S3 storage under Linux / Ubuntu

Install
sudo apt install -y s3fs

Configuration
# cat ~/.passwd-s3fs
AWS Access Key ID:AWS Secret Access Key

Mount
s3fs backup /media/backup -o url=https://s3.example.com,allow_other,umask=0000
# -o passwd_file=/etc/passwd-s3fs
# -o use_cache=/tmp/cache

/etc/fstab
mybucket1.mydomain.org /mnt/mybucket1 fuse.s3fs _netdev,allow_other,passwd_file=/home/ftpuser/.passwd-aws-s3fs,default_acl=public-read,uid=1001,gid=65534 0 0

Links
https://gridscale.io/community/tutorials/s3-fuse-ubuntu/

php-fpm under Nginx

Install
sudo apt install -y php-fpm nginx #mariadb-server php-mysql php-gd php-curl

Configure php-fpm
# /etc/php/7.2/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = /run/php/php7.2-fpm.sock
;listen = 127.0.0.1:9000
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

Configure Nginx
# /etc/nginx/sites-enabled/default
server {
...
# pass PHP scripts to FastCGI server
location ~ \.php$ {

Duplicity with S3

Install
sudo apt install -y duplicity python-boto

SSH
duplicity incr --log-file /tmp/duplicity.log /etc/ scp://foo@10.0.1.123//media/etc

S3
vi ~/.boto
[Credentials]
aws_access_key_id = KEY_ID
aws_secret_access_key = SECRET_ACCESS_KEY

# create backup to s3
duplicity full --log-file /tmp/duplicity.log /etc/ s3://s3.example.com/backup/host.examp.eocm/etc/

duplicity list-current-files s3+http://bucket/folder

WebDav
export FTP_PASSWORD="pass1234"

GitLab registry with S3 storage

Configure CEPH
touch /tmp/placeholder
s3cmd mb s3://gitlab
s3cmd put /tmp/placeholder s3://gitlab
s3cmd ls s3://gitlab
s3cmd du s3://gitlab

Configure GitLab
# /etc/gitlab/gitlab.rb
...
registry_external_url 'https://registry.example.com'
registry_nginx['enable'] = true
registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/registry.example.com.crt"
registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/registry.example.com.key"
#registry['log_level'] = "debug"
#registry['storage_delete_enabled'] = true
...
registry['storage'] = {

cloud-image-utils

sudo apt install -y qemu-kvm cloud-image-utils
wget https://cloud-images.ubuntu.com/releases/18.04/release/ubuntu-18.04-server-cloudimg-amd64.img

# cat seed
#cloud-config
password: ubuntu
chpasswd: { expire: False }
ssh_pwauth: True
ssh_import_id: ${USER}

cloud-localds seed.img seed
sudo kvm-spice -m 2048 -drive file=ubuntu-18.04-server-cloudimg-amd64.img,if=virtio,cache=writeback -cdrom seed.img -net nic,model=virtio -net user,hostfwd=tcp::222-:22
# -balloon virtio

# login credentials:
user: ubuntu
pass: ubuntu

ssh ubuntu@localhost:2222

LXD: Create container with profile (connect to VLAN)

create profile
lxc profile copy default mgmt-dev
# lxc profile list
lxc profile device set mgmt-dev eth0 nictype macvlan
lxc profile device set mgmt-dev eth0 parent mgmt-dev-v4432
lxc profile show mgmt-dev

create container with profile
lxc launch ubuntu:18.04 bionic-mgmt-dev -p mgmt-dev
lxc ls

Enable container nesting
lxc config set bionic-mgmt-dev security.nesting true

Configure IP
cat < /var/lib/lxd/containers/bionic-mgmt-dev/rootfs/etc/netplan/50-cloud-init.yaml
network:
version: 2

Ceph

ceph status
ceph health detail
ceph df detail
ceph osd lspools
osd pool ls detail

Monitoring
https://github.com/ceph/ceph-nagios-plugins/releases

Build nagios-plugins-ceph
sudo apt-get install -y devscripts fakeroot build-essential dh-python
git clone https://github.com/ceph/ceph-nagios-plugins.git
cd ceph-nagios-plugins#
make deb
sudo dpkg -i nagios-plugins-ceph_*_all.deb

# create wrapper for kolla-ansible installation
cat < /usr/bin/ceph
#!/bin/bash
docker exec -it ceph_mon ceph $@
EOF
chmod +x /usr/bin/ceph

Subscribe to