DEBIAN PRO

DEBIAN PRO
DEBIAN

lunes, 23 de octubre de 2017

Mysql/MariaDB QPS


Un muy buen post ( y blog) sobre los límites de un servidor corriendo MySQL o sus primos, el nro de QPS (Querys per sec.) y como tantas veces vemos, un solo motor puede hacer muchisimo sin necesidad de pasar a otras soluciones de réplicas, sharding, master-master.... Simplemente implementado el motor correctamente y optimizando el APP.

http://dimitrik.free.fr/blog/

SSH problema y hack


Para todos los que usen SSH (deberian ser todos!!!!)
este link los ayudará a verificar un problema de seguridad en SSH.

https://github.com/crocs-muni/roca

No tiene que ver con los problemas de WPA / WPA2 (WIFI) sino con los sistemas de claves pública/privadas.

miércoles, 18 de octubre de 2017

Docker y Persistencia


Un post sobre persistencia en Docker, vale la pena leerlo.

https://thenewstack.io/methods-dealing-container-storage/

OpenCommunities


Para el próximo Sábado reunión de "Open Communities"

https://www.eventbrite.es/e/entradas-open-communities-summit-2017-38651010212?utm_source=eb_email&utm_medium=email&utm_campaign=order_confirmation_email&utm_term=eventname&ref=eemailordconf

Registro gratuito. Ahí nos veremos.

Docker run exec


Un muy buen post sobre Docker y las maneras de arrancar procesos en Contenedores.

https://chankongching.wordpress.com/2017/03/17/docker-what-is-the-different-between-run-and-exec/

Here are some command ref:

To use binaries in a docker images:
docker run #{image} "COMMAND to be Ran"

To use binaries in a docker images continuously(setting or configs need to be inherited):
docker run #{image} --name #{container_name}

To enter a docker images and run command interactively:
docker run -it #{image}

To start a docker in background(as daemon)with process up and running that defined in Dockerfile:
docker run -d --name #{container_name} #{image}



Agrego mis recetas recolectadas (que suelo tener a mano)


https://github.com/wsargent/docker-cheat-sheet
docker pull alpine
docker images
docker inspect alpine

docker create - creates a container but does not start it.
docker rename - allows the container to be renamed.
docker run - creates and starts a container in one operation.
docker rm - deletes a container.
docker update - updates a container's resource limits.

docker start - starts a container so it is running.
docker stop - stops a running container.
docker restart - stops and starts a container.
docker pause - pauses a running container, "freezing" it in place.
docker unpause - will unpause a running container.
docker wait - blocks until running container stops.
docker kill - sends a SIGKILL to a running container.
docker attach - will connect to a running container.

docker images shows all images.
docker import creates an image from a tarball.
docker build creates image from Dockerfile.
docker commit creates image from a container, pausing it temporarily if it is running.
docker rmi removes an image.
docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).

docker container stats
docker stats --all

docker ps -a

docker rm image_name delete image
docker rmi $(docker images -q) delete all images

docker container rename nervous_meitner testing
docker exec -it testing /bin/sh

docker ps - show running container
docker inspect - get info from container
docker events - evetns from con
docker port
docker top
docker stats


docker build use a file to create a server ( Dockerfile )
docker pull image (download a image file)
docker ps -l -q -- last run container
docker run -d alpine /bin/sh .c "sleep 20"
docker stop "container"
docker start "container"
docker restart "container"
docker rm `container`
docker cp `container`:/etc/passwd . (copy file to container)




docker build -t wangxian/alpine-mysql .

docker run -it --rm -v $(pwd):/app -p 3306:3306 wangxian/alpine-mysql
(docker MariaDB 10.1.19)
mysql -u root -p -h 172.17.0.1 (111111)

# RUN ALPINE DOCKET SERVER
docker run -it --rm -v $(pwd):/app -p 3306:3306 db933b99cf44

docker run -it --name mysql -p 3306:3306 -v $(pwd):/app -e MYSQL_DATABASE=admin -e MYSQL_USER=tony -e MYSQL_PASSWORD=dpa\*12d -e MYSQL_ROOT_PASSWORD=111111 wangxian/alpine-mysql



docker run -it ubuntu

martes, 17 de octubre de 2017

U2F Key


Compré un hard key para validar los accesos a cuentas con una verificación de "Dos pasos". La llave es muy barata (9.5 €uros en amazon)
https://www.amazon.es/gp/product/B01N6XNC01/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1



Tuve que tocar un fichero en Linux para que la reconozco, luego cambiar una configuración de Firefox, probar Nightly version 58.... al final no funciona en Mozilla Firefox. pero parece que SI funciona en Chrome.


vi /etc/udev/rules.d/70-u2f.rules

# this udev file should be used with udev 188 and newer
ACTION!="add|change", GOTO="u2f_end"
# Key-ID FIDO U2F
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="096e", ATTRS{idProduct}=="0850|0880", TAG+="uaccess"
LABEL="u2f_end"


Descargar la version Nightly
1. Open the Firefox advanced preferences at `about:config`.
2. Search for "webauth"
3. Enable (value=True) these two:
- security.webauth.u2f
- security.webauth.webauthn_enable_usbtoken


Seguiré probando si puedo hacerlo funcionar, sería muy bueno tener esa opción desde Firefox, evita tipear claves, y aumenta la seguridad de las cuentas.

WPA WPA2 Hack - KrackAttack


Ya todos sabrán que se encontró un problema en la encriptación WPA. Lo positivo es que ya hay un parche para Linux. Lo bajé ayer.
mas info del problema aqui
https://www.krackattacks.com/

miércoles, 4 de octubre de 2017

Keyboard sounds


Two options to produce ticky sound when typing.

https://github.com/BillBillBillBill/Tickeys-linux

yaourt -S bucklespring-git

SQL Server sobre Linux


Desde hace casi un año vengo probando los betas de SQL Server para Linux, clientes y luego servidores, desde Linux hacia SQL Server y desde Windows hacia Linux/SQLSrv. Siempre pensando si es posible utilizar esta solución y tiene sentido.

Reconozco que no me gusta en absoluto, poner un producto Propietario sobre Linux no es bueno, además un producto de MS, además una empresa que claramente era anti-Linux y recientemente está intentando hacercarse, un producto con una calidad de código fuente que no se puede verificar.

De todas formas, desde Arch Linux, el proceso de instalación de un servidor/cliente es sencillo.

yaourt -S mssql-server mssql-ciente

Al final la instalación se debe configurar el Servidor.

sudo /opt/mssql/bin/mssql-conf setup las opciones son :

Choose an edition of SQL Server:
1) Evaluation (free, no production use rights, 180-day limit)
2) Developer (free, no production use rights)
3) Express (free)
4) Web (PAID)
5) Standard (PAID)
6) Enterprise (PAID)
7) Enterprise Core (PAID)
8) I bought a license through a retail sales channel and have a product key to enter.

Al final de su configuración está listo para funcionar.

/usr/lib/systemd/system/mssql-server.service


sqlcmd -S 127.0.0.1 -Usa -Pclave
1> select @@version;
2> go
----------------------------------------------
Microsoft SQL Server 2017 (RTM) - 14.0.1000.169 (X64)
Aug 22 2017 17:04:49
Copyright (C) 2017 Microsoft Corporation
Express Edition (64-bit) on Linux (Manjaro Linux)
(1 rows affected)

lunes, 2 de octubre de 2017

DevOps Admin Windows from Linux



As a DBA with difference engines to administer, sometimes I need to connect to SQL Server and MySQL engines, sometimes in Windows and sometimes in Linux.

I prefer to use Linux O.S. in my notebooks, may be it's not the best option at all, I know, but I want to be safe, have more resources for my tasks, less delays, and a simple way to do daily tasks. (clean, simple, spartan), off course I'm a Debian Linux fan too.

Right or wrong...? it's my option.


I had to prepare some script to simplify my daily works.

may be I'm a DevOp + DBA ?
who cares, je je...


As I.T. Engineering I have to solve problems everyday and sometimes build my own tools to solve it (if I don't have them).

I want to share some script I use in my daily tasks, I guess you could modify it with "your needs" too, and think in GPL and share it too.


Massive connection to Linux & MySQL servers and SQL Servers


(if you want the .sh file, just ask for it)

#!/bin/bash
# run it $ xxxxx NN
#
clear
echo " ----- All in One -----------------------------"
echo "1. uptime"
echo "2. mysql running ? check"
echo "3. SQL Server check"

for i in '192.168.10.2' \
'192.168.10.3' \
'192.168.10.4'

do
case $1 in
1)
echo "****"
echo "$i"
ssh "$i" 'echo `hostname`' "$i"
ssh "$i" "uptime"
;;

case $1 in
2)
clear
echo "****"
echo "$i"
ssh "$i" 'echo `hostname`' "$i"
mysql -uUSER -p'PASSWORD' -h "$i" -e 'select 1;'

read
;;

case $1 in
2)
clear
echo "****"
echo "$i"
ping -c 1 "$i"

# mssql tools installed in Linux
sqlcmd -U"user" -P"password" -S "$i" -Q "select 1;"

;;

esac

done

echo " # EOT "
exit 0
#
# EOF
#




Another script to connect to Windows servers (from Linux)
Again simple, clear and spartan (I have hundreds like this, one for each server) it's easy to type the name/ip and "Enter"



#!/bin/bash
rdesktop SERVERNAME/IP -x l -z -g 1024x768 -uUser -pPassword -r sound:off

I'm pretty sure you could create more like this for simple tasks, "bash" is still a great tool to interact, program and administer a remote server.



Another one, to identify new connections in a server or dis-connections.



#!/bin/bash
clear
netstat -a -n | grep tcp > /tmp/tcp
netstat -a -n | grep udp > /tmp/udp
while [ 1 = 1 ]
do
# sleep 0.5
cp /tmp/tcp /tmp/tcp2
cp /tmp/udp /tmp/udp2

netstat -a -n | grep tcp > /tmp/tcp
netstat -a -n | grep udp > /tmp/udp

# clear
echo "-----------------------------------------------------------------------"
date
echo "-----------------------------------------------------------------------"

# compare what lines appear now, not exists before
diff --side-by-side --suppress-common-lines /tmp/tcp /tmp/tcp2 | grep "<" diff --side-by-side --suppress-common-lines /tmp/udp /tmp/udp2 | grep "<" # read key, if Q exit read -t 1 -n 1 key if [[ $key = q ]] then break fi done # # EOF #