Archive for the ‘ Scripting ’ Category

ten basic Linux commands

Top 10 basic Linux commands for beginners

1. id – display information about user.

id will print the user and group information of the given argument, if no argument is given, it will show the information of the currently logged in user.

$ id
uid=1000(daniel) gid=1000(daniel) groups=1000(daniel),4(adm),27(sudo)
$ id -u -n
daniel
$ id root
uid=0(root) gid=0(root) groups=0(root)
$ id sshd
uid=110(sshd) gid=65534(nogroup) groups=65534(nogroup)
 

2. ls – list files in a directory.

ls lists the contents of current directory if not arguments are given. It has probably one of the largest number of options compared to other Linux commands.

$ pwd            # our current working directory
/home/daniel/projects
$ ls             # content of current directory
demo.txt  mail  nfs  redhat  samba
$ ls -l          # long listing
total 20
-rw-rw-r-- 1 daniel daniel   21 Apr 15 01:04 demo.txt
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 samba
$ ls -1         # list one file per line
demo.txt
mail
nfs
redhat
samba
$ ls -a        # show all, including ones starting with . (dot)
.  ..  demo.txt  .hidden  mail  nfs  redhat  samba
$ ls -al       # long listen plus show all 
total 32
drwxrwxr-x  6 daniel daniel 4096 Apr 15 01:04 .
drwxr-xr-x 18 daniel daniel 4096 Apr 15 01:06 ..
-rw-rw-r--  1 daniel daniel   21 Apr 15 01:04 demo.txt
-rw-rw-r--  1 daniel daniel   32 Apr 15 01:03 .hidden
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 samba
#  ls --format=verbose    # same as ls -l
total 20
-rw-rw-r-- 1 daniel daniel   21 Apr 15 01:04 demo.txt
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 samba
$ ls -F                  # classify: / for directory, * for executable, @ for symbolic link
demo-link@  demo.txt  mail/  nfs/  redhat/  run.sh*  samba/

$ ls -ls /etc/h*         # sort by size, smallest first for all files starting with h in /etc/ directory
8 -rw-r--r-- 1 root root 4781 Mar 17  2016 /etc/hdparm.conf
4 -rw-r--r-- 1 root root   92 Oct 22  2015 /etc/host.conf
4 -rw-r--r-- 1 root root   12 Feb 18 01:21 /etc/hostname
4 -rw-r--r-- 1 root root  191 Feb 18 01:21 /etc/hosts
4 -rw-r--r-- 1 root root  411 Feb 18 01:29 /etc/hosts.allow
4 -rw-r--r-- 1 root root  711 Feb 18 01:29 /etc/hosts.deny
                                   

3. cat – concatenate files and print on the standard output.

cat conCATenates one or more files given as argument and prints those on the standard output (console).
If no file or ‘-‘ (dash) is given, it reads from standard input until EOF (Ctrl+D) is pressed and prints is to standard output.

$ ls -l linus         # ls to make sure file exists
-rw-rw-r-- 1 daniel daniel 403 Apr 15 01:20 linus

$ cat linus           # print content of file to stdout
Hello everybody out there using minix -

I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones.
This has been brewing since april, and is starting to get ready.
I'd like any feedback on things people like/dislike in minix,
as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

$ cat -n linus       # show line numbers with -n
     1	Hello everybody out there using minix -
     2	
     3	I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones.
     4	This has been brewing since april, and is starting to get ready.
     5	I'd like any feedback on things people like/dislike in minix,
     6	as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

$ cat          # read from stdin(keyboard) and print to stdout(screen), repeats after me until I press Ctr+D to end it.
reading
reading
from standard inpu
from standard inpu
pressing Ctr+D now
pressing Ctr+D now

$ cat << EOF > file-from-stdin       # Reads from keyboard until EOF is pressed and saves(redirects) the text to a file.
  I read this from stdin
  end of file
  EOF

$ ls -l file-from-stdin               # printing content of file we created above.
-rw-rw-r-- 1 daniel daniel 35 Apr 15 01:22 file-from-stdin

$ cat file-from-stdin 
I read this from stdin
end of file

4. clear – clears the terminal screen.

clear is self-explanatory, it clears the terminal display and places your cursor at the top left corner. Similar to “cls” command in DOS/Windows/PowerShell.

$ clear

5. rm – removes one or more files.

 ls           # list of files/dirs in current directory
demo-link  demo.txt  file-from-stdin  linus  mail  myfile  nfs  redhat  run.sh  samba

$ ls myfile    # file exists
myfile

$ rm myfile      # delete file

$ ls myfile      # we should get an error
ls: cannot access 'myfile': No such file or directory

$ rm -i linus    # prompt for confirmation before removing file
rm: remove regular file 'linus'? y

$ rm -v demo.txt   # add verbosity, explain what is being done.
removed 'demo.txt'

$ rm -d mail -v     # remove empty directory
removed directory 'mail'

$ rm redhat/         # try to delete directory with rm, should get an error
rm: cannot remove 'redhat/': Is a directory

$ rm -d redhat        # error again, not empty
rm: cannot remove 'redhat': Directory not empty

$ rm -r redhat/ -v     # use -r for recursive removal of directory and its contents.
removed 'redhat/version7'
removed 'redhat/version6'
removed directory 'redhat/'

Use rmdir to delete the named directory, not its contents. To completely wipe out a directory and its contents use ‘rm -r’.

6. mkdir – make or create one or more directories.

mkdir is used to create one or more directories under current directory if no directory argument is given. The user creating the directory must have the permission to create a directory under the specified directory.

$ whoami                  # regular user
daniel

$ mkdir /root/mydir       # trying to create directory under root user's home directory, should get permission error.
mkdir: cannot create directory ‘/root/mydir’: Permission denied

$ pwd                      # current working directory, my home directory
/home/daniel/projects

$ mkdir april-15           # create directory here
$ ls
april-15  demo-link  file-from-stdin  nfs  run.sh

$ mkdir nfs -v             # can't overwrite an existing directory
mkdir: cannot create directory ‘nfs’: File exists
$ mkdir newdir/seconddir/thriddir    # can't create a series of directories without parent directories existing
mkdir: cannot create directory ‘newdir/seconddir/thriddir’: No such file or directory

$ mkdir -p newdir/seconddir/thriddir  # -p makes parent directories as well, solves above problem.

$ ls -R newdir/                       # recursive (-R) listing with ls shows all directories created.
newdir/:
seconddir

newdir/seconddir:
thriddir

newdir/seconddir/thriddir:

7. mv – moves a file or directory to another location.

mv is most commonly used for renaming files and directories. You can specify more than two directory arguments,
it will move the all directory, except the last one to the last (destination) directory.

$ mv -v run.sh run-script.sh   # -v is for verbose, move file.
'run.sh' -> 'run-script.sh'

$ ls run*                      # file has been renamed.
run-script.sh

$ mv samba/ nfs/ redhat/ -v          # move first two directories to the last one
'samba/' -> 'redhat/samba'
'nfs/' -> 'redhat/nfs'

$ ls redhat/
nfs  samba      

8. cp – copy files and directories.

cp is used to copy files as well as directories, most commonly to take backups.

$ ls
april-15  demo  demo-link  demo.txt  file-from-stdin  hosts-backup  linus  mail  myfile  newdir  redhat  run-script.sh

$ cp demo demo-new -v    # copying directory
cp: omitting directory 'demo'

$ cp -r demo demo-new -v    # recursive(-r) copy, with verbose(-v) mode.
'demo' -> 'demo-new/demo'
'demo/one' -> 'demo-new/demo/one'

$ cp -av redhat /tmp/      # archive, preserve the specified attributes
'redhat' -> '/tmp/redhat'
'redhat/nfs' -> '/tmp/redhat/nfs'
'redhat/samba' -> '/tmp/redhat/samba'
'redhat/newdir' -> '/tmp/redhat/newdir'
'redhat/newdir/seconddir' -> '/tmp/redhat/newdir/seconddir'
'redhat/newdir/seconddir/thriddir' -> '/tmp/redhat/newdir/seconddir/thriddir'

$ls -al /tmp/redhat/
total 20
drwxrwxr-x  5 daniel daniel 4096 Apr 15 01:55 .
drwxrwxrwt 13 root   root   4096 Apr 15 01:58 ..
drwxrwxr-x  3 daniel daniel 4096 Apr 15 01:55 newdir
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:51 samba

$ touch demo/one mail/one

$ cp demo/one mail/one        # overwrite file

$ cp -i demo/one mail/one     # prompt before overwriting a file
cp: overwrite 'mail/one'? y

$ cp -s demo-link  demo-link2  # copy as symbolic link

$ ls -l
...
lrwxrwxrwx  1 daniel daniel    8 Apr 15 01:51 demo-link -> demo.txt
lrwxrwxrwx  1 daniel daniel    9 Apr 15 02:02 demo-link2 -> demo-link
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:58 demo-new
...
$ cp demo-link demo-link3     # copies target or dereferenced file, not symbolic link.

$ ls -l
...
drwxrwxr-x  2 daniel daniel 4096 Apr 15 02:00 demo
lrwxrwxrwx  1 daniel daniel    8 Apr 15 01:51 demo-link -> demo.txt
lrwxrwxrwx  1 daniel daniel    9 Apr 15 02:02 demo-link2 -> demo-link
-rw-rw-r--  1 daniel daniel   21 Apr 15 02:02 demo-link3
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:58 demo-new
-rw-rw-r--  1 daniel daniel   21 Apr 15 01:51 demo.txt
...

9. cd – change directory.

cd is actually a built-in shell command, you won’t find it in the file system as the other commands above. It is used to change working directory.
Use it with “pwd” to show your current directory.


$ pwd        # our current working directory
/home/daniel/projects
$ cd demo    # changing to demo/ directory
$ pwd
/home/daniel/projects/demo
$ cd -       # switch back to previous directory, "-" (dash) does the trick.
/home/daniel/projects
$ pwd
/home/daniel/projects
$ cd /root/   # you need permission to switch to protected directories.
-bash: cd: /root/: Permission denied

10. man – display information from the man pages.

The man command provides and interface to the on-line reference manuals. man will search through all the sections of the man pages.
If the section number is given, it will search only that section.

$ man man       # search the man  pages for information about the man command.

$ man ls          # help on ls

$ man 5 crontab   # search in section 5 of the man pages

$ man -k mkdir    # show short description of mkdir keyword.
mkdir (1)            - make directories
mkdir (2)            - create a directory
mkdirat (2)          - create a directory

Linux – grep exclude grep

grep exclude grep from output

When you run a Linux command and pipe it through grep, the grep text itself is shown in the output as well. Once common technique is to use “grep -v” to exclude it. But here is a handy tip which excludes the grep text by placing the first character in a parenthesis –

Normal grep output – notice “grep ssh” is shown in the output :

[daniel@kauai tmp]$ ps aux |grep ssh
root      2795  0.0  0.0  66236  1236 ?        Ss   Mar01   0:38 /usr/sbin/sshd
daniel    6317  0.0  0.0 103320   832 pts/1    S+   23:21   0:00 grep ssh
root     25544  0.0  0.0 100016  4232 ?        Ss   22:17   0:00 sshd: daniel [priv]
daniel   25552  0.0  0.0 100016  2008 ?        S    22:17   0:00 sshd: daniel@pts/8

With the parenthesis trick we can exclude “grep ssh” from the output –

[daniel@kauai tmp]$ ps aux |grep [s]sh
root 2795 0.0 0.0 66236 1236 ? Ss Mar01 0:38 /usr/sbin/sshd
root 25544 0.0 0.0 100016 4232 ? Ss 22:17 0:00 sshd: daniel [priv]
daniel 25552 0.0 0.0 100016 2008 ? S 22:17 0:00 sshd: daniel@pts/8

[/bash]

Linux – empty or truncate files with strange names such as white space etc.

In Linux, it is very common to expect the files in the system to follow certain naming conventions – such as no white space, usually only lower cases, alphanumeric with underscore or dashes. But in some cases, you will find files which don’t follow this convention – the files might have been copied from other OSes such as Microsoft Windows or MacOS. Here is a trick to empty these files without deleting them.

Use the “truncate” command to empty files with non-standard names.

Requirement – empty files with white space in file name. Keep the files, just reduce the size to 0.

# find . -type f -exec ls -l {} \;
-rw-rw-r-- 1 nagios nagios 0 Dec 21 11:21 ./app/\var\log\messages
-rw-rw-r-- 1 nagios nagios 1359 Dec 19 06:26 ./puppet/\var\log\syslog
-rw-rw-r-- 1 nagios nagios 8071 Dec 15 02:30 ./ftp/Microsoft-Windows-EventCollector\Operational

# find . -type f -exec truncate -s 0 {} \;

# find . -type f -exec ls -l {} \;
-rw-rw-r-- 1 nagios nagios 0 Dec 21 11:27 ./app/\var\log\messages
-rw-rw-r-- 1 nagios nagios 0 Dec 21 11:27 ./puppet/\var\log\syslog
-rw-rw-r-- 1 nagios nagios 0 Dec 21 11:27 ./ftp/Microsoft-Windows-EventCollector\Operational

With the command

find . -type f -exec truncate -s 0 {} \;

, we were able to list all files in current directory and empty them.

C programming Language – Code snippets

C Programming Language, 2nd Edition

Compiling and running the sample codes using gcc :

gcc sample.c -o sample
./sample

Chapter 2 – Types, Operators and Expressions

1.Convert to lower case.

#include<stdio.h>

int main(int argc, char *argv[])

{

  while(*argv[1])
   {
     if(*argv[1] >='A' && *argv[1] <='Z') { putchar(*argv[1] + 'a' -'A'); *++argv[1]; }
     else
      {putchar(*argv[1]); *++argv[1]; }
   }

printf("\n");
return 0;
}

2. Get bits


#include<stdio.h>

unsigned getbits(unsigned x,int p, int n);

int main()

{
   int x=16;
   printf("%d\n",getbits(x,4,3));

return 0;
}

unsigned getbits(unsigned x, int p, int n)
 {
   return ( x >> (p+1-n)) & ~(~0 << n);
 }

3. Count one bits


#include<stdio.h>

int bitcount(unsigned x);
int main()

{
  unsigned short x=38;

  printf("%d has %d 1 bits\n",x,bitcount(x));
  return 0;
}

int bitcount(unsigned x)
 {
   int b;
   for(b=0; x!=0; x>>=1)
    if (x&1) b++;
  return b;
}

4. Remove character from string



#include<stdio.h>

int main(int argc, char *argv[])

{


if (argc !=3)  { printf("usage: del string char\n"); return -1;}

while(*argv[1])

{
   if(*argv[1] != *argv[2]) { putchar(*argv[1]); *++argv[1]; }
   else
   { *++argv[1]; continue; }
}
printf("\n");
return 0;

}

5. Convert x to binary


#include<stdio.h>
#define  LEN 16
int main()

{
  int x=112,counter=0;
  int binary[LEN]={0};
  while(x)
   {
     binary[counter]=x%2; x/=2; counter++;
   }
while(counter>=0) { printf("%d",binary[counter]); counter--; }
printf("\n");
return 0;
}

6. Convert char to integer

#include<stdio.h>

#define NUM 1

int main(int argc, char *argv[])

{
 int counter=1,n=0;

 if(argc!=2) { printf("usage: atoi arglist\n"); return -1;}

 while(*argv[NUM])
   {
      if(*argv[NUM]>='0' && *argv[NUM]<='9') { n=10*n+(*argv[NUM]-'0'); *++argv[NUM]; }
      else
       { *++argv[NUM]; continue; }
   }
 printf("number=%d\n",n);
 return 0;

 }

Reference –

https://www.amazon.com/Programming-Language-2nd-Brian-Kernighan/dp/0131103628#reader_0131103628

Linux – fast file search

Linux – fast file system search with locate and updatedb

Typically

find

command is the most commonly used search utility in Linux. GNU find searches the directory tree rooted at each given starting-point by evaluating the given expression from left to right, according to the rules of precedence.

There is an alternative and fast way of searching for files and directories in Linux though and that is the

locate

command, and it goes hand in had with the

updatedb

utility which keeps an indexed database of the files in your system. The locate tools simply reads the database created by updatedb.

Installation –

sudo apt-get -y install mlocate           [Debian/Ubuntu]
sudo yum -y install mlocate               [CentOS/Redhat]

updatedb is usually has a daily cron job to update the default database(‘/var/lib/mlocate/mlocate.db’). To manually update the database, you can manually run the ‘updatedb’ command first. That will take a while depending on the number of files you have on your system, the last time updatedb ran or other file related changes.

First time – update the default database, run any of the below command depending on your requirements. Most likely, the first and/or third command is what you need.

updatedb
updatedb -U /some/path      # if interested in indexing specific directory that you will search frequently.
updatedb -v                 # verbose mode

Time to search
locate command is the utility to search for entries in a mlocate database.

Some examples –

locate cron         # any file or directory with cron in its name
locate -i cron      # case insensitive
locate -c cron      # only print number of found entries
locate -r 'cron$'   # regex - only files or directories with names ending in cron.
locate -r '/usr/.*ipaddress.*whl$'   # regex for eg. /usr/share/python-wheels/ipaddress-0.0.0-py2.py3-none-any.whl

locate can also print the statistics on count of files, directories, size used by updatedb default directory.

root@cloudclient:/tmp# locate -S
Database /var/lib/mlocate/mlocate.db:
	28,339 directories
	185,661 files
	11,616,040 bytes in file names
	4,481,938 bytes used to store database

Customizing updatedb
updatedb can be customized to output the search database to a different file than the default db, in addition to this we can change the directory to index other than the default root tree. We can then tell locate to use the custom db.

In the below example, I am indexing the files under home directory in /tmp/home.db database, and then run locate to use this custom DB. As you can see the number of files and directories is way lower and thus the search much faster although since it has to scan specific directory.

$ updatedb -U ~ -o /tmp/home.db
$ locate -d /tmp/home.db cron
$ locate -d /tmp/home.db -S
Database /tmp/home.db:
	3,530 directories
	29,943 files
	2,635,675 bytes in file names
	762,621 bytes used to store database

References –

https://linux.die.net/man/8/updatedb

https://linux.die.net/man/1/locate

Infoblox dns api

Infoblox dns management – using the REST api with Python

Infoblox provides a product to manage your DNS, DHCP and IPAM through a single management interface. In this short article, I will walk you through automating some of the day to day operations work in managing DNS using Infoblox REST API. The REST based api tool can be also used to manage DHCP and IPAM.

The Infoblox WAPI is the REST interface we will interact with. In a highly available DNS setup, the WAPI requests go to the HA Grid Master IP or hostname. The requests typically have arguments and body. A great resource that helped me get started is a github repo of Infoblox Api python modules.

Clone the Infoblox Python modules repo to get started –

cd /tmp
git clone https://github.com/Infoblox-Development/Infoblox-API-Python.git

The class initialization of infoblox api (infoblox.py ) holds certain parameters, including ones used for authentication. Set this values according to your environment.

        """ Class initialization method
        :param iba_ipaddr: IBA IP address of management interface
        :param iba_user: IBA user name
        :param iba_password: IBA user password
        :param iba_wapi_version: IBA WAPI version (example: 1.0)
        :param iba_dns_view: IBA default view
        :param iba_network_view: IBA default network view
        :param iba_verify_ssl: IBA SSL certificate validation (example: False)
        """

Once you have the right parameters, you can write scripts which utilize the infoblox.py module. Here is a simple python script to get A record record details, given an IP address and domain.

Make sure you work under the directory where you cloned the infoblox github repo –

Script path: /tmp/get_a_record.py
Usage example: python /tmp/get_a_record.py 192.168.100.2  mail-gateway.example.net

Script to pull A record details of a DNS zone –

#!/usr/bin/env python

import infoblox
import sys
import requests
import json
import socket

def Usage():
    print "{0} {1} {2}".format(sys.argv[0], 'IP-ADDRESS','FQDN')
    sys.exit(1)

if len(sys.argv)<3:
    Usage()

myip=sys.argv[1]
myfqdn=sys.argv[2].lower()
try:
    socket.inet_aton(myip)
except:
    print "Not valid IP."
    sys.exit(1)

# Create a session
ibx_server='grid-master.example.net'
ibx_username='dns-admin'
ibx_password='admin-secret'
ibx_version='1.6'
ibx_dns_view='default'
ibx_net_view='default'

ibx=infoblox.Infoblox(ibx_server, ibx_username, ibx_password, ibx_version, ibx_dns_view, ibx_net_view, iba_verify_ssl=False)

# Get address details
payload='{"ipv4addr": '  + json.JSONEncoder().encode(myip) + ',' + '"name": ' + json.JSONEncoder().encode(myfqdn) + '}'
my_url='https://' + ibx.iba_host + '/wapi/v' + ibx.iba_wapi_version + '/record:a'
r = requests.get(url=my_url, auth=(ibx.iba_user, ibx.iba_password), verify=ibx.iba_verify_ssl, data=payload)
data = r.json()
print data

You can also use the existing class methods defined in the infoblox module. In the below example, I am using the ‘create_cname_record’ method to create an Alias.

ibx=infoblox.Infoblox(ibx_server, ibx_username, ibx_password, ibx_version, ibx_dns_view, ibx_net_view, iba_verify_ssl=False)
canonical='www.example.net'
name='web-server1.example.net'
ibx.create_cname_record(canonical, name)

If you can’t find the particular method in the infoblox module, it should’t be difficult to write one. Follow the api reference documentation on the structure of the WAPI Api calls.

Note – in some cases, you have to make multiple api calls to perform certain tasks. One example is updating the TTL for a DNS entry. On the first call, you need to get the host reference id and on second call update the TTL. The below example shows a simple python script to update the TTL (in seconds) for an existing FQDN entry.

Usage example - python update_ttl.py mail-gateway.example.net 600

update_ttl.py script –

#!/usr/bin/env python

import infoblox
import sys
import json
import requests

def Usage():
    print "{0} {1} {2}".format(sys.argv[0], 'ExistingFQDN', 'TTL')
    sys.exit(1)

if len(sys.argv)<3:
    Usage()

oldname=sys.argv[1].lower()
newttl=int(sys.argv[2])

# Create a session
ibx_server='grid-master.example.net'
ibx_username='dns-admin'
ibx_password='admin-secret'
ibx_version='1.6'
ibx_dns_view='default'
ibx_net_view='default'
ibx=infoblox.Infoblox(ibx_server, ibx_username, ibx_password, ibx_version, ibx_dns_view, ibx_net_view, iba_verify_ssl=False)
# Validate oldname exists
ibxhost=ibx.get_host(oldname)
if ibxhost['name'] != oldname:
    print oldname + " does not exist."
    sys.exit(1)
# update data
host_ref=ibxhost['_ref']
payload=json.dumps({'ttl':newttl})
my_url = 'https://' + ibx.iba_host + '/wapi/v' + ibx.iba_wapi_version + '/' + host_ref
r = requests.put(url=my_url, auth=(ibx.iba_user, ibx.iba_password), verify=ibx.iba_verify_ssl, data=payload)
if r.ok:
    print("TTL updated successfully.")
else:
    print("Error - {}".format(r.content))

References –

Products page – https://www.infoblox.com/products/dns/

Rest API documentation – https://www.infoblox.com/wp-content/uploads/infoblox-deployment-infoblox-rest-api.pdf

HA GRID MASTER – https://docs.infoblox.com/display/NAG8/Chapter+5+Deploying+a+Grid#Chapter5DeployingaGrid-bookmark587