After unsuccessful upgrade of kernel you have to fix linux OS.
To delete invalid kernel in case of CentOS do next steps.
1. Show kernel list:
rpm -q kernel
And you’ll see output:
kernel-3.10.0-229.14.1.el7.x86_64
kernel-3.10.0-229.20.1.el7.x86_64
kernel-3.10.0-327.3.1.el7.x86_64
kernel-3.10.0-327.4.4.el7.x86_64
kernel-3.10.0-327.22.2.el7.x86_64
2. Delete corrupted kernel:
rpm -e kernel-3.10.0-327.22.2.el7.x86_64
3. Reboot.
So, you system downgraded!
Thanx to http://blog.zwiegnet.com/linux-server/delete-oldcorrupt-linux-kernel-centos/
Linux OS is fluent to run commands under different user if you are logged as root.
Here are two ways to do it:
1. Using “SUDO” command:
sudo -u <username> "<commands>"
Example: sudo -u www-data php occ
2. Using “SU” command:
su - <username> -c "<commands>"
Example: su – www-data -c ‘php /var/www/html/console.php files:scan –all’
Thanx to http://askubuntu.com/a/606149
The OwnCloud is great replacement of google, yandex, dropbox disks. It is really useful and convenient tool to manage your private data.
There are few ways to connect to you server:
- web dav directly from OS
- browser access
- iOS/Android mobile OS
If you OwnCloud service is behind the Nginx server with SSL protection, you can see the next error when access from mobile client:
it is not possible to connect to the server at this time
After spending few days in searching the solution on forum https://forum.owncloud.org no one fix helped.
I paid attention in Admin panel on “Security & setup warnings” section:
The "Strict-Transport-Security" HTTP header
is not configured to least "15768000" seconds.
For enhanced security we recommend enabling HSTS
as described in our security tips.
So, go ahead!
Just add the header to Nginx config (Strict-Transport-Security):
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
Restart Nginx and voila – mobile client will ask you to accept SSL certificate!
The RDP protocol is very convenient to manage windows and linux servers. But if you use Xrdp as terminal server, you may notice new session always creates when connection established.
The CentOS (RedHat) rdp server implementation is more useful, because can connect to existing session by default. But Ubuntu (Debian) always creates new session if you configure it as “port=-1” setting in xrdp.ini file:
[xrdp2]
name=test-name
...
port=-1
But if you set port to certain value, connection problem occurs.
To fix the problem I recommend to create two different xrdp configurations in xrdp.ini file:
[xrdp1]
name=existing-session
lib=libvnc.so
username=ask
password=ask
ip=127.0.0.1
port=5910
[xrdp2]
name=new-session
lib=libvnc.so
username=ask
password=ask
ip=127.0.0.1
port=-1
So, for the first connection you have to use “new-session” configuration, and the next one will be used “existing-session” configuration by default.
Make sure, you are connecting to 5910 port (in my case).
November 24, 2015 – 11:14
As a rule, you have more then one docker containers. It can be one base container (parent) and many other (children).
To connect they in docker-compose you can use the next snippets:
1. Using “links” – in common case is the most popular method. Here are network ports and volumes from parent container shares to child one.
docker-compose.yml
...
links:
- base
...
2. Using “volumes_from” – only volumes from parent container shares to child.
docker-compose.yml
...
volumes_from:
- base
...
The second way is useful when you connect your docker contaner network is applied to host network. The “links” directive cannot be used (since docker-compose v1.9).
docker-compose.yml
...
net: "host"
...
Also, http://docs.docker.com/compose/compose-file
November 23, 2015 – 15:36
To apply SSL connection in your server you have to use SSL certificate.
Here are the steps to create Self-Signed SSL certificate:
1. Install openssl.
yum install -y openssl
2. Create shell script add_ssl.sh:
#!/bin/bash
set -e
prefix=$1
# Generate private key
openssl genrsa -out $prefix.key 2048
# Generate CSR
echo -e "[LOCALE]\n[COUNTRY]\n[CITY]\n[COMPANY]\nSSL\n$prefix\n[EMAIL]\n\n\n\n" \
| (openssl req -new -key $prefix.key -out $prefix.csr)
# Generate Self Signed Key
openssl x509 -req -days 365 -in $prefix.csr -signkey $prefix.key -out $prefix.crt
# Copy the files to the correct locations
mv $prefix.crt /etc/ssl
mv $prefix.key /etc/ssl
mv $prefix.csr /etc/ssl
Replace [LOCALE], [COUNTRY], [CITY], [COMPANY], [EMAIL] with your values.
3. Run script example:
./add_ssl.sh gik.firetrot.com
Docker is the most simple and clear method to isolate your services. DevOps can in significantly convenient way deploy and control their services in server environment.
Docker is nothing new but wrapper over LXC. There are two concepts when you start working with docker:
- Docker image is what you build
- Docker container is what you run
Docker uses layer system very similar to Version Control System. After restart container all data will be lost if not commited!
So, to run a docker container you have to create a docker image. There are two methods to create docker image. The first, you can get base docker image of your favorite linux OS, run and login to it and manually install whatever. After that commit image to save changes. It is old and hardcore way. I prefer the second one, create docker image from so called “Dockerfile” – describes all to compose image.
Example usage:
- Create folder “base”.
- Create “Dockerfile” in it with the following contents:
FROM centos:7
MAINTAINER "FireTrot Studio" <admin@firetrot.com>
# ENV
ENV container=docker
# IMPORT
RUN rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
# INSTALL
RUN yum -y install net-tools
# RUN
CMD ["ping", "localhost"]
- Build docker image with command:
docker build -t base .
- Run docker container with command:
docker run -it --name=base docker_base
And then you’ll see the output of container work.
