• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login
    1. Home
    2. Fernando Gietz
    F
    • Profile
    • Following 0
    • Followers 8
    • Topics 67
    • Posts 554
    • Best 52
    • Controversial 0
    • Groups 1

    Fernando Gietz

    @Fernando Gietz

    Developer

    101
    Reputation
    3.7k
    Profile views
    554
    Posts
    8
    Followers
    0
    Following
    Joined Last Online
    Location Bilbao Age 49

    Fernando Gietz Unfollow Follow
    Developer

    Best posts made by Fernando Gietz

    • New Plugin: Host Status plugin (1.5.6 FOG version)

      Hi,
      With the 1.5.6 release version is available one new plugin: Host Status.

      This plugin say you the state of the computer in the host edit page:

      Host_Edit_Page.png

      This plugin detects the OS that is running in the computer:

      • Windows windows_icon.png
      • Linux linux_icon.png
      • FOS (Fog Operative System): a FOG task is running in the PC FOS_icon.png
      • Unknown: the FOG server can not comunicate with the PC: the PC is shutdown or the firewall is closed (you must open the 445 TCP port in the computer) unknown_icon.png

      The state is detected on fly and only in the host edit page.

      NOTE: when you search one host or hosts, in the result list appears the state of the computers too, but this state is read from the database and this entry in the database is updated by FOGHostPing daemon. The daemon need time to iterate with all computers and update his state. If you have a lot of PC in your FOG server, the daemon takes one second per PC to update his state, there may be discrepancies between the two states (host status plugin and FOGHostPing daemon)

      posted in General
      F
      Fernando Gietz
    • RE: FOG Server High CPU

      Hello,

      Some news about this problem. We made some changes in our server and his configuration and, actually, the server is not so drowned as before. The conclusion is: the default configuration of apache, php-fpm and mysql is not optimal for large scenarios. If you have a great number of client, you need to tune the server.

      I will tell our previous situation and the actual situation to share our experience.

      Initial Scenario:

      • FOG version 1.5.2
      • Virtual server with 8 vCores and 16 GB RAM
      • OS: RHEL 7
      • Active clients: 7000
      • One fog server and only the default node.

      In July we migrated from our old FOG version (0.32) under RHEL 5 to the new one (1.5.2) under RHEL 7. Without any additional configuration.

      In August we observed that the server consumed a lot of CPU and RAM and we began to have performance troubles (and the course had not started). Panic Mode ON!!

      The first thing that you think is … more resources are neccesary (more wood is the war). ERROR. The System Operation Center (SOC) guys say NO. We can not give you more resources.

      First thing: Update
      we updated the server OS and some packages. For example: php and mariaDB. We had php 5.6 version and we updated to php 7, the performance of php increased a lot of.

      We updated the FOG version from 1.5.2 to 1.5.4

      Second thing: Optimize the virtual machine resources

      Our virtual server is hosted in a VMWARE server with two socket and each one with 6 cores (is an old server). Problem: our virtual server was 8 vcores, 6 vCores in one socket and the other 2 in the other one. The server had time access problems.
      We removed two vCores from the server, in this way all vCores were in the same socket and the time acccess was more quicky. PROBLEM: less resource, more server load. In September the clients began to wake up and the php and mysql queries increased, then more resources were neccesary. To minimize it we increased the checkout time of the client to 900 seconds, with this we decreased the php and mysql queries, but the comsumption was still high (mysqld proccess 300%). The problem was the access time to the cores of the server, we had 6 vCores in a socket with 6 cores and also with more virtual server in the same socket. The more time the vCores were waiting to access to the sockets cores. The vCores were always at 100% of CPU usage.

      To solve this we enabled the NUMA in the server:
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_tuning_and_optimization_guide/sect-virtualization_tuning_optimization_guide-numa-numa_and_libvirt

      With this we distributed the vCores between the two socket: vCPUs 0,1,2 + 8GB RAM in NUMA 0 y 3,4,5, + 8GB in NUMA 1. This is configurated in the VMWARE server. In addition, we install the numad package in our virtual server, this daemon distributed the proccess betwween the two NUMAs. The access to the RAM and CPU was faster.

      For example:

      # ./numa-maps-summary.pl < /proc/1787/numa_maps
      N0        :          100 (  0.00 GB)
      N1        :       648226 (  2.47 GB)
      active    :       435228 (  1.66 GB)
      anon      :       645582 (  2.46 GB)
      dirty     :       647118 (  2.47 GB)
      kernelpagesize_kB:         1012 (  0.00 GB)
      mapmax    :          332 (  0.00 GB)
      mapped    :         1248 (  0.00 GB)
      

      we can see with this python script that the mysql is using the resources of the NUMA1 Node.
      Now we have, again, 8 vCores distribuited between the two NUMA nodes.
      Now, the vCores are at 80%-90%

      Third thing: tunning php, php.fpm and mysql

      We don’t have a lot idea about php, php-fpm and mysql, then we had to read a lot of articles in the web about them.

      Tunning MySQL: to do it we have used the mysqltunner script, http://mysqltuner.com . This script gives you an idea about the performance of the database and how tunne it to increase the performance.

      SET GLOBAL query_cache_size = 4000000; (4MB)
      SET GLOBAL tmp_table_size = 20000000; (20MB)
      SET GLOBAL query_cache_limit = 2000000; (2MB)
      SET GLOBAL max_heap_table_size = 20000000; (20MB)
      SET GLOBAL thread_cache_size = 4;
      SET GLOBAL table_open_cache = 450; 
      

      In the MariaDB web page recommends edcrease the swappiness value (https://mariadb.com/kb/en/library/configuring-swappiness/)

      #sysctl -w vm.swappiness=10
      

      Tunning php-fpm and php: There is some articles about it in this forum.
      PHP-FPM:

      pm = ondemand
      
      ; The number of child processes to be created when pm is set to 'static' and the
      ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
      ; This value sets the limit on the number of simultaneous requests that will be
      ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
      ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
      ; CGI.
      ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
      ; Note: This value is mandatory.
      pm.max_children = 50
      
      ; The number of child processes created on startup.
      ; Note: Used only when pm is set to 'dynamic'
      ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
      pm.start_servers = 5
      
      ; The desired minimum number of idle server processes.
      ; Note: Used only when pm is set to 'dynamic'
      ; Note: Mandatory when pm is set to 'dynamic'
      pm.min_spare_servers = 5
      
      ; The desired maximum number of idle server processes.
      ; Note: Used only when pm is set to 'dynamic'
      ; Note: Mandatory when pm is set to 'dynamic'
      pm.max_spare_servers = 50
      
      ; The number of seconds after which an idle process will be killed.
      ; Note: Used only when pm is set to 'ondemand'
      ; Default Value: 10s
      pm.process_idle_timeout = 10s;
      

      Normaly the people have pm=dynamic but we use pm=ondemand because we saw that the performance is better.

      Is possible that these parameters will be changed, but now the server runs well, but is October and the download activity has decreased a lot of.

      To see the activity of php you can enable the apache server status in the php.ini and there is a tool “goaccess” too to see the php calls and the number in the terminal:

      #yum install goaccess
      #tail -f /var/log/httpd/access_log | goaccess -

      posted in FOG Problems
      F
      Fernando Gietz
    • Site Plugin

      Hi!!!

      I am developing a new plugin, after AccessControl plugin, now Site plugin 🙂
      With AccessControl Plugin we can control the access to the items of the webUI using roles. Now, with the Site Plugin we can control the access to the hosts by user using his physical location.

      Site is not Location 🙂

      With Location plugin we can manage the storage nodes from the hosts will download the images, snapins, … With Site plugin we can have more granularity, we can define as Sites as we need (IT room, labs, …) and associate the host to these sites. We can associate one user to one or more sites, in this way, the user only will see the hosts which are in his sites and not the others.

      4_1491923234514_sitePlugin5.png

      3_1491923234514_sitePlugin4.png

      2_1491923234514_sitePlugin3.png

      1_1491923234514_sitePlugin2.png

      0_1491923234513_sitePlugin1.png

      posted in General
      F
      Fernando Gietz
    • RE: Linux client could not authenticate

      Hi Tom,

      Finally works fine under ubuntu 14.04

      sudo rm /etc/apt/sources.list.d/mono-xamarin.list
      sudo apt-get autoremove
      sudo apt-get update
      sudo apt-get install mono-complete
      Install the client
      

      With these instructions the client woks fine. Thanks!!

      posted in Bug Reports
      F
      Fernando Gietz
    • RE: Access Control Plugin

      Hi @kAs1m ,
      I know what is happen here. The problem is the array of element of the top menu.

      I will try to explain how works the plugin: the elements of the top menu are saved in one array, the AccessControl plugin erases the elements of the menu but, frecuently, the AccessControl can not erase the element because the order in the array have been changed. This occurs, normaly, when you try to apply some rules at time.

      In conclusion, the plugin doesn´t work as fine as we want. As solution try to add rules one by one and see the result, for example I have a configuration as yours usong these rules:

      • MAIN_MENU-about about main
      • MAIN_MENU-plugin plugin main
      • MAIN_MENU-service service main
      • MAIN_MENU-site site main
      • MAIN_MENU-storage storage main
      • MAIN_MENU-user user main

      In the future 1.6 version the pages will be loaded in other way that takes in account this problem.

      posted in FOG Problems
      F
      Fernando Gietz
    • RE: [HELP WANTED] Client Internationalization

      I didn’t see this post. My two cents.

      es-ES [Spanish (Spain)]

      ### SHUTDOWN PROMPT ###
      {company} necesita realizar el mantenimiento en este equipo.
      {company} needs to perform maintenance on this computer.
      
      Por favor, guarde su trabajo y cierre todos los programas.
      Please save any work and close all programs.
      
      Cancelar
      Cancel
      
      Ocultar
      Hide
      
      Posponer
      Postpone
      
      Reiniciar Ahora
      Restart Now
      
      Apagar Ahora
      Shutdown Now
      
      Posponer durante 
      Postpone for
      
      X hora(s) Y minuto(s) Z segundo(s)
      X hour(s) Y minute(s) Z second(s)
      
      ### NOTIFICATIONS ###
      
      Apagado Cancelado
      Shutdown Aborted
      
      El apagado ha sido cancelado
      Shutdown has been aborted
      
      Apagado Retrasado
      Shutdown Delayed
      
      El apagado ha sido retrasado {time}
      Shutdown has been delayed for {time}
      
      El apagado se producirá en {time}
      Shutdown will occur in {time}
      
      Está a punto de ser desconectado
      You are about to be logged off
      
      Será desconectado si permanece inactivo
      You will be logged off if you remain inactive
      
      Instalando {snapin name}
      Installing {snapin name}
      
      Por favor, no apague hasta que no haya finalizado
      Please do not shutdown until this is completed
      
      {snapin name} ha sido instalado
      {snapin name} installed
      
      La instalación ha finalizado y está listo para ser usado
      Installation has finished and is now ready for use
      

      Short version:

      ### SHUTDOWN PROMPT ###
      {company} necesita realizar el mantenimiento en este equipo.
      Por favor, guarde su trabajo y cierre todos los programas.
      Cancelar
      Ocultar
      Posponer
      Reiniciar Ahora
      Apagar Ahora
      Posponer durante 
      X hora(s) Y minuto(s) Z segundo(s)
      
      ### NOTIFICATIONS ###
      Apagado Cancelado
      El apagado ha sido cancelado
      Apagado Retrasado
      El apagado ha sido retrasado {time}
      El apagado se producirá en {time}
      Está a punto de ser desconectado
      Será desconectado si permanece inactivo
      Instalando {snapin name}
      Por favor, no apague hasta que no haya finalizado
      {snapin name} ha sido instalado
      La instalación ha finalizado y está listo para ser usado```
      posted in General
      F
      Fernando Gietz
    • RE: Centos7. Fog 1.5.5. White-Page on Update Group sites and locations.

      Hi @Sebastian-Roth and @EduardoTSeoane ,

      I tested the changes in my dev environment and the suggestions work fine. I think we can push the changes in the repository.

      I don´t use the location plugin but Ithink that the problem is the same. Maybe, @Tom-Elliott can say us want think about them XD and the reason it does not wok correctly

      posted in Bug Reports
      F
      Fernando Gietz
    • Control Access plugin

      Hi FOGers!!
      I need to develop a control access plugin and, although I have more or less the things clear in my head, I would like share my minds with you. I accept suggestions, corrections, …

      Feature:

      • Control the access to the icons, menus and submenus in the the webUI by rol.
      • Limit the searches and access to the resources (snapin, hosts, groups, tasks and images) of one or more locations.

      Necessities:

      • Create a new rol: restricted user

      This plugin has two levels of control:

      • Visual: Limit the access to the menus and submenus by rol user. The admin rol can access to all menus and submenus of the webUI and the restricted user only can access to the some menus and submenus (for example: Home, Hosts, Groups, Images, snapin, printer, tasks and logoff)
      • Searches: Limit the range of the search to the resources of one or more locations. The restricted user only can see the hosts, groups, images that are link or associated to his/her location/locations.

      This last level have a dependency with Location plugin.

      Dependencies:

      • Location plugin

      Well, hereinafter I accept suggestions, ideas …

      Christmas List:

      • Imaging techs assigned to Location A, may not touch or deploy any target host at Location B. Possibly read only access to Location B’s host records might be interesting.
      • Create different roles
      • Create different access rules
      posted in General
      F
      Fernando Gietz
    • RE: Add the name field in Users table

      It’s a little barter XD
      He added a field in the database and I developed the access control plugin. Personally I think I’m losing 😉

      posted in Feature Request
      F
      Fernando Gietz
    • RE: Control Access plugin

      Hi FOGers!!

      I attach some captures of this new plugin

      0_1489590921379_accesscontrolplugin_allusers_2.png
      When we list all users, appears the role that they have linked.

      We can link a role to one user from user edit page.

      0_1489591033848_accesscontrolplugin_user_edit_page2.png

      In the accesscontrol page we can list, edit and add new roles
      0_1489591119361_accesscontrolplugin_ACpage_2.png

      And create, list and edit rules

      0_1489591200071_accesscontrolplugin_page_rulelist_2.png

      Editing a rule …

      0_1489591252858_accesscontrolplugin_editrule_2.png

      posted in General
      F
      Fernando Gietz

    Latest posts made by Fernando Gietz

    • Owner and permissions in /images

      Hi FOGers!!

      We have some strange issues when we upload images to the server and we don´t have find the reason of this behaivour.

      The issue appears when the server try to move the image from /images/dev/abcdefg12345 directory to the destiny, the FTP can´t move the file or the directory and the destiny directory appears empty.

      In the vsftpd log appears the error:

      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP command: Client "10.0.15.8", "LIST -a images"
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP response: Client "10.0.15.8", "150 Here comes the directory listing."
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP response: Client "10.0.15.8", "226 Directory send OK."
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP command: Client "10.0.15.8", "RNFR /images/dev/8cec4b6xxxxx"
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP response: Client "10.0.15.8", "550 RNFR command failed."
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FAIL RENAME: Client "10.0.15.8", "/images/dev/8cec4b6xxxxx"
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP command: Client "10.0.15.8", "QUIT"
      Tue Oct 31 14:00:26 2023 [pid 2855049] [fogproject] FTP response: Client "10.0.15.8", "221 Goodbye."
      
      

      The permissions in /images is:

      drwxrwxrwx  295 fogproject apache 16384 nov  3 09:40 images
      

      We have migrated the old server, fog 1.5.5, to the last one, fog 1.5.10, we made a fresh install but we migrated the storage from the old one to the new one. Then in /images we have a mix of owners XD:

      drwxrwxrwx    2 root       root     280 ago 24 10:27 aula-vc-filologia-aulavhm2-alumno3450
      drwxrwxrwx    2 fogproject apache   226 jul 26  2022 aula-vc-filologia-aulavhm2-profesor
      drwxrwxrwx    2 root       root     280 ago 24 14:52 aula-vc-filologia-aulavhm2-profesor3450
      drwxrwxrwx    2 root       root     226 jul 19 12:28 aula-vc-filologia-aulavhmm-docencia
      drwxrwxrwx    2 fogproject apache   226 mar  8  2023 aula-vc-filologia-aulavhmm-docencia-LTSC
      drwxrwxrwx    2 root       root     226 ago 25 12:36 aula-vc-filologia-aulavht1-cabina
      drwxrwxrwx    2 root       root     226 ago 28 09:55 aula-vc-filologia-aulavht1-profesor
      drwxrwxrwx    2 fogproject apache   226 abr 29  2021 aula-vc-filologia-aulavht1-roomserver
      
      

      The question is easy 🙂 Who is the owner of images directories?

      posted in FOG Problems
      F
      Fernando Gietz
    • RE: Configuring LDAP Authentication

      @orborneee When I installed the new server on May, I had problems with the LDAP autentication. I don´t know if your problem is the same but you can test if works.
      Edit the /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php file and comment the line 235:

      //@$this->unbind();
      
      posted in FOG Problems
      F
      Fernando Gietz
    • RE: FOG server under RHEL 9 and PHP 8

      Hi @Sebastian-Roth,
      Yes, I think that the dev-branch solves the problem. I tried to install from master branch and the problem with the xinetd appeared, but with the dev-branch apparently works fine

      posted in Bug Reports
      F
      Fernando Gietz
    • RE: FOG server under RHEL 9 and PHP 8

      @Sebastian-Roth Hi Sebastian!
      I will try the dev-branch, the new server is the develop server. If the new release version has PHP 8 support then great 🙂
      The problem with the xinetd is more “special”, only affect to RHEL 9 and higher.

      posted in Bug Reports
      F
      Fernando Gietz
    • RE: FOG server under RHEL 9 and PHP 8

      Workaround: Install php 7.4 in RHEL 9
      Install PHP 7.4 (https://www.linuxcapable.com/how-to-install-php-on-centos-stream/)

      # dnf upgrade –refresh
      # dnf config-manager --set-enabled crb
      # dnf install \
          https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm \
          https://dl.fedoraproject.org/pub/epel/epel-next-release-latest-9.noarch.rpm
      # dnf install dnf-utils http://rpms.remirepo.net/enterprise/remi-release-9.rpm -y
      # dnf module list php
      # dnf module enable php:remi-7.4 –y
      # dnf install php php-cli php-common php-fpm php-gd php-json php-ldap php-mbstring php-mysqlnd php-process –y
      
      posted in Bug Reports
      F
      Fernando Gietz
    • FOG server under RHEL 9 and PHP 8

      Hi again! I am back 🙂
      I am installing a new server under RHEL 9, but I am having problems with the install process.

      Two big problems:

      • PHP version 8: the implode function is deprecated and have changed (https://www.php.net/manual/en/function.implode.php)
       implode(string $separator, array $array): string
      
      Alternative signature (not supported with named arguments):
      implode(array $array): string
      
      Legacy signature (deprecated as of PHP 7.4.0, removed as of PHP 8.0.0):
      implode(array $array, string $separator): string
      
      Join array elements with a separator string. 
      

      The order of the parameters is different. This affects to all calls of the implode function.

      *xinetd package is not available in RHEL 9
      From https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/pdf/considerations_in_adopting_rhel_9/red_hat_enterprise_linux-9-considerations_in_adopting_rhel_9-en-us.pdf

      The xinetd package is not available in RHEL
      9. Its functionality is now provided by
      systemd.
      
      posted in Bug Reports
      F
      Fernando Gietz
    • RE: NVRAM EFI bootorder

      @sebastian-roth Yes, I saw it. I am following it XD
      it can be the way to do it.

      posted in General
      F
      Fernando Gietz
    • RE: NVRAM EFI bootorder

      The problem are the dual images: windows + ubuntu or syspreped windows + ubuntu. And other type images too (multidisk, …)

      posted in General
      F
      Fernando Gietz
    • RE: NVRAM EFI bootorder

      @sebastian-roth I would like to customize the boot sequence , if is possible from the web UI and not custimize a script in the server.

      posted in General
      F
      Fernando Gietz
    • RE: NVRAM EFI bootorder

      Hi @Sebastian-Roth ,
      Then is not any global solution 😉 I need to devise one.

      posted in General
      F
      Fernando Gietz