A blog by a system administrator and programmer.

Jetty disable weak cipher 
Thursday, April 16, 2009, 02:07 PM - System
Posted by Freddy Chu
inorder to disable weak SSL cipher in jetty you can add the xml below into SslSocketConnector


<Set name="ExcludeCipherSuites">
<Array type="java.lang.String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>


6 comments ( 142 views )   |  permalink   |   ( 2.9 / 5310 )
java.io.IOException: Too many open files 
Saturday, October 25, 2008, 12:06 AM - System, Programming
Posted by Administrator
Yesterday I have face a funny java exception on my Linux server.

java.io.IOException: Too many open files at sun.nio.ch.ServerSocketChannelImpl.accept0(Native Method) at sun.nio.ch.ServerSocketChannelImpl.accept(ServerSocketChannelImpl.java:145) at org.mortbay.jetty.nio.SelectChannelConnector$1.acceptChannel(SelectChannelConnector.java:75) at org.mortbay.io.nio.SelectorManager$SelectSet.doSelect(SelectorManager.java:475) at org.mortbay.io.nio.SelectorManager.doSelect(SelectorManager.java:166) at org.mortbay.jetty.nio.SelectChannelConnector.accept(SelectChannelConnector.java:124) at org.mortbay.jetty.AbstractConnector$Acceptor.run(AbstractConnector.java:537)


It have cost me few minutes to figure out what is that problem.

At first i think it is caused by sysctl
but i found
fs.file-max = 65535

and my lsof -nn | wc -l is only around 10xx so i know that is not the problem.

After that i think about ulimit, if you are careless you may fake by default result the command ulimit's output. unlimited

When you execute ulimit -a you will see the whole story.

#ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
max nice (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 16370
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
max rt priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 16370
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited


Now you know the point is there ... most Linux default openfile per user is limited to 1024. So you must edit the file /etc/security/limits.conf

add those 2 lines below to override the default limit.

* soft nofile 65536
* hard nofile 65536

1525 comments ( 3702 views )   |  permalink   |   ( 3 / 5481 )
Oracle moving index to another table space 
Tuesday, April 8, 2008, 05:04 PM - Programming
Posted by Freddy Chu
These days I am super busy. Nearly no time to write my blog. :(

There is so many people asking me how to move the index after created. As you know if you use plsql developer's GUI it will drop the constraint and add again with index. I don't know why it work like that but there is some simple solution.

ALTER INDEX <INDEX_NAME> REBUILD TABLESPACE <TALESPACE_NAME>

Here also show you a simple procedure to move all index of a table from one tablespace to another tablespace.


create or replace procedure MOVE_INDEX_BETWEEN_TABLESPACE(from_ts in string,
to_ts in string,
tablename in string) is
cursor index_names is
select user_indexes.index_name
from user_indexes
where user_indexes.table_name like upper(tablename)
and user_indexes.tablespace_name = upper(from_ts);
index_name user_indexes.index_name%type;
begin
open index_names;
loop
fetch index_names
into index_name;
exit when index_names%notfound;
if index_name is not null and to_ts is not null then
EXECUTE IMMEDIATE 'ALTER INDEX ' || index_name ||
' REBUILD TABLE_SPACE ' || to_ts;
end if;
end loop;
end MOVE_INDEX_BETWEEN_TABLESPACE;

add comment ( 119 views )   |  permalink   |   ( 3 / 4329 )
Happy lunar new year~~ 
Sunday, February 10, 2008, 11:01 AM - General
Posted by Freddy Chu
This year I am lucky that I can have a good location to take photos. :D



For more photos please go to my gallery.

Fireworks 2008


add comment ( 97 views )   |  permalink   |   ( 3 / 4152 )
Java disk usage 
Friday, January 11, 2008, 11:56 AM - Programming
Posted by Freddy Chu
It have been a long time for me to found a way to check the disk usage in Java.

Finially i get the solutions. It is in Java 6.0. java.io.File

There is 2 functions.

getTotalSpace() --- Returns the size of the partition named by this abstract pathname.
getUsableSpace() --- Returns the number of bytes available to this virtual machine on the partition named by this abstract pathname.


If your application is limited to use versions before 6.0. Then you can only keep using external commands.
Runtime.getRuntime().exec(commands);
e.g.
Linux/Unix: df
Windows: fsutil volume diskfree c:

Alternative solutions for system independent solutions is to setup a snmp on the server you want to check and use java snmp client to query the result. That will be quite complex.

Useful links:
snmp4j
netsnmp
add comment ( 125 views )   |  permalink   |   ( 3 / 3840 )
Happy New Year 2008 
Tuesday, January 1, 2008, 06:15 PM - General
Posted by Freddy Chu
Happy New Year to All :D


1 comment ( 203 views )   |  permalink   |   ( 3 / 3946 )
compile error of subversion 
Thursday, December 20, 2007, 06:27 PM - System
Posted by Freddy Chu
This problem usually exist in solaris 5.7

libtool[4766]: : is not an identifier
make: *** [subversion/svn/svn] Segmentation Fault. (core dumped)


Many people suggested to compile it as static link, then the problem will be solved. I have tried but without success. So that i start debug the compile code, lastly i found the problem is caused by ksh.

Solution:

1. do configure as usual
2. replace all ksh to bash or sh in Makefiles and libtool
3. make


P.S. becareful of compile neon, db4, openssl, expat, apr, apr-util for solaris. It seems that gcc < 3.0 have some bugs in solaris system, you better compile them with shared flags
8 comments ( 129 views )   |  permalink   |   ( 3 / 3658 )
Compiler error in Solaris 
Monday, December 10, 2007, 10:36 PM - System
Posted by Freddy Chu
These days I have facing an error during compile DB4 in solaris 5.7.

when I am doing configure It shows
configure: error: C compiler cannot create executables


Here is the error in config.log.
configure:3855: found /usr/ucb/cc
configure:3866: result: cc
configure:3902: checking for C compiler version
configure:3909: cc --version >&5
/usr/ucb/cc: language optional software package not installed
configure:3912: $? = 1
configure:3919: cc -v >&5
/usr/ucb/cc: language optional software package not installed
configure:3922: $? = 1
configure:3929: cc -V >&5
/usr/ucb/cc: language optional software package not installed
configure:3932: $? = 1
configure:3955: checking for C compiler default output file name
configure:3982: cc -O -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS conftest.c >&5
/usr/ucb/cc: language optional software package not installed


I have googled for sometime but seems no any solutions. >"<

But suddently I think about tricky way. Changed the compiler

so that i export CC=gcc

It works lucky.

Do anybody know another way?
10 comments ( 126 views )   |  permalink   |   ( 3 / 2690 )
syslog-ng concurrent connections exceeded 
Monday, November 19, 2007, 10:59 AM - System
Posted by Freddy Chu
These days I get a very funny warning in the syslog.

syslog-ng[4484]: Number of allowed concurrent connections exceeded; num='10', max='10'


I have googled it for a while, it seems is the default values of syslog-ng limited the concurrent connections of any stream device to 10.

It can simply sloved by increase the limit.

in syslog-ng.conf

unix-stream("/dev/log" max-connections(20));


7 comments ( 77 views )   |  permalink   |   ( 3 / 2510 )
Simple MySQL Replication HOWTO 
Thursday, November 1, 2007, 06:10 PM - System
Posted by Freddy Chu

Requirements:



* Slave server should be newer version than the master server. It is adviced that both servers are in same version
* Network port 3306 of both server should be avaliable
* log-bin is enabled


Procedure



1. edit my.cnf to add log-bin and server-id, server-id should be unique and from 1 to 2^32 - 1.
[mysqld]
server-id = 1
log-bin


2. restart the mysql server both server if you have do many modification in step 1

3. create replicate user, if you are using MySQL before 4.0.2 replace "REPLICATION SLAVE" by "FILE"
GRANT REPLICATION SLAVE ON *.* TO 'Username'@'Host' IDENTIFIED BY 'password';


4. lock all tables on master server

mysql> FLUSH TABLES WITH READ LOCK;


5. Copy all mysql files to the slave server

6. At master server run show master status, remember the file and position info

mysql> SHOW MASTER STATUS;
+--------------+----------+--------------+------------------+
| File | Position | Binlog_do_db | Binlog_ignore_db |
+--------------+----------+--------------+------------------+
| log-bin.002 | 189 | | |
+--------------+----------+--------------+------------------+


7. At slave server run change master to use the account create in step 3 and info in step 6
CHANGE MASTER TO
MASTER_HOST='master_server_ip',
MASTER_USER='slave_user_name',
MASTER_PASSWORD='slave_password',
MASTER_LOG_FILE='file_in_step_7',MASTER_LOG_POS=position_in_step_7;


8. run Slave start

9. unlock tables on master server

mysql>UNLOCK TABLES;



Now you will have a replicate MySQL server, just test to modify any records. :D
9 comments ( 91 views )   |  permalink   |   ( 3 / 2425 )

<Back | 1 | 2 | Next> Last>>