Monthly Archives: May 2015

docker centos 7.1 systemd

Leave a reply

cat Dockerfile
FROM docker.io/centos
MAINTAINER vitasis
ENV container docker
RUN yum clean all; yum -y install hostname tar git; yum -y update; yum clean all
# https://bugzilla.redhat.com/show_bug.cgi?id=1118740
RUN yum -y swap -- remove systemd-libs -- install systemd systemd-libs; yum clean all; \
#RUN yum -y install systemd systemd-libs; yum clean all; \
(cd /lib/systemd/system/sysinit.target.wants/ && for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]

sudo docker build --rm=true -t vitasis/centos7-systemd .
sudo docker run --name test --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro vitasis/centos7-systemd
sudo docker ps | grep test
sudo docker exec -i -t 63f43c4ccbba bash

Detected virtualization 'other'.

Welcome to CentOS Linux 7 (Core)!

Set hostname to <79251a373052>.
Cannot add dependency job for unit display-manager.service, ignoring: Unit display-manager.service failed to load: No such file or directory.
[ OK ] Reached target Paths.
[ OK ] Listening on Journal Socket.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Reached target Swap.
[ OK ] Created slice Root Slice.
[ OK ] Created slice System Slice.
[ OK ] Reached target Slices.
[ OK ] Reached target Local File Systems.
Starting Create Volatile Files and Directories...
Starting Journal Service...
[ OK ] Started Journal Service.
[ OK ] Started Create Volatile Files and Directories.
[ OK ] Reached target System Initialization.
[ OK ] Listening on D-Bus System Message Bus Socket.
[ OK ] Reached target Sockets.
[ OK ] Reached target Timers.
[ OK ] Reached target Basic System.
[ OK ] Reached target Multi-User System.
[ OK ] Reached target Graphical Interface.

If you want to deatech form docker session, you need to use a daemon:

sudo docker run --name test --cap-add SYS_ADMIN -d -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro vitasis/centos7-systemd

privileged or SYS_ADMIN is needed, because of using mount with selinux or apparmor.

linux alternatives

Leave a reply

If you want to have sevral versions of java and choose one of them:

cd /opt/jdk1.8.0_45/
alternatives –install /usr/bin/java java /opt/jdk1.8.0_45/bin/java 2
alternatives –config java

There are 3 programs which provide ‘java’.

Selection Command
———————————————–
* 1 /opt/jdk1.7.0_71/bin/java
+ 2 /opt/jdk1.8.0_25/bin/java
3 /opt/jdk1.8.0_45/bin/java

wget java

Leave a reply

wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u45-b14/jdk-8u45-linux-x64.tar.gz"

fedora join active direcroty

Leave a reply

yum install realmd
realm discover –verbose example.com
That will tell you what software you need to install (samba-common doesn’t show up, but it will if you try to join a domain and it’s not installed).
yum install sssd oddjob oddjob-mkhomedir adcli samba-common
realm join –client-software=sssd example.com -U mydomainadmin
That should prompt for a password, and if successful, absolutely nothing will be displayed on STDOUT.
To test if you have successfully joined the domain, use
getent passwd EXAMPLE\\mydomainuser
and you should get a long passwd line.

Now, if you want to only allow certain users to log in, you can run the next two commands:
realm deny –all
realm permit [email protected]

nf_conntrack: table full, dropping packets

Leave a reply

sysctl -a|grep -i nf_conntrack_max

To interesas conntrack:

sysctl -w net.netfilter.nf_conntrack_max=131072
echo 32768 > /sys/module/nf_conntrack/parameters/hashsize
hashsize = nf_conntrack_max / 4

to save rules on server reboot:
echo ‘net.netfilter.nf_conntrack_count = 131072’ >> /etc/sysctl.conf
vi /etc/rc.local
echo 32768 > /sys/module/nf_conntrack/parameters/hashsize

To disable conntrack:

/sbin/rmmod iptable_nat
/sbin/rmmod ipt_MASQUERADE
/sbin/rmmod rmmod nf_nat
/sbin/rmmod rmmod nf_conntrack_ipv4
/sbin/rmmod nf_conntrack
/sbin/rmmod nf_defrag_ipv4

decking create docker cluster simple

3 Replies

Decking json example:
vi decking.json
{
"containers": {
"centos7a": "milcom/centos7-systemd",
"centos7b": "milcom/centos7-systemd"
},
"clusters": {
"main": ["centos7a", "centos7b"]
}
}

And lets build:

sudo decking create main

centos7a ...
centos7b ...
centos7a creating...
centos7b ...
centos7a creating... ✔
centos7b ...
centos7a creating... ✔
centos7b creating...
centos7a creating... ✔
centos7b creating... ✔

sudo decking start main

centos7a ...
centos7b ...
centos7a starting...
centos7b ...
centos7a starting... ✔
centos7b ...
centos7a starting... ✔
centos7b starting...
centos7a starting... ✔
centos7b starting... ✔

sudo decking status main

centos7a ...
centos7b ...
centos7a ...
centos7b running 172.17.0.2
centos7a running 172.17.0.1
centos7b running 172.17.0.2

Lets check if its really running:

c4175064768b milcom/centos7-systemd:latest “/usr/sbin/init” 3 minutes ago Up About a minute centos7b
b4b1766eb4d8 milcom/centos7-systemd:latest “/usr/sbin/init” 3 minutes ago Up About a minute centos7a

I guess its better than FIG.
Next step use ansible to manage these VM, its quit fast.

bash menu box

Leave a reply

Bash dialog box constructing:

#!/bin/bash
# utilitymenu.sh - A sample shell script to display menus on screen
# Store menu options selected by the user
INPUT=/tmp/menu.sh.$$

# Storage file for displaying cal and date command output
OUTPUT=/tmp/output.sh.$$

# get text editor or fall back to vi_editor
vi_editor=${EDITOR-vi}

# trap and delete temp files
trap "rm $OUTPUT; rm $INPUT; exit" SIGHUP SIGINT SIGTERM

#
# Purpose - display output using msgbox
# $1 -> set msgbox height
# $2 -> set msgbox width
# $3 -> set msgbox title
#
function display_output(){
local h=${1-10} # box height default 10
local w=${2-41} # box width default 41
local t=${3-Output} # box title
dialog --backtitle "Linux Shell Script Tutorial" --title "${t}" --clear --msgbox "$(<$OUTPUT)" ${h} ${w} } # # Purpose - display current system date & time # function show_date(){ echo "Today is $(date) @ $(hostname -f)." >$OUTPUT
display_output 6 60 "Date and Time"
}
#
# Purpose - display a calendar
#
function show_calendar(){
cal >$OUTPUT
display_output 13 25 "Calendar"
}
#
# set infinite loop
#
while true
do

### display main menu ###
dialog --clear --help-button --backtitle "Linux Shell Script Tutorial" \
--title "[ M A I N - M E N U ]" \
--menu "You can use the UP/DOWN arrow keys, the first \n\
letter of the choice as a hot key, or the \n\
number keys 1-9 to choose an option.\n\
Choose the TASK" 15 50 4 \
Date/time "Displays date and time" \
Calendar "Displays a calendar" \
Editor "Start a text editor" \
Exit "Exit to the shell" 2>"${INPUT}"

menuitem=$(<"${INPUT}") # make decsion case $menuitem in Date/time) show_date;; Calendar) show_calendar;; Editor) $vi_editor;; Exit) echo "Bye"; break;; esac done # if temp files found, delete em [ -f $OUTPUT ] && rm $OUTPUT [ -f $INPUT ] && rm $INPUT