Category: Cloud

Yum Add Repo Manually

Posted on by Ulysses

Add a yum repo manually by adding a configuration file in /etc/yum.repo.d/ directory.

cd /etc/yum.repos.d/
vi newrepo

Add the following.

[newrepo]
name=New Repo for RHEL/ CentOS $releasever - $basearch
baseurl=http://newrepo.domain.com/centos/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://newrepo.domain.com/RPM-GPG-KEY.txt

You may need to import the key.

rpm --import http://newrepo.domain.com/RPM-GPG-KEY.txt

Finally, test the new repo by running the following.

yum update -y
yum install new-package

Terraform Launch EC2 Instance

Posted on by Ulysses

Here’s the template for launching an EC2 instance via Terraform.

provider "aws" {
  region                  = "us-east-1"
  shared_credentials_file = "/home/username/.aws/credentials"
  profile                 = "default"
}
resource "aws_security_group" "hostname-sg" {
	name = "allow ssh"
	vpc_id = ""
	ingress {
		cidr_blocks = [ "10.0.0.0/8" ]
		from_port = 22
		to_port = 22
		protocol = "tcp"
	}
	egress {
		from_port = 0
		to_port = 0
		protocol = "-1"
		cidr_blocks = [ "0.0.0.0/0" ]
	}
}
resource "aws_instance" "hostname" {
	ami = "ami-xxxxxxxxxx"
	key_name = "your-key"
	instance_type = "t2.large"
	subnet_id = "subnet-xxxxxxxx"
	security_groups	= ["${aws_security_group.hostname-sg.id}"]
	tags {
		Name = "hostname"
		Environment = "development"
	}
}

AWS EFS List on AWS Backup

Posted on by Ulysses

Here’s how to get a list of EFS on AWS Backup. Displays a list and looks for a specific tag.

#! /bin/bash
 
tmpfil="temp.txt"
output="efs-list.txt"
 
> $output
> $tmpfil
 
declare -a account=("default" "account1" "account2" "account3")
declare -a region=("us-east-1" "us-east-2" "us-west-1" "us-west-2")
 
for i in "${account[@]}"; do
  echo "===================" >> $output
  echo $i >> $output
  echo "===================" >> $output
  for j in "${region[@]}"; do
    echo $j >> $output
    echo "-------------------" >> $output
    aws efs describe-file-systems \
    --query 'FileSystems[*].[FileSystemId]' \
    --profile $i --region $j --output text >> $tmpfil
    while read -r efs; do
      echo $efs >> $output
      sleep 1s
      aws efs describe-tags --file-system-id $efs \
      --query 'Tags[?Key==`aws-backup`].{Name:Key,Value:Value}' \
      --profile $i --region $j --output text >> $output
      echo "..................." >> $output
    done < $tmpfil
    > $tmpfil
  done
done
rm $tmpfil

Output file is efs-list.txt

GCP Load Balancer Local Routing Table

Posted on by Ulysses

Test if the GCP Load Balancer is working by sending a curl command from the backend VM.

Assume the load balancer IP address is 10.1.2.99, and the VM is called vm-a1.

curl http://10.1.2.99

The end result is …

Page served from: vm-a1

Make sure there’s an entry in the local table that matches the IP of the load balancer.

ip route show table local | grep 10.1.2.99

If not, add it.

ip route add to local 10.1.2.99/32 dev eth0 proto 66

Documentation

AWS S3 Upload Policy

Posted on by Ulysses

Give someone upload access to a S3 bucket. Here’s the policy.

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListAllMyBuckets"
         ],
         "Resource":"arn:aws:s3:::*"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource":"arn:aws:s3:::your-bucket-name"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:DeleteObject"
         ],
         "Resource":"arn:aws:s3:::your-bucket-name/*"
      }
   ]
}