OldHelperFile

From I Will Fear No Evil
Jump to navigation Jump to search


Voicestar bastion host

culture-club.ccsphl.voicestar.com

On kajagoogoo (ugh) gotta get the nis+ stuff going 

sudo useradd -u <marchex_uid> -g 1 -G 20,22,200 -s /bin/bash -c "Joe User" -k /etc/skel -d /home/kajagoogoo/users/<initial>/<username> -m <username>
edit /etc/netgroup (of course after making just in case backup)

sudo passwd <username>
cd yp
ls
sudo make
exit

have EU login and change their password on kajagoogoo ... one that is complete another make in /var/yp must be done. 

sudo useradd -u 2010 -g 1 -G 20,22,200 -s /bin/bash -c "John Crawford" -k /etc/skel -d /home/kajagoogoo/users/j/jacrawford -m jacrawford


Voicestar dev/qa nodes:
wwwdev.ccsphl
vscpdev1.ccsphl
vsacdev1.ccsphl (and 2)
vspdfdev1.ccsphl (and 2)

Deploys to staging/qa

scp ADTRACK_1_1_26.tar.gz vscodev1.phl:~/
scp ADTRACK_1_1_26.tar.gz vscpdev1.phl:~/
scp ADTRACK_1_1_26.tar.gz vsacdev1.phl:~/
scp ADTRACK_1_1_26.tar.gz vsacdev2.phl:~/


What was done on wwwdev (slightly differenty than 
cd /home/wwwdev/www/htdocs/
ls
sudo cp ~/ADTRACK_1_1_26.tar.gz .
ls
ls -latr
sudo gtar -zxvf ADTRACK_1_1_26.tar.gz 
ls
ls -latr
sudo ln -s ADTRACK_1_1_26 adtrack.new
ls -latr
sudo /etc/init.d/apache stop;sudo /etc/init.d/blix stop;sudo /etc/init.d/at_error_snmp_converter stop;sudo /etc
/init.d/numberorder_process_orders stop;sudo /etc/init.d/numberorder_process_segments stop

sudo perl -e 'rename shift, shift or die $!' adtrack.new adtrack 

ls -latr

sudo /etc/init.d/apache start;sudo /etc/init.d/blix start;sudo /etc/init.d/at_error_snmp_converter start;sudo /
etc/init.d/numberorder_process_orders start;sudo /etc/init.d/numberorder_process_segments start

ps -ef | grep http

exit

Where is the current git code? 

svn co svn+ssh://svn.marchex.com/src/svn/git/trunk/x86_64-deb5.0/git-1.7.1-1/

^^ Fail on this one. Go

Whenever doing something in prod that is impacting in anyway:

email to prod-notice@marchex.com

ops4.sea has a directory called: /site/escrow-service/data In this directory you see escrow...just a text file....sudo less escrow to grep out a password if need be



Force config update on a server: (as in when a server isn't picking up changes made in last3) (01:35:18 PM) chubsie: sudo (heh) /etc/init.d/cfservd restart

                                                                                                  • /

PFC pay for call

MCA Marchex Call Analytics

NIM

SQL stuff 

psql -h lb-pool -d adtrack_ro -U pmorris

psql -h lb-pool -d adtrack -U at

adtrack=> begin;
BEGIN
adtrack=> insert into at_whitelist (number, account_id) values
('4164170000', 'global');
INSERT 0 1
adtrack=> insert into at_whitelist (number, account_id) values
('4164180525', 'global');
INSERT 0 1
adtrack=> insert into at_whitelist (number, account_id) values
('4164562981', 'global');
INSERT 0 1
adtrack=> select * from at_whitelist where number in
('4164170000','4164180525','4164562981');
number | account_id | created
------------+------------+-------------------------------
4164170000 | global | 2011-09-14 19:46:39.846512-04
4164180525 | global | 2011-09-14 19:46:39.846512-04
4164562981 | global | 2011-09-14 19:46:39.846512-04
(3 rows)

adtrack=> commit;
COMMIT
adtrack=>

Deployment mim channel next_deploy 

Pulley fun!
slugfest is where you start
/site/pulley/bin/pulley
login
source  (staging or production)

submit nim-redis-conf#mca_router_release_rc_11

whack nim-redis-conf#mca_router_release_rc_11 nimcache1.phl nimcache2.phl nimcache3.phl

note that the conf name and tag are separated by the hash.  You can release to multiple boxes with whitespace as a separator.


Example deployment stuff
submit nx-proxy-primedia#PFC_1_068_RC_01	SUCCESS
submit nx-cs-publisher#PFC_1_068_RC_01	SUCCESS
submit nx-mgmt-api#PFC_1_067_RC_02	SUCCESS
submit nx-user-api#PFC_1_067_RC_02	SUCCESS
submit nx-reporting-api#PFC_1_067_RC_02	SUCCESS
submit nx-public-ui#PFC_1_067_RC_02	FAIL
submit nx-voicestar-sync#VS_SYNCER_HF_01 SUCCESS	
passenger#PASSENGER_0_0_2	



whack nx-proxy-primedia nxclp1.sad nxclp2.sad	Success
whack nx-cs-publisher nxpub1.sad nxpub2.sad	SUCCESS
whack nx-user-api nxapi1.sad nxapi2.sad	SUCCESS
whack nx-mgmt-api nxapi1.sad nxapi2.sad	SUCCESS
whack nx-reporting-api nxapi1.sad nxapi2.sad SUCCESS	
whack ruby nxui1.sad nxui2.sad	skipped
whack passenger nxui1.sad nxui2.sad skipped	
whack nx-public-ui nxui1.sad nxui2.sad	skipped for now
whack nx-voicestar-sync nxpub1.sad nxpub2.sad success

nx-call-settings-redis-conf

Zenoss Bits

/usr/local/zenoss/common/libexec/check_http ${here/id} -f -R Please sign in

Voicestar DB3 if you update the symlink on prod databases otherwise you blow away the db 

psql -h lb-pool -d adtrack_ro -U pmorris

Postgres (need to get to adtrack via culture club as there are connectivity issues going direct)

Note to self. Need to be setting up pgpass file and appropriate pathing statements for my profile or else. 

(03:13:03 PM) khochhalter@mim: adtrack=> \d at_whitelist
              Table "public.at_whitelist"
   Column   |           Type           |   Modifiers
------------+--------------------------+---------------
 number     | text                     | not null
 account_id | text                     | not null
 created    | timestamp with time zone | default now()
Indexes:
    "at_whitelist_pkey" PRIMARY KEY, btree (number, account_id)
    "whitelist_cache_key" btree (((('whitelist:'::text || number) || ':'::text) || account_id))
Triggers:
    _adtrack_cluster_logtrigger AFTER INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE _adtrack_cluster.logtrigger('_adtrack_cluster', '107', 'kk')
    update_whitelist_cache_trg AFTER INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE list_to_cache_queue()
Disabled triggers:
    _adtrack_cluster_denyaccess BEFORE INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE _adtrack_cluster.denyaccess('_adtrack_cluster')

adtrack=> begin;
BEGIN
adtrack=> insert into at_whitelist (number, account_id) values ('6502800002','CA6ph0pTj_0zIQE0');
INSERT 0 1
adtrack=> select * from at_whitelist where account_id = 'CA6ph0pTj_0zIQE0';
   number   |    account_id    |            created
------------+------------------+-------------------------------
 6502800002 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04
(1 row)

adtrack=> insert into at_whitelist (number, account_id) values ('4152589777','CA6ph0pTj_0zIQE0');
INSERT 0 1
adtrack=> select * from at_whitelist where account_id = 'CA6ph0pTj_0zIQE0';
   number   |    account_id    |            created
------------+------------------+-------------------------------
 6502800002 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04
 4152589777 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04
(2 rows)

adtrack=> commit;
COMMIT
adtrack=>
(03:13:17 PM) khochhalter@mim: http://intranet.marchex.com/techwiki/Wiki.jsp?page=VS.Database.Access
(03:23:21 PM) khochhalter@mim: http://intranet.marchex.com/techwiki/Wiki.jsp?page=VS.DatabaseRestore

Update dns in the company via our fancy cvs repo 

cvs co dns
edit file that you need to edit
update RELEASE_NOTES in tinydns-marchex with the new tag and whatnot
cvs diff -uN  | less  //Check your diff bitch!
cvs diff -uN > ~/<tag>.diff  //Get your file for sending out for code review
cvs commit ... put your info in there and save it
//Tag your shizz
cvs tag TINYDNS_MARCHEX_1_1_844  // just so happens to be the tag I used on that find day
tell prod-notice@ that you're going to do something fun with dns
log into slugfest and then pulley and 
status tinydns-marchex-data //look and see that your tag is the next increment, and gets you a lovely list of servers to whack
submit tinydns-marchex-data#<that tag thing again>
whack tiny-dns-marchex server1 server2 server3 // whatever the servers are that you want to whack
status tinydns-marchex-data // get you some good info on whether or not you successfully whacked

TINYDNS_MARCHEX_1_1_863
*) tinydns-marchex-data:  Changed hostnames for nimcache3/4.qa to 1/2.qa2 and
   changed nimcr3/4.qa to nimcr1/2.qa2 [pmorris]

whack tinydns-marchex-data ns1.sad ns2.sad ns3.phl ns4.phl ops1.sea ops2.sea

New number 973.749.1276
Number that should not route to -- 973.749.1079
8.14.170.143, 144 are the test servers that 1276 should be routing to.

6:0 <-- appears to be the port the PRI is connected up on both routers

vgw1-r7.ccsphl.voicestar.com
vgw1-r8.ccsphl.voicestar.com

W0nd3rTw1ns

Output modifiers : begin include exclude

test voice translation-rule name-tag input-number

sho call history voice brief
265F : 8448368 13868561020ms.426899 +-1 +11800 pid:204 Originate 9737491276
 dur 00:00:00 tx:430/68800 rx:288/46080 10  (normal call clearing (16))
 IP 8.14.168.207:15684 SRTP: off rtt:1ms pl:3000/0ms lost:0/1/0 delay:70/60/100ms g711ulaw TextRelay: off
 media inactive detected:n media contrl rcvd:n/a timestamp:n/a
 long duration call detected:n long dur callduration :n/a timestamp:n/a

265F : 8448367 13868561010ms.426900 +-1 +11800 pid:200 Answer 2064341366
 dur 00:00:00 tx:529/84640 rx:288/46080 10  (normal call clearing (16))
 Telephony 6/0:1:D (8448367) [6/0:1.21] tx:10640/0/0ms g711ulaw noise:-55dBm acom:89dBm
 long duration call detected:n long dur callduration :n/a timestamp:n/a

show voice call summary
show voice call status


Controller 1/7 is down.

controller T1 1/7
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
 description Paetec SGNS045157

T1 1/6 is up.
  Applique type is Channelized T1
  Cablelength is long gain36 0db
  Description: Paetec SGNS045163
  No alarms detected.
  alarm-trigger is not set
  Version info of slot 1:  HW: 768, PLD Rev: 4
  Framer Version: 0x8

!
dial-peer voice 107 pots
 description outgoing to POTS, VSSIP->100->107->POTS
 preference 1
 destination-pattern 9907
 port 1/6:D
!

Numbers are in the call route repo in git (cloned the callroute directory)



Dial plan needs to be "called number 800-800-8000 routes to 8.14.170.143 8.14.170.144

As near as I can tell this *should* give us the results that we would want since it's a specific match. I'm still don't entirely have my head wrapped around the translation rules. So once Sean gets the test number assigned to the XO PRI, we can schedule a maintenance event and I can see what happens with that. 

dial-peer voice 301 voip
 description outgoing SIP to sip4
 preference 9
 destination-pattern NPANXXXXXX
 translate-outgoing called 3  (not sure this is actually needed here)
 session protocol sipv2
 session target ipv4:8.14.170.143
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad

dial-peer voice 302 voip
 description outgoing SIP to sip4
 preference 9
 destination-pattern NPANXXXXXX
 translate-outgoing called 3
 session protocol sipv2
 session target ipv4:8.14.170.144
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad

translation-rule 1
 Rule 0 ^10 0
 Rule 1 ^11 1
 Rule 2 ^12 2
 Rule 3 ^13 3
 Rule 4 ^14 4
 Rule 5 ^15 5
 Rule 6 ^16 6
 Rule 7 ^17 7
 Rule 8 ^18 8
 Rule 9 ^19 9
!
!
translation-rule 2
 Rule 0 ^0 99000
 Rule 1 ^1 99001
 Rule 2 ^2 99002
 Rule 3 ^3 99003
 Rule 4 ^4 99004
 Rule 5 ^5 99005
 Rule 6 ^6 99006
 Rule 7 ^7 99007
 Rule 8 ^8 99008
 Rule 9 ^9 99009
!
!
translation-rule 3
 Rule 0 ^99000 0
 Rule 1 ^99001 1
 Rule 2 ^99002 2
 Rule 3 ^99003 3
 Rule 4 ^99004 4
 Rule 5 ^99005 5
 Rule 6 ^99006 6
 Rule 7 ^99007 7

for i in {1..11} ; do cd /home/www$i/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new;done

for i in {1..11} ; do ssh www$i "cd /home/www$i/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new";done

cd /home/www11/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new

Adtrack database recovery 

(11:56:12 AM) Jacob Drahos: in Hochhalter: ok
(11:08:06 AM) Kevin Hochhalter: so, you need to start adtrack_call_logger on the cp servers
(11:08:28 AM) Kevin Hochhalter: you have to do this somewhat slowly and carefully
(11:08:59 AM) Kevin Hochhalter: watch fad-gadget:/var/log/asterisk while you're doing this, and monitor /site/mvs-ast-call-log on each cp server
(11:09:26 AM) Kevin Hochhalter: if adtrack_call_logger gets hung up on a given cp server, shut it down and kill it's pids if you have to
(11:09:31 AM) Kevin Hochhalter: and move on to the next one
(11:10:16 AM) Kevin Hochhalter: once all of the cp servers have processed all of the files, go back through and deal with anything in /site/mvs-ast-call-log/dead on each host
(11:10:37 AM) Kevin Hochhalter: when you're about halfway through the cp servers, restart mpc_audio_convert on the ac servers
(11:10:55 AM) Jacob Drahos: so far so good
(11:11:05 AM) Jacob Drahos: getting started unless i need to know more
(11:11:11 AM) Kevin Hochhalter: okie dokie
(11:11:22 AM) Kevin Hochhalter: if you have questions call my cell: 206-303-9095
(11:11:34 AM) Kevin Hochhalter: I'll stay on mim but might not be close to the 'puter

Set up new users in the next ui via http://cm.next.marchex.com/ Under the internal users tab.

Make vstactical tarball: 

VSTACTICAL_TAG=VSTACTICAL_0_6_138
git archive --remote=git.marchex.com:/src/git/vstactical --format=tar --
prefix=$VSTACTICAL_TAG/ $VSTACTICAL_TAG | gzip -v > 
$VSTACTICAL_TAG.tar.gz

Distribute tarball:

for i in {1..2} ; do sudo cp VSTACTICAL_#_#_##.tar.gz 
/home/cron$i/:~/;done

Unpack tarball:

for i in {2..2} ; do cd /home/cron$i ; sudo gtar -xvzf 
VSTACTICAL_#_#_##.tar.gz ; sudo ln -s VSTACTICAL_#_#_## 
vstactical.new;done

Deploy: 

On cron1 and cron2 host: 
Verify extracted tarball from pre-deploy steps 
Note the old symlink ls -l vstactical 
Atomically replace symlinks sudo perl -e 'rename shift, 
shift or die $!' vstactical.new vstactical


Tacticals can be run on either cron1 or cron2.

f@ilBl0g!

grep '19/Oct/2011:17:2' access_log | cut -d " " -f 5 | sort | uniq -c | sort -rn | head -n 10
grep '19/Oct/2011:17:2' access_log | cut -d " " -f 5 | grep -v '^-' | sort | uniq -c | sort -rn | head -n 10

better than tcpdump tshark !

tshark -i bond1 port 5060 -t ad

Pie^c0ch8$ or Pie^C0ch8$

adtrack blacklist stuff 

adtrack_ro=> select * from at_penalty_box where number = '7709627220';
number | unassigned_lines | penalty_started | 
current_penalty | blacklist_until 
------------+------------------+-------------------------------+-----------------+------------------------------
7709627220 | 246 | 2011-10-07 09:50:27.672961-04 | 3 mons 
| 2012-02-01 16:31:13.74135-05

*****************************************************

psql -h lb-pool -d adtrack_ro -U pmorris
psql -h lb-pool -d adtrack -U at

\x gets you a nicely formatted display (ugh damn you postgresql)

whitelist a number in adtrack
select * from at_account where name ilike '%NCI%';

Or even this!
select name from at_account where account_id = 'CA6phk1xT0VbwgBK';

begin;


INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<use 'global' if global>');
INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<use 'global' if global>');
INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<hash key>');

select * from at_whitelist where number in ('<##########>','<##########>','<##########>');


commit;

i.e. I want to insert into 

INSERT INTO at_whitelist (number, account_id) VALUES ('5416337625','QrOXy0Q9KMgELQDF');
select * from at_whitelist where number in ('5416337625');

8323160383 QrOX60a7VDtzfwD1


/site/pgsql/pgsql-8.4.4/bin/psql -h lb-pool -d adtrack -U at

UPDATE at_forward_no
SET matchrule = NULL
FROM at_settings
WHERE at_settings.settings_id = at_forward_no.settings_id
AND account_id = 'CA6phk3VXWsSoAG_';
                                                                                                          • dconcepcion@marchex.com
find /mnt/site/backups/* -mtime +15 -exec rm {} \;

Asterisk maintenance stuff 

connect to console (change -i to -r from your ps -ef cruft)
sudo /site/asterisk/asterisk-1.6.2.6/sbin/asterisk -C /site/nx-call-proc-ast-conf/conf/asterisk.conf -r

core show calls
sip show channels
sip show channelstats
core stop now
core stop gracefully

NetScaler net scaler 

ssh as nsroot to appropriate machine
disable server servername.phl
enable server servername.phl

status


mysql crap 

/site/mysql/mysql-5.0.51a/bin/mysqldump -u root -p -S /site/mysql-pike/run/mysql.sock sct3k > sct3k_20110211.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < add_ce_id_and_ce_name_to_coinfo.sql 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < CE_updates.sql 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < 110963/update_vantage_links.sql 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < 20110330_remove_keiser.sql 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k 
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k



/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < Update50statesColleges_12-2011.sql

kvm build crap:

reset default image location 

virsh
pool-destroy default
pool-undefine default
pool-define-as --name default --type dir --target /rum/media/user1/partition1
pool-autostart default
pool-build default
pool-start default

cryptsetup luksChangeKey /dev/mapper/vgsys-imgs1

Force unmount of nfs 

sudo umount -f -l /foo/bar

For an Amazon Linux AMI, the user name is ec2-user.

For a Centos AMI, the user name is centos.

For a Debian AMI, the user name is admin or root.

For a Fedora AMI, the user name is ec2-user or fedora.

For a RHEL AMI, the user name is ec2-user or root.

For a SUSE AMI, the user name is ec2-user or root.

For an Ubuntu AMI, the user name is ubuntu or root.

Otherwise, if ec2-user and root don't work, check with the AMI provider.

cat secure | grep "Invalid user" | awk '{print $8}'  | sort | uniq -c | sort -rf | less


Fix "broken java"   comment out the jdk.tls.disabledAlgorithms line
sudo vi /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/java.security

switch branches 

git branch mc2-1382-kaldi-asr-ingress origin/mc2-1382-kaldi-asr-ingress
then
git checkout mc2-1382-kaldi-asr-ingress origin

route53 aws cli 

aws route53 change-resource-record-sets \
	--hosted-zone-id Z1U05RZDW3PZ3K \
	--change-batch file://./dns/qa/private-marchex.net-elb.json
{
    "ChangeInfo": {
        "Status": "PENDING", 
        "Comment": "Create/Update ELB Private QA Route 53 Entries for marchex.net", 
        "SubmittedAt": "2020-10-07T17:36:18.545Z", 
        "Id": "/change/C0136020ZF5C469VWNKO"
    }
}

aws route53  get-change --id /change/C0136020ZF5C469VWNKO
{
    "ChangeInfo": {
        "Status": "INSYNC", 
        "Comment": "Create/Update ELB Private QA Route 53 Entries for marchex.net", 
        "SubmittedAt": "2020-10-07T17:36:18.545Z", 
        "Id": "/change/C0136020ZF5C469VWNKO"
    }
}

git clone foo
git checkout -b blah1
git commit -a
git push --set-upstream origin blah1

Then go online and submit the branch as a pull request
Retrieved from "https://wiki.iwillfearnoevil.com/mediawiki/index.php?title=OldHelperFile&oldid=264"