16hot 的博客

http://www.clearchain.com/blog/posts/using-serial-devices-in-freebsd-how-to-set-a-terminal-baud-rate

Recently I was working on a php command line program that required access to a serial port.

Initially developed under Linux the program was then shifted to it’s permanent location on a FreeBSD server. This is where we first started having problems. Initially we discovered the server didn’t have a native serial port. We fixed this using a USB to serial converter/dongle (FTDI Chipset). This was fine as FreeBSD has the ufdti kernel module. Upon loading the module new devices appears in /dev

crw-rw----  1 uucp  dialer    0, 157 Oct  6 08:39 /dev/cuaU0
crw-rw----  1 uucp  dialer    0, 158 Oct  6 08:39 /dev/cuaU0.init
crw-rw----  1 uucp  dialer    0, 159 Oct  6 08:39 /dev/cuaU0.lock
crw-rw-rw-  1 root  wheel     0, 154 Jan  8 10:50 /dev/ttyU0
crw-------  1 root  wheel     0, 155 Oct  6 08:39 /dev/ttyU0.init
crw-------  1 root  wheel     0, 156 Oct  6 08:39 /dev/ttyU0.lock

We attempted to connect to our device using screen (screen /dev/ttyU0 115200) and everything worked as expected. We could send AT commands to the device all ok.
We then stopped screen and ran our php program. It ended up hanging on a fgets call to the serial port. This is really strange we though.
Next we queried the port to find out what baud rate it was set at:

>stty -f /dev/ttyu0
speed 9600 baud;
lflags: echoe echoke echoctl
oflags: tab0
cflags: cs8 -parenb

Strange we thought as we’d just connected with screen at 115200. Under linux we use screen to set the baud rate, all other programs accessing the port use the port at 115200. So what had set it back to 9600 baud?
We tried to use stty to set the speed:

>stty -f /dev/ttyU0 speed 115200

>stty -f /dev/ttyu0
speed 9600 baud;
lflags: echoe echoke echoctl
oflags: tab0
cflags: cs8 -parenb

What on earth was happening? We set the speed to 115200 but directly quering the port again indicated it was still at 9600 baud? At this point we were perplexed.
Eventually we found the solution. The newer FreeBSD terminal drivers provide the *.init devices, in this case /dev/ttyU0.init . These devices indicate the terminal settings to be applied to the terminal when the device is closed. Whilst Linux leaves the device in the same state the last program put the port into, FreeBSD restores the terminals state to what ever is specified in the init file. So a quick command:

> stty -f /dev/ttyU0.init -icanon -isig -echo echoe echok echoke echoctl -icrnl -ixany -imaxbel ignpar -opost -onlcr -oxtabs cs8 -parenb -hupcl clocal

And then to check:

> stty -f /dev/ttyU0
speed 115200 baud;
lflags: -icanon -isig -echo echoe echok echoke echoctl
iflags: -icrnl -ixany -imaxbel ignpar
oflags: -opost -onlcr -oxtabs
cflags: cs8 -parenb -hupcl clocal

Excellent. The terminal was now configured exactly how we wanted. We ran the program and it worked like a charm!

值得关注的高可用存储方案： http://wiki.freebsd.org/HAST

在服务器b上修改大致相同，只是carp网卡的有一点变动
ee /etc/rc.conf       #配置rc.conf文件，分别建立carp虚拟网卡。增加如下内容
cloned_interfaces=”carp0 carp1″
ifconfig_carp0=”vhid 1 advbase 5 advskew 100 pass passwd 192.168.1.100/24″
ifconfig_carp1=”vhid 2 advbase 5 pass passwd 192.168.1.100/24″

ee /etc/sysctl.conf     #修改sysctl文件启用carp的arpbalance和carp抢占功能。增加如下内容
net.inet.carp.preempt=1
net.inet.carp.arpbalance=1

重启两台服务器即 可生效。
如果不想重启服务器，立即生效则进行下列命令
服务器a
ifconfig carp0 create
ifconfig carp0 vhid 1 advbase 5 pass passwd 192.168.0.100/24
ifconfig carp1 create
ifconfig carp1 vhid 2 advbase 5 advskew 100 passwd 192.168.0.100/24
sysctl net.inet.carp.preempt=1
sysctl net.inet.carp.arpbalance=1

服务器b

ifconfig carp0 create
ifconfig carp0 vhid 1 advbase 5 advskew 100 pass passwd 192.168.0.100/24
ifconfig carp1 create
ifconfig carp1 vhid 2 advbase 5 passwd 192.168.0.100/24
sysctl net.inet.carp.preempt=1
sysctl net.inet.carp.arpbalance=1

ok,现在可以看到效果了。如果两台服务器正常，则客户请求分 别由两台服务器均衡的提供服务。当断掉其中一台服务器，则另一台服务器，可立即接管所有服务。当这台服务器恢复服务，则又会自动启用负载均衡。

参考了网友在5.x、6.3下双网卡绑定的文档，于是自己在7.0下做了次实验，结果成功通过。

自己做了些修改，留个笔记。

1. 编译和加载netgraph.ko、ng_fecko、ng_socket.ko模块

a. 编译
#cd /usr/src/sys/modules/netgraph/
#cd netgraph/ && make && make install clean
#cd ../fec && make && make install clean
#cd ../socket && make && make install clean

b. 加载
#cat << EOF >> /boot/loader.conf
ng_ether_load=”YES”
ng_fec_load=”YES”
ng_socket_load=”YES”
EOF

c. 修改rc.conf
#sed -i.bak -e ‘s/^\(defaultrouter\)/#\1/’ -e ‘s/^\(ifconfig_\)/#\1/’ /etc/rc.conf

2. 编辑启动脚本
# cat << EOF > /etc/bonding
#!/bin/sh
MYIP=xxx.xxx.xxx.xxx
GW=xxx.xxx.xxx.xxx
NIC1=bge0
NIC2=bge1

/usr/sbin/ngctl mkpeer fec dummy fec
/usr/sbin/ngctl msg fec0: add_iface ‘”‘\${NIC1}’”‘
/usr/sbin/ngctl msg fec0: add_iface ‘”‘\${NIC2}’”‘
/usr/sbin/ngctl msg fec0: set_mode_inet
/sbin/ifconfig fec0 promisc
/sbin/ifconfig \${NIC1} promisc
/sbin/ifconfig \${NIC2} promisc
/sbin/ifconfig fec0 inet \${MYIP} netmask 0xfffffe00
/sbin/ifconfig fec0 up
/sbin/route add default \${GW}
EOF

# chmod 400 /etc/bonding
# echo “sh /etc/bonding” >> /etc/rc.local

3. 重启系统
# reboot

# ifconfig
bge0: flags=28943 metric 0 mtu 1500
options=9b
ether 00:13:21:c8:54:6b
media: Ethernet autoselect (1000baseTX )
status: active
bge1: flags=28943 metric 0 mtu 1500
options=9b
ether 00:13:21:c8:54:6b
media: Ethernet autoselect (1000baseTX )
status: active
lo0: flags=8049 metric 0 mtu 16384
inet 127.0.0.1 netmask 0xff000000
fec0: flags=28943 metric 0 mtu 1500
ether 00:13:21:c8:54:6b
inet xxx.xxx.xxx.xxx netmask 0xfffffe00 broadcast xxx.xxx.xxx.xxx
media: Ethernet none
status: active

原文： http://www.cublog.cn/u/17709/showart_573233.html

The following is used on FreeBSD to combine two physical interfaces (fxp1, fxp2) into a single virtual interface (ngeth0). This method allows one to take the feeds from a traditional two-output tap and present a single virtual interface to NSM applications.

#!/bin/sh
kldload ng_ether
ifconfig fxp1 promisc -arp up
ifconfig fxp2 promisc -arp up

ngctl mkpeer . eiface hook ether
ngctl mkpeer ngeth0: one2many lower one
ngctl connect fxp1: ngeth0:lower lower many0
ngctl connect fxp2: ngeth0:lower lower many1

ifconfig ngeth0 -arp up

Remember to replace fxp1 and fxp2 with the interfaces on your FreeBSD system (e.g., em0, em1, etc.).

References

ngctl(8)
I believe I first heard of this technique here.

1、简述

最近因项目需要，找了相关的开源同步解决方案。由于采用FreeBSD系统，有些Linux专用的程序，是不能使用的了。即使可以使用，配置起来太 麻烦，需要Linux虚拟环境。这样代价太高。rsync，mrsync，等都看了遍，最终选择了csync2。

官方网站： http://oss.linbit.com/csync2/

使用手册： http://oss.linbit.com/csync2/paper.pdf

官方发布的正式版是1.34，需要sqlite2的支持。如果想用sqlite3，就需要从他们svn更新最新源码回来。SVN里的版本已经支持 sqlite3了。

使用SVN获取最新源码：

$ svn co  http://svn.linbit.com/csync2/trunk csync2-trunk

由于SVN的源码文件里，没有configure文件，需要自己手工生成。源码目录里有个autogen.sh文件，需要修改下，才能执行。

$ cd csync2-trunk
$ vi autogen.sh

将

aclocal-1.7
autoheader
automake-1.7 –add-missing –copy
autoconf

改为

aclocal-1.9
autoheader
automake-1.9 –add-missing –copy
autoconf

具体版本号，视里面已经安装的aclocal和automake版本来设置。

然后执行：

$ autogen.sh

执行过程中，会提示一些信息，基本不用管它。这时候生成configure文件了。不过如果现在就执行./configure，还会报4437行错误。将那行注释掉就好了。

#AM_PATH_LIBGNUTLS(1.0.0,0 ,  AC_MSG_ERROR([[gnutls not found; install gnutls, gnutls-openssl and libtasn1 packages for your system or run configure with --disable-gnutls]]) )

2、安装

在安装之前先安装相关的依赖包。下面时我用ports安装csync2-1.34时自动安装上的依赖包：

$pkg_info -r csync2-1.34_8
Information for csync2-1.34_8:

Depends on:
Dependency: pkg-config-0.23_1
Dependency: libtasn1-2.6
Dependency: sqlite-2.8.17_1
Dependency: libiconv-1.13.1_1
Dependency: gettext-0.18_1
Dependency: popt-1.14_1
Dependency: librsync-0.9.7_2
Dependency: libgpg-error-1.7_1
Dependency: libgcrypt-1.4.5
Dependency: gnutls-2.8.6_1

由于SVN版本使用的是sqlite3，所以还需要安装sqlite3-3.6.23.1_1。这些软件包，在/usr/ports 中安装就可以了。

# setenv LOCALBASE /usr/local/
# env CPPFLAGS=”-I${LOCALBASE}/include” LDFLAGS=”-L${LOCALBASE}/lib” LIBGNUTLS_CONFIG=”${LOCALBASE}/bin/pkg-config gnutls” ./configure
# make
# make install

没有什么意外的话，就OK了。如果提示缺什么软件包，到ports里安装。

3、配置

下面是源码包里带的配置文件范例：

% cat csync2.cfg
# Csync2 Example Configuration File
# ———————————
#
# Please read the documentation:
# http://oss.linbit.com/csync2/paper.pdf

# group mygroup
# {
#     host host1 host2 (host3);
#     host host4@host4-eth2;
#
#     key /etc/csync2.key_mygroup;
#
#     #
#     # WARNING:
#     # You CANNOT use paths containing a symlink
#     # component in include/exclude options!
#     #
#     # Here is a real-life example:
#     # Suppose you have some 64bit Linux systems
#     # and /usr/lib/ocf is what you want to keep
#    # in sync. On 64bit Linux systems, /usr/lib
#     # is usually a symlink to /usr/lib64.
#     # This does not work:
#     #   include /usr/lib/ocf;
#     # But this does work:
#     #   include /usr/lib64/ocf;
#     #
#
#     include /etc/apache;
#     include %homedir%/bob;
#     exclude %homedir%/bob/temp;
#     exclude *~ .*;
#
#     action
#     {
#         pattern /etc/apache/httpd.conf;
#         pattern /etc/apache/sites-available/*;
#         exec “/usr/sbin/apache2ctl graceful”;
#         logfile “/var/log/csync2_action.log”;
#         do-local;
#        # you can use do-local-only if the execution
#        # should be done locally only
#        # do-local-only;
#     }
#
#     # The backup-directory needs to be created first!
#     backup-directory /var/backups/csync2;
#     backup-generations 3;
#
#     auto none;
# }
#
# prefix homedir
# {
#     on host[12]: /export/users;
#     on *:        /home;
# }

下面是我的配置：

# vi /usr/local/etc/csync2.cfg

# Csync2 Example Configuration File
# ———————————
#
# Please read the documentation:
# http://oss.linbit.com/csync2/paper.pdf

group mygroup
{
host fb1.isyi.com fb50.isyi.com fb51.isyi.com;

key /opt/etc/isyi.key;
include /opt/www/test;

action
{
pattern /opt/www/test/*;
exec “echo ok >> /tmp/csync2.log”;
}
auto younger;
}

配置好后，还需要修改/etc/hosts文件，将主机名和IP设置好。这个配置，三台服务器都需要配置一样。

192.168.56.1  fb1.isyi.com
192.168.56.50 fb50.isyi.com
192.168.56.51 fb51.isyi.com

生成key文件，这个key文件，需要复制到三台服务器，保证一样，否则不能同步：

# cd /opt/etc/
# csync2 -k isyi.key

生成CERT文件，需要在三台服务器分别生成：

setenv etc_path “/usr/local/etc”
openssl genrsa -out ${etc_path}/csync2_ssl_key.pem 1024
openssl req -batch -new -key ${etc_path}/csync2_ssl_key.pem -out ${etc_path}/csync2_ssl_cert.csr
openssl x509 -req -days 2000 -in ${etc_path}/csync2_ssl_cert.csr -signkey ${etc_path}/csync2_ssl_key.pem -out ${etc_path}/csync2_ssl_cert.pem

4、启动服务

分别在三台服务器执行：

# /usr/local/sbin/csync2 -ii -vv&

5、执行同步

在主服务器，需要向其他服务器同步的服务器执行：

# /usr/local/sbin/csync2 -xvv

6、附录

6.1、csync2的help

% ./csync2

csync2 SNAPSHOT – cluster synchronization tool, 2nd generation
LINBIT Information Technologies GmbH <http://www.linbit.com>
Copyright (C) 2004, 2005  Clifford Wolf <clifford@clifford.at>
This program is free software under the terms of the GNU GPL.

Usage: ./csync2 [-v..] [-C config-name] \
[-D database-dir] [-N hostname] [-p port] ..

With file parameters:
-h [-r] file..      Add (recursive) hints for check to db
-c [-r] file..      Check files and maybe add to dirty db
-u [-d] [-r] file.. Updates files if listed in dirty db
-o [-r] file..      Create list of files in compare-mode
-f [-r] file..      Force this file in sync (resolve conflict)
-m file..       Mark files in database as dirty

Simple mode:
-x [-d] [[-r] file..]   Run checks for all given files and update
remote hosts.

Without file parameters:
-c  Check all hints in db and eventually mark files as dirty
-u [-d] Update (transfer dirty files to peers and mark as clear)

-H  List all pending hints from status db
-L  List all file-entries from status db
-M  List all dirty files from status db

-S myname peername  List file-entries from status db for this
synchronization pair.

-T              Test if everything is in sync with all peers.

-T filename         Test if this file is in sync with all peers.

-T myname peername  Test if this synchronization pair is in sync.

-T myname peer file Test only this file in this sync pair.

-TT As -T, but print the unified diffs.

The modes -H, -L, -M and -S return 2 if the requested db is empty.
The mode -T returns 2 if both hosts are in sync.

-i  Run in inetd server mode.
-ii Run in stand-alone server mode.
-iii    Run in stand-alone server mode (one connect only).

-R  Remove files from database which do not match config entries.

Modifiers:
-r  Recursive operation over subdirectories
-d  Dry-run on all remote update operations

-B  Do not block everything into big SQL transactions. This
slows down csync2 but allows multiple csync2 processes to
access the database at the same time. Use e.g. when slow
lines are used or huge files are transferred.

-A  Open database in asynchronous mode. This will cause data
corruption if the operating system crashes or the computer
loses power.

-I  Init-run. Use with care and read the documentation first!
You usually do not need this option unless you are
initializing groups with really large file lists.

-X  Also add removals to dirty db when doing a -TI run.
-U  Don’t mark all other peers as dirty when doing a -TI run.

-G Group1,Group2,Group3,…
Only use this groups from config-file.

-P peer1,peer1,…
Only update this peers (still mark all as dirty).
Only show files for this peers in -o (compare) mode.

-F  Add new entries to dirty database with force flag set.

-t  Print timestamps to debug output (e.g. for profiling).

-s filename
Print timestamps also to this file.

-W fd   Write a list of directories in which relevant files can be
found to the specified file descriptor (when doing a -c run).
The directory names in this output are zero-terminated.

Creating key file:
./csync2 -k filename

Csync2 will refuse to do anything when a /var/etc/csync2.lock file is found.

由于VBox的磁盘文件有UUID，直接用cp拷贝，是行不通的。使用下面命令可以：

VBoxManage clonehd f202de6c-6425-4b0f-923f-2dda724c818c freebsd3.vdi

安装enca：

# cd /usr/ports/converters/enca
# make install clean

对一个目录下的文件进行转换编码：

# find . -type f | grep -E -v “.svn|.gif|.jpg|.png” | xargs enca -L zh_CN -x UTF-8

With sufficient disk space, its straight forward. I set up a fake root
directory, extract a minimal i386 FreeBSD system into it. The attached
script is used to start a 32bit chroot-ed environment, either to run
a command or start a shell. I have successfully built a large number
of 32-bit ports on a amd64 bit server this way.

Let me know if you have more questions.
Mark

————– next part ————–

#!/bin/sh -e

# start-i386 [cmd ..]
# from http://www.nabble.com/i386-package-building-on-an-amd64-system-t4441068.html

ROOT=/b/jails/i386
REVISION=”6.2″
BRANCH=”stable”
OSVERSION=602112

UNAME_s=”FreeBSD”
UNAME_m=”i386″
UNAME_p=”i386″
UNAME_r=$REVISION-$BRANCH
UNAME_v=”$UNAME_s $UNAME_r #6: Sun Sep 23 11:41:48 PDT 2007 root at osprey.kermodei.com:/usr/src/sys/i386/compile/OSPREY”

export UNAME_s UNAME_r UNAME_v UNAME_m UNAME_p OSVERSION ROOT

if [ -r $ROOT/dev/zero ]
then
echo dev already mounted
else
mount -t devfs dev $ROOT/dev
fi
ln -sf ld-elf.so.1 $ROOT/libexec/ld-elf32.so.1
echo “libpthread.so.2 libthr.so.2
libpthread.so libthr.so” > ${ROOT}/etc/libmap.conf
cp ${ROOT}/etc/libmap.conf ${ROOT}/etc/libmap32.conf
mkdir -p ${ROOT}/usr/local/bin

cp /usr/local/bin/bsdmake ${ROOT}/usr/local/bin
cp /etc/make.conf ${ROOT}/etc/
cp /etc/resolv.conf ${ROOT}/etc/
cp /etc/hosts ${ROOT}/etc/

HOME=/root
export HOME

if [ $# = 0 ] ; then
exec chroot $ROOT /bin/csh
else
echo “$@” | exec chroot $ROOT /bin/sh
fi

http://lists.freebsd.org/pipermail/freebsd-amd64/2007-November/010466.html

Subversion 的 post-commit hook 是個很方便的功能，可以讓你在 commit 程式到 Repository 後，自動去做一些事。其中最有用的就是把 commit log 寄給相關的 developer。

在人人都有 Gmail 且 Gmail 也支援 SMTP 寄信的情況下，透過 Gmail 來寄出 commit log 應該是個好 idea。只不過， 目前的 mailer.py 並不支援 Gmail 的 TLS，所以下面的修改，就是要要將 mailer.py 修改成支援 TLS。

如果你是使用 Debian 或是 Ubuntu，請用 sudo apt-get install subversion-tools 將相關的 Subversion 工具裝到你的系統中。mailer.py 就在 /usr/share/subversion/hook-scripts/mailer 的目錄下。打開 mailer.py 找到 SMTPOutput class 中的 finish() menthod 將他改成（紅色是修改的部分）：

def finish(self):
server = smtplib.SMTP(self.cfg.general.smtp_hostname)
if self.cfg.is_set(‘general.smtp_username’):
server.ehlo()
server.starttls()
server.ehlo()
server.login(self.cfg.general.smtp_username,
self.cfg.general.smtp_password)
server.sendmail(self.from_addr, self.to_addrs, self.buffer.getvalue())
server.close()

然後將，mailer.conf 的 [general] section 修改成下面的設定，並且放在你的 (svn repository)/conf 下：

[general]
smtp_hostname = smtp.gmail.com:587
smtp_username = your_gmail_account@gmail.com
smtp_password = your_gmail_password

這樣就成了。