ss (socket statistics) introduction

Almost every sys-admin know the powerful tool called ‘netstat’ but it is time to say bye-bye to netstat as we have a more powerful and concise tool called ‘ss’.

1. ss introduction

ss is the abbreviation for socket statistics. It is part of the iproute tool. If you can’t use ss, you need to install iproute such as
       yum install iproute iproute-doc
while netstat is part of net-tools which has not been updated since 2001
when we compare the performance between ss and netstat, we can get the conclusion that ss is much faster than netstat, that is because ss uses TCP’s tcp_diag to get the statistics from linux kernel.

See when a linux handle 10000 TCP connections, netstat took over 1 second to get the output and only 0.01 second to get the ss status

[root@X003 bin]# time netstat -ant > /dev/null

real    0m1.334s
user    0m0.230s
sys     0m1.101s
[root@X003 bin]# time ss -s
Total: 10439 (kernel 10442)
TCP:   11073 (estab 9203, closed 1, orphaned 800, synrecv 0, timewait 0/0), ports 10007

Transport Total     IP        IPv6
*         10442     -         -
RAW       0         0         0
UDP       8         5         3
TCP       11072     10008     1064
INET      11080     10013     1067
FRAG      0         0         0


real    0m0.014s
user    0m0.000s
sys     0m0.012s
ss 

2. Basic usage:

1. ss -s #Get basic statistics information

[root@X003 bin]# ss -s
Total: 180 (kernel 197)
TCP:   15 (estab 3, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 7

Transport Total     IP        IPv6
*         197       -         -
RAW       0         0         0
UDP       8         5         3
TCP       14        8         6
INET      22        13        9
FRAG      0         0         0

2. ss -l #only list the listening port

[root@X003 bin]# ss -l
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
LISTEN     0      128                    :::sunrpc                  :::*
LISTEN     0      128                     *:sunrpc                   *:*
LISTEN     0      128                    :::http                    :::*
LISTEN     0      128                    :::ssh                     :::*
LISTEN     0      128                     *:ssh                      *:*
LISTEN     0      128             127.0.0.1:ipp                      *:*
LISTEN     0      128                   ::1:ipp                     :::*
LISTEN     0      100                   ::1:smtp                    :::*
LISTEN     0      100             127.0.0.1:smtp                     *:*
LISTEN     0      128                    :::55878                   :::*
LISTEN     0      128                     *:38186                    *:*

3. ss -t #only list the tcp status

[root@X003 bin]# ss -t
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418

4. ss -u #only list the udp status
5. ss -p #list the program associated with port

[root@X003 bin]# ss -p
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433    users:(("sshd",1789,3))
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417    users:(("sshd",1734,3))
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418    users:(("sshd",1759,3))

6. ss -n #don’t convert the number to the hostname or known service name

[root@X003 bin]# ss -n
State      Recv-Q Send-Q        Local Address:Port          Peer Address:Port
ESTAB      0      52           192.168.56.113:22            192.168.56.1:65433
ESTAB      0      0            192.168.56.113:22            192.168.56.1:65417
ESTAB      0      0            192.168.56.113:22            192.168.56.1:65418

7. ss -e #show the extensive/detailed information.

[root@X003 bin]# ss -e
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433    timer:(on,354ms,0) ino:74064 sk:ffff88002c8d5440
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417    timer:(keepalive,76min,0) ino:73782 sk:ffff8800299e4d80
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418    timer:(keepalive,76min,0) ino:73915 sk:ffff8800299e4700

Powerful DNS query tool - DIG

When we talk about the DNS query tool, we usually refer to nslookup. Now in this blog, we are going to talk about a more powerful tool called dig.

1.dig. Command without any parameters

root@ip-172-31-7-84:~# dig

; <<>> DiG 9.9.5-3-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25338
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       19664   IN      NS      d.root-servers.net.
.                       19664   IN      NS      e.root-servers.net.
.                       19664   IN      NS      f.root-servers.net.
.                       19664   IN      NS      g.root-servers.net.
.                       19664   IN      NS      h.root-servers.net.
.                       19664   IN      NS      i.root-servers.net.
.                       19664   IN      NS      j.root-servers.net.
.                       19664   IN      NS      k.root-servers.net.
.                       19664   IN      NS      l.root-servers.net.
.                       19664   IN      NS      m.root-servers.net.
.                       19664   IN      NS      a.root-servers.net.
.                       19664   IN      NS      b.root-servers.net.
.                       19664   IN      NS      c.root-servers.net.

;; Query time: 6 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Jun 25 15:27:35 EST 2014
;; MSG SIZE  rcvd: 239

2.basic command: dig @DNS domain-name record-type

root@ip-172-31-7-84:~# dig @8.8.8.8 rms.nsw.gov.au AAAA

; <<>> DiG 9.9.5-3-Ubuntu <<>> @8.8.8.8 rms.nsw.gov.au AAAA
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;rms.nsw.gov.au.                        IN      AAAA

;; AUTHORITY SECTION:
rms.nsw.gov.au.         1799    IN      SOA     dns2.rta.nsw.gov.au. root.dns2.rta.nsw.gov.au. 2013120601 7200 3600 3600000 7200

;; Query time: 289 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Jun 25 15:29:14 EST 2014
;; MSG SIZE  rcvd: 93

3.common options: Here is the most common options we will need to keep in mind.
-t [type]: by default, it is A record(address) but you can set MX for query

root@ip-172-31-7-84:~# dig -t MX rms.nsw.gov.au

; <<>> DiG 9.9.5-3-Ubuntu <<>> -t MX rms.nsw.gov.au
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41964
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;rms.nsw.gov.au.                        IN      MX

;; ANSWER SECTION:
rms.nsw.gov.au.         7200    IN      MX      30 mx22out.rta.nsw.gov.au.
rms.nsw.gov.au.         7200    IN      MX      40 waterways-b1.maritime.nsw.gov.au.
rms.nsw.gov.au.         7200    IN      MX      10 cluster4.us.messagelabs.com.
rms.nsw.gov.au.         7200    IN      MX      20 cluster4a.us.messagelabs.com.
rms.nsw.gov.au.         7200    IN      MX      30 mx11out.rta.nsw.gov.au.
rms.nsw.gov.au.         7200    IN      MX      30 mx12out.rta.nsw.gov.au.
rms.nsw.gov.au.         7200    IN      MX      30 mx21out.rta.nsw.gov.au.

;; Query time: 14 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Jun 25 15:31:10 EST 2014
;; MSG SIZE  rcvd: 250

-q [domain]: -q can be omitted, but it makes more clear if you add the –q option.

root@ip-172-31-7-84:~# dig -q www.google.com

; <<>> DiG 9.9.5-3-Ubuntu <<>> -q www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60498
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         166     IN      A       74.125.237.180
www.google.com.         166     IN      A       74.125.237.176
www.google.com.         166     IN      A       74.125.237.177
www.google.com.         166     IN      A       74.125.237.178
www.google.com.         166     IN      A       74.125.237.179

;; Query time: 6 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Jun 25 15:33:07 EST 2014
;; MSG SIZE  rcvd: 123

-x [IP]: reverse query. Get the hostname for the IP.

root@ip-172-31-7-84:~# dig -x 193.0.14.129

; <<>> DiG 9.9.5-3-Ubuntu <<>> -x 193.0.14.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19459
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.14.0.193.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
129.14.0.193.in-addr.arpa. 21600 IN     PTR     k.root-servers.net.

;; Query time: 21 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Jun 25 15:34:54 EST 2014
;; MSG SIZE  rcvd: 86

+tcp: use tcp for query.

root@ip-172-31-7-84:~# dig +tcp www.myrta.com

; <<>> DiG 9.9.5-3-Ubuntu <<>> +tcp www.myrta.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27172
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.myrta.com.                 IN      A

;; ANSWER SECTION:
www.myrta.com.          30      IN      A       163.189.7.175

;; Query time: 43 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Jun 25 15:38:26 EST 2014
;; MSG SIZE  rcvd: 58

+trace: shows the trace path of the recursive path

root@ip-172-31-7-84:~# dig +trace www.myetoll.com
; <<>> DiG 9.9.5-3-Ubuntu <<>> +trace www.myetoll.com
;; global options: +cmd
.                       18934   IN      NS      l.root-servers.net.
.                       18934   IN      NS      m.root-servers.net.
.                       18934   IN      NS      a.root-servers.net.
.                       18934   IN      NS      b.root-servers.net.
.                       18934   IN      NS      c.root-servers.net.
.                       18934   IN      NS      d.root-servers.net.
.                       18934   IN      NS      e.root-servers.net.
.                       18934   IN      NS      f.root-servers.net.
.                       18934   IN      NS      g.root-servers.net.
.                       18934   IN      NS      h.root-servers.net.
.                       18934   IN      NS      i.root-servers.net.
.                       18934   IN      NS      j.root-servers.net.
.                       18934   IN      NS      k.root-servers.net.
;; Received 239 bytes from 172.31.0.2#53(172.31.0.2) in 14 ms

com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20140701000000 20140623230000 40926 . lDy4cb2Mb6tyMYXfCNX1bcEwE2Rg6OkcsuSv+R81yFHEG5/luQvypHHr nt6apJYVf30t748Dtu5X3H56IXXlgftqgY93AbuAjugAz3gf8YiQtRW5 wQcKjtzq2luW1YIVYtujntwfC4om+sVxtCJbKT88cqQUwyTvKr8D6SxS QtA=
;; Received 739 bytes from 192.36.148.17#53(i.root-servers.net) in 237 ms

myetoll.com.            172800  IN      NS      dns1.rta.nsw.gov.au.
myetoll.com.            172800  IN      NS      dns2.rta.nsw.gov.au.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0QFMDQRCSRU0651QLVA1JQB21IF7UR NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20140630044832 20140623033832 56657 com. Co2ZGs6Fo2h2zlCv4wQS4E28nhjNxNQ/InfoiMq52MUH4/IJ9rh1Ot4C vuEmO3J1U4VVYUedu1EyFtBe6hGpajEfsntCYFA2EFbi2PgzAHAw8Ljr NCC24OnMBfcpbM6ew5UFd/157h6Tv/a+ilystE7+goWZi7q6Y6VNPWle B60=
RFJREQ8DI8OGS8V03LLBHDLV4J3EIPHK.com. 86400 IN NSEC3 1 1 0 - RFJVBCOQJUN2E7A6HEMG5MM79DAEKVMV NS DS RRSIG
RFJREQ8DI8OGS8V03LLBHDLV4J3EIPHK.com. 86400 IN RRSIG NSEC3 8 2 86400 20140701043512 20140624032512 56657 com. McX9ZVW1HVTK4ZkKSOOAj9pkHb8VzqKIbRNdcMWN8OJ75GaL/9II1bNx pXodneZpd+qtRe3TVhweJlv30zXEritWsN507cQDDsDoIgu+aNpgCzO7 louvilFNU88pOPPx4Wk1oTS9BNpNV/rcw0GWF/Yb/Y2Q/XTiyNl5NLe0 LiM=
;; Received 581 bytes from 192.12.94.30#53(e.gtld-servers.net) in 376 ms

www.myetoll.com.        7200    IN      NS      dns22.rta.nsw.gov.au.
www.myetoll.com.        7200    IN      NS      dns11.rta.nsw.gov.au.
;; Received 98 bytes from 163.189.23.22#53(dns2.rta.nsw.gov.au) in 26 ms

;; Received 12 bytes from 163.189.217.1#53(dns22.rta.nsw.gov.au) in 9 ms

+short: only show the result of the query.

root@ip-172-31-7-84:~# dig +short www.rms.nsw.gov.au
163.189.7.150

MySQL replication introduction

Database plays the essential role in the information system such as websites. To avoid the SPF of MySQL, in production system, we use master-slave replication to synchronise the data and MySQL-proxy to enhance the IO performance.

Advantages of MySQL replication

• Avoid of SPF, when the master server is down, we can use slave server to provide the service
• We can use master server to handle the write request and slaves to handle the read IO.

 Here is how MySQL replication works

• Master server write the data changes to Binary log
• Slave servers IO Thread read from master binary log and put to Relay log.
• Slave server SQL thread read the changes from relay log and implement the change to Slave database.

 

Test Environment:

1. Master server 192.168.139.100
2. Slave server 192.168.139.200

To simplify the illustration,  we suppose both master and slave are from scratch without any data.

1. Set the binary log and server-id:

Master  - my.cnf
[mysqld]
log-bin=mysql-bin            //the binary log must be enabled
server-id=100                    //unique ID in MySQL cluster
Slave – my.cnf
[mysqld]
log-bin=mysql-bin            //the binary log must be enabled
server-id=200                    //unique ID in MySQL cluste

system restart may be required if the parameter changed.

2. Create the user dedicated for replication.

It is not neccessary but strongly recommended that a specified user will be created for replication

create user 'repl'@'192.168.139.200' identified by 'mysql';
grant replication slave on *.* to repl@'192.168.139.200' identified by
'mysql';

3. Get master status in master server

mysql> show master status;

+------------------+----------+--------------+------------------+-------------------+

| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |

+------------------+----------+--------------+------------------+-------------------+

| mysql-bin.000001 |      120 |              |                  |                   |

+------------------+----------+--------------+------------------+-------------------+

1 row in set (0.00 sec)

4. In the slave server, set the master server and synchronise parameters

mysql>change master to

master_host='192.168.139.100',

master_user='repl',

master_password='mysql',

master_log_file='mysql-bin.000001',

master_log_pos=120;

5. Start the mysql slave
6. Check the status

mysql> show slave status \G
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 192.168.139.100
Master_User: repl
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000001
Read_Master_Log_Pos: 120
Relay_Log_File: X002-relay-bin.000001
Relay_Log_Pos: 283
Relay_Master_Log_File: mysql-bin.000001
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
------ omitted ------

Now we can test by create database/table and insert data into the master server and confirm we can get in the slave server.

Windows common command tool

nslookup - common DNS query tool
logoff - log off the user session
lusrmgr.msc - manage local users and groups
services.msc - manage services
notepad - open notepad
net start [service] - start a service
net stop  [service] - stop a service
compmgmt.msc - local computer management tool
devmgmt.msc - device management tool
regedt32/regeit.exe - register editor
mem.exe - view memory tool
wimmsd - view system information
mstsc - open remote desktop session
diskmgmt.msc - disk management tool
ntbackup - build-in backup tool
taskmgr - task manager
eventvwr - event viewer
calc - calculator
certmgr.msc - Certificates management tool
iisreset - IIS stop/start tool
secpol.msc - local security policy management tool
netstat - common netstat tool
ping - common ping tool
tracert - common traceroute tool
winver - check the windows version

Using Python boto to store the content to AWS S3

Recently I have a requirement to store some plain text files to AWS S3. As my primary program is Python, I used boto to fulfil the task. Here are the basic steps

Install boto package into python environment.

If the environment has the internet access ability, boto can be easily setup by ‘easy_install’. Otherwise you have to download the source file from github and manually install it.

easy_install boto
git clone https://github.com/boto/boto

Setup key configuration

When accessing S3, you need to use authentication (security keys, X509 certificates etc), in python/boto, security keys is the easiest way (maybe not the most applicable way), security keys is a pair of key_id and access_key generated by AWS to identify the user. See more about IAM.

Usually when you generated the IAM user, AWS allows you to download the key csv files to your local machine. There are two ways using keys in Python/boto. One is code it into your program as

aws_access_key = “aaaaaaaaa”
aws_secret_key=”sssssssssssssssss”
from boto.s3.connection import S3Connection
conn = connect_s3 (aws_access_key, aws_secret_key)

or you put your security key into /etc/boto and use connect_s3 without any parameters.

from boto.s3.connection import S3Connection
conn = connect_s3 ()

I used the second way as it is more flexible (easily to change the user) and more secure  (you can specify the file permission)

[Credentials]

aws_access_key_id = *******************
aws_secret_access_key = ********************

Program flow:

import boto
bucketname = ‘rafaxubucket’                    #here is the bucket
filename = ‘recports/myfile’                       #here is the filename including path
conn = boto.connect_s3()
b = conn.get_bucket(bucketname)
key = b.new_key(filename)
key.set_contents_from_string(reportContent)
key.set_canned_acl('public-read')

Explaination:                

To store the file, we need to get the bucket, then the filename is called key in S3, the key can contain ‘/’ which means the path actually. Then you can dump your content to the key (write the content to the file as compared in the file IO) then set the acl. After that you can view the content via browser as the content is already on S3 as a web service.

Advanced TCP topics - 0

Recently I read two interesting blogs from a Chinese engineer
http://coolshell.cn/articles/11564.html
http://coolshell.cn/articles/11609.html

He introduced some of the TCP advanced topics as：

TCP advanced technology:

1. TCP package format.
Key fields.
Sequence Number,
Acknowledgement Number,
Window,
TCP Flag

2. TCP status transition

    3-wayss handshake, 4-ways termination

3. Sequence number: how the sequence number is generated

4. TCP retransmission (Fast retransmit, SACK, etc)

5. TCP RTT (KP, JK)

6. TCP Sliding Window

7. TCP congestion handling (slow start, fast recovery etc )

I will write 7 blogs as the study notes to the articles in this week.

MySQL show commands

MySQL command prompt provides lots of show commands to view the database objects and status. Here is a short summary of show commands:

show tables or show tables from database_name

Explaination: show all tables in current database

show databases;

Explaination: show databases in current server

show processlist;

Explaination: show all running processes associated with the user, if the user has been granted with process privilege, he can check all processes in the server.

show table status;

Explanation: show table detailed status.

show columns from table_name from database_name; 
show columns from database_name.table_name;

Explanation: show table columns = desc [tablename]

show grants for user_name@localhost;

Explanation: show the users privileges;

show index from table_name;

Explanation: show index for the table;

show status;

Explanation: show database very detailed status such as threads numbers, lock numbers, uptime, etc. 

show variables;

Explanation: show variables and the values

show privileges;

Explanation: show different privileges database supports. 

show create database database_name;

Explanation: show create database command syntax

show create table table_name;

Explanation: show create table command syntax 

show engies;

Explanation: show available data engines and the default one.

show innodb status;

Explanation: show innoDB store engine status

show logs;

Explanation: show BDB store engine log status

show warnings;

Explanation: show the last commands warning messages

show errors;

Explanation: show the last commands error messages

Linux tool - screen

when you have an long running or important task, sometimes you have to pray that the tty session won't be timed out during the task. Now you can use a powerful Linux tool called screen to help you.

1. start an screen session:

stack@openstack:~$ screen -S mytest

2. run your test program in my test session:

stack@openstack:~$ cd /var/tmp/

stack@openstack:/var/tmp$ cat test.sh

#!/bin/bash

while true

do

echo "hello world"

sleep 1

done

the program will keep printing out 'hello world'

3. you can use CRTL+a d to exit the session

[detached from 2898.mytest]

4. quit the putty session

5．use putty to relogin the session and use 'screen –ls' to check the running sessions

stack@openstack:~$ screen -ls

There is a screen on:

        2898.mytest     (08/06/14 20:41:59)     (Detached)

1 Socket in /var/run/screen/S-stack.

6. use screen –r mytest back to session

stack@openstack:~$ screen -r mytest

hello world

hello world

hello world

hello world

hello world

hello world

hello world