Outsourced Clue

Providing big company technology recommendations to the masses

Archive for April, 2009

Build a RPM of Python 2.5 on CentOS 5 / Redhat Enterprise (RHEL) 5

without comments

It’s such a pain to get a newer version of Python installed on Redhat/CentOS.  RHEL 4/CentOS 4 comes with Python 2.3, and RHEL 5/CentOS 5 comes with Python 2.4.  I have noticed more and more apps requiring Python >= 2.5, so I had to find a good way to build an RPM of Python 2.5.  Based on some sites I found out there and some mods I made, here are the instructions:

% sudo yum install autoconf bzip2-devel db4-devel elf-utils \
  expat-devel findutils gcc-c++ gdbm-devel glibc-devel gmp-devel \
  mesa-libGL-devel libX11-devel libtermcap-devel ncurses-devel \
  openssl-devel pkgconfig readline-devel sqlite-devel tar \
  tix-devel tk-devel rpm-build zlib-devel
% test -f ~/.rpmmacros || echo %_topdir %\(echo \"\$HOME\"\)/rpm >> ~/.rpmmacros
% mkdir -p $HOME/rpm/{BUILD,RPMS,SOURCES,SPECS}
% wget ftp://mirrors.kernel.org:/fedora/releases/10/Fedora/source/SRPMS/python-2*.src.rpm
% rpm -ivh python-2*.src.rpm
% rm python-2*.src.rpm
% sed -ie 's/DBLIBVER=4.7/DBLIBVER=4.3/' $HOME/rpm/SOURCES/python-2.5-config.patch
% sed -ie 's/db4-devel >= 4.7/db4-devel >= 4.3/' $HOME/rpm/SPECS/python.spec
% rpmbuild --define '__python_ver 25' -bb $HOME/rpm/SPECS/python.spec










    
Written by sleach 

    
April 22nd, 2009 at 1:33 pm


	


    
Posted in Misc

    
Tagged with , , 







SOLVED: Problems with Safari 4, Nginx and Connections being reset


without comments




	


We had some issues with Safari 4 (only) and our Nginx load balancer setup.  Turns out, it doesn’t like the keep alive settings to be anything but 0.  The default for nginx was 65, which for the Safari 4 users, the site would consistently not provide the full content back to the client (we use Nginx to load balance between a few apache servers).


Setting the keepalive_timeout value to 0 solved the problem.  Hopefully this helps someone out there.


Here is some more info on the issue from Ruby Forum.








    
Written by sleach 

    
April 16th, 2009 at 4:38 pm


	


    
Posted in Troubleshooting

    
Tagged with , , 







Supporting “dig +trace” using an Unbound recursive/caching DNS server


without comments




	
dig +trace example.com is an extremely useful debugging tool with DNS.  It will walk the delegation path, showing the answer each authoritative DNS server in the path handed out, helping you track down some obscure DNS errors.  For example, here is a dig +trace for “outsourcedclue.com”.




 


; <<>> DiG 9.6.0-P1 <<>> +trace outsourcedclue.com
;; global options: +cmd
.			518073	IN	NS	F.ROOT-SERVERS.NET.
.			518073	IN	NS	M.ROOT-SERVERS.NET.
.			518073	IN	NS	B.ROOT-SERVERS.NET.
.			518073	IN	NS	D.ROOT-SERVERS.NET.
.			518073	IN	NS	K.ROOT-SERVERS.NET.
.			518073	IN	NS	A.ROOT-SERVERS.NET.
.			518073	IN	NS	H.ROOT-SERVERS.NET.
.			518073	IN	NS	J.ROOT-SERVERS.NET.
.			518073	IN	NS	E.ROOT-SERVERS.NET.
.			518073	IN	NS	L.ROOT-SERVERS.NET.
.			518073	IN	NS	C.ROOT-SERVERS.NET.
.			518073	IN	NS	G.ROOT-SERVERS.NET.
.			518073	IN	NS	I.ROOT-SERVERS.NET.
;; Received 512 bytes from 10.1.11.1#53(10.1.11.1) in 1 ms

com.			172800	IN	NS	I.GTLD-SERVERS.NET.
com.			172800	IN	NS	H.GTLD-SERVERS.NET.
com.			172800	IN	NS	J.GTLD-SERVERS.NET.
com.			172800	IN	NS	G.GTLD-SERVERS.NET.
com.			172800	IN	NS	F.GTLD-SERVERS.NET.
com.			172800	IN	NS	B.GTLD-SERVERS.NET.
com.			172800	IN	NS	A.GTLD-SERVERS.NET.
com.			172800	IN	NS	D.GTLD-SERVERS.NET.
com.			172800	IN	NS	L.GTLD-SERVERS.NET.
com.			172800	IN	NS	E.GTLD-SERVERS.NET.
com.			172800	IN	NS	M.GTLD-SERVERS.NET.
com.			172800	IN	NS	C.GTLD-SERVERS.NET.
com.			172800	IN	NS	K.GTLD-SERVERS.NET.
;; Received 496 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 147 ms

outsourcedclue.com.	172800	IN	NS	ns1.softlayer.com.
outsourcedclue.com.	172800	IN	NS	ns2.softlayer.com.
;; Received 170 bytes from 192.35.51.30#53(F.GTLD-SERVERS.NET) in 45 ms

outsourcedclue.com.	86400	IN	A	208.43.45.4
outsourcedclue.com.	86400	IN	NS	ns2.softlayer.com.
outsourcedclue.com.	86400	IN	NS	ns1.softlayer.com.
;; Received 98 bytes from 67.228.255.5#53(ns2.softlayer.com) in 42 ms


 


I use Unbound as my recursive/caching DNS server of choice, and one day I noticed it didn’t support “dig +trace”.  Distraught, I dug in why.  Talking to a buddy, he suggested perhaps Unbound wasn’t allowing non-recursive queries, that +trace relies on.  So digging into the documentation, I discovered the allow_snoop option of the access-control directive.  So for example, if in your config file looks like this:


server:
    access-control: 0.0.0.0/0 refuse
    access-control: 127.0.0.0/8 allow
    access-control: 10.1.11.0/24 allow


 


just add the following directive to support “dig +trace” from the IP’s needed:


  access-control: 10.1.11.0/24 allow_snoop


Now you can dig +trace to your hearts content!








    
Written by sleach 

    
April 13th, 2009 at 4:59 pm


	


    
Posted in DNS, Troubleshooting

    
Tagged with , , ,