Attach a disk/DVD to VM in KVM Host



Attach DVD/Disk attached to KVM host. Just change the source dev to match what was assigned to your usb when it was plugged in.
Create a xml file as below.

<disk type=’block’ device=’disk’>
<driver name=’qemu’ type=’raw’ cache=’none’/>
<source dev=’/dev/sr0’/>
<target dev=’vdc’ bus=’virtio’/>

<disk type=’block’ device=’disk’>
<driver name=’qemu’ type=’raw’/>
<source dev=’/dev/sdb’/>
<target dev=’sdb’ bus=’scsi’/>

Then execute the command.

virsh attach-device vmserverID /path/to/disk/usb.xml.

Also try xml with the below format.

<hostdev mode ‘subsystem’ type=’usb’>


<vendor id=’0x03f0’/>

<product id=’0x4217’/>



Where vendor ID and product ID could be obtained from the below command.


Bus 002 Device 018: ID 03f0:4217 Hewlett-Packard EWS CM1015






Application Upgrade

Upgrade applications in CentOS.

PHP && MySQL installation or upgrade.

CentOS/RHEL 7.x:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
CentOS/RHEL 6.x:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

CentOS/RHEL 5.x:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm
rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm

Now, remove all the old php packages installed and update with new php packages.

Note:- yum install php55w-mysql.x86_64  — This is required for integration of PHP with MySQL


Ref url:-






How to use two Python Versions.

Default python version is ‘2.6.6’ in CentOS – 6 and this cannot be uninstalled as this is required for ‘yum’ and other utilities to work. It is possibe to install alternate Python version.

yum install -y centos-release-SCL
yum install -y python27

/usr/local/bin/python -V –>This will show new version of Python.

/usr/bin/python -V –>This will show old version of Python.
How to install Python 2.7.6 on CentOS 6.3.

yum groupinstall “Development tools”
yum install zlib-devel
yum install bzip2-devel
yum install openssl-devel
yum install ncurses-devel
yum install sqlite-devel

cd /opt
wget –no-check-certificate https://www.python.org/ftp/python/2.7.6/Python-2.7.6.tar.xz
tar xf Python-2.7.6.tar.xz
cd Python-2.7.6
./configure –prefix=/usr/local
make && make altinstall
Ref url:- https://github.com/h2oai/h2o-2/wiki/Installing-python-2.7-on-centos-6.3.-Follow-this-sequence-exactly-for-centos-machine-onlyhttps://github.com/h2oai/h2o-2/wiki/Installing-python-2.7-on-centos-6.3.-Follow-this-sequence-exactly-for-centos-machine-only




AutoProtect kernel module failed to enable.

Packages to be installed.
*kernel-devel-$(uname –r)
*kernel-headers-$(uname –r)

#locate ap-kernelmodule.tar.gz
#tar -xf ap-kernelmodule.tar.gz
#cd ap-kernelmodule
#cd bin.ira
#mv * /opt/Symantec/autoprotect/
#/etc/init.d/autoprotect restart
#/etc/init.d/rtvscand restart
#/opt/Symantec/symantec_antivirus/sav info -a





Symantec installation error.

Issue:- Installation requires 32bits glibc library. Please install it and try again.

soln:-yum install glibc.i686 libgcc.i686 libX11.i686



How to copy files with progress bar.

Use ‘pv’ utility.

How to Monitor Progress of (Copy/Backup/Compress) Data using ‘pv’ Command



Iiptables and firewalld


Provide  Dynamic management of firewall. See below some examples.

firewall-cmd –zone=public –add-port=80/tcp        //Open  port 80
firewall-cmd –zone=public –add-port=80/tcp –permanent           //To make policy permanent
firewall-cmd –zone=public –add-forward-port=port=80:proto=tcp:toport=8080        //Redirect port 80 to 8080
firewall-cmd –permanent –zone=public –add-forward-port=port=80:proto=tcp:toport=8080   //To make policy permanent

firewall-cmd  --zone=public --add-rich-rule="rule family="ipv4" source address="" port protocol="tcp" port="4567" accept" --permanent //OPen service from particular IP
firewall-cmd –reload //Reload firewall-cmd
iptables-save | grep ” //Verify


More details, refer url:-https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html



IPtable – Allow connection from single IP.

iptables -I INPUT -s <IP> -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I OUTPUT -o eth0 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT DROP

Refer below url for connection states
URL: http://www.iptables.info/en/connection-state.html

Load Balancing.

Apache Load balancing .

Using Haproxy in Opensuse 12:-

zypper addrepo http://download.opensuse.org/repositories/server:http/SLE12/server:http.repo

zypper search haproxy

zypper install haproxy

systemctl restart haproxy


zypper install apache2

vi /etc/apache2/listen.conf

Listen 808 

IfDefine SSL>
<IfDefine !NOSSL>
<IfModule mod_ssl.c>

Listen 444


>Change http and https port from default.



systemctl restart apache2

Doc root :- /etc/apache2/conf.d/default-server.conf


echo “This is to show that apache is working” >> index.html



zypper install php

zypper install apache2-mod_php5

cd /srv/www/htdocs/

Test using info.php



To check  this , install additional custom apache server.


cd /usr/local/src

wget http://www.us.apache.org/dist//httpd/httpd-2.4.18.tar.gz

wget https://archive.apache.org/dist/apr/apr-util-1.5.4.tar.gz

wget https://archive.apache.org/dist/apr/apr-1.5.2.tar.gz


Untar all using tar -xzf $packages

Cd apr-1.5*



make install


Apr is installed under the location “/usr/local/apr/” whose binary in the location “/usr/local/apr/bin/apr-config”

cd apr-utl.*

./configure –with-apr=/usr/local/apr/bin/apr-config


make install

This will install apr-utils under “/usr/local/apr/bin/apu-config“

zypper install pcre


./configure –prefix=/usr/local/apache22 –with-apr=/usr/local/apr/bin/apr-config –with-apr-util=/usr/local/apr/bin/apu-config


make install


Change listening port from /usr/local/apache22/conf/httpd.conf

Start using

/usr/local/apache22/bin/apachectl start


Change the /etc/haproxy/haproxy.cfg as below taking the backup.

mv  /etc/haproxy/haproxy.cfg  /etc/haproxy/haproxy.cfg{,.haproxy.cfg.bak_$(date +%d-%m-%y)

cat /etc/haproxy/haproxy.cfg
log /dev/log daemon
maxconn 32768
chroot /var/lib/haproxy
user haproxy
group haproxy
stats socket /var/lib/haproxy/stats user haproxy group haproxy mode 0640 level operator
tune.bufsize 32768
tune.ssl.default-dh-param 2048
ssl-default-bind-ciphers ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH

log global
mode http
option log-health-checks
option log-separate-errors
option dontlog-normal
option dontlognull
option httplog
option socket-stats
retries 3
option redispatch
maxconn 10000
timeout connect 5s
timeout client 50s
timeout server 450s

#listen stats
# bind
# bind :::80 v6only
# stats enable
stats uri /haproxy?stats
# option httpclose
# option forwardfor
frontend http-in
bind *:80
default_backend web-backend
backend web-backend
balance roundrobin
# stats refresh 5s
# server default IP:808 check
# server default IP:808 check
server default IP:808 check
# server custom IP:8088 check
server custom IP:8088 check
# rspadd Server:\ haproxy/1.6



This will swicth apache server on arch access via browser on port 80.

The web server status can  be found from




A frontend defines how requests should be forwarded to backends. Frontends are defined in the frontendsection of the HAProxy configuration.



A backend is a set of servers that receives forwarded requests. Backends are defined in the backendsection of the HAProxy configuration.


Round Robin selects servers in turns. This is the default algorithm.

stats uri <prefix>

Enable statistics and define the URI prefix to access them