How to Resolve Nginx Error MAP_ANON|MAP_SHARED failed

Problem – you receive the following error when attempting to start nginx

[alert]: mmap(MAP_ANON|MAP_SHARED, 67108864) failed (28: No space left on device)

Background

you have installed and configured nginx to be a reverse proxy in front of another web server or service. You copied the configuration from the internet or another (working) server but you are getting this error.

Error cause

nginx is requesting to allocate more than the maximum shared memory configured for the system. This site has more information on configuring shared memory in Linux.

How do I fix it?

Look in your nginx configuration directory for proxy commands like this

sudo grep -r “proxy_cache_path” /etc

Here we learn about proxy_cache_path

Syntax: proxy_cache_path path [ levels = levels ] keys_zone = name : size 
    [ inactive = time ] [ max_size = size ] [ loader_files = number ]
    [ loader_sleep = time ] [ loader_threshold = time ] 
    Default: 
    Context: http 
    Reference: proxy_cache_path

Make sure the “size” parameters in the proxy_cache_path directive do not exceed the configured shared memory bounding on the server.

Failure and Application Design in the Cloud

Shlomo Swidler is founder of Orchestratus and an insightful commentator on all things cloud. His presentation Ten Cloud App Design Patterns given at Interop 2011 illustrates well the ever-present menace of Single-Points-of-Failure in application design. My conclusion from his slides:

Failures are bound to happen. Spend energy, time, and money on lowering your MTTR.

How to Install fail2ban Script on Vicibox Running OpenSuse

  1. Install fail2ban

    zypper install fail2ban

  2. Add fail2ban configuration courtesy of these guys

    touch /etc/fail2ban/filter.d/asterisk.conf

    Now add the following text to the file using your favorite editor.

     # Fail2Ban configuration file # # # $Revision: 250 $ # [INCLUDES] # Read common prefixes. If any customizations available -- read them from # common.local #before = common.conf [Definition] #_daemon = asterisk # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register NOTICE.* .*: Registration from '.*' failed for '<HOST>' - ACL error (permit/deny) NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL NOTICE.* <HOST> failed to authenticate as '.*'$ NOTICE.* .*: No registration for peer '.*' \(from <HOST>\) NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*) NOTICE.* .*: Failed to authenticate user .*@<HOST>.* # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = 

    Next, edit /etc/fail2ban/jail.conf and add this section so that the new filter is activated. Adjust the sendmail-whois directive to suit your situation.

     [asterisk-iptables] enabled = true filter = asterisk action = iptables-allports[name=ASTERISK, protocol=all] sendmail-whois[name=ASTERISK, dest=root, sender=fail2ban@example.org] logpath = /var/log/asterisk/messages maxretry = 5 bantime = 259200 

    While editing /etc/fail2ban/jail.conf make sure to add your IP to the [DEFAULT] section under the ignoreip directive.

  3. Activate default firewall config in SuSEfirewall2

    /sbin/SeSEfirewall2 on

  4. Enable custom firewall rules

    Edit /etc/sysconfig/SuSEfirewall2 under section 25 and uncomment this line:

     FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" #FW_CUSTOMRULES="" 
  5. Modify custom firewall rules

    vi /etc/sysconfig/scripts/SuSEfirewall2-custom

    search for the function named fw_custom_before_masq and add these lines above true

     # SIP on UDP port 5060-6060. Other SIP servers may need TCP port 5060 as well iptables -A input_ext -p udp -m udp --dport 5060:6060 -j ACCEPT # IAX2- the IAX protocol iptables -A input_ext -p udp -m udp --dport 4569 -j ACCEPT # IAX - most have switched to IAX v2, or ought to iptables -A input_ext -p udp -m udp --dport 5036 -j ACCEPT # RTP - the media stream # (related to the port range in /etc/asterisk/rtp.conf) iptables -A input_ext -p udp -m udp --dport 10000:20000 -j ACCEPT iptables -A input_ext -p udp -m udp --dport 9000:9999 -j ACCEPT # MGCP - if you use media gateway control protocol in your configuration iptables -A input_ext -p udp -m udp --dport 2727 -j ACCEPT 
  6. Stop the running firewall and restart it

    /sbin/SuSEfirewall2 stop /sbin/SuSEfirewall2 start

  7. Start fail2ban via the client and watch for errors

    fail2ban-client start

  8. If no errors, stop fail2ban and add it to system boot.

    fail2ban-client stop

    chkconfig –add fail2ban service fail2ban start

How to Copy All Files From an Old Website to A New One

Run this command from the shell of the new server in the directory where you want all the files to be copied (probably Document Root for the website):

wget –mirror -nH ‘ftp://user:*password*@www.example.com/wp*&#8217;

This will download all files not yet present in the host directory where invoked. Infinite recursion, keeps timestamps, and FTP listings.

How to Resolve vTiger 5.3.0 Error Permission denied’ in …/VtigerBackup/Locations/LocalBackup.php:54

Problem

You receive the following error when logging out of vTiger 5.3.0 after a fresh install through cPanel.

Uncaught exception 'UnexpectedValueException' with message 'RecursiveDirectoryIterator::__construct(/tmp/DSMTaskMgr/_system): failed to open dir: Permission denied' in /volume1/web/vtigercrm/modules/VtigerBackup/Locations/LocalBackup.php:54\nStack trace:\n#0 [internal function]: RecursiveDirectoryIterator->__construct('/tmp/DSMTaskMgr...', 0)\n#1 /volume1/web/vtigercrm/modules/VtigerBackup/Locations/LocalBackup.php(54): RecursiveDirectoryIterator->getChildren()\n#2 /volume1/web/vtigercrm/modules/VtigerBackup/Locations/LocalBackup.php(36): Vtiger_LocalBackup->getBackupTimeList()\n#3 /volume1/web/vtigercrm/modules/VtigerBackup/VtigerBackup.php(59): Vtiger_LocalBackup->limitbackup()\n#4 /volume1/web/vtigercrm/modules/Users/Logout.php(35): VtigerBackup->backup()\n#5 /volume1/web/vtigercrm/index.php(719): include('/volume1/web/vt...')\n#6 {main}\n thrown in /volume1/web/vtigercrm/modules/VtigerBackup/Locations/LocalBackup.php on line 54, referer: http://192.168.1.20/vtigercrm/index.php ... odule=Home

Solution:

Set up a valid local backup path in the vTiger vBackup module.

  1. Login as an administrative user

  2. Open ‘Settings->Settings’

  3. Click ‘Backup Server’ on the left navigation bar.

  4. Click ‘Edit’

  5. Specify a valid directory in the ‘Backup Location’ field

  6. Press ‘Save’

  7. Log out and confirm the error is resolved.

How to Use MySQLdump to Create Table Definitions and Content Separately

Question

How do you take a MySQL backup while separating table definitions from data content?

Answer

shell> mysqldump --no-data > dump-defs.sql
shell> mysqldump --no-create-info > dump-data.sql

Background

The –no-data option instructs mysqldump not to include table data in the resulting dump file. Conversely, the –no-create-info option instructs mysqldump not to include CREATE statements in the output file. Add the –routines option to also include stored routine definitions.

How to Initialize OpenCRX 2.9.0 Database for Use

Populate the database with data from the sample HSQLD files.

Login as admin-Root

  • Create a new segment with Actions > Create Administrator

Set the field Segment name to Standard. Leave the field Admin principal name empty and set the fields Initial password and Password again to admin-Standard.

  • Import Codes and Data with View > Reload and then click OK to start the import:

openCRX is distributed with many code tables (prefilled lookup tables) and several data files. These must be imported from xml files contained in the distribution.

This operation does takes some time to complete as thousands of objects are made persistent in your database during the import.

  • Set Access Levels of Codes by clicking on the package Codes and then changing perspective from Root to Advanced. Next, execute the operation Security > Set Access Level

Set the parameters as shown below: Browse access level ~ 4 Update access level ~ 2 Delete access level ~2 Mode: ~1

And click “OK”

How to Set MySQL Session to Use InnoDB

mysql > SET storage_engine=InnoDB;

How to Run a MySQL Script

mysql> source <script-file-name>

or

$ mysql <db-name> < <script-file>

How to Resolve JDBC Error The Last Packet Sent Successfully Is Longer Than The Server Configured Value of wait_timeout

Problem

Your Java application crashes with the following error: The last packet successfully received from the server was 16,181,532 milliseconds ago. The last packet sent successfully to the server was 16,181,532 milliseconds ago. is longer than the server configured value of ‘wait_timeout’.

Solution

Option 1: In my.cnf, configure wait_timeout to a higher value such as 86400 (24 hours)

Option 2: Add a simple validation query to your application’s JDBI configuration file.

<!-- PostgreSQL -->
<Resource id="jdbc_postgre_DB" type="DataSource">
JdbcDriver org.postgresql.Driver
...
JtaManaged true

ValidationQuery SELECT 1
TestWhileIdle true
TimeBetweenEvictionRunsMillis 1000

</Resource>