Some days back, I gave some explanations about LVM such as creations of LVM partitions and a detailed analogy of the LVM structure as well as tips for using PVMOVE. We can also automate such task using the power of Ansible. Cool isn’t it?
So, I have my two hosts Ansible1 and Ansible2. Ansible1 is the controller and has Ansible installed and Ansible2 is the hosts that the disk will be added to the LVM.
1. Here is the status of the disk of Ansible2 where a disk /dev/sdc has been added
2. I have now added a disk of 1GB from the VirtualBox settings. You can refer to the past article on LVM how to add the disk. As we can see on the screenshot below it shows the disk sdc with the size 1GB added on the machine Ansible2 which I have formatted as LVM
4. Lets now get into the controller machine – Ansible1 and prepare our Playbook. You can view it on my Git account here. The aim is to get a 500Mb from the /dev/sdc1 to create a new VG called vgdata in the LV called lvdisk.
Docker will probably be on heavy development those days. This article will be dedicated to most of the basics to install and update a docker instance and some tips to play around. In the future, I will get into details about Docker Engine, Images, Containers, Volumes and Networking in the context of Docker. I have reserved this blog for the installation of Docker, get updates from the official channel and perform some basic daemon configs. So what is Docker? “Docker provides an integrated technology suite that enables developers and IT operations teams to build, ship, and run distributed applications anywhere.” – Docker
A nice experience is to use a Virtual Box machine running on a Centos machine. My physical machine is running an Ubuntu.
Centos 6 Machine:
1. To install docker do a
yum install docker-io
2. Start the docker service
service docker start
3. check the docker version and new version available as well as the info
4. You can also check for the number of containers, images, storage and execution driver details the command.
Let’s now see how to update Docker. Prior before performing an upgrade, it’s important to perform a backup of images. To get a new docker version, you will need to add a docker repo to get the new version and launch an update. You can check back the version with the command docker -v Just update your repository and launch an update. Check out the docker docs at this link.
Docker needs root to perform major actions like the creation of namespaces and cgroups. Docker also uses the /var/run/docker.sock which is own by root and is found in the group docker. So normal users can be added to the group docker by keeping security control to the docker group.
5. Lets try running an instance with the following command using the user called “nitin”: The command simply means lets run docker run to start a new container -it to make it interactive and assigned it a tty and same will be used by a ubuntu image and a bash process will be run inside the container.
docker run -it ubuntu /bin/bash
6. If the user “nitin” is not found in the group “docker” same would not run. To add the user simply use the following command. As you can see here “nitin” is the user which is being added to the group “docker”
gpasswd -a nitin docker
Now, when the command is being launched you would notice the download in progress.
Afterward, you will find yourself landed inside the container itself. Cool isn’t it? I am now inside an Ubuntu container from the Centos Virtual Machine. The number 7fa21bcf66b5 is the short form the container unique ID.
Type exit to get back to the Virtual machine. More articles coming later on Docker.
7. To go on the docker hub and see all container images related to CentOS:
docker search centos
On Centos7 machine, a simple curl -fsSL https://get.docker.com/ | sh would do the installation for the latest version
Always create a user for the docker application, the add docker to the group with usermod -aG docker docker-user
On CentOS, when firing the docker version | grep Storage, you would noticed that the Default storage driver is ‘device mapper’ compared to Ubuntu which is by default AUFS
Docker needs root to work. You can see that a ls -l /var/run/docker.sock is assigned by default with user root and group docker. So normal users can be added to the group dockers to allow then to run and break docker without to be root.
Ansible is on open source IT orchestration engine that manages on-premise and in the cloud remote devices in a coordinated fashion. These are servers, networking hardware, and storage devices. Ansible can be used to talk to typical load balances, firewalls switches or any Linux machines. Continuous deployment in any environment is important as to whether the tools are predictable. Undefined behavior should be taken into consideration. Ansible is a human-readable playbook format. There is a minimum jargon in the system.
How Ansible is different compared to Puppet and Chef?
Compared to Puppet or Chef which need to have an agent installed on remote machines and the controller on the main server, but, with Ansible, you do not need to install anything on the remote machine as it relies on SSH connection and a simple push mechanism. On the other side, Puppet and Chef would use a Pull mechanism.
Let’s deploy Ansible
You would normally find lots of pretty documentation on the official website. If you want to adventure a bit around Ansible here are some tips to get started on a Centos 6 machine. I have created 2 machines called ansible1 and ansible2. Each can ping each other and Port 22 – SSH is listening. There are several dependencies needed to install Ansible. I would advise you to edit the /etc/hosts file and point the IP on the hostname if you do not have any DNS.
On ansible1, simply enable the epel repo and do a yum install ansible. However, you can also compile from source. Different Python version would be required. Those are usually the packages needed:
Once Ansible is installed on the machine ansible1, even if more machines are connected on the same network, you would not need to install it anything. To make ansible2 part of the ansible1 network, an inventory file need to be configured. This is located at /etc/ansible/hosts
Add the following block in the /etc/ansible/hosts file
Try testing a ping
After adding the block as mentioned above, you carry out a simple test to check for ping via the ansible command.
ansible ansible2 -m ping -u root -k
Here is the result.
You might want to set up root password. This can be set up with the command :
ansible ansible2 -m setup -u root -k
Setting up your SSH Key
However, you might want to set up Ansible with a ssh key.
On ansible1, simply create a key with the command ssh-keygen and/or if already got your key send it to the ansible2 using the following commands ssh-copy-id -i ansible2. Also repeat same steps on ansible2 by sending your key to ansible1. The file located at ~/.ssh/authorized_keys would contain the keys. As from here you simply run any command without being prompt each time to enter password.
More funs with commands
Let’s say we want to have an information about the /etc/passwd file from the ansible2 server. We simply need to fire this command
ansible ansible2 -m file -a 'path=/etc/passwd'
I can also create a directory with Ansible in any directory i want and even setup the user and group permission. For example to create a directory in the /tmp.
ansible ansible2 -m file -a 'path=/tmp/hackers_mauritius state=directory mode=777 owner=root'
Errors that can be encountered
However, its very important you test your command before setting it up on production environment. Errors can also be encountered if dependencies packages are not installed. For example let’s send a file from ansible1 to ansible2. The command is
ansible ansible2 -m copy -a 'src=/root/hackers.log dest=/tmp'
You might noticed that SELINUX can be disabled or simply set the parameter in the /etc/selinux/config. I have disabled selinux and rebooted the machine. Here is the output
1. Create the 2 Labs (test it on Centos7) and edit your /etc/hosts so that each server can ping each other via the hostname. On Master1, edit your /etc/my.cnf file and on the top enter the following parameter:
2. On master1 SQL prompt, create a user for replication slave followed by flush privileges.
MariaDB [(none)]> grant replication slave on *.* to [email protected]'%' identified by 'replipassword';
MariaDB [(none)]> flush privileges;
3. Flush the tables for read-only access.
MariaDB [(none)]> flush tables with read lock;
4. At this point, if you do a show master status, you need to have a file with the mysql-bin incrementing number as well a position number.
MariaDB [(none)]> show master status\G
1 row in set (0.00 sec)
5. Now, move on to the Master2 server, I assume you have already start MariaDB, setting up mysql_secure_installation, and edit the /etc/hosts file etc..
6. On Master2 edit your /etc/my.cnf file and on top enter the following parameter, after which you can restart the MariaDB service.
7. Now on the Master1 server, do a dump of the database MySQL and import it to Master2, so that we make sure it starts and synchronize with the same conf. So, I did a dump of the MySQL database on master1 and SCP it to master2
9. Now, we will temporarily run Master2 as the slave.
MariaDB [(none)]> change master to master_host='master1', master_user='repli', master_password='replipassword', master_log_file='mysql-bin.000001', master_log_pos=612;
MariaDB [(none)]> start slave;
10. At this point, you would notice that the Slave is running correctly by verifying with a show slave status\G. Do check the Slave_IO_Running, Master_User, Log_Pos and the Slave_SQL_Running parameters.
11. Now that Master1 is the master and Master2 is the slave, we will perform the reverse order to reach our goal. At this level, you can unlock the tables which we did at step3. On master1 fire this command.
12. On Master2 (which is actually a slave), re-edit my.cnf file and under the [mysqld] and server-id add the following parameter. It should look like this
13. On Master2 restart MariaDB with the command systemctl restart mariadb and logging to Mysql and do a show master status. The result should be similar to this.
14. On Master1, a show slave status will prompt you an empty set. Now since we have dumped the MySQL database to Master2, we can now just run Master1 as the slave, i.e to repeat the process as in step 9. Launch this command on Master1 to create it as a slave. The File and Position should be taken from the Master2.
MariaDB [(none)]> change master to master_host='master2', master_user='repli', master_password='replipassword', master_log_file='mysql-bin.000001', master_log_pos=313;
MariaDB [(none)]> start slave;
15. Test by creating database and tables on both servers, it will replicate on each other.
Each time you edit my.cnf file, you need to restart MariaDB so that the conf take effect.
After having created the Master-Slave replication at step 10, you can check on both Master1/2 with a netstat -ntpla | egrep -i established.*mysql. You would notice the established connection and the port it’s listening.
The command host with the IP established will also confirm its from the specific host.
Further testing on Master1 can also be done with command as mysql -u root -p -e “show processlist” which will give you an indication of the state of the server.
The value of File and Position of Master1 when using the command show master status should correspond with the values of Master_Log_File and Read_Master_Log_Pos of Master2 with the command show slave status and vice versa.
The Linux Kernel 4.3 has been released today, Monday the 2nd of November 2015. I have compiled it from source on a Virtual Box CentOS 7 minimum install the virtual machine for some further testing. I have also used my same old configuration file. You can also view detailed packages and commits on the git repo. Here, is a brief idea how to compile it from source.
1. You will need to download all the pre-requirements if you are on a minimum install.
yum groupinstall "Development Tools"
yum install ncurses-devel bc hmaccalc zlib-devel elfutils-libelf-devel binutils-devel qt-devel
2. Download the wget tools to download the Kernel itself.
4. You will need to ensure that the decompressed directory is in the /usr/src/kernels directory. If you have untar it at a location other than this one move the Linux-4.3 directory in the /usr/src/kernels
5. Choose your default kernel configuration options
6. To use the old config file
7. Compiling the kernel
8. Installing the kernel
make modules_install install
Be sure to get rid of too many old kernels files in the /boot directory to do not get confused.
You can also use the command make olddefconfig to set the default values without prompting anew for configuration.
To set different boot options use the command sudo grub2-set-default 0 – 0, in this case, is the default kernel.
The command make usually take lots of time. If you have 4 vCPU, you can use make like this: make -j 4 where j stands for jobs and 4 for all the 4 CPUs
uname -r allows you to find your kernel version. Example uname -r gives me 3.19.0-25-generic; i.e the letter 3 is the major, number 19 is the minor (developmental stage) and 0 is the revision number