# yum repolist
*epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64
Now, install stress
# yum install stress
To test, first run the uptime command and note down the load average. Next, run the stress command to spawn 8 workers spinning on sqrt() with a timeout of 20 seconds. After running stress, again run the uptime command and compare the load average.
Now you need to specify your credentials (optionally, use apikey as username and an API Key as password) in the separate file /etc/postfix/sasl_passwd (you’ll likely need to create it):
Next, make sure the file has restricted read and write access only for root, and use the postmap command to update Postfix’s hashtables to use this new file:
If you are getting no mechanism available error messages it generally indicates that you are missing some SASL authentication libraries.
Install the missing module dependency using apt-get (i.e., Debian, Ubuntu):
$ apt-get install libsasl2-modules
Or using a yum (i.e., RedHat, Fedora, CentOS):
$ yum install cyrus-sasl-plain
Troubleshooting
If port 587 is not working for you please try 2525 in your postfix config. You may also need to edit /etc/postfix/master.cf to remove # from
#tlsmgr unix - - n 1000? 1 tlsmgr
Other integrations with MTA’a – https://sendgrid.com/docs/Integrate/Mail_Servers/postfix.html
Enabling TLS 1.2 and disabling other versions on Plesk.
In order to use the steps outlined below, you will need to upgrade Plesk to it’s most recent version. You can do so within the System Overview section of the Home screen in Plesk Panel or by running
# /usr/local/psa/admin/bin/autoinstaller
Once you have completed the upgrade you can run the command in the link below to enable TLS1.2 and disable older versions of TLS.
Since our host acts as a router we have to make sure it’s kernel has all IP packet forwarding features activated. Take a look at ‘/etc/sysctl.conf’ and make sure that the following two lines aren’t commented out:
Lastly make sure your host won’t send ICPM “redirect” messages to guests, telling them to find the gateway by themselves. This won’t work with our particular network setup. Add the following to ‘/etc/sysctl.conf’:
net.ipv4.conf.all.send_redirects=0
Reboot
Networking for nodes Incomplete – this is not currently working):
Set up 3 NIC’s
ens192 – primary for Public IP. This is the public IP for the installation.
ens224 – proxmox VE Cluster Network
ens256 – Ceph Install
Once installed, edit /etc/network/interfaces on all 3 nodes. Change the IP addresses accordingly. Remeber to backup the files before editing.
Example /etc/network/interfaces for px1 node 1.
auto lo
iface lo inet loopback
auto ens192
iface ens192 inet static
address 216.55.xxx.xxx
netmask 255.255.255.0
gateway 216.xx.xxx.1
post-up echo 1 > /proc/sys/net/ipv4/conf/ens192/proxy_arp
#Public IP
auto vmbr0
iface vmbr0 inet static
address 192.168.1.151
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens192 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens192 -j MASQUERADE
#Private Network for VM Creation
auto ens224
iface ens224 inet static
address 10.0.0.151
netmask 255.255.255.0
#Proxmox VE Cluster Network
auto ens256
iface ens256 inet static
address 10.10.10.151
netmask 255.255.255.0
#ceph network
Setting up the cluster
Hosts file edits. Backup hosts file and change to this on all nodes. This is not the hostname but an identifier.
Adding Nodes With Separated Cluster Network
When adding a node to a cluster with a separated cluster network you need to use the ringX_addr parameters to set the nodes address on those networks:
pvecm add IP-ADDRESS-CLUSTER -ring0_addr IP-ADDRESS-RING0
If you want to use the Redundant Ring Protocol you will also want to pass the ring1_addr parameter.
Creating the cluster after network and host file setup. Log into node 1.
Corosync Cluster Engine Authentication key generator.
Gathering 1024 bits for key from /dev/urandom.
Writing corosync key to /etc/corosync/authkey.
Writing corosync config to /etc/pve/corosync.conf
Restart corosync and cluster filesystem
Reboot
# reboot
Adding nodes.
From man corosync.conf
ringnumber – This specifies the ring number for the interface. When using the redundant ring protocol, each interface should specify separate ring numbers to uniquely identify to the membership protocol which interface to use for which redundant ring. The ringnumber must start at 0.
Adding nodes. Login to a node you want to add, node2, node3, node4, etc. In this example, login to node 2 (10.0.0.152)and the IP for node1 is 10.0.0.151.
Run the following where”
If the Admin prompt has a greyed out or missing Yes button but no password entry box, use the Built-In Admin account in Safe mode to create two new Admin accounts.
Mine was missing so I did this:
Boot into Safe mode by following this procedure. There is also an illustrated and well-explained procedure in Safe mode that you might prefer but it does not have all the steps and explanations that I have provided.
3.1 Prepare – Do you normally boot up to a logon screen
or have you bypassed that using netplwiz so that you boot up straight to your desktop without having to sign in every time
or {for local accounts only} you boot up straight to your desktop without having to sign in every time because you have never set a password for your day-to-day user account?
3.1.1 If you boot up to a logon screen, it eases getting into Safe mode
3.1.2 If you have bypassed the logon screen then attempt to reset it by entering netplwiz in a command prompt then, in the netplwiz window, selecting your Admin-level user account and setting the checkbox for Users must enter a username and password to use this computer. If you get an Admin challenge when running netplwiz [which would happen if you had set your UAC protection to its highest level] you will not be able to get around it and will need to take the additional step described in para 3.4 below.
3.1.3 If you have bypassed the logon screen because {for local accounts only} you have never set a password for that account you will need to take the additional step described in para 3.4 below.
3.2 Go to Settings, Update & security, Recovery then click on Advanced start-up – Restart now.
3.3 You’ll be taken to a blue menu. Select Troubleshoot, Advanced options, Startup settings, Restart.
3.4 You’ll be rebooted to another blue menu. Press the 4 key* to select Enable Safe mode. You will be taken to the Safe mode login screen.
* If you were unable [paras 3.1.2, 3.1.3 above] to turn off the attempt to boot straight into your day-to-day user account with no login screen appearing then, immediately after pressing the 4 key, press and hold down the Shift key until the login screen appears. If you are too slow then you will have to reboot normally [i.e. not into Safe mode] then repeat steps 3.2-4. I have tried this Shift key procedure repeatedly on a new Windows 10 computer & on a six year old Windows 10 computer upgraded from Windows 7 and it works every time but I have also tried in on an eleven year old Windows 10 computer that is almost-but-not-quite-fully Windows 10 compatible and cannot get it to work. If I was to lose of all my Admin-level accounts on this particular computer I would therefore have to reinstall Windows 10 or restore it from a recent system image.
3.5 Starting Safe mode in Windows 10 does not look like the Safe mode startup you might have seen in previous Windows versions. There is no long list of drivers & other Windows components whizzing up the screen.
3.6 The Safe mode login screen ought to have entries for your existing user accounts, entries for a couple of accounts created by Windows [DefaultAccount, Guest], possibly an entry for an account created by the computer OEM when setting the computer up before sale [such as defaultuser0] and an entry for an account with the username Administrator. Administrator is the username of the Built-In Administrator account**. If the username Administrator is not shown on the Safe mode login screen then you will probably have no choice but to reinstall Windows 10 because it would mean that, although you know that you have no functioning Admin-level accounts, Windows thinks you do. In this forum, we are not allowed to advise any course of action other than reinstallation in these circumstances.
** In the hope of avoiding too much confusion, I will use the term Administrator in full whenever I refer to the Built-In Administrator account and I will use the term Admin when referring to any Admin-level user accounts that you create.
3.7 Select the Administrator account and log in by clicking the login button or pressing the Enter/Return key – Administrator has no password so there is nothing to type in.
4 Use the Administrator account to fix the problem
4.1 When you log in to Administrator in Safe mode you’ll be taken to a fairly normal-looking, albeit black, desktop. There is Windows version info at the top and the words Safe mode are shown in each corner. You’ll get a false warning [that you can simply dismiss out of hand or ignore] that the Get started app cannot be opened or that you’ll need to get a new app to open ms-get-started. This false warning** seems to be a bug that Microsoft have not addressed.
** Note that if you ever log in to Safe mode using any other user account, you will get a false warning [that you can simply dismiss out of hand or ignore] that the Tips app or another app cannot be opened “using the Built-In Admin” even though you are not using it.
Image
4.2 Create a new Admin account with a password. You can change the password later so you can just keep it simple for now as long as you do not go online until you have finished. You can call the new user account almost whatever you like as long as no existing account uses the same name so do not call it Administrator, DefaultAccount or Guest and do not use the name of any of your own user accounts. Avoid spaces in the name & password just to keep things simple, only use characters you can type on the keyboard and don’t use any symbols in either of them that File explorer would reject if you tried using them in a filename [so, for example, do not use these * : < > / \ | ” ?]. I use the username NewAdminPrimary with a password 12345 here by way of example.
Open a Command prompt – click on the Start button, scroll down & click on Windows system then select Command prompt.
Enter net user if you need to check the names used for your existing user accounts.
Enter net user /add NewAdminPrimary 12345
Enter net localgroup Administrators NewAdminPrimary /add
4.3 Repeat this to create another account NewAdminReserve so you have both a new Admin-level account to use and a spare one to rescue the situation if NewAdminPrimary is ever afflicted with user profile corruption.
4.4 The user accounts created this way are “local” user accounts. They exist only on this computer. They are not linked to any online accounts such as MSAccounts.
4.5 Log into at least one of the new accounts without rebooting [Start button, user icon] just to give you confidence that all is now well. This takes a while as Windows has to go through its We’re just setting things up for you & It’s taking a bit longer than usual, but it should be ready soon routines. Then reboot and log in to one of the new accounts.
4.6 Do something that you know generates an Admin challenge so that you can see that the account is working correctly. You could, for example, use File explorer to go to C:\Program files then right-click, hover over New and click on Folder because that always generates the Admin challenge.
If you do see excessive bots, try adding in a crawl rate/delay for the site with Bing Webmaster tools, Google Webmaster tools as well as setting that up in robots.txt ). Webcrawlers can carelessly crawl the site and hit it hard, just to index pages.
When setting up an Azure VM that will have mail functions, you may need to set up a rDNS record. The Azure portal at this time does not have that capability but you can set this up in with the Azure CLI or PowerShell.