Tag: centos

Configure your LVM via Ansible

Some days back, I gave some explanations about LVM such as creations of LVM partitions and a detailed analogy of the LVM structure as well as tips for using PVMOVE. We can also automate such task using the power of Ansible. Cool isn’t it?

ansible

So, I have my two hosts Ansible1 and Ansible2. Ansible1 is the controller and has Ansible installed and Ansible2 is the hosts that the disk will be added to the LVM.

1. Here is the status of the disk of Ansible2 where a disk /dev/sdc has been added

Screenshot from 2016-03-08 11-05-29

2. I have now added a disk of 1GB from the VirtualBox settings. You can refer to the past article on LVM how to add the disk. As we can see on the screenshot below it shows the disk sdc with the size 1GB added on the machine Ansible2 which I have formatted as LVM

Screenshot from 2016-03-08 11-22-17

4. Lets now get into the controller machine – Ansible1 and prepare our Playbook. You can view it on my Git account here. The aim is to get a 500Mb from the /dev/sdc1 to create a new VG called vgdata in the LV called lvdisk.

5. Here is the output

Screenshot from 2016-03-08 11-36-00

Articles on LVM

Articles on Ansible

 

Installing, Updating and Playing around with a Docker container

Docker will probably be on heavy development those days. This article will be dedicated to most of the basics to install and update a docker instance and some tips to play around. In the future, I will get into details about Docker Engine, Images, Containers, Volumes and Networking in the context of Docker. I have reserved this blog for the installation of Docker, get updates from the official channel and perform some basic daemon configs. So what is Docker? “Docker provides an integrated technology suite that enables developers and IT operations teams to build, ship, and run distributed applications anywhere.” – Docker

Installing, Updating and Playing around with a Docker container 1

A nice experience is to use a Virtual Box machine running on a Centos machine. My physical machine is running an Ubuntu.

Centos 6 Machine:

1. To install docker do a

yum install docker-io

2. Start the docker service

service docker start

3. check the docker version and new version available as well as the info

docker -v
docker version
docker info

Screenshot from 2016-02-26 23-49-21

4. You can also check for the number of containers, images, storage and execution driver details the command.

docker info

Let’s now see how to update Docker. Prior before performing an upgrade, it’s important to perform a backup of images. To get a new docker version, you will need to add a docker repo to get the new version and launch an update. You can check back the version with the command docker -v Just update your repository and launch an update. Check out the docker docs at this link.

Docker needs root to perform major actions like the creation of namespaces and cgroups. Docker also uses the /var/run/docker.sock which is own by root and is found in the group docker. So normal users can be added to the group docker by keeping security control to the docker group.

Screenshot from 2016-02-27 01-31-14

5. Lets try running an instance with the following command using the user called “nitin”: The command simply means lets run docker run to start a new container -it to make it interactive and assigned it a tty and same will be used by a ubuntu image and a bash process will be run inside the container.

docker run -it ubuntu /bin/bash

6. If the user “nitin” is not found in the group “docker” same would not run. To add the user simply use the following command. As you can see here “nitin” is the user which is being added to the group “docker”

gpasswd -a nitin docker

Now, when the command is being launched you would notice the download in progress.

Screenshot from 2016-02-27 01-45-13

Afterward, you will find yourself landed inside the container itself. Cool isn’t it? I am now inside an Ubuntu container from the Centos Virtual Machine. The number 7fa21bcf66b5 is the short form the container unique ID.

Screenshot from 2016-02-27 01-58-17

Type exit to get back to the Virtual machine. More articles coming later on Docker. 

7. To go on the docker hub and see all container images  related to CentOS:

docker search centos

TIPS:

  • On Centos7 machine, a simple curl -fsSL https://get.docker.com/ | sh would do the installation for the latest version
  • Always create a user for the docker application, the add docker to the group with usermod -aG docker docker-user
  • On CentOS, when firing the docker version | grep Storage, you would noticed that the Default storage driver is ‘device mapper’ compared to Ubuntu which is by default AUFS
  • Docker needs root to work. You can see that a ls -l /var/run/docker.sock is assigned by default with user root and group docker. So normal users can be added to the group dockers to allow then to run and break docker without to be root.

 

Getting started with Ansible Deployment

Ansible is on open source IT orchestration engine that manages on-premise and in the cloud remote devices in a coordinated fashion. These are servers, networking hardware, and storage devices. Ansible can be used to talk to typical load balances, firewalls switches or any Linux machines. Continuous deployment in any environment is important as to whether the tools are predictable. Undefined behavior should be taken into consideration. Ansible is a human-readable playbook format. There is a minimum jargon in the system.

ansible

How Ansible is different compared to Puppet and Chef?

Compared to Puppet or Chef which need to have an agent installed on remote machines and the controller on the main server, but, with Ansible, you do not need to install anything on the remote machine as it relies on SSH connection and a simple push mechanism. On the other side, Puppet and Chef would use a Pull mechanism.

Let’s deploy Ansible

You would normally find lots of pretty documentation on the official website. If you want to adventure a bit around Ansible here are some tips to get started on a Centos 6 machine. I have created 2 machines called ansible1 and ansible2. Each can ping each other and Port 22 – SSH is listening. There are several dependencies needed to install Ansible. I would advise you to edit the /etc/hosts file and point the IP on the hostname if you do not have any DNS.

On ansible1, simply enable the epel repo and do a yum install ansible. However, you can also compile from source. Different Python version would be required. Those are usually the packages needed:

PyYAML 
 libyaml 
 python-babel
 python-crypto
 python-crypto2.6 
 python-httplib2 
 python-jinja2 
 python-keyczar noarch
 python-paramiko noarch
 python-pyasn1 noarch 
 python-simplejson i686
 sshpass

Once Ansible is installed on the machine ansible1, even if more machines are connected on the same network, you would not need to install it anything. To make ansible2 part of the ansible1 network, an inventory file need to be configured. This is located at /etc/ansible/hosts

Add the following block in the /etc/ansible/hosts file

[myservers]
ansible1
ansible2

Try testing a ping

After adding the block as mentioned above, you carry out a simple test to check for ping via the ansible command.

ansible ansible2 -m ping -u root -k

Here is the result.

Screenshot from 2016-02-20 09:54:33

You might want to set up root password. This can be set up with the command :

ansible ansible2 -m setup -u root -k

Setting up your SSH Key

However, you might want to set up Ansible with a ssh key.

On ansible1, simply create a key with the command ssh-keygen and/or if already got your key send it to the ansible2 using the following commands ssh-copy-id -i ansible2. Also repeat same steps on ansible2 by sending your key to ansible1. The file located at ~/.ssh/authorized_keys would contain the keys. As from here you simply run any command without being prompt each time to enter password.

Screenshot from 2016-02-20 10:14:10

More funs with commands

Let’s say we want to have an information about the /etc/passwd file from the ansible2 server. We simply need to fire this command

ansible ansible2 -m file -a 'path=/etc/passwd'

Screenshot from 2016-02-20 10:20:26

I can also create a directory with Ansible in any directory i want and even setup the user and group permission. For example to create a directory in the /tmp.

ansible ansible2 -m file -a 'path=/tmp/hackers_mauritius state=directory mode=777 owner=root'

Screenshot from 2016-02-20 10:26:50

Errors that can be encountered

However, its very important you test your command before setting it up on production environment. Errors can also be encountered if dependencies packages are not installed. For example let’s send a file from ansible1 to ansible2. The command is

ansible ansible2 -m copy -a 'src=/root/hackers.log dest=/tmp'

Screenshot from 2016-02-20 09:37:59

You might noticed that SELINUX can be disabled or simply set the parameter in the /etc/selinux/config. I have disabled selinux and rebooted the machine. Here is the output

Screenshot from 2016-02-20 10:45:51

Simple Master-Master replication on MariaDB

Lets set up a simple Master-Master database replication on MariaDB. I have already posted an article on the setting up of Master-Slave database replication. You can test it on Virtual Box or Vmware labs for your own analysis and benchmark. Lets called both MariaDB Master servers as Master1 and Master2.


ice_logo-5dcea9e47b780ff52f75c3c3304d54827f56211e
Photo credits – Mariadb.org

1. Create the 2 Labs (test it on Centos7) and edit your /etc/hosts so that each server can ping each other via the hostname. On Master1, edit your /etc/my.cnf file and on the top enter the following parameter:


[mysqld]
server-id=1
log-bin=mysql-bin

2. On master1 SQL prompt, create a user for replication slave followed by flush privileges.

MariaDB [(none)]> grant replication slave on *.* to [email protected]'%' identified by 'replipassword';
MariaDB [(none)]> flush privileges;

3. Flush the tables for read-only access.


MariaDB [(none)]> flush tables with read lock;

4. At this point, if you do a show master status, you need to have a file with the mysql-bin incrementing number as well a  position number.

MariaDB [(none)]> show master status\G
File: mysql-bin.000001
Position: 612
Binlog_Do_DB:
Binlog_Ignore_DB:
1 row in set (0.00 sec)

5. Now, move on to the Master2 server, I assume you have already start MariaDB, setting up mysql_secure_installation, and edit the /etc/hosts file etc..

6. On Master2 edit your /etc/my.cnf file and on top enter the following parameter, after which you can restart the MariaDB service.


[mysqld]
server-id=2

7. Now on the Master1 server, do a dump of the database MySQL and import it to Master2, so that we make sure it starts and synchronize with the same conf. So, I did a dump of the MySQL database on master1 and SCP it to master2

[[email protected] yum.repos.d]# mysqldump -u root -p --database mysql > mysql.mysql
[[email protected] home]# scp mysql.mysql [email protected]:/home

8. On Master2 import the MySQL database


[[email protected] home]# mysql mysql -u root -p <  mysql.mysql 

9. Now, we will temporarily run Master2 as the slave.

MariaDB [(none)]> change master to master_host='master1', master_user='repli', master_password='replipassword', master_log_file='mysql-bin.000001', master_log_pos=612;
MariaDB [(none)]> start slave;

10. At this point, you would notice that the Slave is running correctly by verifying with a show slave status\G. Do check the Slave_IO_Running, Master_User, Log_Pos and the Slave_SQL_Running parameters.

11. Now that Master1 is the master and Master2 is the slave, we will perform the reverse order to reach our goal. At this level, you can unlock the tables which we did at step3. On master1 fire this command.

unlock table

12. On Master2 (which is actually a slave), re-edit my.cnf file and under the [mysqld] and server-id add the following parameter. It should look like this


[mysqld]
server-id=2
log-bin=mysql-bin

13. On Master2 restart MariaDB with the command systemctl restart mariadb and logging to Mysql and do a show master status. The result should be similar to this.

MariaDB [(none)]> show master status\G
File: mysql-bin.000001
Position: 313
Binlog_Do_DB:
Binlog_Ignore_DB: 

14. On Master1, a show slave status will prompt you an empty set. Now since we have dumped the MySQL database to Master2, we can now just run Master1 as the slave, i.e to repeat the process as in step 9. Launch this command on Master1 to create it as a slave. The File and Position should be taken from the Master2.

MariaDB [(none)]> change master to master_host='master2', master_user='repli', master_password='replipassword', master_log_file='mysql-bin.000001', master_log_pos=313;
MariaDB [(none)]> start slave;

15.  Test by creating database and tables on both servers, it will replicate on each other.

Tips:

    • Each time you edit my.cnf file, you need to restart MariaDB so that the conf take effect.
    • After having created the Master-Slave replication at step 10, you can check on both Master1/2 with a netstat -ntpla | egrep -i established.*mysql. You would notice the established connection and the port it’s listening.
    • The command host with the IP established will also confirm its from the specific host.
    • Further testing on Master1 can also be done with command as mysql -u root -p -e “show processlist” which will give you an indication of the state of the server.
  • The value of File and Position of Master1 when using the command show master status should correspond with the values of Master_Log_File and Read_Master_Log_Pos of Master2 with the command show slave status and vice versa.

Linux Kernel-4.3 Compilation from source

The Linux Kernel 4.3 has been released today, Monday the 2nd of November 2015. I have compiled it from source on a Virtual Box CentOS 7 minimum install the virtual machine for some further testing. I have also used my same old configuration file. You can also view detailed packages and commits on the git repo. Here, is a brief idea how to compile it from source.


Linux_kernel_map
Linux Kernel Map – Photo credits Wikipedia

1. You will need to download all the pre-requirements if you are on a minimum install.


yum groupinstall "Development Tools"
yum install ncurses-devel bc hmaccalc zlib-devel elfutils-libelf-devel binutils-devel qt-devel

2. Download the wget tools to download the Kernel itself.

yum install wget

3.Download and untar the kernel directory

wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.3.tar.gz
tar -xvzf linux-4.3.tar.gz

4. You will need to ensure that the decompressed directory is in the /usr/src/kernels directory. If you have untar it at a location other than this one move the Linux-4.3 directory in the /usr/src/kernels

5. Choose your default kernel configuration options


make menuconfig

6. To use the old config file

make oldconfig

7. Compiling the kernel

make

8. Installing the kernel

make modules_install install

Tips:

    • Be sure to get rid of too many old kernels files in the /boot directory to do not get confused.
    • You can also use the command make olddefconfig to set the default values without prompting anew for configuration.
    • To set different boot options use the command sudo grub2-set-default 0 – 0, in this case, is the default kernel.
    • The command make usually take lots of time. If you have 4 vCPU, you can use make like this: make -j 4 where j stands for jobs and 4 for all the 4 CPUs


  • uname -r allows you to find your kernel version. Example uname -r gives me 3.19.0-25-generic; i.e the letter 3 is the major, number 19 is the minor (developmental stage) and 0 is the revision number