Uly.me

cloud engineer

Archives for February 2020

Run Docker Compose

Here’s how to run docker-compose. I have an Icecast docker-compose.yml file. Icecast is an audio streaming server.

version: "2"
 
services:
  icecast:
    image: moul/icecast
    environment:
      - ICECAST_SOURCE_PASSWORD=secret
      - ICECAST_ADMIN_PASSWORD=secret
      - ICECAST_PASSWORD=secret
      - ICECAST_RELAY_PASSWORD=secret
    ports:
      - "8000:8000"
    restart: always

To run Icecast in a container , I run docker-compose in the background.

docker-compose up -d

Check to see if Icecast is running on your browser.

http://localhost:8000

To stop the Icecast container, I simply stop the docker-compose.

docker-compose stop

Here are the other docker commands you can run.

docker images
docker ps
docker-compose ps

GCP SDK Firewall Rule AH and ESP

Here’s how to add a GCP firewall rule with the AH (authentication header) and ESP (Encapsulating Security Payload) protocols.

gcloud compute firewall-rules update "firewall-name" \
    --description="firewall description" \
    --priority "1000" \
    --target-service-accounts="service-account@gserviceaccount.com" \
    --destination-ranges="10.0.0.0/8" \
    --rules 50,51,tcp:80,udp:1000

There is no need to add protocols for AH and ESP. Just the port numbers.

Wheel Group

Here’s an alternate way to give Linux users sudo access by adding them to the wheel group. Most Linux systems come with the wheel group already predefined. By adding users to the wheel group, they now have the ability to sudo and run root commands. The wheel group is in the sudoers file for Redhat, Centos, Debian and Ubuntu.

usermod -aG wheel username

Splunk Search for Tanium Clients

Here’s the Splunk search for Tanium clients reporting to the Tanium server.

"data.jsonPayload.rule_details.direction"=EGRESS
"data.jsonPayload.connection.src_ip"="10.0.0.1"
"data.jsonPayload.connection.dest_port"=17472

GCP SDK Firewall Update

Here’s how to update an existing GCP firewall.

Ingress

gcloud compute firewall-rules update "firewall-rule-name" \
--description="firewall description" \
--priority="1000"
--target-service-accounts="service-account@gserviceaccount.com" \
--source-ranges="10.0.0.0/8"
--rules tcp:80,tcp:443,udp:1000-1100

Egress

gcloud compute firewall-rules update "firewall-rule-name" \
--description="firewall description" \
--priority="1000"
--target-service-accounts="service-account@gserviceaccount.com" \
--destination-ranges="10.0.0.0/8"
--rules tcp:80,tcp:443,udp:1000-1100