podman

Install

sudo apt-get install -y software-properties-common uidmap
sudo add-apt-repository -y ppa:projectatomic/ppa
sudo apt-get -y install podman

Container

podman run --name nginx -v /tmp/html:/usr/share/nginx/html:ro -d -p 8080:80 docker://nginx
 
podman run \
    -dt \
    -p 8080:8080/tcp \
    -e HTTPD_VAR_RUN=/var/run/httpd \
    -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
    -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
    -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
    registry.fedoraproject.org/f27/

Links
https://podman.io/

Floating IPs

https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html

openstack floating ip list
 
openstack floating ip create public-net
FLOATING_IP=$(openstack floating ip create public -c floating_ip_address -f value --floating-ip-address 10.11.12.13)
 
openstack floating ip show 1.2.3.4
openstack floating ip list --project ${PROJECT_ID} --long
 
openstack floating ip create --floating-ip-address 1.2.3.4 public
 
# request specific floating IP for a project
openstack floating ip create public --floating-ip-address 1.2.3.4 --project foo-project
 
# show used floating IPs
NETWORK_ID=$(openstack subnet list --network public -c Network -f value)
openstack ip availability show -c total_ips -c used_ips ${NETWORK_ID}
 
# add ip to server
openstack floating ip set --port ${PORT_ID} ${FLOATING_IP}

s3cmd

Install s3cmd (s3 CLI client)

apt install -y s3cmd

Configuration file

s3cmd --configure
${HOME}/.s3cfg

CLI

s3cmd mb s3://buk1
s3cmd put /tmp/1m.img s3://buk1
s3cmd ls s3://buk1
s3cmd du
s3cmd rm s3://buk1/1m.img
s3cmd rb s3://buk1
s3cmd rb s3://buk1 --recursive
s3cmd rm s3://lfs/ --recursive --force
 
s3cmd \
  --access_key xxxxxxxxxxx  \
  --secret_key xxxxxxxxxxxxxx \
  --host-bucket '%(bucket)s.s3.example.com' \
  --host s3.example.com \
  --signature-v2 \
  --no-preserve \
  ls s3://lpz-duply

ACL

s3cmd setacl s3://bucket/path/to/file --acl-public
s3cmd info s3://bucket/path/to/file
s3cmd setacl s3://bucket/path/to/file --acl-private

Links
https://lollyrock.com/articles/s3cmd-with-radosgw/
https://linuxconfig.org/getting-started-with-aws-s3cmd-command-by-examples

s3fs

Install

sudo apt install -y s3fs

Create credentials

echo ACCESS_KEY_ID:SECRET_ACCESS_KEY > ~/.passwd-s3fs
chmod 600 ~/.passwd-s3fs

Mount s3 bucket

s3fs backups /media/backup \
  -o url=https://s3.example.com \
  -o passwd_file=~/.passwd-s3fs

Parameter

-o url=https://s3.example.com,allow_other,umask=0000
-o use_cache=/tmp/cache

/etc/fstab

mybucket1.mydomain.org /mnt/mybucket1 fuse.s3fs _netdev,allow_other,passwd_file=/home/ftpuser/.passwd-aws-s3fs,default_acl=public-read,uid=1001,gid=65534   0 0

Links
https://github.com/s3fs-fuse/s3fs-fuse
https://gridscale.io/community/tutorials/s3-fuse-ubuntu/

NVMe firmware update with Intel SSD Data Center Tool

Intel NVMe firmware update with Intel SSD Data Center Tool
Check for latest version: https://downloadcenter.intel.com/search?keyword=SSD+Firmware+Update+Tool

URL=https://downloadmirror.intel.com/29185/eng/Intel_SSD_Data_Center_Tool_3.0.22_Linux.zip
 
wget ${URL} -O /tmp/Intel_SSD_Data_Center_Tool_Linux.zip
unzip -d /tmp /tmp/Intel_SSD_Data_Center_Tool_Linux.zip
sudo dpkg -i /tmp/isdct_*_amd64.deb
 
# show all avaiable Intel NVMe devices
isdct show -intelssd
 
isdct show -d Index,FirmwareUpdateAvailable -intelssd
isdct show -o json -d DevicePath -intelssd | jq -r .[].DevicePath
 
# update firmware
isdct load -intelssd 0

Flash all Intel NVMe drives

OpenStack: compute

CLI
https://docs.openstack.org/nova/latest/admin/services.html

# list VMs on all hypervisor
openstack server list --all --long  -c Name -c Host
 
# list VMs on specific hypervisor
openstack server list --all -c Name -f value --host ${COMPUTE_NODE}
 
# get VM count by hypervisor
openstack server list --all --long  -c Host -f value | sort | uniq -c
 
# list compute nodes
openstack compute service list
 
# list compute service
openstack compute service list --host ${OS_NODE}
 
# disable compute service
for OS_SERVICE in $(openstack compute service list --host ${OS_NODE} -c Binary -f value); do
    openstack compute service set --disable --disable-reason "Maintenance" ${OS_NODE} ${OS_SERVICE}
done
 
# Search for server witch status error
openstack server list --all --status ERROR
 
# Search for server with status resizing
openstack server list --all --status=VERIFY_RESIZE
 
# List instances / VMs
openstack server list
openstack server list -c ID -c Name -c Status -c Networks -c Host --long

Debug

GRML iPXE etboot from HTTP (without NFS)

# downlaod Grml image
wget http://download.grml.org/grml32-small_2013.02.iso -O /tmp/grml32-small_2013.02.iso

# mount image
mount /tmp/grml32-small_2013.02.iso /mnt/ -o loop

# copy Grml files to tftpboot
mkdir /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/initrd.img /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/vmlinuz /var/lib/tftpboot/live/grml/32-small/
cp /mnt/live/grml32-small/grml32-small.squashfs /var/lib/tftpboot/live/grml/32-small/

# configure NFS
echo "/var/lib/tftpboot/live/grml/32-small *(ro,no_root_squash,async,no_subtree_check)

sysctl

reduce swap usage
https://en.wikipedia.org/wiki/Swappiness

# get swappiness
cat /proc/sys/vm/swappiness
 
# set swappiness
echo "vm.swappiness = 1" > /etc/sysctl.d/90-swap.conf
 
# disable IPv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" > /etc/sysctl.d/01-disable-ipv6.conf
 
# load kernel settings from all system configuration files
sysctl --system
 
# load settings from default configuration /etc/sysctl.conf
sysctl -p
 
# load settings from specified file
sysctl -p /etc/sysctl.d/filename.conf
 
# sysctl
https://www.cyberciti.biz/faq/reload-sysctl-conf-on-linux-using-sysctl/

OpenStack: Floating IP port forward (in development / experimental)

List floatin IPs

openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID                                   | Floating IP Address | Fixed IP Address | Port                                 | Floating Network                     | Project                          |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| dc049c28-6562-4c37-834b-d3a612d4b580 | 1.2.3.4        | None             | None                                 | 39583230-154f-4b56-a56e-2fd83c9986ce | 1eede1bdc28344f3acf6b48b232e406f |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+

List VMs

OpenStack: Debug DHCP

Get HIGH lease rate not found

for NODE in $(openstack compute service list --service nova-scheduler -c Host -f value); do
    echo ${NODE}
    ssh ${NODE} cat /var/lib/docker/volumes/kolla_logs/_data/neutron/dnsmasq.log | grep "lease not found" | grep Sep | awk '{print $1, $2}' | uniq -c | awk '$1 > 100 {print}'
    echo
done

Many dhcp requests