Penguin, small TECH.BARWICK.DE
Start
 

Recent posts

Categories

Archive

Syndication

 



Powered By

Info

Tuesday, September 24, 2019  11:12 PM

Yum and "Thread died in Berkeley DB library" errors

I started getting intermittent sets of error messages like this:

error: rpmdb: BDB0113 Thread/process 26154/140393252489024 failed: BDB1507 Thread died in Berkeley DB library
error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery
error: cannot open Packages index using db5 -  (-30973)
error: cannot open Packages database in /var/lib/rpm

when deploying changes to a bunch of AWS EC2 instances.

The error messages are misleading as (in this case at least) the RPM database is not corrupted; the underlying issue was this:


[67897.740241] Out of memory: Kill process 28759 (yum) score 330 or sacrifice child
[67905.749492] yum invoked oom-killer: gfp_mask=0x201da, order=0, oom_score_adj=0

i.e. simply a lack of memory (the instances were just too small).


Posted in Linux | add a comment

The Prometheus PostgreSQL storage adapter does not seem amenable to being executed directly from a systemd service file.

As a workaround I created a wrapper script like this (adjust parameters as required):

#!/bin/bash

# Wrapper to launch prometheus-postgresql-adapter, as calling
# it directly from the systemd service file doesn't seem to work.
#
# Disclaimer: there is probably a better way of doing this.

nohup /usr/local/bin/prometheus-postgresql-adapter \
-pg-host=... \
-pg-port=... \
-pg-database="..." \
-pg-user="..." \
>> /var/log/prometheus-postgresql-storage-adapter/prometheus-pg-adapter.log 2>&1

and a service file like this:

[Unit]
Description=Prometheus PostgreSQL Storage Adapter
Documentation=https://github.com/timescale/prometheus-postgresql-adapter
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=prometheus
Group=prometheus
ExecStart=/usr/local/bin/prometheus-postgresql-adapter-wrapper
Restart=on-failure

[Install]
WantedBy=multi-user.target

which works fine (YMMV of course).

There may of course be a more elegant way of solving this issue, if so feel free to share.


Posted in Linux | add a comment

Tuesday, August 27, 2019  10:25 PM

The unicode() function and Python3

Recently I had to work with some Python code which needs to be compatible with both the hopefully-soon-to-be-finally-deprecated Python 2.7 and recent 3.x versions.

String handling can be a tricky issue, particularly if the string in question needs to be cast to a Unicode object. Take the following example:

#!/usr/bin/env python

import ipaddress

addresses = list(ipaddress.ip_network(unicode('192.168.1.0/24')));

for address in addresses:
    print(address)

This does of course fail in Python 3.x with an error like:

Traceback (most recent call last):
  File "./python.py", line 5, in 
    addresses = list(ipaddress.ip_network(unicode('192.168.1.0/24')));
NameError: name 'unicode' is not defined

Remove the unicode() wrapper and it fails in Python 2.x with:

ipaddress.AddressValueError: '192.168.1.0/24' does not appear to be an IPv4 or IPv6 network. Did you pass in a bytes (str in Python 2) instead of a unicode object?

The solution is to use the "six" compatibility layer and add the following directive, which reassigns unicode() to a mutually compatible function:

#!/usr/bin/env python

import ipaddress

from six import u as unicode

addresses = list(ipaddress.ip_network(unicode('192.168.1.0/24')));

for address in addresses:
    print(address)

Note that the "six" compatibility layer may need to be installed separately, in RedHat et al via the packages python2x-six and python3x-six respectively.

Useful links


Posted in Devel | add a comment

Tuesday, January 10, 2017   3:25 AM

TLS key negotiation failed to occur within 60 seconds

Spent a lot of time working out why openvpn wouldn't connect from a Vagrant virtual machine (running Ubuntu 14.04 LTS):

Tue Jan 10 02:51:25 2017 Control Channel Authentication: tls-auth using INLINE static key file
Tue Jan 10 02:51:25 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 10 02:51:25 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 10 02:51:25 2017 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Jan 10 02:51:25 2017 UDPv4 link local: [undef]
Tue Jan 10 02:51:25 2017 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Tue Jan 10 02:51:25 2017 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx::1194, sid=92749f62 ced33a12
Tue Jan 10 02:52:25 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jan 10 02:52:25 2017 TLS Error: TLS handshake failed
Tue Jan 10 02:52:25 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Jan 10 02:52:25 2017 Restart pause, 2 second(s)

Turns out the openvpn version (2.3.2) is outdated; 2.3.4 or later is needed.


Posted in Solutions | add a comment

Monday, May 30, 2016   9:54 PM

Forcing GPG passphrase input in the terminal

One annoyance when entering GPG passphrases in terminal applications on many systems is that a seperate GUI window pops up. To enable passphrase entry in the comfort of your own terminal, set the following line in .gnupg/gpg-agent.conf

pinentry-program /usr/bin/pinentry-curses


Posted in Linux | add a comment

Monday, October 19, 2015  12:17 AM

Improving top output

The OS X "top" command default output is somewhat hard to decipher (and modify interactively) compared to Linux. A simple workaround is to launch it with:

top -o cpu

(or another field) which sorts on cpu activity rather than the PID (default).

htop is also available via MacPorts.


Posted in Mac OS X | add a comment

Sunday, February 22, 2015   5:44 AM

openSUSE 13.2 - Notes


Posted in Linux | add a comment

Monday, November 17, 2014   5:08 AM

Error: "util.c: No such file or directory" - a gnuplot thing

I was setting up a cronjob and it kept failing with the very unhelpful util.c: No such file or directory. After much headscratching it turns out this is a gnuplot error message, meaning it is unable to read from or write to a file (in this case the latter). The file in question is not of course util.c.


Posted in Devel | add a comment

Saturday, September 27, 2014   1:42 AM

Ansible and "powershell: not found" error

I was bemused by the below error when attempting to run an Ansible playbook on a new (Linux) server for the first time:

PLAY [someserver] ***************************************************************** 

GATHERING FACTS *************************************************************** 
failed: [someserver] => {"failed": true, "parsed": false}

SUDO-SUCCESS-fdhntaxupgygzrcocwghbosdkgbgguvy
/bin/sh: 1: powershell: not found

This happened with gather_facts set to true. Setting it to false worked around the issue, however I'm pretty sure powershell hasn't been ported to Debian... Ansible version:

$ ansible-playbook --version
ansible-playbook 1.8 (devel ffee9a8fe0) last updated 2014/09/27 14:24:58 (GMT +900)

The actual cause was the absence of python on the target server; this will need to be manually installed before Ansible can be of much use.


Posted in Devel | add a comment