All posts by admin

AWS RDS IAM Policy for Read Only Access and DB Logs Download

    "Version": "2012-10-17",
    "Statement": [
            "Action": [
            "Effect": "Allow",
            "Resource": "*"
            "Action": [
            "Effect": "Allow",
            "Resource": "*"

Creating graphs from SAR output

You must know that sar is a very effective tool to collect system activity or performance information from your system.
To collect all information:

sar -o test.log -A 1 3 2>&1 >/dev/null

This command will make a binary file from output, and you can display it with sadf command:

sadf -t -d test.log — -A

Sometimes, you would like to make graphs from these data, because diagrams are clear and better understandable than plain data.
The best way to create graphs from output of sar is kSar that is an Java-based application with gui.
You can download it from the following site:

This program can process sar text output and make diagrams from them, also it can save graphs as picture or export them into a PDF file.
If you have only the binary output of sar, you can convert it into text file with this command:

sar -A -f test.log >> sardata.txt

Now, you can import text file into kSar, with “Data/Load from text file…” menu entry.
Also, kSar has other useful functions, like remote sar running via SSH, for more details read kSar documentation.
Loading text file:sar-graph2-300x187 sar-graph-300x187 sar-main-300x187

Setup AWS Cloudwatch Memory and Drive Monitoring on RHEL

Download Scripts

Install Prerequisite Packages

sudo yum install wget unzip perl-core perl-DateTime perl-Sys-Syslog perl-CPAN perl-libwww-perl perl-Crypt-SMIME perl-Crypt-SSLeay

Install LWP Perl Bundles

  1. Launch cpan
    sudo perl -MCPAN -e shell
  2. Install Bundle
    install Bundle::LWP6 LWP YAML

Install Script

unzip -d /opt
rm -f

Setup Credentials

API Access Key (Option 1)

This is good for testing, but it’s better to use IAM roles covered in Option 2.

  1. Copy awscreds template
    cp /opt/aws-scripts-mon/awscreds.template /opt/aws-scripts-mon/awscreds.conf
  2. Add access key id and secret access key
    vim /opt/aws-scripts-mon/awscreds.conf
  3. Lock down file access
    chmod 0400 /opt/aws-scripts-mon/awscreds.conf

IAM Role (Option 2)

  1. Login to AWS web console
  2. Select Identity & Access Management
  3. Select Roles | Create New Role
  4. Enter Role Name
    1. i.e. ec2-cloudwatch
  5. Select Next Step
  6. Select Amazon EC2
  7. Search for cloudwatch
  8. Select CloudwatchFullAccess
  9. Select Next Step | Create Role
  10. Launch a new instance and assign the ec2-cloudwatch IAM role

You can not add an IAM Role to an existing EC2 Instance; you can only specify a role when you launch a new instance.


This won’t send data to Cloudwatch.

/opt/aws-scripts-mon/ --mem-util --verify --verbose


MemoryUtilization: 31.7258903184253 (Percent)
Using AWS credentials file <./awscreds.conf>
Payload: {"MetricData":[{"Timestamp":1443537153,"Dimensions":[{"Value":"i-12e1fac4","Name":"InstanceId"}],"Value":31.7258903184253,"Unit":"Percent","MetricName":"MemoryUtilization"}],"Namespace":"System/Linux","__type":"com.amazonaws.cloudwatch.v2010_08_01#PutMetricDataInput"}

Verification completed successfully. No actual metrics sent to CloudWatch.

Report to Cloudwatch Test

Test that communication to Cloudwatch works and design the command you’ll want to cron out in the next step.

/opt/aws-scripts-mon/ --mem-util --mem-used --mem-avail

After you run this command one point-in-time metric should show up for the instance under Cloudwatch | Linux System

Create Cron Task (as root)

Now that you’ve tested out the command and figured out what you want to report it’s time to add a Cron task so it runs ever X minutes. Usually 5 minutes is good.

  1. Edit cron table
    crontab -e
    */5 * * * * /opt/aws-scripts-mon/ --mem-util --mem-used --mem-avail --disk-space-util --disk-path=/ --from-cron

Create Cron Task (as other user)

You may want to create a user that runs the cron. Here’s an example using a user named cloudwatch

  1. Create user
    useradd cloudwatch
  2. Disable user login
    usermod -s /sbin/nologin cloudwatch
  3. Set ownership
    chown -R cloudwatch.cloudwatch /opt/aws-scripts-mon
  4. Edit cron table
    crontab -e -u cloudwatch
  5. Add cron job
    */5 * * * * /opt/aws-scripts-mon/ --mem-util --mem-used --mem-avail --swap-used --disk-space-util --disk-path=/ --from-cron

Verify Cron Job Ran

One way to verify the cron job ran is to look in the cron log.

less /var/log/cron
tail -f /var/log/cron


Monitor Script Arguments

Name Description
–mem-util Collects and sends the MemoryUtilization metrics in percentages. This option reports only memory allocated by applications and the operating system, and excludes memory in cache and buffers.
–mem-used Collects and sends the MemoryUsed metrics, reported in megabytes. This option reports only memory allocated by applications and the operating system, and excludes memory in cache and buffers.
–mem-avail Collects and sends the MemoryAvailable metrics, reported in megabytes. This option reports memory available for use by applications and the operating system.
–swap-util Collects and sends SwapUtilization metrics, reported in percentages.
–swap-used Collects and sends SwapUsed metrics, reported in megabytes.
–disk-path=PATH Selects the disk on which to report.PATH can specify a mount point or any file located on a mount point for the filesystem that needs to be reported. For selecting multiple disks, specify a –disk-path=PATH for each one of them. To select a disk for the filesystems mounted on / and /home, use the following parameters:
–disk-path=/ –disk-path=/home
–disk-space-util Collects and sends the DiskSpaceUtilization metric for the selected disks. The metric is reported in percentages.
–disk-space-used Collects and sends the DiskSpaceUsed metric for the selected disks. The metric is reported by default in gigabytes.Due to reserved disk space in Linux operating systems, disk space used and disk space available might not accurately add up to the amount of total disk space.
–disk-space-avail Collects and sends the DiskSpaceAvailable metric for the selected disks. The metric is reported in gigabytes.Due to reserved disk space in the Linux operating systems, disk space used and disk space available might not accurately add up to the amount of total disk space.
–memory-units=UNITS Specifies units in which to report memory usage. If not specified, memory is reported in megabytes. UNITS may be one of the following: bytes, kilobytes, megabytes, gigabytes.
–disk-space-units=UNITS Specifies units in which to report disk space usage. If not specified, disk space is reported in gigabytes. UNITS may be one of the following: bytes, kilobytes, megabytes, gigabytes.
–aws-credential- file=PATH Provides the location of the file containing AWS credentials.This parameter cannot be used with the –aws-access-key-id and –aws-secret-keyparameters.
–aws-access-key-id=VALUE Specifies the AWS access key ID to use to identify the caller. Must be used together with the –aws-secret-key option. Do not use this option with the –aws-credential-file parameter.
–aws-secret-key=VALUE Specifies the AWS secret access key to use to sign the request to CloudWatch. Must be used together with the –aws-access-key-id option. Do not use this option with –aws-credential-file parameter.
–verify Performs a test run of the script that collects the metrics, prepares a complete HTTP request, but does not actually call CloudWatch to report the data. This option also checks that credentials are provided. When run in verbose mode, this option outputs the metrics that will be sent to CloudWatch.
–from-cron Use this option when calling the script from cron. When this option is used, all diagnostic output is suppressed, but error messages are sent to the local system log of the user account.
–verbose Displays detailed information about what the script is doing.
–help Displays usage information.
–version Displays the version number of the script.

English Vocabulary Latin Prefixes

Latin Prefixes :

SNo. Prefix Meaning Examples
1 A- not, without amoral, APATHY, ANOMALY
2 AB-, ABS- away from, off, apart abrupt, ABSCOND, ABSTRACT
3 AD-, AC-, AN-, AS- toward, against advent, accurate, ANNOTATE, assent
4 AMBI-, AMB- around, about, on both sides AMBIGUOUS, AMBIVALENT
5 ANTE- before, in front of, early antecede, antedate, antebellum
6 ARCH main, chief archangel, archbishop, archenemy
7 BI- two bifurcate, biannually
8 BENE- well BENEFACTOR, benefit, beneficial
9 CIRCUM-, CIRA- around, about circumflex, circumference, circa
10 CIS- on this side of cislunar, cisalpine
11 CON- with, together concur, concede, CONSCRIPT
12 COM-, COR-, COL- together, with, very COMPRISE, corrode, colleteral
13 CONTRA- against contradict, controversy, contravene
14 COUNTER- against counterfeit, counterclockwise
15 DE- down, down from, off, utterly deformed, defoliate, descend, depress
16 DEMI- half, partly belongs to demisemiquaver, demigod
17 DIS-, DI-, DIF- apart, in different directions DIGRESS, divorce, dispute, DISCERN
18 DU-, DUO- two duet, duplicate
19 EM- EN- in, into embrace, enclose
20 EX-, E-, EF-, EC- out, out of, from, away EXTOL, event, expel, evade, ELUCIDATE
21 EXTRA-,EXTRO- outside of, beyond extraordinary, extrovert, EXTRAPOLATE
22 FORE before forestall, forgo, forebear
23 IN-, I-, IL-, IM-, IR- in, into, on, toward, put into, incision, impel, impulse, irrigate,
24 not, lacking, without illegal, ignominious, impure, immoral,
25 (same as above) immodest, indecent, INCOHERENT
26 INDU-, INDI- a strengthened form of IN- indigent
27 INFRA- below, beneath, inferior to, after infrared, infrasonic
28 INTER-, INTEL- among, between, at intervals intercede, intercept, intellect
29 INTRA- in, within, inside of intramural, intravenous
30 INTRO- in, into, within introduce, introspective
31 JUXTA near, beside juxtapose, juxtaposition
32 MAL-, MALE- evil, badly malformed, malicious, malaise, maladroit
33 MEDI-, MEDIO- middle median, mediocre
34 MILLI-, MILLE- thousand millennium, millimeter
36 MULTI-, MULTUS- much, many multifaceted, multiply, multilevel
37 NE- not neuter, NEUTRAL
38 NON- not (less emphatic than IN or UN) nonresident, nonconformity
39 NUL-, NULL- none, not any nullify, nullification
40 OB-, OF-, OC-, toward, against, across, down, for oblong, OBDURATE, offer, occasion, occur
41 OP-, O- toward, against, across, down, for oppose, opposite, omit, offer
42 OMNI- all, everywhere omniscient, omnivorous
43 PED-, PEDI- foot pedestrian, pedicure
44 PER-, PEL- through, by, thoroughly, away PERMEATE, perfidy, pellucid
45 POST- behind, after (in time or place) postpone, postnatal, postorbital
46 PRE- before, early, toward precedent, precept, preposition
47 PRO-, PUR- before, for, forth proceed, purport, pursue, PROLONG
48 QUADRI-, QUADR- four times, four fold quadriceps, quadrisect, quadrangle
49 RE-, RED- back, again, against, behind repel, RELEGATE, redeem, redemption
50 RETRO- backwards, behind retrogressive, retrofit, retrograde
51 SE-, SED- aside, apart, away from secure, seduce, seclude, sedition, select
52 SEMI- half semicircle, semiprivate
53 SINE without sinecure
54 SUB-, SUC-, SUF- under, beneath, inferior, suffer, SUBMISSIVE, succumb,
55 SUG-, SUM-, SUP- less than, in place of, secretly suggest, subtract, suffuse, support
56 SUR-, SUS- (same as above meanings) suspend, surplus
57 SUBTER- beneath, secretly subterfuge
58 SUPER-, SUPRA- over, above, excessively SUPERFICIAL, SUPERCILIOUS
59 SUR- over, above, excessively surcharge, surtax, surplus, surrealism
60 TRANS-, TRA- across, over, beyond, through transoceanic, transgression, transit, transition
61 TRI- three triangle, triceps
62 ULTRA- beyond, on other side ultrasound, ultraconservative
63 UN- (Old English) no, not, without unabashed, unashamed

Prepare a RHEL-Based Virtual Machine for Azure

Today we have got project to prepare RHEL  VHD’s  for Azure. I did not find any doc for RHEL on azure. So i think to write steps i followed for RHEL on azure …


CentOS Installation Notes

  • The newer VHDX format is not supported in Azure. You can  convert the disk to VHD format using Hyper-V Manager or the convert-vhd cmdlet.
  • When installing the Linux system it is recommended that you use standard partitions rather than LVM (often the default for many installations). This will avoid LVM name conflicts with cloned VMs, particularly if an OS disk ever needs to be attached to another VM for troubleshooting. LVM or RAID may be used on data disks if preferred.
  • NUMA is not supported for larger VM sizes due to a bug in Linux kernel versions below 2.6.37. This issue primarily impacts distributions using the upstream Red Hat 2.6.32 kernel. Manual installation of the Azure Linux agent (waagent) will automatically disable NUMA in the GRUB configuration for the Linux kernel. More information about this can be found in the steps below.
  • Do not configure a swap partition on the OS disk. The Linux agent can be configured to create a swap file on the temporary resource disk. More information about this can be found in the steps below.
  • All of the VHDs must have sizes that are multiples of 1 MB.

RHEL 6.5

  1. In Hyper-V Manager, select the virtual machine.
  2. Click Connect to open a console window for the virtual machine.
  3. Uninstall NetworkManager by running the following command:
    # sudo rpm -e --nodeps NetworkManager

    Note: If the package is not already installed, this command will fail with an error message. This is expected.

  4. Create a file named network in the /etc/sysconfig/ directory that contains the following text:
  5. Create a file named ifcfg-eth0 in the /etc/sysconfig/network-scripts/ directory that contains the following text:
  6. Move (or remove) udev rules to avoid generating static rules for the Ethernet interface. These rules cause problems when cloning a virtual machine in Microsoft Azure or Hyper-V:
    # sudo mkdir -m 0700 /var/lib/waagent
    # sudo mv /lib/udev/rules.d/75-persistent-net-generator.rules /var/lib/waagent/
    # sudo mv /etc/udev/rules.d/70-persistent-net.rules /var/lib/waagent/
  7. Ensure the network service will start at boot time by running the following command:
    # sudo chkconfig network on
  8. Install the python-pyasn1 package by running the following command:
    # sudo yum install python-pyasn1
  9. If you would like to use the OpenLogic mirrors that are hosted within the Azure datacenters, then replace the /etc/yum.repos.d/CentOS-Base.repo file with the following repositories. This will also add the [openlogic] repository that includes packages for the Azure Linux agent:
    name=CentOS-$releasever - openlogic packages for $basearch
    name=CentOS-$releasever - Base

    Note: The rest of this guide will assume you are using at least the [openlogic] repo, which will be used to install the Azure Linux agent below.

  10. Add the following line to /etc/yum.conf:
  11. Run the following command to clear the current yum metadata:
    # yum clean all
  12. Modify the kernel boot line in your grub configuration to include additional kernel parameters for Azure. To do this open “/boot/grub/menu.lst” in a text editor and ensure that the default kernel includes the following parameters:
    console=ttyS0 earlyprintk=ttyS0 rootdelay=300 numa=off


    This will also ensure all console messages are sent to the first serial port, which can assist Azure support with debugging issues. This will disable NUMA due to a bug in the kernel version used by RHEL 6.azure_kernel

    In addition to the above, it is recommended to remove the following parameters:

    rhgb quiet crashkernel=auto

    Graphical and quiet boot are not useful in a cloud environment where we want all the logs to be sent to the serial port.

    The crashkernel option may be left configured if desired, but note that this parameter will reduce the amount of available memory in the VM by 128MB or more, which may be problematic on the smaller VM sizes.

  13. Ensure that the SSH server is installed and configured to start at boot time. This is usually the default.
  14. Disable SWAP  :  comment swap in /etc/fstab
        # blkid | grep swap
      /dev/sda3: UUID="53-e0e3efe22612" TYPE="swap"
      # swapoff /dev/sda3
  15. Install the Azure Linux Agent by running the following command:
    # sudo yum install WALinuxAgent

    Note that installing the WALinuxAgent package will remove the NetworkManager and NetworkManager-gnome packages if they were not already removed as described in step 2.

  16. Do not create swap space on the OS diskThe Azure Linux Agent can automatically configure swap space using the local resource disk that is attached to the VM after provisioning on Azure. Note that the local resource disk is a temporary disk, and might be emptied when the VM is deprovisioned. After installing the Azure Linux Agent (see previous step), modify the following parameters in /etc/waagent.conf appropriately:
    ResourceDisk.SwapSizeMB=8192    ## NOTE: set this to whatever you need it to be.
  17. Run the following commands to deprovision the virtual machine and prepare it for provisioning on Azure:
    # sudo waagent -force -deprovision
    # export HISTSIZE=0
    # logout
  18. Click Action -> Shut Down in Hyper-V Manager. Your Linux VHD is now ready to be uploaded to Azure.

Reclaim Space in a VM on Thin or Thick VMDKs

[root@rac1 ~]$ yum install zerofree
updates/metalink | 12 kB 00:00
updates | 4.5 kB 00:00
updates/primary_db | 4.3 MB 00:21
Setting up Install Process
Resolving Dependencies
Running transaction check
Package zerofree.i686 0:1.0.1-8.fc15 will be installed
Finished Dependency Resolution

Dependencies Resolved

Package Arch Version Repository Size
zerofree i686 1.0.1-8.fc15 fedora 20 k

Transaction Summary
Install 1 Package

Total download size: 20 k
Installed size: 20 k
Is this ok [y/N]: y
Downloading Packages:
zerofree-1.0.1-8.fc15.i686.rpm | 20 kB 00:00
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : zerofree-1.0.1-8.fc15.i686 1/1

zerofree.i686 0:1.0.1-8.fc15

For Debian/Ubuntu:
[root@rac1 ~]$ apt-get install zerofree
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 17 not upgraded.
Need to get 7,272 B of archives.
After this operation, 61.4 kB of additional disk space will be used.
Get:1 oneiric/universe zerofree amd64 1.0.1-2ubuntu1 [7,272 B]
Fetched 7,272 B in 0s (41.5 kB/s)
Selecting previously deselected package zerofree.
(Reading database ... 22748 files and directories currently installed.)
Unpacking zerofree (from .../zerofree_1.0.1-2ubuntu1_amd64.deb) ...
Processing triggers for man-db ...
Setting up zerofree (1.0.1-2ubuntu1) ...

Then you need to mount the partition as read-only and run zerofree on it. If you need perform this on your OS/root partition, then power off your VM and attach the OS disk to another Linux VM. Here is how it looks like:

[root@rac1 ~]$ mount -o remount,ro /dev/mapper/test-lvol0
[root@rac1 ~]$ zerofree -v /dev/mapper/test-lvol0

Microsoft Azure Set a Static Internal IP Address for a VM

Before you specify a static IP address from your address pool, you may want to verify that the IP address has not been already assigned. In the example below, we’re checking to see whether the IP address is available in the TestVNet virtual network.

Test-AzureStaticVNetIP –VNetName TestVNet –IPAddress 

Be sure to change the variables for the cmdlets to reflect what you require for your environment before running them.

New-AzureVMConfig -Name $vmname -ImageName $img –InstanceSize Small | Set-AzureSubnet –SubnetNames $sub | Set-AzureStaticVNetIP -IPAddress | New-AzureVM –ServiceName $vmsvc1 –VNetName TestVNet

If you want to set a static IP address for a VM that you previously created, you can do so by using the following cmdlets. If you already set an IP address for the VM and you want to change it to a different IP address, you’ll need to remove the existing static IP address before running these cmdlets. See the instructions below to remove a static IP.

For this procedure, you’ll use the Update-AzureVM cmdlet. The Update-AzureVM cmdlet restarts the VM as part of the update process. The DIP that you specify will be assigned after the VM restarts. In this example, we set the IP address for VM2, which is located in cloud service StaticDemo.

Get-AzureVM -ServiceName StaticDemo -Name VM2 | Set-AzureStaticVNetIP -IPAddress | Update-AzureVM

When you remove a static IP address from a VM, the VM will automatically receive a new DIP after the VM restarts as part of the update process. In the example below, we remove the static IP from VM2, which is located in cloud service StaticDemo.

Get-AzureVM -ServiceName StaticDemo -Name VM2 | Remove-AzureStaticVNetIP | Update-AzureVM

How to Add Linux route ?

You can use any one of the following tool to add, display, delete Linux kernel routing table:

(a) route command : show / manipulate the IP routing table on Linux.

(b) ip command : show / manipulate routing, devices, policy routing and tunnels on Linux.

Display your current routing table

Open the Terminal or login to server using ssh/console. Type the  following command to display routing table:

# route
# route -n


 # ip route show
 # ip route list

Linux add a default route using route  command

Route all traffic via gateway connected via eth0 network interface:

 # route add default gw eth0

Linux add a default gateway (route) using ip command

Route all traffic via gateway connected via eth0 network interface:

 # ip route add dev eth0

Verify newly added route ip in the Linux kernel routing table

To verify new routing table, enter:
 # ip route list
 # route -n

How do I make routing changes persistent across reboots?

To make route entry persistent in the Linux kernel routing table, you need to modify config file as per your Linux distributions.

RHEL/CentOS/Fedora/Scientific Linux persistent routing configuration

Edit /etc/sysconfig/network and set default gateway IP address:
# vi /etc/sysconfig/network
Sample outputs:


You can add additional static route for eth0 by editing /etc/sysconfig/network-scripts/route-eth0 file as follows: via

The above config sets static routing for network via router.

Debian / Ubuntu Linux persistence static routing configuration

Edit /etc/network/interfaces file, enter:
# vi /etc/network/interfaces
Append the following in eth0 section:

up route add -net netmask gw
down route del -net netmask gw

Save and close the file.

Generic method to add persistent static routing on Linux

The following method works with almost all Linux distributions.

Edit /etc/rc.d/rc.local or /etc/rc.local, enter
# vi /etc/rc.local
Append the following line:

/sbin/ip route add dev eth0

Save and close the file.

ifconfig command not found on CentOS 7

On CentOS 6.x and before, ifconfig command by default used to  shipped. Whereas in minimal installed CentOS 7 , I have not found ifconfig command.

This will give you the error , ifconfig command not found.

To get the ifconfig command into our system , run the below given command

yum install net-tools

Now check the ifconfig command and its path in system (which and whereis command will help)

ifconfig -a
which ifconfig
whereis ifconfig

How I got to know net-tools package need to be installed

Using yum command with provides or whatprovides options help to give you list of package which is required for that particular command.

As per man page of yum :

provides or whatprovides
Is used to find out which package provides some feature or file. Just use a specific name or a file-glob-syntax wildcards to list the packages available or installed that provide that feature or file.

We have used the below given command to find which package provides the ifconfig command.

yum provides ifconfig

Below screenshot is last section of command output.