• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

Archives for July 2019

GCP Load Balancer Local Routing Table

July 29, 2019

Test if the GCP Load Balancer is working by sending a curl command from the backend VM.

Assume the load balancer IP address is 10.1.2.99, and the VM is called vm-a1.

curl http://10.1.2.99

curl http://10.1.2.99

The end result is …

Page served from: vm-a1

Page served from: vm-a1

Make sure there’s an entry in the local table that matches the IP of the load balancer.

ip route show table local | grep 10.1.2.99

ip route show table local | grep 10.1.2.99

If not, add it.

ip route add to local 10.1.2.99/32 dev eth0 proto 66

ip route add to local 10.1.2.99/32 dev eth0 proto 66

Documentation

Filed Under: Cloud, Linux Tagged With: curl, gcp, load balancer, local, route, table

Chrony Service

July 28, 2019

The chrony service actually does not change the time. The misconception is that the chrony service is setting the time given by the NTP server. This is not what’s happening. The chrony service is just telling the system clock to go faster or slower. This is the reason why sometimes even though the time is wrong and the NTP server is working, the time does not get corrected immediately. It takes a little while.

Filed Under: Linux Tagged With: chrony, ntp, service, time

NFS Fails to Mount on Bootup

July 28, 2019

Check if rpcbind is running.

service rpcbind status|start|stop|restart

service rpcbind status|start|stop|restart

Or you can also clean the NFS cache.

service rpcbind stop
service nfslock stop
rm -rf /var/lib/nfs/statd/sm/*
rm -rf /var/lib/nfs/statd/sm.bak/*
service rpcbind start
service nfslock start

service rpcbind stop service nfslock stop rm -rf /var/lib/nfs/statd/sm/* rm -rf /var/lib/nfs/statd/sm.bak/* service rpcbind start service nfslock start

Filed Under: Linux Tagged With: aws, nfs, restart, rpcbind

AWS S3 Upload Policy

July 26, 2019

Give someone upload access to a S3 bucket. Here’s the policy.

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListAllMyBuckets"
         ],
         "Resource":"arn:aws:s3:::*"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource":"arn:aws:s3:::your-bucket-name"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:DeleteObject"
         ],
         "Resource":"arn:aws:s3:::your-bucket-name/*"
      }
   ]
}

{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:ListAllMyBuckets" ], "Resource":"arn:aws:s3:::*" }, { "Effect":"Allow", "Action":[ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource":"arn:aws:s3:::your-bucket-name" }, { "Effect":"Allow", "Action":[ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource":"arn:aws:s3:::your-bucket-name/*" } ] }

Filed Under: Cloud Tagged With: aws, bucket, policy, s3, upload

TrendMicro Security Agent

July 25, 2019

How to start/stop/restart/status TrendMicro Security agent.

/etc/init.d/ds_agent start
/etc/init.d/ds_agent stop
/etc/init.d/ds_agent restart
/etc/init.d/ds_agent status
/etc/init.d/ds_agent reset

/etc/init.d/ds_agent start /etc/init.d/ds_agent stop /etc/init.d/ds_agent restart /etc/init.d/ds_agent status /etc/init.d/ds_agent reset

Check if installed.

rpm -qa | grep 'ds_agent'

rpm -qa | grep 'ds_agent'

Install with verbose and hash.

rpm -ivh package-name

rpm -ivh package-name

Uninstall with verbose.

rpm -ev package-name

rpm -ev package-name

Filed Under: Linux Tagged With: agent, install, rpm, security, trendmicro, uninstall

SSSD Issues Redhat 7

July 25, 2019

Some cache to clear.

service sssd stop
rm -r /var/lib/sss/db/*
rm -r /var/lib/sss/mc/*
service sssd start

service sssd stop rm -r /var/lib/sss/db/* rm -r /var/lib/sss/mc/* service sssd start

Rejoin domain. Run sssd script. Restart sssd.

Filed Under: Linux Tagged With: redhat 7, sssd

AWS EC2 Enable Secondary IPs

July 25, 2019

Here’s how to enable secondary private IPs for AWS EC2 instances.

  1. Add secondary private IPs to the instance.
    • Editing the instance Networking > Manage IP Addresses.
    • Add new private IP addresses.
    • Save.
  2. Set the route configuration for each secondary IP address.
    • Config files are ifcfg-eth0:0, ifcfg-eth:0.1 and so on.
    • Test each interface or IP to see if they respond to ping.
    • /etc/sysconfig/network-scripts/

ifcfg-eth0:0

NM_CONTROLLED="no"
DEVICE="eth0:0"
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="10.0.0.14"
NETMASK="255.255.255.255"

NM_CONTROLLED="no" DEVICE="eth0:0" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.14" NETMASK="255.255.255.255"

ifcfg-eth0:1

NM_CONTROLLED="no"
DEVICE="eth0:1"
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="10.0.0.15"
NETMASK="255.255.255.255"

NM_CONTROLLED="no" DEVICE="eth0:1" ONBOOT="yes" BOOTPROTO="static" IPADDR="10.0.0.15" NETMASK="255.255.255.255"

Filed Under: Cloud, Linux Tagged With: aws, ec2, ip address, network, private, route, secondary

SFTP with AWS Keys

July 24, 2019

How to use SFTP with AWS Keys.

sftp -i "yourkey" ec2-user@your-server

sftp -i "yourkey" ec2-user@your-server

To copy files to server. File will copied to user’s home directory.

sftp> put file.txt .

sftp> put file.txt .

Filed Under: Cloud, Linux Tagged With: aws, key, sftp, ssh

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »
  • Home
  • About
  • Archives

Copyright © 2023