THE BLOG

FibreChannel zoning template

Topic

A SAN (storage area network) provides the option of allocating resources for device load balancing and for selective data access only to certain users. This administrative setting is called Zoning and essentially allows the administrator to control who can access what data in a SAN.

Continue reading

StorNext metadata slowness

Topic

As the  SAN environment contains many moving parts from the storage subsystem, fibre channel HBA’s, SFP’s, optical wire, the FC and Ethernet switch all the way to the metadata disks and the StorNext file system from Quantum it cannot really be called trivial. Every now and then you may struggle with performance issues that might be caused by any part mentioned above.
In such a complex environment you need to have some troubleshooting skills or you will end up ripping your hair out. Although there are many parts, I am going to focus on the StorNext metadata side in this article as I have seen it a few times now and users ended up remaking the file system.

Situation

Your SAN is working as expected with a decent performance; however, suddenly you hear from your users that browsing a folder takes a loooong time. Continue reading

Shellshock Vulnerability – Bash bug

Just recently (24 September 2014) the Shellshock bug has been discovered in the Unix Bash shell which is a wide spread used shell. This is also a known bug for OS/X based systems. Especially servers reachable in the Internet could be compromised quite easily.  According to various statistics, 50% of the Internet is driven by Unix flavored systems and almost all ports like HTTP i.e. Meaning even if you do not allow access via SSH or Telnet to this server it could be compromised via HTTP and the executable interpreter underneath.

The bugs cause Bash to unintentionally execute commands when they are stored in specially crafted environment variables and compared to the SQL Slammer in 2003 (which brought the Internet down for 12 minutes) could be worse.

Robert Graham (at errata security) who has discovered the bug wrote a little test script to demonstrate the bug which convinces machines to execute the ping command.

What does the ShellShock bug could do?

An infected host (probably a web server) scans for it’s next targets (as many as he can reach) and induces them to download the exploit code and those in turn start scanning and exploiting. This could be used for a DOS (Denial Of Service) download malware or whatever the author of that script intends to do.

How can I test if my Bash shell is vulnerable or not?

You can run this simple command below which will tell you if your Bash in vulnerable or not:

env X="() { :;}; echo busted" bash -c "echo stuff"

Result: busted stuff = Bash welcomes the bug
Result: stuff = safe (for now?)

Are there patches available?

Almost all Unix flavors have a patch available which can be updated via yum, apt-get or your choice of package manager.

 

StorNext cvfsck free space fragmentation

Situation

Many StorNext users have a handful of tools that come with the default StorNext installation, basic or full blown with interface.

One of those tools which can assist in troubleshooting is cvfsck. The most common use of cvfsck is to verify the file system itself. It’s a simple and powerful command line tool if you use it for the right reasons.

Details

Checking the health of the file system can be done when the file system if active but not really recommended as the journal is updated frequently. It’s basically a sanity check which may lead you to the action to take the file system offline. Continue reading

Short-Sizing StorNext (cvfs) LUNs

Situation

Every now and then you may have seen it or never have … lucky you. Under certain circumstances you may face the problem that you have configured your RAID with the same LUN size or even have used the wizard of the RAID vendor and StorNext (and other tools) will show you a different size on the LUNs in the OS.

Details

As a starting point, let’s assume our configured RAID provides 4 LUNs to the system. Two of those LUNs have a sector size of 9065074317 and two LUNs have a sector size of 9065074333. This can be seen in the output of /usr/bin/cvfs/cvlabel -l as follows: Continue reading