Practical DevOps guides
Hands-on walkthroughs on Linux, Kubernetes, AWS, networking, and security. Written for engineers who want to understand how things actually work — beginners welcome.
Try a different search term or category.
Ahead of Intel Diamond Rapids server processors launching in 2027, the Linux kernel continues getting into shape for these next-gen Xeon processors. The latest enablement work taking place for Diamond Rapids is readying the Error Detection And Correction (EDAC) driver support for propagating memory errors/correction information under Linux...
We investigated why firmware updates were causing our core servers to take four hours to reboot. By diving into UEFI data structures and iPXE automation, we eliminated unnecessary timeouts and cut boot times back down to minutes.
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U. S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords.
Last week's collection of networking subsystem fixes for Linux 7. 1 noted craziness continuing with no end in sight with a large pull request of fixes with many of them spurred on by AI/LLM coding agents.
Here’s how we built Town Lake, Cloudflare's unified analytics platform, alongside Skipper, an internal AI agent running on top of it.
HashiCorp Vault 2. 0 adds beta SCIM support, letting organizations standardize user and group provisioning from external identity platforms into Vault.
Cloudflare Radar data confirms early indications of a partial Internet restoration in Iran, nearly three months after the shutdown began. Traffic spikes and DNS queries have risen, but network activity is currently just 40% of pre-shutdown levels.
The long-in-development work on Cache Aware Scheduling looks like it will come to a head soon with it looking like Cache Aware Scheduling will land for Linux 7. 2. Ahead of the upcoming merge window I ran some fresh benchmarks looking at different areas where this feature is shining.
Consul 2. 0 enhancements include multi-port for service mesh, CyberArk Workload Identity Manager, cluster rate limiting, and auto-scaling for API gateway.
In addition to the recent influx of Linux security vulnerabilities affecting Linux, FreeBSD has also begun receiving security reports via AI/LLM-driven discovery tools. FreeBSD 15. 1-RC1 is out today ahead of the planned official release in June and it brings a handful of security fixes out of this new AI-driven security research space...
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union.
p a href="https://lobste.
Greg Kroah-Hartman took time away from his duties as Linux's second-in-command as stable maintainer, various subsystem maintainer, and recent hobby of using AI/LLMs for uncovering Linux kernel bugs to present at the Rust Week conference...
p a href="https://lobste.
Following the ISOs dropping a few days ago, today the Mageia 10 release candidate was officially announced for those fond of this Linux distribution with its roots tracing back to Mageia and Mandrake Linux...
In recent weeks, we pointed Mythos and other security-focused LLMs at live code across critical parts of our infrastructure. We share what we observed, the models’ strengths and weaknesses, and what the work around them needs to look like before any of it can scale.
Use Vault Transit with envelope encryption to securely protect large artifacts and streaming workloads without sending payloads to Vault.
p Amazon Lightsail content delivery network (CDN) distributions now support IPv6-only instances as origins. This feature enables customers to use IPv6-only instances to deliver content through the Lightsail CDN distributions with low latency and high transfer speeds worldwide.
HashiCorp Vault now enables enterprises to manage agentic IAM including trusted identities, delegated authorization, fine-grained controls and end-to-end tracing.
We’ve enabled higher usage limits, faster performance, better reliability, and increased shipping velocity for our Browser Run product by rebuilding on top of Cloudflare’s Containers. Here’s how.
p AWS Transform now supports replatforming applications to containers during migration to AWS. This release extends AWS Transform's agentic AI capabilities to automate the containerization of your source code, enabling you to migrate and modernize in parallel, reducing the time and complexity of moving from on-premises to cloud-native architectures.
When a partitioning change to our petabyte-scale ClickHouse cluster caused critical billing jobs to stall, standard metrics showed no obvious errors. This post explores how we identified severe lock contention in ClickHouse's query planner and built upstream patches to fix it.
Terraform 1. 15 adds Windows ARM64 builds, variable deprecation, S3 AWS login, inline type conversion, and dynamic module sources.
The Neo4j backups are fully functional databases. To use a backup, all you need to do replace your database folder with the backup. Just make sure the database…
Backup Commands # Performing a full backup: create a blank directory and run the backup tool mkdir /mnt/backup/neo4j-backup ./bin/neo4j-backup -host 192.168.1.34 -to /mnt/backup/neo4j-backup # Performing an incremental b…
Now we look at the other way chmod can be used – with numbers. This is the more commonly-used format, but also the least user-friendly. The other chmod:…
Introduction This is a guide explaining how to create a secret encrypted drive the easy way using a graphic user interface. It covers installing and using the TrueCrypt…
Overview OpenVPN is a Virtual Private Networking (VPN) solution provided in the Ubuntu Repositories. It is flexible, reliable and secure. It belongs to the family of SSL/TLS VPN…
Introduction In this article you will learn how to install and configure fail2ban, a security tool that defends against brute force attacks. Before any attackers can compromise a…
Setup HBase In order to use OpenTSDB, you need to have HBase up and running. This page will help you get started with a simple, single-node HBase setup, which is…
Installing Arpwatch in Linux By default, Arpwatch tool is not installed on any Linux distributions. We must install it manually using ‘yum‘ command on RHEL, CentOS, Fedora and ‘apt-get‘ on&n…
What is Træfɪk ? Træfɪk is a reverse proxy and load-balancer designed for micro services (e.g. Containers). It is very simple, written in Go, and supports a lot backend types…
Note: The commands and utilities in this article have been tested on a Debian Cloud Server. They are not guaranteed to function correctly on other distributions. However, the General…
Kubernetes is an open source orchestration tool for application containers developed by Google. It packages all of the necessary tools – orchestration, service discovery and load balancing in one place.…
Internet Addresses The Internet is a big complicated network of computers and routers passing data signals back and forth. Computers have addresses that let the signals find the…
The top command. The most common of these commands is top. The top will display a continually updating report of system resource usage.# top12:10:49 up 1 day, 3:47,…
Installation To get started, Mosh must first be installed on both the client and the server. Fortunately, Mosh packages exist on most popular distributions and below are the…
Ubuntu server out of box is not optimized to make full use of available hardware. This means “out-of-box” setup might fail under high load. So we need to tweak…
Because more customers are requesting high availability (HA) setups with load balancing, Rackspace has implemented HAProxy as a software load balancer on cloud servers. When you choose the…
The iostat will display the current CPU load average and disk I/O information. This is a great command to monitor your disk I/O usage.# iostatLinux 2.4.20-24.9 (myhost) 12/23/2003…
When troubleshooting issues with your Linux server one of the most useful resources at your disposal is the humble log file, recording your system’s activity and any problems…
IP tables is a firewall and networking tool available to all Linux Distros and operates by analyzing packets at the kernel level as they are received. Introduction I…
To understand what exactly a firewall is, it is necessary to first understand what the Internet is. The Internet is, simply put, a web-like network of computers —…
tar Although not often used on it’s own, tar (which comes from the words ‘tape archive’ or ‘tape archiving’), does not actually compress files or folders but rather…
For a full overview on Authentication, refer to the official Kubernetes docs on Authentication and Authorization For users, ideally you use an Identity provider for Kubernetes (OpenID Connect). If you are……
Preface There are two things to take away from this article, first is a basic knowledge of runlevels, and how to just get a service to run at…
SSH checkout The syntax for using SSH is very similar to the one used in the previous article. So checking out project1 using the SSH protocol would look…
Installation For this article I am using Debian Etch which has version 1.4.2 available. Ubuntu LTS has version 1.3.1 and other distributions have different versions. The latest and…
The ps will provide you a list of processes currently running. There is a wide variety of options that this command gives you. A common use would be…
The lsof command will print out a list of every file that is in use. Since Linux considers everythihng a file, this list can be very long. However,…
he Jenkins Continuous Integration and Delivery server. This is a fully functional Jenkins server. http://jenkins.io/. Usage NOTE: read below the build executors part for the role of the 50000 por…
Note Scanning for rootkits will not stop all attacks, it is not an active defense. If your server has been compromised then a scan will not stop the…
f you are new to Linux/Unix, then the concept of permissions may be confusing. This guide will provide you with an explanation of what permissions are, how they…
Which one? Neither rkhunter nor chkrootkit are necessarily better than the other and can easily be run at the same time, giving added defence measures and peace of…
VirtualMin provides functionality for non-root users on their shared hosting accounts. This tutorial will walk you through the installation of VirtualMin on a CentOS 6.4 server. This tutorial…
Introduction Logwatch is a simple log analysis tool provided with most Linux distributions. A daily scheduled cron job parses the various system logs and sends a log summary…
Secure the port and remote client connection accepts By default, the Neo4j Server is bundled with a Web server that binds to host localhost on port 7474, answering only requests from…
A bridge is a piece of software used to unite two or more network segments. A bridge behaves like a virtual network switch, working transparently (the other machines…
Tcpdump is a powerful network debugging tool that can be used for intercepting and displaying packets on a network interface. An important feature of tcpdump is a filter…
tcpdump is the premier network analysis tool for information securityprofessionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/I…
Prerequisites Once you have completed the Ubuntu set up you can start a Django project. This article will guide you through the subversion installation so we can grab…
What is logrotate? It may surprise you to learn that logrotate is a program used to rotate logs. It’s true! The system usually runs logrotate once a day,…
Installing Spark Standalone to a Cluster To install Spark Standalone mode, you simply place a compiled version of Spark on each node on the cluster. You can obtain…
Many tutorials reference “package managers” and “package management tools.” If you are new to the Linux world and don’t understand the purpose of these technologies, or if you…
Generate GPG Keys Run: gpg –gen-key You will be asked: Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3)…
Step 1: Download the code Download the 0.8 release. > tar xzf kafka-<VERSION>.tgz > cd kafka-<VERSION> > ./sbt update > ./sbt package > ./sbt assembly-package-dependency This tutorial assu…
GlusterFS is a software-only product that you can use to build a distributed file system across multiple storage server nodes. It provides a highly scalable and unique data…
Introduction Using ‘top’ will give a real-time overview of what is using system resources on your Cloud Server. Easy configuration and a simple interface allow you to change…
Overview This topic provides an end-to-end example of how to use an existing Gluster cluster as an OpenShift Origin persistent store. It is assumed that a working Gluster…
clean up Let’s start with a clean slate: If you have been following the previous articles, you may well have project1 and project2 in the ‘work’ and ‘repository’…
Linux distributions still ship with the assumption that they will be multi-user systems, meaning resource limits are set for a normal human doing day-to-day desktop work. For a…
Introduction htop is a tool in Linux that allows you to monitor your system’s vital resources and the processes (applications) that are running in near real-time. Because it is…
Prerequisites Since we’re focusing on Apache with mod_wsgi, we’ll need to have apache installed. You can follow this article specifically for detailed instructions or you can simply use…
You will need this if you are using custom location for log files. Below is example for Nginx where log files are directly created in /var/www/example.com/logs You can put…
Spark is Hadoop’s sub-project. Therefore, it is better to install Spark into a Linux based system. The following steps show how to install Apache Spark. Step 1: Verifying…
Hostname Change There are 4 steps in a hostname change, luckily all the steps are easy. Sysconfig/Network Open the /etc/sysconfig/network file with your favorite text editor. Modify the HOSTNAME= valu…
Hi, After a couple of days figuring how to get this setup working I was able to crack it, so I am sharing it with the world in…
Introduction Security is crucial to any environment whether the systems are running in a local office or a remote data center. It is also important to note that…
AWS Keymaster is a simple utility that allows you to import your own personal key pair into all AWS regions with a single command. Distributed as a single binary…
Install Sysstat in Linux # yum -y install sysstat 6 Vmstat Command Examples in Linux 1. List Active and Inactive Memory In the below example, there are six…
1. Listing all the LISTENING Ports of TCP and UDP connections Listing all ports (both TCP and UDP) using netstat -a option. # netstat -a | more Active Internet connections…
Installing IPTraf IPTraf is part of the Linux distribution and can be installed on RHEL , CentOS and Fedora server’s using yum command from terminal. # yum install iptraf Under&nb…
recently made a setup at work where I had a Nginx server facing the user, which would forward requests to a service running behind an AWS Elastic Load Balancer (aka. ELB). That…
ifconfig ifconfig is a basic network information and configuration tool. On a working Cloud Server, its output may look something like this: # ifconfig eth0 Link encap:Ethernet HWaddr…
Common invocations of MegaCLI Get an Overview of controllers and attached disk arrays ./MegaCli64 -AdpAllInfo -aALL (extracted info below)./MegaCli64 -CFGDsply -aALL shows same info, with same verbosity Adapter…
Step 1: Installing Monit By default, Monit tool is not available from the system base repositories, you need to add and enable third partyepel repository to install monit package under your RHEL/…
Choices Well, there are two routes you could take here. Firstly, you can add multiple projects to an existing subversion repository. This technique is discussed here. Secondly, you…
Prerequisites Since we’re focusing on Apache with mod_python, we’ll need to have apache installed. You can follow this article specifically for detailed instructions or you can simply use the…
he Swift filesystem for Hadoop (swiftfs, for short) is a Hadoop file system implementation that allows applications such as MapReduce, Pig, and Hive to read and write directly…
When configured, lsyncd is a replication service that will run on the “master” server to ensure the same data exists on all “slave” servers. The lsyncd process monitors the web…
Prerequisites So here we go, here is all the packages that you are going to need to install to get this running for you. Luckily CentOS, my free…
Abstract SQL Injection is an attack on the database via the addition of malicious code, mostly in the form of SQL queries, passed into a string that reaches…
Using chmod – symbolic mode chmod The basic format for chmod looks something like: chmod [permissions] [file1 file2 file3…] The chmod command looks a lot like chown —…
An Introduction to Linux Permissions Introduction Linux is a multi-user OS that is based on the Unix concepts of file ownership and permissions to provide security, at the file system level. If…
Percona maintains Ubuntu repos for their products. Below is process to install it quickly. Add GPG Key gpg –keyserver hkp://keys.gnupg.net –recv-keys 1C4CBDCDCD2EFD2A gpg -a –export CD2EFD2A | sudo…
cURL supports formatted output for the details of the request ( see the cURL manpagefor details, under “-w, –write-out <format>” ). For our purposes we’ll focus just on the…
dsh – distributed shell DSH is Distributed Shell. It allows you to run shell commands on multiple servers at once and gather see their output in local terminal. Install Install On…
Introduction MySQL is a popular open source relational database. The popularity of MySQL means there is an abundance of information online and well documented client libraries available. MySQL…
Introduction SSH can handle authentication using a traditional username and password combination or by using a public and private key pair. The SSH key pair establishes trust between…
The DNS add-on allows your services to have a DNS name in addition to an IP address. This is helpful for simplified service discovery between applications. More info…
Explanation of Kubernetes Audit logging and an example of some policy configurations. Overview Kubernetes Auditing is part of the kube-apiserver, and will log all requests that the API Server…
How To Install Java on CentOS and Fedora Introduction This tutorial will show you how to install Java on CentOS 7 (also 5, 6, 6.5), Fedora 20, and…
Introduction Renaming a database should be used with extreme caution. Be sure to backup the database first and confirm the new database before removing the old database. Requirements…
# Install helm https://docs.helm.sh/using_helm/ then run:helm repo add coreos https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/ helm dep update helm install coreos/prometheus-operator –name prometheus-operator –na…
Backup MongoDB Database Backing up all MongoDB databases can be accomplished by running the following command. This will create a “dump” directory in the current working directory containing…
Checking system load If the demands being placed on a running program cause it to request excessive resources from your server this can lead to poor performance and…
MySQL’s, and MariaDB’s, strict mode controls how invalid or missing values in data changing queries are handled; this includes INSERT, UPDATE, and CREATE TABLE statements. With strict mode…
Create the Django Application Firstt, move to your home directory and go into your public_html/domain1.com folder (if you don’t have one, create one and give it the name…
Linux file permissions are strange and wondrous things. Start down the path of understanding by looking at the core concepts behind them before moving on to practical applications.…
Automation Automating tasks relieves a lot of the repetitive nature from the role of a sysadmin. The tasks are still important but automation can leave you time to…
Create the Directory Layout In this example we’ll be creating two domains, domain1.com and domain2.com As the default permissions only allow us, the ‘demo’ user, to browse our…
The Amazon ECS container agent can authenticate with private registries, including Docker Hub, using basic authentication. When you enable private registry authentication, you can use private Docker images…
Introduction IPFire is an Open Source Linux-based firewall distribution that can be configured to provide additional security for your data center. It contains VirtIO kernel modules and offers…
OpenStack can be deployed by running PackStack interactively. PackStack supports the creation of both single node and multiple node OpenStack deployments. Note The procedure below lists all the…
enkins-groovy-scripts Credentials Decode hashed secret println(hudson.util.Secret.decrypt(“ENCODED_VALUE”)) Encode value println(hudson.util.Secret.fromString(“alamakota”).getEncryptedValue()) ech…
As of Jan 29 2017, almost all Kubernetes networking documentation assume that the Kubernetes cluster runs in some kind of public or private cloud technology. For example, Openstack, AWS…
Swap is space on a disk that is reserved to be used as virtual memory. When a Linux server runs out of memory, the kernel can move inactive…
Spark Core is the base of the whole project. It provides distributed task dispatching, scheduling, and basic I/O functionalities. Spark uses a specialized fundamental data structure known as…
1. Preparing the system 1.1. Setting up the partition layout Your hard disk (hda) should contain at least three partitions: At this point, both hda1 and hda2 are…
Step 1: ensure your server has the GRUB-2 boot loader. Most newer servers from OVH do, as do all VPS/Cloud installations. You can have a quick look to…
In this example, it will show information like tasks, memory, cpu and swap. Press ‘q‘ to quit window. # top 2. Sorting with -O (Uppercase Letter ‘O’). Press (Shift+O) to Sort field via…
Introduction MySQL is a popular open source relational database. The popularity of MySQL means there is an abundance of information online and well documented client libraries available. MySQL…
If you run your own mail server you’ll want it to run spam filtering software to reduce the number of unsolicited emails your users receive. SpamAssassin is an…
Introduction MongoDB is a versatile NoSQL database that stores data objects as JSON documents. Requirements Add the Repository Some Linux distributions may already provide the MongoDB packages in…
Introduction MySQL is a popular open source relational database. The popularity of MySQL means there is an abundance of information online and well documented client libraries available. MySQL…
So you’ve got an admin panel because it’s just easier than fiddling with the Rails console to administer the application. On the other hand, it’s a pretty sensitive…
Private Docker Registry in Kubernetes Kubernetes offers an optional private Docker registry addon, which you can turn on when you bring up a cluster or install later. This…
This tutorial shows you how to set up strong SSL security on the nginx webserver. We do this by updating OpenSSL to the latest version to mitigate attacks…
Installing psacct or acct Packages psacct or acct both are similar packages and there is not much difference between them, but the psacctpackage only available for rpm based distributions such as …
In order to run elasticsearch as a service on your operating system, the provided packages try to make it as easy as possible for you to start and…
The iotop utility provides an easy-to-use interface for monitoring swap and disk I/O on a per-process basis. Watching the disk Sometimes you get more disk activity on your…
Prerequisites Keep in mind besides having apache and mod_ssl installed, you will need to have an IP address for this SSL cert and a unique IP address for…
This article briefly describes a method of identifying which network interfaces on a Linux server are associated with which IP addresses. IPv4 You can get a simple list…
Install and Configure collect You will need to install the following for this next section. Once installed you now need to configure collectd to utilize the proxy we…
About Nginx Nginx is a high performance web server software. It is a much more flexible and lightweight program than Apache HTTP Server. This tutorial will teach you…
Elasticsearch users have delightfully diverse use cases, ranging from appending tiny log-line documents to indexing Web-scale collections of large documents, and maximizing indexing throughput is often a common…
This document describes how to enable TLS for kube-registry. Before you start, please check if you have all the prerequisite: Pack domain.crt and domain.key into a Secret $…
To prepare a Windows 10 computer to make an L2TP VPN connection, you must configure the L2TP connection in the network settings. The exact steps could be slightly different,…
owTo: Rotate Logs to S3 This article will talk about how to use logrotate to rotate your logs to S3. Here we specifically are using Gentoo Linux, and we can find…
A complete guide to git-svn conversions Our goal is to do a complete conversion of our Subversion repository and end up with a bare Git repository acceptable for sharing with…
Create the Django Application First, move to your home directory and go into your public_html/domain1.com directory (if you don’t have one, create one and give it the name…
How to Install tcpdump in Linux Many of Linux distributions already shipped with tcpdump tool, if in case you don’t have it on systems, you can install it using following…
By default, the containers allows for service discovery through the use of dynamic environment variables that are similar to the Docker syntax. For example: Kubernetes also provides support…
Here we look at the basic scripting options for dstat as well as an overview of its external modules. All-powerful Well, not that. But it can feel a…
Overview Readers will learn how to enable WAN failover on the EdgeRouter. EdgeMAX can handle multiple WANs with failover. For a more recent article that shows this implementation…
Introduction Nginx is a popular light-weight and high performance web server and commonly used as a proxy. It is quite flexible and a good alternative to Apache. Requirements…
x11vnc x11vnc is a VNC server that is not dependent on any one particular graphical environment. Also, it facilitates using in a minimal environment, as it has a tcl/tk…
For a flexible reporting tool that can yield information ranging from CPU use to the top I/O-consuming process look no further than dstat. All-seeing Well, maybe not “all-seeing”,…
We will provide instructions for Installing Munin Monitoring Systems on Ubuntu and Centos/Fedora/Redhat. Munin is a monitoring system that will provide you with your Server stats on a…
Introduction Encrypting removable devices (USB flash drives, external hard drives, etc) provides a method to guarantee data security in the event of loss, theft or confiscation. When backing up…
Authenticating proxy with nginx With this method, you implement basic authentication in a reverse proxy that sits in front of your registry. While this model gives you the…
Update Repositories We need to update the aptitude repository indexes. Type the following command to do this: # sudo aptitude update Installing Prerequisites Next we need to install…
The UNIX family has always provided abundantly for its users. UNIX is a treasure chest of tools with which you can not only do productive work but also…
Pre-Flight Check Managed WordPress sites installed via the Sites tab in Manage automatically are backed up each day, with the server retaining the 10 most recent backups. You…
Here is how: $ gem install fluentd $ gem install fluent-plugin-s3 $ touch fluentd.conf fluentd.conf should look like this (just copy and paste this into fluentd.conf): <source> type syslog…
Introduction Elasticsearch is an efficient “distributed restful search and analytics” service built on top of Apache Lucene. Individual indices store JSON documents that can be accessed and managed…
Environment Issue Resolution Note: Downgrading a system to minor version (ex: RHEL6.1 to RHEL6.0) is not recommended as this might leave the system in broken state where libgcc and…
Prior to making direct edits to the firewall configuration file or changing advanced firewall settings in WHM, a backup of the current configuration should be taken so that…
tep 1Download a CentOS 6 VM from http://virtual-machine.org/. Step 2Download the latest Greenplum binaries for RedHat Enterprise Linux 6 from http://network.pivotal.io
Introduction to WinSCP WinSCP is an open-source, free sftp and ftp client for Windows. Its main function is safe copying and transfer of files between local and remote…
The grep utility provides users of most Unix-like operating systems with a tool to search and filter text using a common regular expression syntax. Indeed, grep is so ubiquitous that the verb…
Introduction A Linux host running rsyslog can send all or individual logs to another rsyslog host over a TCP or UDP connection. This is necessary to preserve the integrity of the log…
IFTOP Pre-requisite Install libpcap and libncurses Installation of the libpcap and libncurses library with YUM command as shown below for error-free iftop installation. # yum -y install libp…
MySQL Master-Master Replication This article is about setting up MySQL Master-Master database replication between two Cloud Servers. Master-Master data replication allows for replicated data, stored on multiple computers…
Introduction Git is a release/version control system which has become an indispensable part of the programming process. It is a system that allows us to store and manage our…
Primary certificate and intermediate certificate.You should have received a your_domain_name.pem file from DigiCert in an email when your certificate was issued. This .pem file contains both your primary certif…
all drives connected, boot the UAC and create a RAID 0 off of the SSD and RAID 1 from both 3.5″ drives still in the UAC set the SSD RAID 0 as primary boot device shutdown and unplug the storage drives boot Ubuntu live CD…
Introduction SSH can handle authentication using a traditional username and password combination or by using a public and private key pair. The SSH key pair establishes trust between…
. Nexus Provides a separate REST API to retrieve files when interpreting the maven-metadata.xml is required. The syntax looks like this: wget “http://repository.sonatype.org/service/local/artifact/maven/c…
Etcd Volume EncryptionYou must configure etcd volume encryption before bringing up your cluster. You cannot add etcd volume encryption to an already running cluster. Encrypting Etcd Volumes Using…
Syntax The syntax of ip-ranges.json is as follows. syncTokenThe publication time, in Unix epoch time format. Type: String Example: “syncToken”: “1416435608”createDateThe publication…
– netstat -ntu | awk ‘ $5 ~ /^[0-9]/ {print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n netstat with group by (ip adress)…
Introduction One of the more popular products on the market right now is NewRelic for application monitoring. What’s cool is you can also use their Server product to…
Anyone who has spent time developing Spark applications (or any other distributed application for that matter) has probably wished for some x-ray goggles into the black-box machinery of the framework.…
In order to connect to a SSL enabled Redis from cli you would need to first install stunnel: yum install stunnel then in the configuration file add: cat…
Combine the above crt files into a bundle (the order matters, here):cat www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt Store the bun…
This tutorial will walk you through installing the command-line FTP client commonly known as ‘ftp’. This application is available by default on most distributions with a standard install…
Step 1: Install Java 8 (JDK 8)Open terminal and enter the following commands.sudo add-apt-repository -y ppa:webupd8team/javasudo apt-get updateecho debconf shared/accepted-oracle-license-v1-1 select true | sudo debconf-s…
Introduction This article and the image have been created by a joint effort between Bacula Systems S.A, bytemine GmbH, and ProfitBricks GmbH. We offer an image with a…
ExternalDNS is a relatively new Kubernetes Incubator project that makes Ingresses and Services available via DNS. It currently supports AWS Route 53 and Google Cloud DNS.…
Apache Install A basic Apache install is very easy: # sudo aptitude install apache2 apache2.2-common apache2-mpm-prefork apache2-utils libexpat1 ssl-cert ServerName Towards the end of the install you will…
Introduction Nginx is a high performance web server that is responsible for handling the load of some of the largest sites on the internet. It is especially good…
Traditional storage management I use the phrase traditional storage management to describe the process of partitioning, formatting, and mounting storage capacity from a basic hard disk drive. I contrast this…
One of the reasons why you may consider setting up a local apt repository server is to minimize the bandwidth required if you have multiple instances of Ubuntu…
Before you begin Before shrinking a WSL2 virtual disk, you need to ensure that WSL2 is not running. You can check if it’s running with the command ‘wsl.exe…
This guide walks you through how to configure strongSwan for integration with Google Cloud VPN. This information is provided as an example only. This guide is not meant to be a…
Microservices often communicate with each other to fulfill complex business operations, creating security and scaling challenges. Mutual Transport Layer Security (mTLS) can help. Here’s how to get started.…
Nowadays, more companies move their application to the cloud. Mostly on AWS, GCP or Azure. Using cloud infrastructure reduce their investment in hardware purchase or managing server infrastructure.…
Sometimes you get into a situation where you need to delete all files in a directory or simply cleanup a directory by removing all files except files of a given…
SSH jump hosts are employed as an alternative to SSH tunneling to access internal machines through a gateway. The idea is to use ProxyCommand to automatically execute the ssh command on remote…
IP QUERIES addr Display IP Addresses and property information(abbreviation of address)ip addrShow information for all addressesip addr show dev em1Display information only for device em1 link Manage and…
When using windows Hello for authentication for some reason RDS does not work. a workaround for this is to:
then delete:
Issue:AWS Lambda function times out, even though the code runs fine locally or in a test environment. Context:This happens a lot, especially when calling external APIs, accessing RDS,…
Issue:S3 bucket returns Access Denied when trying to read/write objects, even though the IAM policy looks correct. Context:Happens a lot. You create a bucket, attach a policy to…
Issue:EC2 instance stuck in “stopping” state and doesn’t terminate or respond to normal stop/start actions. Context:This happens fairly often. Users on forums run into it when trying to…