Is there a way for pgbouncer to force to re-read /etc/hosts file without restart? I have added a new server to /etc/hosts and I want pgbouncer to connect to the new server with a minimum of hassle.
I know issuing RELOAD; command will force to re-read configuration file, but it seems that this does not apply to /etc/hosts. Also running command SHOW DNS_HOSTS (after changes in configuration and /etc/hosts) new hostname value would appear, but addrs value is left blank.
pgbouncer version: 1.7.2 running on Ubuntu 14.04
Please don't read this as instruction for usage. This is more academical interest - what you need to do to make pgbouncer 1.7 to reread /etc/hosts without restart:
first demo:
pgbouncer=# show dns_hosts;
hostname | ttl | addrs
----------+-----+-------------
one | 6 | 127.0.0.3:0
(1 row)
pgbouncer=# \! sudo sed -i 's/127.0.0.3/127.0.0.2/' /etc/hosts
pgbouncer=# pause test;
PAUSE
pgbouncer=# kill test;
KILL
pgbouncer=# resume test;
RESUME
pgbouncer=# \! psql -p 6432 -h 127.0.0.1 -U vao -d test -c "\! tail -1 /etc/hosts"
Password for user vao:
127.0.0.2 one
pgbouncer=# show dns_hosts;
hostname | ttl | addrs
----------+-----+-------------
one | 7 | 127.0.0.2:0
(1 row)
pgbouncer=# \! sudo sed -i 's/127.0.0.2/127.0.0.12/' /etc/hosts
pgbouncer=# pause test;
PAUSE
pgbouncer=# kill test;
KILL
pgbouncer=# resume test;
RESUME
pgbouncer=# \! psql -p 6432 -h 127.0.0.1 -U vao -d test -c "\! tail -1 /etc/hosts"
Password for user vao:
127.0.0.12 one
pgbouncer=# show dns_hosts;
hostname | ttl | addrs
----------+-----+--------------
one | 10 | 127.0.0.12:0
(1 row)
Now why:
RELOAD rereads config, thus won't help here. dns_max_ttl controls roundroubin between several reselves returned by dns, thus won't play here. Recalling
Hostnames are resolved on connect time
I make an assumption that in order to reinitiate connection I need to drop existing connections (so connection would not be taken from the pool) - two way to do it - either restart pgbouncer or KILL db - isolating the impact to only one db from pgbouncer.ini [databases] section. So I added
test = host=one port=5432 dbname=t
to it and
127.0.0.3 one
to /etc/hosts. The rest is in demo.
I would interpret this answer as a cheat - I don't restart pgbouncer, but yet all existing connections to wanted db need to be dropped. (of course we don't affect other databases clients connected, but still). So the answer would be - yes, you can do it without restart, yet all connections to that db will be dropped, thus you can't do it without dropping existing connections to the host that has changed. just PAUSE + RESUME combination won't help here as
Hostnames are resolved on connect time
Related
Accessing the IP address of a connecting SSH client is possible via environment variables (such as SSH_CONNECTION), as described in
Find the IP address of the client in an SSH session
In a GNU screen session though, those environment variables are defined by whoever started the screen to begin with. Is there any way to also get hold of the SSH connection information, for someone who enters an already-existing screen session later, like from another host?
I can't think of a way to determine this, but this can be useful in cases where screen sessions are shared between different people, for example.
If the screen session is launched as root, you can but it won't be perfectly reliable
If two users type in the same screen window, they will both interact within the same shell. One can write a command. The other can press the <enter> key.
You have to get access to the environment variable SSH_CONNECTION (or better SSH_CLIENT) which is only possible if you are root, or if you use the same user inside the screen session.
Supposing you are root inside the screen session, you can know the last user active in a screen session by using the ps command and finding the last active session.
ps h -C screen katime -o pid,user
By using the pid, and accessing the /proc/<pid>/environ file, you can get the SSH_CLIENT variable.
sed -z '/SSH_CLIENT/p;d' /proc/`ps h -C screen katime -o pid |head -1`/environ
--> SSH_CLIENT=257.31.120.12
All of this suppose that your screen is executed as root
You can also chose to log all the active connections.
For such need, I would suggest you to store both the full list of connections and their last activity.
ps eh -C screen kstime -o pid,atime | while read pid stime; do echo -n "$stime: ";\
gawk -v 'RS=\0' -F= '$1=="SSH_CLIENT" {print $2}' /proc/$pid/environ; done
Result:
00:00:00: 257.31.120.12 61608 22
00:07:11: 258.1.2.3.4 49947 22
Note that you can also parse the result of the ps eh -C screen kstime -o args command if you find it easier.
EDIT:
This is a working Debian command to get all users currently connected to the same screen session:
find /var/run/screen/
-name $(pstree -sp $$ |sed 's/.*screen(\([0-9]*\)).*/\1/;q').*
-printf "%h\n"
| cut -f2 -d-
You can check the output of the last command that would list of all IP addresses or hostnames of all connection made if sshd is the only way to connect to server.
ec2-user]# last
ec2-user pts/0 115.250.185.183 Sun May 29 13:49 still logged in
ec2-user pts/0 115.250.140.241 Sat May 28 07:26 - 10:15 (02:48)
root pts/4 113.21.68.105 Tue May 3 10:15 - 10:15 (00:00)
Alternatively (on Linux), you can check /var/log/secure where sshd will usually log all details of all the connections made even if they don't result in successful logins.
If you're trying to support the multi-display mode ('screen -x'), then as someone said above you are likely out of luck.
One the other hand, if you could assume single-user mode, then you could create a wrapper/alias for the screen command that carries along an environment variable into screen (see 'screen -X stuff ...'); in this case you are just passing along SSH_CLIENT that will have the appropriate value.
If you can assume a given username comes from a single location (or, if more than one location, then simply choose most recent), then you can do some grep/sed on output of 'last' command.
client_ip=`last -ai | grep "still logged in" | grep "$USER " | grep -v '0.0.0.0' | tail -n 1 | sed 's/.* //g'`
echo "Hello $client_ip"
If your screen is starting usually in detached mode, then in your .screenrc, add the the following:
shell -$SHELL
Then your screen will have all the the variables.
For currently running screens that you are stuck with, simply run.
source ~/.bash_profile
Replace the path and the file name to match your environment.
My isp provides dynamic ip addresses.I have forwarded my port to an raspberry pi and accessing it through ssh and also using it as web server.but the problem is that ip changes every 3-4 days is there any way or script so that i can be informed or updated with new ip address.
Thank You.
You can write a script like:
============
#!/bin/bash
OUT=$(wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1)
echo $OUT > /root/ipfile
============
Set a cron to execute this every 3h or something and configure your mta to send the file /root/ipfile to your email address ( that too you can use a cron ). mutt can be a useful tool to attach the file and do the email delivery.
I wrote a simple Bash script to change the network address of a Linux Host:
#!/bin/sh
REMOTE_HOST=192.168.2.127 # Default Host address
NEW_IP=192.168.30.33 # New IP I want to set
NEW_GW=192.168.30.1 # New Gateway I want to set
sudo ifconfig eth0 192.168.2.1 # Moving to the right network...
#ping $REMOTE_HOST -c 3 # I can correctly ping the host here...
ssh-copy-id root#${REMOTE_HOST} > /dev/null # ...for my comfort...
# Setting the network with new values for the IP addr and the GW...
COMMAND="sed -i 's#address *\\([0-9.]\\+\\)#address ${NEW_IP}#' /etc/network/interfaces\
&& sed -i 's#gateway *\\([0-9.]\\+\\)#gateway ${NEW_GW}#' /etc/network/interfaces"
ssh root#${REMOTE_HOST} $COMMAND
# done!
# Now restart the network services:
ssh root#${REMOTE_HOST} "/etc/init.d/networking restart &" & # (Note the 2nd '&' !!!)
# Come back to my old IP
sudo ifconfig eth0 192.168.30.10
sudo route add default gw 192.168.30.1
This script works almost perfectly but:
1) If I run it from my home folder, no problems; if I run it from a NFS shared folder the script hangs for a minute or two before to end correctly
2) If I omit the second '&' when restarting the network on the host the command never returns...
The questions are:
1) What causes the long wait (NFS, different IP address, different gateway)? And is it possible to workaround it?
2) Why it happens? How could I avoid it?
Thanks for any kind of help and sorry for my bad English!
You're restarting networking services, which drops all active connections.
Bash reads the file you're running line by line. Since NFS is a Network File System, this will terminate the connection to the file. So the system waits (can't actually) with executing the lines after networking restart until the connection is re-established.
Instead, you should first make a local copy of the entire script and then run it locally.
You could also code a script for that ;-)
I have a webserver WWW1 and a front-facing proxy PRX. I use SSH ProxyCommand to connect to WWW1's internal IP (private IP) via PRX (private+public IP). For some connections (not all) I see a network connection left open after I'm finished. These add up!
~/.ssh/config
Host *
ServerAliveInterval 5
ControlMaster auto
ControlPath ~/.ssh/master-%r#%h:%p
Host WWW1 WWW2 WWW3
User foo
ProxyCommand ssh -q -a -x PRX nc %h 22
IdentityFile ~/.ssh/id_foo_WWWx
On PRX, lsof | grep WWW1:ssh shows 124 open connections at the moment. On WWW1, the same command shows 243 open connections. There are similar open connections for WWW2, WWW3 etc.
WWW1 and PRX are Debian. Client connections are coming from a mix of Debian, Ubuntu and OSX10.6. I use Emacs Tramp but this has no special configuration (AFAIK) outside of my ~/.ssh/config.
I'm concerned about running out of internal ports, and ideally I want these connections to clean themselves up without intervention. Ideally by configuring them to kill themselves off; failing that a command I can kill old processes with is fine!
A better way would be to use the -W option of SSH, so you could put
ProxyCommand ssh -q -a -x PRX -W %h:22
instead of
ProxyCommand ssh -q -a -x PRX nc %h 22
This way you get rid of dependence on nc too.
Don't know whether it matters but I use nc -w 1 %h %p
I am basically trying to write a pstree-like command except that it should follow processes across machines.
What I mean is that if I run this :
$ ssh $node sleep 1000
Then the command should display something like this :
ssh $node -- ($node) sleep 1000
And if I'm running :
$ ssh $node ssh $node sleep 1000
ssh $node---($node) ssh $node---($node) sleep 1000
And so on ...
My question is this : How can I map one ssh session on one machine to a spawned process on another machine ?
Local parent-child processes are not a problem, but how can I figure out which ssh command on one node that triggered another process on another node.
linux 2.6.18
only openSSH for "remote" stuff. Running OpenSSH_4.3p2 currently.
SSH access to all nodes of course (key based auth) so ps and netstat are available from all nodes.
Linux-only "hacks" are fine, does not need to be portable though that would be an added bonus of course.
The user will always be the same and my command/script is running as that user. That user is not root.
Does not have to be fast, only accurate.
The spontaneous solution would be to write a pstree clone, that triggers on the command string "ssh", figures out the source-port and then goes to the remote machine in question and figures out which one of sshd's children that was spawned by this particular command.
But maybe there's a more clever way ? :P
Actually, I think your spontaneous solution is the right way to do it: use netstat to get the source-port and look for it on the remote machine. You might have trouble using "netstat -p" without being root - I tried it on two machines, one which was happy to show me my own processes and one which wasn't.
As well as ssh clients, you might extend this to look for other clients that use ssh connections, like rsync or Mercurial. Just be careful not to trace your program's own connection recursively!
A quick experiment with netstat and pstree shows that the idea is sound:
me#mymachine:~$ netstat -p
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 mymachine.example:43681 remote.example.com:ssh ESTABLISHED 27044/ssh
tcp 0 0 mymachine.example:39228 remote.example.com:ssh ESTABLISHED 14499/ssh
tcp 0 0 mymachine.example:45814 remote.example.com:ssh ESTABLISHED 20899/ssh
me#mymachine:~$ ssh remote netstat -p | grep mymachine.example:43681
tcp 0 0 remote.example.com:ssh mymachine.example:43681 ESTABLISHED 10361/1
me#mymachine:~$ ssh remote pstree -a 10361
sshd
`-grep -n -e wotsit -i -R /local/home/me/somewhere /dev/null
I'd be interested to see the result, because it would be very useful to me!