server

yum -y install squid
chkconfig squid on

2. mv /etc/squid/squid.conf /etc/squid/squid.conf.original

3. vi /etc/squid/squid.conf

4. add this into the configuration file

http_port 3128

acl manager proto cache_object
acl localhost src ::1
acl to_localhost dst ::1
acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_access  # change to lib64 for 64bit Centos
auth_param basic childred 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl ncsaauth proxy_auth REQUIRED
http_access allow ncsaauth
forwarded_for off
acl ip1 myip
tcp_outgoing_address ip1
acl ip2 myip
tcp_outgoing_address ip2
acl ip3 myip
tcp_outgoing_address ip3
acl ip4 myip
tcp_outgoing_address ip4
acl ip5 myip
tcp_outgoing_address ip5
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all

5. Save squid.conf

6. chkconfig squid on

7. Restart Squid with “service squid restart”