Placing /vz partition to external storage (NAS, NFS)

Sometimes it is need to place /vz partition on external storage. How to perform this procedure on Parallels Virtuozzo Containers system?

Here are exact steps:

1. Make sure that external storage is available as device in /dev/ directory (via e.g. NFS or ISCSI layer)

2. Mount this storage under e.g. mount point /vzs using required options and filesystem type:
# mount /dev/ext_storage_dev_name /vzs

3. Stop Virtuozzo:
# service vz stop

4. Copy all content from /vz to /vzs:
# cp -a /vz/* /vzs/

5. Unmount old /vz directory and /vzs directory:
# umount /vz
# umount /vzs

6. Edit in the file /etc/fstab line for /vz entry to mount external storage under /vz mount point.

7. mount /vz again:
# mount /vz

8. Start Virtuozzo:
# service vz start

cPanel :: Berkeley DB error: PANIC: fatal region error detected; run recovery

Exim logs /var/log/exim_mainlog shows Berkeley DB error.

Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery

Exim stores certain databases using BerkeleyDB (e.g. aliases file). These are due to corrupted Berkeley DB.

In cPanel server you can remove / move the DB and restart exim to fix.

mv /var/spool/exim/db /var/spool/exim/db.bak

/scripts/restartsrv_exim

Now confirm the errors are gone.

tail -f /var/log/exim_mainlog

Plesk Migration Manager is unable to connect to Plesk Agent installed on a remote server.

Source server has Plesk Migration agent installed. Plesk Migration Manager is installed on Plesk server. Plesk keeps displaying

Unable to upload scout: Unable to run migrmng: Unable to connect to remote host xxx.xxx.xxx.xxx. Please check if the remote server is available for connection and if the correct login and password are specified.

To successfully utilize Plesk Migration Manager it’s important to have the network setting configured correctly:

1. The following ports need to be open for PMM (add the required exceptions for firewall):

For PMM:tcp 6489 (by default or other custom)

For data transferring on Windows source servers:tcp 135tcp 139tcp 445udp 137udp 138

For data transferring on Linux source server:tcp: 22

2. Server’s network settings. “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” must be present.

Start, Settings, Network Connections, Local Area Connection click Properties button. “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” should be present. If they are not, they need to be installed.

You can test connection to server with PMM Agent using

Start, Run, type \\хxх.хxх.хxх.ххх\c$ and hit Enter

where xхх.xхх.хxх.ххх is the IP address of the source server.

And if “Network sharing” ports are opened you can access windows administrator’s share folders.

Plesk 9.3 Latest update of openssl breaks Parallels Panel :: Starting Plesk… failed

Latest update of the openssl package from CentOS breaks Parallels Panel 9.x. The following errors are displayed in the /var/log/sw-cp-server/error_log file when Panel is trying to start:

# tail /var/log/sw-cp-server/error_log
2010-04-07 01:56:38: (log.c.75) server started
2010-04-07 01:56:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 01:57:59: (log.c.75) server started
2010-04-07 01:57:59: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 01:57:59: (log.c.75) server started
2010-04-07 01:57:59: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 02:13:38: (log.c.75) server started
2010-04-07 02:13:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 02:13:38: (log.c.75) server started
2010-04-07 02:13:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)

# service psa start
Starting xinetd service... done
Starting named service... done
Starting mysqld service... done
Starting postgresql service... not installed
Starting psa-spamassassin service... done
Plesk: Starting Mail Server... already started
Starting mail handlers tmpfs storage
Starting Plesk... failed
Starting drwebd service... not installed
#

To fix this you need to update Parallels Panel web-engine:

1. Download the appropriate package using the wget utility. Example for CentOS 5 x86:
#wget -c http://kb.parallels.com/Attachments/12669/Attachments/sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

2. Install the downloaded package. Example for CentOS 5 x86:
#rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

# rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm
Preparing... ########################################### [100%]
Stoppping SWsoft control panels server... stale pidfile. [ OK ]
1:sw-cp-server ########################################### [100%]
Starting SWsoft control panels server...[ OK ]

-bash-3.2# service psa start
Starting xinetd service... done
Starting named service... done
Starting mysqld service... done
Starting postgresql service... not installed
Starting psa-spamassassin service... done
Plesk: Starting Mail Server... already started
Starting mail handlers tmpfs storage
Starting Plesk... done
Starting drwebd service... not installed
-bash-3.2#

How do I install APF firewall into the VE?

The installation of APF requires some additional steps to be taken on the hardware node.

1. First of all, you should define which iptables modules are available for VEs.

Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"

Edit /etc/sysconfig/vz file on a Virtuozzo hardware node:
IPTABLES="ipt_REJECT
ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"

Please note – iptables modules list in IPTABLES and IPTABLES_MODULES parameters in /etc/sysconfig/vz and /etc/sysconfig/iptables-config files should be placed in one single line, no linebreaks is allowed in this parameter.

Restart Virtuozzo. All VEs will be restarted.
# service vz restart

2. Increase ‘numiptent’ parameter for the VE you need to install APF into. This parameter limits the amount of iptables rules available for a VE. Default APF configuration requires ~400 rules. Lets set it to 400 in the example below for VE #101:
# vzctl set 101 --numiptent 400 --save

3. Install APF inside the VE. Edit /etc/apf/conf.apf inside VE, set the following parameters:
IFACE_IN="venet0"
IFACE_OUT="venet0"
SET_MONOKERN="1"

4. Start APF inside the VE:
# /etc/init.d/apf start

Virtuozzo : How do I get amount of network traffic consumed by a Container?

f you have Service Container running on a hardware node then you may use the utility ‘vza_ve_stat’ to obtain amount of network traffic consumed by any container on a node.

Usage:
vza_ve_stat user@host ctid start_time [end_time]

where:
user – vzagent0
host – IP address of Service Container on a hardware node
ctid – ID of container in question
start_time and end_time define period you want to get traffic for.

Please note that start_time and end_time should be entered in the following format: 2000-01-01T12:00:00+0400

You may need to install the package ‘perl-XML-Parser’ (e.g. using ‘yum install perl-XML-Parser’ command on a server) if you get the error “Can’t locate XML/Parser.pm in @INC”.

For example, to obtain traffic of the container #101 for the period from 01 Jan 2010 up to the current moment the command would be:
# vza_ve_stat [email protected] 101 2010-01-01T00:00:00+0000
[email protected]'s password:
bytes in = 69447065 packets in = 385929 bytes out = 755800760 packets out = 649168

You may also get information about network traffic using PMC (Parallels Management Console):
1. double click on the needed container
2. in the opened window go to Monitor > Traffic Summary
3. Choose needed period of time and click ‘Download’

The same can be done in PIM (Parallels Infrastructure Manager):
1. Open PIM
2. Go to Infrastructure manager > Virtual Private Servers > choose needed container > Network > Traffic Usage

Zone file and corresponding record in named.conf are missed for particular domain

Symptoms
Bind DNS server is used.
There is no entry in named.conf for some domain, there also no zone file for it in %plesk_bin%dns\var folder. If records are created manually they will be removed the next time Plesk updates named.conf.
Cause
There is wrong status in dns_zone table for this domain (it is configured to 2). If DNS for some domain is managed in Plesk Control Panel, the status for this domain in dns_zone table is temporary setting to value 2 (to lock it for any changes) and sets it to 0 value when the transaction is over. If for some reason the transaction is interrupted during DNS
managing (Plesk restarts for example) the status field value is not changed to 0 and stays as 2. Domains with that status value are not recorded in named.conf file during any DNS management.
Resolution
Notes: You are recommended to backup Plesk database before applying described solution.
To run SQL queries you can use dbclient.exe tool.

Check dns_zone records for problem domain (domain.com for example):

Example for MysQL (Jet)

select * from dns_zone where name like 'domain.com';

If there is only one selected record, please change status field from 2 to 0.

Notice, that in case that there are several records, Plesk uses the first of them in numeral order. So it is necessary to check that this id does not belong to another domain and delete it in case it is orphaned:

delete from dns_zone where id=[wrong_record_id]

Otherwise set correct values to all fields.

Please apply following query to DNS zone record which belongs to problem domain:

update dns_zone set status=0 where id=[where id is numerical value
obtained from query 1]

When it’s done update DNS records using dnsmng.exe utility:

cd %plesk_bin%
dnsmng.exe update *

Domain cannot be open in Parallels Plesk Panel: SysUser: unable to select: no such row in the table

The following error is shown when try to open domain in Parallels Plesk Panel 8.x through Domains -> domain.tld:

Unable to create SysUser object: SysUser: unable to select: no such row in the table

0: /usr/local/psa/admin/plib/class.DomainControlForm.php:168
DomainControlForm->assign(object of type BsDomain)
1: /usr/local/psa/admin/htdocs/domains/dom_ctrl.php3:149

In Parallels Plesk Panel 9.x through Domains -> domain.tld:

Unable to create PHostingManager object:An error occured during SysUser class creation: SysUser: unable to select: no such row in the table

0: common_func.php3:108
psaerror(string ‘Unable to create PHostingManager object:An error occured during SysUser class creation: SysUser: unable to select: no such row in the table’)
1: client.domain.hosting.anonymous-ftp.php:19
plesk__client__domain__hosting__anonymous_ftp->validateHosting(object of type BsDomain)
2: client.domain.hosting.anonymous-ftp.php:47
plesk__client__domain__hosting__anonymous_ftp->validateItem(object of type UserAdmin)
3: UIPointer.php:1123
UIPointer->validate()

Cause
Physical hosting is configured on the domain, however appropriate system user is missing:

mysql> select * from (select A.id, A.name as domain, A.htype as 'hosting type', sys_users.login as 'system user' from (select id, concat('/var/www/vhosts/', name) as home, htype, name from domains) A left join sys_users on (A.home=sys_users.home)) B where `hosting type` = 'vrt_hst' and `system user` is NULL;
+-----+------------+--------------+-------------+
| id | domain | hosting type | system user |
+-----+------------+--------------+-------------+
| 15 | domain.tld | vrt_hst | NULL |
+-----+------------+--------------+-------------+
1 row in set (0.00 sec)

mysql>

Where domain.tld is your domain that experiences the problem. /var/www/vhosts is PRODUCT_ROOT_D, it may be /var/www/vhosts, /usr/local/www/vhosts or /srv/www/vhosts on your server.
Resolution
The following instructions are recommended for problem resolving.

1. Backup old database of Parallels Plesk Panel before any reconfiguration.

~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` psa > psa.dump.`date +%F.%s`.sql

2. Further instructions depends on either domain system user exist.
2.1 System user exists:

~# grep domain.tld /etc/passwd
domain_ftp_user:x:10001:2524::/var/www/vhosts/domain.tld:/bin/false
~#

Where /var/www/vhosts is PRODUCT_ROOT_D. domain_ftp_user is old domain’s system user.

3.1 To resolve the problem it is recommended to insert the missing record into database of Parallels Plesk Panel manually.

3.1.1 Get ID of domain’s system user:

mysql> select sys_user_id from hosting where dom_id=15;
+-------------+
| sys_user_id |
+-------------+
| 4 |
+-------------+
1 row in set (0.00 sec)

mysql>

Where 15 is domain’s ID, for details see query in part CAUSE.

3.1.2 Insert account record:

mysql> insert into accounts(type,password) values ('plain','');
Query OK, 1 row affected (0.09 sec)

mysql>

Where is new password for new system user for the domain. This is password for domain’s FTP user also.

3.1.3 Find ID of created record:

mysql> select * from accounts order by id desc limit 1;
+-----+-------+------------------+
| id | type | password |
+-----+-------+------------------+
| 186 | plain | |
+-----+-------+------------------+
1 row in set (0.00 sec)

mysql>

3.1.4 Insert record into table sys_users:
mysql> insert into sys_users values (4,'sb4',186,'/var/www/vhosts/domain.tld','/bin/false',0);
Query OK, 1 row affected (0.08 sec)

mysql>

Where is login of new system user for domain domain.tld, it is also domain’s FTP user. And 4 is domain’s sys_user_id, 186 is ID of new password.

2.2 System user does not exist.

~# grep domain.tld /etc/passwd
~#

3.2 It is recommended to re-enable physical hosting for the domain anew. However note that whole virtual hosting directory is overwritten and domain content is lost.

3.2.1 Disable hosting for domain:

mysql> update domains set htype='none' where name='domain.tld';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0

mysql> delete from hosting where dom_id=15;
Query OK, 1 row affected (0.00 sec)

mysql>

Where 15 is domain’s ID, for details see query in part CAUSE.

3.3.3 Login to Parallels Plesk Panel and configure physical hosting for the domain anew through Domains -> domain.tld -> Setup. Choose Physical hosting, insert new user login and password. Click OK to finish configuration.
Additional information
Use the following command to connect to database of Parallels Plesk Panel:

~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

Uninstall APF

Sometimes we may require to remove APF from the server. Here is a guide which shows how to remove APF completely from the server.

Stop the firewall first
service apf stop
/bin/rm -rfv /etc/apf
Remove the cron for APF
/bin/rm -fv /etc/cron.daily/fw
/bin/rm -fv /etc/init.d/apf
lastly disable at startup
chkconfig apf off

This should remove APF completely from the server as we removed the APF daemon, cron and files.

PVA troubleshooting.

Linux/Unix, Management Node:
PVA status: # pvamn status
PVA restart: # pvamn restart
PVA (Control Center) status: # pvacc status
PVA (Control Center) restart: # pvacc restart
Special config file: /opt/pva/mn/bin/pva.conf
[log_folder] – Location of log files, default: /var/log/pva
[etc_folder] – Location of config files, default: /var/opt/pva/mn/etc
To change log level, find vzagent.conf location in pva.conf and change , then restart pvamn
3 – INFO level
4 – DEBUG level
Installation logs: /var/log/pva/setup/
To collect PVA Report run: # /opt/pva/mn/bin/pvareport.sh
Linux/Unix, Slave node:
PVA status: # pvaagent status
PVA restart: # pvaagent restart
PVA (Power Panel) status: # pvapp status
PVA (Power Panel) restart: # pvapp restart
Special config file: /opt/pva/agent/bin/pva.conf
[log_folder] – Location of log files, default: /var/log/pva
[etc_folder] – Location of config files, default: /vz/pva/agent/etc
To change log level, find vzagent.conf location in pva.conf and change , then restart pvaagent
3 – INFO level
4 – DEBUG level
Installation logs: /var/log/pva/setup/
To collect PVA Report run: # /opt/pva/agent/bin/pvareport.sh