7,166
edits
(→メモ) |
No edit summary |
||
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
'''EOLです''' | |||
= 雑多なメモ = | = 雑多なメモ = | ||
ようやく、すべてのインスタンスを [http://uec-images.ubuntu.com/releases/precise/release/ 12.04 LTS (Precise Pangolin)] に Upgrade したので、いろいろメモ | ようやく、すべてのインスタンスを [http://uec-images.ubuntu.com/releases/precise/release/ 12.04 LTS (Precise Pangolin)] に Upgrade したので、いろいろメモ | ||
Line 61: | Line 58: | ||
(効果測定中) | (効果測定中) | ||
=== | === apache blackbox === | ||
[http://www.devco.net/archives/2008/03/05/detailed_apache_stats.php Detailed Apache Stats | R.I.Pienaar] | [http://www.devco.net/archives/2008/03/05/detailed_apache_stats.php Detailed Apache Stats | R.I.Pienaar] | ||
[https://github.com/ripienaar/apache-blackbox Apache Flight Recorder] | [https://github.com/ripienaar/apache-blackbox Apache Flight Recorder] | ||
Line 70: | Line 67: | ||
munin plugin | munin plugin | ||
[https://github.com/munin-monitoring/contrib/blob/master/plugins/apache/apache_blackbox apache http status code monitoring] | [https://github.com/munin-monitoring/contrib/blob/master/plugins/apache/apache_blackbox apache http status code monitoring] | ||
=== cron-apt から unattended-upgrades へ === | |||
[https://help.ubuntu.com/community/AutomaticSecurityUpdates AutomaticSecurityUpdates - Community Help Wiki] | |||
<syntaxhighlight lang="bash" enclose="div"> | |||
aptitude remove cron-apt | |||
dpkg-reconfigure --priority=low unattended-upgrades | |||
</syntaxhighlight> | |||
/etc/apt/apt.conf.d/50unattended-upgrades: | |||
<syntaxhighlight lang="text" enclose="div"> | |||
// Automatically upgrade packages from these (origin:archive) pairs | |||
Unattended-Upgrade::Allowed-Origins { | |||
"${distro_id}:${distro_codename}-security"; | |||
"${distro_id}:${distro_codename}-updates"; | |||
"${distro_id}:${distro_codename}-proposed"; | |||
// "${distro_id}:${distro_codename}-backports"; | |||
}; | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="text" enclose="div"> | |||
Unattended-Upgrade::Mail "foo@example.com"; | |||
Unattended-Upgrade::Remove-Unused-Dependencies "true"; | |||
Unattended-Upgrade::Automatic-Reboot "true"; | |||
</syntaxhighlight> | |||
:大胆にも automatic reboot 実験中 | |||
=== bind9 syslog messages === | |||
named.cache の更新作業をしていたら log にこんなものが、 | |||
<syntaxhighlight lang="text" enclose="div"> | |||
set up managed keys zone for view _default, file 'managed-keys.bind' | |||
Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones | |||
</syntaxhighlight> | |||
managed-keys.bind は DNSSEC 関連のファイルらしくって、DNSSEC 使っていない場合はそのファイルがなくエラーがでてしまうらしい。 | |||
options -> directory で定義しているディレクトリに空のファイルをつくる | |||
<syntaxhighlight lang="bash" enclose="div"> | |||
cd somewhere | |||
touch managed-keys.bind | |||
chown bind: managed-keys.bind | |||
</syntaxhighlight> | |||
RFC 1918 empty zones については最近の bind は親切にクエリして欲しくないzoneを自動で作ってくれるらしい。(むかしは空zoneでずらずら定義してたよね) | |||
だがしかし、EC2 のように 10.x.x.x で構成されるネットワークの場合は勝手につくってほしくないので options で | |||
<syntaxhighlight lang="text" enclose="div"> | |||
empty-zones-enable no; | |||
</syntaxhighlight> | |||
にしておいた。が、 | |||
<syntaxhighlight lang="text" enclose="div"> | |||
empty-zones-enable yes; | |||
disable-empty-zone "10.IN-ADDR.ARPA"; | |||
</syntaxhighlight> | |||
こっちのほうがよさげだね。 |