19 June 2012

munin: xen-multi Could not obtain handle on privileged command interface (13 = Permission denied)

I'm using munin to monitor my XEN instances. On one of the new installed nodes, I got the following munin error:

[367] Error output from xen-multi:
[367] ERROR Internal error: Could not obtain handle on privileged command interface (13 = Permission denied)
[367] xc_interface_open: Permission denied
[367] Failed to initialize xenstat library

Follow the following steps to fix:
1. check if you have xen-utils installed
# dpkg -l | grep xen-utils

2. install and configure sudoers
# apt-get install sudo
# vi /etc/sudoers
# vi> add this line: munin ALL=(ALL) NOPASSWD: /usr/sbin/xentop
# vi /usr/share/munin/plugins/xen-multi
# vi> change this line

open (XENTOP,"xentop -b -f -i1 |") or die "Could not execute xentop, $!";

with

open (XENTOP,"sudo xentop -b -f -i1 |") or die "Could not execute xentop, $!";

UPDATE: It seems that the only things missing were these lines:
[xen_multi]
user root
from /etc/munin/plugin-conf.d/munin-node.

12 June 2012

Multiple instances of memcached on the same server...

So I need multiple instances of memcached on the same server. The reason is not important. I used the following startup scripts (debian):

/etc/init.d/memcached
/usr/share/memcached/scripts/start-memcached

The config file should look like the standard one, just change the port in it and rename it. I used something like this.

To start/stop it, add the port or last part of the config file to the init command like this:
# /etc/init.d/memcached start 11211
# /etc/init.d/memcached stop 11211

11 June 2012

phpMyAdmin and nginx - The plain HTTP request was sent to HTTPS port

I've been trying for some hours now to force the phpMyAdmin location (in nginx) to https only. I managed to do it, but I need a reminder for the future so here it is.

1. Internal phpMyAdmin redirect
After you login, phpMyAdmin will redirect you to

$detected_scheme://$detected_url:$detected_port_if_it's_not_80/full_path/index.php

$detected_scheme - by default is http. It can be set to https (what i want) with the following 2 lines:
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;

$detected_url - www.your-domain.com or IP address
$detected_port_if_it's_not_80 - over https that's 443, but if $detected_scheme is not set, it will try to add port 443 at the end of $detected_url, which will generate the error "The plain HTTP request was sent to HTTPS port".

2. nginx redirect from http to https
A simple redirect will do it, i used this one:
location ^~ /wwpma/ {
rewrite ^ https://my_website/wwpma/ last;
}
The thing is, if you have set as a location for *.PHP scripts something like: "location ~\.php$" then this will catch the above as well, so the rewrite rule should be added here too. Simple example:
rewrite ^/wwpma/(.*)$ https://www.west-wing.ch/wwpma/$1 last;
As mentioned on the nginx wiki, the "location" directive supports couple of features:

location = / {
# matches the query / only.
}
location / {
# matches any query, since all queries begin with /, but regular
# expressions and any longer conventional blocks will be
# matched first.
}
location ^~ /images/ {
# matches any query beginning with /images/ and halts searching,
# so regular expressions will not be checked.
}
location ~* \.(gif|jpg|jpeg)$ {
# matches any request ending in gif, jpg, or jpeg. However, all
# requests to the /images/ directory will be handled by
# Configuration C.
}