Wednesday, January 29, 2020

Disable ipv6 on Linux

add ipv6.disable=1 in /etc/default/grub:

 vi /etc/default/grub

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="resume=/dev/mapper/fedora-swap ipv6.disable=1 rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet"
GRUB_DISABLE_RECOVERY="true"

Attach below line in /etc/sysctl.conf

      net.ipv6.conf.all.disable_ipv6 = 1
      net.ipv6.conf.default.disable_ipv6 = 1
      net.ipv6.conf.lo.disable_ipv6 = 1

Regenerate grub.cfg
grub2-mkconfig -o /boot/grub2/grub.cfg 

DevOps - Resources



Thursday, January 23, 2020

Configure Server-Client Certificate for Jenkins

http://xacmlinfo.org/2014/06/13/how-to-keystore-creating-jks-file-from-existing-private-key-and-certificate/
http://sam.gleske.net/blog/engineering/2016/05/04/jenkins-with-ssl.html

How to Creat JKS KeyStore file from existing private key and certificate

# openssl pkcs12 -export -in jenkins.pem -inkey jenkins.key -certfile jenkins.pem -out jenkins_keystore.p12

# keytool -importkeystore -srckeystore jenkins_keystore.p12 -srcstoretype pkcs12 -destkeystore jenkins_keystore.jks -deststoretype JKS

Import CA Cert and SubRoot Cert
# keytool -import -trustcacerts -alias go-root -file cot-root.cert -keystore jenkins_keystore.jks -storepass "xxxxxxxx"


# keytool -import -trustcacerts -alias go-sub -file cot-sub.cert -keystore jenkins_keystore.jks -storepass "xxxxxxxx"

mkdir -p /etc/ssl/jenkins
cp jenkins_keystore.jks /etc/ssl/jenkins/

#configure permissions to secure your keystore
chown -R jenkins: /etc/ssl/jenkins
chmod 700 /etc/ssl/jenkins
chmod 600 /etc/ssl/jenkins/jenkins_keystore.jks

#disable HTTP
#JENKINS_PORT="-1"

#configure HTTPS
JENKINS_HTTPS_PORT="8443"
JENKINS_HTTPS_KEYSTORE="/etc/ssl/jenkins/jenkins_keystore.jks"
JENKINS_HTTPS_KEYSTORE_PASSWORD="xxxxxxxx"
JENKINS_HTTPS_LISTEN_ADDRESS="127.0.0.1"

Monday, January 13, 2020

Install DBD::Oracle


wget https://download.oracle.com/otn_software/linux/instantclient/195000/oracle-instantclient19.5-basic-19.5.0.0.0-1.x86_64.rpm

yum install perl-CPANPLUS -y

yum install //download.oracle.com/otn_software/linux/instantclient/195000/oracle-instantclient19.5-devel-19.5.0.0.0-1.x86_64.rpm -y

/usr/lib/oracle/19.5/client64/lib

export C_INCLUDE_PATH="/usr/include/oracle/19.5/client64"

cpanp
CPAN Terminal> i DBD::Oracle


Monday, January 6, 2020

Kubernetes: Deploy Application

https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app

git clone https://github.com/GoogleCloudPlatform/kubernetes-engine-samples
cd kubernetes-engine-samples/hello-app
export PROJECT_ID=feipoc

Build and publish docker image

docker build -t feijiangnan/${PROJECT_ID}/hello-app:v1 .

docker push feijiangnan/${PROJECT_ID}/hello-app:v1

 docker push feijiangnan/feipoc:v1
The push refers to repository [docker.io/feijiangnan/feipoc]
29696f6ceea7: Pushed
6b27de954cca: Pushed
v1: digest: sha256:46c0116c6a4f0e90350e9dabed603d28c7c9775bd354c38eac18ccc9c99d502c size: 739

Create Deployment

kubectl create deployment hello-web --image=docker.io/feijiangnan/feipoc:v1

Delete Deployment

kubectl delete deployment hello-web
kubectl create deployment hello-web --image=docker.io/feijiangnan/feipoc:v1

Validate Deployment

kubectl describe pod hello-web-848b6b9bd-4vbz5
kubectl get pod

kubectl expose deployment hello-web --type=LoadBalancer --port 80 --target-port 8080

Scale Out Deployment

kubectl scale deployment hello-web --replicas=3

Display the prior Deployments

kubectl rollout history deployment hello-web

Restore last Deployment

kubectl rollout undo deployment hello-web