MySQL on S3… not yet
Ok, I’ve been playing with EC2 and S3. Using quite a long and complicated script to create an AMI (which is Amazon’s term for a disk image). The script is coming along nicely, using debootstrap to create a Debian etch image.
Yesterday and today (well, only in the evening today), I’ve been trying to get MySQL working on an s3fs drive, but I’m afraid that’s not going to work. Well, part of it might be because I’m trying to set it up from home and not from an EC2 instance, but still. MySQL just refuses to start with a weird message:
Starting MySQL database server: mysqld . . . . . . . . . . . . . . failed!
invoke-rc.d: initscript mysql, action "start" failed.
After which it hangs, altough it seems like MySQL did start. Maybe it’s something with the initscript. I realised in the end that I don’t really need MySQL running in such a setup. Making dumps every so often should be enough for what we have in mind. So I’m going to script an automatic recovery of the database, based on a dump every 5 minutes. That should work without losing any speed.
Comments Off
Bugs
This made me laugh.
DHCP server in Parallels host-only network
While trying to create a Debian preseeding environment in Parallels, I came across the fact that when you enable Mac OS X connection sharing, it starts it’s own dhcp (or rather, bootp) service. If that service recognises another dhcp/bootp server in the network, it bails out and deactivates connection sharing. That last is terribly annoying, since I want to run my own dhcp server from the preseed-provisioning server.
The solution is to run the following script, which makes sure forwarding is enabled in the kernel and in ipfw (the MacOSX firewall). I found a good solution in in an older article on a blog called collectivity. The script is this (host-only network is 10.37.129.0/24 with .1 being my Mac OS X host machine):
#!/bin/sh
DEFROUTE_IF=`/usr/sbin/netstat -rn | /usr/bin/awk '/^default/ {print $6;}'`
NATD=/usr/sbin/natd
NATD_OPTIONS="-log -log_denied -use_sockets -same_ports -interface $DEFROUTE_IF"
IPFW=/sbin/ipfw
LOOPBACK="lo*"
PUBLIC_IF="$DEFROUTE_IF"
PARALLELS_IF=en2
PARALLELS_NET="10.37.129.0/24"
# start natd
$NATD $NATD_OPTIONS
# divert traffic before anything else
$IPFW add 01000 divert natd all from $PARALLELS_NET to any out via $PUBLIC_IF
$IPFW add 01010 divert natd all from any to any in via $PUBLIC_IF
# standard mac os x firewall stuff
$IPFW add 02000 allow ip from any to any via $LOOPBACK
$IPFW add 02010 deny ip from 127.0.0.0/8 to any in
$IPFW add 02020 deny ip from any to 127.0.0.0/8 in
$IPFW add 02030 deny ip from 224.0.0.0/3 to any in
$IPFW add 02040 deny tcp from any to 224.0.0.0/3 in
$IPFW add 02050 allow tcp from any to any out
$IPFW add 02060 allow tcp from any to any established
$IPFW add 02070 allow tcp from any to any dst-port 22 in
$IPFW add 02070 allow ip from any to any dst-port 53 in
$IPFW add 02080 allow tcp from any to any dst-port 80 in
$IPFW add 02090 allow tcp from any to any dst-port 427 in
$IPFW add 02100 allow tcp from any to any dst-port 443 in
$IPFW add 02110 allow tcp from any to any dst-port 5297 in
$IPFW add 02120 allow tcp from any to any dst-port 5298 in
#$IPFW add 03000 allow all from $PARALLELS_NET to any via $PARALLELS_IF in
#$IPFW add 03010 allow all from any to $PARALLELS_NET via $PARALLELS_IF out
$IPFW add 12190 deny tcp from any to any
$IPFW add 65535 allow all from any to any
sysctl -w net.inet.ip.forwarding=1
I run it manually when needed.
