Thursday, November 2, 2023

Docker

#docker version

If you get a output from the Client and Server, your command run successfully, if you get error then run with sudo command after add your user account to the local docker group,

#docker images

Its like OS template.

docker pull centos:latest

Download images onto your Docker host is called pulling. Pull the ubuntu:latest image. 

Now run docker images command to show your download images.

#docker run -it centos:latest /bin/bash

It will check centos images locally not available then download from dockerhub and start container in interactive mode with bash shell and login in container terminal.

Press Ctrl-PQ

Its exit from container without terminating it.

# docker exec -it App1(Container Name) bash

# docker exec -it 851464 or (Container id) bash

Attaching to running containers login

# docker run kodecloud/simple-webapp

This docker running in foregroup means you cant do anythisng on terminal

# docker run -d kodecloud/simple-webapp ( -d Deteached mode)

This docker running in background means you can use this terminal.

# docker attach container id


# docker rm (container id)

docker container remove by container id

# docker rm (container name)

docker container remove by name

# docker container prune

This will remove all stopped containers

# docker rmi 81464

Remove docker images

# docker rmi -f 81464

Remove docker images forcefully

#  docker ps -a 

show all container which is running and stop

# docker run -p 8080:80 nginx

Where the first 8080 is the local port and the second 8080 is the container port.

Port mapping

# docker run -v /opt/datadir:/var/lib/mysql mysql

Volume Mapping

# docker logs container name or id (strange_wing)

Check container logs

# docker inspect container name or id (lucid_rhodes)

Check container configuration

# docker run ubuntu

# docker run ubuntu --network=none

# docker run ubuntu --network=host


# docker netowrk create \

--driver bridge

--subnet 182.18.0.0/16

custom-isolated-network


# docker network ls

# docker inspect dockername or id

Embedded DNS


/var/lib/docker

aufs

containers

image

volumes


Layered architecture


# docker build dockerfile -t ritesh/my-custom-app


# docker run ritesh/my-custom-app


Volume Mounting


# docker volume create data_volume


/var/lib/docker

volumes

data_volume


# docker run -v data_volume:/var/lib/mysql mysql

# docker run -v data_volume2


Binding Mount ( Mount Directory)


A directory any location any


Storage Drivers


AUFS

ZFS

BTRFS

Device Mapper

Overlay

Overlay2

Posted by at No comments:

Friday, August 18, 2023

Linux cut command

Cut command check your command query with option the show output on screen.

Command Syntax:- cut option filename















Posted by



at





No comments:
  


































          

        

          

        

Thursday, August 17, 2023


          

        










Linux Web Server Configuration











Apache Configuration
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  • Package                    :  httpd
  • Service                     :  httpd
  • Port                          :  80 (http) ,443(https)
  • Configuration file     :  /etc/httpd/conf/httpd.conf
  • Document Root        :  /var/www/html/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
1.) Install httpd service.
            #yum install httpd -y
==================================================
2) Configuration file path.
vim /etc/httpd/conf/httpd.conf
Here you can change port as per your requirement.



Listen 80
Listen 8080
==================================================
3.) You have to create a file like index.html
#vim /var/www/html/index.html




==================================================

4.) After creating file under html folder, need to start httpd service.









Your URL will be http;//ipaddress or domain name from browser. 





Also, you can same check with your terminal like curl http://localhost









==================================================
5.) We can change or add default page extenstion or file name in hosting configuration.




 





==================================================
6.) Whenever you change the configuration in config file then you have to reload the httpd service.
#systemctl reload httpd

##################################################
Port Based Hosting
##################################################
1.) Configuration file path.
vim /etc/httpd/conf/httpd.conf 
You have to add custom port number as per your requirement in httpd configuration file.



==================================================
2) Add below syntex in your httpd configuration file.










<Directory /var/www/html/site1>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 172.31.36.170:8080>
  DocumentRoot /var/www/html/site1
  ServerAdmin ashara@ritesh.local
  ErrorLog "logs/site1_error_log"
  CustomLog "logs/site1_access_log" combined
</VirtualHost>

<Directory /var/www/html/site2>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 172.31.36.170:8181>
  DocumentRoot /var/www/html/site2
  ServerAdmin ashara@ritesh.local
  ErrorLog "logs/site2_error_log"
  CustomLog "logs/site2_access_log" combined
</VirtualHost>
==================================================
3.) Now restart httpd service.
#systemctl restart httpd
or
#systemctl reload httpd
==================================================
4.) We are now checking output with different port numbers which we have mentioned in httpd configuration file.









<Directory /var/www/html/site1>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.1.201:80>
  DocumentRoot /var/www/html/site1
  ServerAdmin janak@devops.local
  ErrorLog "logs/site1_error_log"
  CustomLog "logs/site1_access_log" combined
</VirtualHost>



<Directory /var/www/html/site2>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.1.201:8080>
  DocumentRoot /var/www/html/site2
  ServerAdmin janak@devops.local
  ErrorLog "logs/site2_error_log"
  CustomLog "logs/site2_access_log" combined
</VirtualHost>

https://www.webhi.com/how-to/how-to-install-ssl-certificate-on-apache-for-centos-7/

apachectl configtest

IP Based
===========================================

<Directory /var/www/html/site1>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.1.102:80>
  DocumentRoot /var/www/html/site1
  ServerAdmin janak@devops.local
  ErrorLog "logs/site1_error_log"
  CustomLog "logs/site1_access_log" combined
</VirtualHost>



<Directory /var/www/html/site2>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.1.112:80>
  DocumentRoot /var/www/html/site2
  ServerAdmin janak@devops.local
  ErrorLog "logs/site2_error_log"
  CustomLog "logs/site2_access_log" combined
</VirtualHost>



DNS Based
=======================

<Directory /var/www/html/site1>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.0.104:80>
  DocumentRoot /var/www/html/site1
  ServerName www.devopsservice.local:80
  ServerAdmin janak@devops.local
  ErrorLog "logs/site1_error_log"
  CustomLog "logs/site1_access_log" combined
</VirtualHost>

<Directory /var/www/html/site2>
  Require all granted
  AllowOverride None
</Directory>

<VirtualHost 192.168.0.104:80>
  DocumentRoot /var/www/html/site2
  ServerName web.devopsservice.local:80
  ServerAdmin janak@devops.local
  ErrorLog "logs/site2_error_log"
  CustomLog "logs/site2_access_log" combined
</VirtualHost>










Posted by



at





No comments:
  










































Linux Master DNS Server Configuration











Package Name: bind
Service Name: named
IP Address : 192.168.1.4
Port: 53
Configuration File: /etc/named.conf
Directory: /var/named



DNS Name: ritesh.local
Computer Name: computer-1.ritesh.local
Example:  computer-1.ritesh.local  - FQDN

- Install Package

[root@computer-1 ~]#  yum install bind

[root@computer-1 ~]# hostnamectl set-hostname computer-1.ritesh.local

[root@computer-1 ~]# cat /etc/hosts

192.168.1.4 computer-1.devopsservice.local computer-1

[root@computer-1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search ritesh.local
nameserver 192.168.1.4

[root@computer-1 ~]#

[root@computer-1 ~]# vi /etc/named.conf

listen-on port 53 { 192.168.1.4; };
allow-query     { any; };

[root@computer-1 ~]# vi /etc/named.rfc1912.zones

zone "devopsservice.local" IN {
        type master;
        file "ritesh.local.forward";
        allow-update { none; };
};



[root@computer-1 ~]# cd /var/named/
[root@computer-1 ~]# vi ritesh.local.forward

$TTL 1D
@       IN SOA  computer-1.ritesh.local. root.ritesh.local. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
          IN NS computer-1.ritesh.local.
computer-1 IN A 192.168.1.4
windows   IN A 192.168.1.3


[root@computer-1 ~]# chown root:named ritesh.local.forward

[root@computer-1 ~]# systemctl start named










Posted by



at





No comments:
  


































          

        

          

        

Friday, July 21, 2023


          

        









Linux Keybased Authentication











 Two types of authentications

1) Username and Password
2) Key based authentication

Username & Password: Create new user and set password, Which very common method

2) Key based authentication: Create user generate public/private key

Fresh user :-

Generate public/private key
Public key save on server and private key for user which user want access remote.

When you generate key then default one directory create under user home direcotry .ssh/

id_rsa {Private Key}
id_rsa.pub {Public Key}


publickey store under /home/user/.ssh/authorized_keys 
When you copy authorized key then check file permission if not then provide though below command

chown username /home/user/.ssh/authorized_keys (file ownership will change)

Now user will access remote by key.


Requirement exiting user remote access via username & password now we have provide only key based authentication

Generate public and private key.

#ssh-keygen (Generate public and private key under /home/user/.ssh/

id_rsa (private key)
id_rsa.pub (public key)

#ssh-copy-id username@ip address (This cmd for copy public key in user home directory and create file like Authorized_keys)

Enter 
Asking the user password (AWS Linux ec2 there password authoentication is disable so we have enabled from vim /etc/ssh/sshd_config then search PasswordAuthentication by default its no sow we have replace yes then save file and restart ssh service.
#systemctl restart sshd

Then agin use below 

ssh-copy-id username@ip address

You can see message below message after enter password of user.

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ravikant@172.31.83.133'"
and check to make sure that only the key(s) you wanted were added.

now lets see user is accessble remote










Posted by



at





No comments:
  


































          

        

          

        

Monday, July 17, 2023


          

        










Linux


















Read more »







Posted by



at





No comments:
  


































          

        

          

        

Wednesday, July 12, 2023


          

        









Windows Operating System Important configuration for IT Guys











=========================================================================
IPV6 disabled from registry settings
-----------------------------------------------------------------------------------------------------------------------------
reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 0xFF /f
=========================================================================
Windows Firewall rules by command line.
-----------------------------------------------------------------------------------------------------------------------------
netsh advfirewall set allprofiles state off
netsh advfirewall show all
netsh advfirewall set allprofiles state on   (Firewall on)
netsh advfirewall firewall add rule name="RDP-3001" dir=in action=allow protocol=TCP localport=3001
=========================================================================
Windows RDP Enable, Disable  and Port change
=========================================================================
To disable RDP :- 
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 1
To Enable RDP :- 
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
RDP Port Change :- 
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v "PortNumber" /t REG_DWORD /d "3001" /f

=========================================================================
Firewall
=========================================================================
netsh advfirewall set allprofiles state off
netsh advfirewall show all
netsh advfirewall set allprofiles state on   (Firewall on)










Posted by



at





No comments:
  


































        

      









Subscribe to:
Comments (Atom)