OldHelperFile
Voicestar bastion host
culture-club.ccsphl.voicestar.com
On kajagoogoo (ugh) gotta get the nis+ stuff going
sudo useradd -u <marchex_uid> -g 1 -G 20,22,200 -s /bin/bash -c "Joe User" -k /etc/skel -d /home/kajagoogoo/users/<initial>/<username> -m <username> edit /etc/netgroup (of course after making just in case backup) sudo passwd <username> cd yp ls sudo make exit
have EU login and change their password on kajagoogoo ... one that is complete another make in /var/yp must be done.
sudo useradd -u 2010 -g 1 -G 20,22,200 -s /bin/bash -c "John Crawford" -k /etc/skel -d /home/kajagoogoo/users/j/jacrawford -m jacrawford Voicestar dev/qa nodes: wwwdev.ccsphl vscpdev1.ccsphl vsacdev1.ccsphl (and 2) vspdfdev1.ccsphl (and 2) Deploys to staging/qa scp ADTRACK_1_1_26.tar.gz vscodev1.phl:~/ scp ADTRACK_1_1_26.tar.gz vscpdev1.phl:~/ scp ADTRACK_1_1_26.tar.gz vsacdev1.phl:~/ scp ADTRACK_1_1_26.tar.gz vsacdev2.phl:~/ What was done on wwwdev (slightly differenty than cd /home/wwwdev/www/htdocs/ ls sudo cp ~/ADTRACK_1_1_26.tar.gz . ls ls -latr sudo gtar -zxvf ADTRACK_1_1_26.tar.gz ls ls -latr sudo ln -s ADTRACK_1_1_26 adtrack.new ls -latr sudo /etc/init.d/apache stop;sudo /etc/init.d/blix stop;sudo /etc/init.d/at_error_snmp_converter stop;sudo /etc /init.d/numberorder_process_orders stop;sudo /etc/init.d/numberorder_process_segments stop sudo perl -e 'rename shift, shift or die $!' adtrack.new adtrack ls -latr sudo /etc/init.d/apache start;sudo /etc/init.d/blix start;sudo /etc/init.d/at_error_snmp_converter start;sudo / etc/init.d/numberorder_process_orders start;sudo /etc/init.d/numberorder_process_segments start ps -ef | grep http exit
Where is the current git code?
svn co svn+ssh://svn.marchex.com/src/svn/git/trunk/x86_64-deb5.0/git-1.7.1-1/
^^ Fail on this one. Go
Whenever doing something in prod that is impacting in anyway:
email to prod-notice@marchex.com
ops4.sea has a directory called: /site/escrow-service/data In this directory you see escrow...just a text file....sudo less escrow to grep out a password if need be
Force config update on a server: (as in when a server isn't picking up changes made in last3)
(01:35:18 PM) chubsie: sudo (heh) /etc/init.d/cfservd restart
- /
PFC pay for call
MCA Marchex Call Analytics
NIM
SQL stuff
psql -h lb-pool -d adtrack_ro -U pmorris
psql -h lb-pool -d adtrack -U at
adtrack=> begin; BEGIN adtrack=> insert into at_whitelist (number, account_id) values ('4164170000', 'global'); INSERT 0 1 adtrack=> insert into at_whitelist (number, account_id) values ('4164180525', 'global'); INSERT 0 1 adtrack=> insert into at_whitelist (number, account_id) values ('4164562981', 'global'); INSERT 0 1 adtrack=> select * from at_whitelist where number in ('4164170000','4164180525','4164562981'); number | account_id | created
+------------+-------------------------------
4164170000 | global | 2011-09-14 19:46:39.846512-04 4164180525 | global | 2011-09-14 19:46:39.846512-04 4164562981 | global | 2011-09-14 19:46:39.846512-04 (3 rows)
adtrack=> commit; COMMIT adtrack=>
Deployment mim channel next_deploy
Pulley fun! slugfest is where you start /site/pulley/bin/pulley login source (staging or production)
submit nim-redis-conf#mca_router_release_rc_11
whack nim-redis-conf#mca_router_release_rc_11 nimcache1.phl nimcache2.phl nimcache3.phl
note that the conf name and tag are separated by the hash. You can release to multiple boxes with whitespace as a separator.
Example deployment stuff
submit nx-proxy-primedia#PFC_1_068_RC_01 SUCCESS
submit nx-cs-publisher#PFC_1_068_RC_01 SUCCESS
submit nx-mgmt-api#PFC_1_067_RC_02 SUCCESS
submit nx-user-api#PFC_1_067_RC_02 SUCCESS
submit nx-reporting-api#PFC_1_067_RC_02 SUCCESS
submit nx-public-ui#PFC_1_067_RC_02 FAIL
submit nx-voicestar-sync#VS_SYNCER_HF_01 SUCCESS
passenger#PASSENGER_0_0_2
whack nx-proxy-primedia nxclp1.sad nxclp2.sad Success whack nx-cs-publisher nxpub1.sad nxpub2.sad SUCCESS whack nx-user-api nxapi1.sad nxapi2.sad SUCCESS whack nx-mgmt-api nxapi1.sad nxapi2.sad SUCCESS whack nx-reporting-api nxapi1.sad nxapi2.sad SUCCESS whack ruby nxui1.sad nxui2.sad skipped whack passenger nxui1.sad nxui2.sad skipped whack nx-public-ui nxui1.sad nxui2.sad skipped for now whack nx-voicestar-sync nxpub1.sad nxpub2.sad success
nx-call-settings-redis-conf
Zenoss Bits
/usr/local/zenoss/common/libexec/check_http ${here/id} -f -R Please sign in
Voicestar DB3 if you update the symlink on prod databases otherwise you blow away the db
psql -h lb-pool -d adtrack_ro -U pmorris
Postgres (need to get to adtrack via culture club as there are connectivity issues going direct)
Note to self. Need to be setting up pgpass file and appropriate pathing statements for my profile or else.
(03:13:03 PM) khochhalter@mim: adtrack=> \d at_whitelist
Table "public.at_whitelist" Column | Type | Modifiers
+--------------------------+---------------
number | text | not null account_id | text | not null created | timestamp with time zone | default now()
Indexes:
"at_whitelist_pkey" PRIMARY KEY, btree (number, account_id)
"whitelist_cache_key" btree (((('whitelist:'::text || number) || ':'::text) || account_id))
Triggers:
_adtrack_cluster_logtrigger AFTER INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE _adtrack_cluster.logtrigger('_adtrack_cluster', '107', 'kk')
update_whitelist_cache_trg AFTER INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE list_to_cache_queue()
Disabled triggers:
_adtrack_cluster_denyaccess BEFORE INSERT OR DELETE OR UPDATE ON at_whitelist FOR EACH ROW EXECUTE PROCEDURE _adtrack_cluster.denyaccess('_adtrack_cluster')
adtrack=> begin; BEGIN adtrack=> insert into at_whitelist (number, account_id) values ('6502800002','CA6ph0pTj_0zIQE0'); INSERT 0 1 adtrack=> select * from at_whitelist where account_id = 'CA6ph0pTj_0zIQE0';
number | account_id | created
+------------------+-------------------------------
6502800002 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04
(1 row)
adtrack=> insert into at_whitelist (number, account_id) values ('4152589777','CA6ph0pTj_0zIQE0'); INSERT 0 1 adtrack=> select * from at_whitelist where account_id = 'CA6ph0pTj_0zIQE0';
number | account_id | created
+------------------+-------------------------------
6502800002 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04 4152589777 | CA6ph0pTj_0zIQE0 | 2011-09-23 18:11:09.052406-04
(2 rows)
adtrack=> commit; COMMIT adtrack=> (03:13:17 PM) khochhalter@mim: http://intranet.marchex.com/techwiki/Wiki.jsp?page=VS.Database.Access (03:23:21 PM) khochhalter@mim: http://intranet.marchex.com/techwiki/Wiki.jsp?page=VS.DatabaseRestore
Update dns in the company via our fancy cvs repo
cvs co dns edit file that you need to edit update RELEASE_NOTES in tinydns-marchex with the new tag and whatnot cvs diff -uN | less //Check your diff bitch! cvs diff -uN > ~/<tag>.diff //Get your file for sending out for code review cvs commit ... put your info in there and save it //Tag your shizz cvs tag TINYDNS_MARCHEX_1_1_844 // just so happens to be the tag I used on that find day tell prod-notice@ that you're going to do something fun with dns log into slugfest and then pulley and status tinydns-marchex-data //look and see that your tag is the next increment, and gets you a lovely list of servers to whack submit tinydns-marchex-data#<that tag thing again> whack tiny-dns-marchex server1 server2 server3 // whatever the servers are that you want to whack status tinydns-marchex-data // get you some good info on whether or not you successfully whacked
TINYDNS_MARCHEX_1_1_863
- ) tinydns-marchex-data: Changed hostnames for nimcache3/4.qa to 1/2.qa2 and
changed nimcr3/4.qa to nimcr1/2.qa2 [pmorris]
whack tinydns-marchex-data ns1.sad ns2.sad ns3.phl ns4.phl ops1.sea ops2.sea
New number 973.749.1276 Number that should not route to -- 973.749.1079 8.14.170.143, 144 are the test servers that 1276 should be routing to.
6:0 <-- appears to be the port the PRI is connected up on both routers
vgw1-r7.ccsphl.voicestar.com vgw1-r8.ccsphl.voicestar.com
W0nd3rTw1ns
Output modifiers : begin include exclude
test voice translation-rule name-tag input-number
sho call history voice brief 265F : 8448368 13868561020ms.426899 +-1 +11800 pid:204 Originate 9737491276
dur 00:00:00 tx:430/68800 rx:288/46080 10 (normal call clearing (16)) IP 8.14.168.207:15684 SRTP: off rtt:1ms pl:3000/0ms lost:0/1/0 delay:70/60/100ms g711ulaw TextRelay: off media inactive detected:n media contrl rcvd:n/a timestamp:n/a long duration call detected:n long dur callduration :n/a timestamp:n/a
265F : 8448367 13868561010ms.426900 +-1 +11800 pid:200 Answer 2064341366
dur 00:00:00 tx:529/84640 rx:288/46080 10 (normal call clearing (16)) Telephony 6/0:1:D (8448367) [6/0:1.21] tx:10640/0/0ms g711ulaw noise:-55dBm acom:89dBm long duration call detected:n long dur callduration :n/a timestamp:n/a
show voice call summary show voice call status
Controller 1/7 is down.
controller T1 1/7
framing esf linecode b8zs pri-group timeslots 1-24 description Paetec SGNS045157
T1 1/6 is up.
Applique type is Channelized T1 Cablelength is long gain36 0db Description: Paetec SGNS045163 No alarms detected. alarm-trigger is not set Version info of slot 1: HW: 768, PLD Rev: 4 Framer Version: 0x8
! dial-peer voice 107 pots
description outgoing to POTS, VSSIP->100->107->POTS preference 1 destination-pattern 9907 port 1/6:D
!
Numbers are in the call route repo in git (cloned the callroute directory)
Dial plan needs to be "called number 800-800-8000 routes to 8.14.170.143 8.14.170.144
As near as I can tell this *should* give us the results that we would want since it's a specific match. I'm still don't entirely have my head wrapped around the translation rules. So once Sean gets the test number assigned to the XO PRI, we can schedule a maintenance event and I can see what happens with that.
dial-peer voice 301 voip
description outgoing SIP to sip4 preference 9 destination-pattern NPANXXXXXX translate-outgoing called 3 (not sure this is actually needed here) session protocol sipv2 session target ipv4:8.14.170.143 dtmf-relay rtp-nte codec g711ulaw no vad
dial-peer voice 302 voip
description outgoing SIP to sip4 preference 9 destination-pattern NPANXXXXXX translate-outgoing called 3 session protocol sipv2 session target ipv4:8.14.170.144 dtmf-relay rtp-nte codec g711ulaw no vad
translation-rule 1
Rule 0 ^10 0 Rule 1 ^11 1 Rule 2 ^12 2 Rule 3 ^13 3 Rule 4 ^14 4 Rule 5 ^15 5 Rule 6 ^16 6 Rule 7 ^17 7 Rule 8 ^18 8 Rule 9 ^19 9
! ! translation-rule 2
Rule 0 ^0 99000 Rule 1 ^1 99001 Rule 2 ^2 99002 Rule 3 ^3 99003 Rule 4 ^4 99004 Rule 5 ^5 99005 Rule 6 ^6 99006 Rule 7 ^7 99007 Rule 8 ^8 99008 Rule 9 ^9 99009
! ! translation-rule 3
Rule 0 ^99000 0 Rule 1 ^99001 1 Rule 2 ^99002 2 Rule 3 ^99003 3 Rule 4 ^99004 4 Rule 5 ^99005 5 Rule 6 ^99006 6 Rule 7 ^99007 7
for i in {1..11} ; do cd /home/www$i/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new;done
for i in {1..11} ; do ssh www$i "cd /home/www$i/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new";done
cd /home/www11/www/htdocs ; sudo gtar -xvzf ADTRACK_1_1_32.tar.gz ; sudo ln -s ADTRACK_1_1_32 adtrack.new
Adtrack database recovery
(11:56:12 AM) Jacob Drahos: in Hochhalter: ok (11:08:06 AM) Kevin Hochhalter: so, you need to start adtrack_call_logger on the cp servers (11:08:28 AM) Kevin Hochhalter: you have to do this somewhat slowly and carefully (11:08:59 AM) Kevin Hochhalter: watch fad-gadget:/var/log/asterisk while you're doing this, and monitor /site/mvs-ast-call-log on each cp server (11:09:26 AM) Kevin Hochhalter: if adtrack_call_logger gets hung up on a given cp server, shut it down and kill it's pids if you have to (11:09:31 AM) Kevin Hochhalter: and move on to the next one (11:10:16 AM) Kevin Hochhalter: once all of the cp servers have processed all of the files, go back through and deal with anything in /site/mvs-ast-call-log/dead on each host (11:10:37 AM) Kevin Hochhalter: when you're about halfway through the cp servers, restart mpc_audio_convert on the ac servers (11:10:55 AM) Jacob Drahos: so far so good (11:11:05 AM) Jacob Drahos: getting started unless i need to know more (11:11:11 AM) Kevin Hochhalter: okie dokie (11:11:22 AM) Kevin Hochhalter: if you have questions call my cell: 206-303-9095 (11:11:34 AM) Kevin Hochhalter: I'll stay on mim but might not be close to the 'puter
Set up new users in the next ui via http://cm.next.marchex.com/ Under the internal users tab.
VSTACTICAL vstactical
Scripts have been ran in QA. I am currently verifying data from files.
I'm signing off, because I see no reason for any hesitation on this deployment.
Tag for deployment:
VSTACTICAL_0_6_138
Steps are:
Make vstactical tarball:
VSTACTICAL_TAG=VSTACTICAL_0_6_138 git archive --remote=git.marchex.com:/src/git/vstactical --format=tar -- prefix=$VSTACTICAL_TAG/ $VSTACTICAL_TAG | gzip -v > $VSTACTICAL_TAG.tar.gz
Distribute tarball:
for i in {1..2} ; do sudo cp VSTACTICAL_#_#_##.tar.gz /home/cron$i/:~/;done
Unpack tarball:
for i in {2..2} ; do cd /home/cron$i ; sudo gtar -xvzf VSTACTICAL_#_#_##.tar.gz ; sudo ln -s VSTACTICAL_#_#_## vstactical.new;done
Deploy:
On cron1 and cron2 host: Verify extracted tarball from pre-deploy steps Note the old symlink ls -l vstactical Atomically replace symlinks sudo perl -e 'rename shift, shift or die $!' vstactical.new vstactical
Tacticals can be run on either cron1 or cron2.
f@ilBl0g!
grep '19/Oct/2011:17:2' access_log | cut -d " " -f 5 | sort | uniq -c | sort -rn | head -n 10 grep '19/Oct/2011:17:2' access_log | cut -d " " -f 5 | grep -v '^-' | sort | uniq -c | sort -rn | head -n 10
better than tcpdump tshark !
tshark -i bond1 port 5060 -t ad
vsac1-3 manage the mp3 transcoding. #3 is slightly broked. You go to vscp 1-4 /site/adtrack/current/conf to update mpc.phl file to add/remove stuff.
Pie^c0ch8$ or Pie^C0ch8$
adtrack blacklist stuff
adtrack_ro=> select * from at_penalty_box where number = '7709627220'; number | unassigned_lines | penalty_started | current_penalty | blacklist_until
+------------------+-------------------------------+-----------------+------------------------------
7709627220 | 246 | 2011-10-07 09:50:27.672961-04 | 3 mons | 2012-02-01 16:31:13.74135-05
psql -h lb-pool -d adtrack_ro -U pmorris psql -h lb-pool -d adtrack -U at
\x gets you a nicely formatted display (ugh damn you postgresql)
whitelist a number in adtrack select * from at_account where name ilike '%NCI%';
Or even this! select name from at_account where account_id = 'CA6phk1xT0VbwgBK';
begin;
INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<use 'global' if global>');
INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<use 'global' if global>');
INSERT INTO at_whitelist (number, account_id) VALUES ('<##########>','<hash key>');
select * from at_whitelist where number in ('<##########>','<##########>','<##########>');
commit;
i.e. I want to insert into
INSERT INTO at_whitelist (number, account_id) VALUES ('5416337625','QrOXy0Q9KMgELQDF'); select * from at_whitelist where number in ('5416337625');
8323160383 QrOX60a7VDtzfwD1
/site/pgsql/pgsql-8.4.4/bin/psql -h lb-pool -d adtrack -U at
UPDATE at_forward_no SET matchrule = NULL FROM at_settings WHERE at_settings.settings_id = at_forward_no.settings_id AND account_id = 'CA6phk3VXWsSoAG_';
- dconcepcion@marchex.com
find /mnt/site/backups/* -mtime +15 -exec rm {} \;
Asterisk maintenance stuff
connect to console (change -i to -r from your ps -ef cruft) sudo /site/asterisk/asterisk-1.6.2.6/sbin/asterisk -C /site/nx-call-proc-ast-conf/conf/asterisk.conf -r
core show calls sip show channels sip show channelstats core stop now core stop gracefully
NetScaler net scaler
ssh as nsroot to appropriate machine disable server servername.phl enable server servername.phl
status
mysql crap
/site/mysql/mysql-5.0.51a/bin/mysqldump -u root -p -S /site/mysql-pike/run/mysql.sock sct3k > sct3k_20110211.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < add_ce_id_and_ce_name_to_coinfo.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < CE_updates.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < 110963/update_vantage_links.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < 20110330_remove_keiser.sql
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k
/site/mysql/mysql-5.0.51a/bin/mysql --defaults-file=/site/mysql-pike/conf/mysql.conf -u root -p sct3k < Update50statesColleges_12-2011.sql
xen crap
sudo xm create -c /etc/xen/U/config.file sudo xm destroy <id> sudo xm reboot <id>
nim script cruft
at ctns_to_return.txt | /site/perl/perl-5.10.1-1/bin/perl -I /site/oracle_client/client-11.2.0.1/5.10.1/lib return_numbers.pl --DSN=oranext-cluster.sad.marchex.com:1521/OPNEXT.marchex.com --User=nim_numbers --Pass=pFJ6w_XECmN > output.txt
kvm build crap:
reset default image location
virsh pool-destroy default pool-undefine default pool-define-as --name default --type dir --target /rum/media/user1/partition1 pool-autostart default pool-build default pool-start default
cryptsetup luksChangeKey /dev/mapper/vgsys-imgs1
Force unmount of nfs
sudo umount -f -l /foo/bar
For an Amazon Linux AMI, the user name is ec2-user.
For a Centos AMI, the user name is centos.
For a Debian AMI, the user name is admin or root.
For a Fedora AMI, the user name is ec2-user or fedora.
For a RHEL AMI, the user name is ec2-user or root.
For a SUSE AMI, the user name is ec2-user or root.
For an Ubuntu AMI, the user name is ubuntu or root.
Otherwise, if ec2-user and root don't work, check with the AMI provider.
cat secure | grep "Invalid user" | awk '{print $8}' | sort | uniq -c | sort -rf | less
Fix "broken java" comment out the jdk.tls.disabledAlgorithms line
sudo vi /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/java.security
switch branches
git branch mc2-1382-kaldi-asr-ingress origin/mc2-1382-kaldi-asr-ingress then git checkout mc2-1382-kaldi-asr-ingress origin
route53 aws cli aws route53 change-resource-record-sets \ --hosted-zone-id Z1U05RZDW3PZ3K \ --change-batch file://./dns/qa/private-marchex.net-elb.json {
"ChangeInfo": {
"Status": "PENDING",
"Comment": "Create/Update ELB Private QA Route 53 Entries for marchex.net",
"SubmittedAt": "2020-10-07T17:36:18.545Z",
"Id": "/change/C0136020ZF5C469VWNKO"
}
}
aws route53 get-change --id /change/C0136020ZF5C469VWNKO {
"ChangeInfo": {
"Status": "INSYNC",
"Comment": "Create/Update ELB Private QA Route 53 Entries for marchex.net",
"SubmittedAt": "2020-10-07T17:36:18.545Z",
"Id": "/change/C0136020ZF5C469VWNKO"
}
}
git clone foo git checkout -b blah1 git commit -a git push --set-upstream origin blah1
Then go online and submit the branch as a pull request