Any storage performance are ultimately calculated by how best the underlying disks are performing.
IOPS is still the most common metric in use to measure the storage systems performance
IOPS calculations vary wildly based on the kind of workload being handled.
In general, there are three performance categories related to IOPS:
random performance, sequential performance, and a combination of the two,
which is measured when you assess random and sequential performance at the same time
IOPS is based on three key factors:
Rotational/spindle speed (A higher rotational speed is associated with a higher performing disk.)
Average Latency (time it takes for the sector of the disk being accessed to rotate into position under a read/write head.)
Average seek time (time (in ms) it takes for the hard drive's read/write head to position itself over the track being read or written. There are both read and write seek times; take the average of the two values)
Average IOPS Formula:
Divide 1 by the sum of the average latency in ms and the average seek time in ms
(1 / (average latency in ms + average seek time in ms).
3ms = average latency time
4.2ms = average seek time (read/write)
1/ 3ms + 4.2ms
1/7.2ms
1/.0072 = 138.88 = 139 IOPS
Average IOPS
SATA 7200K - 75-100
SATA 10K - 125-150
SAS 10K - 140
SAS 15K - 175-210
FC 15K - 200
Enterprises don't install a single disk at a time,
so the above calculations are pretty meaningless unless they can be translated to multidisk sets.
Fortunately, it's easy to translate raw IOPS values from single disk to multiple disk implementations;
For example, if you have ten 15K RPM disks, each with 175 IOPS capability, your disk system has 1,750 IOPS worth of performance capacity.
But this is only if you opted for a RAID-0 or just a bunch of disks (JBOD) implementation.
Monday, March 31, 2014
How to convert .crt/.cer into .pem
Generally your certificate comes in 2 formats:
X.509 and PKCS #7 which includes the Intermediate CA.
X509 File Extensions
The first thing we have to understand is what each type of file extension is.
[root@pg8873 2014_cert]# pwd
/home/pkg/2014_cert
[root@pg8873 2014_cert]# ls -l
total 44
-rwxr-xr-x 1 root root 26 Mar 11 16:13 passphrase-file
-rw-r--r-- 1 root root 2194 Mar 11 16:13 pgstars.2014.crt
-rw-r--r-- 1 root root 1110 Mar 11 16:14 pgstars.2014.csr
-rw-r--r-- 1 root root 1751 Mar 11 16:13 pgstars.2014.key
-rw-r--r-- 1 root root 6022 Mar 13 16:32 pgstars.p7b
Download the cert in both the formats,
PKCS #7 format save as .p7b
X.509 format save as .crt
Convert P7B to PFX
————————————————————————————————————
$ openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
$ openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CAcert.cer
————————————————————————————————————
Example:
[root@pg8873 2014_cert]# openssl pkcs7 -print_certs -in pgstars.p7b -out pgstars.2014.cer
[root@pg8873 2014_cert]# openssl pkcs12 -export -in pgstars.2014.cer -inkey pgstars.2014.key -out pgstars.2014.pfx -certfile pgstars.2014.crt
Enter pass phrase for stars.2014.key:
Enter Export Password:
Verifying - Enter Export Password:
PFX
Convert PFX to PEM
——————————————————————————————–
$ openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
——————————————————————————————–
NOTE: While converting PFX to PEM format, openssl will put all the Certificates and Private Key into a single file. You will need to open the file in Text editor and copy each Certificate & Private key(including the BEGIN/END statements) to its own individual text file and save them as certificate.cer, CAcert.cer, privateKey.key respectively.
Example:
[root@pg8873 2014_cert]# openssl pkcs12 -in stars.2014.pfx -out stars.2014.new2.pem -nodes
Enter Import Password:
MAC verified OK
X.509 and PKCS #7 which includes the Intermediate CA.
X509 File Extensions
The first thing we have to understand is what each type of file extension is.
[root@pg8873 2014_cert]# pwd
/home/pkg/2014_cert
[root@pg8873 2014_cert]# ls -l
total 44
-rwxr-xr-x 1 root root 26 Mar 11 16:13 passphrase-file
-rw-r--r-- 1 root root 2194 Mar 11 16:13 pgstars.2014.crt
-rw-r--r-- 1 root root 1110 Mar 11 16:14 pgstars.2014.csr
-rw-r--r-- 1 root root 1751 Mar 11 16:13 pgstars.2014.key
-rw-r--r-- 1 root root 6022 Mar 13 16:32 pgstars.p7b
Download the cert in both the formats,
PKCS #7 format save as .p7b
X.509 format save as .crt
Convert P7B to PFX
————————————————————————————————————
$ openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
$ openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CAcert.cer
————————————————————————————————————
Example:
[root@pg8873 2014_cert]# openssl pkcs7 -print_certs -in pgstars.p7b -out pgstars.2014.cer
[root@pg8873 2014_cert]# openssl pkcs12 -export -in pgstars.2014.cer -inkey pgstars.2014.key -out pgstars.2014.pfx -certfile pgstars.2014.crt
Enter pass phrase for stars.2014.key:
Enter Export Password:
Verifying - Enter Export Password:
PFX
Convert PFX to PEM
——————————————————————————————–
$ openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
——————————————————————————————–
NOTE: While converting PFX to PEM format, openssl will put all the Certificates and Private Key into a single file. You will need to open the file in Text editor and copy each Certificate & Private key(including the BEGIN/END statements) to its own individual text file and save them as certificate.cer, CAcert.cer, privateKey.key respectively.
Example:
[root@pg8873 2014_cert]# openssl pkcs12 -in stars.2014.pfx -out stars.2014.new2.pem -nodes
Enter Import Password:
MAC verified OK
Thursday, March 6, 2014
duplicate host ssh keys
cd /etc/ssh
# ls -l
total 164
-rw-------. 1 root root 125811 Apr 4 2011 moduli
-rw-r-r-. 1 root root 2047 Apr 4 2011 ssh_config
-rw------- 1 root root 3503 Jan 17 15:54 sshd_config
-rw------- 1 root root 3321 Dec 6 2012 sshd_config_03202013
-rw-------. 1 root root 3872 Jun 13 2012 sshd_config.orig
-rw-------. 1 root root 668 Jun 13 2012 ssh_host_dsa_key
-rw-r-r-. 1 root root 590 Jun 13 2012 ssh_host_dsa_key.pub
-rw-------. 1 root root 963 Jun 13 2012 ssh_host_key
-rw-r-r-. 1 root root 627 Jun 13 2012 ssh_host_key.pub
-rw-------. 1 root root 1671 Jun 13 2012 ssh_host_rsa_key
-rw-r-r-. 1 root root 382 Jun 13 2012 ssh_host_rsa_key.pub
mv ssh_host* /tmp
ssh-keygen -t rsa1 -f /etc /ssh /ssh _hos t_ke y
ssh-keygen -t rsa -f /etc /ssh /ssh _hos t_rs a_ke y
ssh-keygen -t dsa -f /etc /ssh /ssh _hos t_ds a_ke y
service sshd restart
It is best practice for security sake to have every server have a unique SSH host key.
Just a reminder, that it will break any existing ssh keys job you may have setup for users.
# ls -l
total 164
-rw-------. 1 root root 125811 Apr 4 2011 moduli
-rw-r-
-rw------- 1 root root 3503 Jan 17 15:54 sshd_config
-rw------- 1 root root 3321 Dec 6 2012 sshd_config_03202013
-rw-------. 1 root root 3872 Jun 13 2012 sshd_config.orig
-rw-------. 1 root root 668 Jun 13 2012 ssh_host_dsa_key
-rw-r-
-rw-------. 1 root root 963 Jun 13 2012 ssh_host_key
-rw-r-
-rw-------. 1 root root 1671 Jun 13 2012 ssh_host_rsa_key
-rw-r-
mv ssh_host* /tmp
ssh-keygen -t rsa1 -f /etc
ssh-keygen -t rsa -f /etc
ssh-keygen -t dsa -f /etc
service sshd restart
It is best practice for security sake to have every server have a unique SSH host key.
Just a reminder, that it will break any existing ssh keys job you may have setup for users.
Wednesday, March 5, 2014
OpenStack computing formula
OpenStack computing formula
(Over commit fraction x Physical cores) / VM cores per host
Example:
Physical cores = 8 (2 x Quad cores)
Over commit fraction = 1.6
Total VMs cores = 12.8 cores
If you want each VM with 2 virtual cores
(1.6 x 8) / 2 = 6.4 VMs
You can have 6.4 virtual machines, out of 8 physical cores
(Over commit fraction x Physical cores) / VM cores per host
Example:
Physical cores = 8 (2 x Quad cores)
Over commit fraction = 1.6
Total VMs cores = 12.8 cores
If you want each VM with 2 virtual cores
(1.6 x 8) / 2 = 6.4 VMs
You can have 6.4 virtual machines, out of 8 physical cores
Subscribe to:
Posts (Atom)