Servers (*ix , scripting)

Reducing RTMPT disconnects on RED5

RED5RTMPT streams provided by RED5 are notorious for randomly disconnecting.

Chris Georgoulis and I extensively debugged this for a project and were able to reduce the disconnection rate from 90% to 40% for connections that lasted over 5 minutes. This was for a teleconferencing application that required 4 RTMPT streams in total (2 outgoing, 2 incoming) with a maximum buffer of 200ms.

RED5 by default has a maximum of 100 keep-alive requests. On the 100th request the server returns connection-close . By setting the limit to infinite we were able to improve the performance. RTMPT is quite vulnerable to disconnections and closing and reopening the socket connection plays a role.

As described by Chris, please go to /{red5_folder}/conf/jee-container.xml and modify the following element group with the extra <property> tags(this should be at line 21), and then restart red5:

More

Quick Case: Apache Reverse Proxy for Tomcat, Red5, and Websockets, on Redhat Linux

reverse proxyQuick post outlining the steps and config I used to forward 2 different ports to 2 different servers (tomcat and red5), and to enable websockets on a Redhat server running apache 2.4.5 .

Servers/Apps and Ports:

Apache  – port 80
Red5 – port 5081
Tomcat – port 8585

More

WordPress Revisr Plugin: Connecting with Github

Revisr“Revisr is a Git and WordPress database plugin that allows you to keep track of your web projects in version control. Revisr eliminates redundant interfaces in your workflow and allows you to focus on the task at hand.” – Revisr

That sounds well and good. However, configuration required a few steps and below we document them.
It is needed to install git, create certificates, upload them to github, and also set appropriate permissions.

Steps

            1. Temporarily allow login by the www-data account.
              Open /etc/passwd with nano or vi, and replace :usr/sbin/nologin with :/bin/bash
              See: http://programster.blogspot.gr/2014/05/ubuntu-1404-allow-login-as-www-data-user.html


            2. Install git.
              sudo apt-get install git

            3. Create a certificate for www-data user and set permissions.
              a) Go to www directory and change owners:

              ~/# cd /var/www
              /var/www# chown www-data .
              

              b) Generate a certificate:

              sudo -u www-data ssh-keygen -t rsa
              

              You shouldn’t enter a passphrase and you should see the correct key.


            4. Open the generated certificate and copy the text inside:
              root@server:/var/www/# cd .ssh
              root@server:/var/www/.ssh# cat id_rsa.pub
              ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOL…etc

            5. Go to Github site and upload the certificate.
              A) See step 4 of https://help.github.com/articles/generating-ssh-keys/
              B) Add your specific key to the github website at: https://github.com/settings/ssh


            6. Test the connection to github:
              sudo -u www-data bash
              ssh -T git@github.com

              You should see:

              Hi username! You've successfully authenticated, but GitHub does not # provide shell access.
              Type "Exit" to exit www-data terminal and type "sudo bash" to start root terminal.
              

              Type:

              exit
              sudo bash

            7. Go to the wordpress directory and set the correct permissions. Reference: http://stackoverflow.com/questions/18352682/correct-file-permissions-for-wordpress

              chown www-data:www-data -R *          # Let apache be owner
              find . -type d -exec chmod 755 {} \;  # Change directory permissions rwxr-xr-x
              find . -type f -exec chmod 644 {} \;  # Change file permissions rw-r--r-

            8. Create a github repository and then connect revisr with this:
              Use the notation for SSH remote URL ( do not use https address).
              Example: in Remote URL enter: git@github.com:developerAccount/project.git


            9. Create a github repository inside the wordpress folder (see here for more info):
              A) Go to your folder and execute

              git init

              B) You should now be able to add and commit files using either the command line or the revisr command panel


            10. Check to see that permissions are correct for your wordpress git repository. You can run ls -lqa to check the owner and check within the .git folder as well. The following commands should be sufficient to set correct ownership to www-data:
              chown www-data:www-data -R .[^.]*
              chown www-data:www-data .
              

The following steps should do it. Post your comments or questions below or send me an e-mail.

Build a Server – Client Application in C that executes concurrently Terminal Commands

In this post we will build a server – client application that will get our hands dirty with signals, fork, named pipes and the exec command. This application has a very simple concept:

“Client creates, with a new process, the Server and sends to him terminal commands using as interprocess communication a named pipe (aka fifo pipe)”

Moreover this model must executes terminal commands concurrently and we accomplish that using a signal handler. To be more specific when a client sends through the named pipe a command, the server wakes up because the signal handler  receives the SIGCONT signal and changes the wake up variable from 1 to 0. This wake up variable is being used in the server to keep him in sleep mode and not busy waiting. Let’s see a simple example with just the mechanism of it:
More

Tunneling to VNC over SSH

You may want to connect to a headless/monitorless linux pc with a vnc server running that only exposes an SSH port.

I have used the following steps from windows.

  1. Server:
    Run VNCServer

    If not running already start your server.  You can set the resolution using -geometry tag. This will open a new port/session.

    vncserver -geometry 1920x1200

     

  2. Workstation:
    Create the tunnel to VNC port
    This maps the local pc port 5905 to localhost:5905 on the remote machine. VNC uses ports 5901 to 5909.

    ssh -L 5905:localhost:5905 menelaos@menelaos.server.net -p 22

     

  3. WorkStation:
    Create tunnel if needed of X-Server

    ssh -L 6005:localhost:6005 menelaos@menelaos.server.net -p 22

    More

Bash script to monitor server HTTP output length and e-mail an alert

Below is an example of a script that uses CURL to monitor the length of various HTTP server outputs and output a response if this is different than 103 characters.
This is my first bash script, so I had some reading/experimenting to do and it is quite rough.

Creating a multi-boot system USB boot Disk

I found a multi-boot USB disk creator called YUMI. It can be downloaded at: http://www.pendrivelinux.com/yumi-multiboot-usb-creator/

This disk allowed to be create a USB disk that contains:

  • Lubuntu
  • Hiren’s Boot CD
  • Windows XP SP3 install/repair CD

This allows the creation of a USB stick containing all needed linux/windows repair disks and live operating systems.

Running Java on Fujitsu Q700 NAS Server

NAS+JavaSmall post how I got java to work on Q700 NAS Server.
If you check the Datasheet for the server ( here ), you will see the Processor is a  Marvell 6281 1.2 GHz  . Essentially, this is a ARM 5 processor.
Based on some instructions from here , I navigated to http://www.oracle.com/technetwork/java/javase/downloads/embedded-jsp-135769.html ,
and downloaded the version ARMv5 Linux – Headless EABI, SoftFP, Little Endian2 .

All that remained was untar-ing the content onto the NAS, and executing  java – version.
JavaEmbedded

Easily validating your Varnish cache VCL file and other quick tips

I’ve been playing around with varnish lately and had to make a change in a VLC file to perform URL re-writing before following with “hashing”, lookup, and if necessary forwarding to tomcat.
For anyone wanting further information on the varnish pipeline, as well as why someone should use varnish I recommend the following two articles:

1) http://open.blogs.nytimes.com/2010/09/15/using-varnish-so-news-doesnt-break-your-server/?smid=tw-share
2) https://www.varnish-software.com/static/book/VCL_Basics.html

More

A basic SQUID configuration providing Internet access through a specific network (Using VPN)

Hey,

Setup my first proxy server today on a linux box using squid 2.7 for the specific purpose of re-routing my traffic through a Thessaloniki company network which has a static ip.
This was for the purpose to access specific services; services that are only accessible with that IP and which I needed.
I wanted to avoid the cycle of uploading code, executing and debugging only to upload again…

Diagram:
My Laptop -> VPN Connection Through Internet -> Server Behind Router running Squid -> Internet

This was a very frustrating process as the access denied message kept on rearing its’ uglyhead despite   http_access allow commands
/var/logs/squid/access.log was littered with entries such as:

1347741694.553  0   10.9.8.90   TCP_DENIED/403   1539   GET
http:/www.google.com  
– NONE/   text/html

As it took some troubleshooting I’m writing my 2 cents below which helped me personally as well as including my squid.conf:

More