Remote cPanel backup via FTP

Here is the scenario:

– Domain that needs to be backed up (public_html, mail, database).
– Only access available via cPanel and FTP.
– Need automated daily full backup.

Solution:

– Take full backup on server and compress its contents (cronjob on remote server)
– Download via FTP the compressed file to the local machine (cronjob on local machine).
– Delete compressed file.

There might be tools that do this, although I didn’t come across any while looking on the web. I implemented a simple solution based on bash scripts that gets the task done.

– backup.sh: Goes on the remote server to run as a cronjob.
– ftp.sh: Runs locally (on the machine that will store the backup) as a cronjob.
– .netrc: Defines the FTP account details (stored in /home/$user/.netrc)

Advertisement

Java HTTP library

Being in need to issue POST requests from within a Java application, and wanting re-usable code, I created a very simple Java library for issuing POST and GET requests to a remote server.

POST source code – GET source code

Usage (POST example):

POST post = new POST();
post.postRequest("http://www.myservice.com/service", "param1=foo&param2=bar", "Mozilla/5.0");

In other words, the arguments are:

post.postRequest(SERVER_URL, PARAMETERS, AGENT);

The output can be manipulated as desired, depending on what you response you except you should use a corresponding element/object.

An ARM comparison: Raspberry Pi vs OpenRD Client

Bellow there’s a comparison between Raspberry Pi (Model B) and OpenRD Client, two low-power ARM SoC (System on a Chip), running Linux (Rasbian and Fedora respectively). I used the EEMBC CoreMark benchmark with default settings for 100000, 1000000 and 2000000 iterations. For each set, each device keep its performance with the same rate of iterations per second. The difference between the devices is at, an average level of, 520 iterations per second. That translates to 1.4x faster in favour of the OpenRD Client.

While OpenRD Client performs better, in terms of efficiency, Raspberry Pi seems to doing much better. In terms of CPU, Raspbeery Pi uses a 700MHz (with the possibility of setting it up to 1GHz) ARMv11 processor while OpenRD Client an older 1.2GHz Marvell Sheeva (ARMv5TE). ARMv11 supports an FPU unlike ARMv5 and that is one of the reasons that Raspberry Pi performs quite well despite its lower specifications. In terms of memory, Raspberry Pi uses 256MB DDR2 800MHz (newer models have 512MB RAM), in share with its relatively powerful GPU, while OpenRD Client uses 512MB DDR2 800MHz. OpenRD Client also provides Gigabit Ethernet as well as many more I/O interfaces. Also, OpenRD has preloaded OS, unlike Raspberry Pi that boots from an SD card. During this benchmark, Raspberry Pi was running Rasbian “Wheezy” (unofficial Debian port to armhf) while OpenRD Client Fedora 8.

(Raspberry Pi diagram – http://www.raspberrypi.org/wp-content/uploads/2012/04/Raspi_Iso_Blue.png)

(OpenRD Client Hardware Block diagram – http://www.globalscaletechnologies.com/skins/skin_1/images/OpenRD-Client_back.PNG)

HPC-Europa2 Virtual Cluster liveDVD – milestone6 (final release)

The JRA2 team is proud to announce the release of HPC-Europa2 live DVD milestone 6. You can download milestone 6 ISO image (compressed with size 1.7 GB) from the below links:

CINECA (Italy) – http://www.hpc-europa.eu/?q=node/142
EPCC (Scotland) – http://hpce2jra2.epcc.ed.ac.uk/milestone6.iso.gz
HLRS (Germany) – https://fs.hlrs.de/projects/live-ptd/iso/milestone6.iso.gz

Release Note for Milestone 6
============================
The Virtual Cluster liveDVD:
* provides tools and libraries that are installed and used at the partner sites.
* emaulates the environment of the platforms available at HPC-Europa centers.
* allows hands-on building of a virtual cluster.

The liveDVD contains training and dissemination material published by the
HPC-Europa2 project, including material from the partner centers such as slides,
video tutorials and example code. Optional access to a source code repository enables
the migration of code and data from the Virtual Cluster to the user account created
on the HPC-Europa machines.

The liveDVD is based on SliTaz GNU/Linux, a free operating system, working completely
in RAM and booting from a removable media. The file size of the SliTaz GNU/Linux
3.0 ISO image is 29 MB. Hence, it leaves plenty of space for adding tools, libraries
and training material into this liveDVD. The SliTaz system is quick, responsive, and clean.
A lightweight and elegant desktop is included as well in the 29MB ISO image.

The milestone 6 ISO image has roughly the size of 3.8 GB including several tools
and libraries, as well as training material. Moreover, it contains a documentation
of how to build a virtual cluster using VirtualBox, and HPC-Europa2's Science and
Supercomputing in Europe research highlights for 2009 and 2010. Finally, this milestone
release addresses several bug fixes, such as firefox with flash support and
build scripts for Torque.

Since the previous release (milestone 5), existing packages have been updated, such as:
* MPICH2 to version 1.4.1p1
* Firefox to version 9.0.1 with flash support.
* Paraver to support the updated version of MPICH2.

In addition, this release has added several new packages:
* lava-1.0.6: Platform Lava - an open source version of Platform Load Sharing Facility (LSF).
* info (texinfo-4.13a) and man pages (man-db-2.6.0.2 and man-pages-3.35) for Linux documentation.
* Abiword and Gnumeric for office word documents and spreadsheets.
* Compiler wrappers (based on gcc and gfortran) to emulate Intel, IBM and NEC SX compilers.

You can download milestone 6 ISO image (compressed - size 1.7 GB) from the below link:
    http://www.hpc-europa.eu/?q=node/142

System Requirements
===================
* A laptop or computing with a DVD drive.
* Intel or AMD processor with a hardware virtualization support when using KVM
  and libvirt. Otherwise, this liveDVD can be run under VirtualBox or VMware or similar.

Known Issues
============
* PGI compilers require a license file in order to work (not included in this milestone).
* Totalview requires a license file in order to work (not included in this milestone).
  For requiring a demo license visit:
  http://www.roguewave.com/products/totalview-family/totalview.aspx
* On a MacBook Pro laptop, the mousepad does not work. Need to use an USB mouse
* Resizing video screen on VLC causes an unexpected exit of the program.
* VLC has no sound for viewing mkv videos.
* VLC cannot stream files or view incoming streams.

Acknowledgement
===============
This work was carried out under the HPC-EUROPA2 project (project number: 228398),
with the support of the European Community - Research Infrastructure Action of the FP7.

HPC-Europa2 Virtual Cluster liveDVD – milestone 5

The fifth release of the HPC-Europa2 Virtual Cluster liveDVD is available (milestone 5) for download:

CINCENA (ITA) - http://www.hpc-europa.eu/files/iso/milestone5.iso.gz
EPCC (UK) - http://hpce2jra2.epcc.ed.ac.uk/milestone5.iso.gz

Release Note for Milestone 5
============================
The Virtual Cluster liveDVD:
* provides tools and libraries that are installed and used at the partner sites.
* emulates the environment of the platforms available at HPC-Europa centers.
* allows hands-on building of a virtual cluster.

The liveDVD contains training and dissemination material published by the HPC-Europa2 project, including material from the partner centers such as slides, video tutorials and example code. Optional access to a source code repository enables the migration of code and data from the Virtual Cluster to the user account created on the HPC-Europa machines.

The liveDVD is based on SliTaz GNU/Linux, a free operating system, working completely in RAM and booting from a removable media. The file size of the SliTaz GNU/Linux 3.0 ISO image is 29 MB. Hence, it leaves plenty of space for adding tools, libraries and training material into this liveDVD. The SliTaz system is quick, responsive, and clean. A lightweight and elegant desktop is included as well in the 29MB ISO image.

The milestone 5 ISO images has roughly the size of 3.7 GB including several tools and libraries, as well as training material.

Since the previous release (milestone 4), existing packages have been updated, such as:

* Open MPI to version 1.5.4
* Midori with flash support
* Firefox to version 7.0.1

In addition, this release has added a new package to support EVO (http://evo.caltech.edu/)

System Requirements
===================
* A laptop or computing with a DVD drive.
* Intel or AMD processor with a hardware virtualization support when using KVM and libvirt. Otherwise, this liveDVD can be run under VirtualBox or VMware or similar.

Known Issues
============
* Totalview requires a license file, which is no included, in order to work.
For requiring a demo license visit:
http://www.roguewave.com/products/totalview-family/totalview.aspx
* On a MacBook Pro laptop, the mousepad does not work. Need to use an USB mouse
* Resizing video screen on VLC causes an unexpected exit of the program.
* VLC has no sound for viewing mkv videos.
* VLC cannot stream files or view incoming streams.
* Flash cannot be viewed under Firefox. Use Midori instead.

Acknowledgement
===============
This work was carried out under the HPC-EUROPA2 project (project number: 228398),
with the support of the European Community – Research Infrastructure Action of the FP7.

Ethernet device rename

I have been looking recently to find a way of creating a bridge interface on SliTaz in order to get KVM/libVirt working with the expected br0 interface. Unfortunately, the network configuration files of SliTaz do not provide any information, neither the documentation. A post on the forum didn’t get any replies either. Rather than trying figuring how a proper bridge interface would work on SliTaz, I thought of renaming eth0 to br0, as the later would be expected by KVM/libVirt. As far as I know the following process would need to be followed for other distros as well as there is no specific way of renaming an interface other than using udev rules.

On SliTaz, the required udev rule is defined /etc/udev/rules.d/70-persistent-net.rules. The default entry looks like the following (where Xs the MAC address):

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="XX:XX:XX:XX:XX:XX",
ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

The generated rule matches the eth0 interface with the specific network card. The required change is the renaming of the NAME field to br0. If the targeted system is a virtual machine with changeable MAC address, or most likely a live distro like in my case, the ATTR field, that specifies the MAC address, would need to be changed as well. Changing it to 0* would work and on the next boot the device should be renamed. The final udev rule:

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="0*",
ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="br0"

There is one more addition to do on SliTaz and that is to rename the default ethernet device in /etc/network.conf from eth0 to br0. That would allow higher level applications and scripts to look for br0 rather the non-existant eth0.

Simple and very basic PBS/Torque emulator

PBS (Portable Batch System) is one of the common batch systems used across clusters. Unfortunately, proprietary piece of software. There used to be an open source version, OpenPBS which has been forked to Torque. Torque can be installed and configured to perform the basic operations within 15-20 minutes. Although, for evaluation purposes, I have wrote a *very simple* emulator for PBS/Torque. All it provides is three scripts:

– qsub -> submitting a job
– qstat -> displaying job list
– qdel -> removing job(s)

A virtual job can be submitted, without need of proper PBS or Torque-like submission script and other parameters. The parameters each script is accepting are:

– qsub – single virtual job: qsub test
– qstat – either username to list jobs of a user or none to list all jobs: qstat foobar
– qdel – single or list of job IDs to remove: qdel 1234 5678

Download: pbs-emu-0.1.tar.gz

OpenNebula DHCP leases – automatic lease discovery

OpenNebula uses a network template file that lists all the available IPs within a specific network that can be given to the Virtual Machines on an OpenNebula deployment. The template can define more details such as gateway, resolves, network class and so on. In our case, we just need a list of available leases for the VMs to pick up. The following script automates the process of getting listed all the available IPs within the network range of the bridged interface of the OpenNebula host machine, starting from checking the first IP after that of the bridged interface.

############################################################################
# Copyright (C) 2011  Panagiotis Kritikakos <pkritika@epcc.ed.ac.uk>       #
#                                                                          #
#    This program is free software: you can redistribute it and/or modify  #
#    it under the terms of the GNU General Public License as published by  #
#    the Free Software Foundation, either version 3 of the License, or     #
#    (at your option) any later version.                                   #
#                                                                          #
#    This program is distributed in the hope that it will be useful,       #
#    but WITHOUT ANY WARRANTY; without even the implied warranty of        #
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         #
#    GNU General Public License for more details.                          #
#                                                                          #
#    You should have received a copy of the GNU General Public License     #
#    along with this program.  If not, see <http://www.gnu.org/licenses/>. #
############################################################################

#!/bin/bash

if [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
 echo
 echo " This script will generate the appropriate leases for the Open Nebula Virtual
         Machines."
 echo " It will generate leases that for unused IPs that map to the bridged interface."
 echo
 echo " The default bridge interface is br0. If you want to change this, pass another
        interface as an argument."
  echo
  exit
fi

if [ "$1" == "" ]; then
  BRIDGE=br0
else
  BRIDGE=$1
fi

IPADDR=`ifconfig $BRIDGE | grep "inet addr" | awk {'print $2'} | sed s/addr:*//g`
BCAST=`ifconfig $BRIDGE | grep "inet addr" | awk {'print $3'} | sed s/Bcast:*//g`
MASK=`ifconfig $BRIDGE | grep "inet addr" | awk {'print $4'} | sed s/Mask:*//g`
if [ -e /etc/debian_version ]; then
  NETWORK=`ipcalc -n $IPADDR $MASK | grep Network | awk {'print $2'} | sed 's/\./ /g' \
| awk {'print $1"."$2"."$3'}`
else
  NETWORK=`ipcalc -n $IPADDR $MASK | sed s/NETWORK=*//g | sed 's/\./ /g' | \
awk {'print $1"."$2"."$3'}`
fi

IPOCT=`ifconfig $BRIDGE | grep "inet addr" | awk {'print $2'} | sed s/addr:*//g | \
sed 's/\./ /g' | awk {'print $4'}`
BCASTOCT=`ifconfig $BRIDGE | grep "inet addr" | awk {'print $3'} | sed s/Bcast:*//g | \
sed 's/\./ /g' | awk {'print $4'}`

hostMin=$(($IPOCT + 1))
hostMax=$(($BCASTOCT - 2))
totalIP=$(($hostMax - $hostMin))

echo
echo " $(($totalIP + 1)) IPs will be checked for availability.
       That might take some time..."
iter=1

ONNET_FILE=hpce2_network.net

printf 'NAME = "HPCE2"\n' > $ONNET_FILE
printf 'TYPE = FIXED\n\n' >> $ONNET_FILE
printf "BRIDGE = ${BRIDGE}\n" >> $ONNET_FILE
echo
for LEASE in `seq $hostMin $hostMax`
do
  echo -n $iter " "
  ping -c 1 ${NETWORK}.$LEASE -W 1 > /dev/null;
  if [ $? -ne 0 ]; then
    printf 'LEASES = [ IP=''"'$NETWORK.$LEASE'"''] \n' >> $ONNET_FILE
  fi
  let iter++
done
echo
echo

Nedbank fraud: Phising with anti-phising

A couple of days ago I received one more e-mail appearing to originate from Nedbank Limited. The e-mail was about some new security measures taken by the bank to prevent fraud. The e-mail, as you can see bellow, is asking the user to download the attached file which is a link to the false logon page. Having tried to access the link today appeared to not work. Probably the service provider realised this was a fake page or the incident has been reported and disabled the account. Banks never send such e-mails, never require users to confirm their details in that way. Only the bank’s official page (assuming there’s no DNS poisoning) is the most secure way to keep up to date. Even if you think there is something suspicious with the banks website, you can always call them and ask for assistance.

lcfg-libvirt configuration

A quick entry on LCFG wiki on how to set up lcfg-libvirt on a LCFG host: https://wiki.lcfg.org/bin/view/LCFG/LcfgLibvirt. Assumes the existence of/access to a LCFG profile server.