tag:blogger.com,1999:blog-26944079321374561172024-03-13T04:43:06.705+01:00$(echo "YEBENES.NET")SysAdmin // DevOps
Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.comBlogger137125tag:blogger.com,1999:blog-2694407932137456117.post-20961695091545344242020-05-16T20:08:00.003+02:002020-05-17T10:57:08.816+02:00[EN] How to update backend servers on HAproxy using HAproxy API (and not reloading config)The HAproxy API is a great tool to interact with the configuration, updating it without the need to reload after every change (which is completely safe as stated <a href="https://www.haproxy.com/blog/truly-seamless-reloads-with-haproxy-no-more-hacks/" target="_blank">here</a>). In this case, I am just going to add and remove a backend server, so you can see how it works and how powerful it could be
<div class="separator" style="clear: both; text-align: center;">
<br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKHWr4WwoQG_QkaNqLdYjbbj-NslwzdD-uBGgJrK557QUNLFrW45A-u9mRs5nLMlgJ9v5b8yid7SqjJwXjUi-sNubEabLekjfqaZNG9T93ATnwDi5cMCCYwVjTF-U707FT7ZpDN5aCxqOo/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="550" data-original-width="700" height="314" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKHWr4WwoQG_QkaNqLdYjbbj-NslwzdD-uBGgJrK557QUNLFrW45A-u9mRs5nLMlgJ9v5b8yid7SqjJwXjUi-sNubEabLekjfqaZNG9T93ATnwDi5cMCCYwVjTF-U707FT7ZpDN5aCxqOo/w400-h314/Haproxy-logo.png" width="400" /></a></div>
<div>
</div>
<div>
</div>
I am going to use netcat instead of socat, but the result will be very similar.<br />
<br />
When you configure your HAproxy, make sure that the backend block will have the server definition, which is going to be something like<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> server-template websrv 1-100 192.168.122.1:80 check disabled</div>
<br />
where<br />
<br />
<b>server-template</b> is the section of the block<br />
<b>websrv</b> will be the name of the backend servers, followed by a number<br />
<b>1-100</b> is the range for that number that will complete the name of the backend servers<br />
<b> 192.168.122.1</b> will be an template address, but make sure that you have nothing there (you can set any IP you want)<br />
<b>80</b> is the port you are balancing the traffic<br />
<b>check disabled</b> is an option, but we don't really want the check to be enabled because the host IP won't pass the check<br />
<br />
You can add more options if you need, but that's a basic example.<br />
<br />
Another important thing you need to know or count with is the number of sockets your HAproxy will have, because you'll have to inform all of them about the changes you are going to make. Keep that in mind.<br />
<br />
Once your haproxy starts, you have no backend server listening, and you need to any some; remember that <b>the idea is that you run a background process to update those servers.</b><br />
The commands to enable and add a new backend server are<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> echo "set server #BACKEND_BLOCK/#WEBSRV_NUMBER addr #IP_ADDRESS port #PORT" | nc -U #SOCKET<br />
> echo "set server #BACKEND_BLOCK/#WEBSRV_NUMBER state ready" | nc -U #SOCKET</div>
<br />
where<br />
<b>#BACKEND_BLOCK</b> is the backend block's name<br />
<b>#WEBSRV_NUMBER</b> is the backend server's name on haproxy<br />
<b> #IP_ADDRESS</b> is the IP of that new backend server<br />
<b> #PORT </b>is the port<br />
<b>#SOCKET</b> is the HAproxy socket you are talking to<br />
<br />
After running the first command, your HAproxy will notify the changes (IP and port if they have changed), and after running the second command there will be no output.<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> echo "set server backend/server50 addr 1.1.1.1 port 8080" | nc -U /var/run/haproxy.sock
</div>
<br />
IP changed from '192.168.122.1' to '1.1.1.1', port changed from '80' to '8080' by 'stats socket command'<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> echo "set server backend/server50 state ready" | nc -U /var/run/haproxy.sock
</div>
<br />
<br />
and this way your HAproxy instance will start to send traffic to that backend server. If you have more that one instances of HAproxy running, you'll have to spread the changes to all of them; the command would be the same, just change the socket you are talking to.<br />
<br />
<br />
In the case you want to put a server in maintenance state (so disable it), the command would be<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> echo "set server backend/server50 state maint" | nc -U /var/run/haproxy.sock
</div>
<br />
Besides ready and maint, there is a thrird state of haproxy: <b>drain</b>; in this state the backend server is removed from the Load Balancer, but still allowed it to be checked and to accept new
persistent connections. <br />
<br />
<b>Source</b>: <a href="https://www.haproxy.com/blog/dynamic-configuration-haproxy-runtime-api/" target="_blank">HAproxy.com</a>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com1tag:blogger.com,1999:blog-2694407932137456117.post-61498726266972105912020-04-30T20:59:00.001+02:002020-05-16T22:22:28.377+02:00[EN] DevOps roadmapHello!<br />
<br />
Today I come with a roadmap that someone sent me a few days ago. It is a roadmap of what (according to how it is understood by who has drew it) a DevOps should know.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://roadmap.sh/roadmaps/devops.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="429" height="640" src="https://roadmap.sh/roadmaps/devops.png" width="340" /></a></div>
<br />
<br />
You can more or less agree with what is in it, but it has helped me to get to know some new technologies that could be very interesting to me.<br />
<br />
What about you? What do you think? One thing amazing is that you can suggest your changes, but I am not sure they would take them into account. Anyway, I have at least two suggestions, that are<br />
<ul>
<li>HOW COME Debian is not in purple???</li>
<li>I know there is no Load Balancing section but they should include it somehow</li>
</ul>
<br />
<br />
<b>Source</b>: <a href="https://roadmap.sh/" target="_blank">roadmap.sh</a><br />
You have a few more interesting roadmaps in that page Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-43540515192357988452020-04-04T22:36:00.001+02:002020-05-17T11:01:33.725+02:00[EN] Regular Expressions<div>Hello everyone! <br /></div><div><br /></div><div>How do you carry the lockdown? At the moment nothing bad, taking advantage of the time to do things that before didn't have enough time to do.</div><div><br /></div><div class="separator" style="clear: both; text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQrHe-nMTjLgDOI3AwRkh_fhNviKybtimj1BxqdN3BPSPFLmUNKD923pPaTB3fN6VRGL0-dxnwoBc5Cib0xWH6hfl-dRLThjessNxQtPFv74X_VkYlpPGnMOk4n9SMg5hxW-vmF2gQ-h3x/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="788" data-original-width="768" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQrHe-nMTjLgDOI3AwRkh_fhNviKybtimj1BxqdN3BPSPFLmUNKD923pPaTB3fN6VRGL0-dxnwoBc5Cib0xWH6hfl-dRLThjessNxQtPFv74X_VkYlpPGnMOk4n9SMg5hxW-vmF2gQ-h3x/s320/Tux-768x788.png" /></a></div> One of these things is to study; I have finished with a very
interesting 'sed' and 'awk' course, and I wanted to share some notes on
regular expressions, to see what you think.</div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: justify;"><table border="1" bordercolor="#888" cellspacing="0" style="border-collapse: collapse; border-color: rgb(136, 136, 136); border-width: 1px; height: 150px; margin-left: auto; margin-right: auto; text-align: left; width: 617px;"><tbody><tr><td style="min-width: 60px;"><div class="separator" style="clear: both; text-align: justify;"><b>‘\b[Cc]olou?r\b’ </b><br /></div><div class="separator" style="clear: both; margin-left: 40px; text-align: justify;"><b>\b</b> :: boundaries, limits the word<br /><b>?</b> :: optional inclusion of this character</div><div class="separator" style="clear: both; margin-left: 40px; text-align: justify;"><b>\.</b> :: Exactly one single character</div><div class="separator" style="clear: both; margin-left: 40px; text-align: justify;">this example matches Color, color, Colour, colour<br /></div><div class="separator" style="clear: both; margin-left: 40px; text-align: justify;"><span style="background-color: #9e9e9e;"><span></span></span><br /></div><div class="separator" style="clear: both; text-align: justify;">Anchors<br /></div><div class="separator" style="clear: both; text-align: justify;"><div style="margin-left: 40px;"><b>'^'</b> :: start of a string<br /><b>'$'</b> :: end of a string<br /></div></div><div class="separator" style="clear: both; text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: justify;">Ranges<br /></div><div class="separator" style="clear: both; text-align: justify;"><div style="margin-left: 40px;"><b>[]</b> :: denote the ranges<br /><b>'[A-Za-z]' </b>:: any letter<br /><b>'[0-9]'</b> :: any number; it could be represented as \d<br /><b>'[a-z_]'</b> :: lower case character and underscore character<br /><b>'[349]'</b> :: matches number 3, number 4 and number 9; it would match 34, 49 or 349 because include those numbers<br /><b>'[^4]'</b> :: matches anything BUT 4<br /><b>'[Ss]erver'</b> :: matches Server and server<br /><br /></div>Boundaries and strings<br /><div style="margin-left: 40px;"><b>\s </b>:: any white space character (space, line return, tap) > \S :: NOT looking for a white space character<br /><b>\b </b>:: word boundary (may include hyphen as word separator) > \B :: NOT looking for a word boundary<br /><b>'\ssytem'</b> :: Matches "file system"<br /><b>'\bsystem' </b>:: Matches "file system" and "file-system"<br /><b>'\bpop[0-9]\b'</b> :: Matches pop2 and pop3 but not pop3s (from /etc/services file)<br /><b>'\bpop[0-9]\B'</b> :: Not matches pop2 and pop3 but matches pop3s (from /etc/services file)<br /></div><br />Quantifiers<br /><div style="margin-left: 40px;"><b>'u*'</b> :: Matches u zero or more times<br /><b>'u?'</b> :: Matches u zero or once only (optional)<br /><b>'u+'</b> :: Matches u once or more times<br /><b>'u{3}' </b>:: Matches uuu (u 3 times)<br /></div></div><div class="separator" style="clear: both; text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: justify;"><div style="margin-left: 40px;"><b>'^\s*#'</b> :: Matches all kind of commented lines: with no space, with spaces and with tabs<br /><b>'start\s*end'</b> :: Matches all independently the spaces between 'start' and 'end'<br /><b>'start\s?end'</b> :: Matches 'start end' and 'startend'<br /><b>'start\s{2}end' </b>:: Matches the option with 2 spaces between 'start and 'end'<br /><b>'[a-z]{2}[0-9]{1,2}' </b>:: Matches a postcode [ab12 7af]; {1,2} means that it could happen once or twice<br /></div><br /></div><div class="separator" style="clear: both; margin-left: 40px; text-align: justify;"><b>grep -E</b> :: takes extended regular expressions :: egrep. RE are extended when they use {}, but not when they use []<br /></div><div class="separator" style="clear: both; text-align: justify;"><br /></div> </td></tr></tbody></table><br /></div><div class="separator" style="clear: both; text-align: justify;"><br /></div><br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-67974400434228908772020-03-14T10:54:00.001+01:002020-05-17T10:54:54.020+02:00[EN] Pills :: using grep and sed<div>Hello everyone!</div><div><br /></div><div>Today I bring you a tiny <b>grep</b> pills, a couple of features that I did not know and I think they are very interesting</div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWJH_BMLnAPrkqVIlG3-gzPNQ7RuxlMSi3yC_Yww6SLxWNf5bMEm2C84jsQDDZ2DkoNVGSbeh8e8ohfC1G1Yowh_Exz46UIFS-gEr7lOETNOED9CXa-lgwfmWN_AMZ3nj-NAX1TcXmYD6e/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="256" data-original-width="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWJH_BMLnAPrkqVIlG3-gzPNQ7RuxlMSi3yC_Yww6SLxWNf5bMEm2C84jsQDDZ2DkoNVGSbeh8e8ohfC1G1Yowh_Exz46UIFS-gEr7lOETNOED9CXa-lgwfmWN_AMZ3nj-NAX1TcXmYD6e/" /></a></div><div><br /></div><div><br /></div><div>So let's go there:</div><div><br /></div><div style="margin-left: 40px; text-align: left;">Returns # of matches (similar to wc -l)</div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;">> grep -c pattern</span></b></div><div style="margin-left: 40px; text-align: left;"><br /></div><div style="margin-left: 40px; text-align: left;">Shows the line that matches and two lines after</div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;">> cat file | grep -A2 </span></b><b><span style="color: #0f9d58;"><b><span style="color: #0f9d58;">pattern</span></b> <br /></span></b></div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;"><br /></span></b></div><div style="margin-left: 40px; text-align: left;">Shows the line that matches and two lines before</div><div style="margin-left: 40px; text-align: left;"><span style="color: #0f9d58;"><b>> cat file | grep -B2 </b></span><span style="color: #0f9d58;"><b><b><span style="color: #0f9d58;">pattern</span></b></b></span></div><div style="margin-left: 40px; text-align: left;"><span style="color: #0f9d58;"><b><b><span style="color: #0f9d58;"><br /></span></b></b></span></div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;"><b><span style="color: #0f9d58;"></span></b></span></b>Shows the line that matches, two lines before and and two lines after</div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;">> cat file | grep -C2 </span></b><b><span style="color: #0f9d58;"><b><span style="color: #0f9d58;">pattern</span></b></span></b><br /></div><div style="text-align: left;"><div style="margin-left: 40px;"><br /><br /></div><div><b>Extra pill</b>: This reminds me that if you want to add a line to a file, for example, above or below a specific row, you can do it using sed</div><div><br /></div><div>Imagine that you want to add a line to /etc/passwords file, one above and one below a user named 'esther'</div><div><br /></div><div style="margin-left: 40px; text-align: left;">Adds the new line just after the user that starts with 'esther'</div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;">> sed ' /^esther/ a newuser:x:1001:1000:New User:/home/user:/bin/sh' /etc/passwd</span></b></div><div style="margin-left: 40px; text-align: left;"><br /></div><div style="margin-left: 40px; text-align: left;">Adds the new line just before the user that starts with 'esther'</div><div style="margin-left: 40px; text-align: left;"><b><span style="color: #0f9d58;">> sed ' /^esther/ i newuser:x:1001:1000:New User:/home/user:/bin/sh' /etc/passwd</span></b><br /></div><div><br /></div><div><br /></div></div>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-4710268366416819402020-02-23T22:13:00.001+01:002020-05-16T22:14:49.096+02:00[EN] Nmap cheat sheetHello again,<br /><br /><div>nmap is a wonderful tool, very powerful and with which you can do a lot of things. I love it, it is one of the first utilities that I install on a new system, and I have found this cheat sheet that you will love for sure!</div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbhEcHGmAi9ZAgaIYIfqo72clHdKwDFakTWQFtLSks1ppYOhpJ8WOzGnj-KQF9wjWddKFVJPuAg_tE2lQWppawSFqpDxrCvjn5qur2h68l68Q6hU3aUho1SNlqYfrb5TBDeKOBcpOF-RJ/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1003" data-original-width="1505" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbhEcHGmAi9ZAgaIYIfqo72clHdKwDFakTWQFtLSks1ppYOhpJ8WOzGnj-KQF9wjWddKFVJPuAg_tE2lQWppawSFqpDxrCvjn5qur2h68l68Q6hU3aUho1SNlqYfrb5TBDeKOBcpOF-RJ/w640-h426/image_4ff6e9d3-2e65-4ed3-966d-2a1b7fc4474520190718_203701.jpg" width="640" /></a></div><div><br /></div><div><br /></div><div> I have it to consult it often, so you will tell me if it is also as useful to you as it is to me.</div><div><br /></div><div><b>Source</b>: <a href="https://sans.org" target="_blank">Sans.org</a><br /></div>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-88391978205034802572020-01-24T21:32:00.001+01:002020-05-16T22:37:39.233+02:00[EN] [OOC] My first tattooExactly a month ago I did a little crazy thing that I wanted to do for a long time and I got my first tattoo. Now healed and perfect, it looks like this<br />
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicvnHPvyl_ri1KQgmA47bJW-uLVe3AOChvA1CM6lZOXEmJflqIpv3n3D6rm_ktFMAoarv7KLyszF5QhZdCMsk-cXKpFfrYUK_0B0h-QNOwTzKGNIGouJSqWhw5adohUt009jvUZ52MkW4f/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1836" data-original-width="3264" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicvnHPvyl_ri1KQgmA47bJW-uLVe3AOChvA1CM6lZOXEmJflqIpv3n3D6rm_ktFMAoarv7KLyszF5QhZdCMsk-cXKpFfrYUK_0B0h-QNOwTzKGNIGouJSqWhw5adohUt009jvUZ52MkW4f/w640-h360/Twitter_20200406_022431.jpg" width="479" /></a></div>
<div>
<br /></div>
Just wanted to share it with you, I hope you like it!Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-91257795790064295452019-12-24T12:30:00.001+01:002020-05-16T22:01:42.536+02:00[EN] How IT people see each other<div></div><div>Have you ever thought about it? Like SysAdmin or DevOps, how do you see the other colleagues in the IT department? And best of all, how do you see them?</div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMHwnjAAU7KoypOfiDmwejKv7iqpbQRGBX9pm8FJg-KZODI8R4zTyoC-G5vUrkTrVV7c8KULXMnHLr2EOmms0C36Cih7_56dG1zxAvc5gH3tGmcZJ9KKEfrhM_nXEZQmvAPg-kHLXGFRtZ/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1024" data-original-width="1019" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMHwnjAAU7KoypOfiDmwejKv7iqpbQRGBX9pm8FJg-KZODI8R4zTyoC-G5vUrkTrVV7c8KULXMnHLr2EOmms0C36Cih7_56dG1zxAvc5gH3tGmcZJ9KKEfrhM_nXEZQmvAPg-kHLXGFRtZ/w636-h640/image_7d6db626-0aaa-4647-b1f0-82968c63e43320190719_113327.jpg" width="636" /></a></div><div><br />I have to confess that as SysAdmin, sometimes I find myself thinking the same thing ... doesn't it happen to you?<br /></div><div><br /></div><div>Anyway, just wanted to wish you have a <b>Merry Christmas</b> and a really Happy 2020!<br /></div>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-48342053181835050292019-11-29T13:04:00.000+01:002020-05-16T20:31:18.203+02:00[EN] Cleaning old systemd journal logsHave you found that your folder is too big?<br />
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
esther@Raton:~# du -hs /var/log/journal/<br />
6,5G /var/log/journal/</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a></div>
<br />
or<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
esther@Raton:~# du -hs /run/log/journal/<br />
2,5G /run/log/journal/</div>
<br />
<br />
And have you found that once there you can't read any log messages?<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
esther@Raton:/var/log/journal/xxxxxxxxxxxxxxxxxxxxxxx# tail system.journal<br />
L�8M�ތp�+2uW����.��+0OÈ�<br />
�+B�ةO\@H�+ւ���|�X��+.�{EPр�+��)���ב�+o�<br />
�PX���+q���r�� �+"��)F���+�N��6���h�+l@����+n��Bm�B���+�{۳O�z�h�+�Z-9a���+"_�����+*(W4W8,FP�2���*�땠�OT� %$�����.fV�9P�| �J�8��8������3.��p�MESSAGE=XXXX [...]</div>
<br />
<br />
Don't worry, that's pretty normal.<br />
<br />
First of all, you can read your systemd journal log files just using<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a>> journalctl</div>
<br />
and explore its options; some pretty useful may be<br />
--system Show the system journal<br />
--user Show the user journal for the current user<br />
-r --reverse Show the newest entries first<br />
-o --output=STRING Change journal output mode (short, short-precise,<br />
-a --all Show all fields, including long and unprintable<br />
--vacuum-size=BYTES Reduce disk usage below specified size<br />
--vacuum-files=INT Leave only the specified number of journal files<br />
--vacuum-time=TIME Remove journal files older than specified time<br />
<br />
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a>
For example, for cleaning old files we have different ways using the last three options<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> journalctl --vacuum-time=15d<br />
> journalctl --vacuum-size=1G</div>
<br />
Or you can check the live logs from a systemctl service using<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
> journalctl -xef -u systemctl.service</div>
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-56914711870126974722019-11-03T21:14:00.001+01:002020-05-16T21:14:53.673+02:00CI/CD Pipeline or how not to die being a DevOps<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlghOkYVlM2HCzIdRm8LofA1OMV8gF0PEmP3d83k-SceO2vbqiMPxDTagoLOmO0BLv9Tt_YBnrMcirJy6nD3Dw-35Lndd2nzzjQr_dCml20sBWQaKqy2w9mY6Jg51AUdPwt940cGo5fdNn/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1020" data-original-width="1280" height="510" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlghOkYVlM2HCzIdRm8LofA1OMV8gF0PEmP3d83k-SceO2vbqiMPxDTagoLOmO0BLv9Tt_YBnrMcirJy6nD3Dw-35Lndd2nzzjQr_dCml20sBWQaKqy2w9mY6Jg51AUdPwt940cGo5fdNn/w640-h510/IMG_20190531_095325_356.jpg" width="640" /><br /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: justify;">Source: <a href="https://twitter.com/forrestbrazeal" target="_blank">@forrestbrazeal</a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlghOkYVlM2HCzIdRm8LofA1OMV8gF0PEmP3d83k-SceO2vbqiMPxDTagoLOmO0BLv9Tt_YBnrMcirJy6nD3Dw-35Lndd2nzzjQr_dCml20sBWQaKqy2w9mY6Jg51AUdPwt940cGo5fdNn/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-75350630786444038442019-10-13T20:16:00.000+02:002020-05-16T20:18:35.268+02:00[EN] How to enable telnet feature on Windows 10 system (it works with HOME edition) <a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a>Hi all!<br />
<br />
<br />
<br />
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a>Just wanted to leave a tiny little recipe to enable TELNET on Windows 10 from the command line; as a good Linux user I <span style="color: red;"><b>LOVE</b></span> the command line... so... here we go!<br />
<br />
Just need to run this command<br />
<a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><a href="https://www.blogger.com/u/1/blogger.g?blogID=2694407932137456117" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a><br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
dism /online /Enable-Feature /FeatureName: TelnetClient</div>
<br />
<br />
from the Symbol System window and your system will do the rest<br />
<br />
<br />
<br />
Hope that helps!Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-57022862033485578112019-09-21T09:30:00.000+02:002020-05-16T21:51:29.774+02:00[EN] Hacking Tools cheat sheet<div>Hello!!!</div><div><br />Today I wanted to share that Hacking Tools Cheat Sheet where you can find very interesting commands and tools.</div><div><br /></div><div>Use them wisely; you know, <b>a great power entails a great responsibility</b></div><div><b><br /></b></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie3h6gX9a2CuKpwm8SaXKpbqc82fDPhDuezxyzbo3D0EkbB62ukM7svcwVU24uRv6mfwbe6h7NM5Gvhr6FIUnUEwSB8nx1BFx85DQutHUfwAqS49itAU6ZsJ8yDx-ZmLBTWsNrZJhxnbAi/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1448" data-original-width="2048" height="452" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie3h6gX9a2CuKpwm8SaXKpbqc82fDPhDuezxyzbo3D0EkbB62ukM7svcwVU24uRv6mfwbe6h7NM5Gvhr6FIUnUEwSB8nx1BFx85DQutHUfwAqS49itAU6ZsJ8yDx-ZmLBTWsNrZJhxnbAi/w640-h452/IMG_20200505_011234.jpg" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv4RIaTJHpOjNsyuOzcGn0wti7-xbxTH2XQcq7oG27uIadq-JR0DDOHjF853ADdPIHGNJsto9Q7lGwxHJNtJWJau8jHU9JvVxrLaD4oOH3dRDCFAN7ucBi30zTWjvhtW5ukMra90C6Wk6u/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1448" data-original-width="2048" height="452" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv4RIaTJHpOjNsyuOzcGn0wti7-xbxTH2XQcq7oG27uIadq-JR0DDOHjF853ADdPIHGNJsto9Q7lGwxHJNtJWJau8jHU9JvVxrLaD4oOH3dRDCFAN7ucBi30zTWjvhtW5ukMra90C6Wk6u/w640-h452/IMG_20200505_011239.jpg" width="640" /></a></div></div><div><b></b></div><div><b><br /></b></div><div><b>Source</b>: <a href="https://www.compass-security.com/en/world/" target="_blank">Compass Security</a><br /></div>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-23326271826320169162019-08-25T13:50:00.000+02:002020-05-16T19:33:44.179+02:00[EN] MySQL/MariaDB: filtering processlist query<div style="text-align: justify;">
<span style="font-size: small;">Haven't seen you in a while... but today I bring you something really interesting I just found out</span></div>
<div style="text-align: justify;">
<span style="font-size: small;"><br /></span></div>
<div style="text-align: justify;">
<span style="font-size: small;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEEbV6DDxuy7A-_j3fJzLIGYROkX-H7Qpb6pfjh5zeEcNmW4o3NLNoceXjGkKejI89hiifrGDL1LGnfDcq8lmADO_dBjXFVeBqHAL0C5tT4kswjpsiSsPQ6zvs3Hh-I67tLoRGZtMysysE/s1600/mariadb-and-mysql.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="472" data-original-width="620" height="303" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEEbV6DDxuy7A-_j3fJzLIGYROkX-H7Qpb6pfjh5zeEcNmW4o3NLNoceXjGkKejI89hiifrGDL1LGnfDcq8lmADO_dBjXFVeBqHAL0C5tT4kswjpsiSsPQ6zvs3Hh-I67tLoRGZtMysysE/s400/mariadb-and-mysql.png" width="400" /></a></div>
<span style="font-size: small;">I'm pretty sure you already know about</span><br />
<span style="font-size: small;"></span>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="font-size: small;">mysql> show processlist;</span></div>
<span style="font-size: small;"><br /></span>
<br />
<div style="text-align: justify;">
<span style="font-size: small;">that shows you all the threads that MySQL is running for your user (or all the users if you are root) in that very moment; the problem of that query is that you can't limit or filter it at all and sometimes you need to. </span></div>
<div style="text-align: justify;">
<span style="font-size: small;"><br /></span></div>
<div style="text-align: justify;">
<span style="font-size: small;">The cool part is that you can run the same query using</span></div>
<span style="font-size: small;"></span>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="font-size: small;">mysql> SELECT * FROM information_schema.processlist;</span></div>
<span style="font-size: small;"><br /></span>
<span style="font-size: small;">and filter it as you need!!!!</span><br />
<span style="font-size: small;"></span>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="font-size: small;">mysql> SELECT * FROM information_schema.processlist where Host='<i>remote_host</i>';</span><br />
<span style="font-size: small;">mysql> SELECT * FROM information_schema.processlist where User='<i>remote_user</i>';</span></div>
<span style="font-size: small;"><br /></span>
<span style="font-size: small;">That really made my day! </span><br />
<span style="font-size: small;">And yours?</span>Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-53366539717535656982019-08-16T20:46:00.000+02:002019-09-18T14:46:46.688+02:00[EN] Deploying on Kubernetes...Watched on an Slack private group<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNbVxv_jbFvfpfkIkg87XksMz7ZW_fYs14j_ZUPP64u2oBX9gD7PSLi71lnF7e58SQZL3_9DMBqpeQZrqlzeFruitoe74SLOq5fRajsTyYUwrittLOgb18PU_Y_6zuVtKh_128YWRAAxSz/s1600/Screen+Shot+2019-09-17+at+19.38.43.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1216" data-original-width="1170" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNbVxv_jbFvfpfkIkg87XksMz7ZW_fYs14j_ZUPP64u2oBX9gD7PSLi71lnF7e58SQZL3_9DMBqpeQZrqlzeFruitoe74SLOq5fRajsTyYUwrittLOgb18PU_Y_6zuVtKh_128YWRAAxSz/s640/Screen+Shot+2019-09-17+at+19.38.43.png" width="612" /></a></div>
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-14052140120090994692019-05-10T10:45:00.000+02:002019-05-14T10:21:19.705+02:00[EN] AWS - An UnauthorizedOperation and encrypted message<div style="text-align: justify;">
Have you ever tried to perform a change from the aws command-line and all you got was an error like</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><span style="color: red;">"An error occurred (UnauthorizedOperation) when calling the XXXXXX operation: You are not authorized to perform this operation. Encoded authorization failure message"</span></b></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
and an encrypted string afterwards? Well, don't panic. It's just a "normal" error, but in this case the output is encrypted for security; aws api does so becasue it throws some sensible information and they don't want anyone else but you to get it. </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://upload.wikimedia.org/wikipedia/commons/thumb/9/93/Amazon_Web_Services_Logo.svg/1024px-Amazon_Web_Services_Logo.svg.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="479" data-original-width="800" height="191" src="https://upload.wikimedia.org/wikipedia/commons/thumb/9/93/Amazon_Web_Services_Logo.svg/1024px-Amazon_Web_Services_Logo.svg.png" width="320" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
How to decrypt that info? Easy; you need an allow policy on STS for the action DecodeAuthorizationMessage. If you already got permission, you don't need to create the policy, but if you need to just copy and paste it</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<br />
{<br />
"Version": "2012-10-17",<br />
"Statement": [<br />
{<br />
"Sid": "VisualEditor0",<br />
"Effect": "Allow",<br />
"Action": "sts:DecodeAuthorizationMessage",<br />
"Resource": "*"<br />
}<br />
]<br />
}</div>
<br />
Once the policy has been applied, you can decrypt the error with<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">> </span>aws sts decode-authorization-message --encoded-message <span style="color: #cccccc;">Error_Message_Encrypted_String </span>--output table</div>
<br />
where Error_Message_Encrypted_String would be the message you got. <br />
<br />
<br />
<br />
<br />
Hope that helps!Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-41188045560747594342019-04-17T11:00:00.000+02:002019-04-17T11:00:00.121+02:00[EN] Setting open descriptors on Ubuntu18.04Hello! this is a tricky question; many times you are used to do something in an special way but suddenly, one day it doesn't work. That's what happened to me with open file descriptors on Ubuntu 18.04. <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://libertadzero.files.wordpress.com/2010/06/ubuntuwall.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="774" height="200" src="https://libertadzero.files.wordpress.com/2010/06/ubuntuwall.png" width="193" /></a></div>
By default this Ubuntu release has <br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">esther@host:~#</span> sudo ulimit -n<br />
1024<br />
<span style="color: white;">esther@host:~#</span></div>
<br />
which may be very little if you plan to run, for example, an nginx server. If you want to change that value, you have to<br />
<br />
1) edit<b> /etc/sysctl.conf</b> and add<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
fs.file-max = 65535 <br />
fs.nr_open = 65535</div>
<br />
<br />
at the end of the file<br />
<br />
2) edit /etc/security/limits.conf and add at the end<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
* soft nproc 65535 <br />
* hard nproc 65535 <br />
* soft nofile 65535 <br />
* hard nofile 65535<br />
root soft nproc 65535 <br />
root hard nproc 65535 <br />
root soft nofile 65535 <br />
root hard nofile 65535</div>
<br />
3) check that<b> </b><br />
<blockquote class="tr_bq">
<b>/etc/pam.d/common-session</b><b> </b><br />
<b>/etc/pam.d/common-session-noninteractive</b> </blockquote>
contain<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
session required pam_unix.so </div>
<br />
which is the default configuration for the pam.d service; if you need to update any of those two files, restart the pam.d service.<br />
<br />
If you have done all of those changes, reload them and check if still have the same values<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">esther@host:~#</span> sudo sysctl -p
<br />
<span style="color: white;">esther@host:~#</span> sudo ulimit -n </div>
<br />
shows the default value, make one last change on<b> /etc/systemd/user.conf </b>and set<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
DefaultLimitNOFILE=65535</div>
<br />
Save and restart... and check it again ;)<br />
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-48462706496424605322019-04-02T13:00:00.000+02:002019-04-02T13:00:00.547+02:00[EN] rc.local on Ubuntu 18.x<div class="separator" style="clear: both; text-align: justify;">
On Ubuntu 18.04/18.10 I have missed the rc.local file that had helped me a few (thousand) times. Have you missed it too? By default, the file does not exit, but the service behind is present, so not everything is lost.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_8jk2QY4pYJ_PLhniOEA9I_-lMabsKpFSbJwQcLb_bAPBjn9qcW345E26V8TAjMMguOWm0sReqmGcJBpZ-I7OpF5e9TPF1uOngRQe-DcZquD5W37Ums7vUQ50LWyLSHQ1a1o-8e_xNv3c/s1600/Instalar-Ubuntu-18-04-LTS-Bionic-Beaver-desde-cero-000.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="363" data-original-width="363" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_8jk2QY4pYJ_PLhniOEA9I_-lMabsKpFSbJwQcLb_bAPBjn9qcW345E26V8TAjMMguOWm0sReqmGcJBpZ-I7OpF5e9TPF1uOngRQe-DcZquD5W37Ums7vUQ50LWyLSHQ1a1o-8e_xNv3c/s1600/Instalar-Ubuntu-18-04-LTS-Bionic-Beaver-desde-cero-000.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
If you want to enable this feature on your Ubuntu, you are just few steps away.<br />
<br />
First of all, let's create the file and set the correct perms<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="background-color: #0c343d;"><span style="color: white;">> </span>touch</span> /etc/rc.local<br />
<span style="color: white;">> </span>chmod +x /etc/rc.local</div>
<br />
and then let's give it the correct format<br />
<span style="color: white;"><br /></span>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">> </span>echo "#!/bin/bash <br />
exit 0" > /etc/rc.local</div>
<br />
<br />
and it will work. You can check the state of the service as well with<br />
<span style="color: white;"><br /></span>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">> </span>systemctl status rc-local</div>
<br />
and start/stop it if you want to make any test. <br />
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-45999944869290944692019-03-26T23:02:00.000+01:002019-03-27T00:05:44.641+01:00[EN] High CPU -> Ubuntu + Docker + Jenkins<div style="text-align: justify;">
Sometimes, suddenly a Jenkins environment can turn upside down and take all the CPU resources even when no job is being processed. Any job launched gets eternal and the CPU load gets so high that almost reaches the moon while you try to fix it with no luck at all.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
In that moment, a good idea may be clean old jobs and update your Jenkins. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<u></u><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://technology.amis.nl/wp-content/uploads/2018/09/jenkin.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="300" data-original-width="495" height="193" src="https://technology.amis.nl/wp-content/uploads/2018/09/jenkin.png" width="320" /></a></div>
<br />
<br /></div>
<div style="text-align: justify;">
<span style="color: #b45f06;">For cleaning old builds</span></div>
<ul style="text-align: justify;">
<li>find out which is your jenkins home (you can get it from "Manage Jenkins" -> "Configure System" -> "Home Directory")<br /></li>
<li>navigate to that directory, and then move inside the 'jobs' folder. Those are your jobs, and inside each of them there is a "builds" folder that keeps the builds. Delete as much as you want, let's say leaving just one month.<br /></li>
<li>after that, reload your configuration; you can restart your container<br /><br /> </li>
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;"> ></span> docker container restart jenkins</div>
<br />or just reload the configuration from "Manage Jenkins" -> "Reload Configuration from Disk" </ul>
<div style="text-align: justify;">
<br />
<span style="color: #b45f06;">For updating your Jenkins (using Docker)</span></div>
<div style="text-align: justify;">
</div>
<ul style="text-align: justify;">
<li>First of all, copy the war URL to download it; you can copy it from your Jenkins. To get it, go to "Manage Jenkins" and scroll to the top of the page; there is a warning if there are new available versions, and you can copy the link from there<br /></li>
<li>Once you have your link, you have to download the war inside the container and move it instead the current; so lets get inside it using<br /></li>
<div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">></span> docker container exec -u 0 -it jenkins bash <span style="color: white;">##important you use "-u 0" option to force the user; otherwise bash may crash or have other issues</span>
<br />
<span style="color: white;">>> </span>cd /usr/share/jenkins
<br />
<span style="color: white;">>> </span>mv jenkins.war jenkins-OLD.war
<br />
<span style="color: white;">>> </span>wget http://updates.jenkins-ci.org/download/war/x.yyy.z/jenkins.war<span style="color: white;"> ## in your case, the URL you got on the previous step
</span><br />
<span style="color: white;">>> </span>chown jenkins:jenkins jenkins.war
<br />
<span style="color: white;">>> </span>exit</div>
<br />
<li> now let's restart the container using
<br /><br /><div style="background-color: #1f3948; color: #7efd00; padding: 15px;">
<span style="color: white;">> </span>docker container restart jenkins</div>
<br />log on on your Jenkins again, and check your installed plugins; some of them may be outdated and you'll have to make some adjustments.</li>
</ul>
<div style="text-align: justify;">
<br />
<br /></div>
Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-4105396670676723352019-02-20T23:36:00.000+01:002019-03-26T23:38:03.261+01:00Pinceladas de gitHoy traigo otra cheat sheet, esta vez se trata de una chuleta de comandos git. Para el que haya llegado aquí por casualidad, git es un software de control de versiones muy utilizado no sólo por equipos de desarrollo sino por cualquiera que prefiera trabajar con un repositorio seguro.<br />
<br />
En este caso, quiero que le echéis un ojo a esta chuleta; las hay mucho más completas con miles de comandos, pero esta me gusta porque es muy simple y sencilla, y para alguien que está empezando o que sólo hace tareas más básicas, es genial.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://i.pinimg.com/originals/14/29/de/1429de4346a3f49ef4bdaa17c9d1c10d.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="554" height="640" src="https://i.pinimg.com/originals/14/29/de/1429de4346a3f49ef4bdaa17c9d1c10d.jpg" width="442" /></a></div>
<br />
No dispongo de la fuente original, ya que esto lo saqué de Pinterest, de una cuenta que sigo, pero si alguien la conoce, que me lo haga llegar y prometo actualizar el post.<br />
<br />
<br />
Muchas gracias!Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-36815301646991264932018-12-24T17:08:00.000+01:002019-03-26T23:28:40.277+01:00Pinceladas de Docker (IV) - Comandos<div style="text-align: justify;">
Hacía tiempo que quería subir una pequeña receta con los comandos de docker que más utilizo y que pueden ser útiles a alguien, y ya tenía el post escrito cuando he encontrado una sheet que me parece muy útil y totalmente recomendable, muy completa y muy organizada. Así que en lugar de subir mi artículo, os dejo esta sheet que os va a ser mucho más útil.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Si hacéis click sobre la imagen se hace más grande; o podéis descargarlas en formato PDF para tenerlas siempre a mano <a href="http://images.linoxide.com/docker-commands-cheat-sheet.pdf" target="_blank">aquí</a>. </div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://images.linoxide.com/docker-commands-cheatsheet-part1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="570" height="640" src="https://images.linoxide.com/docker-commands-cheatsheet-part1.png" width="456" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div style="text-align: center;">
<a href="http://images.linoxide.com/docker-commands-cheatsheet-part2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="570" height="640" src="https://images.linoxide.com/docker-commands-cheatsheet-part2.png" width="456" /> </a></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
Fuente: <a href="https://linoxide.com/linux-how-to/docker-commands-cheat-sheet/" target="_blank">Linoxide.Com</a><span id="goog_1876534514"></span><span id="goog_1876534515"></span> </div>
Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-91985301518729671492018-10-29T02:00:00.000+01:002019-03-24T02:52:36.321+01:00Distribuciones Linux¿Sabéis cuántas distribuciones linux "oficiales" hay? 10? 20? Pues no, son unas cuantas más...<br />
Os dejo una imagen de la wiki donde están todas las distros, de dónde salieron y las escisiones que se han formado. Podéis acceder a la web <a href="https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg" target="_blank">aquí</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://wallpapercave.com/wp/1X1twB3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="500" data-original-width="800" height="400" src="https://wallpapercave.com/wp/1X1twB3.jpg" width="640" /></a></div>
<br />
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com1tag:blogger.com,1999:blog-2694407932137456117.post-83071624589372664492018-09-01T09:30:00.000+02:002019-03-24T16:24:35.508+01:00Ampliar LVM sobre disco virtual (libvirtd) sin GPARTED<div style="text-align: justify;">
Hola! Esta es mi receta para dar de alta discos sin gparted</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Espero que os sea de utilidad!</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1) Parar servidor y añadir un disco nuevo. Arrancar servidor de nuevo</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
2) formatearlo (fdisk), añadir partición nueva y darle el formato de "Linux LVM" (8e). Escribir los</div>
<div style="text-align: justify;">
cambios en la tabla (w) y salir</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">root@Server:~# </span>fdisk /dev/sdb<br />
<span style="color: white;">Command (m for help):</span> n<br />
<span style="color: white;">Command action</span><br />
<span style="color: white;">e extended</span><br />
<span style="color: white;">p primary partition (1-4)</span><br />
p<br />
<span style="color: white;">Partition number (1-4): </span>1<br />
<span style="color: white;">First cylinder (1-2610, default 1): "enter"</span><br />
<span style="color: white;">Using default value 1</span><br />
<span style="color: white;">Last cylinder, +cylinders or +size{K,M,G} (1-2610, default 2610): "enter"</span><br />
<span style="color: white;">Using default value 2610</span><br />
<span style="color: white;">Command (m for help):</span> t<br />
<span style="color: white;">Selected partition 1</span><br />
<span style="color: white;">Hex code (type L to list codes): </span>8e<br />
<span style="color: white;">Changed system type of partition 1 to 8e (Linux LVM)</span><br />
<span style="color: white;">Command (m for help):</span> w<br />
<span style="color: white;">The partition table has been altered!</span><br />
<span style="color: white;">Calling ioctl() to re-read partition table.</span><br />
<span style="color: white;">Syncing disks.</span><br />
<span style="color: white;">root@Server:~# </span></div>
<br />
3) Hacer del nuevo disco un volumen físico (VP)<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
root@Server:~# pvcreate /dev/sdb1<br />
Physical volume "/dev/sdb1" successfully created</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
4) 'Extender' el volume group (VG) que ya existe (en este caso se llama Mega) añadiéndole el</div>
<div style="text-align: justify;">
nuevo disco</div>
<div style="text-align: justify;">
<br /></div>
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
root@Server:~# vgextend Mega /dev/sdb1<br />
Volume group "Mega" successfully extended</div>
<br />
<div style="text-align: justify;">
Para saber cómo se llama el volumen a extender, podéis ejecutar vgdisplay, que muestra todos</div>
<div style="text-align: justify;">
los volúmenes definidos</div>
<div style="text-align: justify;">
Con pvscan podréis comprobar que el nuevo disco forma parte del volumen al que lo habéis</div>
<div style="text-align: justify;">
añadido:</div>
<div style="text-align: justify;">
<br /></div>
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<div style="text-align: justify;">
root@Server:~# pvscan</div>
PV /dev/sda5 VG Mega lvm2 [19.76 GiB / 0 free]<br />
PV /dev/sdb1 VG Mega lvm2 [19.99 GiB / 19.99 GiB free]<br />
Total: 2 [39.75 GiB] / in use: 2 [39.75 GiB] / in no VG: 0 [0 ]<br />
<br /></div>
<br />
5) Vamos ahora a ampliar el espacio del disco propiamente dicho; el disco en realidad es un LV<br />
(volumen lógico)<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
root@Server:~# lvextend /dev/Mega/root /dev/sdb1<br />
Extending logical volume root to 38.90 GiB<br />
Logical volume root successfully resized</div>
<br />
y por último, reformateamos el sistema de archivos para que se adapte al nuevo disco:<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
root@Server:~# resize2fs /dev/Mega/root<br />
resize2fs 1.41.12 (17-May-2010)<br />
Filesystem at /dev/Mega/root is mounted on /; on-line resizing required<br />
old desc_blocks = 2, new_desc_blocks = 3<br />
Performing an on-line resize of /dev/Mega/root to 10196992 (4k) blocks.<br />
The filesystem on /dev/Mega/root is now 10196992 blocks long.</div>
<br />
<br />Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-69297636310678543312018-07-24T17:30:00.000+02:002019-03-24T02:38:30.953+01:00Ampliar LVM sobre disco virtual (libvirtd) usando GPARTEDHola!<br />
Esta es mi receta para ampliar discos discos virtuales con LVM montado. Espero que os sea útil!<br />
<br />
1) parar mv y haz una copia del disco.<br />
<br />
2) con el comando vgs vemos que grupos de volumenes existen:<br />
<ol>
<span style="background-color: blue;">VG #PV #LV #SN Attr VSize VFree<br />
vgdata 1 3 0 wz--n- 219,09g 37,44g<br />
vgsys 1 3 0 wz--n- 16,61g 4,00m</span><br />
</ol>
3) con el comando lvs vemos que volumenes logicos existen:<br />
<ol>
<span style="background-color: blue;">LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert<br />
datos2 vgdata -wi-ao---- 167,00g<br />
home vgdata -wi-ao---- 4,88g<br />
opt vgdata -wi-ao---- 9,77g<br />
root vgsys -wi-ao---- 9,77g<br />
tmp vgsys -wi-ao---- 1,95g<br />
var vgsys -wi-ao---- 4,88g</span><br />
</ol>
4) con el comando vgs vemos que discos hacen referencia a los grupos de volumenes<br />
existentes:<br />
<ol>
<span style="background-color: blue;">PV VG Fmt Attr PSize PFree<br />
/dev/vda2 vgsys lvm2 a-- 16,61g 4,00m<br />
/dev/vda3 vgdata lvm2 a-- 219,09g 37,44g</span></ol>
5) ampliamos la imagen del disco del servidor (desde el host)<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>qemu-img resize /path/to/server.qcow2 +200GB</div>
<br />
6) modificamos el servidor para que arranque desde cd (desde el host):<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>virsh edit server<span style="color: white;"> > con este comando editamos su configuración </span><br />
<boot dev='cdrom'/> <span style="color: white;">> añadimos una unidad de cdrom</span><br />
<boot dev='hd'/><br />
<disk type='file' device='cdrom'> <span style="color: white;">enlazamos la imagen iso de GParted a la unidad de cdrom</span><br />
<driver name='qemu' type='raw'/><br />
<source file='/opt/ISO/gparted-live-0.26.0-2-i686.iso'/><br />
<target dev='hdc' bus='ide'/><br />
<readonly/><br />
<address type='drive' controller='0' bus='1' unit='0'/><br />
</disk></div>
<br />
7) iniciamos de nuevo el servidor, booteará desde la iso de GParted<br />
<br />
8) Veremos el nuevo espacio como "unallocated" , lo movemos hasta poder añadirlo al disco que deseemos (el que haga referencia al grupo de volumenes que deseamos ampliar)<br />
<br />
9) eliminamos la configuración del servidor para que no vuelva a arrancar desde cd (eliminando lo añadido en el paso 6) y reiniciamos el servidor<br />
<br />
10) creamos el nuevo volumen logico, datos2 en este caso y lo asignamos al grupo que deseemos, en este caso vgdata.<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>lvcreate --size 167G --name datos2 vgdata</div>
<br />
11) creamos el sistema de archivos en el volumen logico:<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>mkfs.ext4 /dev/mapper/vgdata-datos2</div>
<br />
12) modificamos el fichero /etc/fstab para montar la nueva unidad<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>/dev/mapper/vgdata-datos2 /datos2 ext4 defaults 1 2</div>
<br />
13) creamos el directorio /datos2 donde se montara el fs<br />
<br />
14) montamos el filesystem<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">> </span>mount -a </div>
<br />
<br />
<br />
<b>Documentación</b>:<br />
http://www.randomhacks.co.uk/how-to-resize-a-qcow2-harddrive-images/<br />
http://www.vilecha.com/hellguest/lvm2_creacion.asp<br />
http://www.naturalborncoder.com/virtualization/2014/12/05/increasing-the-size-of-a-qcow2-
image-under-kvm/<br />
https://www.rootusers.com/use-gparted-to-increase-disk-size-of-a-linux-native-partition/Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-53025606040577990952018-06-08T17:00:00.000+02:002019-03-24T02:36:48.764+01:00Reducción de discos virtuales con LVM con libvirtd y qemuAntes de nada, este procedimiento es aplicable a servidores virtualizados con <b>libvirt </b>y que utilizan <b>qemu </b>como KVM. Yo lo he ejecutado sobre RHEL6.x, RHEL7.x y Debian8.x. Se trata de un caso concreto, tal y como se hizo.<br />
<br />
<div style="text-align: center;">
<b><span style="color: red;">ANTES DE EMPEZAR, PARA LA MÁQUINA Y HAZ UN BACKUP DE DISCO</span></b></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.linuxtrainingacademy.com/wp-content/uploads/2018/04/lvm-diagram-linux-training-academy.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="450" data-original-width="800" height="225" src="https://www.linuxtrainingacademy.com/wp-content/uploads/2018/04/lvm-diagram-linux-training-academy.png" width="400" /></a></div>
<br />
<div style="text-align: justify;">
Arranca la máquina y para servicios críticos. La información que necesitas tener MUY clara es</div>
<ul style="text-align: justify;">
<li>el directorio que voy a reducir y qué volumen lógico es (LV)</li>
<li>a qué grupo de volúmenes pertenece (VG)</li>
<li>a qué volumen físico pertenece (PV)</li>
</ul>
<div style="text-align: justify;">
y con toda esta información, puedo ver qué LV/VG/PVs voy a redimensionar. Si no estás familiarizado con el sistema LVM de Linux, por favor, pídele a otra persona que ejecute este proceso.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
La estructura del LVM de este servidor es:</div>
<div style="text-align: justify;">
<ol>
<span style="background-color: #cccccc;"></span><div style="text-align: justify;">
<span style="background-color: blue;">[root@server ~]# pvs</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> PV VG Fmt Attr PSize PFree</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> /dev/vda3 vgsys lvm2 a-- 29,25g 11,50g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> /dev/vda5 vgdata lvm2 a-- 200,00g 12,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"><br /></span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;">[root@server ~]# vgs</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> VG #PV #LV #SN Attr VSize VFree</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> vgdata 1 3 0 wz--n- 200,00g 12,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> vgsys 1 3 0 wz--n- 29,25g 11,50g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"><br /></span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;">[root@server ~]# lvs</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_home vgdata -wi-ao-- 4,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_ihs vgdata -wi-ao-- 180,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_opt vgdata -wi-ao-- 4,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_root vgsys -wi-ao-- 11,75g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_tmp vgsys -wi-ao-- 1,00g</span></div>
<span style="background-color: blue;">
</span><div style="text-align: justify;">
<span style="background-color: blue;"> lv_var vgsys -wi-ao-- 5,00g</span></div>
<div style="text-align: justify;">
</div>
</ol>
</div>
<div style="text-align: justify;">
En este ejemplo, el directorio /ihs se definió muy grande pero ya no se usa tanto espacio, así que tenemos que reducirlo. Los pasos que vamos a dar son los siguientes:</div>
<ul style="text-align: justify;">
<li>detectar qué LV hay que reducir → ya lo hemos hecho, el lv_ihs</li>
<li>detectar en qué VG y PV está alojado → son el vgdata y el /dev/vda5</li>
<li>hacer un backup de todos los LVs alojados en el VG afectado</li>
<li>eliminar los LVs, el VG y el PV</li>
<li>redefinir a nivel de disco las particiones</li>
<li>recortar el espacio del disco que ya no se va a utilizar y redimensionar el archivo</li>
<li>montar de nuevo el PV, el VG y los LVs</li>
<li>volcar el backup</li>
</ul>
<div style="text-align: justify;">
Ahora sí, vamos por partes</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
Haz una copia del disco. Para la máquina y cópiala con otro nombre</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Una vez arranques la máquina de nuevo, para servicios que puedan estar trabajando con los directorios que estén sobre los LVs con los que vamos a trabajar.</div>
<div style="text-align: justify;">
Para ver si hay algo en uso (librerías, archivos, lo que sea) yo utilizo el comando lsof de esta manera:</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> lsof -l | grep “/ihs”<br />
<span style="color: white;">></span> lsof -l | grep “/opt”<br />
<span style="color: white;">></span> lsof -l | grep “/home”</div>
<br />
<div style="text-align: justify;">
Si alguno de estos comandos te devuelve algo, es porque hay algún archivo en uso y es probable que no hayas parado el servicio.</div>
<div style="text-align: justify;">
Lanzo los backups; puedo hacer un tgz o un dd; voy a probar con tgz</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<br />
<span style="color: white;">></span> tar -czvf /mnt/server/opt.tgz /opt<br />
<span style="color: white;">></span> tar -czvf /mnt/server/ihs.tgz /ihs<br />
<span style="color: white;">></span> tar -czvf /mnt/server/home.tgz /home</div>
<br />
<div style="text-align: justify;">
Después voy a desmontar los LVs y los elimino; aprovecho y comento las unidades en /etc/fstab para que cuando reinicie no tenga problemas</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> umount /opt<br />
<span style="color: white;">></span> umount /ihs<br />
<span style="color: white;">></span> umount /home<br />
<span style="color: white;">></span> lvremove /dev/mapper/vgdata-lv_opt<br />
<span style="color: white;">></span> lvremove /dev/mapper/vgdata-lv_home<br />
<span style="color: white;">></span> lvremove /dev/mapper/vgdata-lv_ihs<br />
<span style="color: white;">></span> vi /etc/fstab<span style="color: white;"> → y comento las unidades desmontadas</span></div>
<br />
Voy a desactivar el VG y lo elimino<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> vgchange -a n vgdata<br />
<span style="color: white;">></span> vgremove vgdata</div>
<br />
Y ahora elimino el disco vda5 del PV, que es el que contiene el VG que acabo de eliminar<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> pvremove /dev/vda5</div>
<br />
Antes de parar el servidor, doy de baja la partición desde fdisk<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> fdisk /dev/vda</div>
<br />
<div style="text-align: justify;">
Dentro del fdisk con la <b>p</b> veo todas las particiones cómo están definidas. Las tareas que YO tengo que hacer son (es probable que TÚ tengas otras, dependerá de cómo se particionó el disco en su momento)</div>
<ul style="text-align: justify;">
<li>eliminar la partición extendida vda5</li>
<li>eliminar la partición primaria vda4</li>
<li>añadir una nueva partición vda4 del tamaño que corresponda (1)</li>
<li>indicar que el formato de la nueva partición vda4 es LVM</li>
</ul>
<div style="text-align: justify;">
<b>(1)</b> El tamaño va a depender del tamaño que le vaya a dar a los nuevos LV; en mi caso, a /opt le damos 4GB, a /home le damos otros 4GB y a /ihs le damos 20GB, que hacen 28GB. Para no pillarme los dedos, voy a definir una partición de 30GB. El tamaño que le voy a dar a la unidad lo hago cuando la creo, y le asigno el tamaño con un +30G</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Una vez he guardado los cambios en del fdisk, paro la máquina y redimensiono los discos. Recuerda que tienes que tener espacio para hacerlo; al menos vas a necesitar el mismo espacio que el que ocupa ahora el archivo del disco, como si lo fueras a duplicar. </div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> qemu-img convert Server.img -O raw Server.raw </div>
<br />
de qcow2 a raw, porque en formato qcow2 no se pueden hacer resizes<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> qemu-img resize Server.raw 50G<span style="color: white;"> → Cambio el tamaño del disco</span><br />
<span style="color: white;">></span> qemu-img convert Server.raw -O qcow2 Server.img <span style="color: white;">→ Convierto de raw a qcow2. Cuidado en este paso, si lo ejecutas así borrarás el disco original. Apunta a un fichero con otro nombre o en otro directorio</span></div>
<br />
Arranca la máquina de nuevo (2) y empieza a montar de nuevo la estructura.<br />
Creo el nuevo PV<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> pvscan<br />
<span style="color: white;">></span> pvcreate /dev/vda4</div>
<br />
Creo el nuevo VG<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> vgcreate vgdata /dev/vda4</div>
<br />
Creo los LVs y los formateo (3)<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> lvcreate --size 4G -n lv_opt vgdata<br />
<span style="color: white;">></span> lvcreate --size 4G -n lv_home vgdata<br />
<span style="color: white;">></span> lvcreate --size 20G -n lv_ihs vgdata<br />
<span style="color: white;">></span> mkfs.ext4 /dev/vgdata/lv_opt<br />
<span style="color: white;">></span> mkfs.ext4 /dev/vgdata/lv_home<br />
<span style="color: white;">></span> mkfs.ext4 /dev/vgdata/lv_ihs</div>
<br />
<div style="text-align: justify;">
Descomento el /etc/fstab y monto las unidades</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> mount -a</div>
<br />
<br />
<div style="text-align: justify;">
Por último restauro el contenido de las carpetas, muevo el contenido de los backups y los vuelco. Después reinicio el servidor y compruebo que los servicios arrancan correctamente</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>(2)</b> Llegado a este punto, si no has comentado las unidades en el<b> /etc/fstab </b>cuando hemos eliminado los LVs, ahora la máquina no te va a arrancar. No te preocupes, el problema es que no encuentra las unidades para montarlas; podemos solucionarlo, aunque es un poco lento.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Para solucionarlo arranca con un LiveCD (Knoppix, por ejemplo) y vamos a comentar esas unidades en el /etc/fstab. Una vez arranque, hay que activar el soporte de LVM en Knoppix, así que abre una consola y ejecuta:</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: justify;">
<span style="color: white;">></span> sudo su -<br />
<span style="color: white;">> </span>vgscan --mknodes<br />
<span style="color: white;">></span> vgchange -ay<br />
<span style="color: white;">></span> lvscan<br />
<span style="color: white;">></span> mount /dev/vgsys/lv_root /mnt/<br />
<span style="color: white;">></span> vi /mnt/etc/fstab</div>
<br />
y comenta ahora las unidades. Guarda al salir y reinicia, ya deberías poder entrar en el SO.<br />
<br />
<b>(3)</b> Si al crear una nueva partición para vgdata no pueda, prueba a arrancar con una distro Gparted y crea la partición sin problemas.Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-70358371850889563082018-05-02T11:30:00.000+02:002019-03-24T01:18:17.630+01:00Y vosotros, ¿estáis de acuerdo?¿Vosotros estáis de acuerdo?<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-zVYllOiAJfI/WOjoCps7MzI/AAAAAAAAFSs/Ky3SPBd4I_8C5WmISSBmq2NTS1Or7uK1gCJoC/s530-p-rw/17%2B-%2B1" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="530" data-original-width="530" height="400" src="https://3.bp.blogspot.com/-zVYllOiAJfI/WOjoCps7MzI/AAAAAAAAFSs/Ky3SPBd4I_8C5WmISSBmq2NTS1Or7uK1gCJoC/s530-p-rw/17%2B-%2B1" width="400" /></a></div>
<br />
¿Qué distro(s) utilizáis normalmente? ¿Sabíais que existe una distro basada en Hanna Montana? Sí... <a href="http://hannahmontana.sourceforge.net/" target="_blank">aquí </a>está el enlace. Ya me contaréis si lo intentáis... Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0tag:blogger.com,1999:blog-2694407932137456117.post-89695707174458812002018-04-04T18:00:00.000+02:002019-03-24T01:10:36.498+01:00AWS - Actualizar un certificado SSL externo<div style="text-align: justify;">
Hoy os voy a explicar cómo lo hago yo para actualizar un certificado SSL en AWS, un certificado que se ha comprado fuera. Lo vamos a hacer en tres pasos, que son</div>
<ol>
<li style="text-align: justify;">Codificar los certificados (pasar a .pem) </li>
<li style="text-align: justify;">Subirlos a AWS </li>
<li style="text-align: justify;">Cambiar el viejo por el nuevo</li>
</ol>
<div style="text-align: justify;">
1) Para codificar el certificado nuevo vamos a necesitar</div>
<ul style="text-align: justify;">
domain.crt (el certificado que nos habrá enviado el proveedor)<br />
domain.key <br />
root.crt (es el Certificado Intermedio del tipo de SSL que hemos tramitado, que nos debería dar también el proveedor, sino mejor se lo pedimos).
</ul>
<div style="text-align: justify;">
Para hacer la conversión y encriptar los archivos lo hacemos así (desde cualquier linux que tenga el paquete openssl instalado)</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: left;">
<code class="">
<span style="color: white;">></span> rsa -in domain.key -outform PEM -out domain.key.pem<br />
</code><code class=""><span style="color: white;">></span> x509 -inform PEM -in domain.crt -out domain.crt.pem<br />
</code><code class=""><span style="color: white;">></span> x509 -inform PEM -in root.crt -out root.crt.pem</code></div>
<br />
Ya los tienes codificados. Vamos a subirlos.<br />
<br />
<div style="text-align: justify;">
2) Subirlos no es complicado, sólo necesitas un usuario IAM con permisos para subirlos. <a href="https://docs.aws.amazon.com/acm/latest/userguide/authen-apipermissions.html" target="_blank">Aquí</a> tienes la documentación de todas las políticas en ACM que necesitas para definir los permisos de tu usuario.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
La subida la puedes hacer desde la consola de AWS o desde línea de comandos (habiendo instalado las AWS tools previamente). Desde el directorio donde tienes los certificados codificados, el comando sería este</div>
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: left;">
<code class="">
<span style="color: white;">></span> aws iam upload-server-certificate --server-certificate-name <span style="color: white;">Nombre_del_Certificado</span> --certificate-body
file:/<span style="color: white;">domain.crt.pem</span> --private-key
file:/<span style="color: white;">domain.key.pem</span> --certificate-chain
file:/<span style="color: white;">domain_2016_ca.crt.pem</span><code class=""></code></code></div>
<br />
Cuando este paso se hace bien, el sistema devuelve algo así:<br />
<br />
<div style="background-color: #1f3948; color: #7efd00; padding: 15px; text-align: left;">
{<br />
"ServerCertificateMetadata": {<br />
"ServerCertificateId": "ASCAJKNEFTXTK7XXXXXXX",<br />
"ServerCertificateName": "domain",<br />
"Expiration": "2019-07-21T23:59:59Z",<br />
"Path": "/",<br />
"Arn": "arn:aws:iam::xxxxxxxx:server-certificate/domain",<br />
"UploadDate": "2018-01-26T11:16:35.819Z"<br />
}<br />
}<br />
<span style="color: white;"></span><code class=""></code></div>
<br />
<div style="text-align: justify;">
Sencillo, ¿no? El problema es cuando el usuario de AWS no tiene permisos, que hay que dárselos. El error es más del tipo:</div>
<br />
<div style="background-color: #1f3948; padding: 15px; text-align: left;">
<i><span style="color: white;">A client error (AccessDenied) occurred when calling the
UploadServerCertificate operation: User:
arn:aws:iam::xxxxxxxx:user/USER is not authorized to perform:
iam:UploadServerCertificate on resource:
arn:aws:iam::xxxxxxxx:server-certificate/domain</span></i></div>
<br />
<div style="text-align: justify;">
En este caso, falta algún permisos; prueba a darle a tu usuario permisos IAMFullAccess y a quitárselos después de importar el certificado.</div>
<br />
<div style="text-align: justify;">
3) Cambiar el nuevo certificado : Desde el panel de AWS, entra en EC2 y en el panel de la izquierda busca Load Balancing y justo debajo, Load Balancer. Busca el balanceador al que está asociado el certificado que vamos a actualizar, selecciónalo y vete a la pestaña "Listeners". Selecciona el HTTPS y edítalo. En el campo</div>
<div style="text-align: justify;">
<br /></div>
<div class="label_3ZT-N" style="text-align: center;">
<b>Default SSL certificate</b></div>
<div class="label_3ZT-N" style="text-align: center;">
</div>
<div class="label_3ZT-N">
escoge el certificado que acabas de subir y guarda. Ya lo has cambiado.</div>
Esther Yébeneshttp://www.blogger.com/profile/02645980422658407991noreply@blogger.com0