Difference between revisions of "Remote console setup"
|  (Undo revision 12262 by Tianshishiabn (talk)) |  (→Setting up remote side) | ||
| Line 110: | Line 110: | ||
| and rebuild initrd | and rebuild initrd | ||
| + | |||
| + | === Setting up rsyslogd === | ||
| + | |||
| + | /etc/rsyslog.d/netconsole.conf | ||
| + | |||
| + |  $template NetconsoleFile,"/var/log/netconsole-%HOSTNAME%.log" | ||
| + |  $template NetconsoleFormat,"%rawmsg%" | ||
| + | |||
| + |  $EscapeControlCharactersOnReceive off | ||
| + |  $DropTrailingLFOnReception off | ||
| + | |||
| + |  $RuleSet NetconsoleRuleset | ||
| + |  *.* ?NetconsoleFile;NetconsoleFormat | ||
| + |  $RuleSet RSYSLOG_DefaultRuleset | ||
| + | |||
| + |  $ModLoad imudp | ||
| + |  $InputUDPServerBindRuleset NetconsoleRuleset | ||
| + |  $UDPServerRun 6666 | ||
| === Setting up remote side ===   | === Setting up remote side ===   | ||
Revision as of 12:16, 5 July 2012
In case you are experiencing a kernel crash (oops) and have already tested your hardware, you should report what kernel says to the console (i.e. an oops text) to Bugzilla. Sometimes kernel crashes so badly that syslogd is not working and what kernel says is never written to a file. If this is the case, you have to catch what kernel says. There are several ways possible.
Manual/Photo
If kernel backtrace is not long enough there are chances that it can fit into a single screen. In that case, you can just make a photo of the kernel crash screen and attach it to the bug report. If you do not have a camera, you still can carefully write down (using a piece of paper and a pen, that is) what you see on the screen, and later type it into the bug report.
Serial console
Here is a description of a common routine that is necessary to set up a serial console.
Hardware setup
First of all you should make sure that your node has a serial port. If there is no such port then unfortunately this way is not for you.
Then you need to find a second machine with a serial port on it. This machine will be used to collect logs from your primary machine. Further you need to acquire so-called null modem cable (a.k.a. serial cable) and it must be long enough to connect these two machines.
Software setup
Sending side
In your boot loader add the following kernel parameters:
console=ttyS0,115200 console=tty0
|   | Warning: make sure kernel command line does not contain the word quiet, otherwise most of the kernel messages will not be printed to console. | 
For example, in GRUB boot loader configuration file /boot/grub/grub.conf it looks like this:
title Fedora Core (2.6.16-026test014.1-smp)
        root (hd0,0)
        kernel /vmlinuz-2.6.16-026test014.1-smp ro root=LABEL=/ console=ttyS0,115200 console=tty debug silencelevel=8
        initrd /initrd-2.6.16-026test014.1-smp.img
Kernel loaded with such parameters will send all kernel messages to /dev/ttyS0 (first serial port, a.k.a. COM1). If you have several ports, make sure that your null modem cable is connected to the appropriate port.
Receiving side
On the second node you should run any software that can log from /dev/ttyS0.
It can be usual
cat /dev/ttyS0 > /var/log/serial.log &
or something more sophisticated: syslogd, watchtty etc.
Port setup
One more important thing. 115200 in the example above is the rate of emitting port. Receiving port must also work at the same rate. For example, to tune ttyS0 rate use stty program like this:
stty 115200 < /dev/ttyS0
Some other serial port parameters, like parity, number of stop bits etc. should also be the same on both sides.
Netconsole
Kernel recompilation
If you use binary kernel from openvz.org, it already has netconsole module compiled in, so just skip to next section.
If you build the kernel yourself, you might need to check if netconsole is compiled. To that effect, change to your kernel source directory and grep your kernel .config for NETCONSOLE:
# cd /usr/src/openvz/linux-2.6.16 # grep NETCONSOLE .config
If you see nothing or "# CONFIG_NETCONSOLE is not set" you need to recompile the kernel.
Edit your kernel configuration file .config with a text editor (nano .config or vi .config). Set netconsole to Y or M (depending on whether you want it as a module or built into the kernel; I have compiled it as a module):
CONFIG_NETCONSOLE=m
Save the file, then recompile the kernel:
# make bzImage && make modules && make modules_install
Update your bootloader for the new updated kernel. In my case I use LILO so I just type lilo at the prompt.
Reboot into new kernel.
Setting up OpenVZ side
Next you want your netconsole to send the request to somewhere. Load netconsole module, specifying the remote server parameters:
# modprobe netconsole netconsole=4444@10.0.2.1/eth0,6666@10.0.2.2/00:05:5D:34:11:AF
This will load the module with your settings. Replace your local IP address with where 10.0.2.1 is, eth0 with your network interface card device, 6666 with the remote netconsole port (UDP), and 10.0.2.2 with your remote netconsole server IP. Also add in the mac address of your remote netconsole server, which in my case was 00:05:5D:34:11:AF. You can get the MAC address using arp utility:
# ping -c 1 10.0.2.2 # /sbin/arp -n 10.0.2.2 Address HWtype HWaddress Flags Mask Iface 10.0.2.2 ether 00:05:5D:34:11:AF C eth0
If the remote netconsole server is outside of local network area, use mac address of default gateway or router on local network area and IP address of remote netconsole server (loging via WAN). Mac address of default gateway or router you can get the same way (ping to gateway/router and see mac address via arp command).
Netconsole documentation is available from Documentation/networking/netconsole.txt file under your kernel source directory.
Setting from initrd
To durable logging boot process before root filesystem mounting network device driver and netconsole module must be loaded from initd.
RedHat 5/CentOS 5:
echo 'MODULES+="<network-driver-module> netconsole "' > /etc/sysconfig/mkinitrd/netconsole chmod +x /etc/sysconfig/mkinitrd/netconsole echo 'options netconsole netconsole=<sport>@<saddr>/<dev>,<dport>@<daddr>/<dmac>' >> /etc/modprobe.conf
Debian/Ubuntu:
echo '<network-driver-module>' >> /etc/initramfs-tools/modules echo 'netconsole netconsole=<sport>@<saddr>/<dev>,<dport>@<daddr>/<dmac>' >> /etc/initramfs-tools/modules
and rebuild initrd
Setting up rsyslogd
/etc/rsyslog.d/netconsole.conf
$template NetconsoleFile,"/var/log/netconsole-%HOSTNAME%.log" $template NetconsoleFormat,"%rawmsg%" $EscapeControlCharactersOnReceive off $DropTrailingLFOnReception off $RuleSet NetconsoleRuleset *.* ?NetconsoleFile;NetconsoleFormat $RuleSet RSYSLOG_DefaultRuleset $ModLoad imudp $InputUDPServerBindRuleset NetconsoleRuleset $UDPServerRun 6666
Setting up remote side
Setup netcat (nc on some Linux distributions) on your console server to listen on port 6666 UDP:
netcat -u -l -p6666
or
nc -lu 6666
When your kernel prints something on the console, the text will be also captured on this netconsole server.
Adding to inittab
For automatic care about capturing on console server you can use init respawn feature in this way:
echo "n1:23:respawn:/bin/netcat -u -l -p 6666 >> /var/log/netconsole" >> /etc/inittab telinit q
Adding date/time to messages
If you want the log to contain date/time of each line, you can use awk like this:
netcat -u -l -p6666 | awk '{print strftime("%d %b %Y %H:%M:%S"), $0; fflush(stdout);}' >> /var/log/netconsole
See man strftime for info about how to tailor strftime() argument to your needs.
Note that if you want to add this to /etc/inittab, it should be done like this:
echo "netcat -u -l -p6666 | awk '{print \
  strftime("%d %b %Y %H:%M:%S"), \$0; fflush(stdout);}' \
  >> /var/log/netconsole" > /usr/local/sbin/netconsole
chmod a+x /usr/local/sbin/netconsole
echo "n1:23:respawn:/usr/local/sbin/netconsole" >> /etc/inittab
telinit q
Configuring logrotate
For long term capturing you would like to do log rotating some way. With logrotate you can do it by creating config file /etc/logrotate.d/netconsole:
/var/log/netconsole {
    weekly
    rotate 8
    missingok
    compress
    copytruncate
    notifempty
    # Need to restart logger after log file move
    postrotate
        # Below line assumes netcat will be restarted by init
        killall -TERM netcat > /dev/null 2>&1 || true
}
For more details, see man logrotate.
Testing netconsole
First check log level of console messages on OpenVZ side by:
cat /proc/sys/kernel/printk
First number should be 7 for testing. You can arrange it by:
sysctl -w kernel.printk="7 4 1 7"
After testing you can restore previous setting the same way.
Load netconsole module (see above) and on the console server run netcat (nc) command. On OpenVZ side provoke any console message, for example connect any USB hardware or try command:
modprobe tun
If you see any console message on OpenVZ side, you should see message on console server too. If not, something is wrong. When debugging a problem, do not use tcpdump on OpenVZ side — it is not able to show netconsole packets. Instead, use tcpdump on console server. Quite a common source of problems with netconsole are firewalls.
