Author Archives: admin

yum install epel-release -y yum install python-pip -y pip2 install –upgrade –user pip pip install –upgrade pip pip2 install –user “setuptools<45” pip install ansible pip install netapp-lib solidfire-sdk-python yum install git -y git clone https://github.com/ansible/ansible.git ~/ansible-devel cd ~/ansible-devel git pull … Continue reading →

{ “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “s3:ListBucket” ], “Resource”: [ “arn:aws:s3:::bucketname” ] }, { “Effect”: “Allow”, “Action”: [ “s3:PutObject”, “s3:GetObject”, “s3:DeleteObject” ], “Resource”: [ “arn:aws:s3:::bucketname/*” ] } ] }

Create a Dockerfile in your project Then, run the commands to build and run the Docker image: Visit http://localhost:8080 and you will see It works! Without a Dockerfile If you don’t want to include a Dockerfile in your project, it is sufficient to do the following: Configuration … Continue reading →

linux routing example

setup quota on CentOS 7

http://uadmin.nl/init/wp-content/uploads/2019/06/def_prep_2.pdf

Use cups to print to tty. 1. Install cups yum install -y cups 2. Enable cups systemctl enable cups 3. Start cups systemctl start cups 4. Create printer    lpadmin -p terminal2 -v serial:/dev/pts/2 -m raw 5. Enable terminal2 and … Continue reading →

How to setup a single node vsim netapp cluster on virtual box. Flow by Martin Eijmans flow http://uadmin.nl/init/wp-content/uploads/2019/02/me_flow.pdf

1. run the command to create a password hash. grub2-mkpasswd-pbkdf2 2. edit the following file like this vi /etc/grub.d/01_users #!/bin/sh -e cat << EOF     set superusers=”root”     password_pbkdf2 root grub.pbkdf2.sha512.10000.6A9A780AF06AFA821060956BC089B89A4F5A24F593268FED5DB42978EC7F956BD51FC7BB815B2ABF0BA8EC7F96DA7444B6254725505E06BED12C4AA97485CBFF.AF4A12B70E499340EF97720EF21434A55F1D124B9B9D062413314C8B554197235A525FD0F73C24FBDAF534F5A54CA576FDBF3456526A520BA5F087696B5F8047 EOF 3. apply the password to grub … Continue reading →

ansible_guide_v1This pdf introduces ansible. Installing Ad-Hoc commands Playbooks ansible_guide_v1

ansible_guide

loops_branches

#create and allow readonly to the role via the cluster management lif security login role create -role peterr -cmddirname DEFAULT -access readonly #allow access to svm_blue (all access) security login role create -role peterr -cmddirname “volume qtree” -query “-vserver svm_blue” … Continue reading →

exam_tips

intro

apt-get install software-properties-common apt-get update apt-get install ansible now change the hosts file in /etc/ansible make sure you have publickey login on the hosts e.g. run: ssh-copy-id root@host1 then check with ansible: ansible -m ping all some adhoc examples: list … Continue reading →

– hosts: linvms user: root vars: #password is ‘yourpass’ password: $1$xyz$X5pC0RUqKE5mOgXcDDgFk0 tasks: – user: name=peter password={{password}}

$ ansible atlanta -m copy -a “src=/etc/hosts dest=/tmp/hosts” $ ansible webservers -m file -a “dest=/srv/foo/a.txt mode=600” $ ansible webservers -m file -a “dest=/srv/foo/b.txt mode=600 owner=linuser group=linuser” $ ansible webservers -m file -a “dest=/path/to/c mode=755 owner=linuser group=linuser state=directory” $ ansible webservers … Continue reading →

$ cat p1.yml — – hosts: linvms vars: http_port: 80 max_clients: 200 remote_user: root tasks: – name: ensure apache is at the latest version yum: name: httpd state: latest – name: write the apache config file template: src: /etc/httpd/conf/httpd.conf dest: … Continue reading →

# cat ifcfg-ens224 TYPE=Ethernet BOOTPROTO=none NAME=ens224 UUID=60edd252-25eb-4396-baca-f7b09a3bec5e DEVICE=ens224 ONBOOT=yes # cat ifcfg-ens224.2 TYPE=Vlan BOOTPROTO=none NAME=ens224.2 UUID=60edd252-25eb-4396-baca-f7b09a3bec5e DEVICE=ens224.2 IPADDR=192.168.2.11 PREFIX=24 ONBOOT=yes VLAN=yes

rsa quick overview and example

Alice_Bob_Eve

diffie_hellman

CLUSTERED SIMULATE ONTAP LICENSES +++++++++++++++++++++++++++++++++ These are the licenses that you use with the clustered Data ONTAP version of Simulate ONTAP to enable Data ONTAP features. There are four groups of licenses in this file: – cluster base license – … Continue reading →

vsim_makedisks

Module4

This page contains some PDFs with linux network exercises. 1. ssh autologin 2. ip binding Centos 7 3. linux nfs 4. cron 5. systemctl

#!/bin/bash if [ $# -ne 5 ] then echo “usage: $0 <start_count> <end_count> <device_to_read_from><output_filename>” echo “example: $0 1 500 /dev/sda 4096 run1” exit fi skip=0 for i in `seq $1 $2` do dd if=$3 of=${5}.$i count=1 bs=$4 skip=$skip ((skip+=1)) done

splitfile

TIME_ex

firewalld_ex

def_exam_prep

del script #!/usr/bin/bash TRASH=/trash DB=/trash/db touch /trash/db mkdir ${TRASH} 2> /dev/null if (($# == 0)) then echo “usage: del ” fi FILE=`basename $1` DIR=`dirname $1` DIR=`echo $DIR|sed ‘s/\//_/g’` SUFFIX=`date +%Y_%m_%d_%H_%M_%S` FILE=${FILE}_${SUFFIX}_$DIR ID=`wc -l ${DB}|awk ‘{print $1}’` echo $ID ((ID+=1)) echo … Continue reading →

NFS_autofs

LVM_ex

NFS client and server

NFS client and server LVM ip binding systemd SElinux nfs autofs working in the shell firewalld date and ntp scripts splitfile Cron

CERT_GUIDE_EX2_PDF

exmil

CERT_GUIDE_EX_PDF

create a service file. cp /lib/systemd/system/crond.service \ /lib/systemd/system/sleep.service edit the service file. vi /lib/systemd/system/sleep.service [Unit] Description=sleep service [Service] ExecStart=/usr/sbin/sleep.sh KillMode=process [Install] WantedBy=multi-user.target create a script to be executed. vi /usr/sbin/sleep.sh #!/usr/bin/bash sleep 1000 make the script executable chmod +x /usr/sbin/sleep.sh … Continue reading →

Create the directory structure mkdir -p /var/www/html/www.vhost1.com mkdir -p /var/www/html/www.vhost2.com Create test web pages for each virtual host echo “vhost1” > /var/www/html/www.vhost1.com/index.html echo “vhost1” > /var/www/html/www.vhost1.com/index.html echo “vhost2” > /var/www/html/www.vhost2.com/index.html Set up ownership and permissions chown -R apache:apache /var/www/html/www.vhost1.com chown … Continue reading →

To view compaction, dedupe and compression results. cl1::*> aggr show-efficiency -aggregate n2_aggr1 Name of the Aggregate: n2_aggr1 Node where Aggregate Resides: cl1-02 Logical Size Used by Volumes, Clones, Snapshot Copies in the Aggregate: 118.8MB Total Physical Used: 126.5MB Total Storage … Continue reading →

cl1::> snapmirror create -source-path svm1:vol1 -destination-path 192.168.4.244:/share/rfs/nfs -type xdp Operation succeeded: snapmirror create for the relationship with destination “192.168.4.244:/share/rfs/nfs”.

Docker service swarm web 4 nodes 6 containers PDF Docker service swarm web 4 nodes 6 containers PDF

1. Create a new SVM (SVMcl1) on cluster1 and add a LIF to the SVM: 192.168.0.200 vserver create -vserver SVMcl1 -rootvolume root -aggregate aggr1_n1 -rootvolume-security-style unix net int create -vserver SVMcl1 -lif lif1 -address 192.168.0.200 -netmask 255.255.255.0 -role data \ … Continue reading →

1. Create a new SVM (SVMcl1) on cluster1 and add a LIF to the SVM: 192.168.0.200 2. Add a 500MB volume (cl1data) to the SVM with junction-path: /data 3. Add an export-policy with a rule for the CentOS VM: (192.168.0.10) … Continue reading →

Redhat Clustering

cluster1::> system node autosupport invoke -type test -node node1

yum install -y https://rdo.fedorapeople.org/rdo-release.rpm

storage backends

If you do not specify a volume group, cinder will create his own volume group called cinder-volumes and use loopback devices for physical volumes. If you do create and specify a volume group, you should specify the volume group to … Continue reading →

statistics catalog instance show -object lif statistics catalog instance show -object volume statistics catalog counter show -object lif statistics catalog counter show -object volume statistics start -object lif -counter recv_data statistics stop statistics show -object lif

ceph

distribution constructor pfexec pkg install SUNWdistro-const mkdir -p /ips/manifests cp /usr/share/distro_const/dc_text_x86.xml /ips/manifests/ distro_const build /ips/manifests/dc_text_x86.xml

ssh hello

# svccfg –s svc:/system/identity:node setprop config/nodename = “myhost” # svcadm refresh svc:/system/identity:node # svcadm restart svc:/system/identity:node Configuring console keyboard layout: # svccfg –s keymap:default setprop keymap/layout = UK-English # svcadm refresh keymap # svcadm restart keymap Configuring system locale: # … Continue reading →

sync=standard This is the default option. Synchronous file system transactions (fsync, O_DSYNC, O_SYNC, etc) are written out (to the intent log) and then secondly all devices written are flushed to ensure the data is stable (not cached by device controllers). … Continue reading →

example with key zfs create -o encryption=on rpool/cryptfs Enter passphrase for ‘rpool/cryptfs’: Enter again: zfs snapshot rpool/cryptfs@snap1 zfs clone rpool/cryptfs@snap1 rpool/cryptclone Enter passphrase for ‘rpool/cryptclone’: Enter again: example with keyfile # pktool genkey keystore=pkcs11 keytype=aes keylen=128 label=mykey Enter PIN for … Continue reading →

Simple flowadm example. server1 – 192.168.4.142, nic-name – net0 client1 – 192.168.4.161 client2 – 192.168.4.6 On server1 that runs solaris 11 run the following commands: # flowadm add-flow -l net0 -a remote_ip=192.168.4.161 ssh-1 # flowadm add-flow -l net0 -a remote_ip=192.168.4.6 … Continue reading →

crossbow

Configuring ILB This section describes the steps for setting up ILB to use a half-NAT topology to load balance traffic among two servers. See the NAT topology implementation in ILB Operation Modes. How to Configure ILB Assume a role that … Continue reading →

How to Enable ILB Before You Begin Make sure that the system’s role-based access control (RBAC) attribute files have the following entries. If the entries are not present, add them manually. File name: /etc/security/auth_attr solaris.network.ilb.config:::Network ILB Configuration::help=NetworkILBconf.html solaris.network.ilb.enable:::Network ILB Enable … Continue reading →

Delegation of Solaris Zone Administration By darrenm on Jul 04, 2012 In Solaris 11 ‘Zone Delegation’ is a built in feature. The Zones system now uses finegrained RBAC authorisations to allow delegation of management of distinct zones, rather than all … Continue reading →

From the global zone enable link protection on vnic0: We can set different modes: ip-nospoof, dhcp-nospoof, mac-nospoof and restricted. ip-nospoof: Any outgoing IP, ARP, or NDP packet must have an address field that matches either a DHCP-configured IP address or … Continue reading →