September 2019
M T W T F S S
« Aug    
 1
2345678
9101112131415
16171819202122
23242526272829
30  

Categories

WordPress Quotes

Nothing can stop the man with the right mental attitude from achieving his goal; nothing on earth can help the man with the wrong mental attitude.
Thomas Jefferson
September 2019
M T W T F S S
« Aug    
 1
2345678
9101112131415
16171819202122
23242526272829
30  

Short Cuts

2012 SERVER (64)
2016 windows (9)
AIX (13)
Amazon (40)
Ansibile (19)
Apache (135)
Asterisk (2)
cassandra (2)
Centos (211)
Centos RHEL 7 (268)
chef (3)
cloud (2)
cluster (3)
Coherence (1)
DB2 (5)
DISK (25)
DNS (9)
Docker (30)
Eassy (11)
ELKS (1)
EXCHANGE (3)
Fedora (6)
ftp (5)
GIT (3)
GOD (2)
Grub (1)
Hacking (10)
Hadoop (6)
health (1)
horoscope (23)
Hyper-V (10)
IIS (15)
IPTABLES (15)
JAVA (7)
JBOSS (32)
jenkins (1)
Kubernetes (7)
Ldap (5)
Linux (188)
Linux Commands (166)
Load balancer (5)
mariadb (14)
Mongodb (4)
MQ Server (24)
MYSQL (84)
Nagios (5)
NaturalOil (13)
Nginx (35)
Ngix (1)
openldap (1)
Openstack (6)
Oracle (35)
Perl (3)
Postfix (19)
Postgresql (1)
PowerShell (2)
Python (3)
qmail (36)
Redis (12)
RHCE (28)
SCALEIO (1)
Security on Centos (29)
SFTP (1)
Shell (64)
Solaris (58)
Sql Server 2012 (4)
squid (3)
SSH (10)
SSL (14)
Storage (1)
swap (3)
TIPS on Linux (28)
tomcat (62)
Uncategorized (30)
Veritas (2)
vfabric (1)
VMware (28)
Weblogic (38)
Websphere (71)
Windows (19)
Windows Software (2)
wordpress (1)
ZIMBRA (17)

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.

Who's Online

37 visitors online now
4 guests, 33 bots, 0 members

Hit Counter provided by dental implants orange county

How to create a TCP listener or open ports in unix os

You can create a port listener using Netcat .

yum install nc -y

root@rmohan:~# nc -l 5000
you can also check if port is open or not using netstat command .

root@vm-rmohan:~# netstat -tulpen | grep nc
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 0 710327 17533/nc
you can also check with nc :

Netcat Server listener :

nc -l localhost 5000
Netcat Client :

root@vm-rmohan:~# nc -v localhost 5000
Connection to localhost 5000 port [tcp/*] succeeded!

INSTALLING KUBERNETES ON CENTOS7

[RUN ALL BELOW COMMADS on ALL NODES]

yum update
yum install -y epel-release

yum install docker [v1.11 or 1.12 or 1.13]

setup kubernates respos

kubeadm kubectl kubelet

[root@kubmaster yum.repos.d]

# cat kubernetes.repo

[kubernetes]

name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

setenforce 0

yum install -y kubelet kubeadm kubectl

  • Add host entry in /etc/hosts

systemctl start Docker
swapoff /dev/centos/swap
systemctl enable kubelet.service
systemctl enable docker

echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

useradd kubeadmin
ifdown enp0s3

NOTE: On Virtual BOX disable NAT network interface before hitting init
or else port 6443 will get bound to NAT IP
disconnect N/A from console and reboot

kubeadm init –pod-network-cidr=10.244.0.0/16

Note: If you have multiple IPs / Hostname to bind ; run following to add name/ip in certificate

kubeadm init –pod-network-cidr=10.244.0.0/16 –apiserver-advertise-address 192.168.56.240 –apiserver-cert-extra-sans kubemaster.mhn.com

Create User

su – kubeadmin

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config


Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:

kubeadm join 192.168.56.240:6443 –token wxf3y9.ci2txlf7ja04svyg –discovery-token-ca-cert-hash sha256:ea3eeb5de0ffd9efe6d0f304f4fd9853c005ee98902ad7a7c110425c23eeab04


In order for your pods to communicate with one another, you’ll need to install pod networking. We are going to use Flannel for our Container Network Interface (CNI) because it’s easy to install and reliable. Enter this command:

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

If you see error like beow

The connection to the server localhost:8080 was refused – did you specify the right host or port?

Do the following as normal user

su – kubeadmin

sudo cp /etc/kubernetes/admin.conf $HOME/

sudo chown $(id -u):$(id -g) $HOME/admin.conf

export KUBECONFIG=$HOME/admin.conf

[root@kubmaster ~]

# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
clusterrole.rbac.authorization.k8s.io “flannel” created
clusterrolebinding.rbac.authorization.k8s.io “flannel” created
serviceaccount “flannel” created
configmap “kube-flannel-cfg” created
daemonset.extensions “kube-flannel-ds” created


[kubeadmin@kubmaster ~]

$ kubectl get pods
No resources found.

[kubeadmin@kubmaster ~]

$ kubectl get pods –all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system etcd-kubmaster 1/1 Running 0 47m
kube-system kube-apiserver-kubmaster 1/1 Running 0 47m
kube-system kube-controller-manager-kubmaster 1/1 Running 0 47m
kube-system kube-dns-86f4d74b45-mrq4d 3/3 Running 0 1h
kube-system kube-flannel-ds-854ns 1/1 Running 0 47m
kube-system kube-proxy-rlpbc 1/1 Running 0 1h
kube-system kube-scheduler-kubmaster 1/1 Running 0 47m

[kubeadmin@kubmaster ~]

$

k8s ansible install

Ansible role to setup 1 master +2 node kubernetes cluster (more nodes can be added)

setup centos VMs
configure hostnames
Update hosts file template in ../roles/kubernetes-deploy/files/hosts.template with host names and ipaddress
setup password less auth between your Ansible host and Kubernetes nodes

$ ssh-copyid root@kube-nodes?

setup Ansible inventory

kube-master.rmohan.com hostrole=master
kube-node1.rmohan.com hostrole=node
kube-node2.rmohan.com hostrole=node

Run Ansible Role

$ ansible-playbook install-kubernetes-centos7.yml

Role does follwoing

  • updated os
  • reboot
  • setup kubernetes environment

upon completion of ansible play, copy following command from stdout of play and run on all node as root

kubeadm join 192.168.1.240:6443 –token ce2b82.hbu4u9x12luwbhyr –discovery-token-ca-cert-hash sha256:510573c7ec722ac20674e96403517e97696e2110635d57455d869bae06ffefaa

  • Validation on Master

kubectl get nodes (check node status)

kubectl get pods –all-namespaces (you may need to wait for sometime to get the containers up)

[RUN ALL BELOW COMMADS on ALL NODES]

yum update
yum install -y epel-release

yum install docker [v1.11 or 1.12 or 1.13]

setup kubernates respos

kubeadm kubectl kubelet

[root@kubmaster yum.repos.d]

# cat kubernetes.repo

[kubernetes]

name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

setenforce 0

yum install -y kubelet kubeadm kubectl

  • Add host entry in /etc/hosts

systemctl start Docker
swapoff /dev/centos/swap
systemctl enable kubelet.service
systemctl enable docker

echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

useradd kubeadmin
ifdown enp0s3

NOTE: On Virtual BOX disable NAT network interface before hitting init
or else port 6443 will get bound to NAT IP
disconnect N/A from console and reboot

kubeadm init –pod-network-cidr=10.244.0.0/16

Note: If you have multiple IPs / Hostname to bind ; run following to add name/ip in certificate

kubeadm init –pod-network-cidr=10.244.0.0/16 –apiserver-advertise-address 192.168.56.240 –apiserver-cert-extra-sans kubemaster.mhn.com

Create User

su – kubeadmin

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config


Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:

kubeadm join 192.168.56.240:6443 –token wxf3y9.ci2txlf7ja04svyg –discovery-token-ca-cert-hash sha256:ea3eeb5de0ffd9efe6d0f304f4fd9853c005ee98902ad7a7c110425c23eeab04


In order for your pods to communicate with one another, you’ll need to install pod networking. We are going to use Flannel for our Container Network Interface (CNI) because it’s easy to install and reliable. Enter this command:

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

If you see error like beow

The connection to the server localhost:8080 was refused – did you specify the right host or port?

Do the following as normal user

su – kubeadmin

sudo cp /etc/kubernetes/admin.conf $HOME/

sudo chown $(id -u):$(id -g) $HOME/admin.conf

export KUBECONFIG=$HOME/admin.conf

[root@kubmaster ~]

# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
clusterrole.rbac.authorization.k8s.io “flannel” created
clusterrolebinding.rbac.authorization.k8s.io “flannel” created
serviceaccount “flannel” created
configmap “kube-flannel-cfg” created
daemonset.extensions “kube-flannel-ds” created


[kubeadmin@kubmaster ~]

$ kubectl get pods
No resources found.

[kubeadmin@kubmaster ~]

$ kubectl get pods –all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system etcd-kubmaster 1/1 Running 0 47m
kube-system kube-apiserver-kubmaster 1/1 Running 0 47m
kube-system kube-controller-manager-kubmaster 1/1 Running 0 47m
kube-system kube-dns-86f4d74b45-mrq4d 3/3 Running 0 1h
kube-system kube-flannel-ds-854ns 1/1 Running 0 47m
kube-system kube-proxy-rlpbc 1/1 Running 0 1h
kube-system kube-scheduler-kubmaster 1/1 Running 0 47m

[kubeadmin@kubmaster ~]

$

Get YAML for deployed Kubernetes

ombining other answers, this is what I came up with for bash:

for n in $(kubectl get -o=name pvc,configmap,serviceaccount,secret,ingress,service,deployment,statefulset,hpa,job,cronjob) do     
mkdir -p $(dirname $n)
kubectl get -o=yaml --export $n > $n.yaml
done





kubectl get all --export=true -o yaml


!/bin/env bash
i=$((0))
for n in $(kubectl get -o=custom-columns=NAMESPACE:.metadata.namespace,KIND:.kind,NAME:.metadata.name pv,pvc,configmap,ingress,service,secret,deployment,statefulset,hpa,job,cronjob --all-namespaces | grep -v 'secrets/default-token')
do
if (( $i < 1 )); then
namespace=$n
i=$(($i+1))
if [[ "$namespace" == "PersistentVolume" ]]; then
kind=$n
i=$(($i+1))
fi
elif (( $i < 2 )); then
kind=$n
i=$(($i+1))
elif (( $i < 3 )); then
name=$n
i=$((0))
if [[ "$namespace" != "NAMESPACE" ]]; then
mkdir -p $namespace
yaml=$((kubectl get $kind -o=yaml $name -n $namespace ) 2>/dev/null) if [[ $kind != 'Secret' || $yaml != *"type: kubernetes.io/service-account-token"* ]]; then echo "Saving ${namespace}/${kind}.${name}.yaml" kubectl get $kind -o=yaml --export $name -n $namespace > $namespace/$kind.$name.yaml fi fi fi
done





To get the yaml for a deployment (service, pod, secret, etc):
kubectl get deploy deploymentname -o yaml --export




kubectl get deployment,service,pod yourapp -o yaml --export
Answering @Sinaesthetic question:
any idea how to do it for the full cluster (all deployments)?
kubectl get deploy --all-namespaces -o yaml --export
The problem with this method is that export doesn't include the namespace. So if you want to export many resources at the same time, I recommend doing it per namespace:
kubectl get deploy,sts,svc,configmap,secret -n default -o yaml --export > default.yaml
Unfortunately kubernetes still doesn't support a true get all command, so you need to list manually the type of resources you want to export. You can get a list of resource types with
kubectl api-resources

AWS : SIMPLE SYSTEMS MANAGER (SSM)

What is Simple Systems Manager

Amazon EC2 Simple Systems Manager (SSM) is an Amazon Web Services tool that allows us to automatically configure virtual servers in a cloud or in on-premises data center.

We can use scripts, commands or the Elastic Compute Cloud (EC2) console to manage EC2 instances, virtual machines (VMs) or servers hosted on other clouds, or within local environments such as Windows.

Granting user account access to Systems Manager

Our user account must be configured to communicate with the SSM API.

We need to use the following the procedure to attach a managed AWS Identity and Access Management (IAM) policy to our user account that grants us full access to SSM API actions.

To create the IAM policy for our user account:

  1. Open the IAM console at https://console.aws.amazon.com/iam/.
  2. In the navigation pane, choose Policies.
  3. In the Filter field, type AmazonSSMFullAccess and press Enter.
  4. Select the check box next to AmazonSSMFullAccess and then choose Policy ActionsAttach.
  5. On the Attach Policy page, choose the user account and then choose Attach Policy.

AWS Identity and Access Management (IAM)

We must configure an AWS Identity and Access Management (IAM) instance profile role for Systems Manager.

The AmazonEC2RoleforSSM role should be attached to an Amazon EC2 instance. Let’s create it first:

Attach the role while the instance is being created:

This role enables the instance to communicate with the Systems Manager API.

Install the SSM Agent (Linux)

The SSM agent processes Run Command requests and configures the instances that are specified in the request. The agent is installed, by default, on Windows instance. However, we must manually install the agent on Linux. The following procedure describes how to install the agent on Ubuntu:

$ cd /tmp			
$ wget https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/debian_amd64/amazon-ssm-agent.deb
$ sudo dpkg -i amazon-ssm-agent.deb
$ sudo systemctl enable amazon-ssm-agent

We can use User data instead:

#!/bin/bash
cd /tmp			
wget https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/debian_amd64/amazon-ssm-agent.deb
sudo dpkg -i amazon-ssm-agent.deb
sudo start amazon-ssm-agent

We can check if the agent is running on the instance:

$ ps -ef|grep agent | grep -v grep
root      1723     1  0 01:13 ?        00:00:00 /usr/bin/amazon-ssm-agent

SSM Agent Installation

  1. Access the EC2 instance you have created with the SSH key for the one time SSM agent configuration.
  2. Execute the commands below after you login(sudo) as root.
# mkdir /tmp/ssm
# cd /tmp/ssm
# yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
# systemctl enable amazon-ssm-agent
# systemctl start amazon-ssm-agent



Make sure that SSM agent version is 2.3.630 or above.

[root@ip-172-31-28-88 tmp]# rpm -qa | grep ssm
amazon-ssm-agent-2.3.634.0-1.x86_64
[root@ip-172-31-28-88 tmp]#

Sending a Command Using the EC2 Console

We can use the following steps to list all services running on the instance by using Run Command from the Amazon EC2 console.

To execute a command using Run Command from the EC2 console:

  1. In the navigation pane, choose Run Command:
  1. Choose Run a command:
  1. For Command document, choose AWS-RunPowerShellScript for Windows instances, and AWS-RunShellScript for Linux instances.
  2. For Target instances, choose the instance we created. If we don’t see the instance, verify that we are currently in the same region as the instance we created. Also verify that we configured the IAM role and trust policies as described earlier.
  3. For Commands, type Get-Service for Windows, or ps -aux | less for Linux.
  4. (Optional) For Working Directory, specify a path to the folder on our EC2 instances where we want to run the command.
  5. (Optional) For Execution Timeout, specify the number of seconds the EC2Config service or SSM agent will attempt to run the command before it times out and fails.
  6. For Comment, providing information is recommended so that it will help us identify this command in our list of commands.
  7. For Timeout (seconds), type the number of seconds that Run Command should attempt to reach an instance before it is considered unreachable and the command execution fails.
  8. Choose Run to execute the command. Run Command displays a status screen. Choose View result.
  9. To view the output, choose the command invocation for the command, choose the Output tab.
  1. Then choose View Output.

Sending a Command via AWS CLI

We must either have administrator privileges on the instances we want to configure or we must have been granted the appropriate permission in IAM.

The following command returns a list of Linux and Windows documents:

$ aws ssm list-documents
DOCUMENTIDENTIFIERS	Command	1	AWS-ApplyPatchBaseline	Amazon	1.2
PLATFORMTYPES	Windows
PLATFORMTYPES	Linux
DOCUMENTIDENTIFIERS	Command	1	AWS-ConfigureAWSPackage	Amazon	2.0
PLATFORMTYPES	Windows
PLATFORMTYPES	Linux
...

To check if an instance is ready to receive commands:

$ aws ssm describe-instance-information --output text --query "InstanceInformationList[*]"
2.0.796.0	ip-172-31-38-206	172.31.38.206	i-0698042a954420857	True	1496457091.34	Online	Ubuntu	Linux	16.04	EC2Instance

Using Run Command and the AWS-RunShellScript document, we can execute any command or script on an EC2 instance as if we were logged on locally.

To view the description and available parameters, we can use the following command to view a description of the Systems Manager JSON document:

$ aws ssm describe-document --name "AWS-RunShellScript" --query "[Document.Name,Document.Description]"
AWS-RunShellScript	Run a shell script or specify the commands to run.

We can use the following command to view the available parameters and details about those parameters:

$ aws ssm describe-document --name "AWS-RunShellScript" --query "Document.Parameters[*]"
	(Required) Specify a shell script or a command to run.	commands	StringList
	(Optional) The path to the working directory on your instance.	workingDirectory	String
3600	(Optional) The time in seconds for a command to complete before it is considered to have failed. Default is 3600 (1 hour). Maximum is 28800 (8 hours).	executionTimeout	String

We may want to use the following command to get IP information for an instance:

$ aws ssm send-command --instance-ids "i-0698042a954420857" --document-name "AWS-RunShellScript" --comment "IP config" --parameters commands=ifconfig --output text
COMMAND	e4d8a901-34b7-480d-9e47-f0a71179be64	IP config	0	AWS-RunShellScript	0	1496465253.78	50	0		1496458053.78		Pending	Pending	1
INSTANCEIDS	i-0698042a954420857
NOTIFICATIONCONFIG		
COMMANDS	ifconfig

The following command uses the Command ID that was returned from the previous command to get the details and response data of the command execution. The system returns the response data if the command completed. If the command execution shows “Pending” we will need to execute this command again to see the response data:

$ aws ssm list-command-invocations --command-id "e4d8a901-34b7-480d-9e47-f0a71179be64" --details

The following command displays the default user account running the commands:

$ sh_command_id=$(aws ssm send-command --instance-ids "i-0698042a954420857" --document-name "AWS-RunShellScript" --comment "Demo run shell script on Linux Instance" --parameters commands=whoami --output text --query "Command.CommandId")

The following command uses the Command ID to get the status of the command execution on the instance. This example uses the Command ID that was returned in the previous command:

$ aws ssm list-commands  --command-id $sh_command_id
COMMANDS	136b1a05-6724-45f1-a23b-f98062fca64d	Demo run shell script on Linux Instance	1	AWS-RunShellScript	0	1496465641.83	50	0			1496458441.83		Success	Success	1
INSTANCEIDS	i-0698042a954420857
NOTIFICATIONCONFIG		
COMMANDS	whoami

The following command uses the Command ID from the previous command to get the status of the command execution on a per instance basis:

$ aws ssm list-command-invocations --command-id $sh_command_id --details

mysqldump + gzip + aws

A shell script to backup MYSQL database and upload it to Amazon S3.

Note
Make sure the AWS CLI is installed properly

  1. mysqldump + gzip + aws
    Dump the database with mysqldump and gzip it into a folder, later uses the aws command to upload the file to Amazon S3

backup-script.sh

!/bin/bash

#

#

MySQL Database To Amazon S3

#

NOW=$(date +”%Y-%m-%d”)

BACKUP_DIR=”/home/mohan/backup”
MYSQL_HOST=”localhost”
MYSQL_PORT=”3306″
MYSQL_USER=”YOUR_DB_USER”
MYSQL_PASSWORD=”YOUR_DB_PASSWORD”
DATABASE_NAME=”YOUR_DB_NAME”

AMAZON_S3_BUCKET=”s3://mohan/backup/mysql/”
AMAZON_S3_BIN=”/home/mohan/.local/bin/aws”

FOLDERS_TO_BACKUP=(“/home/mohan/bk1” “/home/mohan/bk2”)

#

mkdir -p ${BACKUP_DIR}

backup_mysql(){
mysqldump -h ${MYSQL_HOST} \
-P ${MYSQL_PORT} \
-u ${MYSQL_USER} \
-p${MYSQL_PASSWORD} ${DATABASE_NAME} | gzip > ${BACKUP_DIR}/${DATABASE_NAME}-${NOW}.sql.gz
}

backup any folders?

backup_files(){

    tar -cvzf ${BACKUP_DIR}/backup-files-${NOW}.tar.gz ${FOLDERS_TO_BACKUP[@]}

}

upload_s3(){
${AMAZON_S3_BIN} s3 cp ${BACKUP_DIR}/${DATABASE_NAME}-${NOW}.sql.gz ${AMAZON_S3_BUCKET}
}

backup_mysql
upload_s3
Copy

  1. How to run?
    Assign execute permission to the shell script, and run it directly.

Terminal
$ chmod +x backup-script.sh

run it

$ ./backup-script.sh
Copy

  1. Run it daily
    3.1 cron schedule to run the script daily.

Terminal
$ crontab -e

Daily, 7pm

0 19 * * * /path.to/backup-script.sh > /dev/null 2>&1

International Men’s Health Week: Here are 7 tests Every Man Above 40 Should Consider

International Men’s Health Week, which is celebrated annually during the week ending on Father’s Day, honours the importance of the health and wellness of boys and men. International Men’s Health Week provides an opportunity to educate the public about what can be done to improve the state of men’s health.

With today’s world becoming full of stress, pressures and health crises, the body faces early depreciation than before. On the occasion of International Men’s Health Week, we take a look at some important health tests men should take to indicate how fit they are and what changes they need to bring about for a healthier life.

Blood Sugar Test: It measures the amount of glucose in the blood and is an important screening for diabetes or pre-diabetes and insulin resistance. Untreated diabetes can cause problems with eyes, feet, heart, skin, nerves, kidneys and more. It can also affect mental health. The risk of prostate and other cancers also increases with high blood sugar.

Colorectal Cancer Screening: Men above 40 should get screened for colon cancer. Any of the three following tests: the sigmoidoscopy, colonoscopy, and the faecal occult blood test can help in detection. A colonoscopy is painless and takes only 15 to 20 minutes. Even better, this test can detect colon cancer early, when it’s most treatable.

Cholesterol test: There are three kinds of cholesterol circulating in the blood. Men above forty should get themselves checked for total cholesterol, low-density lipoprotein (LDL) or bad cholesterol and high-density lipoprotein (HDL) or good cholesterol. High cholesterol is the cause of heart disease.

Bone Density: While osteoporosis may be more common in women, men get it too. According to experts, men over 50 who are in a high-risk group (family history, sedentary lifestyle etc) should get themselves tested. A bone density can determine the strength of a person’s bone and the risk of a fracture.

Testosterone test: With age, there is a risk in a dip in libido as well. Low testosterone can cause erectile dysfunction, fatigue, weight gain, loss of muscle, loss of body hair, sleep problems, trouble concentrating, bone loss, and personality changes.

Stool sample Test: This test helps determine if there are any impurities in the blood and must be done once in every 2 years once you cross 40.

PSA test: The PSA test is a blood test used primarily to screen for prostate cancer. The test measures the amount of prostate-specific antigen (PSA) in your blood.

Eye test: Getting eye tests done post 40 is pertinent as the risk of Hypermetropia or long-sightedness as well as myopia increases with age. Diabetes could also increase the risk of both eye ailments.

Tomcat log automatic deletion implementation

Tomcat log automatic deletion implementation

ackground

In the production environment, Tomcat generates a lot of logs every day. If you don’t clean up the disk capacity, it will be enough. Manual cleaning is too much trouble. Therefore, write a script to delete the log files 5 days ago (depending on the actual situation).

Writing a script

  1. Write a /usr/local/script/cleanTomcatlog.sh script

!/bin/bash

export WEB_TOMCAT1=/usr/local/tomcat1/logs
export WEB_TOMCAT2=/usr/local/tomcat2/logs
export WEB_TOMCAT3=/usr/local/tomcat3/logs
echo > ${WEB_TOMCAT1}/catalina.out
echo > ${WEB_TOMCAT2}/catalina.out
echo > ${WEB_TOMCAT3}/catalina.out
find ${WEB_TOMCAT1}/* -mtime +5 -type f -exec rm -f {} \;
find ${WEB_TOMCAT2}/* -mtime +5 -type f -exec rm -f {} \;
find ${WEB_TOMCAT3}/* -mtime +5 -type f -exec rm -f {} \;

  1. Set the cleanTomcatlog.sh script to execute
    chmod a+x cleanTomcatlog.sh
  2. Enter the following command
    crontab -e on the console
  3. Press i to edit this text file, enter the following, restart tomcat every day at 4:30 am

Press esc to exit editing, enter wq and enter to save
30 04 * * * /usr/local/script/cleanTomcatlog.sh

Press esc to exit editing, enter wq and enter to save.

The restart timer task

[the root @]

# the crond STOP-Service [the root @] # the crond Start-Service

Name explanation

Explain the crontab and find commands

Crontab
can set the execution schedule of the program through crontab, for example, let the program execute at 8 o’clock every day, or every 10 o’clock on Monday.
crontab -l lists the schedule;
crontab -e to edit schedule;
crontab -d deletion schedule; “the -l” nothing to say, is a view of it; “-e” is the editor,

and vi no difference (in fact, vi is editing a specific file); “-d” basic need, because it put all the user’s schedule are removed, usually do not put a timetable for progressive deleted with “-e” editor; that How to edit it? crontab file format is: MHD md CMD. A 6 field, the last CMD is the program to be executed, such as cleanTomcatlog.sh. M: minute (0-59) H: hour (0-23) D: date (1-31) m: month (1-12) d: one day of the week (0-6, 0 for Sunday) these five fields separated by a space of time which can be a digital value, may be a plurality of numbers separated by commas (or other), if there were not set,

the default is “*.” For example, every day 04 points 30 points execution cleanTomcatlog.sh, is == 30 04 * * * /usr/local/script/cleanTomcatlog.sh==.

Steps to install Oracle 19c in CentOS 7.6 RPM mode

Steps to install Oracle 19c in CentOS 7.6 RPM mode

  1. Download the required installation package:

1.1 preinstall

http://yum.Oracle.com/repo/OracleLinux/OL7/latest/x86_64/getPackage/oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm
1.2 Oracle rpm installation package

https://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
It is recommended to download at home or see the VPN proxy download speed in the company.

  1. Installation.

yum localinstall -y oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm

Install after installation is complete

yum localinstall -y oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm
Wait for the installation results.

Different servers take different time:

The result of my installation here is:

Total size: 6.9 G
Installed size: 6.9 G
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : oracle-database-ee-19c-1.0-1.x86_64 1/1
[INFO] Executing post installation scripts…
[INFO] Oracle home installed successfully and ready to be configured.
To configure a sample Oracle Database you can execute the following service configuration script as root: /etc/init.d/oracledb_ORCLCDB-19c configure
Verifying : oracle-database-ee-19c-1.0-1.x86_64 1/1

Installed:
oracle-database-ee-19c.x86_64 0:1.0-1

Complete!
Note that the configuration after the installation is complete requires the root user.

  1. As with previous blogs, you need to modify the character set and other configurations:
https://www.cnblogs.com/jinanxiaolaohu/p/9826653.html

https://www.cnblogs.com/jinanxiaolaohu/p/10015624.html
The modified configuration file of oracle19c is:

vim /etc/init.d/oracledb_ORCLCDB-19c
The revised content is mainly the part of the circle

Text version:

export ORACLE_VERSION=19c
export ORACLE_SID=ORA19C
export TEMPLATE_NAME=General_Purpose.dbc
export CHARSET=ZHS16GBK
export PDB_NAME=ORA19CPDB
export CREATE_AS_CDB=true
Corresponding to copy a parameter file

cd /etc/sysconfig/

cp oracledb_ORCLCDB-19c.conf oracledb_ORA19C-19c.conf

  1. Configure with the root user.

The root user executes the command:
/etc/init.d/oracledb_ORCLCDB-19c configure
Wait for the Oracle database to perform initialization operations.

. Processing after the completion of the execution.

Increase environment variable processing

vim /etc/profile.d/oracle19c.sh

Add content as:
export ORACLE_HOME=/opt/oracle/product/19c/dbhome_1
export PATH=$PATH:/opt/oracle/product/19c/dbhome_1/bin
export ORACLE_SID=ORA19C
Modify the password of the Oracle user:

passwd oracle
Use Oracle login for related processing

sqlplus / as sysdba
View pdb information

show pdbs
5.1 Create a trigger to automatically start pdb (Do not set the PDB boot startup Many programs can not connect to the PDB, it is recommended to use show pdbs to view the status, manual start can also. Can not create business data in the CDB, will prompt to create the user name does not meet c# ##???)

CREATE TRIGGER open_all_pdbs
AFTER STARTUP ON DATABASE
BEGIN
EXECUTE IMMEDIATE ‘alter pluggable database all open’;
END open_all_pdbs;
/

CentOS 7.6 configures Nginx reverse proxy

Using a three CentOS 7 virtual machine to build a simple Nginx reverse proxy load cluster, three virtual machine addresses and functions

192.168.1.76 nginx load balancer

192.168.1.82 web01 server

192.168.1.78 web02 server

Second, install the nginx software (the following operations must be carried out on three virtual machines)

Some Centos 7.6 does not have the wget command installed, so install it yourself:

yum -y install wget

Install nginx software: (three servers must be installed)

$ wget http://dl.Fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

$ rpm -ivh epel-release-latest-7.noarch.rpm

$ yum install nginx (direct yum installation)

Installation is so simple and convenient, after the installation is complete, you can use systemctl to control the startup of nginx.

$ systemctl enable nginx (join boot)
$ systemctl start nginx (turn on nginx)
$ systemctl status nginx (view status)

After the three servers are installed with nginx respectively, the test can run normally and provide web services. If the error is probably the cause of the firewall, please see the last few steps about the firewall.

Modify the configuration file of the nginx of the proxy server to implement load balancing. As the name implies, multiple requests are distributed to different services to achieve a balanced load and reduce the pressure on a single service.

$ vi /etc/nginx/nginx.conf (modify configuration file, global configuration file)

For more information on configuration, see:

* Official English Documentation: http://nginx.org/en/docs/

* Official Russian Documentation: http://nginx.org/ru/docs/

User nginx;
worker_processes auto; (default is automatic, you can set it yourself, generally no more than cpu core)
error_log /var/log/nginx/error.log; (error log path)
pid /run/nginx.pid; (pid file path)

Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

Events { accept_mutex on; (set network connection serialization to prevent surprises, default is on) 
multi_accept on; (set whether a process accepts multiple network connections at the same time, the default is off) 
worker_connections 1024; (the maximum of a process Number of connections) 

}

http {
log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘;

access_log  /var/log/nginx/access.log  main;



Sendfile     on; # tcp_nopush on; (not commented out here) 
tcp_nodelay on; 
keepalive_timeout 65; (connection timeout) 
types_hash_max_size 2048; 
gzip on; (open compression) 
include /etc/nginx/mime.types; 
default_type application/octet-stream;


# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

Here to set load balancing, load balancing has multiple strategies, nginx comes with polling, weights, ip-hash, response time and so on.

Default is to split the http load, the way to poll.

is to distribute the request according to the weight, the load with high weight is large

ip-hash, according to ip to allocate, keep the same ip on the same server.

Response time, according to the response time of the server nginx, preferentially distributed to the server with fast response.

The centralized strategy can be combined with
upstream tomcat { (tomcat is a custom load balancing rule name)
ip_hash; (ip_hash is the ip-hash method)

??????server 192.168.1.78:80 weight=3 fail_timeout=20s;
??????server 192.168.1.82:80 weight=4 fail_timeout=20s;

can define multiple sets of rules

}

Server { 
    listen 80 default_server; (default listening port 80) 
    listen localhost; (listening server) 
    server_name _; 
    root /usr/share/nginx/html;


    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;


    Location / { ( / means all requests, can be customized to set different load rules and services for different domain names) 

proxy_pass http://tomcat; (reverse proxy, fill in your own load balancing rule name)
proxy_redirect off; (The following settings can be copied directly. If not, it may lead to some problems such as unauthentication.)
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 90; The following are just some timeout settings, but don’t)
proxy_send_timeout 90;
proxy_read_timeout 90;
}
# location ~.(gif|jpg|png)$ { (for example, write in regular expression)
# root /home/root/ Images;
# }

    error_page 404 /404.html;
        location = /40x.html {
    }


    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

Settings for a TLS enabled server.

#

server {

listen 443 ssl http2 default_server;

listen [::]:443 ssl http2 default_server;

server_name _;

root /usr/share/nginx/html;

#

ssl_certificate “/etc/pki/nginx/server.crt”;

ssl_certificate_key “/etc/pki/nginx/private/server.key”;

ssl_session_cache shared:SSL:1m;

ssl_session_timeout 10m;

ssl_ciphers HIGH:!aNULL:!MD5;

ssl_prefer_server_ciphers on;

#

# Load configuration files for the default server block.

include /etc/nginx/default.d/*.conf;

#

location / {

}

#

error_page 404 /404.html;

location = /40x.html {

}

#

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

}

}

After the configuration is updated, the reload configuration can take effect without restarting the service.

nginx -s reload

If you can’t access it, it may be because the firewall is open and the port is not open:

Start: systemctl start firewalld
off: systemctl stop firewalld
view status: systemctl status firewalld
boot disable: systemctl disable firewalld
boot enable: systemctl enable firewalld

Open a port:

Add
firewall-cmd –zone=public –add-port=80/tcp –permanent (–permanent is permanent, no failure after restarting this parameter)
Reload
firewall-cmd –reload
view
firewall-cmd — zone = public –query-port = 80 / tcp
delete
firewall-cmd –zone = public –remove- port = 80 / tcp –permanent