Archives for July 2021

SSSD Override Shell

July 25, 2021

If you have SSSD running and the default shell is ksh even with the default shell set to bash.

Here’s the fix to override the default shell in /etc/sssd/sssd.conf. Add override_shell.

default_shell = /bin/bash
override_shell = /bin/bash

To check which shell you are using.

echo $SHELL
/bin/bash

Migrate VM to Other Network

July 20, 2021

Here’s how to move a VM to another network.

Stop the VM.

gcloud compute instances stop server-name \
--zone=us-central1-c \
--project project-id

Migrate the VM. Use self link for network and subnetwork.

gcloud compute instances network-interfaces update server-name \
--zone=us-central1-c \
--network-interface=nic0 \
--network=your-network \
--subnetwork=your-sub-network \
--project project-id

Start the VM.

gcloud compute instances start server-name \
--zone=us-central1-c \
--project project-id

There are a few issues that prop up every once in a while with gcloud compute ssh. gcloud compute ssh creates local user at first login. The account password has a default expiration of 90 days. If unable to login, you can try logging in as a different name (even a fictitious name) e.g. superheroes, etc. something unique.

gcloud compute ssh username@servername --zone us-central1-c --project project-id --internal-ip

Once logged in, you can delete local users with expired passwords or perform other admin tasks.

userdel -r username

You can also try to run chage to adjust the password expiration.

chage -M 180 username  (extends expiration from 90 to 180 days)

If you continue to have login issues, you can also delete Metadata SSH keys in both the instance and project levels.

Last resort you can use force key overwrite which will regenerate a new key and overwrite broken ssh keys.

gcloud compute ssh username@servername \
--force-key-file-overwrite \
--zone us-central1-c \
--project project-id \
--internal-ip

Bash Aliases

July 17, 2021

Create an alias.

alias gcloud='docker run --rm -ti --volumes-from gcloud-config google/cloud-sdk:latest gcloud'

Remove an alias.

unalias gcloud

Terraform in a Docker Container

July 17, 2021

Run Terraform in a Docker container.

docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest

Create an alias.

alias terraform='docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest'

Run the command

terraform --version
Terraform v1.0.2
on linux_amd64

GCloud in a Docker Container

July 17, 2021

You can run a gcloud commands in a Docker container.

docker run -ti --name gcloud-config google/cloud-sdk gcloud auth login

Create an alias.

alias gcloud='docker run --rm -ti --volumes-from gcloud-config google/cloud-sdk:latest gcloud'

Run the command.

gcloud --version
Google Cloud SDK 348.0.0
alpha 2021.07.09
app-engine-go 1.9.71
app-engine-java 1.9.90
app-engine-python 1.9.93
app-engine-python-extras 1.9.93
beta 2021.07.09
bigtable 
bq 2.0.70
cbt 0.10.0
cloud-datastore-emulator 2.1.0
cloud-firestore-emulator 1.13.0
cloud-spanner-emulator 1.2.0
core 2021.07.09
datalab 20190610
gsutil 4.65
kpt 0.39.3
local-extract 1.2.0
pubsub-emulator 0.4.1

Create one for gsutil.

alias gsutil='docker run --rm -ti --volumes-from gcloud-config google/cloud-sdk:latest gsutil'

AWSCLI in Docker Container

July 17, 2021

This will download the latest awscli and run it in a container.

A new container will be built every time the command is run.

Your current credentials in ~/.aws will be used.

docker run --rm -it -v ~/.aws:/root/.aws amazon/aws-cli:latest

Create an alias for convenience.

alias aws='docker run --rm -ti -v ~/.aws:/root/.aws -v $(pwd):/aws amazon/aws-cli'

You can now run any aws cli after.

aws --version
aws-cli/2.2.20 Python/3.8.8 Linux/5.4.0-66-generic docker/x86_64.amzn.2 prompt/off

Downgrade Redhat Kernel

July 17, 2021

How to downgrade a Redhat kernel within the same release.

List kernel.

yum list kernel-3.10.0-862*
yum list kernel-3.10*

Install previous kernel if missing.

yum install kernel-3.10.0-862.el7

Downgrade to next minor release.

yum downgrade redhat-release