Author: Sohail Qamar

How to shrink an LVM Logical Volume

Since shrinking is not supported on these file systems, you cannot reduce the size of a logical volume that houses a GFS2 or XFS file system.

The lvreduce command typically warns about potential data loss and requests confirmation. In some circumstances, such as when the logical volume is inactive, or the —resizefs option is not used, you may not see these confirmation prompts, so you shouldn’t rely on them to prevent data loss. It should be noted that the —test option of the lvreduce command does not examine the file system or test the filesystem; thus, using it does not show whether the operation is safe.

Use the following command to find the name of the logical volume that you want to shrink.

# lvs

The disk must be unmounted to do a lvreduce. Hence this must be done while the disk is idle. To ensure data integrity, perform a filesystem check after that.

# umount /dev/vg0/lv_data
# e2fsck -f /dev/vg0/lv_data

CentOS 5 only: Resize the existing filesystem to 80Gb (ie: 100Gb – 20Gb = 80Gb).

# resize2fs /dev/vg0/lv_data 80G

Centos 6, 7 only: Resize the logical volume.

# lvreduce -r -L 80G /dev/vg0/lv_data

On CentOS 5, use lvreduce as follows.

# lvreduce -L 80G /dev/vg0/lv_data

Mount the LV logical volume as follows.

# mount /dev/vg0/lv_data

There is currently 20G of free space in the volume group. The 20G free space can then be used to build a new logical volume using lvcreate.

How to change log files permissions in bind?

The umask settings are passed down from the parent process to the BIND process. This means that the permissions for all files made by BIND can be restricted.

You need to change the systemd unit file so that “others” can’t read, write, or run any files made by BIND.

Create a directory for drop-ins in /etc/systemd/system/named.service.d:

[root@centos7 ~]# mkdir /etc/systemd/system/named.service.d/

Set the UMask option to 007 in the /etc/systemd/system/named.service.d/umask.conf configuration file. Create a new file if it does not exist. This will make sure that other people can’t read log files, journal files, and other files. The configuration file should have the following.


Instruct systemd to reload information about services.

[root@centos7 ~]# systemctl daemon-reload

Verify that the drop-in was discovered.

[root@centos7 ~]# systemctl status named
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled)
Drop-In: /etc/systemd/system/named.service.d

This will ensure that other users can’t read log files, journal files, and other files.

[root@centos7 ~]# ls -l /var/named/data/
total 4
-rw-rw----. 1 named named 2039 sep 9 10:34

For CentOS 5 and 6, add the following line to /etc/sysconfig/named to make sure “others” can’t read, write, or run any files made by BIND:

umask 0007

This will make sure that log files, but also any journal files and other are not readable by others.

[root@centos6 ~]# ls -l /var/named/data/
total 4
-rw-rw----. 1 named named 2039 sep 9 10:34


How to increase number of open files limit in CentOS 5,6, and 7

When load testing an application and seeing “Resource temporarily unavailable” issues, increase the “nofile” and system-wide limitations for the number of open files.

The kernel allows a certain amount of continuously open file descriptors. This number will automatically vary depending on the amount of RAM in the system by default.

In the file /etc/sysctl.conf, edit/add the following kernel parameter.

# vi /etc/sysctl.conf
fs.file-max = XXXXX

For applying the above changes execute.

# sysctl -p

The current value of the max-open-files limit can be found by.

# cat /proc/sys/fs/file-max
# sysctl -a | grep fs.file-max

Ulimit gives the user control over the resources available to the shell and the processes it starts. Per-process file descriptor limits apply to each user. 1024 is the default value. This can only be changed by root.

# ulimit -n
# su - root
# ulimit -n 16384 
# ulimit -n

To make the change permanent, edit the following file.

  • For Single User:
# vi /etc/security/limits.conf
<username> soft nofile 4096
<username> hard nofile 10240

Then save changes with :wq

Verify the changes as follows.

# su - username
# ulimit -Sn
# ulimit -Hn
  • For all users use wild card ‘*’ instead of username
# vi /etc/security/limits.conf
* soft nofile 4096
* hard nofile 10240

Then save changes with :wq

rsync: Failed to exec ssh: Permission denied (13)

When another SELinux confined process starts rsync, it fails with the following error.

rsync: Failed to exec ssh: Permission denied (13)

The following error may appear in some cases.

rsync: readlink_stat("/some_file" (in some_path)) failed: Permission denied (13)

To resolve the above issue, turn on the following SELinux Booleans.

  • rsync_client to allow rsync client to run ssh
  • rsync_export_all_ro to allow rsync to access (read-only) all
# setsebool -P rsync_export_all_ro 1
# setsebool -P rsync_client 1

If another SELinux restricted process (such as an initrc script or another application) starts rsync, the resulting process will also be confined to the rsync_t context.
This context does not allow the ssh command to be run by default, and it can only read files in a few specified security contexts, such as rsync data_t and public_content_t.

Check the audit logs for rsync errors.

# ausearch -m avc -i -c rsync

Use audit2allow to identify which boolean needs to be activated.

# ausearch -m avc -i -c rsync | audit2allow

#============= rsync_t ==============

#!!!! This avc can be allowed using the boolean 'rsync_client'
allow rsync_t ssh_exec_t:file execute;

#!!!! This avc can be allowed using one of the these booleans:
#     rsync_export_all_ro, rsync_full_access
allow rsync_t unlabeled_t:dir search;

Check the current value of the following rsync booleans.

# getsebool -a | grep rsync_

rsync_anon_write --> off
rsync_client --> off
rsync_export_all_ro --> off
rsync_full_access --> off
rsync_sys_admin --> off

Restore the /boot directory after corruption or missing files

  • Enable the network so yum can function.
  • Mount /boot from your disk.
#mount /dev/sda1 /boot
  • Make a directory grub2 on /boot as follows.
#mkdir /boot/grub2
  • Copy the modules as or copy the entire things from an identical system as fonts locale directive.
#cp -r /usr/lib/grub/i386-pc /boot/grub2/i386-pc
  • Reinstall the kernel packages
# yum remove kernel-<release>
# yum install kernel-<release>

It is anticipated to have grubby fatal error: unable to find a suitable template, which can be ignored at this time because /boot does not yet have /boot/grub2/grub.cfg.

  • Install the grub2 package as follows.
#yum reinstall $(rpm -qa | grep grub)
  • Recreate the grub configuration as follows.
#grub2-mkconfig -o /boot/grub2/grub.cfg
  • Check if /etc/grub2.cfg has a symbolic link to /boot/grub2/grub.cfg
  • Finally, reinstall the grub on new created partition as follows.
#grub2-install <disk>
#grub2-install /dev/sda

This should be sufficient to create the /boot directory and boot the system, but if you have a backup of /boot, you should restore it from the backup.

How to assign alias IP addresses to a network card

In order to add an additional IP address to an interface, there are two options:

Aliases, in the old way, generate a new virtual interface named ethX:Y, for example, eth0:1. Each interface has its own IP address. A label is applied to it in ifconfig output as well as ip output.

In the new method, the main interface is given a secondary address. As a result, many IP addresses can be added to a single physical interface rather of requiring a separate interface for each one. In this scenario, the ip tool must be used because the ifconfig tool is too old to see the new IP addresses. Nowadays, this is the preferred method.

In CentOS-6.4 (NetworkManager-0.8.1-61.centos6), the NetworkManager component now supports both the old and new methods of allocating additional IP addresses.

How to check the version being used?

# rpm -q NetworkManager

Configuring the new way with NetworkManager (0.8.1-61 or newer)

Using nmcli, e.g. adding

# nmcli con
NAME         UUID                                  TYPE      DEVICE 
System eth0  8fb06bd0-0bb0-7ffb-45f1-d68dd65f3e03  ethernet  eth0   

# ip -4 a show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    inet brd scope global dynamic noprefixroute eth0
       valid_lft 39711sec preferred_lft 39711sec

# nmcli con mod 'System eth0' +ipv4.addresses
# nmcli con up 'System eth0'

# ip -4 a show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    inet brd scope global dynamic noprefixroute eth0
       valid_lft 43196sec preferred_lft 43196sec
    inet brd scope global secondary noprefixroute eth0
       valid_lft forever preferred_lft forever

If you don’t want to use NetworkManager, you can update the config file manually using the options below. (Note that these modifications do not require NetworkManager and can be made to the ifcfg-* files directly.)

      IP Address
      Subnet mask; just useful for aliases and ippp devices.  For all other
      configurations, use PREFIX instead.

    The "n" is expected to be consecutive positive integers starting from 0.
    It can be omitted if there is only one address being configured.

An example is given below.

Checking the original file:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0 

Now adding IP address to that file.

# cat /etc/sysconfig/network-scripts/ifcfg-eth0 

Then, to make the changes take effect, bring the interface down and up.

# ifdown eth0; ifup eth0

Now verify as follows.

# ip address list dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:XX:XX:XX brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth0
    inet brd scope global eth0
    inet6 fe80::5054:ff:fexx:xxxx/64 scope link 
       valid_lft forever preferred_lft forever

Configuring the old way with NetworkManager (0.8.1-61 or newer)

This method requires another ifcfg file named as ifcfg-<iface>:<alias>

See an example below of an alias interface with IP address

# cat /etc/sysconfig/network-scripts/ifcfg-eth0:1 

Then bring up the interface to make the changes take effect.

# ifup eth0:1

Now verify as follows.

# ifconfig eth0:1
eth0:1    Link encap:Ethernet  HWaddr 52:54:00:XX:XX:XX
          inet addr:  Bcast:  Mask:

# ip address list dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:XX:XX:XX brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth0
    inet brd scope global eth0:1
    inet6 fe80::5054:ff:fexx:xxxx/64 scope link 
       valid_lft forever preferred_lft forever

Configuring the old way with NetworkManager (prior to 0.8.1-61)

Because earlier NetworkManager versions do not support this method, the NetworkManager service must be disabled as explained below.

The NetworkManager service must be stopped since it cannot control an aliased interface. To terminate NetworkManager, perform the following steps.

# service NetworkManager stop 
# chkconfig NetworkManager off

Create the alias interface configuration file.
Here is an example for /etc/sysconfig/network-scripts/ifcfg-eth0:1


Start the secondary interface as follows.

# ifup eth0:1


# service network restart

What does Ping mean?

Nothing is more aggravating than getting into a gaming groove with your pals only to have your frames per second (fps) drop and your game lag at any time during the session. You’re undoubtedly curious in what’s going on with your system or network behind the scenes, and if there’s anything you can do about it.

You must first comprehend the components that make up your computer’s internet connection, as well as how they may effect your games. Here are the top 5 reasons why you might have high ping and, as a result, slowing while playing online games.

  • ISP quality
  • Internet connection speed
  • Inadequate bandwidth
  • Configuration of firewalls
  • Geographical location

We’ll go through each of them in more detail later, but first, let’s define ping, latency, and lag.

What does Ping Mean?

Ping is a network utility that refers to a signal transmitted across a network to another computer, which subsequently responds with a signal of its own. This signal, which is measured in milliseconds (ms), indicates how long a packet of data takes to travel from your computer to an internet server and back. The delay between the computer and its server is the term for this measurement.

The word “ping” has its origins in World War II, when it was used as a technical name for the sonar signal sent by submarines to determine their distance from another vessel at sea. The derivation of this onomatopoeia is the metallic, high-pitched “ping” sound that was heard.
Several decades later, the word was adapted to describe the process of one computer requesting another to see if it was connected to the internet. Consider this analogy: in the Marco Polo swimming pool game, the computer “ping” represents “Marco!” and the receiving server represents “Polo!”

Ping is the network latency between a player’s computer (or client) and another client (peer) or the game’s server in the world of online video gaming.

Low ping and High ping

Both “low ping” and “high ping” have values that fall within a certain range. Most broadband connections have ping times of less than 100 milliseconds. In gaming, pings of less than 20 milliseconds are termed “low ping,” those of 50 to 100 milliseconds are regarded “very good to average,” and those of 150 milliseconds or more are labeled “high ping.”

You’ve probably heard the terms “low ping” and “high ping” used casually. A “low ping” is better in general, especially in games where time and position are crucial.
In first-person shooter (FPS) games, real-time strategy games, racing games, and multiplayer games, for example, a low ping means faster data transfers and server responses within the game – and thus smoother gameplay.

Those with a high ping will almost certainly face delays (or lags) while playing the game, which will have an impact on the game’s outcome. In fact, many FPS games’ servers will instantly disconnect those players at even higher levels. Many online games will show your ping time as well as other players’ or servers’ ping times.

What is Latency?

While a ping is a signal sent from one computer to another on the same network, latency is the time it takes for the ping to return to the computer (measured in milliseconds). Latency is a measurement of the signal’s whole round journey, whereas ping is only one way.

It’s also vital to note that latency refers to the quality of your network connection rather than its speed. There are two components to network connection speeds. The first is bandwidth (the amount of data that can be transferred in a given amount of time); the second is latency (the amount of time it takes for that data to travel).

The terms “ping” and “latency” are frequently used interchangeably. When gamers talk about “low latency” and “high latency,” they’re generally referring to “low ping” and “high ping,” respectively. However, this isn’t totally accurate.

What is Lag?

“Lag” is another term that is frequently used interchangeably with “ping.” However, lag refers to the delay or slowed pace that might be produced by high ping (or high latency). High latency in gaming can cause lag, which is the frustrating wait between a player’s action and the game’s reaction, hurting performance, freezing or stuttering, and even crashing games. Additionally, if your ping (or latency) is high enough to interfere with other players’ games, you may be disconnected by the server.

While excessive latency is a common cause of lag, it can also be caused by problems with the machine that is executing the game. Inadequate power in the central processing unit (CPU) or graphics card (GPU), as well as reduced system (RAM) or video (VRAM) memory, are examples.

Reasons for High Ping

ISP Quality

When it comes to gaming needs, it’s not always top of mind, but picking one internet service provider (ISP) over another can spell the difference between winning and losing a game. And the stakes are significantly higher if you’re playing in a league or for real money.
ISPs don’t always provide the same services and features, and there are a variety of things to consider, such as pricing, speed, latency, dependability, availability, data, and more.

Difference between Upload and Download Speed

Download speeds refer to how rapidly data is retrieved from a server, while upload speeds refer to how quickly it is sent to others. While download speeds are vital for online gaming, upload speeds are even more important because low latency (or low ping) is dependent on good upload rates. The influence of upload speeds on response time and game performance is greater than that of download speeds.

The majority of ISPs refer to download speeds when they talk about their speeds. For example, an ISP may provide a plan with download speeds of 50 Mbps (megabits per second), which is a measurement of how much data can be transmitted in a second.

The highest upload speed on that same plan could be as low as 1 Mbps. While 1 Mbps upload rates are enough for most online games, ideal upload speeds for multiplayer or tournament games, as well as live streaming, are closer to 3 Mbps.

Wireless vs. Wired

For gaming purposes, a wired connection is preferable over a wireless connection to the internet. Wireless connections are more susceptible to interference and aren’t as consistent as wired connections. More importantly, they increase latency because they’re using airwaves to connect you. Always check which method your ISP is using to connect you to the internet.
Another thing to consider is the transmission method. Your ISP may connect you to the internet through a regular modem, a cable modem, a local area network (LAN), digital subscriber line (DSL), or fiber. For gaming, fiber is ideal out of all the options as it’s reliably fast and enables very low latency. But if fiber is not available, then cable and DSL connections work well for high-speed connections as well.


While the equipment provided by many ISPs is normally adequate for standard internet use, it may not necessarily be adequate for gaming. If you have three or more devices connected to the internet, you may need to upgrade your equipment.

The speed of your network is affected by the quality of your modem and router. Your router, in particular, serves as a vital switchboard for all of your networked devices. Your ISP’s default one might not be fast enough for the connections you require. Check to see whether it’s an older model that could not be powerful enough.

Also, make sure you don’t have any other devices connected to your network, since this could increase latency to your gaming sessions. Multiple devices consume more bandwidth, especially those used for video games and streaming. You’ll likely notice lower latency and faster connectivity if you connect your PC directly to the internet.

If your router has gigabit Ethernet connections, use Ethernet cables to connect your computer and other gaming devices directly to the router. They are not only affordable, but they also aid in the maintenance of fast, direct, stable, and low-latency connections.

Your ISP either gives you a set amount of data per month (data limitations) or gives you limitless data. Depending on the requirements, several types of data are required. For the most part, 100GB a month should plenty for gaming needs. However, if you’re downloading new games or watching videos, you’ll need more. If you think you’ll be downloading a lot of new games on a regular basis, getting a plan with at least 500GB of data or unlimited bandwidth would be a good idea.

Unlimited data plans, on the other hand, may have asymmetrical speeds, which means upload and download speeds are not equal. As a result, latency may suffer as a result.

Internet Connection Speed

Your internet connection speeds, in addition to the various criteria that go into determining the quality of your ISP, might have an impact on your ping (or latency). A quicker connection allows you to send and receive data more quickly, minimizing your ping. A slower connection speed, on the other hand, can result in excessive ping, which makes lag more obvious when playing online games.

High-speed connections are available via satellite, cable, and fiber, but only cable and fiber give minimal latency. In comparison to a strong broadband connection, a dial-up connection using a 56k modem will have a greater ping.

Although most ISPs offer savings for bundled three-in-one (or more) services like internet, telephony, and TV, you should avoid signing up for several services on the same line because it will affect your online connection times and latency.

A cable connection, as opposed to a wireless connection, allows for more continuous data transmission, resulting in lower latency and smoother gaming. It also prevents other computers from accessing the internet at the same time, wasting bandwidth.

Most ISPs will provide a variety of connection speeds at various rates. If your current ISP is unable to enhance your connection speed, you may want to consider switching ISPs to one that offers better connections.

Low Bandwidth

Gaming bandwidth requirements aren’t as crucial as other characteristics like connectivity and network efficiency. You must, however, verify that you have enough bandwidth to meet your needs.

If you’re streaming games, for example, you’ll need to make sure you have enough upload bandwidth. Inadequate bandwidth will affect the amount of time it takes to send and receive data, resulting in excessive ping (latency) and, most likely, lagging throughout your game.
ISPs typically do not include delay statistics when they advertise their bandwidth amounts.

One of the issues is that declaring constant amounts across different setups and geographical areas may be problematic. Upload speeds of 1 Mbps are sufficient for most online gaming, however ping rates are more important when dealing with latency difficulties.

Other users and gadgets connected to the internet in your home can potentially increase your latency, especially if they’re streaming services, streaming video, or downloading huge files. The bigger the number of devices linked to your internet connection, the higher the latency.

Check out this free site called Speedtest, which is maintained by a network performance company, to see if you’re getting enough bandwidth. It allows you to check your ping, download speed, and upload speed right now. If you aren’t getting the speeds your ISP promised, you can contact them and request that they optimize the speeds.

Firewall Configuration

Because your firewall examines the majority of the data packets sent and received by your computer, this procedure may take longer than necessary. Even though the time is measured in seemingly insignificant milliseconds, it can cause internet connection speeds to drop and latency to increase.

You may need to disable any Windows firewalls or virus guard firewalls such as Norton, McAfee, and others if you want to reduce latency. Your ping will be reduced by disabling firewalls that directly monitor web traffic.

You can then add your game as an exception in the firewall settings, allowing traffic to pass across the game’s ports. This will prevent the firewall from mistaking the game for an intrusion attempt, allowing your computer to send and receive data from the game.


The distance between your computer and the server can determine whether you experience low or high latency. Choose a server that is geographically closer to you if possible. This reduces the amount of time it takes for a data packet to travel between you and the server, lowering your ping.

All across the world

For example, if a player lives in the United States and attempts to connect to a server in Germany, the data packet will take longer to travel than if the player connects to a server in their own country. In the first case, the ping will be higher than in the second.

Throughout the house

If you’re gaming over a WiFi connection, you’ll notice that your location has an impact on latency. Not only should you verify that you are close enough to the router to receive a strong signal, but you should also ensure that there is nothing in the vicinity of the router that could interfere with the signal, such as a wall, closet, or large electronic equipment like a TV. This may assist in lowering your ping.

How to add Equal Cost Multipath Route [ECMP] to IP Routing?

You can add ECMP routes with the following command.

ip route add 
    nexthop via dev ethX weight 1 
    nexthop via dev ethY weight 1

Alternatively, you can use two separate commands, the second of which appends to the existing route.

ip route add nexthop via dev ethX weight 1
ip route append nexthop via dev ethY weight 1

You can either add all the nexthops at once or append them to an existing route to create an ECMP route.

The above steps show how to use CONFIG_IP_ROUTE_MULTIPATH if it is enabled in the kernel.

Note: You can use the above steps if adding two routes results in an error as below.

# ip route add DESTINATION via GATEWAY1 dev NET1 metric 1000
# ip route add DESTINATION via GATEWAY2 dev NET2 metric 1000
RTNETLINK answers: File exists

HowTo wipe ceilometer in OpenStack

The following is performed on the overcloud controllers.

  • First of all stop telemetry with the following command.
systemctl stop openstack-aodh-evaluator openstack-aodh-listener openstack-aodh-notifier openstack-ceilometer-central openstack-ceilometer-collector openstack-ceilometer-notification openstack-gnocchi-metricd openstack-gnocchi-statsd
  • Stop the mongod service.
systemctl stop mongod
  • Backup MongoDB files.
tar Jcf /tmp/mongodb-backup-$HOSTNAME-$(date +%F_%H%M%S).tar.xz /var/lib/mongodb
  • Delete the following files from the /var/lib/mongodb/ folder.
rm -r /var/lib/mongodb/*
  • Start mongodb on each of the three controllers.
systemctl start mongod
  • We decided to make mongodb master on controller0.
mongo --host MONGOHOST --eval 'rs.initiate()'
  • Determine mongodb’s listener IP on controller 1 and controller 2.
ss -tlnp|grep mongo
  • Add these IPs to the mongo replication configuration.
mongo --host MONGOHOST --eval 'rs.add("controler1_mongodb_IP:PORT"); rs.add("controler2_mongodb_IP:PORT"); '
  • Keep an eye on the status.
mongo --host MONGOHOST --eval 'db.isMaster()'     # to check which node is the master. Should be only contorller0
mongo --host MONGOHOST --eval 'rs.conf()'         # to check that all hosts are in the cluster
mongo --host MONGOHOST --eval 'rs.status()'       # to check the replication status
  • Create the ceilometer database in mongodb.
mongo --host MONGOHOST --eval 'db.getSiblingDB("ceilometer").addUser({user: "ceilometer", pwd: "MONGOPASS", roles: [ "readWrite", "dbAdmin" ]})'
  • Start telemetry.
systemctl start openstack-aodh-evaluator openstack-aodh-listener openstack-aodh-notifier openstack-ceilometer-central openstack-ceilometer-collector openstack-ceilometer-notification openstack-gnocchi-metricd openstack-gnocchi-statsd

How to set the route metric on network interface in CentOS 7

What is a Route Metric?

In networking, the term metric is used to assign priority to network routes. The lower the metric, the lower the route’s priority.

Set Route Metric Without Network Manager

Under Red Hat Enterprise Linux, the correct way to set the route metric is to edit the appropriate <ifcfg-interface> file in the /etc/sysconfig/network-scripts/ directory, where <interface> is the name of the interface to which the metric is related. A directive like the one below should be added.


For changes to take effect, the network service must be restarted.

# service network restart

Set Route Metric With Network Manager

To change the connection route Metric value, use nmcli, nmtui, or the GUI tools.

Modify the ipv4.route-metric property of the connection with nmcli to add a route metric. To add a route metric 600 to a connection named external, for example.

# nmcli connection modify external ipv4.route-metric 600

After any of the modifications above, bring the connection up to put the changes into place. For example, after having modified the properties of a connection named external.

# nmcli connection up external