If you ever need to take over management of an AWS farm, it’s very likely you will need to attach SG to all instances. Be that for monitoring or access. Here is a bash script to add 1 SG to all instances. You will need to first setup a profile on awscli. Then run the script with the profile name as first argument, and the SG id as the second.…
Let’s take a look at how to build a really simple Linux package. The most common package formats are definitely .deb and .rpm. One will find them on Debian-variants and Redhat-variants respectively. In the following examples, a package will be created and it will contain 1 script.The script depends on Python so I want the package management tool to handle that for me too. The script’s name is goldenRatio.sh and…
There are a couple ways to debug php applications. We can enable core dump and/or install Xdebug. Enable php core dump on php-fpm First instruct the kernel to write core dumps to /tmp. On some system, dumps are fed to abrtd.
|
1 2 |
echo '/tmp/core-%e.%p' > /proc/sys/kernel/core_pattern |
In php-fpm.conf, add the following
|
1 2 |
rlimit_core = unlimited |
Restart php-fpm and use gdb to debug the dump files. To get the most out of the dump files, install the debuginfo…
Ubuntu upgrade can be a challenge Ubuntu 18 is coming up in a few months. I started using Ubuntu on my machine since version 9.10 and it has gone through 8 upgrades. I’m running 17.10 now. If memory serves me right, my system crashed 2-3 times during these upgrades. In fact, those were the only downtime I have on this machine. In the early days, upgrade isn’t very mature IMO.…
The recent CPU flaw caused quite a mess. Most recent linux kernels have the problems patched, but what if I am willing to trade security for performance? I’ll need to compile my own kernel and here is how to do that on Ubuntu 17.
|
1 2 3 4 |
apt install git build-essential kernel-package fakeroot libncurses5-dev libssl-dev ccache wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.15.tar.xz tar Jxvf linux-4.15.tar.xz cd linux-4.15 |
First, we need to make oldconfig. Basically copy the kernel compile config from Ubuntu and decide whether new features should be enabled
|
1 2 |
cp /boot/config-4.13.0-32-generic .config make oldconfig |
Here I…
Why attacking and hacking – proof of concept – causes service interruption – utilize compromised systems to attack other targets – steal compute power – build zombie network – ransome – attention seeking – personal reasons How does it happen – Webhack exploiting vulnerable apps or scripts – SQL injection – Overflow boundaries – Brutish password hack – Social hacking – Affected by compromised neighbors particularly in muti-tenant environments –…
AWS introduced 5th-generation EC2 instances in selected regions. These instances live on Nitro which is KVM based. These c5 and m5 instances are faster yet cheaper. The switch however cannot be done by a simple instance type change.
Numerous posts and announcements have been made available in past 48 hours[1]. I don’t want to embarrass myself trying to describe what they’re about. Here I want to measure the performance penalty for the kernel patch. Kernel update has been made available on CentOS 7 (3.10.0-693.11.6.el7), roughly 12 hours behind Redhat. Here is a quick test of mysql sysbench on a small instance on aliyun, AWS, and Azure. No impact…
My Lacie 2big NAS recently died. For weeks, it had been powering off itself randomly. At first I thought it’s a bug with the latest update and the power saving feature. But yesterday, it hung and after power-cycling, it refused to power on. I even tried a new power supply. I get 1 blink on the ethernet link led. The rest of the unit showed no response. There are some…
Terraform delivers consistent build and save a lot of time from clicking and scrolling. But when the resources, in this case ec2 resources are slightly different, it may be necessary to create a tf config for every instance. That defeats the purpose of automation. By storing the differences in a list and use the lookup function to extract the values, I’m able to write the following tf config with little…