Disable errors on console

Recently when confronted with what turned out to be a networking issue that my Proxmox Virtual Environment cluster was having, the only way to interact with the hosts was through the management console.

Of course, as a result of a networking problem on something like a 5 node Proxmox plus Ceph cluster during a network problem, the host gets pretty chatty to its logs. And much of that gets displayed on the console you are trying to use.

Proxmox being built on Debian Linux means that dmesg is the utility to control the "kernel ring buffer" (basically whatever the kernel has to say) and the default is to display it all on the console.

If you log in on the console and need to get stuff done without being bombarded by kernel messages, you can run `dmesg -D` to disable the printing of messages to the console. When you want them back, `dmesg -E` enables them again.

Running a node.js server on a privileged port

 I needed to run a node.js server application with a listener on a privileged port (in this case port 80 because it was an HTTP proxy.)

Running a whole node application as root just so it can bind to a port lower than 1024 is overkill and turns any bug in node.js, imported modules, and your code into potential remote root security exploits. Not good.

Most server software designed to run on privileged ports (e.g. httpd) is designed to be initially run with root privileges to bind the port but will then drop those privileges once that is done and run as a dedicated system user with only the minimum set of permissions required to do its job.

Thanks to this serverfault answer, I learned about the authbind utility.

Install it (your Linux distro likely has a package available) and then touch, chown, and chmod the apropriate file in the `/etc/authbind/` folders. Read the manual page for all the options.

Sooo..... Assuming the desired app.js is running under non-privileged user "user" and you wish to bind to port 80:

sudo touch /etc/authbind/byport/80
sudo chown user:user /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80

Then as "user", run your app like this:

authbind node app.js

Reclaim unused space in thin VM disk

After slowly using the old method below for a dozen VMs, I started to wonder if there was a better way to just always write zeros when deleting files or to have the OS circle back around later to zero unused space. I thought there might be some sort of kernel or file-system option in Linux. I didn't find one, but what I did find was fstrim. It is designed to zero free space on mounted volumes and can find them by itself.

So... this new method is much easier and faster. Options vary by version of fstrim and Linux distro, but -a, --all and -v, --verbose seem well supported.

sudo fstrim --all --verbose

 

Old method:

To recover empty space in thin VM disks, it is often necessary to overwrite empty space inside the VM with zeroes. The zerofree utility is a good way to do that for the common ext file systems. Once the free space is zeroed, VM hypervisor software will often either recognize and reclaim the space on the host volume, or provide a utility to reclaim the space. Check your hypervisor documentation. In the case of host volumes using VMWare filesystem (VMFS) version 6 and higher, the reclaiming of zeroed space happens automatically in the background. Older versions require running a utility.

The easiest way to zero the free space on common Linux filesystems is to boot to a recent gparted live CD .iso file. Your VM software should let you mount the .iso file as a CDROM for the VM to boot. You may have to get into the VM BIOS to change the boot order.

Once GParted starts to boot, you should be able to choose all defaults and end up with a graphical interface that includes a running GParted and a desktop with a few other applications.

To write zeros to all the unclaimed space, see if you can spot the root device in the GParted GUI and then open the terminal application and run something like:

sudo zerofree -v <whatever_the_root_device_is>

For example:

sudo zerofree -v /dev/sda1

Note: If LVM is in use (you can tell from the GParted GUI that opens if you see an extended partition with an lvm2 pv filesystem), open terminal and run:

sudo lvdisplay

to find root device before running zerofree. Your zerofree command might then look something like:

sudo zerofree -v /dev/myhost-vg/root