CentOS 6.x High CPU usage in power_saving threads
Posted: 2015-07-29 09:02:08 by Alasdair Keyes
I was awoken at 3am this morning by a backup server complaining about high CPU... because these things never happen at a nice friendly time like 3pm Monday to Friday.
It looked that the kernel's power saving threads were using a lot of cpu on this CentOS 6.6 box.
# top
top - 08:40:21 up 84 days, 22:46, 1 user, load average: 7.49, 7.51, 7.60
Tasks: 269 total, 14 running, 255 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0%us, 72.8%sy, 0.0%ni, 27.2%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 16249656k total, 2427188k used, 13822468k free, 185756k buffers
Swap: 4194300k total, 0k used, 4194300k free, 1523072k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2089 root -2 0 0 0 0 R 100.0 0.0 359:08.11 power_saving/4
2086 root -2 0 0 0 0 R 97.4 0.0 358:49.54 power_saving/1
2088 root -2 0 0 0 0 R 97.4 0.0 358:55.72 power_saving/3
2085 root -2 0 0 0 0 R 95.7 0.0 358:42.58 power_saving/0
2087 root -2 0 0 0 0 R 95.7 0.0 359:00.27 power_saving/2
2090 root -2 0 0 0 0 R 95.7 0.0 359:10.27 power_saving/5
Stopping the acpid service didn't seem to help and the only thing that resolved the issue was to unload the acpi_pad module from the kernel. At which the power_saving threads were removed and the load dropped again.
# service acpid stop
Stopping acpi daemon: [ OK ]
# lsmod | grep acpi_pad
acpi_pad 87985 0
# rmmod acpi_pad
# lsmod | grep acpi_pad
#
There is a Redhat advisory of a similar issue, but this indicates that it's only on CentOS 6.2, but it appears that it has continued into later revisions of the Redhat kernel.
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
akeyes.co.uk - A+ on SSLLabs
Posted: 2015-07-06 15:55:23 by Alasdair Keyes
SSL Labs SSL Test now scores https://akeyes.co.uk an A+ - See here
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
Jenkins repository errors with SSH and git
Posted: 2015-07-06 11:04:23 by Alasdair Keyes
I've been experimenting with Jenkins continuous integration (CI) suite.
CI seems to be getting widely adopted in businesses so I thought it would be good to familiarise myself with it.
I created a git repo with SSH/key pair access and created a new project in Jenkins. In the project configuration, I was able to connect to the repository with the following URL
ssh://git@X.X.X.X:/home/git/repo/test1.git/
But all my builds were failing with the following message...
Started by user anonymous
Building in workspace /var/lib/jenkins/jobs/test1/workspace
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url ssh:///git@X.X.X.X:/home/git/repo/test1.git/ # timeout=10
Fetching upstream changes from ssh:///git@X.X.X.X:/home/git/repo/test1.git/
> git --version # timeout=10
> git -c core.askpass=true fetch --tags --progress ssh:///git@X.X.X.X:/home/git/repo/test1.git/ +refs/heads/*:refs/remotes/origin/*
ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from ssh:///git@X.X.X.X:/home/git/repo/test1.git/
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:735)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:983)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1016)
at hudson.scm.SCM.checkout(SCM.java:485)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1282)
at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:610)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:532)
at hudson.model.Run.execute(Run.java:1741)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:98)
at hudson.model.Executor.run(Executor.java:381)
Caused by: hudson.plugins.git.GitException: Command "git -c core.askpass=true fetch --tags --progress ssh:///git@X.X.X.X:/home/git/repo/test1.git/ +refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout:
stderr: ssh: Could not resolve hostname : Name or service not known
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1591)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1379)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:86)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:324)
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:733)
... 11 more
ERROR: Error fetching remote repo 'origin'
Finished: FAILURE
Eventually, I noticed that the URL that was being connected during the build had an extra / in the ssh protocol definition.
It turns out that the git pluging does some escaping and ends up adding the extra /, although the Git URL is perfectly valid, it is a sloppy url as the SSH port is not explicitly defined. Change it to
ssh://git@X.X.X.X:22/home/git/repo/test1.git/
And it worked with no issues and proceeded to running the build/test scripts.
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
imapsync
Posted: 2014-07-25 10:46:27 by Alasdair Keyes
I'm in the middle of migrating systems at the moment, part of which involves migrating mailboxes between seperate systems, the source system is using Maildir format mailbox and the destination is using Cyrus, so I'm unable to just copy the files from the filesystem.
Both have IMAP access so I can use the fantastic imapsync util to help http://imapsync.lamiral.info/. I hadn't come across it before, but if you want a basic sync of mailboxes, the following will do what you want. Obviously, use IMAPS as there's no reason not to..
imapsync
--host1 srchost.com --port1 993 --user1 dstuser --password1 pass1
--host2 dsthost.com --port2 993 --user2 srcuser --password2 pass2
--pidfile '/tmp/email@domain.com-imapsync.pid'
--nofoldersizes
--noreleasecheck
--subscribe_all
--delete2
--ssl1
--ssl2
--addheader
If you every need to perform any kind of migration, this will make your life a lot easier.
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
Sysadmin Appreciation Day
Posted: 2014-07-17 10:49:38 by Alasdair Keyes
The day will be here soon, appreciate your sysadmins for the hard work they do to make sure you can keep doing your work.
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
JSON Resume
Posted: 2014-07-07 17:20:41 by Alasdair Keyes
Viewing Hacker News today, I saw a new project called JSON Resume.
JSON Resume is community driven open source initiative to create a JSON based standard for résumés. This is something I'd never thought about before, but is something that is in drastic need of standardisation.
Before the days of online recruitment and Digital CVs, a non-standard CV was a good thing. It let you stand out from the crown in a big pile of paper, drawing the eye of the recruiter.
Nowdays the opposite is almost true, you want your CV online and searchable by the largest amount of people, a complex or fancy CV might do you more harm than good. Many agencies will auto convert Word Document or PDF files into text that they can send out to prospective employers, but this would be even better if there were an overall standard format that could be used for everyone and easily searchable by recruiters and employers.
It has the benefit that the style can be separated from the content. Similar to the idea of CSS and HTML.
The project is in it's infancy and the specification is still a work in progress and will most definitely change in the near future, but I think it's worth supporting. To that end, please see my CV in JSON format
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
.uk Released
Posted: 2014-06-11 13:24:29 by Alasdair Keyes
Over the past few months many more TLDs have been released (Such as .wtf .ninja etc) and today the new UK TLD .uk was released.
This seems to have taken off in a big way, much more interest from customers than I'd expected. So, make sure you buy your .uk domain!
If you own the .co.uk, the .uk version has been reserved for you for 5 years, if you don't know where to register your domains, try Daily.co.uk
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
Interactive Git Tutorial
Posted: 2014-05-09 09:34:29 by Alasdair Keyes
Useful tool if you're starting out with Git Version Control
https://try.github.io/levels/1/challenges/1
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
Checking git repo integrity
Posted: 2014-04-08 16:31:03 by Alasdair Keyes
I was merging in code changes to my Dev VM this afternoon and I hit a rather nasty issue; I ran out of space on the virtual disk....
It wasn't difficult to sort the space issue, I created another disk in vmware and added it into the VM and used LVM/resizefs to increase the space available to the filesystem at which point I had plenty of space left to play with (I love LVM!).
Git status showed a list of modified files under the "Changes not staged for commit" section and a git diff off these files showed that they all had their content removed.
Not knowing what to do with my repo, I reversed the changed files with
$ git checkout -- file1 file2 ...
And then just merged in the chages again, this appeared to work but I wanted to be sure that nothing else had broken deeper in git.
I discovered the 'git fsck' command which took about 5 minutes to run and didn't show up any errors.
$ git fsck --full --strict
$
All looks good. A useful command to remember.
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
Critical OpenSSL Vulnerability
Posted: 2014-04-07 20:34:35 by Alasdair Keyes
If you're a sysad, you have no doubt already heard of the recent Heartbleed OpenSSL vulnerability. I won't rehash the details, but they can be seen on the links below. Just a reminder to make sure you update your systems, I can imagine that in a short period of time, people will be scanning systems to try and abuse it.
www.openssl.org/news/secadv_20140407.txt
If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz
© Alasdair Keyes
IT Consultancy Services
I'm now available for IT consultancy and software development services - Cloudee LTD.
Happy user of Digital Ocean (Affiliate link)
Version:master-e10e29ed4b
