Setup Systemd Service on Ubuntu 16.04

$ sudo vim /etc/systemd/system/myservice.service
[Unit]
Description=Run the service

[Service]
User=ubuntu
# change the workspace
WorkingDirectory=/usr/local/src

#path to executable. 
#executable is a bash script which calls jar file
ExecStart=/usr/local/src/somescript

SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
$ sudo vim /usr/local/srv/somescript
#!/bin/sh

java -jar /some/file.jar
sudo systemctl daemon-reload
sudo systemctl enable myservice.service
sudo systemctl start myservice
sudo systemctl status myservice

 

Install MySQL on Ubuntu And Skip the Password Prompt

When you install mysql on Ubuntu (I use 16.04), it requires you to fill the admin password for the first time before finishing the installation. This prompt will wait the user input until you fill the password.

This trick is very helpful if you want to install mysql in Dockerfile, and skipping the password prompt:

$ export DEBIAN_FRONTEND=noninteractive
$ sudo -E apt-get -q -y install mysql-server

Setup Simple Ruby on Rails App On Ubuntu 16.04 From Scratch

Rails is one of the most popular ruby framework out there. And now, I want to try to run the simple app on Ubuntu 16.04 machine. it’s for testing purpose.

First, update the system and install essential dependencies:

$ sudo apt-get update
$ sudo apt-get build-essential curl sudo vim

Install nodejs:

$ curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
$ apt-get install nodejs

Create a dedicated user for the app, for example, ubuntu user. And this also make the ubuntu user with sudo privilege and run the command without password. Which is useful to run command that needs sudo privilege in the next steps.

$ useradd ubuntu -m
$ echo 'ubuntu ALL=(root) NOPASSWD: ALL' >> /etc/sudoers

swith to ubuntu user and install GPG keys for install rvm:

$ su - ubuntu
ubuntu~$ gpg --keyserver hkp://keys.gnupg.net \ --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 \ 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

Download and install rvm:

ubuntu~$ \curl -sSL https://get.rvm.io | bash -s stable

Install ruby interpreter with version 2.5.1, you might wanna change it with your preferable version:

ubuntu~$ source ~/.rvm/scripts/rvm
ubuntu~$ rvm install 2.5.1
ubuntu~$ rvm use 2.5.1 --default

Install rails with gem, and create new app without writing the Gemfile. Why? because everytime I create new app, I ended up facing errors with dependencies in Gemfile. So, it safe to setup new app without the Gemfile, we’ll create it manually later.

ubuntu~$ gem install rails
ubuntu~$ rails new app --skip-gemfile

Create the Gemfile:

ubuntu~$ touch ~/app/Gemfile
ubuntu~$ vim ~/app/Gemfile

Gemfile, fill these dependencies below into the file, save and exit:

source 'https://rubygems.org'
gem 'rails', '~> 5.2.1'
gem 'bootsnap', '~> 1.3.2'
gem 'tzinfo-data', '~> 1.2018.5'
gem 'listen', '~> 3.1.5'
gem 'sqlite3'

Now, install all the gems with bundle:

ubuntu~$ cd ~/app
ubuntu app~$ bundle install

Try run the rails:

ubuntu app~$ rails server -b 0.0.0.0

 

Setup ftp that works with local user with vsftpd on ubuntu

Install vsftpd and start the service:

$ sudo apt-get install vsftpd -y
$ sudo systemctl start vsftpd.service
$ sudo systemctl enable vsftpd.service

Open vsftpd.conf file, and make sure these lines below are enabled:

$ sudo vim /etc/vsftpd.conf
...
...
local_enable=YES
chroot_local_user=YES

Create local user:

$ sudo useradd -s /bin/bash -md /srv/ftpuser
$ sudo passwd ftpuser

Make sure your user format is looks like this:

$ cat /etc/passwd
ftpuser:x:1000:1000::/srv/ftpuser:/bin/bash

Test your ftp user out:

$ ftp example.com

 

Setup Kubernetes on Ubuntu 16.04

Summary

This setup is supposedly to install the kubernetes on ubuntu machine with version 16.04 (64bit). I did this in the cloud and have worked perfectly.

# whoami && pwd
root
/root
# apt-get update
# apt-get install -y apt-transport-https
# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
# echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list
# apt-get update -y
# apt install docker.io
# apt-get install -y kubelet kubeadm kubernetes-cni

Check the swaps, if there any, swith them off

# /proc/swaps

Init kubernetes for the first time using kubeadm:

# kubeadm init --pod-network-cidr=192.168.0.0/16 --apiserver-advertise-address=<private IP>

*Note: Change <private IP> to <public IP>, if you run the kubernetes master on single node and wish to publicly open.

# cp /etc/kubernetes/admin.conf $HOME/
# export KUBECONFIG=$HOME/admin.conf
# echo "export KUBECONFIG=$HOME/admin.conf" | tee -a ~/.bashrc

Check pods status, wait until all running

# kubectl get pods --all-namespaces

When their status are RUNNING, moving forward install the network/flannel. Please choose between these two below, I prefer to use the calico one (the second).

# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml

# or

# kubectl apply -f https://docs.projectcalico.org/v2.6/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml

Continue to taint the nodes:

# kubectl taint nodes --all node-role.kubernetes.io/master-

Install kubernetes dashboard

# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

Create user dashboard

create-user.yml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system

create-role.yml

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
# kubectl create -f create-user.yml
# kubectl create -f create-role.yml
# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

How to set the kubernetes dashboard to publicly accessible with public IP

Read this : https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard—1.7.X-and-above

References

Setup puppet master & puppet agent on Ubuntu 16.04

Overview

– puppet-master (ubuntu 16.04)
– db1 (ubuntu 16.04)

Setup puppet master

On master server, do the following steps:
Add puppet host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet master:

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update -y
$ sudo apt-get install puppetserver -y

Change memory allocation:

open /etc/default/puppetserver, change the JAVA_ARGS to:

JAVA_ARGS="-Xms512m -Xmx512m"

Set puppet master hostname:

open/etc/puppetlabs/puppet/puppet.conf, and add the following lines at the bottom of the file:

....
[main]
certname = puppet-master
server = puppet-master
environment = production

Open port 8140:

$ sudo ufw allow 8140

Start the service, and enable to run on boot:

$ sudo systemctl start puppetserver
$ sudo systemctl enable puppetserver

Setup puppet agent

Add puppet-master host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet agent

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update
$ sudo apt-get install puppet-agent

Add configuration for puppet agent:

$ vim /etc/puppetlabs/puppet/puppet.conf
[main]
certname = db1
server = puppet-master
environment = production

Start the service, and enable  to run on boot:

$ sudo systemctl start puppet
$ sudo systemctl enable puppet

Sign the puppet agent certificate on puppet master

$ sudo /opt/puppetlabs/bin/puppet cert list
"db1" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E

Sign the incoming certificate from specific hostname (db1):

$ sudo /opt/puppetlabs/bin/puppet cert sign db1

or if you prefer to sign all certificates at once, use this command:

$ sudo /opt/puppetlabs/bin/puppet cert sign --all

Test the connection:

$ sudo /opt/puppetlabs/bin/puppet agent --test