Uly.me

cloud engineer

  • Home
  • About
  • Archives
Home/2020/Archives for February 2020

Archives for February 2020

February 27, 2020

Run Docker Compose

Here’s how to run docker-compose. I have an Icecast docker-compose.yml file. Icecast is an audio streaming server.

version: "2"
 
services:
  icecast:
    image: moul/icecast
    environment:
      - ICECAST_SOURCE_PASSWORD=secret
      - ICECAST_ADMIN_PASSWORD=secret
      - ICECAST_PASSWORD=secret
      - ICECAST_RELAY_PASSWORD=secret
    ports:
      - "8000:8000"
    restart: always

version: "2" services: icecast: image: moul/icecast environment: - ICECAST_SOURCE_PASSWORD=secret - ICECAST_ADMIN_PASSWORD=secret - ICECAST_PASSWORD=secret - ICECAST_RELAY_PASSWORD=secret ports: - "8000:8000" restart: always

To run Icecast in a container , I run docker-compose in the background.

docker-compose up -d

docker-compose up -d

Check to see if Icecast is running on your browser.

http://localhost:8000

http://localhost:8000

To stop the Icecast container, I simply stop the docker-compose.

docker-compose stop

docker-compose stop

Here are the other docker commands you can run.

docker images
docker ps
docker-compose ps

docker images docker ps docker-compose ps

Filed Under: Cloud Tagged With: docker, docker-compose, icecast, start, stop

February 26, 2020

GCP SDK Firewall Rule AH and ESP

Here’s how to add a GCP firewall rule with the AH (authentication header) and ESP (Encapsulating Security Payload) protocols.

gcloud compute firewall-rules update "firewall-name" \
    --description="firewall description" \
    --priority "1000" \
    --target-service-accounts="service-account@gserviceaccount.com" \
    --destination-ranges="10.0.0.0/8" \
    --rules 50,51,tcp:80,udp:1000

gcloud compute firewall-rules update "firewall-name" \ --description="firewall description" \ --priority "1000" \ --target-service-accounts="service-account@gserviceaccount.com" \ --destination-ranges="10.0.0.0/8" \ --rules 50,51,tcp:80,udp:1000

There is no need to add protocols for AH and ESP. Just the port numbers.

Filed Under: Cloud Tagged With: ah, cli, esp, firewall, gcp, sdk

February 25, 2020

Wheel Group

Here’s an alternate way to give Linux users sudo access by adding them to the wheel group. Most Linux systems come with the wheel group already predefined. By adding users to the wheel group, they now have the ability to sudo and run root commands. The wheel group is in the sudoers file for Redhat, Centos, Debian and Ubuntu.

usermod -aG wheel username

usermod -aG wheel username

Filed Under: Linux Tagged With: add, group, sudo, sudoers, usermod, wheel

February 24, 2020

Splunk Search for Tanium Clients

Here’s the Splunk search for Tanium clients reporting to the Tanium server.

"data.jsonPayload.rule_details.direction"=EGRESS
"data.jsonPayload.connection.src_ip"="10.0.0.1"
"data.jsonPayload.connection.dest_port"=17472

"data.jsonPayload.rule_details.direction"=EGRESS "data.jsonPayload.connection.src_ip"="10.0.0.1" "data.jsonPayload.connection.dest_port"=17472

Filed Under: Misc Tagged With: 17472, port, splunk, tanium

February 23, 2020

GCP SDK Firewall Update

Here’s how to update an existing GCP firewall.

Ingress

gcloud compute firewall-rules update "firewall-rule-name" \
--description="firewall description" \
--priority="1000"
--target-service-accounts="service-account@gserviceaccount.com" \
--source-ranges="10.0.0.0/8"
--rules tcp:80,tcp:443,udp:1000-1100

gcloud compute firewall-rules update "firewall-rule-name" \ --description="firewall description" \ --priority="1000" --target-service-accounts="service-account@gserviceaccount.com" \ --source-ranges="10.0.0.0/8" --rules tcp:80,tcp:443,udp:1000-1100

Egress

gcloud compute firewall-rules update "firewall-rule-name" \
--description="firewall description" \
--priority="1000"
--target-service-accounts="service-account@gserviceaccount.com" \
--destination-ranges="10.0.0.0/8"
--rules tcp:80,tcp:443,udp:1000-1100

gcloud compute firewall-rules update "firewall-rule-name" \ --description="firewall description" \ --priority="1000" --target-service-accounts="service-account@gserviceaccount.com" \ --destination-ranges="10.0.0.0/8" --rules tcp:80,tcp:443,udp:1000-1100

Filed Under: Cloud Tagged With: egress, firewall, gcp, ingress, update

  • 1
  • 2
  • 3
  • 4
  • Next Page »
  • Cloud
  • Linux
  • Git

Copyright © 2012–2021