How to install and configure Docker-CE on CentOS

Installation.

• Begin with updating your system packages and docker dependencies.

$  sudo yum update

$  sudo yum install yum-utils device-mapper-persistent-data lvm2

• Add docker stable repository for centos within your system

$  sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

• Once docker repository is enabled, proceed ahead to install Docker-CE ( Community Edition.

$  sudo yum install docker-ce

• Now docker-ce has been installed, lets start the docker daemon and enable it on boot.

$  sudo systemctl start docker

$  sudo systemctl enable docker

• To verify the status of  docker, run the below command.

$  sudo systemctl status docker

• In case, if you want to check your installed docker version.

$  sudo docker -v

Run Docker commands without sudo

By default managing Docker requires administrator privileges. If you want to run Docker commands as a non-root user without adding sudo within yoir command you need to add your user to the docker group which is created during the installation of the Docker CE package. Add your user to docker group by below command.

$  sudo usermod -aG docker $USER

Logout- Login to reflect the changes.

Read more ...

How to use Rsync behind proxy

Usually one needs to export proxies url/ip in order to upload/download content while running behing proxy with shell or any terminal sessions.

Please keep in mind even exporting  http_proxy and https_proxy , rsync will not work.

cybeerkeeda@Linux-Maniac:~ export rsync_proxy=xxx.xxx.xx.xx:yyyy

Do replace rsync_proxy=with_your_proxy_url:port

Read more ...

Join Linux into Windows Active Directory domain

Though I'm  a great fan of Linux/Unix but while working with any enterprise firm i couldn't avoid, thus i was asked to join our Linux hosts into Active directory.

So let's move ahead and join our LInux systems into ad using tool named as " adcli "

I have used this to join our Redhat/CentOS 7 hosts into AD.

Video Tutorial.

There are two must things as a prerequisites for it.

1.     Make Sure RHEL machine is able to resolve Active Directory servers.

2.     Install adcli package along with sssd:

 Consider the below inputs as a lab enviroment of mine.

Active Directory Server : swind101x.cyberkeeda.net

Domain name : cyberkeeda.net

Linux Client Hostname :  scent101x.cyberkeeda.net

[root@scent101x ~]# yum install adcli sssd authconfig

• Discover the AD domain:

[root@scent101x ~]# adcli info cyberkeeda.net

adcli will show few details about the AD domain. 

[domain]

domain-name = cyberkeeda.net

domain-short = CYBERKEEDA

domain-forest = cyberkeeda.net

domain-controller = SWIND101X.cyberkeeda.net

domain-controller-site = Default-First-Site-Name

domain-controller-flags = pdc gc ldap ds kdc timeserv closest writable good-timeserv full-secret

domain-controller-usable = yes

domain-controllers = SWIND101X.cyberkeeda.net

[computer]

computer-site = Default-First-Site-Name

• Now, join RHEL system to AD domain using adcli: 

[root@scent101x ~]# adcli join cyberkeeda.net

Password for Administrator@CYBERKEEDA.NET: <---- Enter Admin password

By default, it prompts for the Administrator password, but it's possible to specify another user with the -U option:

[root@scent101x ~]# adcli join cyberkeeda.net -U ad_admin_user 

# adcli join cyberkeeda.net -U ad_admin_user        <------ This user should have administrative rights in AD

The join operation creates a keytab the machine will authenticate with. When inspect the with klist -kt, 

[root@scent101x ~]# klist -kte

It should show several entries that contain client hostname in some form:

Keytab name: FILE:/etc/krb5.keytab

KVNO Timestamp         Principal

---- ----------------- --------------------------------------------------------

   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (aes256-cts-hmac-sha1-96) 

   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (aes128-cts-hmac-sha1-96) 

   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (des3-cbc-sha1) 

   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (arcfour-hmac)

• Configure /etc/krb5.conf to use AD domain:

Replace 

Realm

Admin_server

your Realm, domain realms, AD erver information.

includedir /etc/krb5.conf.d/

[logging]

default = FILE:/var/log/krb5libs.log

 kdc = FILE:/var/log/krb5kdc.log

 admin_server = FILE:/var/log/kadmind.log

[libdefaults]

 default_realm = CYBERKEEDA.NET

 dns_lookup_realm = false

 dns_lookup_kdc = false

 ticket_lifetime = 24h

 renew_lifetime = 7d

 forwardable = true

[realms]

 CYBERKEEDA.NET = {

  kdc = cyberkeeda.net

  admin_server = swind101x.cyberkeeda.net

 }

[domain_realm]

 .cyberkeeda.net = CYBERKEEDA.NET

 cyberkeeda.net = CYBERKEEDA.NET

Use authconfig to set up the Name Service Switch(/etc/nsswitch.conf) and PAM stacks(password-authand system-auth):

[root@scent101x ~]#  authconfig --enablesssd --enablesssdauth --update

Above command will modify and add necessary entries in 

Ø /etc/nsswitch.conf, 

Ø /etc/pam.d/password-auth 

Ø /etc/pam.d/system-authfiles 

The final step is to configure the SSSD itself. 

Open /etc/sssd/sssd.conf and define a single domain:

[sssd]

services = nss, pam, ssh, autofs

config_file_version = 2

domains = CYBERKEEDA.NET



[domain/CYBERKEEDA.NET]
id_provider = ad
# Uncomment and configure below , if service discovery is not working

ad_server = swind101x.cyberkeeda.net
 

 Make sure /etc/sssd/sssd.con is owned by root:root and permissions are 600

 # chown root:root /etc/sssd/sssd.conf

 # chmod 600 /etc/sssd/sssd.conf

Start the SSSD and make sure it's up after reboots:

# service sssd start

# chkconfig sssd on

    Try to  fetch user information for AD user and then try to login as AD user

# getent passwd aduser

# id Administrator

# ssh Administrator@localhost

Read more ...

net ads dns register WARNING: no network interfaces found

Recently i got a requirement to change my MAC entry for a specific KVM host, since it's Virtual host MAC.
And the requirement also need to change the interface from eth0 to eth1


So after changing the MAC and interface name to eth1, everything went fine but i had a issue after few hours.
KVM host uses samba to register it's DNS entry into Active Directory, but it was failing somehow though it can join itself into AD but couldnot register it's IN A record into AD.

To fix it, check the two config files.

cybeerkeeda@Linux-Maniac:~ vim /etc/samba/smb.conf

And look for the below line , it must be look same 

interfaces = eth* bond* tun0 br0

cybeerkeeda@Linux-Maniac:~ vim /etc/samba/smb.sys

interfaces = eth*

Restart smb and all will work fine

cybeerkeeda@Linux-Maniac:~ service smb restart

Read more ...

How to Install Ansible on CentOS 7

Need Automation on Linux : Ansible will become your best friend for sure.

Ansible is the simplest way to automate apps and IT infrastructure. Application Deployment + Configuration Management + Continuous Delivery.

So let's not discuss more jump into installation to have hands on it.

Redhat/Centos ships ANSIBLE on its default repository, so you don’t ned to woory about packages or it’s dependencies.

Just a single command will install ansible and your Automation cockpit is ready to fly.

cybeerkeeda@Linux-Maniac:~ yum install ansible

If you too found the same issue while installing ansible from one liner yum command.

cybeerkeeda@Linux-Maniac:~ yum install ansible 




Loaded plugins: fastestmirror, langpacks

Loading mirror speeds from cached hostfile

 * base: mirror.nbrc.ac.in

 * extras: mirror.nbrc.ac.in

 * updates: mirror.nbrc.ac.in

No package ansible available.

Error: Nothing to do

Make sure first of all you are connected to internet, then simply install the epel repo first.

cybeerkeeda@Linux-Maniac:~ yum install epel-release

Then run the same earlier command  yum install ansible.

cybeerkeeda@Linux-Maniac:~ yum install ansible

Done ! All fine 

Now lets confirm it’s installation status by checking the installed ansible version.

cybeerkeeda@Linux-Maniac:~ ansible --version

 ansible 2.3.1.0

  config file = /etc/ansible/ansible.cfg

  configured module search path = Default w/o overrides



  python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

Do find the video for reference purpose too.

Read more ...

How to enable Microsoft Word support on OwnCloud

This tutorial will guide to enable Microsoft / LibreOffice/OpenOffice Word document Online view on browser.


Install Libreoffice package on Owncloud server

cybeerkeeda@Linux-Maniac:~ yum install libreoffice*

cybeerkeeda@Linux-Maniac:~ yum install libreoffice-headless

cybeerkeeda@Linux-Maniac:~ yum install libreoffice-impress

These are the mandatory packages that are supposed to be installed within your Owncloud Server

Now Enable Documents from the App window

Check within your config.php file ( owncloud/config/config.php ), if the below mentioned line has been added or not
if not then add it manually

'preview_libreoffice_path' => '/usr/bin/libreoffice',

Now Again Click on Admin -- Documents -- Local - Apply and Test

Now confirm it from the below similar looking pic

You must be able to View the Document within your browser.

Read more ...

BASH : Using while loop to ssh to multiple servers and run multiple commands

So today I got a requirement to perform some regular tasks to be executed on 100 Hosts.

These are the two task that i have to perform on 100 servers from SSH remote execution.

Create a Symbolic Link for a directory into User's directory
Give Ownership of the same Symbolic link.

Commands involved.
ln -s /home/BackUP_Data/  /home/user_directory
chown -R userid.gid  /home/user_directory/BackUP_Data

So it seems to be pretty simply , but here are two variables that I'm supposed to fetch out from two files.

/tmp/xyz_host.txt contains all 100 hostname
/tmp/xyz_user.txt conatins all 100 Users with respect to the same hostname in parralel to it.

Hence upon addition of variables from my files we have to execute something like below.

ssh root@$x " ln -s /home/BackUP_Data/  /home/$y  && chown -R userid.gid  /home/user_directory/BackUP_Data "
"

Task looks simple and i tried to use my old WHILE loop snippet to perform the same activity.

While Loop with Multiple Variables from multiple file as input

But somehow it didn't went well just after executing the commands into the first host , the loop stucks at all.

Somehow our common friend google is here and STACKexchnage is my best friend during scripting.

It somehow fixed me , just by adding  an extra   < /dev/null;


So overall the while loop will look like

while read -r x && read -r y <&3; do ssh root@$x " ln -s /home/BackUP_Data/  /home/$y  && chown -R userid.gid  /home/user_directory/BackUP_Data
" < /dev/null; done</tmp/xyz_host.txt 3</tmp/xyz_user.txt

The same has been briefly explained here as

ssh is reading the rest of your standard input.

while read HOST ; do … ; done < servers.txt

read reads from stdin. The < redirects stdin from a file.

Unfortunately, the command you're trying to run also reads stdin, so it winds up eating the rest of your file. You can see it clearly with

Explained well as Workaround / Solution for it by using SECOND Redirect

while read HOST ; do ssh $HOST "uname -a" < /dev/null; done < servers.txt

A detailed explanation can be found here ...  Stackexchange
Reference : Stackexchange

Read more ...

BASH : While Loop with Multiple Variables from multiple file as input

This blog post will help you to use the WHILE loop with multiple variables fetched out from multiple files.
If you have two files and some content within it which you want in parallel to work together.

Lets assume , i have a two file named as  hostname.txt and serial_no.txt and here are the contents for it.

cybeerkeeda@Linux-Maniac:~ cat hostname.txt 

Myhost01

Myhost02

Myhost03

cybeerkeeda@Linux-Maniac:~ cat serial_no.txt 

SGH120X

SGH345U

SGH6YUI

Now what I want my output should look like 

Myhost01    SGH120X

Myhost02    SGH345U

Myhost03    SHH6YUI

We can do these in numbers of way but for now we will simply demonstarate, how we can use WHILE loop to achieve it.

while read -r x && read -r y <&3; do echo " $x  $y " ; done<hostname.txt 3<serial_no.txt

We can even write it to a file too

while read -r x && read -r y <&3; do echo " $x  $y " ; done<hostname.txt 3<serial_no.txt  >> /tmp/my_inventory.txt

Depending upon your need you can modify the commands , just one more example , i have used the same loop to modify some data with SED.

while read -r x && read -r y <&3; do   echo "sed -n '/6\/$x\/2016/,/6\/$y\/2016/p'"; done <old_date.txt 3<new_date.txt > sed_date.txt

Read more ...

OpenStack Installation on Ubuntu 16.04 with DevStack

There are many ways you can create or manage Virtual Machines for your numerous lab environments.
I can go for traditional approach ether VMware Workstation or Virtual Box but hold on, i thought why don't i go for openstack images.

This guide will help you to install Openstack Standalone installation on a Ubuntu 16.04 Box.

Hope you have a good internet speed too, take my words it will work like a charm.

So first of all you must have a Linux Box with Ubuntu 16.04 OS within it and predefined scripts within DevStack will do the hard stuffs for you.

Create a user " stack " and give it sudo privileges .

useradd -s /bin/bash -d /opt/stack -m stack

echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

So once you are done with the above steps, you are ready for the DevStack installation scripts.

Switch to user stack from terminal.

su - stack

Now Download Devstack.

Since we are using internet directly, we gonna download the latest version on the go from git at all.

sudo apt-get install git -y || sudo yum install -y git
git clone https://git.openstack.org/openstack-dev/devstack
cd devstack

Once downloaded, switch to devstack directory and make some required configuration changes.

Copy local.conf file to devstack root directory

stack@Linux-Maniac:~/devstack$ cp /opt/stack/devstack/samples/local.conf /opt/stack/devstack

 Change multiple passwords to one or if you can remember, keep multiple passwords for various utilities too.

stack@Linux-Maniac:~/devstack$ vim local.conf

So i had the below mentioned changes, you can make it on the same fashion too.

[[local|localrc]]



# Minimal Contents



ADMIN_PASSWORD=redhat

DATABASE_PASSWORD=$ADMIN_PASSWORD

RABBIT_PASSWORD=$ADMIN_PASSWORD

SERVICE_PASSWORD=$ADMIN_PASSWORD

Once done, save the file and toggle back to the same devstack root directory and run the final script.

stack@Linux-Maniac:~/devstack$ ./stack.sh 

The entire process can take a time from 30 Min - 1 Hour or more depending upon you network internet speed.

at the end you can see  something like that.

Your IP will vary offcourse, you can now login to your default dashboard login page.

http://your.ip.here/dashboard

Refrnc : Openstack Officials 

Read more ...