cloud engineer
Test if the GCP Load Balancer is working by sending a curl command from the backend VM.
Assume the load balancer IP address is 10.1.2.99, and the VM is called vm-a1.
curl http://10.1.2.99 |
curl http://10.1.2.99
The end result is …
Page served from: vm-a1 |
Page served from: vm-a1
Make sure there’s an entry in the local table that matches the IP of the load balancer.
ip route show table local | grep 10.1.2.99 |
ip route show table local | grep 10.1.2.99
If not, add it.
ip route add to local 10.1.2.99/32 dev eth0 proto 66 |
ip route add to local 10.1.2.99/32 dev eth0 proto 66
The chrony service actually does not change the time. The misconception is that the chrony service is setting the time given by the NTP server. This is not what’s happening. The chrony service is just telling the system clock to go faster or slower. This is the reason why sometimes even though the time is wrong and the NTP server is working, the time does not get corrected immediately. It takes a little while.
Check if rpcbind is running.
service rpcbind status|start|stop|restart |
service rpcbind status|start|stop|restart
Or you can also clean the NFS cache.
service rpcbind stop service nfslock stop rm -rf /var/lib/nfs/statd/sm/* rm -rf /var/lib/nfs/statd/sm.bak/* service rpcbind start service nfslock start |
service rpcbind stop service nfslock stop rm -rf /var/lib/nfs/statd/sm/* rm -rf /var/lib/nfs/statd/sm.bak/* service rpcbind start service nfslock start
Give someone upload access to a S3 bucket. Here’s the policy.
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:ListAllMyBuckets" ], "Resource":"arn:aws:s3:::*" }, { "Effect":"Allow", "Action":[ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource":"arn:aws:s3:::your-bucket-name" }, { "Effect":"Allow", "Action":[ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource":"arn:aws:s3:::your-bucket-name/*" } ] } |
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:ListAllMyBuckets" ], "Resource":"arn:aws:s3:::*" }, { "Effect":"Allow", "Action":[ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource":"arn:aws:s3:::your-bucket-name" }, { "Effect":"Allow", "Action":[ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource":"arn:aws:s3:::your-bucket-name/*" } ] }
How to start/stop/restart/status TrendMicro Security agent.
/etc/init.d/ds_agent start /etc/init.d/ds_agent stop /etc/init.d/ds_agent restart /etc/init.d/ds_agent status /etc/init.d/ds_agent reset |
/etc/init.d/ds_agent start /etc/init.d/ds_agent stop /etc/init.d/ds_agent restart /etc/init.d/ds_agent status /etc/init.d/ds_agent reset
Check if installed.
rpm -qa | grep 'ds_agent' |
rpm -qa | grep 'ds_agent'
Install with verbose and hash.
rpm -ivh package-name |
rpm -ivh package-name
Uninstall with verbose.
rpm -ev package-name |
rpm -ev package-name
Some cache to clear.
service sssd stop rm -r /var/lib/sss/db/* rm -r /var/lib/sss/mc/* service sssd start |
service sssd stop rm -r /var/lib/sss/db/* rm -r /var/lib/sss/mc/* service sssd start
Rejoin domain. Run sssd script. Restart sssd.
Here’s how to enable secondary private IPs for AWS EC2 instances.
ifcfg-eth0:0
NM_CONTROLLED="no" DEVICE="eth0:0" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.14" NETMASK="255.255.255.255" |
NM_CONTROLLED="no" DEVICE="eth0:0" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.14" NETMASK="255.255.255.255"
ifcfg-eth0:1
NM_CONTROLLED="no" DEVICE="eth0:1" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.15" NETMASK="255.255.255.255" |
NM_CONTROLLED="no" DEVICE="eth0:1" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.15" NETMASK="255.255.255.255"
How to use SFTP with AWS Keys.
sftp -i "yourkey" ec2-user@your-server |
sftp -i "yourkey" ec2-user@your-server
To copy files to server. File will copied to user’s home directory.
sftp> put file.txt . |
sftp> put file.txt .