start docker with customer system name and hostname

Posted on May 24, 2016May 24, 2016 by admin

docker run --name david -h david-01 -it david/c6nodepm2yo /bin/bash
nJoy 😉

shows :
docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f4da454e156e david/c6nodepm2yo "/bin/bash" 12 seconds ago Exited (0) 3 seconds ago david d5ec5101ba52 david/centos6:node "/bin/bash" 27 hours ago Up 26 hours 0.0.0.0:8000->80/tcp jovial_borg

and when connected :

[root@david-01 /]#

Centos 7 Firewall open a port

Posted on May 19, 2016May 19, 2016 by admin

Use this command to find your active zone(s):

firewall-cmd --get-active-zones

It will say either public, dmz, or something else. You should only apply to the zones required.

In the case of dmz try:

firewall-cmd --zone=dmz --add-port=2888/tcp --permanent

Otherwise, substitute dmz for your zone, for example, if your zone is public:

firewall-cmd --zone=public --add-port=2888/tcp --permanent

Then remember to reload the firewall for changes to take effect.

firewall-cmd --reload

Docker log files

Posted on May 18, 2016 by admin

Ubuntu – /var/log/upstart/docker.log
Boot2Docker – /var/log/docker.log
Debian, GNU/Linux – /var/log/daemon.log
CentOS6 – /var/log/daemon.log | grep docker
Fedora – journalctl -u docker.service
OpenSuSE – journalctl -u docker.service

on Centos 7
journalctl -u docker.service

nJoy 😉

Docker Remote API on CentOS

Posted on May 14, 2016May 24, 2016 by admin

After installing Docker on CentOS we need to Docker remote API port on CentOS.

$ cat /etc/sysconfig/docker
other_args=""

Edit the file /etc/sysconfig/docker as below.

other_args="-H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock"

After that, restart docker and try to access the host from another host.

$ sudo /etc/init.d/docker restart
...
$ curl $hostname:4243/images/json
...

For a systemd based Distro like Centos7
Linux with systemd (Ubuntu 15.04, Debian 8,…)

Using systemd, we’ll need to enable a systemd socket to access the Docker remote API:

Create a new systemd config file called /etc/systemd/system/docker-tcp.socket to make docker available on a TCP socket on port 2375.

[Unit]
Description=Docker HTTP Socket for the API

[Socket]
ListenStream=2375
BindIPv6Only=both
Service=docker.service

[Install]
WantedBy=sockets.target
Register the new systemd http socket and restart docker
systemctl enable docker-tcp.socket
systemctl stop docker
systemctl start docker-tcp.socket

Open your browser and verify you can connect to http://localhost:2375/_ping

(more…)

Save SSL keys for AWS Cloudfront

Posted on May 13, 2016 by admin

Assuming you have AWS cli installed :

aws iam upload-server-certificate --server-certificate-name www.site.tld-cf --certificate-body file://public.key --private-key file://private.key --certificate-chain file://bundle.pem --path /cloudfront/

nJoy 😉

hex2bin in node.js

Posted on May 6, 2016 by admin

Basically it’s all over-engineered and does not work well.

responses are out of alignment and though text-wise they are the same bit wise everything is all over the place :

curl http://phpimpl.domain.com/testhex.php | xxd

00000000: de56 a735 4739 c01d f2dc e14b ba30 8af0 .Q.%G9.....;.0..

curl http://nodejs.domain.com/ | xxd

00000000: c39e 56c2 a725 4739 c380 c3ad c3b1 c39c ..Q..%G9........
 00000010: c3a1 37c2 6b30 c28f c3b0 ..;..0....

The proper way to implement this in node is :

function hex2bin(hex){
return new Buffer(hex,”hex”);
}

curl http://nodejs.domain.com/ | xxd

00000000: de56 a735 4739 c01d f2dc e14b ba30 8af0 .Q.%G9…..;.0..

nJoy 😉

How to test a crt or pem file

Posted on May 5, 2016 by admin

openssl verify -verbose -x509_strict -CAfile gd_bundle-g2-g1.crt 39aaf24e9f2b1f6f.crt

nJoy;-)

strace apache or process to detect bottlenecks

Posted on May 2, 2016 by admin

Sometimes you have a multi threaded / multi processed application and you need to see where are things hanging.

ps auxw | grep sbin/apache | awk '{print"-p " $2}' | xargs strace

nJoy 😉

Docker enable internet and external routing

Posted on April 19, 2016April 19, 2016 by admin

You could add the sysctl line to the system or in the /etc/init.d/

AWS permissions on buckets for users and roles

Posted on April 12, 2016April 12, 2016 by admin

Full access for specific IAM user/role

Type: bucket

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Action":[
            "s3:*"
         ],
         "Effect":"Allow",
         "Principal":{
            "AWS":[
               "arn:aws:iam::ACCOUNT_ID:user/USERNAME_A",
               "arn:aws:iam::ACCOUNT_ID:user/USERNAME_B",
               "arn:aws:iam::ACCOUNT_ID:user/USERNAME_C",
               "arn:aws:iam::ACCOUNT_ID:role/ROLE_A",
               "arn:aws:iam::ACCOUNT_ID:role/ROLE_B",
               "arn:aws:iam::ACCOUNT_ID:role/ROLE_C"
            ]
         },
         "Resource":[
            "arn:aws:s3:::BUCKET_NAME",
            "arn:aws:s3:::BUCKET_NAME/*"
         ]
      }
   ]
}

← Newer posts Older posts →