Jekyll2018-04-01T21:06:55+00:00http://log.48k.io/48k, Dtrace, Hadoop, Mesos, Spark, Erlang, JVM, node.js, PHP, Python, porting software, Ansible, Puppet, Capistrano, Habitat, Poudriere, Packer, terraform, FreeBSD, illumos, OmniOS, Unix, scaling databases, AWS, Google Cloud, OpenStack, Rackspace, ZFS, bhyve KVM, Xen 2018-03-31T10:05:00+00:002018-03-31T10:05:00+00:00http://log.48k.io/2018/03/31/freebsd-debug-rc-script<p>Debugging rc.d scripts can be… always remember to set</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell">sysrc <span class="nv">rc_debug</span><span class="o">=</span><span class="s2">"YES"</span> sysrc <span class="nv">rc_info</span><span class="o">=</span><span class="s2">"YES"</span></code></pre></figure> <p>or set <strong>-x</strong> flag in rc script</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span><span class="nb">printf</span> <span class="s1">'%s\n'</span> 1a <span class="s1">'set -x'</span> <span class="nb">.</span> w | ed <span class="nt">-s</span> /etc/rc.d/serviceScriptName</code></pre></figure>2018-03-25T13:15:00+00:002018-03-25T13:15:00+00:00http://log.48k.io/2018/03/25/fedora-kernel-lock<figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>sed <span class="nt">-i</span> <span class="nt">-e</span> <span class="s2">"s/UPDATEDEFAULT=yes/UPDATEDEFAULT=no/"</span> /etc/sysconfig/kernel</code></pre></figure>2018-03-25T13:00:00+00:002018-03-25T13:00:00+00:00http://log.48k.io/2018/03/25/fedora-get-space-back<figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># let's check for journal disk space</span> <span class="nv">$ </span>journalctl <span class="nt">--disk-usage</span> Archived and active journals take up 11.0G <span class="k">in </span>the file system. <span class="c"># time to clean up</span> <span class="nv">$ </span>journalctl <span class="nt">--vacuum-time</span><span class="o">=</span>1d Deleted archived journal ... Deleted archived journal ... Deleted archived journal ... Vacuuming <span class="k">done</span>, freed 10.4G of archived journals from ... .</code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>du <span class="nt">-csh</span> /var/cache/PackageKit/<span class="k">*</span> | sort <span class="nt">-h</span> 5G /var/cache/PackageKit/25 3.1G /var/cache/PackageKit/26 1.2G /var/cache/PackageKit/27 9.3G total <span class="nv">$ </span>pkcon refresh force <span class="nt">-c</span> <span class="nt">-1</span> Refreshing cache <span class="o">[=========================]</span> Loading cache <span class="o">[=========================]</span> Downloading repository information <span class="o">[=========================]</span> ... ... ... Finished <span class="o">[=========================]</span> <span class="c"># I don't need cache from older releases...</span> <span class="nv">$ </span>rm <span class="nt">-rf</span> /var/cache/PackageKit/25 /var/cache/PackageKit/26 <span class="nv">$ </span>du <span class="nt">-csh</span> /var/cache/PackageKit/<span class="k">*</span> | sort <span class="nt">-h</span> 192M /var/cache/PackageKit/27 192M total</code></pre></figure>2017-11-01T18:00:00+00:002017-11-01T18:00:00+00:00http://log.48k.io/2017/11/01/cleaning-after<figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># kill all running docker containers</span> <span class="nv">$ </span>docker <span class="nb">kill</span> <span class="k">$(</span>docker ps <span class="nt">-q</span><span class="k">)</span></code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># remove all containers</span> <span class="nv">$ </span>docker rm <span class="k">$(</span>docker ps <span class="nt">-aq</span><span class="k">)</span></code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># remove all images</span> <span class="nv">$ </span>docker rmi <span class="k">$(</span>docker images <span class="nt">-q</span><span class="k">)</span></code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># remove unused volumes</span> <span class="nv">$ </span>docker volume rm <span class="k">$(</span>docker volume <span class="nb">ls</span> <span class="nt">-qf</span> <span class="nv">dangling</span><span class="o">=</span><span class="nb">true</span><span class="k">)</span></code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="c"># clean network interfaces</span> <span class="nv">$ </span>docker network rm <span class="k">$(</span>docker network <span class="nb">ls</span> | awk <span class="s1">'$3 == "bridge" &amp;&amp; $2 != "bridge" { print $1 }'</span><span class="k">)</span></code></pre></figure>2017-02-24T10:00:00+00:002017-02-24T10:00:00+00:00http://log.48k.io/2017/02/24/esxi-5-and-nested-virtualization<p>Trying to use <a href="https://en.wikipedia.org/wiki/Virtualization">virtualization</a> inside a guest OS but error pops up?</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell">KVM: no hardware support</code></pre></figure> <p>on a ESXi host one can easy turn on the <a href="https://en.wikipedia.org/wiki/Virtualization#NESTED">nested virtualization</a> by editing the .vmx file</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>vim-cmd vmsvc/getallvms</code></pre></figure> <p>make a note of vmID, file name and data store</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span><span class="nb">cat</span> <span class="o">&lt;&lt;</span> <span class="no">EOF</span><span class="sh"> &gt;&gt; /vmfs/volumes/</span><span class="nv">$DATA_STORE</span><span class="sh">/</span><span class="nv">$FILE_NAME</span><span class="sh">.vmx vhv.enable = "TRUE" </span><span class="no">EOF </span><span class="nv">$ </span>vim-cmd vmsvc/reload <span class="nv">$vmID</span></code></pre></figure>2017-02-01T19:00:00+00:002017-02-01T19:00:00+00:00http://log.48k.io/2017/02/01/mysql-reset-password<p>Sometimes passwords are lost …, however in most cases we can find a workaround and reset the missing password.</p> <p>First stop MySQL service, then we can start it in background without loading <a href="https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_skip-grant-tables">grant table</a>.</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>mysqld_safe <span class="nt">--skip-grant-tables</span> <span class="nt">--skip-networking</span> &amp;</code></pre></figure> <p>Now we can connect to MySQL without password … Update root password:</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>mysql <span class="nt">-e</span> <span class="s2">" </span><span class="se">\</span><span class="s2"> UPDATE mysql.user </span><span class="se">\</span><span class="s2"> SET </span><span class="se">\</span><span class="s2"> authentication_string = PASSWORD('new_password') </span><span class="se">\</span><span class="s2"> WHERE </span><span class="se">\</span><span class="s2"> User = 'root' </span><span class="se">\</span><span class="s2"> AND </span><span class="se">\</span><span class="s2"> Host = 'localhost' </span><span class="se">\</span><span class="s2"> ;"</span></code></pre></figure> <p>All done, time to stop current running instance and start MySQL service as normal.</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>pkill mysql</code></pre></figure>2017-01-30T13:00:00+00:002017-01-30T13:00:00+00:00http://log.48k.io/2017/01/30/freebsd-ttyv0-auto-login<p>Sometimes there’s a need for auto login user over <strong>serial</strong> or <strong>ttyv</strong></p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span><span class="nb">cat</span> <span class="o">&lt;&lt;</span> <span class="no">EOF</span><span class="sh"> &gt;&gt; /etc/gettytab autoLogin.Pc:\ :ht:np:sp#9600:al=USER_NAME EOF</span></code></pre></figure> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span><span class="nb">grep</span> ^ttyv0 /etc/ttys ttyv0 <span class="s2">"/usr/libexec/getty autoLogin.Pc"</span> xterm on secure</code></pre></figure> <p><a href="https://man.freebsd.org/gettytab(5)">/etc/gettytab(5)</a>, <a href="https://man.freebsd.org/ttys(5)">/etc/ttys(5)</a></p>2016-12-09T10:16:00+00:002016-12-09T10:16:00+00:00http://log.48k.io/2016/12/09/ansible_custom_python_interpreter<p><strong><a href="http://docs.ansible.com/ansible/intro_inventory.html#list-of-behavioral-inventory-parameters">ansible_python_interpreter</a></strong> - target host python path, useful for systems with multiple Python interpreters or not located at <em>/usr/bin/python</em>.</p> <p>You can change interpreter location using <a href="http://docs.ansible.com/ansible/intro_inventory.html#host-variables">host variables</a>.</p> <figure class="highlight"><pre><code class="language-yml" data-lang="yml"><span class="s">freebsd_host ansible_python_interpreter=/usr/local/bin/python</span></code></pre></figure> <p>Or by <a href="http://docs.ansible.com/ansible/playbooks_variables.html#hey-wait-a-yaml-gotcha">playbook variables</a>.</p> <figure class="highlight"><pre><code class="language-yml" data-lang="yml"><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">main build</span> <span class="na">hosts</span><span class="pi">:</span> <span class="s">freebsd_host</span> <span class="na">vars</span><span class="pi">:</span> <span class="na">ansible_python_interpreter</span><span class="pi">:</span> <span class="s2">"</span><span class="s">/usr/local/bin/python2"</span> <span class="na">roles</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">common</span></code></pre></figure>2016-12-08T12:00:00+00:002016-12-08T12:00:00+00:00http://log.48k.io/2016/12/08/freebsd-dhcp-preferred-dns<p>When you system is configured to use DHCP.</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>sysrc <span class="nt">-n</span> ifconfig_re0 DHCP</code></pre></figure> <p><em>/etc/resolv.conf</em> file will be regenerated on each system boot via <a href="https://github.com/freebsd/freebsd/blob/release/11.0.0/sbin/dhclient/dhclient-script#L194">/sbin/dhclient-script</a>.</p> <p>However one would prefer to use <a href="https://duckduckgo.com/?q=Public+DNS+Servers&amp;t=ffab&amp;ia=answer&amp;iax=1">Public DNS Servers</a> instead the ones provided by the DHCP server.</p> <p>According to <a href="https://man.freebsd.org/dhclient-script(8)#OPERATION">dhclient-script</a> man page, we can change the behavior by overeating the <strong>add_new_resolv_conf</strong> function in <em>/etc/dhclient-enter-hooks</em> file.</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span><span class="nb">cat</span> <span class="o">&lt;&lt;</span> <span class="no">EOF</span><span class="sh"> &gt; /etc/dhclient-enter-hooks add_new_resolv_conf() { return 0 } EOF</span></code></pre></figure> <p>Now we can safely edit <em>/etc/resolv.conf</em> file - all changes will be persistent across system reboots.</p>2016-11-25T19:00:00+00:002016-11-25T19:00:00+00:00http://log.48k.io/2016/11/25/freebsd-securelevel<p><a href="https://www.freebsd.org/doc/faq/security.html#idp60097128">Securelevel</a> is a security mechanism implemented in the kernel.</p> <p>To check current ‘secure level’:</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>sysctl kern.securelevel kern.securelevel: 2</code></pre></figure> <p>To change / raise ‘secure level’:</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>sysctl kern.securelevel<span class="o">=</span>2</code></pre></figure> <p>To enable ‘secure level’ on boot:</p> <figure class="highlight"><pre><code class="language-shell" data-lang="shell"><span class="nv">$ </span>sysrc <span class="nv">kern_securelevel_enable</span><span class="o">=</span><span class="s2">"YES"</span> kern_securelevel_enable: -&gt; YES <span class="nv">$ </span>sysrc <span class="nv">kern_securelevel</span><span class="o">=</span><span class="s2">"2"</span> kern_securelevel: -&gt; 2</code></pre></figure> <p><a href="https://man.freebsd.org/security(7)#SECURING_THE_KERNEL_CORE,_RAW_DEVICES,_AND_FILE_SYSTEMS">FreeBSD security levels</a></p>