Monthly Archives: October 2013

cobbler

Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between lots of various commands and applications when rolling out new systems, and, in some cases, changing existing ones.

With a simple series of commands, network installs can be configured for PXE, reinstallations, media-based net-installs, and virtualized installs (supporting Xen, qemu, KVM, and some variants of VMware). Cobbler uses a helper program called ‘koan’ (which interacts with Cobbler) for reinstallation and virtualization support.

Cobbler is a small and lightweight application (about 15k lines of Python code). It tries to be extremely simple to use both for very small and very large installations — as well as easy to work on, extend, and hack. It avoids being “enterprisey” (as in complicated) whenever possible, but is highly useful in all sorts of enterprises by having a lot of advanced features and doing small things to save a large amount of time in repeated tasks.

Cobbler can also optionally help with managing DHCP, DNS, and yum package mirroring infrastructure — in this regard, it is a more generalized automation app, rather than just dealing specifically with installations. There is also a lightweight built-in configuration management system, as well as support for integrating with configuration management systems like Puppet. Cobbler has a command line interface, a web interface (​screenshot), and also several API access options. That sounds like a lot, but it’s really pretty simple. New users may like to start with the web app after doing the initial setup steps on the command line (cobbler check; cobbler import) as it will give them a good idea of all of the features available. Advanced features don’t have to be understood all at once, they can be incorporated over time as the need for them arises.

vmstat output

vmstat -S m 1 10
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu-----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
19  0   7782   1010    244   7495    0    0    38    84    0    0 20  7 65  8  0
18  2   7782    999    244   7496    0    0    16  1096 7446 3470 70 12 10  8  0
20  0   7782    995    244   7496    0    0   300   416 9677 5978 57 16 20  8  0

Procs
r: The number of processes waiting for run time.
b: The number of processes in uninterruptible sleep.

Memory
swpd: the amount of virtual memory used.
free: the amount of idle memory.
buff: the amount of memory used as buffers.
cache: the amount of memory used as cache.
inact: the amount of inactive memory. (-a option)
active: the amount of active memory. (-a option)

Swap
si: Amount of memory swapped in from disk (/s).
so: Amount of memory swapped to disk (/s).

IO
bi: Blocks received from a block device (blocks/s).
bo: Blocks sent to a block device (blocks/s).

System
in: The number of interrupts per second, including the clock.
cs: The number of context switches per second.

CPU
These are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time)
sy: Time spent running kernel code. (system time)
id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.

foremost recover linux files

foremost is a forensics application to recover files based on their headers, footers, and internal data structures. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. This short article shows how you can use foremost to recover deleted files.

foremost -t jpeg -i /dev/vda3

 

Scalpel Tool

Scalpel is an open source file system recovery for Linux and Mac operation systems. The tool visits the block database storage and identifies the deleted files from it and recover them instantly. Apart from file recovery it is also useful for digital forensics investigation