Cristian Gherman bloghttps://cgherman.go.ro/2023-10-13T00:00:00+03:00Sysadmin/Web Developer/Linux advocateKubernetes - volume persistente2023-10-13T00:00:00+03:002023-10-13T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2023-10-13:/kubernetes-volume-persistente.html<p>Dupa cum stim containerele ce ruleaza in kubernetes nu sunt permanente, se pot opri si reporni pe oricare nod din cluster deci nu sunt potrivite pentru a
stoca date pe termen lung ca de exemplu bazele date, imagini sau cand mai multe containere /pod-uri trebuie sa faca share la aceleasi …</p><p>Dupa cum stim containerele ce ruleaza in kubernetes nu sunt permanente, se pot opri si reporni pe oricare nod din cluster deci nu sunt potrivite pentru a
stoca date pe termen lung ca de exemplu bazele date, imagini sau cand mai multe containere /pod-uri trebuie sa faca share la aceleasi date.</p>
<p>In Kubernetes sunt suportate cateva tipuri de volume:</p>
<ul class="simple">
<li>directoare locale pe disc la noduri</li>
<li>partii locale</li>
<li>NFS</li>
<li>AWS EBS</li>
<li>Azure Disk</li>
<li>GCEPersistentDisk</li>
<li>RDB</li>
</ul>
<p>Un exemplu de fisier pentru configurarea unui volum NFS de 2Gi in mod RW ce poate asociat la mai multe containere:</p>
<div class="highlight"><pre><span></span><span class="c1">#db-data-pv.yaml</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PersistentVolume</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">db-data-pv</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w"> </span><span class="nt">capacity</span><span class="p">:</span>
<span class="w"> </span><span class="nt">storage</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">2Gi</span>
<span class="w"> </span><span class="nt">volumeMode</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Filesystem</span>
<span class="w"> </span><span class="nt">accessModes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ReadWriteMany</span>
<span class="w"> </span><span class="nt">persistentVolumeReclaimPolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Recycle</span>
<span class="w"> </span><span class="nt">storageClassName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nfs</span>
<span class="w"> </span><span class="nt">mountOptions</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">hard</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nfsvers=4.0</span>
<span class="w"> </span><span class="nt">nfs</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/mnt/sdb/nfsdata/db-data</span>
<span class="w"> </span><span class="nt">server</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10.118.33.1</span>
</pre></div>
<p>In acest exemplu folosim partia exportata <strong>/mnt/sdb/nfsdata/db-data</strong> de pe serverul <strong>10.118.33.1</strong></p>
<p>Initializam acest volum permanent cu comanda <strong>kubectl</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">kubectl apply -f db-data-pv.yaml</span>
</pre></div>
<p>Verificam crearea acestui volum:</p>
<div class="highlight"><pre><span></span><span class="gp">#</span>kubectl<span class="w"> </span>get<span class="w"> </span>pv<span class="w"> </span>-o<span class="w"> </span>wide
<span class="go">NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE VOLUMEMODE</span>
<span class="go">db-data-pv 2Gi RWX Recycle Available nfs 1m Filesystem</span>
<span class="gp">#</span>kubectl<span class="w"> </span>describe<span class="w"> </span>persistentvolumes<span class="w"> </span>db-data-pv
<span class="go">Name: db-data-pv</span>
<span class="go">Labels: <none></span>
<span class="go">Annotations: pv.kubernetes.io/bound-by-controller: yes</span>
<span class="go">Finalizers: [kubernetes.io/pv-protection]</span>
<span class="go">StorageClass: nfs</span>
<span class="go">Status: Bound</span>
<span class="go">Claim: .. code-block:: console</span>
<span class="go">Reclaim Policy: Recycle</span>
<span class="go">Access Modes: RWX</span>
<span class="go">VolumeMode: Filesystem</span>
<span class="go">Capacity: 2Gi</span>
<span class="go">Node Affinity: <none></span>
<span class="go">Message:</span>
<span class="go">Source:</span>
<span class="go">Type: NFS (an NFS mount that lasts the lifetime of a pod)</span>
<span class="go">Server: 10.118.33.1</span>
<span class="go">Path: /mnt/sdb/nfsdata/db-data</span>
<span class="go">ReadOnly: false</span>
<span class="go">Events: <none></span>
</pre></div>
<p>Pentru a putea folosi un volum persistent in pod trebuie solicitat printr-un <strong>PersistentVolumeClaim (PVC)</strong>.</p>
<p>In PVC se solicita un volum de 2Gi de tip NFS in mod rw:</p>
<div class="highlight"><pre><span></span><span class="c1">#db-data-pvc.yaml</span>
<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span>
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PersistentVolumeClaim</span>
<span class="nt">metadata</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">db-data-pvc</span>
<span class="nt">spec</span><span class="p">:</span>
<span class="w"> </span><span class="nt">storageClassName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nfs</span>
<span class="w"> </span><span class="nt">accessModes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ReadWriteMany</span>
<span class="w"> </span><span class="nt">resources</span><span class="p">:</span>
<span class="w"> </span><span class="nt">requests</span><span class="p">:</span>
<span class="w"> </span><span class="nt">storage</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">2Gi</span>
</pre></div>
<p>Initializam acest PVC comanda <strong>kubectl</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">kubectl apply -f db-data-pvc.yaml</span>
</pre></div>
<p>si se va atribui un volum conform cerintelor - 2Gi/NFS/RW</p>
<p>Verificam crearea acestui PVC:</p>
<div class="highlight"><pre><span></span><span class="gp">#</span>kubectl<span class="w"> </span>get<span class="w"> </span>pvc
<span class="go">NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE</span>
<span class="go">db-data-pvc Bound db-data-pv 2Gi RWX nfs 16s</span>
<span class="gp">#</span>kubectl<span class="w"> </span>describe<span class="w"> </span>persistentvolumeclaims<span class="w"> </span>db-data-pvc
<span class="go">Name: db-data-pvc</span>
<span class="go">Namespace: cristi-dev</span>
<span class="go">StorageClass: nfs</span>
<span class="go">Status: Bound</span>
<span class="go">Volume: db-data-pv</span>
<span class="go">Labels: <none></span>
<span class="go">Annotations: pv.kubernetes.io/bind-completed: yes</span>
<span class="go">pv.kubernetes.io/bound-by-controller: yes</span>
<span class="go">Finalizers: [kubernetes.io/pvc-protection]</span>
<span class="go">Capacity: 2Gi</span>
<span class="go">Access Modes: RWX</span>
<span class="go">VolumeMode: Filesystem</span>
<span class="go">Used By: <none></span>
<span class="go">Events: <none></span>
</pre></div>
<p>Iar daca verificam din nou volumul creat mai sus, vom regasi ca este asociat cu PVC <strong>db-data-pvc</strong></p>
<div class="highlight"><pre><span></span><span class="gp">#</span>kubectl<span class="w"> </span>get<span class="w"> </span>pv
<span class="go">NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE</span>
<span class="go">db-data-pv 2Gi RWX Recycle Bound cristi-dev/db-data-pvc nfs 2m58s</span>
<span class="gp">#</span>kubectl<span class="w"> </span>describe<span class="w"> </span>persistentvolumes<span class="w"> </span>db-data-pv
<span class="go">Name: db-data-pv</span>
<span class="go">Labels: <none></span>
<span class="go">Annotations: pv.kubernetes.io/bound-by-controller: yes</span>
<span class="go">Finalizers: [kubernetes.io/pv-protection]</span>
<span class="go">StorageClass: nfs</span>
<span class="go">Status: Bound</span>
<span class="go">Claim: cristi-dev/db-data-pvc</span>
<span class="go">Reclaim Policy: Recycle</span>
<span class="go">Access Modes: RWX</span>
<span class="go">VolumeMode: Filesystem</span>
<span class="go">Capacity: 2Gi</span>
<span class="go">Node Affinity: <none></span>
<span class="go">Message:</span>
<span class="go">Source:</span>
<span class="go">Type: NFS (an NFS mount that lasts the lifetime of a pod)</span>
<span class="go">Server: 10.118.33.1</span>
<span class="go">Path: /mnt/sdb/nfsdata/db-data</span>
<span class="go">ReadOnly: false</span>
<span class="go">Events: <none></span>
</pre></div>
<p><strong>Nota:</strong> mai multi parametrii de configurare si optiuni gasiti in <a class="reference external" href="https://kubernetes.io/docs/concepts/storage/persistent-volumes/">documentatie</a></p>
Terraform - lansare instante EC22022-06-29T00:00:00+03:002022-06-29T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2022-06-29:/terraform-lansare-instante-ec2.html<p>In a doua <a class="reference external" href="/articole/terraform-configurare-security-groupc/">parte</a> am prezentat configurarea unui Security Group in AWS.</p>
<p>Acum vom lansa si o instanta EC2. Inainte vom incarca o cheie publica pentru a ne permite accessul SSH:</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_key_pair"</span><span class="w"> </span><span class="s2">"Cristi"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">key_name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"Cristi public"</span>
<span class="w"> </span><span class="nx">public_key</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ssh-rsa AAAAB3N ..... == cristi@cristi"</span>
<span class="p">}</span>
<span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_instance"</span><span class="w"> </span><span class="s2">"ter-worker"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">ami</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ami-05b44291810dff0b2"</span>
<span class="w"> </span><span class="nx">instance_type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"t3.micro …</span></pre></div><p>In a doua <a class="reference external" href="/articole/terraform-configurare-security-groupc/">parte</a> am prezentat configurarea unui Security Group in AWS.</p>
<p>Acum vom lansa si o instanta EC2. Inainte vom incarca o cheie publica pentru a ne permite accessul SSH:</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_key_pair"</span><span class="w"> </span><span class="s2">"Cristi"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">key_name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"Cristi public"</span>
<span class="w"> </span><span class="nx">public_key</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ssh-rsa AAAAB3N ..... == cristi@cristi"</span>
<span class="p">}</span>
<span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_instance"</span><span class="w"> </span><span class="s2">"ter-worker"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">ami</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ami-05b44291810dff0b2"</span>
<span class="w"> </span><span class="nx">instance_type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"t3.micro"</span>
<span class="w"> </span><span class="nx">key_name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"Cristi public"</span>
<span class="w"> </span><span class="nx">subnet_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="mf">1</span><span class="nx">a</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">security_groups</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">sg</span><span class="p">.</span><span class="nx">id</span><span class="w"> </span><span class="p">]</span>
<span class="w"> </span><span class="nx">count</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">2</span>
<span class="w"> </span><span class="nx">root_block_device</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">volume_size</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">25</span>
<span class="w"> </span><span class="nx">volume_type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"gp3"</span>
<span class="w"> </span><span class="nx">delete_on_termination</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">true</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-worker-root-${count.index}"</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">ebs_block_device</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">device_name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"/dev/xvdba"</span>
<span class="w"> </span><span class="nx">volume_size</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">100</span>
<span class="w"> </span><span class="nx">volume_type</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"gp3"</span>
<span class="w"> </span><span class="nx">delete_on_termination</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">true</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-worker-data-${count.index}"</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-worker-${count.index}"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p>Putem specifica tipul instantei, marimea si tipul discurilor ce vor fi utilizate, precum si numarul instantelor dorite.</p>
<p><strong>Nota:</strong> parametrii suplimentari gasiti in documentatia <a class="reference external" href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">aws instance</a> .</p>
Terraform - configurare Security Group2022-05-29T00:00:00+03:002022-05-29T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2022-05-29:/terraform-configurare-security-group.html<p>Am prezentat in prima <a class="reference external" href="/articole/terraform-configurare-vpc/">parte</a> cum se creaza un VPC in AWS.
La acesta ii vom adauga un security group cu cateva permisiuni de access: SSH, HTTP si HTTPS</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_security_group"</span><span class="w"> </span><span class="s2">"ter-sg"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-sw"</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"Allow traffic"</span>
<span class="w"> </span><span class="nx">vpc_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">vpc</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">ingress</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"SSH"</span>
<span class="w"> </span><span class="nx">from_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">22</span>
<span class="w"> </span><span class="nx">to_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">22</span>
<span class="w"> </span><span class="nx">protocol …</span></pre></div><p>Am prezentat in prima <a class="reference external" href="/articole/terraform-configurare-vpc/">parte</a> cum se creaza un VPC in AWS.
La acesta ii vom adauga un security group cu cateva permisiuni de access: SSH, HTTP si HTTPS</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_security_group"</span><span class="w"> </span><span class="s2">"ter-sg"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-sw"</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"Allow traffic"</span>
<span class="w"> </span><span class="nx">vpc_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">vpc</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">ingress</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"SSH"</span>
<span class="w"> </span><span class="nx">from_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">22</span>
<span class="w"> </span><span class="nx">to_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">22</span>
<span class="w"> </span><span class="nx">protocol</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"tcp"</span>
<span class="w"> </span><span class="nx">cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
<span class="w"> </span><span class="nx">ipv6_cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"::/0"</span><span class="p">]</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">ingress</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"HTTP"</span>
<span class="w"> </span><span class="nx">from_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">80</span>
<span class="w"> </span><span class="nx">to_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">80</span>
<span class="w"> </span><span class="nx">protocol</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"tcp"</span>
<span class="w"> </span><span class="nx">cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
<span class="w"> </span><span class="nx">ipv6_cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"::/0"</span><span class="p">]</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">ingress</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">description</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"HTTPS"</span>
<span class="w"> </span><span class="nx">from_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">443</span>
<span class="w"> </span><span class="nx">to_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">443</span>
<span class="w"> </span><span class="nx">protocol</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"tcp"</span>
<span class="w"> </span><span class="nx">cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
<span class="w"> </span><span class="nx">ipv6_cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"::/0"</span><span class="p">]</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">egress</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">from_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">0</span>
<span class="w"> </span><span class="nx">to_port</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">0</span>
<span class="w"> </span><span class="nx">protocol</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"-1"</span>
<span class="w"> </span><span class="nx">cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span>
<span class="w"> </span><span class="nx">ipv6_cidr_blocks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="s2">"::/0"</span><span class="p">]</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-sg"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p>Pentru definirea regulilor specificam un inteval de porturi, protocolul folosit (tcp sau udp), ip sau clasa de ip-uri ce poate accesa portul (ipv4 cat si ipv6).</p>
<p><strong>Nota:</strong> parametrii suplimentari gasiti in documentatia <a class="reference external" href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">aws subnet</a> .</p>
Terraform - configurare VPC2022-05-22T00:00:00+03:002022-05-22T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2022-05-22:/terraform-configurare-vpc.html<p><a class="reference external" href="https://www.terraform.io/">Terraform</a> este o aplicatie ce permite crearea si configurarea infrastructurii ce ruleaza de obicei in cloud
ca si cod (IaC) intr-un mod foarte rapid.</p>
<p>Terraform se integreaza cu cei mai mari si cunoscuti furnizori de cloud (AWS, GCE, Azure) cat si cu Kubernetes. Lista completa cu integrarile o gasiti <a class="reference external" href="https://registry.terraform.io/browse/providers">aici …</a></p><p><a class="reference external" href="https://www.terraform.io/">Terraform</a> este o aplicatie ce permite crearea si configurarea infrastructurii ce ruleaza de obicei in cloud
ca si cod (IaC) intr-un mod foarte rapid.</p>
<p>Terraform se integreaza cu cei mai mari si cunoscuti furnizori de cloud (AWS, GCE, Azure) cat si cu Kubernetes. Lista completa cu integrarile o gasiti <a class="reference external" href="https://registry.terraform.io/browse/providers">aici</a> .</p>
<p><a class="reference external" href="https://www.terraform.io/downloads">Instalarea aplicatiei</a> este foarte simpla existand repo pentru distributia favorita cat si pentru Windows.</p>
<p>Mai jos voi explica cum creem o retea privata (VPC) in AWS. Pentru acest lucru aveti nevoie de un cont in AWS cu drept full ptr EC2 cu credential de access.</p>
<p>Aceste credentiale de access presupunem ca sunt stocate in profilul default (vezi configurarea <a class="reference external" href="https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html">aws cli</a> ).</p>
<p>Avem un folder care sa includa proiectul nostru si creem un fiser <strong>main.tf</strong> in care definim datele de conectare la AWS si regiunea
in care se va configura:</p>
<div class="highlight"><pre><span></span><span class="nx">terraform</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">required_providers</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">aws</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">source</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"hashicorp/aws"</span>
<span class="w"> </span><span class="nx">version</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"~> 3.0"</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
<span class="nx">provider</span><span class="w"> </span><span class="s2">"aws"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">profile</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"default"</span>
<span class="w"> </span><span class="nx">region</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"eu-central-1"</span>
<span class="p">}</span>
</pre></div>
<p>Initializam configuratia cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">terraform init</span>
</pre></div>
<p>care va instala librariile necesare.</p>
<p>In aceasta regiune - eu-central-1 - creeam un VPC numit <strong>ter-vpc</strong> cu clasa de ip-uri <strong>10.20.0.0/16</strong>:</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_vpc"</span><span class="w"> </span><span class="s2">"ter-vpc"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">cidr_block</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"10.20.0.0/16"</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s2">"Name"</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-vpc"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p><strong>Nota:</strong> parametrii suplimentari gasiti in documentatia <a class="reference external" href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc">vpc</a></p>
<p>Configuratia descrisa o putem testa inainte de aplicare cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">terraform plan</span>
</pre></div>
<p>si daca modificarile sunt conforme se pot aplica cu comanda</p>
<div class="highlight"><pre><span></span><span class="go">terraform apply</span>
</pre></div>
<p>La acest VPC este necesar un internet gateway pentru ca viitoarele resurse sa poata fi accesibile din exterior</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_internet_gateway"</span><span class="w"> </span><span class="s2">"ter-gw"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">vpc_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">vpc</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s2">"Name"</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-gw"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p><strong>Nota:</strong> parametrii suplimentari gasiti in documentatia <a class="reference external" href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway">aws_internet_gateway</a> .</p>
<p>In VPC vom crea 2 subretele in DC diferite (availability zone):</p>
<div class="highlight"><pre><span></span><span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_subnet"</span><span class="w"> </span><span class="s2">"ter-1a"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">vpc_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">vpc</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">cidr_block</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"10.20.1.0/24"</span>
<span class="w"> </span><span class="nx">availability_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"eu-central-1a"</span>
<span class="w"> </span><span class="nx">map_public_ip_on_launch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">true</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-1a"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
<span class="nx">resource</span><span class="w"> </span><span class="s2">"aws_subnet"</span><span class="w"> </span><span class="s2">"ter-1b"</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">vpc_id</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">ter</span><span class="o">-</span><span class="nx">vpc</span><span class="p">.</span><span class="nx">id</span>
<span class="w"> </span><span class="nx">cidr_block</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"10.20.2.0/24"</span>
<span class="w"> </span><span class="nx">availability_zone</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"eu-central-1b"</span>
<span class="w"> </span><span class="nx">map_public_ip_on_launch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">true</span>
<span class="w"> </span><span class="nx">tags</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nx">Name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"ter-1b"</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p><strong>Nota:</strong> parametrii suplimentari gasiti in documentatia <a class="reference external" href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet">aws subnet</a> .</p>
Salt - arhitectura distribuita cu salt syndic2020-09-20T00:00:00+03:002020-09-20T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2020-09-20:/salt-arhitectura-distribuita-cu-salt-syndic.html<p>Arhitectura clasica pentru <a class="reference external" href="/articole/salt-instalare-si-configurare/">Salt</a> este un singur master ce controleaza un grup de minioni.
Dar in anumite cazuri se doreste impartita in diferite segmente pe care sa fie controlate dintr-o locatie centrala.</p>
<p>Intalnim acest caz cand avem multiple datacentere sau filiale locale (cu numar mai mare de staii locale).</p>
<img alt="" src="/images/salt-multimaster.png" style="width: 800px;" />
<p>Nodul …</p><p>Arhitectura clasica pentru <a class="reference external" href="/articole/salt-instalare-si-configurare/">Salt</a> este un singur master ce controleaza un grup de minioni.
Dar in anumite cazuri se doreste impartita in diferite segmente pe care sa fie controlate dintr-o locatie centrala.</p>
<p>Intalnim acest caz cand avem multiple datacentere sau filiale locale (cu numar mai mare de staii locale).</p>
<img alt="" src="/images/salt-multimaster.png" style="width: 800px;" />
<p>Nodul/minionul intermediar numit <a class="reference external" href="https://docs.saltstack.com/en/latest/topics/topology/syndic.html">Syndic</a> ruleaza o instanta de <strong>salt-syndic</strong> si
o instanta de <strong>salt-master</strong> - find master local pentru minionii din segmetul local - si transmite comenzile primite de la master-ul central numit si <strong>"Master of Masters"</strong>.</p>
<div class="section" id="configurare-syndic">
<h2>Configurare Syndic</h2>
<p>Instalam pachetele necesare:</p>
<div class="highlight"><pre><span></span><span class="go">yum install salt-master</span>
<span class="go">yum install salt-syndic</span>
<span class="go">yum install salt-minion</span>
</pre></div>
<p>Configuram minionul sa se conecteze la masterul central. Adaugam in <strong>/etc/salt/minion.d/master.conf</strong>:</p>
<div class="highlight"><pre><span></span>master: master.lxd
</pre></div>
<p>Specificam conectarea la Master of Masters pentru salt-syndic in <strong>/etc/salt/minion.d/syndic.conf</strong>:</p>
<div class="highlight"><pre><span></span><span class="nt">syndic_master</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master.lxd</span>
</pre></div>
<p>Activam si pornim serviciile:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl enable salt-syndic --now</span>
<span class="go">systemctl enable salt-master --now</span>
<span class="go">systemctl enable salt-minion --now</span>
</pre></div>
<p>Configuram ca Master of Masters pentru comunicarea cu serverele Syndic in <strong>/etc/salt/master.d/syndic.conf</strong>:</p>
<div class="highlight"><pre><span></span><span class="nt">order_masters</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
</pre></div>
<p>Acum putem accepta cheile minionilor administrati de syndic</p>
<div class="highlight"><pre><span></span><span class="gp">[root@syndic-1 ~]# </span>salt-key
<span class="go">Accepted Keys:</span>
<span class="go">minion00.zone1.lxd</span>
<span class="go">minion01.zone1.lxd</span>
<span class="go">minion02.zone1.lxd</span>
<span class="go">minion03.zone1.lxd</span>
<span class="go">minion04.zone1.lxd</span>
<span class="go">minion05.zone1.lxd</span>
</pre></div>
<p>si acceptam cheia nodului syndic pe master.</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt-key
<span class="go">Accepted Keys:</span>
<span class="go">master.lxd</span>
<span class="go">syndic.zone1.lxd</span>
<span class="go">syndic.zone2.lxd</span>
</pre></div>
</div>
<div class="section" id="verificare-conectare-minioni">
<h2>Verificare conectare minioni</h2>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt<span class="w"> </span><span class="se">\*</span><span class="w"> </span>test.version
<span class="go">master.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">syndic.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">syndic.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion00.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion02.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion04.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion05.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion01.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion00.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion03.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion02.zone2.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion03.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion01.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion05.zone1.lxd:</span>
<span class="go"> 3001.1</span>
<span class="go">minion04.zone1.lxd:</span>
<span class="go"> 3001.1</span>
</pre></div>
<p>Acum putem transmite comenzi tutror minionilor conectati.</p>
</div>
<div class="section" id="distributie-states-si-pillar">
<h2>Distributie states si pillar</h2>
<p>Pentru a beneficia de intreaga putere oferita de Salt e necesar sa distribuim fisierele de state si pillar pe serverele syndic.
Una din metodele recomandate este dintr-un repo git central prin gitfs.
Modul de configurare l-am descris in articolul <a class="reference external" href="/articole/salt-gestionare-states-si-pillar-prin-git/">Salt - gestionare states si pillar prin git</a></p>
<p>In caz contrar primim eroarea:</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master lxd]# </span>salt<span class="w"> </span>minion04.zone1.lxd<span class="w"> </span>state.apply<span class="w"> </span>ssh
<span class="go">minion04.zone1.lxd:</span>
<span class="go">Data failed to compile:</span>
<span class="go">----------</span>
<span class="go">No matching sls found for 'ssh' in env 'base'</span>
<span class="go">ERROR: Minions returned with non-zero exit code</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Traefik - configurare SSL2020-06-21T00:00:00+03:002020-06-21T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2020-06-21:/traefik-configurare-ssl.html<p>In continuarea articolului legat de <a class="reference external" href="/articole/traefik-proxy-si-load-balancer/">Traefik</a> voi prezenta configurarea acestuia cu SSL.</p>
<p>Modificam fisierul principal de config <strong>/etc/traefik.yaml</strong> cu adaugarea intrarii HTTPS:</p>
<div class="highlight"><pre><span></span><span class="nt">log</span><span class="p">:</span>
<span class="w"> </span><span class="nt">level</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">INFO</span>
<span class="nt">api</span><span class="p">:</span>
<span class="w"> </span><span class="nt">insecure</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">dashboard</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="nt">entryPoints</span><span class="p">:</span>
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
<span class="w"> </span><span class="nt">address</span><span class="p">:</span><span class="w"> </span><span class="s">"192.168.25.200:80"</span>
<span class="w"> </span><span class="nt">http</span><span class="p">:</span>
<span class="w"> </span><span class="nt">redirections</span><span class="p">:</span>
<span class="w"> </span><span class="nt">entryPoint</span><span class="p">:</span>
<span class="w"> </span><span class="nt">to</span><span class="p">:</span><span class="w"> </span><span class="s">"web-ssl"</span>
<span class="w"> </span><span class="nt">scheme</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https</span>
<span class="w"> </span><span class="nt">permanent</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">web-ssl …</span></pre></div><p>In continuarea articolului legat de <a class="reference external" href="/articole/traefik-proxy-si-load-balancer/">Traefik</a> voi prezenta configurarea acestuia cu SSL.</p>
<p>Modificam fisierul principal de config <strong>/etc/traefik.yaml</strong> cu adaugarea intrarii HTTPS:</p>
<div class="highlight"><pre><span></span><span class="nt">log</span><span class="p">:</span>
<span class="w"> </span><span class="nt">level</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">INFO</span>
<span class="nt">api</span><span class="p">:</span>
<span class="w"> </span><span class="nt">insecure</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">dashboard</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="nt">entryPoints</span><span class="p">:</span>
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
<span class="w"> </span><span class="nt">address</span><span class="p">:</span><span class="w"> </span><span class="s">"192.168.25.200:80"</span>
<span class="w"> </span><span class="nt">http</span><span class="p">:</span>
<span class="w"> </span><span class="nt">redirections</span><span class="p">:</span>
<span class="w"> </span><span class="nt">entryPoint</span><span class="p">:</span>
<span class="w"> </span><span class="nt">to</span><span class="p">:</span><span class="w"> </span><span class="s">"web-ssl"</span>
<span class="w"> </span><span class="nt">scheme</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https</span>
<span class="w"> </span><span class="nt">permanent</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">web-ssl</span><span class="p">:</span>
<span class="w"> </span><span class="nt">address</span><span class="p">:</span><span class="w"> </span><span class="s">"192.168.25.200:443"</span>
<span class="nt">providers</span><span class="p">:</span>
<span class="w"> </span><span class="nt">file</span><span class="p">:</span>
<span class="w"> </span><span class="nt">directory</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/traefik.d</span>
<span class="w"> </span><span class="nt">watch</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
</pre></div>
<p>Unde la punctul de intrare <strong>web</strong> am adaugat o redirectionare permanenta spre <strong>web-ssl</strong>.</p>
<p>Configurarea SSL o facem in <strong>/etc/traefik.d/tls.yaml</strong></p>
<div class="highlight"><pre><span></span><span class="nt">tls</span><span class="p">:</span>
<span class="w"> </span><span class="nt">options</span><span class="p">:</span>
<span class="w"> </span><span class="nt">default</span><span class="p">:</span>
<span class="w"> </span><span class="nt">minVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">VersionTLS12</span>
<span class="w"> </span><span class="nt">cipherSuites</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TLS_RSA_WITH_AES_256_GCM_SHA384</span>
<span class="w"> </span><span class="nt">certificates</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">certFile</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/ssl/gitea.cert</span>
<span class="w"> </span><span class="nt">keyFile</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/ssl/gitea.key</span>
<span class="w"> </span><span class="nt">stores</span><span class="p">:</span>
<span class="w"> </span><span class="nt">default</span><span class="p">:</span>
<span class="w"> </span><span class="nt">defaultCertificate</span><span class="p">:</span>
<span class="w"> </span><span class="nt">certFile</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/ssl/cert.pem</span>
<span class="w"> </span><span class="nt">keyFile</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/ssl/key.pem</span>
</pre></div>
<p>Unde am specificat certificatele utilizate precum si un certificat implicit (un certificat cu steluta in cazul meu).
Optuni suplimentare regasiti in documentatia oficiala.</p>
<p>Actualizam configuratia serviciului din <strong>/etc/traefik.d/gitea.yaml</strong> cu adaugarea sectiunii <strong>tls</strong>:</p>
<div class="highlight"><pre><span></span><span class="nt">http</span><span class="p">:</span>
<span class="w"> </span><span class="nt">routers</span><span class="p">:</span>
<span class="w"> </span><span class="nt">gitea</span><span class="p">:</span>
<span class="w"> </span><span class="nt">entryPoints</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">"web"</span>
<span class="w"> </span><span class="nt">rule</span><span class="p">:</span><span class="w"> </span><span class="s">"Host(`gitea.lxd`)"</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">gitea</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tls:{}</span>
<span class="w"> </span><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">gitea</span><span class="p">:</span>
<span class="w"> </span><span class="nt">loadBalancer</span><span class="p">:</span>
<span class="w"> </span><span class="nt">servers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="s">"http://10.209.214.189:3000/"</span>
<span class="w"> </span><span class="nt">healthCheck</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="s">"/"</span>
</pre></div>
Kubernetes - instalare cluster2020-05-12T00:00:00+03:002020-05-12T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2020-05-12:/kubernetes-instalare-cluster.html<p>Instalarea cluster-ului Kubernetes este facila cu <a class="reference external" href="https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/">kubeadm</a></p>
<p>Clusterul este format din 3 instante - Ubuntu 18.04 LTS - pregatite cu <a class="reference external" href="/articole/kubernetes-preparare-noduri-cu-ansible/">Ansible</a> astfel:</p>
<ul class="simple">
<li><strong>k8s-master</strong> - nod de administrare</li>
<li><strong>k8s-slave1</strong> - nod worker</li>
<li><strong>k8s-slave2</strong> - nod worker</li>
</ul>
<p>Nodurile au fiecare o interfata interna (10.209.214.0/16) si un externa (192.168.25.0/16 …</p><p>Instalarea cluster-ului Kubernetes este facila cu <a class="reference external" href="https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/">kubeadm</a></p>
<p>Clusterul este format din 3 instante - Ubuntu 18.04 LTS - pregatite cu <a class="reference external" href="/articole/kubernetes-preparare-noduri-cu-ansible/">Ansible</a> astfel:</p>
<ul class="simple">
<li><strong>k8s-master</strong> - nod de administrare</li>
<li><strong>k8s-slave1</strong> - nod worker</li>
<li><strong>k8s-slave2</strong> - nod worker</li>
</ul>
<p>Nodurile au fiecare o interfata interna (10.209.214.0/16) si un externa (192.168.25.0/16).</p>
<p>Clusterul este initiat pe <strong>k8s-master</strong>:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>kubeadm<span class="w"> </span>init<span class="w"> </span>--pod-network-cidr<span class="o">=</span><span class="m">10</span>.180.0.0/16<span class="w"> </span>--apiserver-cert-extra-sans<span class="w"> </span><span class="m">192</span>.168.25.180
<span class="go">[init] Using Kubernetes version: v1.18.2</span>
<span class="go">[preflight] Running pre-flight checks</span>
<span class="go">[preflight] Pulling images required for setting up a Kubernetes cluster</span>
<span class="go">[preflight] This might take a minute or two, depending on the speed of your internet connection</span>
<span class="go">[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'</span>
<span class="go">[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"</span>
<span class="go">[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"</span>
<span class="go">[kubelet-start] Starting the kubelet</span>
<span class="go">[certs] Using certificateDir folder "/etc/kubernetes/pki"</span>
<span class="go">[certs] Generating "ca" certificate and key</span>
<span class="go">[certs] Generating "apiserver" certificate and key</span>
<span class="go">[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.209.214.31 192.168.25.180]</span>
<span class="go">[certs] Generating "apiserver-kubelet-client" certificate and key</span>
<span class="go">[certs] Generating "front-proxy-ca" certificate and key</span>
<span class="go">[certs] Generating "front-proxy-client" certificate and key</span>
<span class="go">[certs] Generating "etcd/ca" certificate and key</span>
<span class="go">[certs] Generating "etcd/server" certificate and key</span>
<span class="go">[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [10.209.214.31 127.0.0.1 ::1]</span>
<span class="go">[certs] Generating "etcd/peer" certificate and key</span>
<span class="go">[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [10.209.214.31 127.0.0.1 ::1]</span>
<span class="go">[certs] Generating "etcd/healthcheck-client" certificate and key</span>
<span class="go">[certs] Generating "apiserver-etcd-client" certificate and key</span>
<span class="go">[certs] Generating "sa" key and public key</span>
<span class="go">[kubeconfig] Using kubeconfig folder "/etc/kubernetes"</span>
<span class="go">[kubeconfig] Writing "admin.conf" kubeconfig file</span>
<span class="go">[kubeconfig] Writing "kubelet.conf" kubeconfig file</span>
<span class="go">[kubeconfig] Writing "controller-manager.conf" kubeconfig file</span>
<span class="go">[kubeconfig] Writing "scheduler.conf" kubeconfig file</span>
<span class="go">[control-plane] Using manifest folder "/etc/kubernetes/manifests"</span>
<span class="go">[control-plane] Creating static Pod manifest for "kube-apiserver"</span>
<span class="go">[control-plane] Creating static Pod manifest for "kube-controller-manager"</span>
<span class="go">W0512 14:55:02.267212 19375 manifests.go:225] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"</span>
<span class="go">[control-plane] Creating static Pod manifest for "kube-scheduler"</span>
<span class="go">W0512 14:55:02.268448 19375 manifests.go:225] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"</span>
<span class="go">[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"</span>
<span class="go">[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s</span>
<span class="go">[apiclient] All control plane components are healthy after 38.031506 seconds</span>
<span class="go">[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace</span>
<span class="go">[kubelet] Creating a ConfigMap "kubelet-config-1.18" in namespace kube-system with the configuration for the kubelets in the cluster</span>
<span class="go">[upload-certs] Skipping phase. Please see --upload-certs</span>
<span class="go">[mark-control-plane] Marking the node k8s-master as control-plane by adding the label "node-role.kubernetes.io/master=''"</span>
<span class="go">[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]</span>
<span class="go">[bootstrap-token] Using token: 5ucugc.6tj2hgqgi85lgf94</span>
<span class="go">[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles</span>
<span class="go">[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes</span>
<span class="go">[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials</span>
<span class="go">[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token</span>
<span class="go">[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster</span>
<span class="go">[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace</span>
<span class="go">[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key</span>
<span class="go">[kubelet-check] Initial timeout of 40s passed.</span>
<span class="go">[kubelet-check] It seems like the kubelet isn't running or healthy.</span>
<span class="go">[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get http://localhost:10248/healthz: dial tcp 127.0.0.1:10248: connect: connection refused.</span>
<span class="go">[addons] Applied essential addon: CoreDNS</span>
<span class="go">[addons] Applied essential addon: kube-proxy</span>
<span class="go">Your Kubernetes control-plane has initialized successfully!</span>
<span class="go">To start using your cluster, you need to run the following as a regular user:</span>
<span class="go">mkdir -p $HOME/.kube</span>
<span class="go">sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config</span>
<span class="go">sudo chown $(id -u):$(id -g) $HOME/.kube/config</span>
<span class="go">You should now deploy a pod network to the cluster.</span>
<span class="go">Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:</span>
<span class="go">https://kubernetes.io/docs/concepts/cluster-administration/addons/</span>
<span class="go">Then you can join any number of worker nodes by running the following on each as root:</span>
<span class="go">kubeadm join 10.209.214.31:6443 --token 5ucugc.6tj2hgqgi85lgf94 \</span>
<span class="go">--discovery-token-ca-cert-hash sha256:23d7fbbd736c8a06e8c66c8d132b1a6e131666571874602822f8e6f4412d1987</span>
</pre></div>
<p>unde:</p>
<ul class="simple">
<li><strong>pod-network-cidr</strong> - clasa de retea ce va fi folosita de pod-uri (10.180.0.0/16)</li>
<li><strong>apiserver-cert-extra-sans</strong> - domeniile/adresele suplimentare incluse in certificatul SSL generat (192.168.25.180).</li>
</ul>
<p>Copiem fisierul de config <strong>admin.conf</strong> in directorul utilizatorului si care va fi utilizat de <strong>kubectl</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">mkdir -p $HOME/.kube</span>
<span class="go">sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config</span>
<span class="go">sudo chown $(id -u):$(id -g) $HOME/.kube/config</span>
</pre></div>
<p>Nota daca fisierul este transferat pe statia locala, sa modificam daca este cazul linia (cu IP extern al nodului master):</p>
<div class="highlight"><pre><span></span><span class="go">server: https://192.168.25.180:6443</span>
</pre></div>
<p>nu inainte sa ne asiguram ca portul 6443 este accesibil si securizat.</p>
<p>Instalam serviciul pentru reteaua interna. Am ales <a class="reference external" href="https://github.com/coreos/flannel#flannel">flannel</a>.</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>kubectl<span class="w"> </span>apply<span class="w"> </span>-f<span class="w"> </span>https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
<span class="go">podsecuritypolicy.policy/psp.flannel.unprivileged created</span>
<span class="go">clusterrole.rbac.authorization.k8s.io/flannel created</span>
<span class="go">clusterrolebinding.rbac.authorization.k8s.io/flannel created</span>
<span class="go">serviceaccount/flannel created</span>
<span class="go">configmap/kube-flannel-cfg created</span>
<span class="go">daemonset.apps/kube-flannel-ds-amd64 created</span>
<span class="go">daemonset.apps/kube-flannel-ds-arm64 created</span>
<span class="go">daemonset.apps/kube-flannel-ds-arm created</span>
<span class="go">daemonset.apps/kube-flannel-ds-ppc64le created</span>
<span class="go">daemonset.apps/kube-flannel-ds-s390x created</span>
</pre></div>
<p>Verificam functionarea corecta a servciilor:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>kubectl<span class="w"> </span>get<span class="w"> </span>no,po<span class="w"> </span>-A<span class="w"> </span>-o<span class="w"> </span>wide
<span class="go">NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME</span>
<span class="go">node/k8s-master Ready master 39m v1.18.2 10.209.214.31 <none> Ubuntu 18.04.4 LTS 5.3.0-51-generic docker://19.3.8</span>
<span class="go">NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES</span>
<span class="go">kube-system pod/coredns-66bff467f8-4tz99 1/1 Running 0 38m 10.180.0.2 k8s-master <none> <none></span>
<span class="go">kube-system pod/coredns-66bff467f8-txqrb 1/1 Running 0 38m 10.180.0.3 k8s-master <none> <none></span>
<span class="go">kube-system pod/etcd-k8s-master 1/1 Running 0 39m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-apiserver-k8s-master 1/1 Running 0 39m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-controller-manager-k8s-master 1/1 Running 0 39m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-flannel-ds-amd64-8chrg 1/1 Running 0 12m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-proxy-t2kvh 1/1 Running 0 38m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-scheduler-k8s-master 1/1 Running 0 39m 10.209.214.31 k8s-master <none> <none></span>
</pre></div>
<p>Acum puntem trece la configurarea nodurilor worker. Rulam pe fiecare nod</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>kubeadm<span class="w"> </span>join<span class="w"> </span><span class="m">10</span>.209.214.31:6443<span class="w"> </span>--token<span class="w"> </span>5ucugc.6tj2hgqgi85lgf94<span class="w"> </span><span class="se">\</span>
--discovery-token-ca-cert-hash<span class="w"> </span>sha256:23d7fbbd736c8a06e8c66c8d132b1a6e131666571874602822f8e6f4412d1987
<span class="go">[preflight] Running pre-flight checks</span>
<span class="go">[preflight] Reading configuration from the cluster...</span>
<span class="go">[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'</span>
<span class="go">[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.18" ConfigMap in the kube-system namespace</span>
<span class="go">[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"</span>
<span class="go">[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"</span>
<span class="go">[kubelet-start] Starting the kubelet</span>
<span class="go">[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...</span>
<span class="go">This node has joined the cluster:</span>
<span class="go">* Certificate signing request was sent to apiserver and a response was received.</span>
<span class="go">* The Kubelet was informed of the new secure connection details.</span>
<span class="go">Run 'kubectl get nodes' on the control-plane to see this node join the cluster.</span>
</pre></div>
<p>Verificam daca nodul este in cluster</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>kubectl<span class="w"> </span>get<span class="w"> </span>no,po<span class="w"> </span>-A<span class="w"> </span>-o<span class="w"> </span>wide
<span class="go">NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME</span>
<span class="go">node/k8s-master Ready master 46m v1.18.2 10.209.214.31 <none> Ubuntu 18.04.4 LTS 5.3.0-51-generic docker://19.3.8</span>
<span class="go">node/k8s-slave1 Ready <none> 7m53s v1.18.2 10.209.214.201 <none> Ubuntu 18.04.4 LTS 5.3.0-51-generic docker://19.3.8</span>
<span class="go">node/k8s-slave2 Ready <none> 2m13s v1.18.2 10.209.214.112 <none> Ubuntu 18.04.4 LTS 5.3.0-51-generic docker://19.3.8</span>
<span class="go">NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES</span>
<span class="go">kube-system pod/coredns-66bff467f8-4tz99 1/1 Running 0 46m 10.180.0.2 k8s-master <none> <none></span>
<span class="go">kube-system pod/coredns-66bff467f8-txqrb 1/1 Running 0 46m 10.180.0.3 k8s-master <none> <none></span>
<span class="go">kube-system pod/etcd-k8s-master 1/1 Running 0 46m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-apiserver-k8s-master 1/1 Running 0 46m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-controller-manager-k8s-master 1/1 Running 0 46m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-flannel-ds-amd64-8chrg 1/1 Running 0 19m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-flannel-ds-amd64-9njz7 1/1 Running 0 92s 10.209.214.112 k8s-slave2 <none> <none></span>
<span class="go">kube-system pod/kube-flannel-ds-amd64-fbfxf 1/1 Running 0 7m53s 10.209.214.201 k8s-slave1 <none> <none></span>
<span class="go">kube-system pod/kube-proxy-j4m2l 1/1 Running 0 7m53s 10.209.214.201 k8s-slave1 <none> <none></span>
<span class="go">kube-system pod/kube-proxy-t2kvh 1/1 Running 0 46m 10.209.214.31 k8s-master <none> <none></span>
<span class="go">kube-system pod/kube-proxy-xg6hn 1/1 Running 0 92s 10.209.214.112 k8s-slave2 <none> <none></span>
<span class="go">kube-system pod/kube-scheduler-k8s-master 1/1 Running 0 46m 10.209.214.31 k8s-master <none> <none></span>
</pre></div>
<p>Acum ca avem clusterul instalat putem rula containerele dorite. Va doresc spor.</p>
Kubernetes - preparare noduri cu Ansible2020-05-11T00:00:00+03:002020-05-11T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2020-05-11:/kubernetes-preparare-noduri-cu-ansible.html<p>O metoda rapida de pregatire a nodurilor dintr-un cluster Kubernetes este folosirea <a class="reference external" href="/articole/instalare-si-configurare-ansible/">Ansible</a>.</p>
<p>Nodurile sunt cu Ubuntu 18.04 LTS si au cheile de access adaugate la userul <strong>ubuntu</strong>.</p>
<p>Creem o lista cu hosturi: <strong>hosts</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">[master]</span>
<span class="go">kube-master.lxd</span>
<span class="go">[worker]</span>
<span class="go">kube-node1.lxd</span>
<span class="go">kube-node2.lxd</span>
<span class="go">kube-node3.lxd</span>
<span class="go">kube-node4.lxd</span>
<span class="go">kube-node5.lxd</span>
<span class="go">[reg …</span></pre></div><p>O metoda rapida de pregatire a nodurilor dintr-un cluster Kubernetes este folosirea <a class="reference external" href="/articole/instalare-si-configurare-ansible/">Ansible</a>.</p>
<p>Nodurile sunt cu Ubuntu 18.04 LTS si au cheile de access adaugate la userul <strong>ubuntu</strong>.</p>
<p>Creem o lista cu hosturi: <strong>hosts</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">[master]</span>
<span class="go">kube-master.lxd</span>
<span class="go">[worker]</span>
<span class="go">kube-node1.lxd</span>
<span class="go">kube-node2.lxd</span>
<span class="go">kube-node3.lxd</span>
<span class="go">kube-node4.lxd</span>
<span class="go">kube-node5.lxd</span>
<span class="go">[reg]</span>
<span class="go">kube-reg.lxd</span>
<span class="go">[all:vars]</span>
<span class="go">ansible_user = ubuntu</span>
</pre></div>
<p>Pntru configurare docker avem nevoie de fisierul <strong>files/daemon.json</strong>:</p>
<div class="highlight"><pre><span></span><span class="p">{</span>
<span class="w"> </span><span class="nt">"exec-opts"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"native.cgroupdriver=systemd"</span><span class="p">],</span>
<span class="w"> </span><span class="nt">"log-driver"</span><span class="p">:</span><span class="w"> </span><span class="s2">"json-file"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"log-opts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">"max-size"</span><span class="p">:</span><span class="w"> </span><span class="s2">"100m"</span>
<span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="nt">"storage-driver"</span><span class="p">:</span><span class="w"> </span><span class="s2">"overlay2"</span>
<span class="p">}</span>
</pre></div>
<p>Playbook-un in sine include pasi de adaugare a repo-urilor pentru docker-ce si kubernetes precum si instalarea propriu zisa a pachetelor:</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">all</span>
<span class="w"> </span><span class="nt">become</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install packages that allow apt to be used over HTTPS</span>
<span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">"{{</span><span class="nv"> </span><span class="s">packages</span><span class="nv"> </span><span class="s">}}"</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">packages</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">apt-transport-https</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ca-certificates</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">curl</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">gnupg-agent</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">software-properties-common</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Add an apt signing key for Docker</span>
<span class="w"> </span><span class="nt">apt_key</span><span class="p">:</span>
<span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://download.docker.com/linux/ubuntu/gpg</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Add apt repository for stable version</span>
<span class="w"> </span><span class="nt">apt_repository</span><span class="p">:</span>
<span class="w"> </span><span class="nt">repo</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install docker and its dependecies</span>
<span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">"{{</span><span class="nv"> </span><span class="s">packages</span><span class="nv"> </span><span class="s">}}"</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">packages</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">docker-ce</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">docker-ce-cli</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">containerd.io</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Copy Docker daemon config files</span>
<span class="w"> </span><span class="nt">copy</span><span class="p">:</span>
<span class="w"> </span><span class="nt">src</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">files/daemon.json</span>
<span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/docker/daemon.json</span>
<span class="w"> </span><span class="nt">owner</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">root</span>
<span class="w"> </span><span class="nt">group</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">root</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Restart docker service</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">docker</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">restarted</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Add an apt signing key for Kubernetes</span>
<span class="w"> </span><span class="nt">apt_key</span><span class="p">:</span>
<span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://packages.cloud.google.com/apt/doc/apt-key.gpg</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Adding apt repository for Kubernetes</span>
<span class="w"> </span><span class="nt">apt_repository</span><span class="p">:</span>
<span class="w"> </span><span class="nt">repo</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">deb https://apt.kubernetes.io/ kubernetes-xenial main</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">filename</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kubernetes.list</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install Kubernetes binaries</span>
<span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">"{{</span><span class="nv"> </span><span class="s">packages</span><span class="nv"> </span><span class="s">}}"</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">update_cache</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">packages</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kubelet</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kubeadm</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kubectl</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Configure node ip</span>
<span class="w"> </span><span class="nt">lineinfile</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/default/kubelet</span>
<span class="w"> </span><span class="nt">line</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">KUBELET_EXTRA_ARGS=--node-ip={{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Restart kubelet</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kubelet</span>
<span class="w"> </span><span class="nt">daemon_reload</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">restarted</span>
</pre></div>
<p>Instalarea este simpla:</p>
<div class="highlight"><pre><span></span><span class="go">ansible-playbook -i ./hosts kube.yml --limit kube-node1.lxd</span>
</pre></div>
<p>Dupa care putem trece la configurarea clusterului de Kubernetes.</p>
Traefik - proxy si load balancer2020-04-19T00:00:00+03:002020-04-19T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2020-04-19:/traefik-proxy-si-load-balancer.html<p>Am tot auzit in ultima perioada de <a class="reference external" href="https://docs.traefik.io/">Traefik</a> ca proxy ce se integreaza foarte usor cu Docker si Kubernetes.
Am dorit sa il testez ca proxy (fata de HAproxy pe care l-am mai folosit) pentru proiectele mele ce ruleaza pe <a class="reference external" href="/articole/virtualizare-cu-lxd/">LXD</a>.</p>
<p>Traefik este compus dintr-un excutabil pe care il copiem …</p><p>Am tot auzit in ultima perioada de <a class="reference external" href="https://docs.traefik.io/">Traefik</a> ca proxy ce se integreaza foarte usor cu Docker si Kubernetes.
Am dorit sa il testez ca proxy (fata de HAproxy pe care l-am mai folosit) pentru proiectele mele ce ruleaza pe <a class="reference external" href="/articole/virtualizare-cu-lxd/">LXD</a>.</p>
<p>Traefik este compus dintr-un excutabil pe care il copiem in <strong>/usr/local/bin/</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">curl -O -L https://github.com/containous/traefik/releases/download/v2.2.0/traefik_v2.2.0_linux_amd64.tar.gz</span>
<span class="go">gunzip traefik_v2.2.0_linux_amd64.tar.gz</span>
<span class="go">mv traefik /usr/local/bin/</span>
</pre></div>
<p>Creem fisierul principal de config <strong>/etc/traefik.yaml</strong>:</p>
<div class="highlight"><pre><span></span>api:
#insecure: true
dashboard: true
entryPoints:
web:
address: "192.168.25.200:80"
providers:
file:
directory: /etc/traefik.d
watch: true
</pre></div>
<p>Unde:</p>
<ul class="simple">
<li><strong>entryPoints</strong> - porturile pe care traefik asculta</li>
<li><strong>providers</strong> - modul de autoconfigurare, prin fisiere in cazul nostru in folderul <em>/etc/traefik.d</em></li>
</ul>
<p>Fisierul de configurare ca serviciu pentru systemd il salvam <strong>/etc/systemd/system/traefik.service</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">[Unit]</span>
<span class="go">Description=Traefik</span>
<span class="go">Documentation=https://docs.traefik.io</span>
<span class="go">After=network-online.target</span>
<span class="gp">#</span><span class="nv">AssertFileIsExecutable</span><span class="o">=</span>/usr/bin/traefik
<span class="gp">#</span><span class="nv">AssertPathExists</span><span class="o">=</span>/etc/traefik/traefik.toml
<span class="go">[Service]</span>
<span class="gp"># </span>Run<span class="w"> </span>traefik<span class="w"> </span>as<span class="w"> </span>its<span class="w"> </span>own<span class="w"> </span>user<span class="w"> </span><span class="o">(</span>create<span class="w"> </span>new<span class="w"> </span>user<span class="w"> </span>with:<span class="w"> </span>useradd<span class="w"> </span>-r<span class="w"> </span>-s<span class="w"> </span>/bin/false<span class="w"> </span>-U<span class="w"> </span>-M<span class="w"> </span>traefik<span class="o">)</span>
<span class="gp">#</span><span class="nv">User</span><span class="o">=</span>traefik
<span class="gp">#</span><span class="nv">AmbientCapabilities</span><span class="o">=</span>CAP_NET_BIND_SERVICE
<span class="gp"># </span>configure<span class="w"> </span>service<span class="w"> </span>behavior
<span class="go">Type=notify</span>
<span class="go">ExecStart=/usr/local/bin/traefik --configFile=/etc/traefik.yaml</span>
<span class="go">Restart=always</span>
<span class="go">WatchdogSec=1s</span>
<span class="gp"># </span>lock<span class="w"> </span>down<span class="w"> </span>system<span class="w"> </span>access
<span class="gp"># </span>prohibit<span class="w"> </span>any<span class="w"> </span>operating<span class="w"> </span>system<span class="w"> </span>and<span class="w"> </span>configuration<span class="w"> </span>modification
<span class="gp">#</span><span class="nv">ProtectSystem</span><span class="o">=</span>strict
<span class="gp"># </span>create<span class="w"> </span>separate,<span class="w"> </span>new<span class="w"> </span><span class="o">(</span>and<span class="w"> </span>empty<span class="o">)</span><span class="w"> </span>/tmp<span class="w"> </span>and<span class="w"> </span>/var/tmp<span class="w"> </span>filesystems
<span class="gp">#</span><span class="nv">PrivateTmp</span><span class="o">=</span><span class="nb">true</span>
<span class="gp"># </span>make<span class="w"> </span>/home<span class="w"> </span>directories<span class="w"> </span>inaccessible
<span class="gp">#</span><span class="nv">ProtectHome</span><span class="o">=</span><span class="nb">true</span>
<span class="gp"># </span>turns<span class="w"> </span>off<span class="w"> </span>access<span class="w"> </span>to<span class="w"> </span>physical<span class="w"> </span>devices<span class="w"> </span><span class="o">(</span>/dev/...<span class="o">)</span>
<span class="gp">#</span><span class="nv">PrivateDevices</span><span class="o">=</span><span class="nb">true</span>
<span class="gp"># </span>make<span class="w"> </span>kernel<span class="w"> </span>settings<span class="w"> </span><span class="o">(</span>procfs<span class="w"> </span>and<span class="w"> </span>sysfs<span class="o">)</span><span class="w"> </span>read-only
<span class="gp">#</span><span class="nv">ProtectKernelTunables</span><span class="o">=</span><span class="nb">true</span>
<span class="gp"># </span>make<span class="w"> </span>cgroups<span class="w"> </span>/sys/fs/cgroup<span class="w"> </span>read-only
<span class="gp">#</span><span class="nv">ProtectControlGroups</span><span class="o">=</span><span class="nb">true</span>
<span class="gp"># </span>allow<span class="w"> </span>writing<span class="w"> </span>of<span class="w"> </span>acme.json
<span class="gp">#</span><span class="nv">ReadWritePaths</span><span class="o">=</span>/etc/traefik/acme.json
<span class="gp"># </span>depending<span class="w"> </span>on<span class="w"> </span>log<span class="w"> </span>and<span class="w"> </span>entrypoint<span class="w"> </span>configuration,<span class="w"> </span>you<span class="w"> </span>may<span class="w"> </span>need<span class="w"> </span>to<span class="w"> </span>allow<span class="w"> </span>writing<span class="w"> </span>to<span class="w"> </span>other<span class="w"> </span>paths,<span class="w"> </span>too
<span class="gp"># </span>limit<span class="w"> </span>number<span class="w"> </span>of<span class="w"> </span>processes<span class="w"> </span><span class="k">in</span><span class="w"> </span>this<span class="w"> </span>unit
<span class="gp">#</span><span class="nv">LimitNPROC</span><span class="o">=</span><span class="m">1</span>
<span class="go">[Install]</span>
<span class="go">WantedBy=multi-user.target</span>
</pre></div>
<img alt="" src="/images/traefik-architecture-overview.png" />
<p>Un serviciu definit in Traefik include urmatoarele componente:</p>
<ul class="simple">
<li><strong>EntryPoints</strong> - punctul de intrare al traficului (definit ca port, adresa)</li>
<li><strong>Routers</strong> - reguli de directionare de traficului (host, cale, header,...)</li>
<li><strong>Services</strong> - definirea serviciilor utilizate</li>
<li><strong>Middlewares</strong> - reguli suplimentare de analiza a traficului (autentificare,SSL,limita de requesturi)</li>
</ul>
<p>Avem o aplicatie - Gitea - instalata pe un VM unde ruleaza pe portul 3000. Definim serviciul in <strong>/etc/traefik.d/gitea.yaml</strong>:</p>
<div class="highlight"><pre><span></span><span class="nt">http</span><span class="p">:</span>
<span class="w"> </span><span class="nt">routers</span><span class="p">:</span>
<span class="w"> </span><span class="nt">gitea</span><span class="p">:</span>
<span class="w"> </span><span class="nt">entryPoints</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">"web"</span>
<span class="w"> </span><span class="nt">rule</span><span class="p">:</span><span class="w"> </span><span class="s">"Host(`gitea.lxd`)"</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">gitea</span>
<span class="w"> </span><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">gitea</span><span class="p">:</span>
<span class="w"> </span><span class="nt">loadBalancer</span><span class="p">:</span>
<span class="w"> </span><span class="nt">servers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="s">"http://10.209.214.189:3000/"</span>
<span class="w"> </span><span class="nt">healthCheck</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="s">"/"</span>
</pre></div>
<p>Regulile de routare:</p>
<ul class="simple">
<li>punctul de intrare "web" definit in /etc/traefik.yaml</li>
<li>foloseste domeniul <strong>gitea.lxd</strong> (se pot folosi regule bazate pe cale)</li>
<li>utilizeaza backend-ul gitea definit ca serviciu</li>
</ul>
<p>Backend-ul (serviciul):</p>
<ul class="simple">
<li>este definit ca loadbalacer - permite utilizarea a mai multor servere</li>
<li>pentru verificarea sanatatii serviciilor se verifica path-ul</li>
</ul>
<p>O functionalitate foarte apreciata furnizata este un dashboard care asigura informatii despre sistem:</p>
<img alt="" src="/images/traefik-dashboard.png" style="width: 600px;" />
<p>Definim ca acest dashboard sa fie accesibil pe domeniul <strong>traefik.lxd</strong> si sa fie protejat cu autentificare:</p>
<div class="highlight"><pre><span></span><span class="nt">http</span><span class="p">:</span>
<span class="w"> </span><span class="nt">routers</span><span class="p">:</span>
<span class="w"> </span><span class="nt">traefik</span><span class="p">:</span>
<span class="w"> </span><span class="nt">entryPoints</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">"web"</span>
<span class="w"> </span><span class="nt">rule</span><span class="p">:</span><span class="w"> </span><span class="s">"Host(`traefik.lxd`)"</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">api@internal</span>
<span class="w"> </span><span class="nt">middlewares</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">"pass-auth"</span>
<span class="w"> </span><span class="nt">middlewares</span><span class="p">:</span>
<span class="w"> </span><span class="nt">pass-auth</span><span class="p">:</span>
<span class="w"> </span><span class="nt">basicAuth</span><span class="p">:</span>
<span class="w"> </span><span class="nt">users</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">"traefik:$apr1$cr2I.Rtl$zZ6.M5WwKocymAJt.mWE.0"</span>
</pre></div>
<p>Protejare cu parola se face prin middleware-ul basicAuth unde definim userii si parolele, similat cu cele din htaccess.</p>
<p>Pe langa servciile http, Traefik suporta traficul TCP sau UDP si chiar si cel SSH. Mai multe gasiti in documentatia oficiala.</p>
Host docker in LXD cu ZFS2020-01-12T00:00:00+02:002020-01-12T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2020-01-12:/host-docker-in-lxd-cu-zfs.html<p>Pentru a rula <a class="reference external" href="https://docker.io/">docker</a> intr-un container LXD trebuie facuti urmatorii pasi:</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch ubuntu:18.04 docker-host</span>
<span class="go">lxc config set docker-host security.nesting true</span>
<span class="go">lxc config set docker-host security.privileged true</span>
<span class="go">lxc config set docker-host linux.kernel_modules 'ip_tables,ip6_tables,netlink_diag,nf_nat,overlay'</span>
<span class="go">lxc config device add docker-host aadisable disk source …</span></pre></div><p>Pentru a rula <a class="reference external" href="https://docker.io/">docker</a> intr-un container LXD trebuie facuti urmatorii pasi:</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch ubuntu:18.04 docker-host</span>
<span class="go">lxc config set docker-host security.nesting true</span>
<span class="go">lxc config set docker-host security.privileged true</span>
<span class="go">lxc config set docker-host linux.kernel_modules 'ip_tables,ip6_tables,netlink_diag,nf_nat,overlay'</span>
<span class="go">lxc config device add docker-host aadisable disk source=/dev/null path=/sys/module/nf_conntrack/parameters/hashsize</span>
<span class="go">lxc config device add docker-host aadisable1 disk source=/dev/null path=/sys/module/apparmor/parameters/enabled</span>
<span class="go">lxc exec docker-host -- mkdir -p /lib/modules/`uname -r`/</span>
<span class="go">lxc file push /lib/modules/`uname -r`/modules.dep.bin docker-host/lib/modules/`uname -r`/modules.dep.bin</span>
<span class="go">lxc restart docker-host</span>
</pre></div>
<p>Apoi putem instala docker normal in container:</p>
<div class="highlight"><pre><span></span><span class="go">curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -</span>
<span class="go">sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"</span>
<span class="go">sudo apt install docker-ce</span>
<span class="go">sudo docker run hello-world</span>
</pre></div>
<p>Mai multe legat de LXD puteti gasi in seria de articole <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Salt - gestionare states si pillar prin git2020-01-03T00:00:00+02:002020-01-03T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2020-01-03:/salt-gestionare-states-si-pillar-prin-git.html<p>O optiune foarte utila oferita de Salt este includerea fisierelor de configurare (states) si a secretelor (pillar) din repository git (sau <a class="reference external" href="https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html">gitfs</a>).</p>
<p>Pentru asta trebuie instalata libraria <strong>pygit2</strong> sau <strong>GitPython</strong>, prima fiind preferata in cazul ca exista pe server.</p>
<p>Pe sisteleme CentOS 7.x aceasta se instaleaza:</p>
<div class="highlight"><pre><span></span><span class="go">yum install python-pygit2 …</span></pre></div><p>O optiune foarte utila oferita de Salt este includerea fisierelor de configurare (states) si a secretelor (pillar) din repository git (sau <a class="reference external" href="https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html">gitfs</a>).</p>
<p>Pentru asta trebuie instalata libraria <strong>pygit2</strong> sau <strong>GitPython</strong>, prima fiind preferata in cazul ca exista pe server.</p>
<p>Pe sisteleme CentOS 7.x aceasta se instaleaza:</p>
<div class="highlight"><pre><span></span><span class="go">yum install python-pygit2</span>
</pre></div>
<p>Activarea backend-ului pentru states se face prin includerea in fiserul de configurare al master-ului:</p>
<div class="highlight"><pre><span></span><span class="nt">fileserver_backend</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">root</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">gitfs</span>
</pre></div>
<p>Repository-urile se adauga fie din cele publice (ca de exemplu formulele salt de pe Github) ori private folosind protocoalele git://, https://, file://, ssh://</p>
<div class="highlight"><pre><span></span><span class="nt">gitfs_remotes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">git@github.com:user/repo.git</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh://user@domain.tld/path/to/repo.git</span>
</pre></div>
<p>Optiuni globale pe care se pot seta (mai multe <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/configuration/master.html">aici</a>):</p>
<ul class="simple">
<li><strong>gitfs_user</strong> - userul utilizat la conectare</li>
<li><strong>gitfs_password</strong> - parola de conectare</li>
<li><strong>gitfs_insecure_auth</strong></li>
<li><strong>gitfs_pubkey</strong> - cheia publica ssh</li>
<li><strong>gitfs_privkey</strong> - cheia privata ssh</li>
<li><strong>gitfs_passphrase</strong> - parola cheii private</li>
<li><strong>gitfs_update_interval</strong> - intervalul la care se preiau modificarile din repo (in secunde)</li>
<li><strong>gitfs_root</strong> - directorul folosit din repo</li>
</ul>
<p>Sau aceste optiuni pot fi specificate la nivel de repo adaugat:</p>
<div class="highlight"><pre><span></span><span class="nt">gitfs_remotes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">http://foo.com/baz.git</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">root</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt/states</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">user</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">joe</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mysupersecretpassword</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">insecure_auth</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">git@git.lxd:cristi/salt-states.git</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">pubkey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/root/.ssh/id_rsa.pub</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">privkey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/root/.ssh/id_rsa</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">update_interval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">30</span>
</pre></div>
<p>Actualizarea manuala a fisierelor din repo poate fi facuta:</p>
<div class="highlight"><pre><span></span><span class="go">salt-run fileserver.update</span>
<span class="go">salt-run fileserver.update backend=roots,git</span>
</pre></div>
<p>Pentru pillar configurarea de face la <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html#git-pillar-configuration">ext_pillar</a></p>
<div class="highlight"><pre><span></span><span class="nt">ext_pillar</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">git</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Use 'prod' instead of the branch name 'production' as the environment</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">production https://gitserver/git-pillar.git</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">env</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">prod</span>
<span class="w"> </span><span class="c1"># Use 'dev' instead of the branch name 'develop' as the environment</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">develop https://gitserver/git-pillar.git</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">env</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">dev</span>
<span class="w"> </span><span class="c1"># No per-remote config parameters (and no trailing colon), 'qa' will</span>
<span class="w"> </span><span class="c1"># be used as the environment</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">qa https://gitserver/git-pillar.git</span>
<span class="w"> </span><span class="c1"># SSH key authentication</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">master git@other-git-server:pillardata-ssh.git</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Pillar SLS files will be read from the 'pillar' subdirectory in</span>
<span class="w"> </span><span class="c1"># this repository</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">root</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">pillar</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">privkey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/path/to/key</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">pubkey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/path/to/key.pub</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">passphrase</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">CorrectHorseBatteryStaple</span>
<span class="w"> </span><span class="c1"># HTTPS authentication</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">master https://other-git-server/pillardata-https.git</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">user</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">git</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">CorrectHorseBatteryStap</span>
</pre></div>
<p>Cerinta este ca fiecare branch/tag din repo trebuie sa aibe asociat un environment in salt. Branch-ul master este asociat environment-ului <strong>base</strong>.</p>
<p>Actualizarea manuala a informatiilor din repo pentru pillar se poate face cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">salt-run git_pillar.update</span>
</pre></div>
<p>Putem verifica preluarea modificarilor prin listarea datelor din pillar:</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">salt "consul-server.*" pillar.items</span>
<span class="l l-Scalar l-Scalar-Plain">consul-server.lxd</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">consul</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">server</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
<span class="w"> </span><span class="nt">servers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">consul-server.lxd</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">consul-server2.lxd</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">consul-server3.lxd</span>
<span class="w"> </span><span class="nt">tokens</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">agent</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1ae89bc3-a33e-238e-371f-fdd5c3e2577b</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">aaaa</span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">lxd</span>
<span class="w"> </span><span class="nt">master_key</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">123456</span>
<span class="w"> </span><span class="nt">roles</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">base</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt-minion</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a>.</p>
Consul - Securizare acces2019-12-23T00:00:00+02:002019-12-23T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-12-23:/consul-securizare-acces.html<p>Sunt cazuri cand <a class="reference external" href="/articole/consul-instalare-configurare-sever-client/#consul-instalare-configurare-sever-client">Consul</a>
este necesar sa fie securizat.</p>
<p>Consul foloseste liste de acces (<a class="reference external" href="https://www.consul.io/docs/acl/acl-system.htmll">ACL</a>) pentru securizarea accesului la API, consola si interfata de administrare,
comunicarea serviciilor cat si a agentilor.</p>
<p>In principal un ACL grupeaza <a class="reference external" href="https://www.consul.io/docs/acl/acl-rules.html">reguli de acees</a> intr-o politica de acess (policy) pe cate apoi le asociaza unui …</p><p>Sunt cazuri cand <a class="reference external" href="/articole/consul-instalare-configurare-sever-client/#consul-instalare-configurare-sever-client">Consul</a>
este necesar sa fie securizat.</p>
<p>Consul foloseste liste de acces (<a class="reference external" href="https://www.consul.io/docs/acl/acl-system.htmll">ACL</a>) pentru securizarea accesului la API, consola si interfata de administrare,
comunicarea serviciilor cat si a agentilor.</p>
<p>In principal un ACL grupeaza <a class="reference external" href="https://www.consul.io/docs/acl/acl-rules.html">reguli de acees</a> intr-o politica de acess (policy) pe cate apoi le asociaza unui token.</p>
<div class="section" id="intializarea-acl">
<h2>Intializarea ACL</h2>
<p>Intializarea ACL se recomanda a se face la configurarea initiala a unui cluster pentru evitarea nefunctionarii cluster-ului pana la configurarea tuturor agentilor.</p>
<p>Creem urmatorul fisier in <strong>/etc/consul.d/acl.hcl</strong>:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>agent.hcl
<span class="go">acl = {</span>
<span class="go"> enabled = true</span>
<span class="go"> default_policy = "deny"</span>
<span class="go"> enable_token_persistence = true</span>
<span class="go">}</span>
</pre></div>
<p>unde politica implicita e <strong>deny</strong> iar token-uri create vor fi salvate pentru persistenta pe disc. Apoi restartam fiecare nod.</p>
<p><strong>Nota:</strong> La un cluster functional putem folosi <strong>default_policy=allow</strong> pana la generarea token-urilor.</p>
<p>Generam token-ul initial (bootstrap token) ce permite access full.</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>bootstrap
<span class="go">AccessorID: 21f5614b-2a32-6345-c703-aea8219e0f3a</span>
<span class="go">SecretID: 7850a9cb-0bac-c4dc-099b-fb2173a199b7</span>
<span class="go">Description: Bootstrap Token (Global Management)</span>
<span class="go">Local: false</span>
<span class="go">Create Time: 2019-12-16 17:56:44.79720835 +0000 UTC</span>
<span class="go">Policies:</span>
<span class="go"> 00000000-0000-0000-0000-000000000001 - global-management</span>
</pre></div>
<p>Acesta este <strong>SecretID</strong> de mai sus.</p>
<p>Pentru parcurgerea urmatorilor pasi in consola vom include token-ul in variabila CONSUL_HTTP_TOKEN:</p>
<div class="highlight"><pre><span></span><span class="go">export CONSUL_HTTP_TOKEN=7850a9cb-0bac-c4dc-099b-fb2173a199b7</span>
</pre></div>
</div>
<div class="section" id="securizare-agenti">
<h2>Securizare agenti</h2>
<p>Generarea si aplicarea toke-urikor pentru agenti se face in 3 pasi:</p>
<ul class="simple">
<li>crearea politicilor de acces</li>
<li>generare unui token pentru politica creata</li>
<li>adaugarea token-ului in configuratia agentului.</li>
</ul>
<p>Generam fisierul <strong>consul-server-policy.hcl</strong> pentru nodul <strong>consul-server</strong> ce permite dreptul includere in catalog, actualizare verificari de sanatate nod:</p>
<div class="highlight"><pre><span></span><span class="go">node "consul-server" {</span>
<span class="go"> policy = "write"</span>
<span class="go">}</span>
</pre></div>
<p><strong>Nota:</strong> Mai multe gasiti in documentatie legat de <a class="reference external" href="https://www.consul.io/docs/acl/acl-rules.html#node-rules">regulile</a> aplicabile unui nod.</p>
<p>Importam regula in Consul sub numele <strong>consul-server</strong>:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>policy<span class="w"> </span>create<span class="w"> </span>-name<span class="w"> </span>consul-server<span class="w"> </span>-rules<span class="w"> </span>@consul-server-policy.hcl
<span class="go">ID: 8e3394aa-3226-57b5-3d0f-643c20b7f361</span>
<span class="go">Name: consul-server</span>
<span class="go">Description:</span>
<span class="go">Datacenters:</span>
<span class="go">Rules:</span>
<span class="go">node "consul-server" {</span>
<span class="go"> policy = "write"</span>
<span class="go">}</span>
</pre></div>
<p>Generam token-ul aferent politicii adaugate:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>token<span class="w"> </span>create<span class="w"> </span>-description<span class="w"> </span><span class="s2">"consul-server agent token"</span><span class="w"> </span>-policy-name<span class="w"> </span>consul-server
<span class="go">AccessorID: 0ce578b9-689d-91c6-b1a5-42b482090cd5</span>
<span class="go">SecretID: 1ae89bc3-a33e-238e-371f-fdd5c3e2577b</span>
<span class="go">Description: consul-server agent token</span>
<span class="go">Local: false</span>
<span class="go">Create Time: 2019-12-16 18:04:38.864121035 +0000 UTC</span>
<span class="go">Policies:</span>
<span class="go"> 8e3394aa-3226-57b5-3d0f-643c20b7f361 - consul-server</span>
</pre></div>
<p>unde la fel <strong>SecretID</strong> etste token-ul generat.</p>
<p>Aplicam/asociem tokenul la agent din consola:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>set-agent-token<span class="w"> </span>agent<span class="w"> </span><span class="s2">"1ae89bc3-a33e-238e-371f-fdd5c3e2577b"</span>
<span class="go">ACL token "agent" set successfully</span>
</pre></div>
<p>ce va creea fisieul <strong>/var/consul/acl-tokens.json</strong></p>
<p><strong>Nota:</strong> Comanda se aplica atat timp cat politica implicita este <strong>allow</strong>.</p>
<p>Ori prin fisierul de configurare ACL anterior creat:</p>
<div class="highlight"><pre><span></span><span class="go">acl = {</span>
<span class="go"> enabled = true</span>
<span class="go"> default_policy = "deny"</span>
<span class="go"> enable_token_persistence = true</span>
<span class="go"> tokens = {</span>
<span class="go"> agent = "1ae89bc3-a33e-238e-371f-fdd5c3e2577b"</span>
<span class="go"> }</span>
<span class="go">}</span>
</pre></div>
<p>Repetam acesti pasi pentru toti agentii incepand de la servere.</p>
</div>
<div class="section" id="securizare-servicii">
<h2>Securizare servicii</h2>
<p>Pasi pentru servicii sunt similari ca pentru agenti. Creem un fisier cu reguli <strong>fe-service-policy.hcl</strong></p>
<div class="highlight"><pre><span></span><span class="go">service "fe" {</span>
<span class="go"> policy = "write"</span>
<span class="go">}</span>
</pre></div>
<p><strong>Nota:</strong> Mai multe gasiti in documentatie legat de regulile aplicabile unui <a class="reference external" href="https://www.consul.io/docs/agent/acl-rules.html#service-rules">seviciu</a>.</p>
<p>Importam regula in Consul:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>policy<span class="w"> </span>create<span class="w"> </span>-name<span class="w"> </span>fe-service-policy<span class="w"> </span>-rules<span class="w"> </span>@fe-service-policy.hcl
<span class="go">ID: cf840487-efd7-cd5c-5cfa-b1a5d46bc4b7</span>
<span class="go">Name: fe-service-policy</span>
<span class="go">Description:</span>
<span class="go">Datacenters:</span>
<span class="go">Rules:</span>
<span class="go">service "fe" {</span>
<span class="go"> policy = "write"</span>
<span class="go">}</span>
</pre></div>
<p>Generam tokenul (SecretID) aferent politicii:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>token<span class="w"> </span>create<span class="w"> </span>-description<span class="w"> </span><span class="s2">"fe service policy"</span><span class="w"> </span>-policy-name<span class="w"> </span>fe-service-policy
<span class="go">AccessorID: 8b4ce66b-acf8-e714-33cb-43b8388e68da</span>
<span class="go">SecretID: b63cd2c1-455a-534d-62a0-897cc63da5fc</span>
<span class="go">Description: fe service policy</span>
<span class="go">Local: false</span>
<span class="go">Create Time: 2019-12-16 18:37:28.107741205 +0000 UTC</span>
<span class="go">Policies:</span>
<span class="go"> cf840487-efd7-cd5c-5cfa-b1a5d46bc4b7 - fe-service-policy</span>
</pre></div>
<p>Si il includem fisierul de configurare aferent serviciului de pe agent:</p>
<div class="highlight"><pre><span></span><span class="p">{</span>
<span class="w"> </span><span class="nt">"service"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"fe"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"tags"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span>
<span class="w"> </span><span class="s2">"web"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"urlprefix-/ weight=0.1"</span>
<span class="w"> </span><span class="p">],</span>
<span class="w"> </span><span class="nt">"port"</span><span class="p">:</span><span class="w"> </span><span class="mi">80</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"b63cd2c1-455a-534d-62a0-897cc63da5fc"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"check"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"web-app"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Web App Status"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"http"</span><span class="p">:</span><span class="w"> </span><span class="s2">"http://localhost/status.html"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"interval"</span><span class="p">:</span><span class="w"> </span><span class="s2">"10s"</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p>Aplicam acest token pe toate nodurile unde ruleaza acest serviciu.</p>
<p>Repetam pasii pentru fiecare serviciu in parte.</p>
</div>
<div class="section" id="securizare-servicii-dns">
<h2>Securizare servicii DNS</h2>
<p>Daca folositi autodiscovery prin DNS, sunt nesare politici legate de noduri si servcii. Includem in <strong>dns-request-policy.hcl</strong> regulile:</p>
<div class="highlight"><pre><span></span><span class="go">node_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
<span class="go">service_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
<span class="gp"># </span>only<span class="w"> </span>needed<span class="w"> </span><span class="k">if</span><span class="w"> </span>using<span class="w"> </span>prepared<span class="w"> </span>queries
<span class="go">query_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
</pre></div>
<p>ce apoi sunt importate in consul:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>policy<span class="w"> </span>create<span class="w"> </span>-name<span class="w"> </span>dns-request-policy<span class="w"> </span>-rules<span class="w"> </span>@dns-request-policy.hcl
<span class="go">ID: 59e6e00f-9579-0b9a-28d3-786a0291328b</span>
<span class="go">Name: dns-request-policy</span>
<span class="go">Description:</span>
<span class="go">Datacenters:</span>
<span class="go">Rules:</span>
<span class="go">node_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
<span class="go">service_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
<span class="gp"># </span>only<span class="w"> </span>needed<span class="w"> </span><span class="k">if</span><span class="w"> </span>using<span class="w"> </span>prepared<span class="w"> </span>queries
<span class="go">query_prefix "" {</span>
<span class="go"> policy = "read"</span>
<span class="go">}</span>
</pre></div>
<p>si generam tokenul aferet:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>token<span class="w"> </span>create<span class="w"> </span>-description<span class="w"> </span><span class="s2">"Token for DNS Requests"</span><span class="w"> </span>-policy-name<span class="w"> </span>dns-requests-policy
<span class="go">AccessorID: 11765265-afaa-1cec-66b0-8461ae85434d</span>
<span class="go">SecretID: 9cf9629e-fed6-cc39-b256-3d2c323e5e4d</span>
<span class="go">Description: Token for DNS Requests</span>
<span class="go">Local: false</span>
<span class="go">Create Time: 2019-12-16 19:58:54.228487931 +0000 UTC</span>
<span class="go">Policies:</span>
<span class="go"> 59e6e00f-9579-0b9a-28d3-786a0291328b - dns-request-policy</span>
</pre></div>
<p>Acesta este token-ul default (implicit) pe care agentul il va folosi in comunicarea DNS</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>acl<span class="w"> </span>set-agent-token<span class="w"> </span>default<span class="w"> </span><span class="s2">"9cf9629e-fed6-cc39-b256-3d2c323e5e4d"</span>
</pre></div>
<p>Sau in fiserul de configurare:</p>
<div class="highlight"><pre><span></span><span class="go">acl = {</span>
<span class="go"> enabled = true</span>
<span class="go"> default_policy = "deny"</span>
<span class="go"> enable_token_persistence = true</span>
<span class="go"> tokens = {</span>
<span class="go"> agent = "0cfea3db-fb26-f2f9-12c7-5dbb25446e72"</span>
<span class="go"> default = "9cf9629e-fed6-cc39-b256-3d2c323e5e4d"</span>
<span class="go"> }</span>
<span class="go">}</span>
</pre></div>
<p>Si restart serviciul consul</p>
<p>Verificam functionarea serviciulu DNS:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>dig<span class="w"> </span>@127.0.0.1<span class="w"> </span>-p<span class="w"> </span><span class="m">8600</span><span class="w"> </span>fe.service.consul
<span class="go">; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> fe.service.consul</span>
<span class="go">;; global options: +cmd</span>
<span class="go">;; Got answer:</span>
<span class="go">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48446</span>
<span class="go">;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2</span>
<span class="go">;; OPT PSEUDOSECTION:</span>
<span class="go">; EDNS: version: 0, flags:; udp: 4096</span>
<span class="go">;; QUESTION SECTION:</span>
<span class="go">;fe.service.consul. IN A</span>
<span class="go">;; ANSWER SECTION:</span>
<span class="go">fe.service.consul. 0 IN A 10.209.214.169</span>
<span class="go">;; ADDITIONAL SECTION:</span>
<span class="go">fe.service.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">;; Query time: 2 msec</span>
<span class="go">;; SERVER: 127.0.0.1#53(127.0.0.1)</span>
<span class="go">;; WHEN: Mon Dec 16 20:45:44 UTC 2019</span>
<span class="go">;; MSG SIZE rcvd: 98</span>
</pre></div>
</div>
Consul - configurare servicii si autodiscovery2019-12-10T00:00:00+02:002019-12-10T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-12-10:/consul-configurarey-servicii-autodiscovery.html<p>Intr-o infrastructura dinamica - unde microserviciile ruleaza pe instante cu durata de viata scurta - interconectarea serviciilor se rezolva prin <a class="reference external" href="https://www.consul.io/discovery.html">service discovery</a> oferita de Consul.</p>
<p>Acest serviciu foloseste un registru (baza de date) pentru a cunoaste in timp real lista de servicii, locatia lor si starea lor de sanatate. Clienti interogeaza acest …</p><p>Intr-o infrastructura dinamica - unde microserviciile ruleaza pe instante cu durata de viata scurta - interconectarea serviciilor se rezolva prin <a class="reference external" href="https://www.consul.io/discovery.html">service discovery</a> oferita de Consul.</p>
<p>Acest serviciu foloseste un registru (baza de date) pentru a cunoaste in timp real lista de servicii, locatia lor si starea lor de sanatate. Clienti interogeaza acest
registru pentu descoperirea locatiei pentru serviciile necesare (alte microservicii, baze da date, cache etc..). Acest lucru permite scalarea in sus/jos fara necesitatea uni proxy.</p>
<p>Definirea serviciilor se face cu instantele client Consul. De exemplu pentru definirea unui servciu de api creem fisierul <strong>/etc/consul/shop.json</strong>:</p>
<div class="highlight"><pre><span></span><span class="p">{</span>
<span class="w"> </span><span class="nt">"service"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"shop"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"tags"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span>
<span class="w"> </span><span class="s2">"shop"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"urlprefix-/shop"</span>
<span class="w"> </span><span class="p">],</span>
<span class="w"> </span><span class="nt">"port"</span><span class="p">:</span><span class="w"> </span><span class="mi">80</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"check"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"shop-check"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Shop App Status"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"http"</span><span class="p">:</span><span class="w"> </span><span class="s2">"http://localhost/status.html"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"interval"</span><span class="p">:</span><span class="w"> </span><span class="s2">"10s"</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div>
<p>Unde:</p>
<ul class="simple">
<li><strong>name</strong> - numele serviciului;</li>
<li><strong>tags</strong> - etichete atasate serviciului;</li>
<li><strong>port</strong> - portul pe care ruleaza serviciul;</li>
<li><strong>check</strong> - metoda de verificare a servciului</li>
</ul>
<p>Metodele de verificare for fi de mai multe feluri (<a class="reference external" href="https://www.consul.io/docs/agent/checks.html">exemple</a>):</p>
<ul class="simple">
<li>script de verificare;</li>
<li>call HTTP/HTTPS;</li>
<li>verificarea unui port (TCP/UDP).</li>
</ul>
<p>Mesajul de rapuns nu conteaza singura cerinta e codul de raspuns:</p>
<ul class="simple">
<li><strong>0</strong> - functionare normala;</li>
<li><strong>1</strong> - necesita atentie;</li>
<li>alt cod - verificarea nu a functionat/serviciu nefunctional;</li>
</ul>
<p>Notificam instanta agent sa preia noua configuratie</p>
<div class="highlight"><pre><span></span><span class="go">consul reload</span>
</pre></div>
<p>Serviciul apare in scurt timp si in interfata de admin:</p>
<img alt="" src="/images/consul-service.png" style="width: 800px;" />
<p>Informatii despre acest servciu poate fi descoperite prin 2 metode:</p>
<ul class="simple">
<li>prin API propriu oferit de consul pe portul 8500:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">curl http://localhost:8500/v1/catalog/service/shop</span>
<span class="go">[</span>
<span class="go"> {</span>
<span class="go"> "ID": "064e26c0-0a21-b886-73fd-8972a8bbb155",</span>
<span class="go"> "Node": "consul-node1",</span>
<span class="go"> "Address": "10.209.214.170",</span>
<span class="go"> "Datacenter": "lxd",</span>
<span class="go"> "TaggedAddresses": {</span>
<span class="go"> "lan": "10.209.214.170",</span>
<span class="go"> "wan": "10.209.214.170"</span>
<span class="go"> },</span>
<span class="go"> "NodeMeta": {</span>
<span class="go"> "consul-network-segment": ""</span>
<span class="go"> },</span>
<span class="go"> "ServiceKind": "",</span>
<span class="go"> "ServiceID": "shop",</span>
<span class="go"> "ServiceName": "shop",</span>
<span class="go"> "ServiceTags": [</span>
<span class="go"> "shop",</span>
<span class="go"> "urlprefix-/shop"</span>
<span class="go"> ],</span>
<span class="go"> "ServiceAddress": "",</span>
<span class="go"> "ServiceWeights": {</span>
<span class="go"> "Passing": 1,</span>
<span class="go"> "Warning": 1</span>
<span class="go"> },</span>
<span class="go"> "ServiceMeta": {},</span>
<span class="go"> "ServicePort": 80,</span>
<span class="go"> "ServiceEnableTagOverride": false,</span>
<span class="go"> "ServiceProxy": {</span>
<span class="go"> "MeshGateway": {},</span>
<span class="go"> "Expose": {}</span>
<span class="go"> },</span>
<span class="go"> "ServiceConnect": {},</span>
<span class="go"> "CreateIndex": 11442,</span>
<span class="go"> "ModifyIndex": 11442</span>
<span class="go"> }</span>
<span class="go">]</span>
</pre></div>
<ul class="simple">
<li>prin interogare DNS.</li>
</ul>
<p>Agentul client Consul expune pe portul 8600 un servicu DNS prin care se pot interoga nodurile (<nume_nod>.node.consul) sau serviciu (<nume_serviciu>.service.consul) sau tag (<tag>.<nume_serviciu>.service.consul):</p>
<div class="highlight"><pre><span></span><span class="go">dig @127.0.0.1 -p 8600 shop.service.consul</span>
<span class="go">; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @127.0.0.1 -p 8600 shop.service.consul</span>
<span class="go">; (1 server found)</span>
<span class="go">;; global options: +cmd</span>
<span class="go">;; Got answer:</span>
<span class="go">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26249</span>
<span class="go">;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2</span>
<span class="go">;; WARNING: recursion requested but not available</span>
<span class="go">;; OPT PSEUDOSECTION:</span>
<span class="go">; EDNS: version: 0, flags:; udp: 4096</span>
<span class="go">;; QUESTION SECTION:</span>
<span class="go">;shop.service.consul. IN A</span>
<span class="go">;; ANSWER SECTION:</span>
<span class="go">shop.service.consul. 0 IN A 10.209.214.170</span>
<span class="go">;; ADDITIONAL SECTION:</span>
<span class="go">shop.service.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">;; Query time: 1 msec</span>
<span class="go">;; SERVER: 127.0.0.1#8600(127.0.0.1)</span>
<span class="go">;; WHEN: Mon Dec 09 17:36:02 UTC 2019</span>
<span class="go">;; MSG SIZE rcvd: 100</span>
</pre></div>
<p>Dupa cum banuiti metoda a doua este cea mai usor de folosit in configuratii. Pentru asta avem nevoie de un server local de DNS
- de ex dnsmasq - ce se poate conecta pe consul pe portul 8600 pentru actualizari.</p>
<p>Instalam pachetul dnsmasq:</p>
<div class="highlight"><pre><span></span><span class="go">apt install dnsmasq</span>
</pre></div>
<p>Oprim serviciul <strong>systemd-resolved</strong></p>
<div class="highlight"><pre><span></span><span class="go">systemctl stop systemd-resolve</span>
<span class="go">systemctl disable systemd-resolve</span>
<span class="go">rm -f /etc/resolv.conf</span>
</pre></div>
<p>Adaugam urmatorul fisier <strong>/etc/dnsmasq.d/10-consul</strong>:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>Enable<span class="w"> </span>forward<span class="w"> </span>lookup<span class="w"> </span>of<span class="w"> </span>the<span class="w"> </span><span class="s1">'consul'</span><span class="w"> </span>domain:
<span class="go">server=/consul/127.0.0.1#8600</span>
<span class="gp"># </span>Upstream<span class="w"> </span>DNS<span class="w"> </span>server:
<span class="go">server=1.1.1.1</span>
</pre></div>
<p>Pornim si activam serviciul <strong>dnsmasq</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl start dnsmasq</span>
<span class="go">systemctl enable dnsmasq</span>
</pre></div>
<p>Si acum putem da ping la orice serviciu ca la un domeniu</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>ping<span class="w"> </span>-c<span class="w"> </span><span class="m">2</span><span class="w"> </span>static.service.consul
<span class="go">PING static.service.consul (10.209.214.214) 56(84) bytes of data.</span>
<span class="go">64 bytes from consul-node3.lxd (10.209.214.214): icmp_seq=1 ttl=64 time=0.048 ms</span>
<span class="gp"># </span>ping<span class="w"> </span>-c<span class="w"> </span><span class="m">2</span><span class="w"> </span>static.service.consul
<span class="go">PING static.service.consul (10.209.214.169) 56(84) bytes of data.</span>
<span class="go">64 bytes from consul-node4.lxd (10.209.214.169): icmp_seq=1 ttl=64 time=0.037 ms</span>
</pre></div>
<p>In exemplul de mai sus primim 2 IP diferite penru ca sunt 2 instante iar consul face si balansare:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>dig<span class="w"> </span>static.service.consul
<span class="go">; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> static.service.consul</span>
<span class="go">;; global options: +cmd</span>
<span class="go">;; Got answer:</span>
<span class="go">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40113</span>
<span class="go">;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3</span>
<span class="go">;; OPT PSEUDOSECTION:</span>
<span class="go">; EDNS: version: 0, flags:; udp: 4096</span>
<span class="go">;; QUESTION SECTION:</span>
<span class="go">;static.service.consul. IN A</span>
<span class="go">;; ANSWER SECTION:</span>
<span class="go">static.service.consul. 0 IN A 10.209.214.214</span>
<span class="go">static.service.consul. 0 IN A 10.209.214.169</span>
<span class="go">;; ADDITIONAL SECTION:</span>
<span class="go">static.service.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">static.service.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">;; Query time: 0 msec</span>
<span class="go">;; SERVER: 127.0.0.1#53(127.0.0.1)</span>
<span class="go">;; WHEN: Mon Dec 09 18:00:29 UTC 2019</span>
<span class="go">;; MSG SIZE rcvd: 154</span>
</pre></div>
<p>Suplimentar Consul poate oferi informatia legata de portul pe care functioneaza servciul (<a class="reference external" href="https://en.wikipedia.org/wiki/SRV_record?">SRV record</a>):</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>dig<span class="w"> </span>static.service.consul<span class="w"> </span>SRV
<span class="go">; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> static.service.consul SRV</span>
<span class="go">;; global options: +cmd</span>
<span class="go">;; Got answer:</span>
<span class="go">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11406</span>
<span class="go">;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 5</span>
<span class="go">;; OPT PSEUDOSECTION:</span>
<span class="go">; EDNS: version: 0, flags:; udp: 4096</span>
<span class="go">;; QUESTION SECTION:</span>
<span class="go">;static.service.consul. IN SRV</span>
<span class="go">;; ANSWER SECTION:</span>
<span class="go">static.service.consul. 0 IN SRV 1 1 8080 consul-node3.node.lxd.consul.</span>
<span class="go">static.service.consul. 0 IN SRV 1 1 8080 consul-node4.node.lxd.consul.</span>
<span class="go">;; ADDITIONAL SECTION:</span>
<span class="go">consul-node3.node.lxd.consul. 0 IN A 10.209.214.214</span>
<span class="go">consul-node3.node.lxd.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">consul-node4.node.lxd.consul. 0 IN A 10.209.214.169</span>
<span class="go">consul-node4.node.lxd.consul. 0 IN TXT "consul-network-segment="</span>
<span class="go">;; Query time: 1 msec</span>
<span class="go">;; SERVER: 127.0.0.1#53(127.0.0.1)</span>
<span class="go">;; WHEN: Mon Dec 09 18:15:48 UTC 2019</span>
<span class="go">;; MSG SIZE rcvd: 250</span>
</pre></div>
<p>In PHP putem optine informatia referitoare la port usor:</p>
<div class="highlight"><pre><span></span><span class="cp"><?php</span>
<span class="nv">$record</span> <span class="o">=</span> <span class="nb">dns_get_record</span><span class="p">(</span><span class="s1">'static.service.consul'</span><span class="p">,</span> <span class="nx">DNS_SRV</span><span class="p">);</span>
<span class="nb">print_r</span><span class="p">(</span><span class="nv">$record</span><span class="p">);</span>
</pre></div>
<p>si rapunsul ca:</p>
<div class="highlight"><pre><span></span><span class="go">Array</span>
<span class="go">(</span>
<span class="go"> [0] => Array</span>
<span class="go"> (</span>
<span class="go"> [host] => static.service.consul</span>
<span class="go"> [class] => IN</span>
<span class="go"> [ttl] => 0</span>
<span class="go"> [type] => SRV</span>
<span class="go"> [pri] => 1</span>
<span class="go"> [weight] => 1</span>
<span class="go"> [port] => 8080</span>
<span class="go"> [target] => consul-node3.node.lxd.consul</span>
<span class="go"> )</span>
<span class="go"> [1] => Array</span>
<span class="go"> (</span>
<span class="go"> [host] => static.service.consul</span>
<span class="go"> [class] => IN</span>
<span class="go"> [ttl] => 0</span>
<span class="go"> [type] => SRV</span>
<span class="go"> [pri] => 1</span>
<span class="go"> [weight] => 1</span>
<span class="go"> [port] => 8080</span>
<span class="go"> [target] => consul-node4.node.lxd.consul</span>
<span class="go"> )</span>
<span class="go">)</span>
</pre></div>
Consul - Instalare, configurare server si client2019-12-07T00:00:00+02:002019-12-07T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-12-07:/consul-instalare-configurare-sever-client.html<p><a class="reference external" href="https://www.consul.io/">Consul</a> este o solutie creata si dezvoltata de Hashicorp ce permite interconectarea microserviciilor in medii dinamice si autoscalabile.</p>
<p>Acest sistem consta din doua parti:</p>
<ul class="simple">
<li>instante server ce stocheaza informatiile (se recomanda min 3 pe datacenter)</li>
<li>instante client - instalate pe fiecare masina ce ruleaza un serviciu - care comunica serverelor serviciile oferite …</li></ul><p><a class="reference external" href="https://www.consul.io/">Consul</a> este o solutie creata si dezvoltata de Hashicorp ce permite interconectarea microserviciilor in medii dinamice si autoscalabile.</p>
<p>Acest sistem consta din doua parti:</p>
<ul class="simple">
<li>instante server ce stocheaza informatiile (se recomanda min 3 pe datacenter)</li>
<li>instante client - instalate pe fiecare masina ce ruleaza un serviciu - care comunica serverelor serviciile oferite precum si pot efectua monitorizarea acestora.</li>
</ul>
<img alt="" src="/images/consul-architecture.png" style="width: 600px;" />
<p>Toate aceste instante (numite si noduri) comunica si fac schimb de informatii folosind protocolul <a class="reference external" href="https://en.wikipedia.org/wiki/Gossip_protocol">LAN GOSSIP</a>.</p>
<p>Instalarea se face ca pachet binar si se descarca ca <a class="reference external" href="https://www.consul.io/downloads.html">arhiva zip</a>.</p>
<p>Extragem din arhiva singurul binar pe care il mutam in /usr/bin/:</p>
<div class="highlight"><pre><span></span><span class="go">cd /usr/src</span>
<span class="go">curl -O https://releases.hashicorp.com/consul/1.6.2/consul_1.6.2_linux_amd64.zip</span>
<span class="go">unzip consul_1.6.2_linux_amd64.zip</span>
<span class="go">mv consul /usr/bin/</span>
<span class="go">mkdir /etc/consul.d</span>
</pre></div>
<p>Creem un user dedicat cu care va rula serviciul:</p>
<div class="highlight"><pre><span></span><span class="go">sudo adduser \</span>
<span class="go"> --shell /bin/bash \</span>
<span class="go"> --group \</span>
<span class="go"> --disabled-password \</span>
<span class="go"> --home /var/consul \</span>
<span class="go"> consul</span>
</pre></div>
<p>Pentru o facila administrare a sistemului creem un fisier serviciu <strong>/lib/systemd/system/consul.service</strong></p>
<div class="highlight"><pre><span></span><span class="go">[Unit]</span>
<span class="go">Description=Consul server process</span>
<span class="go">Requires=network-online.target</span>
<span class="go">After=network-online.target</span>
<span class="go">[Service]</span>
<span class="go">Type=simple</span>
<span class="go">Restart=on-failure</span>
<span class="go">ExecStart=/usr/bin/consul agent -config-dir /etc/consul.d</span>
<span class="go">KillSignal=SIGTERM</span>
<span class="go">User=consul</span>
<span class="go">Group=consul</span>
<span class="go">[Install]</span>
<span class="go">WantedBy=multi-user.target</span>
</pre></div>
<p>Creem un fisierul de configurare pentru instantele server <strong>/etc/consul.d/server.json</strong>:</p>
<div class="highlight"><pre><span></span><span class="p">{</span>
<span class="w"> </span><span class="nt">"bootstrap"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"bind_addr"</span><span class="p">:</span><span class="w"> </span><span class="s2">"10.209.214.89"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"server"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"datacenter"</span><span class="p">:</span><span class="w"> </span><span class="s2">"dc1"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"data_dir"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/var/consul"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"log_level"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INFO"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"enable_syslog"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"rejoin_after_leave"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"retry_join"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span>
<span class="w"> </span><span class="s2">"10.209.214.89"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.180"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.225"</span>
<span class="w"> </span><span class="p">]</span>
<span class="p">}</span>
</pre></div>
<p>Unde:</p>
<ul class="simple">
<li><strong>bootstrap</strong> - <strong>true</strong> pentru o singura masina din cluster;</li>
<li><strong>bind_addr</strong> - interfata pe care va asculta servciul, in cazul cand masina dispune de interfete multiple;</li>
<li><strong>server</strong> - <strong>true</strong> pentru instantele server;</li>
<li><strong>datacenter</strong> - numele de identificare a retelei in care ruleaza consul;</li>
<li><strong>"enable_syslog</strong> - informatiile de log se vor salva in logul de sistemului;</li>
<li><strong>rejoin_after_leave</strong> - serverul se va reconecta la cluster la restart;</li>
<li><strong>retry_join</strong> - o lista cu celelalte instante server (daca le cunoastem IP/hostname);</li>
</ul>
<p>Creem un fisier de configurare pentru instantele client <strong>/etc/consul.d/client.json</strong>:</p>
<div class="highlight"><pre><span></span><span class="p">{</span>
<span class="w"> </span><span class="nt">"server"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"datacenter"</span><span class="p">:</span><span class="w"> </span><span class="s2">"dc1"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"data_dir"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/var/consul"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"log_level"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INFO"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"enable_syslog"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"retry_join"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span>
<span class="w"> </span><span class="s2">"10.209.214.89"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.180"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.225"</span>
<span class="w"> </span><span class="p">]</span>
<span class="p">}</span>
</pre></div>
<p>ori ca fisier HCL in <strong>/etc/consul.d/client.hcl</strong>:</p>
<div class="highlight"><pre><span></span><span class="err">server</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">false</span>
<span class="err">da</span><span class="kc">ta</span><span class="err">ce</span><span class="kc">nter</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"dc1"</span>
<span class="err">da</span><span class="kc">ta</span><span class="err">_dir</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"/var/consul"</span>
<span class="err">log_level</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"INFO"</span>
<span class="err">e</span><span class="kc">na</span><span class="err">ble_syslog</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">true</span>
<span class="err">re</span><span class="kc">tr</span><span class="err">y_joi</span><span class="kc">n</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">[</span>
<span class="w"> </span><span class="s2">"10.209.214.89"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.180"</span><span class="p">,</span>
<span class="w"> </span><span class="s2">"10.209.214.225"</span>
<span class="p">]</span>
</pre></div>
<p>Mai multe optiuni si functii de configurare gasiti pe pagina <a class="reference external" href="https://www.consul.io/docs/agent/options.html">dedicata</a>.</p>
<p>Se recomanda ca serverul sa aiba permisa comunicarea pe porturile:</p>
<ul class="simple">
<li>8500 - HTTP API (TCP only)</li>
<li>8501 - HTTPS API</li>
<li>8502 - gRPC API</li>
<li>8600 - DNS (TCP si UDP)</li>
<li>8301 - comunicare LAN (TCP si UDP)</li>
<li>8302 - comunicare WAN (TCP si UDP)</li>
</ul>
<p>Pornim serviciul consul pe fiecare instanta (server/client):</p>
<div class="highlight"><pre><span></span><span class="go">systemctl start consul</span>
<span class="go">systemctl enable consul</span>
</pre></div>
<p>Dupa restart putem verifica statusul cluster-ului:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>consul<span class="w"> </span>members
<span class="go">Node Address Status Type Build Protocol DC Segment</span>
<span class="go">consul-server 10.209.214.89:8301 alive server 1.6.2 2 dc1 <all></span>
<span class="go">consul-server2 10.209.214.180:8301 alive server 1.6.2 2 dc1 <all></span>
<span class="go">consul-server3 10.209.214.225:8301 alive server 1.6.2 2 dc1 <all></span>
<span class="go">consul-node1 10.209.214.170:8301 alive client 1.6.2 2 dc1 <default></span>
<span class="go">consul-node2 10.209.214.25:8301 alive client 1.6.2 2 dc1 <default></span>
<span class="go">consul-node3 10.209.214.214:8301 alive client 1.6.2 2 dc1 <default></span>
</pre></div>
<p>Pentru o mai usoara vizibilitate pe langa API Consul include si o interfata <a class="reference external" href="https://learn.hashicorp.com/consul/getting-started/ui">web</a> pentru vizualiazarea nodurilor/serviciilor ce se poate activa cu optiunea <strong>-ui</strong> la comanda de start</p>
<div class="highlight"><pre><span></span><span class="go">...</span>
<span class="go">ExecStart=/usr/bin/consul agent -ui -config-dir /etc/consul.d</span>
</pre></div>
<img alt="" src="/images/consul-ui.png" style="width: 600px;" />
Solutii de patch management2019-04-28T00:00:00+03:002019-04-28T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2019-04-28:/solutii-de-patch-management.html<p>Uneori ori suntem in situatia de a administra o infrastructura pe care nu putem reimprospata usor sau fregvent sistemul de operare prin reinstall, asa cum se poate face in cloud. Ma gandesc aici servere de webhost cu zeci de domenii instalate , servere de baze de date ori storage de date …</p><p>Uneori ori suntem in situatia de a administra o infrastructura pe care nu putem reimprospata usor sau fregvent sistemul de operare prin reinstall, asa cum se poate face in cloud. Ma gandesc aici servere de webhost cu zeci de domenii instalate , servere de baze de date ori storage de date critice pentru aplicatii.</p>
<p>Ce alternative avem?</p>
<ol class="arabic simple">
<li>Actualizare manuala</li>
</ol>
<p>Prima alternativa e sa nu conectam via ssh si sa rulam una din comenzi:</p>
<div class="highlight"><pre><span></span><span class="go">yum update</span>
<span class="go">apt update && apt upgrade</span>
</pre></div>
<p>Pro:</p>
<ul class="simple">
<li>solutia este simpla</li>
<li>fezabila pentru un numar redus de instante.</li>
</ul>
<p>Contra:</p>
<ul class="simple">
<li>evidenta cand unde s-a rulat trebuie facuta extern/manual</li>
<li>cu cat numarul lor creste metoda devine greoaie dpdv al administrarii</li>
<li>e necesar configurarea repo-urilor pe fiecare instanta</li>
</ul>
<ol class="arabic simple" start="2">
<li>Salt/Ansible/Puppet/Chef</li>
</ol>
<p>Rulam comanda de actualizare sistemului de operare/aplicatiilor printr-un sistem de <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">management al configuratiilor</a> fie <a class="reference external" href="/articole/ansible-rulare-comenzi-adhoc/">Ansible</a> sau <a class="reference external" href="/articole/salt-rulare-comezi/">Salt</a> ori Puppet</p>
<p>Pro:</p>
<ul class="simple">
<li>un singur loc de rulare a comenzii</li>
<li>permite rularea comenzii pe un numar ridicat de instante simultan (chiar mii folosind Salt/Puppet)</li>
</ul>
<p>Contra:</p>
<ul class="simple">
<li>e necesar gruparea atenta a instantelor pentru evitarea aplicarea actualizarilor nedorite (versiuni de PHP/Python/Node)</li>
<li>e necesar configurarea repo-urilor pe fiecare instanta</li>
</ul>
<ol class="arabic simple" start="3">
<li>Aplicatii dedicate de patch management.</li>
</ol>
<p>O aplicatie de patch management iti arata puterea cu cat infrastructura administata este mai mare (servere fizice sau VM).
Aceste aplicatii uzual permit sa fie o sursa unica de aplicatii pentru masinile administrate sau ce nu au nevoie de access extern, prin creeare unui repo/mirror local.</p>
<p>Pro:</p>
<ul class="simple">
<li>permit</li>
<li>evidenta pachetelor instalate pe fiecare instanta</li>
<li>pot avea si functionalitati de CMDB</li>
<li>folosirea unor repo-uri locale ce pot stoca versiuni diferite ale aceluasi pachet (ce in timp pot disparea de pe mirror-uri)</li>
<li>permit functionalitati de management al fisierelor de configurare</li>
<li>permit functionalitati de instalare automata a sistemelor (OS provisioning)</li>
<li>pot include Salt/Puppet ca agent de executie remote.</li>
<li>permit rularea de audit-uri de securitate folosind openscap.</li>
</ul>
<p>Contra:</p>
<ul class="simple">
<li>necesita resurse dedicate (cpu/ram/hdd)</li>
<li>complex de instalat/configurat/actualizat</li>
</ul>
<p>Din categoria aplicatiilor de patch management folosite amintesc: Spacewalk, Redhat Satellite, Uyuni, Foreman + Katello, SUSE Manager.</p>
<div class="section" id="spacewalk-redhat-satellite-5-x-suse-manager-3-x">
<h2>Spacewalk / Redhat Satellite 5.x / SUSE Manager 3.x</h2>
<p><a class="reference external" href="https://spacewalkproject.github.io/">Spacewalk</a> este proiectul upstream pentru:</p>
<ul class="simple">
<li><a class="reference external" href="https://www.redhat.com/en/technologies/management/satellite">Redhat Satellite</a> < 6.x (fiind sustinut intens de Redhat pana la versiunile 5.x).</li>
<li><a class="reference external" href="https://www.suse.com/products/suse-manager/">SUSE Manager</a> < 4.0</li>
</ul>
<p>Acesta poate fi utiliat pentru sistemele bazate pe RHEL, Centos, Scientific Linux, Oracle Linux, SUSE Linux, OpenSUSE ce folosesc pachetele RPM.</p>
<p>Putem prin Spacewalk sa generam fisiere kickstart pentru configurarea automata la instalarea sistemului de operare.</p>
<img alt="" src="/images/spacewalk.png" style="width: 600px;" />
<p>Pentru executia comenzilor pe sistemele administrate se instaleaza agenti dedicati care verifica si executa periodic (la fiecare 4 ore) task-urile programate.</p>
<p>Din pacate in ultimii ani dezvoltarea aplicatiei a scazut poate din cauza ca Redhat nu l-a mai folosit pentru Satellite 6.x. SUSE si-a aratat interesul in a prelua si sustine proiectul dar fara success.</p>
<img alt="" src="/images/spacewalk-packages.png" style="width: 600px;" />
</div>
<div class="section" id="uyuni-suse-manager-4-0">
<h2>Uyuni / SUSE Manager 4.0</h2>
<p>Ca urmare a evolutiei proiectului Spacewalk, SUSE a decis in iunie 2018 initierea proiectului <a class="reference external" href="https://www.uyuni-project.org/">Uyuni</a> pornind de la Spacewalk si care va fi upstream pentru noua versiune SUSE Manager 4.</p>
<img alt="" src="/images/uyuni.png" style="width: 600px;" />
<p>Incepand cu versiunea 3 la SUSE Manager s-a inclus Salt ca sistem de executie remote avand avantaje evidente (executie aproape instanta a comenzilor).</p>
<p>Cu Uyuni se poate adminstra un cluster Kubernetes (creare si deploy containere) sau host KVM (VM).</p>
<img alt="" src="/images/uyuni-packages.png" style="width: 600px;" />
<p>Am inceput sa utilizez Uyuni pe o infrastructura de peste 50 de sisteme cu rezultate foarte bune si fara mari probleme - aplicatia fiind inca in beta de dezvoltare (noua versiune se asteapata in cateva luni).</p>
</div>
<div class="section" id="foreman-katello-redhat-satellite-6-x">
<h2>Foreman + Katello / Redhat Satellite 6.x</h2>
<p><a class="reference external" href="https://theforeman.org/">Foreman</a> este folosit de multa vreme pentru administrarea/mionitoriarea infrastructurii fizice sau virtuale, server DHCP si DNS, executie remote folosind in special Puppet, etc.</p>
<img alt="" src="/images/foreman.png" style="width: 600px;" />
<p>Pentru patch managemet exista un plugin dedicat <a class="reference external" href="https://theforeman.org/plugins/katello/">Katello</a> care permite crearea de repo-uri local pentru yum si puppet.</p>
<p>Interfata este diferita ca concept de Spacewalk si poate fi uneori greoaie.</p>
<p>Pentru instalare si rulare Foreman are nevoie de minim 8Gb de RAM si este scrisa in Ruby</p>
<p>Redhat a decis utilizarea ca sursa pentru Satellite 6 a proiectului Foreman si a angajat chiar cativa core developeri.</p>
</div>
<div class="section" id="notificari-actualizari-patch-uri">
<h2>Notificari actualizari / patch-uri</h2>
<p>Toate aceste aplicatii permit importul eratelor publicate pentru pachetele rpm, identificarea sistemelor cu probleme si afisarea patch-urilor disponibie. Afisarea patch-urilor disponibile pe sisteme in Uyuni:</p>
<img alt="" src="/images/uyuni-patches.png" style="width: 600px;" />
<p>Sper ca prin acest articol sa analizati beneficiile pe care le aduce o aplicatie de patch management in infrastructura pe care o administrati.</p>
</div>
Salt - rulare comenzi remote2019-03-02T00:00:00+02:002019-03-02T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-03-02:/salt-rulare-comenzi-remote.html<p>Salt pe langa ca aduce si mentine sistemele in starea dorita (ca pachete si configurare), ne permite si executia de comenzi pe masinile slave (minioni) prin module proprii.</p>
<div class="section" id="target-area-minionilor">
<h2>Target-area minionilor</h2>
<p>Selectia minionilor pe care se vor rula comenzile dorite se poate face prin mai multe metode:</p>
<ul class="simple">
<li>prin id - numele - minionului …</li></ul></div><p>Salt pe langa ca aduce si mentine sistemele in starea dorita (ca pachete si configurare), ne permite si executia de comenzi pe masinile slave (minioni) prin module proprii.</p>
<div class="section" id="target-area-minionilor">
<h2>Target-area minionilor</h2>
<p>Selectia minionilor pe care se vor rula comenzile dorite se poate face prin mai multe metode:</p>
<ul class="simple">
<li>prin id - numele - minionului:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id test.version</span>
<span class="go">salt 'web*' test.version</span>
</pre></div>
<ul class="simple">
<li>prin IP minion:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -S '192.168.5.9' test.version</span>
</pre></div>
<ul class="simple">
<li>ca lista de minion:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -L web-1,db-2 test.version</span>
</pre></div>
<ul class="simple">
<li>printr-o variabla din grain:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -G 'role:web' test.ping</span>
</pre></div>
<ul class="simple">
<li>printr-o variabla din stocata in pillar:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -I 'variabla:valoare' test.ping</span>
</pre></div>
<ul class="simple">
<li>prin filtrari compuse:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -C 'G@role:web or G@role' test.ping</span>
</pre></div>
<ul class="simple">
<li>prin expresii regulate:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt -E '.*' cmd.run 'ls -l | grep foo'</span>
</pre></div>
<p>Sunt cazuri cand mumarul de minioni este ridicat si dorim executia comenzilor simultan in loturi (speciifcat ca numar sau procent):</p>
<div class="highlight"><pre><span></span><span class="go">salt minion_id -b 10 test.ping</span>
<span class="go">salt -G 'os:RedHat' --batch-size 25% service.restart httpd</span>
</pre></div>
</div>
<div class="section" id="comenzi-utile">
<h2>Comenzi utile</h2>
<p>Salt include peste 160 de <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/modules/all/">module</a> in versiunea 2019.2.0 din care multe sunt independente de OS.</p>
<p>Cateva din cele mai uzuale comenzi ce pot fi folosite sunt:</p>
<ul class="simple">
<li>administrarea pachetelor instalate:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id pkg.installed zsh</span>
<span class="go">salt minion_id pkg.remove zsh</span>
<span class="go">salt minion_id pkg.purge httpd</span>
</pre></div>
<p>Comanda este OS agnostica, convertind la package managerul sistemului de operare (yum, apt, pkg)</p>
<ul class="simple">
<li>informatii despre pachetele instalate:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id pkg.list_installed</span>
<span class="go">salt minion_id pkg.version php</span>
</pre></div>
<ul class="simple">
<li>administrarea serviciilor:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id service.start firewalld</span>
<span class="go">salt minion_id service.restart firewalld</span>
<span class="go">salt minion_id service.enable ntpd</span>
<span class="go">salt minion_id service.</span>
</pre></div>
<ul class="simple">
<li>informatii despre partitii:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id disk.usage</span>
<span class="go">salt minion_id disk.percentage</span>
<span class="go">salt minion_id disk.blkid</span>
<span class="go">salt minion_id disk.format /dev/sdX1</span>
<span class="go">salt minion_id mount.filesystems</span>
<span class="go">salt minion_id mount.mount /mnt/foo /dev/sdz1 True</span>
</pre></div>
<ul class="simple">
<li>adminstrare cron:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id cron.ls root</span>
<span class="go">salt minion_id cron.set_job root '30' '4' '*' '*' '*' /usr/local/bin/jobs</span>
</pre></div>
<ul class="simple">
<li>administrare instrari in /etc/hosts:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id hosts.add_host '192.168.25.3' 'db-1'</span>
<span class="go">salt minion_id hosts.get_host 'db-1'</span>
<span class="go">salt minion_id hosts.list_hosts</span>
<span class="go">salt minion_id hosts.rm_host '192.168.25.3' 'db-1'</span>
</pre></div>
<ul class="simple">
<li>administrarea informatiilor grain (/etc/salt/grains):</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id grains.set 'apps:myApp:port' 2209</span>
<span class="go">salt minion_id grains.setval role webserver</span>
<span class="go">salt minion_id grains.remove role webserver</span>
<span class="go">salt minion_id grains.ls</span>
</pre></div>
<ul class="simple">
<li>extragea informatiilor despre minion:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id status.all_status</span>
<span class="go">salt minion_id status.diskstats</span>
<span class="go">salt minion_id status.load_avg</span>
<span class="go">salt minion_id status.meminfo</span>
</pre></div>
<ul class="simple">
<li>administrarea userilor:</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id user.add name <uid> <gid> <groups> <home> <shell></span>
<span class="go">salt minion_id user.chgroups foo wheel,root</span>
<span class="go">salt minion_id user.delete name remove=True force=True</span>
</pre></div>
<p>De asemenea putem rula comenzi clasice de consola:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion_id cmd.run 'update'</span>
</pre></div>
<p>Putem transfera un script si rula pe minioni:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion_id cmd.script salt://my_script.sh</span>
</pre></div>
</div>
<div class="section" id="formatare-raspuns">
<h2>Formatare raspuns</h2>
<p>La o prima vedere raspunsul comenzilor lansate de master poate fi greu de interpretat daca am dori integrarea cu alte sisteme.</p>
<p>Pentru un formatarea raspunsului Salt ne pune la dispozitie mai multe formate:</p>
<ul class="simple">
<li>json</li>
<li>yaml</li>
<li>pprint</li>
<li>text</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">salt minion_id grains.items --output json</span>
<span class="go">salt minion_id grains.items --output json --static --output_ident Null</span>
<span class="go">salt minion_id grains.items --output yaml</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Salt - grains, pillars si sabloane2019-02-13T00:00:00+02:002019-02-13T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-02-13:/salt-grains-pillars-si-sabloane.html<p>Un aspect important in orice sistem de managementul configuratiilor este descrierea variabilelor pentru sistemele administrate (minioni pentru Salt).
Acest lucru se face prin:</p>
<ul class="simple">
<li><strong>grains</strong> - se definesc la minion - includ atributute sistem (OS, aplicatii instalate, etc) si variabile definite.</li>
<li><strong>pillars</strong> - sunt definite pe master - includ uzual credentiale / setari comune pe roluri …</li></ul><p>Un aspect important in orice sistem de managementul configuratiilor este descrierea variabilelor pentru sistemele administrate (minioni pentru Salt).
Acest lucru se face prin:</p>
<ul class="simple">
<li><strong>grains</strong> - se definesc la minion - includ atributute sistem (OS, aplicatii instalate, etc) si variabile definite.</li>
<li><strong>pillars</strong> - sunt definite pe master - includ uzual credentiale / setari comune pe roluri sau grupe de minioni</li>
</ul>
<p>Sistemul de sabloane (template-uri) foloseste aceste variabile - specifice pentru minion - la generarea fisierelor de configurare.</p>
<div class="section" id="grains">
<h2>Grains</h2>
<p>Grains descriu componentele statice ale unui minion si sunt detectate de modulele ce ruleaza pentru functionarea corecta. De exemplu daca detecteaza ca sistemul de operare (<strong>os_family</strong>) este Debian vor folosi aplicatia <strong>apt</strong> pentru instalarea aplicatiilor si <strong>yum</strong> la minion cu sisteme de operare Redhat.</p>
<p>Salt detecteaza un numar mare de grains ca de ex: os_family, saltversion, adrese IP, arhitectura sistem, etc. Acestea sunt stocate in memorie la pornirea agentului pe minion (salt-minion).</p>
<p>O lista comleta a lor o putem obtine:</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">salt minion1.domeniu.meu grains.ls</span>
<span class="l l-Scalar l-Scalar-Plain">minion1.domeniu.meu</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">-------------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- biosreleasedate</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- biosversion</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- cpu_flags</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- cpu_model</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- cpuarch</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">- disks</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
</pre></div>
<p>iar lista cu valori:</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">salt minion1.domeniu.meu grains.ls</span>
<span class="l l-Scalar l-Scalar-Plain">minion1.domeniu.meu</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">-------------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">host</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt-node2</span>
<span class="w"> </span><span class="nt">hwaddr_interfaces</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">eth0</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">00:16:3e:ce:61:71</span>
<span class="w"> </span><span class="nt">eth1</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">00:16:3e:38:e3:1a</span>
<span class="w"> </span><span class="nt">lo</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">00:00:00:00:00:00</span>
<span class="w"> </span><span class="nt">id</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt-node2.lxd</span>
<span class="w"> </span><span class="nt">init</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">systemd</span>
<span class="w"> </span><span class="nt">ip4_gw</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">192.168.25.1</span>
<span class="w"> </span><span class="nt">ip4_interfaces</span><span class="p">:</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">----------</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">eth0</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10.209.214.32</span>
<span class="w"> </span><span class="nt">eth1</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">192.168.25.108</span>
<span class="w"> </span><span class="nt">lo</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">127.0.0.1</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
</pre></div>
<p>Individual putem afisa un grain cu <strong>grains.get <nume></strong>:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu grains.get hosts</span>
<span class="go"> minion1.domeniu.meu:</span>
<span class="go"> minion1.domeniu.meu</span>
</pre></div>
<p>Grains pot fi adaugate sau modificate:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu grains.setval variabila valoare</span>
</pre></div>
<p>sau sterse</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu grains.delval variabila</span>
</pre></div>
<p>Valorile custom setate sunt salvate in fisierul <strong>/etc/salt/grains</strong> pe minion.</p>
</div>
<div class="section" id="pillars">
<h2>Pillars</h2>
<p>Pillars se utilizeaza similar ca si grains cu diferenta ca sunt definite pe master intr-o locatie centrala uzual in <strong>/srv/pillar/</strong>. Pentru targetarea specifica pe minion se foloseste tot un fisier <strong>top.sls</strong></p>
<div class="highlight"><pre><span></span><span class="nt">base</span><span class="p">:</span>
<span class="w"> </span><span class="s">'*'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">utils</span>
</pre></div>
<p>Pentru contin doar valori statice pot fi ierarhizate foarte simplu:</p>
<!-- code-block::yaml
role: web
data_folders:
images:
- jpg
- png
reports:
- xls
- csv -->
<p>Lista cu datele din pillar o puteti extrage:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu pilars.items</span>
</pre></div>
<p>Pentru aplicatii avansate datele din pillars se pot imparti pe roluri, enviromente si care apoi se combina intr-un mod <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.stack.html">ordonat</a>. O prezentare pe acest subiect este <a class="reference external" href="https://youtu.be/F3K706JJ2EI">Herding Cattle with SaltStack and Targeting via CMDB</a></p>
<p>Salt permite si encriptarea datelor prin gpg</p>
</div>
<div class="section" id="sabloane-templates">
<h2>Sabloane (templates)</h2>
<p>Salt se foloseste de sabloane ce pot include atribute din grains si pillars pentru generarea fisierelor de configurare in mod dinamic. Un engine de templating larg folosit este <a class="reference external" href="http://jinja.pocoo.org/">jinja</a> specific in aplicatiile python.</p>
<p>Generarea fisierelor prin engine de templating se face cu comanda <strong>file.managed</strong>:</p>
<div class="highlight"><pre><span></span><span class="nt">apache2_conf</span><span class="p">:</span>
<span class="w"> </span><span class="nt">file</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">managed</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/apache2/apache2.conf</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">source</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt://apache2/apache2.conf</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">template</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">jinja</span>
</pre></div>
<p>Includerea variabilor din grains se insereaza in template</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">The user {{ grains['user'] }} is referred to here.</span>
</pre></div>
<p>sau a celor din pillar</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">The user {{ pillar['user'] }} is referred to here.</span>
</pre></div>
<p>Se recomanda ca in cazul in care un grain/pillar nu este definit sa se populeze cu o valoare implicita:</p>
<div class="highlight"><pre><span></span><span class="l l-Scalar l-Scalar-Plain">The user {{ salt['grains.get']('user', 'larry') }} is referred to here.</span>
<span class="l l-Scalar l-Scalar-Plain">The user {{ salt['pillar.get']('user', 'larry') }} is referred to here.</span>
</pre></div>
<p>Jinja perminte includerea definiri de variabile similar cu alte template engines:</p>
<div class="highlight"><pre><span></span><span class="p p-Indicator">{</span><span class="err">%</span><span class="w"> </span><span class="nv">set mylist =</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">'mere'</span><span class="p p-Indicator">,</span><span class="w"> </span><span class="s">'portocale'</span><span class="p p-Indicator">,</span><span class="w"> </span><span class="s">'banane'</span><span class="p p-Indicator">]</span><span class="w"> </span><span class="err">%</span><span class="p p-Indicator">}</span>
<span class="p p-Indicator">{</span><span class="err">%</span><span class="w"> </span><span class="nv">set mydict =</span><span class="w"> </span><span class="p p-Indicator">{</span><span class="s">'placinta</span><span class="nv"> </span><span class="s">favorita'</span><span class="p p-Indicator">:</span><span class="w"> </span><span class="s">'placinta</span><span class="nv"> </span><span class="s">cu</span><span class="nv"> </span><span class="s">mere'</span><span class="p p-Indicator">,</span><span class="w"> </span><span class="s">'favorite</span><span class="nv"> </span><span class="s">'</span><span class="nv">prajitura favorita' 'diplomat'</span><span class="p p-Indicator">}</span><span class="w"> </span><span class="err">%</span><span class="p p-Indicator">}</span>
</pre></div>
<p>sau inserare de logica:</p>
<div class="highlight"><pre><span></span><span class="p p-Indicator">{</span><span class="err">%</span><span class="w"> </span><span class="nv">if grains</span><span class="p p-Indicator">[</span><span class="s">'os_family'</span><span class="p p-Indicator">]</span><span class="w"> </span><span class="nv">== 'Debian' %</span><span class="p p-Indicator">}</span>
<span class="nt">apache2</span><span class="p">:</span>
<span class="p p-Indicator">{</span><span class="err">%</span><span class="w"> </span><span class="nv">elif grains</span><span class="p p-Indicator">[</span><span class="s">'os_family'</span><span class="p p-Indicator">]</span><span class="w"> </span><span class="nv">== 'RedHat' %</span><span class="p p-Indicator">}</span>
<span class="nt">httpd</span><span class="p">:</span>
<span class="p p-Indicator">{</span><span class="err">%</span><span class="w"> </span><span class="nv">endif %</span><span class="p p-Indicator">}</span>
<span class="w"> </span><span class="nt">pkg.installed </span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[]</span>
<span class="w"> </span><span class="nt">service.running</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">enabled</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Sugestii, tutoriale - ian 20192019-02-04T00:00:00+02:002019-02-04T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-02-04:/sugestii-tutoriale-01-2019.html<p>Managing WordPress from your terminal - <a class="reference external" href="https://t.co/P8MiwmOCJy">https://t.co/P8MiwmOCJy</a></p>
<p><a class="reference external" href="/articole/salt-management-prin-states/">#Salt - management prin states</a></p>
<p>How to Install #Ansible #AWX on #CentOS 7 <a class="reference external" href="https://t.co/oAExAs022y">https://t.co/oAExAs022y</a></p>
<p><a class="reference external" href="/articole/salt-rulare-comezi/">#Salt - rulare comenzi</a></p>
<p>Automate Static Site Deployments with Salt, Git, and Webhooks <a class="reference external" href="https://t.co/fAU8t0INt6">https://t.co/fAU8t0INt6</a></p>
<p><a class="reference external" href="/articole/salt-instalare-si-configurare/">#Salt - instalare si configurare</a></p>
<p>Tips to Speed up Your …</p><p>Managing WordPress from your terminal - <a class="reference external" href="https://t.co/P8MiwmOCJy">https://t.co/P8MiwmOCJy</a></p>
<p><a class="reference external" href="/articole/salt-management-prin-states/">#Salt - management prin states</a></p>
<p>How to Install #Ansible #AWX on #CentOS 7 <a class="reference external" href="https://t.co/oAExAs022y">https://t.co/oAExAs022y</a></p>
<p><a class="reference external" href="/articole/salt-rulare-comezi/">#Salt - rulare comenzi</a></p>
<p>Automate Static Site Deployments with Salt, Git, and Webhooks <a class="reference external" href="https://t.co/fAU8t0INt6">https://t.co/fAU8t0INt6</a></p>
<p><a class="reference external" href="/articole/salt-instalare-si-configurare/">#Salt - instalare si configurare</a></p>
<p>Tips to Speed up Your Phpunit Tests <a class="reference external" href="https://t.co/MrN6Q0tD2B">https://t.co/MrN6Q0tD2B</a></p>
<p>Easy PXE boot testing with only HTTP using iPXE and libvirt <a class="reference external" href="https://t.co/JHGXh2hkho">https://t.co/JHGXh2hkho</a></p>
<p><a class="reference external" href="/articole/awx-interfata-web-pentru-ansible/">#AWX - interfata web pentru Ansible</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Salt - management prin states2019-01-27T00:00:00+02:002019-01-27T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-01-27:/salt-management-prin-states.html<p>Salt dispune de un format simplu si puternic de fisiere ce ne permite descrierea configuratiei dorite (numita <strong>state</strong>) ce este si simplu de aplicat. Multiple states pot fi combinate pentru realizarea unor configuratii complexe.</p>
<p>Lista completa a modulelor state incluse in Salt gasiti <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/states/all/">aici</a>.</p>
<p>Putem descrie un state prin fisiere …</p><p>Salt dispune de un format simplu si puternic de fisiere ce ne permite descrierea configuratiei dorite (numita <strong>state</strong>) ce este si simplu de aplicat. Multiple states pot fi combinate pentru realizarea unor configuratii complexe.</p>
<p>Lista completa a modulelor state incluse in Salt gasiti <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/states/all/">aici</a>.</p>
<p>Putem descrie un state prin fisiere de state in YAML cu extensia <strong>.sls</strong>. Un exemplu simplu este existenta unui cont pe sisteme:</p>
<div class="highlight"><pre><span></span><span class="nt">user_mihai</span><span class="p">:</span>
<span class="w"> </span><span class="nt">user.present</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mihai</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">fullname</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Mihai Andrei</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">uid</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">2001</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">home</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/home/mihai</span>
</pre></div>
<p>Im acest exemplu utilizama modulul <strong>user</strong> cu metoda <strong>present</strong> si atributele dorite. Daca salt gaseste userul pe sistem cu atributele specificate atunci nu face nimic iar in caz contrar aplica cerintele comenzii.</p>
<p>Mai multi parametrii ai comenzii ii puteti gasi cu comanda <strong>sys.state_doc</strong>:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>salt-call<span class="w"> </span>sys.state_doc<span class="w"> </span>user.present
<span class="go">local:</span>
<span class="go"> ----------</span>
<span class="go"> user:</span>
<span class="go"> Management of user accounts</span>
<span class="go"> ===========================</span>
<span class="go"> The user module is used to create and manage user settings, users can be set</span>
<span class="go"> as either absent or present</span>
<span class="go"> ...</span>
</pre></div>
<p>Puteti lista modulele de state incluse cu comanda <strong>sys.list_state_modules</strong> si metodele incluse intr-un modul cu <strong>sys.list_state_modules</strong></p>
<div class="highlight"><pre><span></span><span class="gp"># </span>salt-call<span class="w"> </span>sys.list_state_modules
<span class="go">local:</span>
<span class="go"> - acl</span>
<span class="go"> ...</span>
<span class="go"> - user</span>
<span class="go"> ...</span>
<span class="gp">#</span>salt-call<span class="w"> </span>sys.list_state_functions<span class="w"> </span>user
<span class="go">local:</span>
<span class="go"> - user.absent</span>
<span class="go"> - user.present</span>
</pre></div>
<p>Pentru a fi executate de master trebuie specificata calea lor prin variabile <strong>file_roots</strong>. Calea implicita este setata in <strong>/srv/salt</strong>. Dar poate fi extinsa printr-un fisier pus in <strong>/etc/salt/master.d/</strong>.</p>
<div class="highlight"><pre><span></span><span class="nt">file_roots</span><span class="p">:</span>
<span class="w"> </span><span class="nt">base</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/salt/base</span>
<span class="w"> </span><span class="nt">dev</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/salt/dev</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/salt/base</span>
<span class="w"> </span><span class="nt">prod</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/salt/prod</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/salt/base</span>
</pre></div>
<p>Aplicarea unui state la minioni se face cu comanda <strong>state.apply</strong> (sau <strong>state.highstate</strong>, <strong>state.sls</strong>). In output sunt prezentate modificarile survenite:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu state.apply user_mihai</span>
<span class="go">minion1.domeniu.meu:</span>
<span class="go">----------</span>
<span class="go"> ID: user_mihai</span>
<span class="go">Function: user.present</span>
<span class="go">Name: mihai</span>
<span class="go">Result: True</span>
<span class="go">Comment: New user mihai created</span>
<span class="go">Started: 13:10:01.685930</span>
<span class="go">Duration: 427.877 ms</span>
<span class="go">Changes:</span>
<span class="go"> ----------</span>
<span class="go"> fullname:</span>
<span class="go"> Mihai Andrei</span>
<span class="go"> gid:</span>
<span class="go"> 2001</span>
<span class="go"> groups:</span>
<span class="go"> - mihai</span>
<span class="go"> home:</span>
<span class="go"> /home/mihai</span>
<span class="go"> homephone:</span>
<span class="go"> name:</span>
<span class="go"> mihai</span>
<span class="go"> other:</span>
<span class="go"> passwd:</span>
<span class="go"> x</span>
<span class="go"> roomnumber:</span>
<span class="go"> shell:</span>
<span class="go"> uid:</span>
<span class="go"> 2001</span>
<span class="go"> workphone:</span>
<span class="go">Summary for minion1.domeniu.meu</span>
<span class="go">------------</span>
<span class="go">Succeeded: 1 (changed=1)</span>
<span class="go">Failed: 0</span>
<span class="go">------------</span>
<span class="go">Total states run: 1</span>
<span class="go">Total run time: 427.877 ms</span>
</pre></div>
<div class="section" id="fisierul-top-sls">
<h2>Fisierul top.sls</h2>
<p>Descriere unor state (configuratii) complexe se face de obicei in fiserul <strong>top</strong> de obicei numit <strong>top.sls</strong> situat in radacina direcorului specificat in file_roots.</p>
<div class="highlight"><pre><span></span><span class="nt">base</span><span class="p">:</span>
<span class="w"> </span><span class="s">'*'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">utils</span>
<span class="w"> </span><span class="s">'minion1.domeniul.meu'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">users.mihai</span>
</pre></div>
<p>La cel mai inalt nivel se afla environment-ul, aici numit <strong>base</strong>. Pentru toti minionii se aplica state-ul pentru ssh si utils iar pentru <strong>minion1.domeniul.meu</strong> se creaza userul mihai.</p>
<p>Salt cauta dupa fisiere in radacina environment-ului , pentru ssh astfel: cauta un fisier <strong>ssh.sls</strong> sau un fisier <strong>ssh/init.sls</strong>. Pentru user se va uita dupa fisierul <strong>users/mihai.sls</strong></p>
<p>Deci structura directorului ar fi:</p>
<div class="highlight"><pre><span></span><span class="go">├── ssh</span>
<span class="go">│ ├── files</span>
<span class="go">│ │ ├── ca_user_key.pub</span>
<span class="go">│ │ └── sshd_config</span>
<span class="go">│ ├── init.sls</span>
<span class="go">│ └── stop.sls</span>
<span class="go">├── top.sls</span>
<span class="go">├── users</span>
<span class="go">│ ├── files</span>
<span class="go">│ │ ├── devel</span>
<span class="go">│ │ └── zshrc</span>
<span class="go">│ ├── init.sls</span>
<span class="go">│ └── mihai.sls</span>
<span class="go">└── utils</span>
<span class="go"> └── init.sls</span>
</pre></div>
<p>Pentru aplicarea configurarii dorite rulam comanda <strong>state.highstate</strong></p>
<div class="highlight"><pre><span></span><span class="go">salt "*" state.highstate</span>
</pre></div>
<p>iar in output vedem rezultatul comenzilor rulate.</p>
<p>Targetarea minionilor poate fi facut dupa mai multe criterii:
- nume (complet, partial sau cautare regulata)
- atribute minion (grains): rol, OS etc
- combinat</p>
<div class="highlight"><pre><span></span><span class="nt">base</span><span class="p">:</span>
<span class="w"> </span><span class="s">'*'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">utils</span>
<span class="w"> </span><span class="s">'minion*'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">users.mihai</span>
<span class="w"> </span><span class="s">'os:CentOS'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">match</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">grain</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default.vim-enhanced</span>
<span class="w"> </span><span class="s">'role:db'</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">match</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">grain</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mysql</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Salt - rulare comenzi2019-01-19T00:00:00+02:002019-01-19T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-01-19:/salt-rulare-comenzi.html<p>Interactiunea cu Salt presupune utilizarea unei comenzi in consola. Cele mai uzuale comezi sunt:</p>
<ul class="simple">
<li>/usr/bin/salt</li>
<li>/usr/bin/salt-call</li>
<li>/usr/bin/salt-run</li>
</ul>
<div class="section" id="salt">
<h2>salt</h2>
<p>Comanda <strong>salt</strong> se executa pe <strong>master</strong> si are ca parametrii <strong>minionii</strong> targhetati si comanda pe care o dorim sa o rulam pe ei.</p>
<p>Selectia minionilor pe …</p></div><p>Interactiunea cu Salt presupune utilizarea unei comenzi in consola. Cele mai uzuale comezi sunt:</p>
<ul class="simple">
<li>/usr/bin/salt</li>
<li>/usr/bin/salt-call</li>
<li>/usr/bin/salt-run</li>
</ul>
<div class="section" id="salt">
<h2>salt</h2>
<p>Comanda <strong>salt</strong> se executa pe <strong>master</strong> si are ca parametrii <strong>minionii</strong> targhetati si comanda pe care o dorim sa o rulam pe ei.</p>
<p>Selectia minionilor pe care se ruleaza comanda poate fi facuta prin:</p>
<ul class="simple">
<li>nume</li>
<li>lista</li>
<li>prin expresii regulate</li>
<li>in functie de atribute ale minionilor (rol, OS, etc)</li>
<li>toti (*)</li>
</ul>
<p>Formatul este <strong>salt <tinta> <comanda></strong>. Un exemplu simplu este:</p>
<div class="highlight"><pre><span></span><span class="go">salt minion1.domeniu.meu test.ping</span>
<span class="go">minion1.domeniu.meu:</span>
<span class="go"> True</span>
</pre></div>
<p>Exemplul spune rularea comenzii <strong>test.ping</strong> pe minionul <strong>minion1.domeniu.meu</strong>. Daca comanda este executata cu success raspunsul va fi <strong>True</strong>.</p>
<p>Nucleul Salt include o multime de comenzi (module de executie) pentru administrarea aplicatiilor, editare firewall sau managementul utilizatorilor. Lista completa modulelor incluse o gasiti <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/index.html">aici</a>. De asemenea Salt permite includerea de module personalizate.</p>
</div>
<div class="section" id="salt-run">
<h2>salt-run</h2>
<p>Comanda <strong>salt-run</strong> ruleaza doar pe master si executa instructiunile segvential pe o lista de minioni prin module numite <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/runners/all/index.html">runner</a></p>
<div class="highlight"><pre><span></span><span class="go">salt-run manage.versions</span>
<span class="go">Master:</span>
<span class="go"> 2018.3.3</span>
<span class="go">Up to date:</span>
<span class="go"> ----------</span>
<span class="go"> minion1.domeniu.meu:</span>
<span class="go"> 2018.3.3</span>
<span class="go"> minion2.domeniu.meu:</span>
<span class="go"> 2018.3.3</span>
</pre></div>
</div>
<div class="section" id="salt-call">
<h2>salt-call</h2>
<p>Comenzile ce se ruleaza centralizat pe master pot fi executate si local pe minioni. Acest lucru se face prin comanda <strong>salt-call</strong> ruleaza modulele de executie doar local.</p>
<div class="highlight"><pre><span></span><span class="go">salt-call test.ping</span>
<span class="go">local:</span>
<span class="go"> True</span>
</pre></div>
<p>Acceasi comanda rulata pe master va avea acelasi rezultat pentru ca ruleaza doar local si putem face debug.</p>
<div class="highlight"><pre><span></span><span class="go">salt-call --log-level=debug disk.percent /</span>
<span class="go">[DEBUG ] Reading configuration from /etc/salt/minion</span>
<span class="go">....</span>
<span class="go">[INFO ] Executing command 'df -P' in directory '/root'</span>
<span class="go">[DEBUG ] stdout: Filesystem 1024-blocks Used Available Capacity Mounted on</span>
<span class="go">lxd001/containers/salt-master 477745920 589184 477156736 1% /</span>
<span class="go">...</span>
<span class="go">local:</span>
<span class="go"> 1%</span>
</pre></div>
</div>
<div class="section" id="documentatie-comenzi">
<h2>Documentatie comenzi</h2>
<p>In Salt avem access la documentatie direct din consola cu ajutorul comenzii/modului <strong>sys</strong></p>
<div class="highlight"><pre><span></span><span class="go">salt-call sys.doc sys.doc</span>
<span class="go">local:</span>
<span class="go">----------</span>
<span class="go">sys.doc:</span>
<span class="go"> Return the docstrings for all modules. Optionally, specify a module or a</span>
<span class="go"> function to narrow the selection.</span>
<span class="go"> The strings are aggregated into a single document on the master for easy</span>
<span class="go"> reading.</span>
<span class="go"> Multiple modules/functions can be specified.</span>
<span class="go"> CLI Example:</span>
<span class="go"> salt '*' sys.doc</span>
<span class="go"> salt '*' sys.doc sys</span>
<span class="go"> ...</span>
</pre></div>
<p>Puteti incerca comenzile:</p>
<ul class="simple">
<li><strong>sys.list_modules</strong> - pentru listarea modulelor</li>
<li><strong>sys.list_functions <modul></strong> - pentru listarea metodelor dintr-un modul</li>
</ul>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Salt - instalare si configurare2019-01-12T00:00:00+02:002019-01-12T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-01-12:/salt-instalare-si-configurare.html<img alt="" src="/images/saltstack.jpg" style="width: 600px;" />
<p>Salt (sau Saltstack) este un sistem de managementul configuratiilor scris in Python ce are urmatoarele caracteristici:</p>
<ul class="simple">
<li>arhitecura master - slave (necesita agent locat pe fiecare slave)</li>
<li>capabil sa administreze mii de noduri (minioni) per master</li>
<li>executa comenzile in paralel pe minioni</li>
<li>comenzile sunt scrise in YAML</li>
</ul>
<p>Ca si <a class="reference external" href="/articole/instalare-si-configurare-ansible/">Ansible</a> acesta permite …</p><img alt="" src="/images/saltstack.jpg" style="width: 600px;" />
<p>Salt (sau Saltstack) este un sistem de managementul configuratiilor scris in Python ce are urmatoarele caracteristici:</p>
<ul class="simple">
<li>arhitecura master - slave (necesita agent locat pe fiecare slave)</li>
<li>capabil sa administreze mii de noduri (minioni) per master</li>
<li>executa comenzile in paralel pe minioni</li>
<li>comenzile sunt scrise in YAML</li>
</ul>
<p>Ca si <a class="reference external" href="/articole/instalare-si-configurare-ansible/">Ansible</a> acesta permite - instalare pachete, configurare, administrare servicii - cat si efecturea de deploy-uri, creare de containere etc. Totul prin intermediul <a class="reference external" href="https://docs.saltstack.com/en/latest/ref/index.html">modulelor</a> incluse.</p>
<p>Comenzile sunt foarte intuitive si se pot grupa pentru rularea lor in <strong>formule</strong> in format yaml.</p>
<p>Pana acum nu am gasit pentru Salt o interfata grafica gratuita - exista Saltstack Enterprise contracost - la nivelul AWX. Exista cateva proiecte mai vechi ca Saltpad sau <a class="reference external" href="https://github.com/yueyongyue/saltshaker">Saltshaker</a> ori ca module pentru Foreman sau Jenkins, fiecare cu limitarile sale.</p>
<p>Salt poate fi instalat ca pachet pentru distributia folosita sau ca modul Python.</p>
<div class="section" id="instalare-in-centos">
<h2>Instalare in CentOS</h2>
<p>Se instaleaza repo Saltstack</p>
<div class="highlight"><pre><span></span><span class="go">yum install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm</span>
</pre></div>
<p>Se instaleaza pachetele pentru server si minion (se recomanda si pe master)</p>
<div class="highlight"><pre><span></span><span class="go">yum install -y salt-master</span>
<span class="go">yum install -y salt-minion</span>
</pre></div>
</div>
<div class="section" id="instalare-in-ubuntu-server">
<h2>Instalare in Ubuntu server</h2>
<p>Se importa cheia GPG pentru repo:</p>
<div class="highlight"><pre><span></span><span class="go">wget -O - https://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -</span>
</pre></div>
<p>si se creaza fisierul pentru repo in <strong>/etc/apt/sources.list.d/saltstack.list</strong></p>
<div class="highlight"><pre><span></span><span class="go">deb http://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest bionic main</span>
</pre></div>
<p>Se instaleaza pachetele pentru server si minion (se recomanda si pe master)</p>
<div class="highlight"><pre><span></span><span class="go">sudo apt-get update</span>
<span class="go">sudo apt-get install salt-master</span>
<span class="go">sudo apt-get install salt-minion</span>
</pre></div>
<p>Pentru alte sisteme de operare, gasiti in documentatie <a class="reference external" href="https://docs.saltstack.com/en/latest/topics/installation/index.html#platform-specific-installation-instructions">instructiuni</a></p>
</div>
<div class="section" id="instalarea-multiplatforma">
<h2>Instalarea multiplatforma</h2>
<p>Salt pune la dispozitie un script general de instalare ce detecteaza OS si instaleaza versiunea corecta.</p>
<p>Este necesar sa descarcam si sa rulam un singur script. Pentru master:</p>
<div class="highlight"><pre><span></span><span class="go">curl -L https://bootstrap.saltstack.com -o install_salt.sh</span>
<span class="go">sudo sh install_salt.sh -P -M</span>
</pre></div>
<p>iar pentru minion:</p>
<div class="highlight"><pre><span></span><span class="go">curl -L https://bootstrap.saltstack.com -o install_salt.sh</span>
<span class="go">sudo sh install_salt.sh -P -A <master_ip></span>
</pre></div>
</div>
<div class="section" id="configurare-master">
<h2>Configurare master</h2>
<p>Pentru comunicare pe master trebuie deschise porturile 4505 si 4506 pe interfata dorita.</p>
<p>Fisierul de configurare principal este <strong>/etc/salt/master</strong> si cele din <strong>/etc/salt/master.d/</strong></p>
<p>Se porneste serviciul <strong>salt-master</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl start salt-master</span>
</pre></div>
</div>
<div class="section" id="configurare-minion">
<h2>Configurare minion</h2>
<p>Fisierul de configurare principal este <strong>/etc/salt/minion</strong> si cele din <strong>/etc/salt/minion.d/</strong></p>
<p>Se seteaza adresa corecta a serverului master ca nume sau ip</p>
<div class="highlight"><pre><span></span><span class="nt">master</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">salt-master</span>
</pre></div>
<p>Se porneste serviciul <strong>salt-minion</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl start salt-minion</span>
</pre></div>
<p>La prima pornire minionul trimite cheia sa de identificare la master pe care trebuie sa o acceptam.</p>
<p>Listam cheile cunoscute:</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt-key<span class="w"> </span>-L
<span class="go">Unaccepted Keys:</span>
<span class="go">minion1.domeniu.meu</span>
<span class="go">minion2.domeniu.meu</span>
<span class="go">Accepted Keys:</span>
</pre></div>
<p>Acceptam cheia minionului</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt-key<span class="w"> </span>-a<span class="w"> </span>minion1.domeniu.meu
</pre></div>
<p>si acesta apare in sectiunea cheilor acceptate</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt-key<span class="w"> </span>-L
<span class="go">Unaccepted Keys:</span>
<span class="go">minion2.domeniu.meu</span>
<span class="go">Accepted Keys:</span>
<span class="go">minion1.domeniu.meu</span>
</pre></div>
<p>Mai multe optiuni pentru configurarea serviciilor gasiti in <a class="reference external" href="https://docs.saltstack.com/en/latest/contents.html">documentatia oficiala</a></p>
<p>O metoda foarte populara prin care se verifica comunicarea intre master si minioni este:</p>
<div class="highlight"><pre><span></span><span class="gp">[root@master ~]# </span>salt<span class="w"> </span><span class="s1">'*'</span><span class="w"> </span>test.ping
<span class="go">minion1.domeniu.meu:</span>
<span class="go"> True</span>
<span class="go">minion2.domeniu.meu:</span>
<span class="go"> True</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Sugestii, tutoriale - dec 20182019-01-09T00:00:00+02:002019-01-09T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2019-01-09:/sugestii-tutoriale-12-2018.html<p>nteract: write your next code-driven story. <a class="reference external" href="https://t.co/8yvhczFTQf">https://t.co/8yvhczFTQf</a></p>
<p>SearchPedia: A List of 250+ Search Engines <a class="reference external" href="https://t.co/SV9C0ghBm3">https://t.co/SV9C0ghBm3</a></p>
<p>10 books for your #DevOps reading wishlist <a class="reference external" href="https://t.co/ppPHhShDQw">https://t.co/ppPHhShDQw</a></p>
<p>Hidden directories and files as a source of sensitive information about web application <a class="reference external" href="https://t.co/tEsdSCrI30">https://t.co/tEsdSCrI30</a></p>
<p>How …</p><p>nteract: write your next code-driven story. <a class="reference external" href="https://t.co/8yvhczFTQf">https://t.co/8yvhczFTQf</a></p>
<p>SearchPedia: A List of 250+ Search Engines <a class="reference external" href="https://t.co/SV9C0ghBm3">https://t.co/SV9C0ghBm3</a></p>
<p>10 books for your #DevOps reading wishlist <a class="reference external" href="https://t.co/ppPHhShDQw">https://t.co/ppPHhShDQw</a></p>
<p>Hidden directories and files as a source of sensitive information about web application <a class="reference external" href="https://t.co/tEsdSCrI30">https://t.co/tEsdSCrI30</a></p>
<p>How to update #LXD container #Ubuntu image from 16.04 to 18.04 - nixCraft <a class="reference external" href="https://t.co/d5G1XIPSXR">https://t.co/d5G1XIPSXR</a></p>
<p>#Ansible using #roles <a class="reference external" href="https://t.co/s6n8Pj3qDL">https://t.co/s6n8Pj3qDL</a></p>
<p>I liked 6 Free Tools for Creating Your Own Icon Font <a class="reference external" href="https://t.co/Fsu3HQDeaT">https://t.co/Fsu3HQDeaT</a></p>
<p>Mapping NOC/SOC — Part 1: Overview and Documentation <a class="reference external" href="https://t.co/ubQ21XQaGT">https://t.co/ubQ21XQaGT</a></p>
<p>Install CoreOS on bare metal <a class="reference external" href="https://t.co/NCmX0kW4Rv">https://t.co/NCmX0kW4Rv</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
AWX - interfata web pentru Ansible2018-12-31T00:00:00+02:002018-12-31T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-12-31:/awx-interfata-web-pentru-ansible.html<img alt="" src="/images/awx-dashboard.png" style="width: 600px;" />
<p>AWX - proiect ce aduce o interfata web si un robust REST API pentru Ansible, si este proiectul din care se dezvolta cunoscuta aplicatie comerciala <strong>Ansible Tower</strong> sustinuta acum de Redhat.</p>
<p>Personal am considerat ca o interfata la Ansible nu e absolut necesara, mai ales la proiectele mici - one man show …</p><img alt="" src="/images/awx-dashboard.png" style="width: 600px;" />
<p>AWX - proiect ce aduce o interfata web si un robust REST API pentru Ansible, si este proiectul din care se dezvolta cunoscuta aplicatie comerciala <strong>Ansible Tower</strong> sustinuta acum de Redhat.</p>
<p>Personal am considerat ca o interfata la Ansible nu e absolut necesara, mai ales la proiectele mici - one man show - dar la proiectele in crestere unde si alti membrii ai echipei trebuie sa efectueze diverse operatii pe infrastructura are avantaje vizibile:</p>
<ul class="simple">
<li>access granular la proiecte;</li>
<li>access granular la masini;</li>
<li>access granular la anumite job-uri;</li>
<li>stocare credentiale pentru utilizare fara expunere;</li>
<li>permite rularea task-urilor de catre utilizatori fara cunostinte despre Ansible.</li>
</ul>
<p>Deci AWX permite accesul colaboratorilor fara a mai fi necesar sa aiba direct access la cheile ssh de access la masini/git. O prezentare mai detaliata gaziti in acest <a class="reference external" href="https://www.youtube.com/watch?v=jGWvAkqu66o">webinar</a>.</p>
<p>O metoda rapida si recomandata de a rula AWX prin docker/ docker-compose. Fisierul utilizat de mine este <a class="reference external" href="https://github.com/geerlingguy/awx-container/blob/master/docker-compose.yml">acesta</a> . Pentru siguranta va recomand sa stocati baza de date Postgres intr-un folder extern sau o instanta dedicata pentru pastrarea proiectelor.</p>
<p>De asemenea avem novoie de un repo git pe Guthub/Bitbucket/Gitlab/server propriu care sa fie acceibil de developer si instanta AWX.</p>
<div class="section" id="pornire-awx">
<h2>Pornire AWX</h2>
<p>Descarcam fisierul pentru docker-compose din link-ul de mai sus si pornim containerele</p>
<div class="highlight"><pre><span></span><span class="go">docker-compose up -d</span>
</pre></div>
<p>in scurt timp putem accesa AWX la adresa <a class="reference external" href="http://127.0.0.1/">http://127.0.0.1/</a> folosind userul <strong>admin</strong> si parola <strong>password</strong></p>
</div>
<div class="section" id="configurare-awx">
<h2>Configurare AWX</h2>
<p>In AWX exista notiunea de organizatii ce cuprind multiple proiecte, care putem atasa si utlizatori.</p>
<p>Creem o organizatie:</p>
<img alt="" src="/images/awx-organization.png" style="width: 600px;" />
<p>Creem un utilizator cu drepturi minime</p>
<img alt="" src="/images/awx-user.png" style="width: 600px;" />
<p>Pentru accessarea proiectului prin git (via ssh) creem un credential de tip <strong>Source control</strong>. Am adaugat o cheie privata ssh.</p>
<img alt="" src="/images/awx-git-key.png" style="width: 600px;" />
<p>si am adaugat userul meu cu drept de utilizare a cheii in tab-ul <strong>Permisions</strong>.</p>
<img alt="" src="/images/awx-permission-git-key.png" style="width: 600px;" />
<p>Pentru accesul la masinile administrare vom creem un credential de tip <strong>Machine</strong>. Am adaugat o cheie privata ssh.</p>
<img alt="" src="/images/awx-machine-key.png" style="width: 600px;" />
<p>Proiectele in AWX de obicei cuprind un repository (git cel mai des) cu mai multe playbook-uri include.</p>
<img alt="" src="/images/awx-project.png" style="width: 600px;" />
<p>si am adaugat userul meu cu drept de utilizare a proiectului in tab-ul <strong>Permisions</strong>.</p>
<img alt="" src="/images/awx-permission-machine.png" style="width: 600px;" />
<p>Cum am mentionat intr-un articol anterior pentru Ansible e necesar sa specificam masinile de administrat. Creem un inventar</p>
<img alt="" src="/images/awx-inventory.png" style="width: 600px;" />
<p>La care adaugam masinile individual. putem specifica variabile specifice ce sa fie folosite la rularea playbook-urilor.</p>
<img alt="" src="/images/awx-hosts.png" style="width: 600px;" />
<p>si am adaugat userul meu cu drept de utilizare a inventarului in tab-ul <strong>Permisions</strong>.</p>
<img alt="" src="/images/awx-permission-inventory.png" style="width: 600px;" />
<p>Alternativ inventarul poate fi importat dintr-o sursa externa (AWS,GCE, Redhat Satelite, etc) sau intr-ul fisier host din cadrul proiectului (ce poate fi in git).</p>
<p>Masinile pot fi incluse in grupuri pentru rularea de job-uri specifice:</p>
<img alt="" src="/images/awx-inventory-group.png" style="width: 600px;" />
<p>la care adaugam masinile dorite:</p>
<img alt="" src="/images/awx-inventory-group-hosts.png" style="width: 600px;" />
</div>
<div class="section" id="configurare-joburi-in-awx">
<h2>Configurare joburi in AWX</h2>
<p>Un job in AWX consta in rularea unui playbook din cadrul unui proiect pe un inventa. Acesta se adauga in <strong>Templates</strong> / <strong>Job template</strong></p>
<img alt="" src="/images/awx-job.png" style="width: 600px;" />
<p>si am adaugat userul meu cu drept de executie in tab-ul <strong>Permisions</strong>.</p>
<img alt="" src="/images/awx-permission-job.png" style="width: 600px;" />
<p>Initierea job-urilor se face prin apasarea iconitei <strong>racheta</strong> din lista:</p>
<img alt="" src="/images/awx-running-jobs.png" style="width: 600px;" />
<p>Daca avem servere de stage/qa si prod definite in inventarii dedicate bifand <strong>Prompt on launch</strong> putem selecta inventarul asupra caruia va rula playbook-ul la start:</p>
<img alt="" src="/images/awx-inventory-job.png" style="width: 600px;" />
<p>In exemplul meu am folosit <a class="reference external" href="https://github.com/ansistrano/deploy">ansistrano/deploy</a> pentru deploy-ul unui mic site. Recomand sa-l testati.</p>
<p>Sunt cazuri in care dorim sa specificam variabile la rularea unui playbook, in cazul meu sa pot selecta branch-ul la care sa fac deploy. Aici folosim tabul <strong>survey</strong> din cadrul proiectului:</p>
<img alt="" src="/images/awx-project-survey.png" style="width: 600px;" />
<p>La startul job-ului vom avea un pop-up unde putem modifica daca dorim variabila:</p>
<img alt="" src="/images/awx-job-survey.png" style="width: 600px;" />
<p>Inainte de rulare putem verifica conditiile puse</p>
<img alt="" src="/images/awx-project-survey.png" style="width: 600px;" />
<p>In timul rularii job-ului, cat si ulterior putem vizualiza output-ul comenzilor pentru debug.</p>
<img alt="" src="/images/awx-job-output.png" style="width: 600px;" />
<p>Mai multe detalii despre configurarea AWX gasiti in documentia oficiala de la <a class="reference external" href="https://docs.ansible.com/ansible-tower/latest/html/userguide/index.html">Ansible Tower</a></p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Ansible - utilizare roluri2018-12-15T00:00:00+02:002018-12-15T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-12-15:/ansible-utilizare-roluri.html<p>In Ansible, rolul e definit ca un mod de incarcare de variabile, task-uri si handlere sub forma unei structuri de fisiere predefinite.</p>
<p>De asemenea aceste permite distribuirea si utilizarea facila intre proiecte.</p>
<p>Uzual rolurile sunt definite in folderul <strong>roles</strong> din proiect</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="l l-Scalar l-Scalar-Plain">site.yml</span>
<span class="l l-Scalar l-Scalar-Plain">webservers.yml</span>
<span class="l l-Scalar l-Scalar-Plain">fooservers.yml</span>
<span class="l l-Scalar l-Scalar-Plain">roles/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">common/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tasks …</span></pre></div><p>In Ansible, rolul e definit ca un mod de incarcare de variabile, task-uri si handlere sub forma unei structuri de fisiere predefinite.</p>
<p>De asemenea aceste permite distribuirea si utilizarea facila intre proiecte.</p>
<p>Uzual rolurile sunt definite in folderul <strong>roles</strong> din proiect</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="l l-Scalar l-Scalar-Plain">site.yml</span>
<span class="l l-Scalar l-Scalar-Plain">webservers.yml</span>
<span class="l l-Scalar l-Scalar-Plain">fooservers.yml</span>
<span class="l l-Scalar l-Scalar-Plain">roles/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">common/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tasks/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">handlers/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">files/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">templates/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">vars/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">defaults/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">meta/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">webservers/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tasks/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">defaults/</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">meta/</span>
</pre></div>
<p>unde:</p>
<ul class="simple">
<li><strong>tasks</strong> - lista de comenzi ce se executa.</li>
<li><strong>handlers</strong> - comenzi penru restartare servicii.</li>
<li><strong>defaults</strong> - valorile implicite ale variabilelor folosite in interiorul rol.</li>
<li><strong>vars</strong> - variabile/parametrii folositi in executia comenzilor sau la generarea fisierelor de configurare din sabloane (template),</li>
<li><strong>files</strong> - fisiere ce sunt transferate de rol.</li>
<li><strong>templates</strong> - sabloane folosite la generarea dinamica a diverselor fisiere de configurare utilizand variabile specifice masinii/grupului,</li>
<li><strong>meta</strong> - informartii meta despre rol.</li>
</ul>
<p>Fiecare din aceste foldere trebuie sa includa minim un fisier <strong>main.yml</strong>. Exemplu:</p>
<div class="highlight"><pre><span></span><span class="c1"># roles/example/tasks/main.yml</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">import_tasks</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">redhat.yml</span>
<span class="w"> </span><span class="nt">when</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ansible_facts['os_family']|lower == 'redhat'</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">import_tasks</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">debian.yml</span>
<span class="w"> </span><span class="nt">when</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ansible_facts['os_family']|lower == 'debian'</span>
<span class="c1"># roles/example/tasks/redhat.yml</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">yum</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">"httpd"</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="c1"># roles/example/tasks/debian.yml</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">apt</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">"apache2"</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
</pre></div>
<p>Structura implicita a unui rol poate fi generata facil cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">ansible-galaxy init <nume-rol></span>
</pre></div>
<p>Rolurile se includ foarte usor in <a class="reference external" href="/articole/ansible-utilizare-playbook-uri/">playbook-uri</a></p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">webservers</span>
<span class="w"> </span><span class="nt">roles</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">common</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">webservers</span>
</pre></div>
<p>O sursa foarte uitila de de roluri este <a class="reference external" href="https://galaxy.ansible.com/">Galaxy</a> de unde pot fi instalate in cadrul proiectului. Alternativ pot fi utilizate si git repo-uri ca sursa</p>
<p>Metoda pe care o recomand este:</p>
<div class="highlight"><pre><span></span><span class="go">ansible-galaxy install --roles-path ./ <nume-rol></span>
<span class="go">ansible-galaxy install --roles-path ./roles git+https://github.com/geerlingguy/ansible-role-apache.git</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
Sugestii, tutoriale - nov 20182018-12-08T00:00:00+02:002018-12-08T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-12-08:/sugestii-tutoriale-11-2018.html<p>Docker in Development Part I <a class="reference external" href="https://t.co/vOinv7IPmh">https://t.co/vOinv7IPmh</a></p>
<p>SRE: Performance Analysis: Tuning Methodology Using a Simple HTTP Webserver In Go <a class="reference external" href="https://t.co/IEuiys27GM">https://t.co/IEuiys27GM</a></p>
<p>Modern Frontend CI/CD Architecture — The Missing Guide (Part. 3) <a class="reference external" href="https://t.co/jN3v9z4Pmw">https://t.co/jN3v9z4Pmw</a></p>
<p>Modern Frontend CI/CD Architecture — The Missing Guide (Part. 2) <a class="reference external" href="https://t.co/g14SVbVbS1">https …</a></p><p>Docker in Development Part I <a class="reference external" href="https://t.co/vOinv7IPmh">https://t.co/vOinv7IPmh</a></p>
<p>SRE: Performance Analysis: Tuning Methodology Using a Simple HTTP Webserver In Go <a class="reference external" href="https://t.co/IEuiys27GM">https://t.co/IEuiys27GM</a></p>
<p>Modern Frontend CI/CD Architecture — The Missing Guide (Part. 3) <a class="reference external" href="https://t.co/jN3v9z4Pmw">https://t.co/jN3v9z4Pmw</a></p>
<p>Modern Frontend CI/CD Architecture — The Missing Guide (Part. 2) <a class="reference external" href="https://t.co/g14SVbVbS1">https://t.co/g14SVbVbS1</a></p>
<p>Modern Frontend CI/CD Architecture — The Missing Guide (Part. 1) <a class="reference external" href="https://t.co/OKv0GK61UT">https://t.co/OKv0GK61UT</a></p>
<p>Top 43 Programming Languages: When and How to Use Them <a class="reference external" href="https://t.co/QuvQhgQYsi">https://t.co/QuvQhgQYsi</a></p>
<p>Very good rules: #MoSCoW Prioritisation <a class="reference external" href="https://t.co/WZoD0jSPCk">https://t.co/WZoD0jSPCk</a></p>
<p>Writing Logs Directly to #InfluxDB <a class="reference external" href="https://t.co/PnEr2sT6dw">https://t.co/PnEr2sT6dw</a></p>
<p>DevOps Roadmap in 2018 <a class="reference external" href="https://t.co/a4GplnaIsO">https://t.co/a4GplnaIsO</a></p>
<p>Docker Best Practices: Images <a class="reference external" href="https://t.co/A3PnZmawLz">https://t.co/A3PnZmawLz</a></p>
<p>I liked Linux Fu: Pimp Your Pipes <a class="reference external" href="https://t.co/LicQGpaN2U">https://t.co/LicQGpaN2U</a></p>
<p>Best talk for configuring #SaltStack and Targeting via #CMDB <a class="reference external" href="https://t.co/0wOwfRa8Kx">https://t.co/0wOwfRa8Kx</a></p>
<p>Understanding #StatsD and #Graphite <a class="reference external" href="https://t.co/cc6tSkpObQ">https://t.co/cc6tSkpObQ</a></p>
<p>03/11/2018 - #Ansible - utilizare playbook-uri <a class="reference external" href="https://t.co/Bw58VhAR97">https://t.co/Bw58VhAR97</a></p>
<p>Running multiple web application on a single web server with LXC <a class="reference external" href="https://t.co/YwUsRnk9hy">https://t.co/YwUsRnk9hy</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Sugestii, tutoriale - oct 20182018-11-06T00:00:00+02:002018-11-06T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-11-06:/sugestii-tutoriale-10-2018.html<p>How To Remove Docker Containers, Images, Volumes, and Networks <a class="reference external" href="https://t.co/1zTPerovQ4">https://t.co/1zTPerovQ4</a></p>
<p>Setting up Sensu v0.29 for Monitoring <a class="reference external" href="https://t.co/Pw0qTaUeoK">https://t.co/Pw0qTaUeoK</a></p>
<p>Step By Step: Install and Configure Sensu + Grafana <a class="reference external" href="https://t.co/m35Fz6ktxD">https://t.co/m35Fz6ktxD</a></p>
<p>Google Fuchsia: Here's what the NSA knows about it <a class="reference external" href="https://t.co/5zjGnPeWBn">https://t.co/5zjGnPeWBn</a></p>
<p>How …</p><p>How To Remove Docker Containers, Images, Volumes, and Networks <a class="reference external" href="https://t.co/1zTPerovQ4">https://t.co/1zTPerovQ4</a></p>
<p>Setting up Sensu v0.29 for Monitoring <a class="reference external" href="https://t.co/Pw0qTaUeoK">https://t.co/Pw0qTaUeoK</a></p>
<p>Step By Step: Install and Configure Sensu + Grafana <a class="reference external" href="https://t.co/m35Fz6ktxD">https://t.co/m35Fz6ktxD</a></p>
<p>Google Fuchsia: Here's what the NSA knows about it <a class="reference external" href="https://t.co/5zjGnPeWBn">https://t.co/5zjGnPeWBn</a></p>
<p>How to Enable and Monitor PHP-FPM Status in Nginx <a class="reference external" href="https://t.co/KGhcjCQdRq">https://t.co/KGhcjCQdRq</a></p>
<p>5 alerting and visualization tools for sysadmins <a class="reference external" href="https://t.co/JNZjMgribf">https://t.co/JNZjMgribf</a></p>
<p>WordPress boilerplate with composer <a class="reference external" href="https://t.co/9pvb7qX4Ez">https://t.co/9pvb7qX4Ez</a></p>
<p>Migrate physical systems to <a class="reference external" href="/articole/virtualizare-cu-lxd/">LXD</a> containers - YouTube <a class="reference external" href="https://t.co/CVdtmr6nse">https://t.co/CVdtmr6nse</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Ansible - utilizare playbook-uri2018-11-03T00:00:00+02:002018-11-03T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-11-03:/ansible-utilizare-playbook-uri.html<p>In documentatia oficiala de la ansible, playbook-urile (playbooks) e definit ca limbaj de configuare, deploy si orchestrare (administrare daca doriti).</p>
<p>Playbook-urile sunt fisiere in format yaml care pot fi usor de parcurs si inteles si pe care ansible executa instructiunile - comenzile - in ordinea descrisa.</p>
<p>Un exemplu (<strong>apache.yml</strong>):</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">webservers …</span></pre></div><p>In documentatia oficiala de la ansible, playbook-urile (playbooks) e definit ca limbaj de configuare, deploy si orchestrare (administrare daca doriti).</p>
<p>Playbook-urile sunt fisiere in format yaml care pot fi usor de parcurs si inteles si pe care ansible executa instructiunile - comenzile - in ordinea descrisa.</p>
<p>Un exemplu (<strong>apache.yml</strong>):</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">webservers</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">http_port</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">80</span>
<span class="w"> </span><span class="nt">max_clients</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">200</span>
<span class="w"> </span><span class="nt">remote_user</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ubuntu</span>
<span class="w"> </span><span class="nt">became</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="w"> </span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ensure apache is at the latest version</span>
<span class="w"> </span><span class="nt">yum</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">httpd</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">latest</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">write the apache config file</span>
<span class="w"> </span><span class="nt">template</span><span class="p">:</span>
<span class="w"> </span><span class="nt">src</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/srv/httpd.j2</span>
<span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/httpd.conf</span>
<span class="w"> </span><span class="nt">notify</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">restart apache</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ensure apache is running</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">httpd</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">started</span>
<span class="w"> </span><span class="nt">handlers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">restart apache</span>
<span class="w"> </span><span class="nt">service</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">httpd</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">restarted</span>
</pre></div>
<p>unde:</p>
<ul class="simple">
<li><strong>hosts</strong> - masina sau grupul de masini unde executam comenzile,</li>
<li><strong>vars</strong> - variabile/parametrii folositi in executia comenzilor sau la generarea fisierelor de configurare din sabloane (template),</li>
<li><strong>remote_user</strong> - utlizatorul folosit la conectarea prin SSH; poate fi definit in ansible.cfg sau in inventory la nivel de masina,</li>
<li><strong>became</strong> - daca dorim executia comenzilor ca root,</li>
<li><strong>tasks</strong> - lista de comenzi ce se executa.</li>
</ul>
<p>Lista de task-uri (comenzi) sunt executate in ordine, una cate una la toate masinile definite in paramtrul hosts, iar in cazul cand o comanda esueaza pe o masina pe aceasta
nu se mai executa restul comenzilor din lista.</p>
<div class="highlight"><pre><span></span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ensure apache is at the latest version</span>
<span class="w"> </span><span class="nt">yum</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">httpd</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">latest</span>
</pre></div>
<p>Task-urile sunt definite prin:</p>
<ul class="simple">
<li><strong>name</strong> - descriere sugestiva a comenzii ce se executa,</li>
<li>modulul utilizat cu parametrii specifici conform <a class="reference external" href="https://docs.ansible.com/ansible/latest/modules/modules_by_category.html">documentatiei</a></li>
</ul>
<p>Parametrii de executie pot fi definiti ca si cheie=valoare:</p>
<div class="highlight"><pre><span></span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ensure apache is at the latest version</span>
<span class="w"> </span><span class="nt">yum</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">name=httpd state=latest</span>
</pre></div>
<p>Rularea playbook-urilor este simpla:</p>
<div class="highlight"><pre><span></span><span class="go">ansible-playbook apache.yml</span>
</pre></div>
<p>ori daca dorim sa limitam executia lui doar la o masina din grup:</p>
<div class="highlight"><pre><span></span><span class="go">ansible-playbook apache.yml --limit server2</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
Ansible - rulare comenzi adhoc2018-10-27T00:00:00+03:002018-10-27T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-10-27:/ansible-rulare-comenzi-adhoc.html<p>In <a class="reference external" href="/articole/instalare-si-configurare-ansible/">articolul</a> anterior am prezentat cum instalam si configuram Ansible iar acum cateva exemple de utilizare.</p>
<p>Comezile adhoc sunt acele comenzi pe care dorim sa le rulam ocazional cu ansible in consola, fie pentru administrare sau pentru testare.</p>
<p>Pentru teste am pornit un container cu Ubuntu 18.04 pe serverul …</p><p>In <a class="reference external" href="/articole/instalare-si-configurare-ansible/">articolul</a> anterior am prezentat cum instalam si configuram Ansible iar acum cateva exemple de utilizare.</p>
<p>Comezile adhoc sunt acele comenzi pe care dorim sa le rulam ocazional cu ansible in consola, fie pentru administrare sau pentru testare.</p>
<p>Pentru teste am pornit un container cu Ubuntu 18.04 pe serverul <a class="reference external" href="/articole/virtualizare-cu-lxd/">LXD</a>. Acesta implicit are userul ubuntu creat la care am adaugat cheia publica de SSH.</p>
<p>Cum v-am sfatuit e foarte comod sa folositi setari locale - intr-un folder - pentru proiectele cu ansible. Deci creem fisierul <strong>ansible.cfg</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">[defaults]</span>
<span class="go">inventory = ./hosts</span>
<span class="go">remote_user = ubuntu</span>
</pre></div>
<p>precum fisierul <strong>hosts</strong> cu serverele</p>
<div class="highlight"><pre><span></span><span class="go">[web]</span>
<span class="go">web1 ansible_host=192.168.25.110</span>
<span class="go">web2 ansible_host=192.168.25.111</span>
</pre></div>
<p>Pentru testarea conectarii la servere folosim modulul <strong>ping</strong>.</p>
<div class="highlight"><pre><span></span><span class="go">> ansible all -m ping</span>
<span class="go">web1 | SUCCESS => {</span>
<span class="go"> "changed": false,</span>
<span class="go"> "ping": "pong"</span>
<span class="go">}</span>
<span class="go">web2 | SUCCESS => {</span>
<span class="go"> "changed": false,</span>
<span class="go"> "ping": "pong"</span>
<span class="go">}</span>
</pre></div>
<p>unde mesajul SUCCESS ne indica ca conectarea la masini functioneaza precum si ca serverele administrate ruleaza.</p>
<p>La prima conectare la o un server administrat, Ansible preia informatii despre hardware is OS - numite si <strong>facts</strong> - care sunt disponibile ca variabile ulterior pentru generarea fisierelor de configurare cu template-uri, filtrarea comenzi functie de OS etc.</p>
<p>Aceste informatii pot fi vizualizate cu modulul <strong>setup</strong> care returneaza o lista impresionanta de informatii</p>
<div class="highlight"><pre><span></span><span class="go">> ansible web1 -m setup</span>
<span class="go">web1 | SUCCESS => {</span>
<span class="go">"ansible_facts": {</span>
<span class="go"> "ansible_all_ipv4_addresses": [</span>
<span class="go"> "192.168.25.110"</span>
<span class="go"> ],</span>
<span class="go"> "ansible_all_ipv6_addresses": [</span>
<span class="go"> "fe80::216:3eff:fe85:b814"</span>
<span class="go"> ],</span>
<span class="go"> "ansible_apparmor": {</span>
<span class="go"> "status": "enabled"</span>
<span class="go"> },</span>
<span class="go"> "ansible_architecture": "x86_64",</span>
<span class="go"> "ansible_bios_date": "01/06/2014",</span>
<span class="go"> "ansible_bios_version": "F16b",</span>
<span class="go"> "ansible_cmdline": {</span>
<span class="go"> "BOOT_IMAGE": "/boot/vmlinuz-4.15.0-38-generic",</span>
<span class="go"> "ro": true,</span>
<span class="go"> "root": "UUID=15238e11-99f5-4472-a254-762dd7798c9b"</span>
<span class="go"> },</span>
<span class="go"> .....</span>
<span class="go"> }</span>
<span class="go">}</span>
</pre></div>
<p>Majoritatea modulelor din Ansible permit utilizarea de parametrii sub forma:</p>
<div class="highlight"><pre><span></span><span class="go">ansible <grup:host> -m <modul> -a "param1=val1 param2=val2"</span>
</pre></div>
<p>De exemplu folosim mosulul <a class="reference external" href="https://docs.ansible.com/ansible/latest/modules/apt_module.html">apt</a> pentru a instala ultima versiune de zsh:</p>
<div class="highlight"><pre><span></span><span class="go">ansible web2 --become -m apt -a "name=zsh state=present update_cache=yes"</span>
<span class="go">web2 | CHANGED => {</span>
<span class="go"> "cache_update_time": 1540650014,</span>
<span class="go"> "cache_updated": true,</span>
<span class="go"> "changed": true,</span>
<span class="go"> "stderr": "",</span>
<span class="go"> "stderr_lines": [],</span>
<span class="go"> "stdout": "...""</span>
<span class="go">}</span>
</pre></div>
<p>Deoarece avem nevoie de access de root pentru instalare aplicatii pentru sudo folosim parametrul <strong>--become</strong> sau <strong>-b</strong>.</p>
<p>Un modul util este <a class="reference external" href="https://docs.ansible.com/ansible/latest/modules/raw_module.html">raw</a> care ne permite sa rulam comenzi clasice in consola prin SSH</p>
<div class="highlight"><pre><span></span><span class="go">ansible web2 -m raw -a "df -h"</span>
<span class="go">web2 | CHANGED | rc=0 >></span>
<span class="go">Filesystem Size Used Avail Use% Mounted on</span>
<span class="go">lxd001/containers/awx-node2 459G 445M 458G 1% /</span>
<span class="go">none 492K 0 492K 0% /dev</span>
<span class="go">udev 3.9G 0 3.9G 0% /dev/tty</span>
<span class="go">tmpfs 100K 0 100K 0% /dev/lxd</span>
<span class="go">tmpfs 100K 0 100K 0% /dev/.lxd-mounts</span>
<span class="go">tmpfs 3.9G 0 3.9G 0% /dev/shm</span>
<span class="go">tmpfs 3.9G 192K 3.9G 1% /run</span>
<span class="go">tmpfs 5.0M 0 5.0M 0% /run/lock</span>
<span class="go">tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup</span>
<span class="go">tmpfs 786M 0 786M 0% /run/user/1000</span>
<span class="go">Shared connection to 192.168.25.111 closed.</span>
</pre></div>
<p>In articolul urmator va voi prezenta cum se pot crea succesiuni de comenzi prin <a class="reference external" href="/articole/ansible-utilizare-playbook-uri/#ansible-utilizare-playbook-uri">playbook-uri</a></p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
Instalare si configurare Ansible2018-10-21T00:00:00+03:002018-10-21T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-10-21:/instalare-si-configurare-ansible.html<p>Cum am mentionat anterior <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Ansible</a> este un aplicatie foarte usor de folosit care permite administrarea de servere multiple - instalare pachete, configurare, administrare servicii - cat si efecturea de deploy-uri, creare de containere etc. Totul prin intermediul <a class="reference external" href="https://docs.ansible.com/ansible/latest/modules/modules_by_category.html">modulelor</a> incluse</p>
<p>Comenzile sunt foarte intuitive si se pot grupa pentru rularea lor in <strong>playbook-uri …</strong></p><p>Cum am mentionat anterior <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Ansible</a> este un aplicatie foarte usor de folosit care permite administrarea de servere multiple - instalare pachete, configurare, administrare servicii - cat si efecturea de deploy-uri, creare de containere etc. Totul prin intermediul <a class="reference external" href="https://docs.ansible.com/ansible/latest/modules/modules_by_category.html">modulelor</a> incluse</p>
<p>Comenzile sunt foarte intuitive si se pot grupa pentru rularea lor in <strong>playbook-uri</strong> in format yaml.</p>
<div class="section" id="instalare">
<h2>Instalare</h2>
<p>Ansible poate fi instalat ca pachet pentru distributia folosita sau ca modul Python</p>
<p>Instalare in CentOS din repo EPEL:</p>
<div class="highlight"><pre><span></span><span class="go">yum install epel-release</span>
<span class="go">yum install ansible</span>
</pre></div>
<p>Instalare in Ubuntu/Debian</p>
<div class="highlight"><pre><span></span><span class="go">apt-add-repository -y ppa:ansible/ansible</span>
<span class="go">apt update</span>
<span class="go">apt install -y ansible</span>
</pre></div>
<p>Instalare ca modul Python:</p>
<div class="highlight"><pre><span></span><span class="go">pip install ansible</span>
</pre></div>
</div>
<div class="section" id="configurare">
<h2>Configurare</h2>
<p>Find o aplicatie de managementul configuratiilor fara agenti, se conecteaza la masinile administrate prin SSH, deci se recomanda instalarea unei chei publice pe fiecare.</p>
<p>Sunt mai multe moduri de stocare a configuratiei pentru Ansible:</p>
<ul class="simple">
<li>globala in folderul <strong>/etc/ansible</strong></li>
<li>locala intr-un folder al userului</li>
</ul>
<p>Personal prefer a doua varianta pentru ca permite o grupare mai logica pe proiecte (cand avem mai multe) a tuturor setarilor necesare.</p>
<p>Creem folderul pentru proiect <strong>~/ansible_project/</strong> si creem un fisier de configurare in acesta <strong>~/ansible_project/ansible.cfg</strong></p>
<div class="highlight"><pre><span></span><span class="k">[defaults]</span>
<span class="na">inventory</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">./hosts</span>
<span class="na">remote_user</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">root</span>
<span class="na">host_key_checking</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">False</span>
<span class="na">forks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">5</span>
<span class="na">log_path</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">./ansible.log</span>
</pre></div>
<p>unde:</p>
<ul class="simple">
<li><strong>hosts</strong> - fisier cu lista de sisteme administrate - inventar,</li>
<li><strong>remote_user</strong> - userul implicit cu care se va conecta la sisteme, cel mai des <strong>root</strong>,</li>
<li><strong>forks</strong> - numarul de sisteme accesate simultan pentru rularea comenzilor.</li>
</ul>
</div>
<div class="section" id="inventarul">
<h2>Inventarul</h2>
<p>Sistemele administrate cu Ansible sunt include intr-o lista de tip text in fisierul indicat in configuratie ce este de forma:</p>
<div class="highlight"><pre><span></span><span class="go">mail.example.com</span>
<span class="go">[webservers]</span>
<span class="go">foo.example.com</span>
<span class="go">bar.example.com</span>
<span class="go">[dbservers]</span>
<span class="go">one.example.com</span>
<span class="go">two.example.com</span>
<span class="go">three.example.com</span>
</pre></div>
<p>Alternativ sistemele pot fi descrise mai specific (de ex. cand avem doar IP fara DNS):</p>
<div class="highlight"><pre><span></span><span class="go">jumper ansible_port=5555 ansible_host=192.0.2.50</span>
</pre></div>
<p>In exemplul de mai sus mai multe sisteme sunt grupate dupa anumite criterii - rol, sistem de operare, locatie, etc - in grupuri care ne vor ajuta la rularea
comenzilor selectiv.</p>
<p>Inventarele pot fi si generate dinamic in format JSON de diverse scripturi ca de exemplu cand dorim sa rulam comenzi pe instantele de cloud (AWS, GCE, Azure).</p>
</div>
<div class="section" id="variabile">
<h2>Variabile</h2>
<p>Cum infrastructura poate fi compusa din masini diverse sau cu roluri diverse putem avea setari diferite per masina la diverse servicii.
Aceste variabile pot fi salvate fie direct in fisierul de inventar la nivel de masina sau grup ori in directoare speciale:</p>
<ul class="simple">
<li><strong>hosts_vars/foo.example.com</strong> - per sistem/masina</li>
<li><strong>group_vars/webservers</strong> - per grup de masini</li>
</ul>
<p>si sunt de forma:</p>
<div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="nt">ntp_server</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">acme.example.org</span>
<span class="nt">database_server</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">storage.example.org</span>
</pre></div>
<p>Mai multe detalii si exemple gasiti in <a class="reference external" href="https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html">documentatia oficiala</a></p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></p>
</div>
Aplicatii pentru managementul configuratiilor2018-10-11T00:00:00+03:002018-10-11T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-10-11:/aplicatii-pentru-managementul-configuratiilor.html<img alt="" src="/images/configuration-management.jpg" style="width: 600px;" />
<p>Aplicatiile pentru managementul configuratiilor ori <strong>Configuration Management</strong> (CM) sunt acele unelte ce permit administrarea configuratiilor pe o multitudine de servere fizice sau virtuale (indiferent de OS) in functiune sau noi lansate (pornite).</p>
<p>Mai exact ce fac ele:</p>
<ul class="simple">
<li>instaleaza aplicatii pe servere</li>
<li>instaleaza actualizari si patch-uri de securitate</li>
<li>genereaza si actualizeaza …</li></ul><img alt="" src="/images/configuration-management.jpg" style="width: 600px;" />
<p>Aplicatiile pentru managementul configuratiilor ori <strong>Configuration Management</strong> (CM) sunt acele unelte ce permit administrarea configuratiilor pe o multitudine de servere fizice sau virtuale (indiferent de OS) in functiune sau noi lansate (pornite).</p>
<p>Mai exact ce fac ele:</p>
<ul class="simple">
<li>instaleaza aplicatii pe servere</li>
<li>instaleaza actualizari si patch-uri de securitate</li>
<li>genereaza si actualizeaza configuratiile aplicatiilor,</li>
<li>administreaza serviciile ce ruleaza pe servere</li>
<li>administreaza useri pe servere</li>
<li>administreaza baze de date</li>
<li>administreaza echipamente de retea</li>
</ul>
<p>iar penru cei ce le utilizeaza:</p>
<ul class="simple">
<li>reduce repetabilitatea operatiilor</li>
<li>ruleaza simultan pe mai multe masini</li>
<li>simplifica generarea configuratiilor prin utilizarea de sabloane si variabile</li>
<li>reduc problemele produse de erorile de configurare</li>
</ul>
<p>Ce avantaje aduce pentru dezvoltatori: permite replicarea unei infrastructuri din productie (la o scara mai mica) perfect functionala pe statia locala (laptop) intr-un timp foarte scurt.</p>
<p>Cele mai cunoscute si utilizate aplicatii de acest gen sunt:</p>
<ul class="simple">
<li><a class="reference external" href="https://www.ansible.com">Ansible</a> - sustinut acum de Redhat</li>
<li><a class="reference external" href="https://www.puppet.com">Puppet</a></li>
<li><a class="reference external" href="https://www.saltstack.com">Salt</a></li>
<li><a class="reference external" href="https://www.chef.io">Chef</a></li>
</ul>
<p>Ca mod de functionare acestea pot fi:</p>
<ul class="simple">
<li>fara agenti ce ruleaza pe masinile controlate - Ansible</li>
<li>cu agenti ce ruleaza pe masinile controlate - Saltstack, Puppet, Chef</li>
</ul>
<p>In varianta fara agenti, masina master se conecteaza la masinile slave (client) - prin ssh - si ruleaza comenzile necesare pe acestea.</p>
<p><strong>Avantaje:</strong></p>
<ul class="simple">
<li>nu este necesar instalarea de soft suplimentar pe masinile slave</li>
<li>usor de folosit la un numar mic si mediu de masini gestionate</li>
<li>nu necesita servicii suplimentare pe masina de control</li>
</ul>
<p><strong>Dezavantaje:</strong></p>
<ul class="simple">
<li>e necesara adaugarea cheii publice pentru conectarea la masinile slave</li>
<li>la numar mare de masini gestionate timpii de executie pot creste, masina master trebuie sa se conecteze la fiecare slave pentru rularea comenzilor.</li>
</ul>
<p>Cand exista agenti pe masinile slave acestia sunt conectati la masina master si executa comenzile primite</p>
<p><strong>Avantaje:</strong></p>
<ul class="simple">
<li>permit gestionarea facila unui numar mare de masini slave.</li>
<li>timpi redusi de propagare a modificarilor prin executia in paralel pe masinile slave a comenzilor.</li>
<li>masinile slave sunt mereu conectate la masina master</li>
</ul>
<p><strong>Dezavantaje</strong></p>
<ul class="simple">
<li>e necesar instalarea aplicatiei client pe toate masinile slave.</li>
<li>ruleaza servicii suplimentare pe masina master si masinile slave</li>
</ul>
<p>Instalarea cheilor publice de ssh sau a aplicatiilor client pe masinile slave poate fi realizata in timpul operatiilor de instalare OS prin <a class="reference external" href="/articole/customizare-containere-cu-cloud-init-in-lxd/">cloud-init</a> (pe instantele de cloud) sau kickstart.</p>
<p>Voi reveni cu articole legate de Ansible si Salt cu care am lucrat incluzand exemple de implementare.</p>
<p>Seria de articole cuprinde:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/instalare-si-configurare-ansible/">Instalare si configurare Ansible</a></li>
<li><a class="reference external" href="/articole/ansible-rulare-comenzi-adhoc/">Ansible - rulare comenzi adhoc</a></li>
<li><a class="reference external" href="/articole/ansible-utilizare-playbook-uri/">Ansible - utilizare playbook-uri</a></li>
<li><a class="reference external" href="/articole/awx-interfata-web-pentru-ansible/">AWX - interfata web pentru Ansible</a></li>
<li><a class="reference external" href="/articole/salt-instalare-si-configurare/">Salt - instalare si configurare</a></li>
<li><a class="reference external" href="/articole/salt-rulare-comezi/">Salt - rulare comenzi</a></li>
<li><a class="reference external" href="/articole/salt-management-prin-states/">Salt - management prin states</a></li>
</ul>
Sugestii, tutoriale - sept 20182018-10-03T00:00:00+03:002018-10-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-10-03:/sugestii-tutoriale-09-2018.html<p>Integrate tinymce editor with Fedora and Django. <a class="reference external" href="https://t.co/kYeAieb7qF">https://t.co/kYeAieb7qF</a></p>
<p>Step By Step: Install and Configure Sensu + Grafana <a class="reference external" href="https://t.co/m35Fz6ktxD">https://t.co/m35Fz6ktxD</a></p>
<p>Let’s create an Instagram bot <a class="reference external" href="https://t.co/mjEDG3lkGr">https://t.co/mjEDG3lkGr</a></p>
<p>Monitoring containerized microservices with a centralized logging architecture. <a class="reference external" href="https://t.co/ohdFXxC2Gr">https://t.co/ohdFXxC2Gr</a></p>
<p>A closer look at Minimal …</p><p>Integrate tinymce editor with Fedora and Django. <a class="reference external" href="https://t.co/kYeAieb7qF">https://t.co/kYeAieb7qF</a></p>
<p>Step By Step: Install and Configure Sensu + Grafana <a class="reference external" href="https://t.co/m35Fz6ktxD">https://t.co/m35Fz6ktxD</a></p>
<p>Let’s create an Instagram bot <a class="reference external" href="https://t.co/mjEDG3lkGr">https://t.co/mjEDG3lkGr</a></p>
<p>Monitoring containerized microservices with a centralized logging architecture. <a class="reference external" href="https://t.co/ohdFXxC2Gr">https://t.co/ohdFXxC2Gr</a></p>
<p>A closer look at Minimal Ubuntu for #LXD <a class="reference external" href="https://t.co/pxdFfhxOwW">https://t.co/pxdFfhxOwW</a></p>
<p>How to Create Printer-friendly Pages with CSS — SitePoint <a class="reference external" href="https://t.co/bNTEEhJAjI">https://t.co/bNTEEhJAjI</a></p>
<p>Best Cloud Tools for Infrastructure Automation: 50 Useful Tools for Agile DevOps <a class="reference external" href="https://t.co/Jq40UKz2ws">https://t.co/Jq40UKz2ws</a></p>
<p>Vagrant Provisioning with SaltStack <a class="reference external" href="https://t.co/qx6EK4VpmR">https://t.co/qx6EK4VpmR</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Tutoriale Django - v2.02018-10-02T00:00:00+03:002018-10-02T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-10-02:/tutoriale-django-v20.html<p><a class="reference external" href="https://www.djangoproject.com/">Django</a> este un puternic framework in python ce ascunde o multime de functionalitati sub capota sau foarte usor de adaugat.</p>
<p>Dezvoltarea de aplicatii in python si in Django in special pare mai putin promovata pe la noi dar prin alte parti are o mare raspandire cu aplicatii pana in domeniul …</p><p><a class="reference external" href="https://www.djangoproject.com/">Django</a> este un puternic framework in python ce ascunde o multime de functionalitati sub capota sau foarte usor de adaugat.</p>
<p>Dezvoltarea de aplicatii in python si in Django in special pare mai putin promovata pe la noi dar prin alte parti are o mare raspandire cu aplicatii pana in domeniul bancar.</p>
<p>Mai jos gasiti cateva tutoriale video pe care le recomand a le parcurge dupa ce parcurgeti documentatia <a class="reference external" href="https://docs.djangoproject.com/">oficiala</a></p>
<p>Django 2.x - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzTD1BD1aWNxS2Ep06vIkaeW">https://www.youtube.com/playlist?list=PLEsfXFp6DpzTD1BD1aWNxS2Ep06vIkaeW</a></p>
<p>Django Rest API - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzTOcOVdZF-th7BS_GYGguAS">https://www.youtube.com/playlist?list=PLEsfXFp6DpzTOcOVdZF-th7BS_GYGguAS</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https://djangopackages.org/</a> - pachete ce extind functionalitatile si aspectul unui site</p>
<p>How to Install Django with PostgreSQL and Nginx on Ubuntu 16.04 <a class="reference external" href="https://t.co/2dQRrTYQsK">https://t.co/2dQRrTYQsK</a></p>
Utilizare Grafana ca interfata pentru Graphite2018-09-25T00:00:00+03:002018-09-25T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-09-25:/utilizare-grafana-ca-interfata-pentru-graphite.html<p>In ultimii ani <a class="reference external" href="/articole/instalare-graphite-sub-centos-linux-7/">Graphite</a> a fost utilizat cu success de multe firme pentru stocarea si vizualiza metricilor culese de la echipamente sau aplicatii.</p>
<p>Utilizatorii si-au dorit o interfata mai moderna, mai usor de utilizat si navigat in comparatie cu interfata standard Graphite scrisa in Django.</p>
<p>Ca raspuns la aceste cerinte …</p><p>In ultimii ani <a class="reference external" href="/articole/instalare-graphite-sub-centos-linux-7/">Graphite</a> a fost utilizat cu success de multe firme pentru stocarea si vizualiza metricilor culese de la echipamente sau aplicatii.</p>
<p>Utilizatorii si-au dorit o interfata mai moderna, mai usor de utilizat si navigat in comparatie cu interfata standard Graphite scrisa in Django.</p>
<p>Ca raspuns la aceste cerinte exprimate in comuninate a aparut proiectul <a class="reference external" href="https://grafana.com/">Grafana</a> care:
- pemite o mai usoara generare a graficelor in mai multe moduri,
- creare de dashboard-uri facil folosind sabloane si variabile,
- alertarea in functie de reguli prestabilite a utilizatorilor pe o multime de cai: Email, Slack, Webhook
- permite distribuirea lor facila</p>
<p>Pe langa Graphite , Grafana permite preluarea datelor din peste 30 de surse de date ca InfluxDB, Prometheus, Elasticsearch, AWS nativ sau prin plugin-uri (pe care le gasiti pe pe site-ul aplicatiei)</p>
<div class="section" id="instalarea-pe-centos-fedora">
<h2>Instalarea pe CentOS/Fedora</h2>
<p>Creem fisierul de repo <strong>/etc/yum.repos.d/grafana.repo</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">[grafana]</span>
<span class="go">name=grafana</span>
<span class="gp">baseurl=https://packagecloud.io/grafana/stable/el/7/$</span>basearch
<span class="go">repo_gpgcheck=1</span>
<span class="go">enabled=1</span>
<span class="go">gpgcheck=1</span>
<span class="go">gpgkey=https://packagecloud.io/gpg.key https://grafanarel.s3.amazonaws.com/RPM-GPG-KEY-grafana</span>
<span class="go">sslverify=1</span>
<span class="go">sslcacert=/etc/pki/tls/certs/ca-bundle.crt</span>
</pre></div>
<p>Instalam pachetul</p>
<div class="highlight"><pre><span></span><span class="go">yum install grafana</span>
</pre></div>
</div>
<div class="section" id="instalarea-pe-ubuntu">
<h2>Instalarea pe Ubuntu</h2>
<p>Creem un fisier pentru configurarea repo-ului in <strong>/etc/apt/sources.list.d/grafana</strong></p>
<div class="highlight"><pre><span></span><span class="go">deb https://packagecloud.io/grafana/stable/debian/ stretch main</span>
</pre></div>
<p>Adaugam cheia pentru verificarea semnaturii pachetelor:</p>
<div class="highlight"><pre><span></span><span class="go">curl https://packagecloud.io/gpg.key | sudo apt-key add -</span>
</pre></div>
<p>Instalam aplicatia:</p>
<div class="highlight"><pre><span></span><span class="go">sudo apt update</span>
<span class="go">sudo apt install grafana</span>
</pre></div>
</div>
<div class="section" id="configurare">
<h2>Configurare</h2>
<p>Implicit Grafana foloseste pe Sqlite3 pentru stocarea informatiilor intr-un fisier, dar eu va recomand sa utilizati salvarea datelor intr-o baza de date (MySQL, Postgress). Pentru MySQL parcurgem pasii:</p>
<p>In MySQL creem un utilzator si o baza de date dedicata:</p>
<div class="highlight"><pre><span></span><span class="go">create database grafana;</span>
<span class="go">create user grafana;</span>
<span class="go">grant all on grafana.* to 'graphite'@'localhost' identified by 'grafanasecret';</span>
<span class="go">flush privileges;</span>
</pre></div>
<p>In fisierul <strong>/etc/grafana/grafana.ini</strong> facem modificarile:</p>
<div class="highlight"><pre><span></span><span class="go">[database]</span>
<span class="gp"># </span>Either<span class="w"> </span><span class="s2">"mysql"</span>,<span class="w"> </span><span class="s2">"postgres"</span><span class="w"> </span>or<span class="w"> </span><span class="s2">"sqlite3"</span>,<span class="w"> </span>it<span class="err">'</span>s<span class="w"> </span>your<span class="w"> </span>choice
<span class="go">type = mysql</span>
<span class="go">host = 127.0.0.1:3306</span>
<span class="go">name = grafana</span>
<span class="go">user = grafana</span>
<span class="go">password = grafanasecret</span>
</pre></div>
<p>Alte setari legate de adresa, portul pe care va rula aplicatia (implicit 3000) cat si legate de securitate le puteti seta in acelasi fisier.</p>
<p>Pornim serviciul <strong>grafana-server</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl daemon-reload</span>
<span class="go">systemctl enable grafana-server</span>
<span class="go">systemctl start grafana-server</span>
</pre></div>
<p>Pentru prima logare ca administrator utilizati userul si parola <strong>admin</strong> (ori ce ati configurat in fisierul de setari).</p>
<p>Configuram in setari Graphite ca sursa de date:</p>
<a class="reference external image-reference" href="/images/grafana-data-sources.png"><img alt="" src="/images/grafana-data-sources.png" style="width: 400px;" /></a>
</div>
<div class="section" id="crearea-graficelor">
<h2>Crearea graficelor</h2>
<p>Creem un nou dashboard si selectam <strong>Graph</strong></p>
<a class="reference external image-reference" href="/images/grafana-dashboard.png"><img alt="" src="/images/grafana-dashboard.png" style="width: 600px;" /></a>
<p>Tinand cont de structura dub care sunt salvate metricele in Graphite, selectam metricele dorite la care putem aplica functii de transforma: alias, sum, max. (mai multe gasiti in documentatia de la Graphite <a class="reference external" href="https://graphite.readthedocs.io/en/latest/functions.html">aici</a>)</p>
<a class="reference external image-reference" href="/images/grafana-new-graph.png"><img alt="" src="/images/grafana-new-graph.png" style="width: 400px;" /></a>
<p>Putem creea alerte pentru metricile din graficelor. Alertele pot fi trimise pe email, Slack (nu uitati sa configurati aceste servicii).</p>
<a class="reference external image-reference" href="/images/grafana-alerts.png"><img alt="" src="/images/grafana-alerts.png" style="width: 400px;" /></a>
<p>Grafic cu grafic putem construi dashboard-uri ce pot oferi informatii live asupra uni server sau mai multe servere.</p>
<a class="reference external image-reference" href="/images/grafana-collectd-1.png"><img alt="" src="/images/grafana-collectd-1.png" style="width: 400px;" /></a>
<a class="reference external image-reference" href="/images/grafana-collectd-2.png"><img alt="" src="/images/grafana-collectd-2.png" style="width: 400px;" /></a>
<p>Alternativ puteti importa o varietate mare de dashboard-uri create de comunitate direct de pe <a class="reference external" href="https://grafana.com/dashboards">site</a></p>
</div>
Sugestii, tutoriale - aug 20182018-09-18T00:00:00+03:002018-09-18T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-09-18:/sugestii-tutoriale-08-2018.html<p>Part 2 of How to Make a Salty @kubernetesio @Raspberry_Pi cluster: <a class="reference external" href="https://t.co/QE4ABcpEmF">https://t.co/QE4ABcpEmF</a></p>
<p>A collection of Sysadmin Interview/Exam Questions and Answers (2018 Edition). <a class="reference external" href="https://t.co/2uwiFHPBCN">https://t.co/2uwiFHPBCN</a></p>
<p>Instalare #Kubernetes local sub #LXD <a class="reference external" href="https://t.co/RyzDV8AHD2">https://t.co/RyzDV8AHD2</a></p>
<p>Nice free #Django books <a class="reference external" href="https://t.co/LoGkQJC364">https://t.co/LoGkQJC364</a></p>
<p>Suricata IDS with …</p><p>Part 2 of How to Make a Salty @kubernetesio @Raspberry_Pi cluster: <a class="reference external" href="https://t.co/QE4ABcpEmF">https://t.co/QE4ABcpEmF</a></p>
<p>A collection of Sysadmin Interview/Exam Questions and Answers (2018 Edition). <a class="reference external" href="https://t.co/2uwiFHPBCN">https://t.co/2uwiFHPBCN</a></p>
<p>Instalare #Kubernetes local sub #LXD <a class="reference external" href="https://t.co/RyzDV8AHD2">https://t.co/RyzDV8AHD2</a></p>
<p>Nice free #Django books <a class="reference external" href="https://t.co/LoGkQJC364">https://t.co/LoGkQJC364</a></p>
<p>Suricata IDS with ELK and Web Frontend on Ubuntu 18.04 LTS <a class="reference external" href="https://t.co/tNDBFBk4D4">https://t.co/tNDBFBk4D4</a></p>
<p>Let's Encrypt wildcard certificate with Certbot <a class="reference external" href="https://t.co/yh1Ubd1gEo">https://t.co/yh1Ubd1gEo</a></p>
<p>Attack of the Bot Army <a class="reference external" href="https://t.co/0RxPVdjtEV">https://t.co/0RxPVdjtEV</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Integrare collectd cu Graphite2018-09-17T00:00:00+03:002018-09-17T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-09-17:/integrare-collectd-cu-graphite.html<p>Am prezentat in articolul legat de collectd o interfata de vizualizarea graficelor generare din fisierele RRD si comparand cu graficele generate de Graphite descoperim ca nu se ridica la acelasi nivel, in special din punct de vedere al granularitatii metricilor stocate.</p>
<p>Incepand cu versiunea 5 collectd include un plugin ce …</p><p>Am prezentat in articolul legat de collectd o interfata de vizualizarea graficelor generare din fisierele RRD si comparand cu graficele generate de Graphite descoperim ca nu se ridica la acelasi nivel, in special din punct de vedere al granularitatii metricilor stocate.</p>
<p>Incepand cu versiunea 5 collectd include un plugin ce permite salvarea datelor in Graphite.</p>
<p>Creem fisierul <strong>/etc/collectd.d/graphite.config</strong></p>
<div class="highlight"><pre><span></span><span class="go">LoadPlugin write_graphite</span>
<span class="go">LoadPlugin aggregation</span>
<span class="go"><Plugin write_graphite></span>
<span class="go"> <Node "graphite"></span>
<span class="go"> Host "xxx.xxx.xxx.xxx"</span>
<span class="go"> Port "2003"</span>
<span class="go"> Protocol "tcp"</span>
<span class="go"> LogSendErrors true</span>
<span class="go"> Prefix "collectd."</span>
<span class="go"> EscapeCharacter "_"</span>
<span class="go"> SeparateInstances true</span>
<span class="go"> StoreRates true</span>
<span class="go"> AlwaysAppendDS false</span>
<span class="go"> </Node></span>
<span class="go"></Plugin></span>
<span class="go"><Plugin "aggregation"></span>
<span class="go"> <Aggregation></span>
<span class="go"> Plugin "cpu"</span>
<span class="go"> Type "cpu"</span>
<span class="go"> GroupBy "Host"</span>
<span class="go"> GroupBy "TypeInstance"</span>
<span class="go"> CalculateAverage true</span>
<span class="go"> </Aggregation></span>
<span class="go"></Plugin></span>
<span class="go"><Plugin df></span>
<span class="go"> ReportByDevice false</span>
<span class="go"> ReportReserved true</span>
<span class="go"> ReportInodes true</span>
<span class="go"> ValuesAbsolute true</span>
<span class="go"> ValuesPercentage true</span>
<span class="go"> ReportInodes true</span>
<span class="go"></Plugin></span>
<span class="go"><Chain "PostCache"></span>
<span class="go"> <Rule></span>
<span class="go"> <Match regex></span>
<span class="go"> Plugin "^cpu$"</span>
<span class="go"> PluginInstance "^[0-9]+$"</span>
<span class="go"> </Match></span>
<span class="go"> <Target write></span>
<span class="go"> Plugin "aggregation"</span>
<span class="go"> </Target></span>
<span class="go"> Target stop</span>
<span class="go"> </Rule></span>
<span class="go">Target "write"</span>
<span class="go"></Chain></span>
</pre></div>
<p>si repornim serviciul collectd.</p>
<div class="highlight"><pre><span></span><span class="go">systemctl restart collectd</span>
</pre></div>
<p>In scurt timp vom gasi metricile salvate de forma <strong>collectd.{server}....</strong> cu care putem crea grafice</p>
<a class="reference external image-reference" href="/images/graphite.png"><img alt="" src="/images/graphite.png" style="width: 600px;" /></a>
<p>si mai apoi putem grupa aceste grafice in dashboard-uri:</p>
<a class="reference external image-reference" href="/images/dashboard-graphite.png"><img alt="" src="/images/dashboard-graphite.png" style="width: 600px;" /></a>
Instalare Graphite sub CentOS Linux 72018-09-05T00:00:00+03:002018-09-05T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-09-05:/instalare-graphite-sub-centos-linux-7.html<a class="reference external image-reference" href="/images/graphite.png"><img alt="" src="/images/graphite.png" style="width: 600px;" /></a>
<p><a class="reference external" href="https://graphiteapp.org/">Graphite</a> este un adevarat supererou in lume a monitorizarii efectuand doua lucruri doar extarordinar de bine:</p>
<ul class="simple">
<li>stocheaza date numerice in serie temporala (numeric time-series data)</li>
<li>genereaza grafice din datele stocate</li>
</ul>
<p>Graphite este format din 3 componente software:</p>
<ul class="simple">
<li><strong>carbon</strong> - un daemon ce ingereaza metrica primita</li>
<li><strong>whisper</strong> - librarie pentru stocarea metricii</li>
<li><strong>graphite-web …</strong></li></ul><a class="reference external image-reference" href="/images/graphite.png"><img alt="" src="/images/graphite.png" style="width: 600px;" /></a>
<p><a class="reference external" href="https://graphiteapp.org/">Graphite</a> este un adevarat supererou in lume a monitorizarii efectuand doua lucruri doar extarordinar de bine:</p>
<ul class="simple">
<li>stocheaza date numerice in serie temporala (numeric time-series data)</li>
<li>genereaza grafice din datele stocate</li>
</ul>
<p>Graphite este format din 3 componente software:</p>
<ul class="simple">
<li><strong>carbon</strong> - un daemon ce ingereaza metrica primita</li>
<li><strong>whisper</strong> - librarie pentru stocarea metricii</li>
<li><strong>graphite-web</strong> - o aplicatie web bazata pe Django ce genereaza graficele utilizand Cairo</li>
</ul>
<p>In baze de date in serie temporala se stocheaza valori culese in timp. Acestea pot fi de la parametrii de functionare a serverelor, echipamentelor de productie, date meteo, numar de evenimente pe un site - pe care le numim mai simplu metrica.</p>
<p>Metrica poate fi culeasa de diverse aplicatii instalate pe servere dintre care amintesc <a class="reference external" href="/articole/monitorizare-servere-cu-collectd/">Collectd</a> , Telegraf, Sensu, Diamond.</p>
<p>Cateva lucruri de luat in seama cand dorim sa realizam un sever intern de Graphite:</p>
<ul class="simple">
<li>daemon-ul carbon lucreaza intensiv cu discul, e recomandat ca discul folosit pentru stocare sa nu fie folosit de aplicatii la fel de agresive cu discul. Putem lua in considerare ca acest serviciu sa aibe alocat in intreg server de la un anumit nivel</li>
<li>baza de date ocupa spatiu, mult depinzand de numarul de metrici si perioada de stocare (poate fi stocata si ani de zile pentru referinta), deci nu fiti zgarciti cu discurile</li>
</ul>
<p>O alternativa usoara de a instala Graphite este pe CentOS 7 din repo-ul EPEL (chiar daca nu este ultima versiune). Alternativ il putem instala din surse, via pip sau rula ca container.</p>
<div class="section" id="instalarea-pachetelor">
<h2>Instalarea pachetelor</h2>
<p>Instalarea repo-ului EPEL:</p>
<div class="highlight"><pre><span></span><span class="go">yum install -y epel-release</span>
</pre></div>
<p>Pachetele necesar de instalat sunt:</p>
<div class="highlight"><pre><span></span><span class="go">yum install -y graphite-web python-carbon httpd mod_wsgi</span>
</pre></div>
</div>
<div class="section" id="configurarea-carbon">
<h2>Configurarea Carbon</h2>
<p>Un pas important este configurarea daemon-ului <strong>carbon</strong> prin stabilirea duratei de retentie a datelor, aflata in <strong>/etc/carbon/storage-schemas.conf</strong></p>
<div class="highlight"><pre><span></span><span class="go">[default]</span>
<span class="go">priority = 100</span>
<span class="go">pattern = .*</span>
<span class="go">retentions = 10s:6h,1m:30d,5m:1y</span>
</pre></div>
<p>adica se vor stoca in primele 6h valori la fiecare 10 secunde, apoi se face o medie a valorilor la minut pntru urmatoarele 30 zile si la final o medie de 5 minute.</p>
<p>Valorile se stabilesc functie de necesitati si/sau functie metrica pe care o culegem:</p>
<div class="highlight"><pre><span></span><span class="go">[collectd]</span>
<span class="go">priority = 100</span>
<span class="go">pattern = ^collectd\.</span>
<span class="go">retentions = 10s:12h,1m:60d</span>
</pre></div>
<p>E importanta stabilirea schemei de stocare inainte de primirea metricilor pentru ca modificarea ulterioara a fisierelor whisper e mai laboriasa fara stergerea lor.</p>
<p>Pornim serviciul carbon:</p>
<div class="highlight"><pre><span></span><span class="go">systemctl start carbon</span>
<span class="go">systemctl enable carbon</span>
</pre></div>
<p>Spatiu ocupat de date il puteti estima folosind acest <a class="reference external" href="https://m30m.github.io/whisper-calculator/">calculator</a> estimand ca puteti avea si peste 300 de metrici pe un server.</p>
</div>
<div class="section" id="configurarea-graphite">
<h2>Configurarea Graphite</h2>
<p>Interfata web foloseste o baza de date pentru stocarea setari, utilizatori, grafice si a dashboard-urilor create. Implicit foloseste Sqlite care in anumite momente cand se salveaza evenimente simultan poate bloca efectiv aplicatia. Reacomand sa luati in considerare utilizarea unei baza de date mai puternice (MySQL/Mariadb/Postgres).</p>
<p>In MySQL creem un utilzator si o baza de date dedicata:</p>
<div class="highlight"><pre><span></span><span class="go">create database graphite;</span>
<span class="go">create user graphite;</span>
<span class="go">grant all on graphite.* to 'graphite'@'localhost' identified by 'graph123';</span>
<span class="go">flush privileges;</span>
</pre></div>
<p>Modificam in fisierul <strong>/etc/graphite-web/settings.py</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">SECRET_KEY = 'ceamaisecretacheiedinlume'</span>
<span class="go">....</span>
<span class="go">TIME_ZONE = 'Europe/Bucharest'</span>
<span class="go">....</span>
<span class="go">DATABASES = {</span>
<span class="go"> 'default': {</span>
<span class="go"> 'ENGINE': 'django.db.backends.mysql',</span>
<span class="go"> 'NAME': 'graphite',</span>
<span class="go"> 'USER': 'graphite',</span>
<span class="go"> 'PASSWORD': 'graph123',</span>
<span class="go"> 'HOST': '127.0.0.1',</span>
<span class="go"> 'PORT': '3306',</span>
<span class="go"> }</span>
<span class="go">}</span>
</pre></div>
<p>Populam baza de date:</p>
<div class="highlight"><pre><span></span><span class="go">PYTHONPATH=/usr/share/graphite/webapp django-admin syncdb --settings=graphite.settings</span>
</pre></div>
</div>
<div class="section" id="configurarea-apache-pentru-graphite">
<h2>Configurarea Apache pentru Graphite</h2>
<p>Pentru a putea accesa aplicatia Graphite si din retea trebuie modificata politica de access in fisierul de configurare al serverului web <strong>/etc/httpd/conf.d/graphite-web.conf</strong>:</p>
<div class="highlight"><pre><span></span><span class="go"><Directory "/usr/share/graphite"></span>
<span class="go"> Require all granted</span>
<span class="go"></Directory></span>
</pre></div>
<p>Repornim serverul web</p>
<div class="highlight"><pre><span></span><span class="go">systemctl restart httpd</span>
<span class="go">systemctl enable httpd</span>
</pre></div>
<p>Acum putem accesa interfa la adresa <a class="reference external" href="http://ip_server/">http://ip_server/</a> iar userul initial este admin/admin</p>
<p>Combinand mai multe grafice puteti crea dashboard-uri care sa va indice sanatatea serviciilor dv.</p>
<a class="reference external image-reference" href="/images/dashboard-graphite.png"><img alt="" src="/images/dashboard-graphite.png" style="width: 600px;" /></a>
<p>Documentia oficiala a aplicatiei o puteti consulta <a class="reference external" href="https://graphite.readthedocs.io/en/0.9.16/">aici</a></p>
</div>
Monitorizare servere cu collectd2018-08-25T00:00:00+03:002018-08-25T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-08-25:/monitorizare-servere-cu-collectd.html<p>De multe ori intampinam probleme ori incetiniri ale aplicatiior ce ruleaza pe servere si ceea ce ne poate da informatii utile pentru diagnosticare e metrica culeasa prin diverse aplicatii (collectd, telegraf, datadog, Zabbix).</p>
<p>O scula relativ simplu de instalat si configurat e <a class="reference external" href="https://collectd.org/">collectd</a> ce are o multime de plug-inuri pentru …</p><p>De multe ori intampinam probleme ori incetiniri ale aplicatiior ce ruleaza pe servere si ceea ce ne poate da informatii utile pentru diagnosticare e metrica culeasa prin diverse aplicatii (collectd, telegraf, datadog, Zabbix).</p>
<p>O scula relativ simplu de instalat si configurat e <a class="reference external" href="https://collectd.org/">collectd</a> ce are o multime de plug-inuri pentru o multime de aplicatii de la care sa culeaga metrica. Aplicatia poate rula in 3 moduri:</p>
<ul class="simple">
<li>local - culege si stocheaza datele local</li>
<li>client - culege si trimite datele culese spre o alta instanta din retea</li>
<li>server - culege datele local, preia datele culese de alte instante si le stocheaza local</li>
</ul>
<p>Salvarea datelor se face local in fisiere <a class="reference external" href="https://oss.oetiker.ch/rrdtool/">rrd</a> sau se pot trimite spre alte sisteme - <a class="reference external" href="https://graphiteapp.org/">Graphite</a> spre exemplu.</p>
<p>Instalarea pe Debian/Ubuntu se face printr-un singur pachet:</p>
<div class="highlight"><pre><span></span><span class="go">apt install collectd</span>
</pre></div>
<p>pe cand pe CentOS aplicatia este impartita in mai multe pachete (multe plug-unri in pachete separate):</p>
<div class="highlight"><pre><span></span><span class="go">yum install collectd</span>
</pre></div>
<p>Configurarea se face simplu in fisierul <em>/bin/collectd.conf</em> sau <em>/etc/collectd/collectd.conf</em>.</p>
<div class="highlight"><pre><span></span><span class="go">Hostname "FE-1"</span>
<span class="go">FQDNLookup true</span>
<span class="gp">#</span>BaseDir<span class="w"> </span><span class="s2">"/usr/var/lib/collectd"</span>
<span class="gp">#</span>PIDFile<span class="w"> </span><span class="s2">"/usr/var/run/collectd.pid"</span>
<span class="gp">#</span>PluginDir<span class="w"> </span><span class="s2">"/usr/lib/collectd"</span>
<span class="gp">#</span>TypesDB<span class="w"> </span><span class="s2">"/usr/share/collectd/types.db"</span>
<span class="gp">#</span>Interval<span class="w"> </span><span class="m">10</span>
<span class="gp">#</span>Timeout<span class="w"> </span><span class="m">2</span>
<span class="gp">#</span>ReadThreads<span class="w"> </span><span class="m">5</span>
<span class="go">LoadPlugin syslog</span>
<span class="go"><Plugin syslog></span>
<span class="go"> LogLevel notice</span>
<span class="go"></Plugin></span>
<span class="go">LoadPlugin cpu</span>
<span class="go">LoadPlugin df</span>
<span class="go">LoadPlugin disk</span>
<span class="go">LoadPlugin interface</span>
<span class="go">LoadPlugin load</span>
<span class="go">LoadPlugin memory</span>
<span class="go">LoadPlugin network</span>
<span class="go">LoadPlugin rrdtool</span>
<span class="go">LoadPlugin vmem</span>
<span class="gp">#</span><span class="c1">#############################################################################</span>
<span class="gp"># </span>Plugin<span class="w"> </span>configuration<span class="w"> </span><span class="c1">#</span>
<span class="gp">#</span><span class="c1">#############################################################################</span>
<span class="go"><Plugin df></span>
<span class="go"> Device "/dev/sda3"</span>
<span class="go"></Plugin></span>
<span class="go"><Plugin disk></span>
<span class="go"> Disk "/^[hs]d[a-f][0-9]?$/"</span>
<span class="go"> IgnoreSelected false</span>
<span class="go"></Plugin></span>
<span class="go"><Plugin network></span>
<span class="gp"> # </span>client<span class="w"> </span>setup:
<span class="gp"> #</span>Server<span class="w"> </span><span class="s2">"10.36.23.6"</span><span class="w"> </span><span class="s2">"25826"</span>
<span class="gp"> # </span>server<span class="w"> </span>setup:
<span class="gp"> #</span>Listen<span class="w"> </span><span class="s2">"10.36.23.2"</span><span class="w"> </span><span class="s2">"25826"</span>
<span class="go"></Plugin></span>
<span class="go"><Plugin rrdtool></span>
<span class="go"> DataDir "/var/lib/collectd"</span>
<span class="go"> CacheTimeout 120</span>
<span class="go"> CacheFlush 900</span>
<span class="go"></Plugin></span>
</pre></div>
<p>Fisierul default e mult mai amplu si intuitiv, iar pe site-ul oficial sunt indicatii cum se activeaza diferite plug-inuri. De asemenea daca cautati gasiti si alte plug-unri scrise in diverse limbaje - perl, python..</p>
<p>Plugin-ul <strong>Srrdtool</strong> indica aplicatiei stocarea metricii culese in folderul <em>/var/lib/collectd</em> unde se stocheaza in fisiere impartite pe foldere cu numele masinii si serviciului.</p>
<p>Din fiserele rrd salvate se pot genera diagrame prin diverse interfete:</p>
<ul class="simple">
<li><a class="reference external" href="https://github.com/pommi/CGP">CGP</a> - scris in PHP</li>
<li><a class="reference external" href="https://www.forwiss.uni-passau.de/~berberic/Linux/kcollectd.html">kollectd</a></li>
</ul>
<p>CGP este o aplicatie scrisa in PHP si ruleaza printr-un webserver. Graficele se pot vizualiza pe mai multe intervale in urma (2,8 ore, o zi, o saptamana, luna, an).</p>
<img alt="" src="/images/collectd-cgp.png" />
<p>Din graficele generate si din log-urile de sistem/aplicatii putem cauta sursele problemelor ce apar.</p>
Instalare Kubernetes local sub LXD2018-08-12T00:00:00+03:002018-08-12T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-08-12:/instalare-kubernetes-local-sub-lxd.html<p><a class="reference external" href="https://kubernetes.io/">Kubernetes</a> este un serviciu ce prinde tot mai mult interes in ziua de azi.</p>
<p>Normal kubernetes ruleaza pe masini/Vm multiple care pot cere resurse ce nu sunt disponibile in scop didactic si din <a class="reference external" href="https://kubernetes.io/docs/getting-started-guides/ubuntu/local/">documentatia</a> sa aflam ca putem crea un cluster pe LXD pentru o utilizare mult mai eficienta …</p><p><a class="reference external" href="https://kubernetes.io/">Kubernetes</a> este un serviciu ce prinde tot mai mult interes in ziua de azi.</p>
<p>Normal kubernetes ruleaza pe masini/Vm multiple care pot cere resurse ce nu sunt disponibile in scop didactic si din <a class="reference external" href="https://kubernetes.io/docs/getting-started-guides/ubuntu/local/">documentatia</a> sa aflam ca putem crea un cluster pe LXD pentru o utilizare mult mai eficienta a resurselor disponibile.</p>
<p>Pentru test am folosit o instanta m4.2xlarge disponibila pe AWS ca instanta spot cu urmatoarea configuratie: 8 coruri, 32GB RAM si 100GB SSD si cu Ubuntu 16.04 LTS. (cu un cost mult mai mic de utilizare)</p>
<img alt="" src="/images/aws-spot.png" style="width: 600px;" />
<p>Ca versiune de LXD vom folosi 3.x si inainte vom dezinstala versiunea 2.x ce vine defaut cu sistemul de operare:</p>
<div class="highlight"><pre><span></span><span class="gp">$</span>sudo<span class="w"> </span>apt<span class="w"> </span>purge<span class="w"> </span>lxd<span class="w"> </span>lxd-client<span class="w"> </span>lxcfs<span class="w"> </span>lxc-common<span class="w"> </span>liblxc1
<span class="go">Reading package lists... Done</span>
<span class="go">Building dependency tree</span>
<span class="go">Reading state information... Done</span>
<span class="go">The following packages will be REMOVED:</span>
<span class="go"> liblxc1* lxc-common* lxcfs* lxd* lxd-client*</span>
<span class="go">0 upgraded, 0 newly installed, 5 to remove and 0 not upgraded.</span>
<span class="go">After this operation, 27.0 MB disk space will be freed.</span>
<span class="go">Do you want to continue? [Y/n] y</span>
</pre></div>
<p>Pentru Ubuntu 16.04 lxd - versiunile noi - sunt disponibile ca pachete snap:</p>
<div class="highlight"><pre><span></span><span class="go">sudo snap install lxd --channel=3.0/stable</span>
<span class="go">sudo usermod -a -G lxd $(whoami)</span>
</pre></div>
<p>Vom configura LXD care va folosi sistem de fisiere dir in loc de ZFS, din cauza unor balbe din pachetul kubernetes.</p>
<div class="highlight"><pre><span></span><span class="gp">$ </span>sudo<span class="w"> </span>lxd<span class="w"> </span>init
<span class="go">Would you like to use LXD clustering? (yes/no) [default=no]:</span>
<span class="go">Do you want to configure a new storage pool? (yes/no) [default=yes]:</span>
<span class="go">Name of the new storage pool [default=default]: kube</span>
<span class="go">Name of the storage backend to use (btrfs, ceph, dir, lvm, zfs) [default=zfs]: dir</span>
<span class="go">Would you like to connect to a MAAS server? (yes/no) [default=no]:</span>
<span class="go">Would you like to create a new local network bridge? (yes/no) [default=yes]:</span>
<span class="go">What should the new bridge be called? [default=lxdbr0]:</span>
<span class="go">What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:</span>
<span class="go">What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: none</span>
<span class="go">Would you like LXD to be available over the network? (yes/no) [default=no]:</span>
<span class="go">Would you like stale cached images to be updated automatically? (yes/no) [default=yes]</span>
<span class="go">Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:</span>
</pre></div>
<p>Instalam prin conjure-up custerul de kubernetes:</p>
<div class="highlight"><pre><span></span><span class="go">sudo snap install conjure-up --classic</span>
<span class="go">conjure-up kubernetes</span>
</pre></div>
<img alt="" src="/images/kube-1.png" style="width: 600px;" />
<p>Selectam eventualele aplicatii de monitorizare (eu nu am selectat nimic):</p>
<img alt="" src="/images/kube-2.png" style="width: 600px;" />
<p>Selectam pentru deploy localhost:</p>
<img alt="" src="/images/kube-3.png" style="width: 600px;" />
<img alt="" src="/images/kube-4.png" style="width: 600px;" />
<p>Selectam plugin-ul de retea ce va fi folosit de kubernetes:</p>
<img alt="" src="/images/kube-5.png" style="width: 600px;" />
<p>Parola userului:</p>
<img alt="" src="/images/kube-6.png" style="width: 600px;" />
<p>Aplicatiile necesare pentru kubernetes, ce pot fi configurare fiecare:</p>
<img alt="" src="/images/kube-7.png" style="width: 600px;" />
<p>Am solicitat 5 pod-uri fiecare cu 2 core-uri, 2GB de RAM si 10G de disc:</p>
<img alt="" src="/images/kube-8.png" style="width: 600px;" />
<p>Procesul incepe:</p>
<img alt="" src="/images/kube-9.png" style="width: 600px;" />
<img alt="" src="/images/kube-10.png" style="width: 600px;" />
<p>Pe timpul instalarii sistemul este folosit intens:</p>
<img alt="" src="/images/kube-11.png" style="width: 600px;" />
<p>Etapele instalarii se pot vizualiza pentru fiecare nod/serviciu:</p>
<img alt="" src="/images/kube-12.png" style="width: 600px;" />
<p>La final sunt copiate local configurare clusterului pentru a putea fi administrat de pe masina host cu <em>kubectl</em></p>
<img alt="" src="/images/kube-13.png" style="width: 600px;" />
<p>La final containerele pornite pentru clusterul kubernetes sunt:</p>
<div class="highlight"><pre><span></span><span class="gp">$ </span>lxc<span class="w"> </span>list
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-0 | RUNNING | 10.170.64.81 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-1 | RUNNING | 10.170.64.227 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-10 | RUNNING | 172.17.0.1 (docker0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.170.64.215 (eth0) | | | |</span>
<span class="go">| | | 10.1.84.1 (cni0) | | | |</span>
<span class="go">| | | 10.1.84.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-11 | RUNNING | 172.17.0.1 (docker0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.170.64.139 (eth0) | | | |</span>
<span class="go">| | | 10.1.28.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-2 | RUNNING | 10.170.64.208 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-3 | RUNNING | 10.170.64.196 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-4 | RUNNING | 10.170.64.167 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-5 | RUNNING | 10.170.64.105 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.1.27.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-6 | RUNNING | 10.170.64.123 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.1.66.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-7 | RUNNING | 172.17.0.1 (docker0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.170.64.182 (eth0) | | | |</span>
<span class="go">| | | 10.1.31.1 (cni0) | | | |</span>
<span class="go">| | | 10.1.31.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-8 | RUNNING | 172.17.0.1 (docker0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.170.64.50 (eth0) | | | |</span>
<span class="go">| | | 10.1.64.1 (cni0) | | | |</span>
<span class="go">| | | 10.1.64.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-433f68-9 | RUNNING | 172.17.0.1 (docker0) | | PERSISTENT | 0 |</span>
<span class="go">| | | 10.170.64.148 (eth0) | | | |</span>
<span class="go">| | | 10.1.39.1 (cni0) | | | |</span>
<span class="go">| | | 10.1.39.0 (flannel.1) | | | |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| juju-fd86fa-0 | RUNNING | 10.170.64.157 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+----------------+---------+-----------------------+------+------------+-----------+</span>
</pre></div>
<p>Mai multe despre clusterul kubernetes putem afla prin comanda:</p>
<div class="highlight"><pre><span></span><span class="gp">$</span>kubectl<span class="w"> </span>cluster-info
<span class="go">Kubernetes master is running at https://10.170.64.167:443</span>
<span class="go">Heapster is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/heapster/proxy</span>
<span class="go">KubeDNS is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy</span>
<span class="go">kubernetes-dashboard is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy</span>
<span class="go">Metrics-server is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy</span>
<span class="go">Grafana is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/monitoring-grafana/proxy</span>
<span class="go">InfluxDB is running at https://10.170.64.167:443/api/v1/namespaces/kube-system/services/monitoring-influxdb:http/proxy</span>
</pre></div>
<p>Pentru conectare la interfata dashboard avem nevoie de userul si parola pe care o gasim in fisierul <em>~/.kube/config</em></p>
<div class="highlight"><pre><span></span><span class="gp">$ </span>cat<span class="w"> </span>~/.kube/config
<span class="go">apiVersion: v1</span>
<span class="go">.....</span>
<span class="go">users:</span>
<span class="go"> - name: conjure-canonical-kubern-39c</span>
<span class="go"> user:</span>
<span class="go"> password: zrq856BAHcjgCwEV99l7ML9LxiH8vZhZ</span>
<span class="go"> username: admin</span>
</pre></div>
<img alt="" src="/images/kube-14.png" style="width: 600px;" />
<p>Statusul serviciilor il putem afla cu utilitarul <em>kubectl</em>:</p>
<div class="highlight"><pre><span></span><span class="gp">$ </span>kubectl<span class="w"> </span>get<span class="w"> </span>no,po,services,rc
<span class="go"> NAME STATUS ROLES AGE VERSION</span>
<span class="go"> node/juju-433f68-10 Ready <none> 31m v1.11.1</span>
<span class="go"> node/juju-433f68-11 Ready <none> 31m v1.11.1</span>
<span class="go"> node/juju-433f68-7 Ready <none> 31m v1.11.1</span>
<span class="go"> node/juju-433f68-8 Ready <none> 31m v1.11.1</span>
<span class="go"> node/juju-433f68-9 Ready <none> 31m v1.11.1</span>
<span class="go"> NAME READY STATUS RESTARTS AGE</span>
<span class="go"> pod/default-http-backend-7f9xb 1/1 Running 0 31m</span>
<span class="go"> pod/nginx-ingress-kubernetes-worker-controller-2nzvf 1/1 Running 0 31m</span>
<span class="go"> pod/nginx-ingress-kubernetes-worker-controller-b4l22 1/1 Running 0 31m</span>
<span class="go"> pod/nginx-ingress-kubernetes-worker-controller-khlqg 1/1 Running 0 31m</span>
<span class="go"> pod/nginx-ingress-kubernetes-worker-controller-r8s2b 1/1 Running 0 31m</span>
<span class="go"> pod/nginx-ingress-kubernetes-worker-controller-xv277 1/1 Running 0 31m</span>
<span class="go"> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE</span>
<span class="go"> service/default-http-backend ClusterIP 10.152.183.6 <none> 80/TCP 31m</span>
<span class="go"> service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 33m</span>
<span class="go"> NAME DESIRED CURRENT READY AGE</span>
<span class="go"> replicationcontroller/default-http-backend 1 1 1 31m</span>
</pre></div>
<p>Avand clusterul ruland puteti rula, testa toate serviciile puse la dispozitie de kubernetes. Mult success</p>
<p>O prezentare interesanta de acest subiect puteti urmari pe <a class="reference external" href="https://www.youtube.com/watch?v=kQslklE5dKs">youtube</a></p>
<p>Mai multe legat de LXD puteti gasi in seria de articole <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Sugestii, tutoriale - iulie 20182018-08-05T00:00:00+03:002018-08-05T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-08-05:/sugestii-tutoriale-07-2018.html<p>7 Python libraries for more maintainable code <a class="reference external" href="https://t.co/ejrSjMYP5B">https://t.co/ejrSjMYP5B</a></p>
<p>An opinionated Kubernetes distribution with a focus on long-term on-prem deployments <a class="reference external" href="https://t.co/p8ni8kZAzN">https://t.co/p8ni8kZAzN</a></p>
<p>Cloud agnostic cluster recommendations for Kubernetes <a class="reference external" href="https://t.co/NfiQw8mr57">https://t.co/NfiQw8mr57</a></p>
<p>Google Cloud Platform - The Good, Bad, and Ugly <a class="reference external" href="https://t.co/toMEjbq9B3">https://t.co/toMEjbq9B3</a></p>
<p>Continuous Delivery …</p><p>7 Python libraries for more maintainable code <a class="reference external" href="https://t.co/ejrSjMYP5B">https://t.co/ejrSjMYP5B</a></p>
<p>An opinionated Kubernetes distribution with a focus on long-term on-prem deployments <a class="reference external" href="https://t.co/p8ni8kZAzN">https://t.co/p8ni8kZAzN</a></p>
<p>Cloud agnostic cluster recommendations for Kubernetes <a class="reference external" href="https://t.co/NfiQw8mr57">https://t.co/NfiQw8mr57</a></p>
<p>Google Cloud Platform - The Good, Bad, and Ugly <a class="reference external" href="https://t.co/toMEjbq9B3">https://t.co/toMEjbq9B3</a></p>
<p>Continuous Delivery: Our Setup for Rapid Software Deployment <a class="reference external" href="https://t.co/hj5qrLZyGL">https://t.co/hj5qrLZyGL</a></p>
<p>Improving Page Load Performance: Pingdom, YSlow and GTmetrix <a class="reference external" href="https://t.co/ACPom77Imc">https://t.co/ACPom77Imc</a></p>
<p>Redcore Linux Hardened 1806 (codename Kepler) release <a class="reference external" href="https://t.co/7hsrTfGnQU">https://t.co/7hsrTfGnQU</a></p>
<p>Easily Install Kubernetes on Ubuntu Step by Step <a class="reference external" href="https://t.co/BL99hGmQ3H">https://t.co/BL99hGmQ3H</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Sugestii, tutoriale - iunie 20182018-07-01T00:00:00+03:002018-07-01T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-07-01:/sugestii-tutoriale-06-2018.html<p>How to move/migrate LXD VM to another host on Linux <a class="reference external" href="https://t.co/UvO3QfR8r3">https://t.co/UvO3QfR8r3</a></p>
<p>How to Enable NUX Dexktop Repository on RHEL/CentOS 7/6 <a class="reference external" href="https://t.co/sFS8d1BfU2">https://t.co/sFS8d1BfU2</a></p>
<p>Security-Oriented Alpine #Linux Distro Can Now Be Installed on #RaspberryPi 3 Model B+ @alpinel…<a class="reference external" href="https://t.co/mp8AqtOV1h">https://t.co/mp8AqtOV1h</a></p>
<p>New – Amazon …</p><p>How to move/migrate LXD VM to another host on Linux <a class="reference external" href="https://t.co/UvO3QfR8r3">https://t.co/UvO3QfR8r3</a></p>
<p>How to Enable NUX Dexktop Repository on RHEL/CentOS 7/6 <a class="reference external" href="https://t.co/sFS8d1BfU2">https://t.co/sFS8d1BfU2</a></p>
<p>Security-Oriented Alpine #Linux Distro Can Now Be Installed on #RaspberryPi 3 Model B+ @alpinel…<a class="reference external" href="https://t.co/mp8AqtOV1h">https://t.co/mp8AqtOV1h</a></p>
<p>New – Amazon Linux WorkSpaces <a class="reference external" href="https://t.co/aazZYvS2yb">https://t.co/aazZYvS2yb</a></p>
<p>Tutorial Part 2: Kubernetes up and running on LXC/LXD <a class="reference external" href="https://t.co/gDffijaccN">https://t.co/gDffijaccN</a></p>
<p>Cluster-in-a-Box: Deploying Kubernetes on #LXD <a class="reference external" href="https://t.co/yHtwtygpjk">https://t.co/yHtwtygpjk</a></p>
<p>Shell script to setup an #LXD VM lab for testing purpose <a class="reference external" href="https://t.co/UNwEl9V23o">https://t.co/UNwEl9V23o</a></p>
<p>How to Remove Docker Images, Containers and Volumes <a class="reference external" href="https://t.co/ZbbmM5tvMZ">https://t.co/ZbbmM5tvMZ</a></p>
<p>16 blogs and newsletters to follow for DevOps practitioners <a class="reference external" href="https://t.co/ZUCoulZB0X">https://t.co/ZUCoulZB0X</a></p>
<p>How to Setup Puppet Master and Agent on CentOS 7 <a class="reference external" href="https://t.co/45yAA7sjjX">https://t.co/45yAA7sjjX</a></p>
<p>Apache vs Nginx Performance: Optimization Techniques — SitePoint <a class="reference external" href="https://t.co/OujxGvZKtf">https://t.co/OujxGvZKtf</a></p>
<p>How you can use OpenVPN to safely access private AWS resources <a class="reference external" href="https://t.co/Qwbu1YBGUq">https://t.co/Qwbu1YBGUq</a></p>
<p>How to Install the ELK Stack on CentOS 7 <a class="reference external" href="https://t.co/3cDWepQQmh">https://t.co/3cDWepQQmh</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Customizare containere cu cloud-init in LXD2018-06-15T00:00:00+03:002018-06-15T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-06-15:/customizare-containere-cu-cloud-init-in-lxd.html<p>Atunci avem de configurat un server nou parcurgem cel mai des urmatorii pasi:</p>
<ul class="simple">
<li>actualizare sistem</li>
<li>securizare sistem</li>
<li>creare useri / chei ssh</li>
<li>instalare pachete si configurarelor</li>
</ul>
<p>Acest pas poate lua timp indelungat in cazul multor servere sau plictisitor daca se repeta si expus erorilor umane
la parcurgerea acestor pasi. De aceea …</p><p>Atunci avem de configurat un server nou parcurgem cel mai des urmatorii pasi:</p>
<ul class="simple">
<li>actualizare sistem</li>
<li>securizare sistem</li>
<li>creare useri / chei ssh</li>
<li>instalare pachete si configurarelor</li>
</ul>
<p>Acest pas poate lua timp indelungat in cazul multor servere sau plictisitor daca se repeta si expus erorilor umane
la parcurgerea acestor pasi. De aceea exista exista solutii pentru acest lucru:</p>
<ul class="simple">
<li>sisteme de provisioning / management al configuratiilor : <a class="reference external" href="https://www.ansible.com/use-cases/provisioning">ansible</a> , <a class="reference external" href="https://saltstack.com/salt-open-source/">saltstack</a> , <a class="reference external" href="https://puppet.com/">puppet</a></li>
<li>scripturi ce ruleaza la crearea/pornirea containerelor: <a class="reference external" href="http://cloudinit.readthedocs.io/en/latest/">cloud-init</a></li>
</ul>
<p>Prima optiune fie presupune existenta unei chei ssh pentru conectare sau instalarea unui agent client ce executa comenzi primite de la un master, cea de a doua ruleaza la initializarea containerelor.</p>
<p><strong>Nota:</strong> punem folosi cloud-init sa instalam clientii si sa configuram agentii saltstack (salt-minion), puppet, chef;</p>
<p>Un exemplu de fisier cloud-init (config.yml):</p>
<div class="highlight"><pre><span></span><span class="c1">#cloud-config</span>
<span class="c1"># Apply updates using apt</span>
<span class="nt">package_upgrade</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="c1"># User setup</span>
<span class="nt">users</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">cristian</span>
<span class="w"> </span><span class="nt">ssh-authorized-keys</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="err">**</span><span class="nv">*inserati</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">cheia public aici***</span>
<span class="w"> </span><span class="nt">sudo</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">'ALL=(ALL)</span><span class="nv"> </span><span class="s">NOPASSWD:ALL'</span><span class="p p-Indicator">]</span>
<span class="w"> </span><span class="nt">groups</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">sudo</span>
<span class="w"> </span><span class="nt">shell</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/bin/bash</span>
<span class="c1"># Install packages</span>
<span class="nt">packages</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">openssh-server</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nginx</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-common</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-cli</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-common</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-fpm</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-gd</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-mysql</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-opcache</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">php-pear</span>
</pre></div>
<p>Cum puteti realiza configurari avansate gasiti in documentatia oficiala <a class="reference external" href="http://cloudinit.readthedocs.io/en/latest/topics/examples.html">aici</a>.</p>
<p>Acest fisier va fi inserat in configuratia containerului in variabila <strong>user.user-data</strong>:</p>
<div class="highlight"><pre><span></span><span class="go">lxc init ubuntu:18.04 u2</span>
<span class="go">lxc config set u2 user.user-data - < config.yml</span>
</pre></div>
<p>Acum configuratia containerului va fi:</p>
<div class="highlight"><pre><span></span><span class="nt">architecture</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">x86_64</span>
<span class="nt">config</span><span class="p">:</span>
<span class="nt">image.architecture</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">amd64</span>
<span class="nt">image.description</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ubuntu 18.04 LTS amd64 (release) (20180613)</span>
<span class="nt">image.label</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">release</span>
<span class="nt">image.os</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ubuntu</span>
<span class="nt">image.release</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bionic</span>
<span class="nt">image.serial</span><span class="p">:</span><span class="w"> </span><span class="s">"20180613"</span>
<span class="nt">image.version</span><span class="p">:</span><span class="w"> </span><span class="s">"18.04"</span>
<span class="nt">user.user-data</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|</span>
<span class="w"> </span><span class="no">#cloud-config</span>
<span class="w"> </span><span class="no"># Apply updates using apt</span>
<span class="w"> </span><span class="no">package_upgrade: true</span>
<span class="w"> </span><span class="no">#User setup</span>
<span class="w"> </span><span class="no">users:</span>
<span class="w"> </span><span class="no">- name: cristian</span>
<span class="w"> </span><span class="no">ssh-authorized-keys:</span>
<span class="w"> </span><span class="no">- ssh-rsa AAAAB<editat>dfQ== cristi@cristi</span>
<span class="w"> </span><span class="no">sudo: ['ALL=(ALL) NOPASSWD:ALL']</span>
<span class="w"> </span><span class="no">groups: sudo</span>
<span class="w"> </span><span class="no">shell: /bin/bash</span>
<span class="w"> </span><span class="no"># Install packages</span>
<span class="w"> </span><span class="no">packages:</span>
<span class="w"> </span><span class="no">- openssh-server</span>
<span class="w"> </span><span class="no">- nginx</span>
<span class="w"> </span><span class="no">- php-common</span>
<span class="w"> </span><span class="no">- php</span>
<span class="w"> </span><span class="no">- php-cli</span>
<span class="w"> </span><span class="no">- php-common</span>
<span class="w"> </span><span class="no">- php-fpm</span>
<span class="w"> </span><span class="no">- php-gd</span>
<span class="w"> </span><span class="no">- php-mysql</span>
<span class="w"> </span><span class="no">- php-opcache</span>
<span class="w"> </span><span class="no">- php-pear</span>
<span class="nt">volatile.apply_template</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">create</span>
<span class="nt">volatile.base_image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ae465acff89b1a40b20b9143f97d627175e2d4886e03c06978bb930368a2341c</span>
<span class="nt">volatile.eth0.hwaddr</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">00:16:3e:cf:6c:f7</span>
<span class="nt">volatile.idmap.base</span><span class="p">:</span><span class="w"> </span><span class="s">"0"</span>
<span class="nt">volatile.idmap.next</span><span class="p">:</span><span class="w"> </span><span class="s">'[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'</span>
<span class="nt">volatile.last_state.idmap</span><span class="p">:</span><span class="w"> </span><span class="s">'[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'</span>
<span class="nt">devices</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">{}</span>
<span class="nt">ephemeral</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="nt">profiles</span><span class="p">:</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span>
<span class="nt">stateful</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="s">""</span>
</pre></div>
<p>Acum putem porni containerul:</p>
<div class="highlight"><pre><span></span><span class="go">lxc start u2</span>
</pre></div>
<p>Asteptam cateva minute ca scriptul sa ruleze si putem verifica rezultatul.</p>
<p>De asemenea putem vizualiza log-ul procesului cloud-init:</p>
<div class="highlight"><pre><span></span><span class="go">tail -f /var/log/cloud-init.log</span>
</pre></div>
<p>sau rezultatul comenzilor rulate de cloud-init in fisierul:</p>
<div class="highlight"><pre><span></span><span class="go">tail -f /var/log/cloud-init-output.log</span>
</pre></div>
<p><strong>Nota:</strong></p>
<ul class="simple">
<li>am reusit rularea acesti pasi doar folosind imaginile oficiale Ubuntu ce includ pachetul cloud-init.</li>
<li>imaginile CentOS nu includ cloud-init default, si trebuie realizate imagini personalizate cu acest pachet. Eu nu am putut crea o imagine CentOS 7 care sa functioneze (versiunea de pachet fie e prea veche, sau include bug-uri).</li>
</ul>
<p><strong>Update 15 Nov 2019:</strong></p>
<p>Cloud-init a fost inclus in imaginile <strong>cloud</strong> de pe <a class="reference external" href="https://images.linuxcontainers.org/">images.linuxcontainers.org</a> ca de exemplu:</p>
<ul class="simple">
<li>centos/7/cloud</li>
<li>debian/10/cloud</li>
<li>fedora/31/cloud</li>
</ul>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Sugestii, tutoriale - mai 20182018-06-10T00:00:00+03:002018-06-10T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-06-10:/sugestii-tutoriale-05-2018.html<p>Analyzing Docker Container Performance <a class="reference external" href="https://t.co/CRkTv0fEbz">https://t.co/CRkTv0fEbz</a></p>
<p>10 layers of Linux container security <a class="reference external" href="https://t.co/JcbbejjuVk">https://t.co/JcbbejjuVk</a></p>
<p>50+ Useful Docker Tools <a class="reference external" href="https://t.co/1YQadDZ1IH">https://t.co/1YQadDZ1IH</a></p>
<p>How to Manage Oracle VirtualBox Virtual Machines from Command Line <a class="reference external" href="https://t.co/bsYkHOWe8d">https://t.co/bsYkHOWe8d</a></p>
<p>How to install and setup #LXD on Fedora <a class="reference external" href="https://t.co/UYi4he8uf6">https://t …</a></p><p>Analyzing Docker Container Performance <a class="reference external" href="https://t.co/CRkTv0fEbz">https://t.co/CRkTv0fEbz</a></p>
<p>10 layers of Linux container security <a class="reference external" href="https://t.co/JcbbejjuVk">https://t.co/JcbbejjuVk</a></p>
<p>50+ Useful Docker Tools <a class="reference external" href="https://t.co/1YQadDZ1IH">https://t.co/1YQadDZ1IH</a></p>
<p>How to Manage Oracle VirtualBox Virtual Machines from Command Line <a class="reference external" href="https://t.co/bsYkHOWe8d">https://t.co/bsYkHOWe8d</a></p>
<p>How to install and setup #LXD on Fedora <a class="reference external" href="https://t.co/UYi4he8uf6">https://t.co/UYi4he8uf6</a></p>
<p>Running Selenium tests with Docker Compose <a class="reference external" href="https://t.co/NAALvbIKRQ">https://t.co/NAALvbIKRQ</a></p>
<p>Ops School Curriculum <a class="reference external" href="https://t.co/LHzmY3mms4">https://t.co/LHzmY3mms4</a></p>
<p>Awesome-Monitoring <a class="reference external" href="https://t.co/WDd45gYkOI">https://t.co/WDd45gYkOI</a></p>
<p>Wait, are we still sysadmins? <a class="reference external" href="https://t.co/hmApgNH9og">https://t.co/hmApgNH9og</a></p>
<p>30+ resources for modern IT Ops professionals <a class="reference external" href="https://t.co/oNiEyCTJul">https://t.co/oNiEyCTJul</a></p>
<p>How to Run Your Own Git Server <a class="reference external" href="https://t.co/Gj0saNiy9R">https://t.co/Gj0saNiy9R</a></p>
<p>How to Use an Ansible Playbook To Install WordPress on Ubuntu <a class="reference external" href="https://t.co/ruKU7Dxvix">https://t.co/ruKU7Dxvix</a></p>
<p>Mark Text: FOSS Markdown Editor With Realtime Preview <a class="reference external" href="https://t.co/gxedHWeD7F">https://t.co/gxedHWeD7F</a></p>
<p>How to add network bridge with nmcli (NetworkManager) on Linux <a class="reference external" href="https://t.co/Nk40hOOpMm">https://t.co/Nk40hOOpMm</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Rulare aplicatii grafice in LXD2018-06-09T00:00:00+03:002018-06-09T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-06-09:/rulare-aplicatii-grafice-in-lxd.html<p>Containere ce ruleaza in LXD nu sunt limitate la aplicatii de consola sau servicii ci pot rula medii grafice, chiar un desktop complet.</p>
<p>Instalam desktop-ul preferat si un server de RDP - xrdp - pentru accesare remote a desktop-ului.</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch ubuntu:18.04 lxde</span>
<span class="go">lxc exec lxde -- apt install -y lxde …</span></pre></div><p>Containere ce ruleaza in LXD nu sunt limitate la aplicatii de consola sau servicii ci pot rula medii grafice, chiar un desktop complet.</p>
<p>Instalam desktop-ul preferat si un server de RDP - xrdp - pentru accesare remote a desktop-ului.</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch ubuntu:18.04 lxde</span>
<span class="go">lxc exec lxde -- apt install -y lxde xrdp</span>
<span class="go">lxc exec lxde -- adduser remote</span>
<span class="go">lxc exec lxde -- systemctl enable xrdp</span>
<span class="go">lxc exec lxde -- systemctl start xrdp</span>
<span class="go">lxc list</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| lxde | RUNNING | 192.168.25.111 (eth0) | | PERSISTENT | 0 |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
</pre></div>
<p>Folosind un client preferat de rdp (krdc sau cel din windows) ne putem conecta la container</p>
<img alt="" src="/images/krdc-lxd.png" />
<img alt="" src="/images/lxde-lxd.png" />
<p>De asemenea puteti permite accesul la GPU si sa forward-ati sunetul. Mai mule detalii gasiti in documentatia oficiala.</p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Manipulare si creare imagini in LXD2018-05-28T00:00:00+03:002018-05-28T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-05-28:/manipulare-si-creare-imagini-in-lxd.html<p>Containerele LXD folosesc pentru start imagini preconfigurate din repository externe sau locale. Surse principale de imagini de boot sunt <a class="reference external" href="https://us.images.linuxcontainers.org/">linuxcontainers.org</a> si <a class="reference external" href="https://cloud-images.ubuntu.com/">Ubuntu</a>.</p>
<p>Aceste surse sunt numite <strong>remote</strong> in LXD:</p>
<div class="highlight"><pre><span></span><span class="go">lxc remote list</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| NAME | URL | PROTOCOL | AUTH TYPE | PUBLIC | STATIC |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| images | https://images.linuxcontainers.org | simplestreams | | YES | NO |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| local (default …</span></pre></div><p>Containerele LXD folosesc pentru start imagini preconfigurate din repository externe sau locale. Surse principale de imagini de boot sunt <a class="reference external" href="https://us.images.linuxcontainers.org/">linuxcontainers.org</a> si <a class="reference external" href="https://cloud-images.ubuntu.com/">Ubuntu</a>.</p>
<p>Aceste surse sunt numite <strong>remote</strong> in LXD:</p>
<div class="highlight"><pre><span></span><span class="go">lxc remote list</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| NAME | URL | PROTOCOL | AUTH TYPE | PUBLIC | STATIC |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| images | https://images.linuxcontainers.org | simplestreams | | YES | NO |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| local (default) | unix:// | lxd | tls | NO | YES |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| ubuntu | https://cloud-images.ubuntu.com/releases | simplestreams | | YES | YES |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
<span class="go">| ubuntu-daily | https://cloud-images.ubuntu.com/daily | simplestreams | | YES | YES |</span>
<span class="go">+-----------------+------------------------------------------+---------------+-----------+--------+--------+</span>
</pre></div>
<p>Imaginile diponibile in aceste surse pot fi listate sau cautate facil:</p>
<div class="highlight"><pre><span></span><span class="go">lxc image list images:</span>
<span class="go">lxc image list images:debian</span>
</pre></div>
<p>La lansarea unui container folosind o imagine remote aceasta este salvata si local si de obicei este actualizata zilnic.</p>
<div class="highlight"><pre><span></span><span class="go">lxc image list</span>
<span class="go">+-------+--------------+--------+---------------------------------------+--------+----------+------------------------------+</span>
<span class="go">| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | SIZE | UPLOAD DATE |</span>
<span class="go">+-------+--------------+--------+---------------------------------------+--------+----------+------------------------------+</span>
<span class="go">| | d071fb38b248 | no | Debian stretch amd64 (20180527_05:25) | x86_64 | 110.20MB | May 27, 2018 at 9:40am (UTC) |</span>
<span class="go">+-------+--------------+--------+---------------------------------------+--------+----------+------------------------------+</span>
</pre></div>
<p>Informatii detaliate putem afla:</p>
<div class="highlight"><pre><span></span><span class="go">lxc image info d071fb38b248</span>
<span class="go">Fingerprint: d071fb38b248d1a6004a98490b3bd028322678f71deddc3ed2eef3324a54a46d</span>
<span class="go">Size: 110.20MB</span>
<span class="go">Architecture: x86_64</span>
<span class="go">Public: no</span>
<span class="go">Timestamps:</span>
<span class="go">Created: 2018/05/27 00:00 UTC</span>
<span class="go">Uploaded: 2018/05/27 09:40 UTC</span>
<span class="go">Expires: never</span>
<span class="go">Last used: 2018/05/19 14:25 UTC</span>
<span class="go">Properties:</span>
<span class="go">serial: 20180527_05:25</span>
<span class="go">architecture: amd64</span>
<span class="go">description: Debian stretch amd64 (20180527_05:25)</span>
<span class="go">os: Debian</span>
<span class="go">release: stretch</span>
<span class="go">Aliases:</span>
<span class="go">Cached: yes</span>
<span class="go">Auto update: enabled</span>
<span class="go">Source:</span>
<span class="go">Server: https://images.linuxcontainers.org</span>
<span class="go">Protocol: simplestreams</span>
<span class="go">Alias: debian/9</span>
</pre></div>
<p>Putem importa imagini local pentru o utilizare ulterioara.</p>
<div class="highlight"><pre><span></span><span class="go">lxc image copy ubuntu:16.04 local: --alias my-ubuntu</span>
</pre></div>
<p>In mod obisnuit se doreste crearea unei imagini personalizate ce sa includa diverse pachete pornind de la o imagine oficiala. Acest lucru poate fi obtinut:</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch images:debian/9 my-container</span>
<span class="go">lxc exec my-container bash</span>
<span class="go"><modifcam ce dorim></span>
<span class="go">lxc publish my-container --alias my-debian</span>
</pre></div>
<p>Cand ulterior dorim sa pornim un container folosind imaginea creata:</p>
<div class="highlight"><pre><span></span><span class="go">lxc launch my-debian g22</span>
</pre></div>
<p>Imaginile proprii pot fi facute accesibile fie printr-un serviciu LXD accesibil in retea sau server web. Pentru acest lucru va rog folositi documentatia oficiala</p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Interactiunea cu containerele in LXD2018-05-18T00:00:00+03:002018-05-18T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-05-18:/interactiunea-cu-containere-in-lxd.html<p>LXD permite executia de comenzi direct in container. Aceasta facilitate e folosita cel mai des pentru rularea de comenzi administrative. Avantajul fata de SSH este ca depindem ca accesarea containerului prin retea sau existenta user serviciu/configuratie pe acesta.</p>
<p>Comenzile ce se ruleaza in interiorul containerului vor rula ca root …</p><p>LXD permite executia de comenzi direct in container. Aceasta facilitate e folosita cel mai des pentru rularea de comenzi administrative. Avantajul fata de SSH este ca depindem ca accesarea containerului prin retea sau existenta user serviciu/configuratie pe acesta.</p>
<p>Comenzile ce se ruleaza in interiorul containerului vor rula ca root cu variabile de sistem limitate.</p>
<p>Rularea unei comenzi:</p>
<div class="highlight"><pre><span></span><span class="go">lxc exec u1 /bin/bash</span>
<span class="go">lxc exec u1 -- ls -lh</span>
<span class="go">lxc exec u1 -- apt update</span>
</pre></div>
<p>Pentru ca LXD are access direct la sistemul de fisiere al containerelor, poate direct citi si scrie orice fisier in container. Astfel putem extrage log-uri sau modifica fisiere cu containerele.</p>
<p>Extragerea unui fiser:</p>
<div class="highlight"><pre><span></span><span class="go">lxc file pull u1/etc/hosts hosts</span>
</pre></div>
<p>Vizualizarea direct in consola:</p>
<div class="highlight"><pre><span></span><span class="go">lxc file pull u1/etc/hosts -</span>
<span class="go">127.0.0.1 localhost</span>
<span class="gp"># </span>The<span class="w"> </span>following<span class="w"> </span>lines<span class="w"> </span>are<span class="w"> </span>desirable<span class="w"> </span><span class="k">for</span><span class="w"> </span>IPv6<span class="w"> </span>capable<span class="w"> </span>hosts
<span class="go">::1 ip6-localhost ip6-loopback</span>
<span class="go">fe00::0 ip6-localnet</span>
<span class="go">ff00::0 ip6-mcastprefix</span>
<span class="go">ff02::1 ip6-allnodes</span>
<span class="go">ff02::2 ip6-allrouters</span>
<span class="go">ff02::3 ip6-allhosts</span>
</pre></div>
<p>Inserarea unui fisier:</p>
<div class="highlight"><pre><span></span><span class="go">lxc file push host_new u1/etc/hosts</span>
</pre></div>
<p>Editarea directa a unui fiser in container:</p>
<div class="highlight"><pre><span></span><span class="go">lxc file edit u1/etc/hosts</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Sugestii, tutoriale - apr 20182018-05-16T00:00:00+03:002018-05-16T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-05-16:/sugestii-tutoriale-04-2018.html<p>How To Set Up an OpenVPN Server <a class="reference external" href="https://t.co/cSYOgpq3qR">https://t.co/cSYOgpq3qR</a></p>
<p>Using SQL to query Kafka, MongoDB, MySQL, PostgreSQL and Redis with Presto <a class="reference external" href="https://t.co/y66dR6ipRQ">https://t.co/y66dR6ipRQ</a></p>
<p>Flask 1.0 is out <a class="reference external" href="https://t.co/axIRNR53YO">https://t.co/axIRNR53YO</a></p>
<p>How to grow aka extend ZFS datasets and Volumes?`https://t.co/uwbOB4FcPL <<a class="reference external" href="https://t.co/uwbOB4FcPL">https …</a></p><p>How To Set Up an OpenVPN Server <a class="reference external" href="https://t.co/cSYOgpq3qR">https://t.co/cSYOgpq3qR</a></p>
<p>Using SQL to query Kafka, MongoDB, MySQL, PostgreSQL and Redis with Presto <a class="reference external" href="https://t.co/y66dR6ipRQ">https://t.co/y66dR6ipRQ</a></p>
<p>Flask 1.0 is out <a class="reference external" href="https://t.co/axIRNR53YO">https://t.co/axIRNR53YO</a></p>
<p>How to grow aka extend ZFS datasets and Volumes?`https://t.co/uwbOB4FcPL <<a class="reference external" href="https://t.co/uwbOB4FcPL">https://t.co/uwbOB4FcPL</a>>`_</p>
<p>LXD on Centos 7 <a class="reference external" href="https://t.co/IusP5apMe2">https://t.co/IusP5apMe2</a></p>
<p>From zero to LXD: Installing a private compute cloud ... <a class="reference external" href="https://t.co/qwL416UdPt">https://t.co/qwL416UdPt</a></p>
<p>How to run commands on Linux Container (LXD) instance at provision launch time <a class="reference external" href="https://t.co/QIW91WpEdO">https://t.co/QIW91WpEdO</a></p>
<p>Make your Laravel App Fly with PHP OPcache <a class="reference external" href="https://t.co/HSFSkOxXS7">https://t.co/HSFSkOxXS7</a></p>
<p>A curated list of amazingly awesome Twig extensions, snippets and tutorials <a class="reference external" href="https://t.co/qrkLRolwr1">https://t.co/qrkLRolwr1</a></p>
<p>Bootstrap 4.1 <a class="reference external" href="https://t.co/BhYqQkqQCZ">https://t.co/BhYqQkqQCZ</a></p>
<p>Cashier: A self-service CA for OpenSSH <a class="reference external" href="https://t.co/b1QlBGtzf6">https://t.co/b1QlBGtzf6</a></p>
<p>The Inside Story of Reddit's Redesign <a class="reference external" href="https://t.co/YeDmUy2pux">https://t.co/YeDmUy2pux</a></p>
<p>How to Install Ansible AWX on CentOS 7 <a class="reference external" href="https://t.co/oAExAshCU6">https://t.co/oAExAshCU6</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Salvare si restaurare containere in LXD2018-05-13T00:00:00+03:002018-05-13T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-05-13:/salvare-si-restaurare-containere-in-lxd.html<p>Uneori dorim salvam un container fie pentru backup periodic ori inainte de rularea unor comenzi riscante. LXD ne ajuta prin posibilitatea de a crea snapshot-uri la containere.</p>
<p>Crearea unui snapshot</p>
<div class="highlight"><pre><span></span><span class="go">lxc snapshot u1</span>
<span class="go">lxc snapshot u1 arhiva-20180513</span>
</pre></div>
<p>Aceste snapshot-uri sunt listate in lista sau in lista de informatii</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>lxc<span class="w"> </span>list …</pre></div><p>Uneori dorim salvam un container fie pentru backup periodic ori inainte de rularea unor comenzi riscante. LXD ne ajuta prin posibilitatea de a crea snapshot-uri la containere.</p>
<p>Crearea unui snapshot</p>
<div class="highlight"><pre><span></span><span class="go">lxc snapshot u1</span>
<span class="go">lxc snapshot u1 arhiva-20180513</span>
</pre></div>
<p>Aceste snapshot-uri sunt listate in lista sau in lista de informatii</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>lxc<span class="w"> </span>list
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| u1 | RUNNING | 192.168.25.120 (eth0) | | PERSISTENT | 1 |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="gp"># </span>lxc<span class="w"> </span>info<span class="w"> </span>u1
<span class="go">....</span>
<span class="go">Snapshots:</span>
<span class="go"> snap0 (taken at 2018/05/13 14:35 UTC) (stateless)</span>
</pre></div>
<p>Un container poate fi restaurat la starea salvata rapid:</p>
<div class="highlight"><pre><span></span><span class="go">lxc restore u1 arhiva-20180513</span>
</pre></div>
<p>Un snapshot poate fi de asemenea transformat intr-un nou container:</p>
<div class="highlight"><pre><span></span><span class="go">lxc copy u1/arhiva-20180513 u2</span>
<span class="gp"># </span>lxc<span class="w"> </span>list
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| u1 | RUNNING | 192.168.25.120 (eth0) | | PERSISTENT | 1 |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
<span class="go">| u2 | STOPPED | | | PERSISTENT | 0 |</span>
<span class="go">+-------------+---------+-----------------------+------+------------+-----------+</span>
</pre></div>
<p>In cazul ca dorim sa renuntam la un snapshot acesta poate fi sters:</p>
<div class="highlight"><pre><span></span><span class="go">lxc delete u1/arhiva-20180513</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Alocare resurse pentru containere in LXD2018-04-29T00:00:00+03:002018-04-29T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-04-29:/alocare-resurse-pentru-containere-in-lxd.html<p>Implicit containerele pornite in LXD au access la toate resursele disponibile: procesor, memorie, retea, spatiu de stocare.</p>
<p>Limitarile de resurse pot fi definite la nivel de profil sau instanta si aplicate la pornirea/initializarea containerelor.</p>
<div class="section" id="procesor">
<h2>Procesor</h2>
<p>Din punct de vedere al resurselor CPU sunt suportate 4 moduri:</p>
<ul class="simple">
<li>alocare X nuclee …</li></ul></div><p>Implicit containerele pornite in LXD au access la toate resursele disponibile: procesor, memorie, retea, spatiu de stocare.</p>
<p>Limitarile de resurse pot fi definite la nivel de profil sau instanta si aplicate la pornirea/initializarea containerelor.</p>
<div class="section" id="procesor">
<h2>Procesor</h2>
<p>Din punct de vedere al resurselor CPU sunt suportate 4 moduri:</p>
<ul class="simple">
<li>alocare X nuclee (core-uri)</li>
<li>alocare specifica nucleelor (1,3 sau 5)</li>
<li>alocare de procent de CPU</li>
<li>alocare timp de executie per procesor</li>
</ul>
<p>Limtarea ca numar de nuclee:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.cpu 2</span>
</pre></div>
<p>Limtarea specifica de nuclee:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.cpu 1,3</span>
</pre></div>
<p>Alocare procentuala de resurse CPU:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.cpu.allowance 10%</span>
</pre></div>
<p>Alocare timpului de executie la CPU:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.cpu.allowance 25ms/200ms</span>
</pre></div>
<p>Ori daca dorim ca containerul sa aibe prioritatea minima la rulare:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.cpu.priority 0</span>
</pre></div>
</div>
<div class="section" id="memorie">
<h2>Memorie</h2>
<p>Limitarea memoriei disponibile pentru un container:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.memory 2GB</span>
</pre></div>
<p>Dezactivarea memoriei swap (implicit este activata):</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 limits.memory.swap false</span>
</pre></div>
</div>
<div class="section" id="disc">
<h2>Disc</h2>
<p>Limitarea spatiului de disc utilizat de un container se ajusta (cand folosim ZFS/btrfs):</p>
<div class="highlight"><pre><span></span><span class="go">lxc exec u1 -- df -h</span>
<span class="go">Filesystem Size Used Avail Use% Mounted on</span>
<span class="go">lxd001/containers/u1 21G 853M 20G 5% /</span>
<span class="go">lxc config device set u1 root size 40GB</span>
<span class="go">lxc exec u1 -- df -h</span>
<span class="go">Filesystem Size Used Avail Use% Mounted on</span>
<span class="go">lxd001/containers/u1 41G 853M 40G 3% /</span>
</pre></div>
<p>Daca discul nu este specificat in configuratie, adica se mosteneste setarile de la profil, atunci putem ajusta prin:</p>
<div class="highlight"><pre><span></span><span class="go">lxc stop u1</span>
<span class="go">lxc config device add u1 root disk path=/ pool=lxd001 size=40GB</span>
<span class="go">lxc start u1</span>
<span class="go">lxc exec u1 -- df -h</span>
<span class="go">Filesystem Size Used Avail Use% Mounted on</span>
<span class="go">lxd001/containers/u1 41G 853M 40G 3% /</span>
</pre></div>
<p>De asemenea putem modifica si viteza se citire/scriere pe disc:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config device set u1 root limits.read 30MB</span>
<span class="go">lxc config device set u1 root limits.write 10MB</span>
<span class="go">lxc config device set u1 root limits.read 20Iops</span>
<span class="go">lxc config device set u1 root limits.write 10Iops</span>
</pre></div>
<p>sau putem seta prioritatea de citire/scriere (0 la 10):</p>
<div class="highlight"><pre><span></span><span class="go">lxc config set u1 root limits.disk.priority 10</span>
</pre></div>
</div>
<div class="section" id="retea">
<h2>Retea</h2>
<p>Setarile se aplica similar ca la disc:</p>
<div class="highlight"><pre><span></span><span class="go">lxc config device set u1 eth0 limits.ingress 50Mbit</span>
<span class="go">lxc config device set u1 eth0 limits.egress 100Mbit</span>
<span class="go">lxc config set u1 limits.network.priority 5</span>
</pre></div>
<p>Toate aceste alocari de resurse se pot aplica si la nivel de profil, cu aplicare la toate containere ce il folosesc</p>
<div class="highlight"><pre><span></span><span class="go">lxc profile set dual limits.cpu 2</span>
<span class="go">lxc profile set dual limits.memory 1GB</span>
<span class="go">lxc profile set dual root size 15GB</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
</div>
Profile retele si volume in LXD2018-04-23T00:00:00+03:002018-04-23T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-04-23:/profile-retele-si-volume-in-lxd.html<p>Inainte de a prezenta modul de lucru cu containere e bine sa prezint cateva elemente folosite in mediul LXD:</p>
<ul class="simple">
<li>profile (profile)</li>
<li>retele (network)</li>
<li>stocare si volume (storage and volume)</li>
</ul>
<div class="section" id="profile">
<h2>Profile</h2>
<p>VM se pot defini prin profile unde sunt / pot fi predefinite:</p>
<ul class="simple">
<li>interfetele de retea</li>
<li>retele unde se conecteaza</li>
<li>numarul de …</li></ul></div><p>Inainte de a prezenta modul de lucru cu containere e bine sa prezint cateva elemente folosite in mediul LXD:</p>
<ul class="simple">
<li>profile (profile)</li>
<li>retele (network)</li>
<li>stocare si volume (storage and volume)</li>
</ul>
<div class="section" id="profile">
<h2>Profile</h2>
<p>VM se pot defini prin profile unde sunt / pot fi predefinite:</p>
<ul class="simple">
<li>interfetele de retea</li>
<li>retele unde se conecteaza</li>
<li>numarul de core-uri</li>
<li>RAM</li>
<li>spatiul pe disk</li>
</ul>
<p>Initial se creaza profilul <em>default</em>:</p>
<div class="highlight"><pre><span></span><span class="nt">config</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">{}</span>
<span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Default LXD profile</span>
<span class="nt">devices</span><span class="p">:</span>
<span class="w"> </span><span class="nt">eth0</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">eth0</span>
<span class="w"> </span><span class="nt">nictype</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bridged</span>
<span class="w"> </span><span class="nt">parent</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">br0</span>
<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nic</span>
<span class="w"> </span><span class="nt">root</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/</span>
<span class="w"> </span><span class="nt">pool</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">lxd001</span>
<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">disk</span>
<span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span>
<span class="nt">used_by</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[]</span>
</pre></div>
<p>ce defineste VM ca se va conecta cu interfata <strong>eth0</strong> la bridge <strong>br0</strong> si va avea partia / pe pool lxd001 definit anterior de marime nedefinita.</p>
<p>Un profil mai complex cu doua interfete si partitia / de 25G:</p>
<div class="highlight"><pre><span></span><span class="nt">config</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">{}</span>
<span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Dual link profile</span>
<span class="nt">devices</span><span class="p">:</span>
<span class="w"> </span><span class="nt">eth0</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">eth0</span>
<span class="w"> </span><span class="nt">nictype</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bridged</span>
<span class="w"> </span><span class="nt">parent</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">br0</span>
<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nic</span>
<span class="w"> </span><span class="nt">eth1</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">eth1</span>
<span class="w"> </span><span class="nt">nictype</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bridged</span>
<span class="w"> </span><span class="nt">parent</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">lxdbr0</span>
<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nic</span>
<span class="w"> </span><span class="nt">root</span><span class="p">:</span>
<span class="w"> </span><span class="nt">path</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/</span>
<span class="w"> </span><span class="nt">pool</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default=lxd001</span>
<span class="w"> </span><span class="nt">size</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">25GB</span>
<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">disk</span>
<span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">dual-25G</span>
<span class="nt">used_by</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[]</span>
</pre></div>
<p>Mai multe informatii legate de parametrii de confgurare gasiti <a class="reference external" href="https://lxd.readthedocs.io/en/latest/containers/">aici</a>.</p>
<p>Operatii asupra profilelor:</p>
<div class="highlight"><pre><span></span><span class="go">lxc profile list</span>
<span class="go">lxc profile show default</span>
<span class="go">lxc profile create dual</span>
<span class="go">lxc profile edit dual</span>
<span class="go">lxc profile delete dual</span>
</pre></div>
</div>
<div class="section" id="retele">
<h2>Retele</h2>
<p>Retele la care sunt conectate VM se definesc prin bridge-uri, care pot fi conectate via NAT la reteaua fizica a gazdei, pot
oferi servicii de dhcp si DNS pe IPV4 si IPV6:</p>
<div class="highlight"><pre><span></span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">ipv4.address</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10.213.199.1/24</span>
<span class="w"> </span><span class="nt">ipv4.nat</span><span class="p">:</span><span class="w"> </span><span class="s">"true"</span>
<span class="w"> </span><span class="nt">ipv6.address</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">none</span>
<span class="w"> </span><span class="nt">ipv6.nat</span><span class="p">:</span><span class="w"> </span><span class="s">"false"</span>
<span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Internal network</span>
<span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">lxdbr0</span>
<span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bridge</span>
<span class="l l-Scalar l-Scalar-Plain">used_by:[]</span>
<span class="nt">managed</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="nt">status</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Created</span>
<span class="nt">locations</span><span class="p">:</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">none</span>
</pre></div>
<p>Mai multi parametrii de configurare va sunt explicati in <a class="reference external" href="https://lxd.readthedocs.io/en/latest/networks/">pagina</a> dedicata din documentatie</p>
<p>Aceste retele pot fi atasate la VM sau profile prin interfete virtuale.</p>
<p>Operatii asupra retelelor:</p>
<div class="highlight"><pre><span></span><span class="go">lxc network list</span>
<span class="go">lxc network show lxdbr0</span>
<span class="go">lxc network create lxdbr0</span>
<span class="go">lxc network edit lxdbr0make</span>
<span class="go">lxc network delete lxdbr0</span>
<span class="go">lxc network attach-profile dual lxdbr0 eth1 eth1</span>
</pre></div>
</div>
<div class="section" id="volume">
<h2>Volume</h2>
<p>Discurile virtuale - volume - se definesc ca dataset-uri in sistemul de fisiere ZFS. Acestea se pot crea, atasa prin profile sau ulterior</p>
<div class="highlight"><pre><span></span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">size</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10GB</span>
<span class="w"> </span><span class="nt">volatile.idmap.last</span><span class="p">:</span><span class="w"> </span><span class="s">'[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'</span>
<span class="w"> </span><span class="nt">volatile.idmap.next</span><span class="p">:</span><span class="w"> </span><span class="s">'[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'</span>
<span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="s">""</span>
<span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">data01</span>
<span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">custom</span>
<span class="l l-Scalar l-Scalar-Plain">used_by:[]</span>
<span class="nt">location</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">none</span>
</pre></div>
<p>Descrierea optiunilor le gasiti in <a class="reference external" href="https://lxd.readthedocs.io/en/latest/storage/#storage-volume-configuration">sectiunea</a> dedicata din documentatie</p>
<p>Operatii asupra volumelor:</p>
<div class="highlight"><pre><span></span><span class="go">lxc storage volume list</span>
<span class="go">lxc storage volume show lxd001 data01</span>
<span class="go">lxc storage volume create lxd001 data01</span>
<span class="go">lxc storage volume create lxd001 data01 size=10GB</span>
<span class="go">lxc storage volume attach lxd001 data01 node1 lxd001/custom/data01 /mnt/upload</span>
<span class="go">lxc storage volume detach lxd001 data01 node1</span>
<span class="go">lxc storage volume delete lxd001 data01</span>
</pre></div>
<p>Daca nu se specifica marimea volumului (dataset ZFS) acesta va putea ocupa tot spatiul disponibil. Ulterior marimea dataset-ului - <strong>quota</strong> poate fi modificata prin ZFS:</p>
<div class="highlight"><pre><span></span><span class="go">zfs get quota lxd001/containers/salt-master</span>
<span class="go">NAME PROPERTY VALUE SOURCE</span>
<span class="go">lxd001/containers/salt-master quota none default</span>
<span class="go">zfs set quota=25GB lxd001/containers/salt-master</span>
<span class="go">zfs get quota lxd001/containers/salt-master</span>
<span class="go">NAME PROPERTY VALUE SOURCE</span>
<span class="go">lxd001/containers/salt-master quota 25G local</span>
</pre></div>
<p>Dar quota unui volum ofera siguranta ca spatiul este rezervat complet pentru volum. Aici intervine <strong>reservation</strong> care face acest lucru</p>
<div class="highlight"><pre><span></span><span class="go">zfs get reservation lxd001/containers/salt-master</span>
<span class="go">NAME PROPERTY VALUE SOURCE</span>
<span class="go">lxd001/containers/salt-master reservation none default</span>
<span class="go">zfs set reservation=25GB lxd001/containers/salt-master</span>
<span class="go">zfs get reservation lxd001/containers/salt-master</span>
<span class="go">NAME PROPERTY VALUE SOURCE</span>
<span class="go">lxd001/containers/salt-master reservation 25G local</span>
</pre></div>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
</div>
Instalare si configurare LXD2018-04-22T00:00:00+03:002018-04-22T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-04-22:/instalare-si-configurarea-lxd.html<p>Documentatia LXD recomanda folosirea ca sistem de stocare pentru containere/VM ZFS ca sistem de fisiere care permite:</p>
<ul class="simple">
<li>crearea rapida de partitii ca dataseturi</li>
<li>optiuni de backup si restaurare rapida</li>
<li>putem monta o partitie ca share in mai multe containere</li>
</ul>
<p>Mai multe gasiit aici: <a class="reference external" href="http://zfsonlinux.org/">http://zfsonlinux.org/</a></p>
<p>Dupa ce am …</p><p>Documentatia LXD recomanda folosirea ca sistem de stocare pentru containere/VM ZFS ca sistem de fisiere care permite:</p>
<ul class="simple">
<li>crearea rapida de partitii ca dataseturi</li>
<li>optiuni de backup si restaurare rapida</li>
<li>putem monta o partitie ca share in mai multe containere</li>
</ul>
<p>Mai multe gasiit aici: <a class="reference external" href="http://zfsonlinux.org/">http://zfsonlinux.org/</a></p>
<p>Dupa ce am ales masina potrivita vom face o instalare simpla de Ubuntu 18.04 server (beta 2 in acest moment) pe care vom instala serviciul de ssh pentru conectare remote.</p>
<p>Cum am partiionat discurile, in varianta mea am folosind 2 HDD de 250Gb:</p>
<ul class="simple">
<li>/dev/sda1 - 250M - /boot</li>
<li>/dev/sda2 - 8G - swap</li>
<li>/dev/sda3 - 100G - /</li>
<li>/dev/sda4 - restul discului pe care nu am format la instalare</li>
<li>/dev/sdb - nepartitionat</li>
</ul>
<p>Dupa instalare am creat un bridge la care am adaugat interfatza enp9s0 folosind utilitarul <a class="reference external" href="https://netplan.io">netplan</a>.</p>
<p>Am editat fisierul <em>/etc/netplan/01-netcfg.yaml</em></p>
<div class="highlight"><pre><span></span><span class="nt">network</span><span class="p">:</span>
<span class="w"> </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">2</span>
<span class="w"> </span><span class="nt">renderer</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">networkd</span>
<span class="w"> </span><span class="nt">ethernets</span><span class="p">:</span>
<span class="w"> </span><span class="nt">enp9s0</span><span class="p">:</span>
<span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">dhcp6</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">bridges</span><span class="p">:</span>
<span class="w"> </span><span class="nt">br0</span><span class="p">:</span>
<span class="w"> </span><span class="nt">interfaces</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">enp9s0</span>
<span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">addresses</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="w"> </span><span class="nv">192.168.25.200/24</span><span class="w"> </span><span class="p p-Indicator">]</span>
<span class="w"> </span><span class="nt">gateway4</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">192.168.25.1</span>
<span class="w"> </span><span class="nt">nameservers</span><span class="p">:</span>
<span class="w"> </span><span class="nt">addresses</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="w"> </span><span class="nv">1.1.1.1</span><span class="p p-Indicator">,</span><span class="nv">8.8.8.8</span><span class="w"> </span><span class="p p-Indicator">]</span>
</pre></div>
<p>si am aplicat configuratia cu comanda</p>
<div class="highlight"><pre><span></span><span class="go">netplan apply</span>
</pre></div>
<p>iar configuratia a devenit:</p>
<div class="highlight"><pre><span></span><span class="go">2: enp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000</span>
<span class="go"> link/ether 00:30:05:a1:c7:63 brd ff:ff:ff:ff:ff:ff</span>
<span class="go">3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000</span>
<span class="go"> link/ether 32:f0:1b:7c:b1:e0 brd ff:ff:ff:ff:ff:ff</span>
<span class="go"> inet 192.168.25.200/24 brd 192.168.25.255 scope global br0</span>
<span class="go"> valid_lft forever preferred_lft forever</span>
<span class="go"> inet6 fe80::30f0:1bff:fe7c:b1e0/64 scope link</span>
<span class="go"> valid_lft forever preferred_lft forever</span>
</pre></div>
<p>Pachetul lxd vine preinstalat in Ubuntu 18.04 server la versiunea 3.0. Asa ca mai avem nevoie de utilitarele pentru ZFS</p>
<div class="highlight"><pre><span></span><span class="go">apt install zfsutils-linux</span>
</pre></div>
<p>Pentru ca doream ZFS pe mai multe discuri am creat manual pool-ul, pe partitiile /dev/sda4 si /dev/sdb:</p>
<div class="highlight"><pre><span></span><span class="go">zpool create lxd001 /dev/sda4 /dev/sdb</span>
</pre></div>
<p>Verificam configuratia ZFS:</p>
<div class="highlight"><pre><span></span><span class="go">~ zpool status</span>
<span class="go"> pool: lxd001</span>
<span class="go"> state: ONLINE</span>
<span class="go"> scan: none requested</span>
<span class="go">config:</span>
<span class="go"> NAME STATE READ WRITE CKSUM</span>
<span class="go"> lxd001 ONLINE 0 0 0</span>
<span class="go"> sda4 ONLINE 0 0 0</span>
<span class="go"> sdb ONLINE 0 0 0</span>
<span class="go">errors: No known data errors</span>
</pre></div>
<p>Mai multe despre configurare sistemului de fisiere ZFS gasiti in documentatia Oracle <a class="reference external" href="https://docs.oracle.com/cd/E19253-01/819-5461/gaynr/index.html">aici</a>.</p>
<p>Automat pool-ul ZFS este montat in /lxd001 si pentru pasul urmator acesta trebuie sa fie demontat:</p>
<div class="highlight"><pre><span></span><span class="go">zfs umount lxd001</span>
</pre></div>
<p>Acum putem initializa lxd</p>
<div class="highlight"><pre><span></span><span class="go">~ lxd init</span>
<span class="go">Would you like to use LXD clustering? (yes/no) [default=no]:</span>
<span class="go">Do you want to configure a new storage pool? (yes/no) [default=yes]:</span>
<span class="go">Name of the new storage pool [default=default]: lxd001</span>
<span class="go">Name of the storage backend to use (btrfs, dir, lvm, zfs) [default=zfs]:</span>
<span class="go">Create a new ZFS pool? (yes/no) [default=yes]: no</span>
<span class="go">Name of the existing ZFS pool or dataset: lxd001</span>
<span class="go">Would you like to connect to a MAAS server? (yes/no) [default=no]:</span>
<span class="go">Would you like to configure LXD to use an existing bridge or host interface? (yes/no) [default=no]: yes</span>
<span class="go">Name of the existing bridge or host interface: br0</span>
<span class="go">Would you like LXD to be available over the network? (yes/no) [default=no]:</span>
<span class="go">Would you like stale cached images to be updated automatically? (yes/no) [default=yes]</span>
<span class="go">Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: yes</span>
<span class="go">config: {}</span>
<span class="go">cluster: null</span>
<span class="go">networks:</span>
<span class="go"> description: ""</span>
<span class="go"> managed: false</span>
<span class="go"> name: br0</span>
<span class="go"> type: "bridge"</span>
<span class="go">storage_pools:</span>
<span class="go">- config:</span>
<span class="go"> source: lxd001</span>
<span class="go"> description: ""</span>
<span class="go"> name: lxd001</span>
<span class="go"> driver: zfs</span>
<span class="go">profiles:</span>
<span class="go">- config: {}</span>
<span class="go"> description: ""</span>
<span class="go"> devices:</span>
<span class="go"> eth0:</span>
<span class="go"> name: eth0</span>
<span class="go"> nictype: bridged</span>
<span class="go"> parent: br0</span>
<span class="go"> type: nic</span>
<span class="go"> root:</span>
<span class="go"> path: /</span>
<span class="go"> pool: lxd001</span>
<span class="go"> type: disk</span>
<span class="go"> name: default</span>
</pre></div>
<p>Alternativa recomandata pentru storage este btrfs, dar se poate folosi si LVM , folder normal (dar mai lent). Mai multe gasiti in <a class="reference external" href="http://lxd.readthedocs.io/en/stable-3.0/storage/#storage-configuration">documentatie</a>.</p>
<p>Completare: LXD se poate instala si pe CentOS 7 cum este descris in acest <a class="reference external" href="https://discuss.linuxcontainers.org/t/lxd-on-centos-7/1250">artico</a></p>
<p>Articolul face parte din seria <a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></p>
Virtualizare cu LXD2018-04-21T00:00:00+03:002018-04-21T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-04-21:/virtualizare-cu-lxd.html<img alt="" src="/images/lxd.jpg" style="width: 600px;" />
<p>De multa vreme folosesc <a class="reference external" href="https://linuxcontainers.org/lxc/introduction/">LXC</a> local ca solutie simpla de virtualizare/containerizare pentru diverse aplicatii pe care le testez.</p>
<p>Ca avantaje aduse LXC mentionez:</p>
<ul class="simple">
<li>VM mai light</li>
<li>ruleaza nativ folosesc kernelul de pe masina gazda</li>
<li>creare facila de retele pentru testarea diverselor de management al configuratiilor (ansible, saltstack)</li>
</ul>
<p>In tot …</p><img alt="" src="/images/lxd.jpg" style="width: 600px;" />
<p>De multa vreme folosesc <a class="reference external" href="https://linuxcontainers.org/lxc/introduction/">LXC</a> local ca solutie simpla de virtualizare/containerizare pentru diverse aplicatii pe care le testez.</p>
<p>Ca avantaje aduse LXC mentionez:</p>
<ul class="simple">
<li>VM mai light</li>
<li>ruleaza nativ folosesc kernelul de pe masina gazda</li>
<li>creare facila de retele pentru testarea diverselor de management al configuratiilor (ansible, saltstack)</li>
</ul>
<p>In tot acest timp am auzit de <a class="reference external" href="https://linuxcontainers.org/lxd/">LXD</a> managerul de containere dar pe care l-am amanat pentru testare si pentru ca lumea il foloseste de obicei pe Ubuntu Linux - nefiind un fan al ei (motive personale).</p>
<p>In ultimele saptamani LXD 3.0 mi-a trezit interesul si dupa ce am studiat din documentatie, urmarind diverse prezentari la diverse conferinte am decis sa testez personal solutia pentru ca pare a fi potrivita pentru virtualizarea proiectelor local (macar a celor in curs de dezvoltare).</p>
<p>Ce am observat pana acum, dupa primele teste:</p>
<ul class="simple">
<li>permite rularea mai multor VM/masina comparativ cu alte solutii (KVM, Virtualbox) - pana la 14x ...</li>
<li>VM se pot configura ca resursele ce le acceseaza (cpu, memorie, disc, i/o)</li>
<li>permite configurare in clustere a nodurilor</li>
<li>configurarea se face majoritar via consola sau prin solutii de management (saltstack, ansible, etc)</li>
</ul>
<p>Asa ca daca aveti prin preajma una sau mai multe masini ce au:</p>
<ul class="simple">
<li>cpu cu 2-4-8 coruri</li>
<li>memorie cu minimum 4-8 Gb</li>
<li>2 discuri disponibile</li>
</ul>
<p>puteti incerca si voi LXD/LXC.</p>
<p>Experienta mea din testarea LXD ii voi grupa intr-o serie de articole ce vor acoperi urmatorii pasi:</p>
<ul class="simple">
<li>instalare Ubuntu, LXD si sculele pentru ZFS</li>
<li>crearea sistemului de stocare pe ZFS (alternativ poate fi in director sau LVM)</li>
<li>initializare LXD</li>
<li>crearea de profile, retele</li>
<li>creare si administrare containere</li>
<li>crearea de backup prin snapshot-uri</li>
<li>creare imagini proprii</li>
<li>customizare cu cloud-init a containerelor</li>
<li>crearea si administrarea volumelor de stocare</li>
<li>realizarea de clustere LXD???</li>
</ul>
<p>Seria de articole cuprinde:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/instalare-si-configurarea-lxd/">Instalare si configurare LXD</a></li>
<li><a class="reference external" href="/articole/profile-retele-si-volume-in-lxd/">Profile retele si volume in LXD</a></li>
<li><a class="reference external" href="/articole/manipulare-containere-in-lxd/">Manipulare containere in LXD</a></li>
<li><a class="reference external" href="/articole/alocare-resurse-pentru-containere-in-lxd/">Alocare resurse pentru containere in LXD</a></li>
<li><a class="reference external" href="/articole/salvare-si-restaurare-containere-in-lxd/">Salvare si restaurare containere in LXD</a></li>
<li><a class="reference external" href="/articole/interactiunea-cu-containere-in-lxd/">Interactiunea cu containerele in LXD</a></li>
<li><a class="reference external" href="/articole/manipulare-si-creare-imagini-in-lxd/">Manipulare si creare imagini in LXD</a></li>
<li><a class="reference external" href="/articole/rulare-aplicatii-grafice-in-lxd/">Rulare aplicatii grafice in LXD</a></li>
<li><a class="reference external" href="/articole/customizare-containere-cu-cloud-init-in-lxd/">Customizare containere cu cloud-init in LXD</a></li>
<li><a class="reference external" href="/articole/instalare-kubernetes-local-sub-lxd/">Instalare Kubernetes local sub LXD</a></li>
</ul>
Sugestii, tutoriale - mar 20182018-04-10T00:00:00+03:002018-04-10T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2018-04-10:/sugestii-tutoriale-03-2018.html<p>Hey WordPress Plugin Developers, Stop Supporting Legacy PHP Versions in Your Plugins <a class="reference external" href="https://t.co/c3D2H2Jpc1">https://t.co/c3D2H2Jpc1</a></p>
<p>How to create an open source stack using EFK <a class="reference external" href="https://t.co/OcLz6jfzHj">https://t.co/OcLz6jfzHj</a></p>
<p>A system administrator's guide to getting started with Ansible <a class="reference external" href="https://t.co/rsEVexky96">https://t.co/rsEVexky96</a></p>
<p>Use Ansible to patch your system and install …</p><p>Hey WordPress Plugin Developers, Stop Supporting Legacy PHP Versions in Your Plugins <a class="reference external" href="https://t.co/c3D2H2Jpc1">https://t.co/c3D2H2Jpc1</a></p>
<p>How to create an open source stack using EFK <a class="reference external" href="https://t.co/OcLz6jfzHj">https://t.co/OcLz6jfzHj</a></p>
<p>A system administrator's guide to getting started with Ansible <a class="reference external" href="https://t.co/rsEVexky96">https://t.co/rsEVexky96</a></p>
<p>Use Ansible to patch your system and install applications <a class="reference external" href="https://t.co/JpVO6MsIJL">https://t.co/JpVO6MsIJL</a></p>
<p>How to install Ansible AWX with Docker on CentOS 7 <a class="reference external" href="https://t.co/INEwobCGTg">https://t.co/INEwobCGTg</a></p>
<p>An Introduction to NGINX for Developers <a class="reference external" href="https://t.co/NG3ZL59dUh">https://t.co/NG3ZL59dUh</a></p>
<p>10x Performance Increases: Optimizing a Static Site <a class="reference external" href="https://t.co/AXmtjtJDTM">https://t.co/AXmtjtJDTM</a></p>
<p>Say Goodbye to Virtualenv <a class="reference external" href="https://t.co/Tw74gdy5Wg">https://t.co/Tw74gdy5Wg</a></p>
<p>How to Install Caddy Web Server with PHP-FPM on Ubuntu 16.04 <a class="reference external" href="https://t.co/slGfLy8Gfn">https://t.co/slGfLy8Gfn</a></p>
<p>Stop deploying Laravel manually, steal this Docker configuration instead <a class="reference external" href="https://t.co/9TgfnI4Y2p">https://t.co/9TgfnI4Y2p</a></p>
<p>Make your Ansible Console portable and secure with Docker <a class="reference external" href="https://t.co/GfvumJFFwy">https://t.co/GfvumJFFwy</a></p>
<p>Configure your own Image Registry <a class="reference external" href="https://t.co/Eu79g2r7JW">https://t.co/Eu79g2r7JW</a></p>
<p>Build A Telegram Bot with Laravel and BotMan <a class="reference external" href="https://t.co/oZMIng02jT">https://t.co/oZMIng02jT</a></p>
<p>Beautiful PHP CLI Menus for Laravel Artisan Commands <a class="reference external" href="https://t.co/RPUNbjXArs">https://t.co/RPUNbjXArs</a></p>
<p>Laravel Zero 5.6 is Now Released <a class="reference external" href="https://t.co/HLeFfv9pkQ">https://t.co/HLeFfv9pkQ</a></p>
<p>Secure memcached server to avoid DDoS amplification attacks <a class="reference external" href="https://t.co/nSiE8C4YK2">https://t.co/nSiE8C4YK2</a></p>
<p>Setting up a Python Development Environment in Atom <a class="reference external" href="https://t.co/XK7B6oW7L0">https://t.co/XK7B6oW7L0</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Sugestii, tutoriale - febr 20182018-03-10T00:00:00+02:002018-03-10T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-03-10:/sugestii-tutoriale-02-2018.html<p>Ten Useful Ansible Modules <a class="reference external" href="https://t.co/IqBeim9sPs">https://t.co/IqBeim9sPs</a></p>
<p>The Simplest Way to Learn SaltStack <a class="reference external" href="https://t.co/o1uOHp1oLo">https://t.co/o1uOHp1oLo</a></p>
<p>RHEL7: How to restore the old network interface name. - CertDepot <a class="reference external" href="https://t.co/wTLjHh4WWK">https://t.co/wTLjHh4WWK</a></p>
<p>How To Make Package Managers Cry - YouTube <a class="reference external" href="https://t.co/nQQwX8hga7">https://t.co/nQQwX8hga7</a></p>
<p>8 Best Python IDEs for Linux Programmers …</p><p>Ten Useful Ansible Modules <a class="reference external" href="https://t.co/IqBeim9sPs">https://t.co/IqBeim9sPs</a></p>
<p>The Simplest Way to Learn SaltStack <a class="reference external" href="https://t.co/o1uOHp1oLo">https://t.co/o1uOHp1oLo</a></p>
<p>RHEL7: How to restore the old network interface name. - CertDepot <a class="reference external" href="https://t.co/wTLjHh4WWK">https://t.co/wTLjHh4WWK</a></p>
<p>How To Make Package Managers Cry - YouTube <a class="reference external" href="https://t.co/nQQwX8hga7">https://t.co/nQQwX8hga7</a></p>
<p>8 Best Python IDEs for Linux Programmers <a class="reference external" href="https://t.co/iZOo4HXo2f">https://t.co/iZOo4HXo2f</a></p>
<p>Create a host inventory in a minute with Ansible <a class="reference external" href="https://t.co/NIRYZG5lR7">https://t.co/NIRYZG5lR7</a></p>
<p>EC2 discovery with Elasticsearch <a class="reference external" href="https://t.co/kO3xGzetOq">https://t.co/kO3xGzetOq</a></p>
<p>10 tips for making the Django Admin more secure <a class="reference external" href="https://t.co/po6myYN9sG">https://t.co/po6myYN9sG</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Sugestii, tutoriale - ian 20182018-02-05T00:00:00+02:002018-02-05T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-02-05:/sugestii-tutoriale-01-2018.html<p>DevOps Topologies <a class="reference external" href="https://t.co/1lD5Oprg78">https://t.co/1lD5Oprg78</a></p>
<p>Parallel Testing for PHPUnit with ParaTest <a class="reference external" href="https://t.co/0SwPsBb0US">https://t.co/0SwPsBb0US</a></p>
<p>Scalable clusters make HPC R&D easy as Raspberry Pi! <a class="reference external" href="https://t.co/U87vCjaskk">https://t.co/U87vCjaskk</a></p>
<p>match command-line arguments to their help text <a class="reference external" href="https://t.co/y5zGQVoPB4">https://t.co/y5zGQVoPB4</a></p>
<p>How to install PHP 7.2 on CentOS 7 …</p><p>DevOps Topologies <a class="reference external" href="https://t.co/1lD5Oprg78">https://t.co/1lD5Oprg78</a></p>
<p>Parallel Testing for PHPUnit with ParaTest <a class="reference external" href="https://t.co/0SwPsBb0US">https://t.co/0SwPsBb0US</a></p>
<p>Scalable clusters make HPC R&D easy as Raspberry Pi! <a class="reference external" href="https://t.co/U87vCjaskk">https://t.co/U87vCjaskk</a></p>
<p>match command-line arguments to their help text <a class="reference external" href="https://t.co/y5zGQVoPB4">https://t.co/y5zGQVoPB4</a></p>
<p>How to install PHP 7.2 on CentOS 7 <a class="reference external" href="https://t.co/WNaC1VQ5UM">https://t.co/WNaC1VQ5UM</a></p>
<p>The hidden costs of serverless <a class="reference external" href="https://t.co/Pp4gt1zFQb">https://t.co/Pp4gt1zFQb</a></p>
<p>PHP-PM Is a Process Manager, Supercharger, and Load Balancer for PHP Applications <a class="reference external" href="https://t.co/PAR8strQhQ">https://t.co/PAR8strQhQ</a></p>
<p>syslog-ng and Elasticsearch 6: getting started on RHEL/CentOS <a class="reference external" href="https://t.co/FHrX9DPcKG">https://t.co/FHrX9DPcKG</a></p>
<p>How to Install and Configure Foreman 1.16 on Debian / Ubuntu <a class="reference external" href="https://t.co/nIxnDq3zXQ">https://t.co/nIxnDq3zXQ</a></p>
<p>Docker Images for Penetration Testing & Security <a class="reference external" href="https://t.co/CuQwBK9BU8">https://t.co/CuQwBK9BU8</a></p>
<p>Index your Gmail Inbox with Elasticsearch <a class="reference external" href="https://t.co/eVZEascdOm">https://t.co/eVZEascdOm</a></p>
<p>Recomandari:</p>
<ul class="simple">
<li><a class="reference external" href="/articole/virtualizare-cu-lxd/">Virtualizare cu LXD</a></li>
<li><a class="reference external" href="/articole/aplicatii-pentru-managementul-configuratiilor/">Aplicatii pentru managementul configuratiilor</a></li>
</ul>
Sugestii, tutoriale - dec 20172018-01-01T00:00:00+02:002018-01-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2018-01-01:/sugestii-tutoriale-12-2017.html<p>Interesting ideea - Teleport <a class="reference external" href="https://t.co/USwfd9lR40">https://t.co/USwfd9lR40</a></p>
<p>The source code is the license | Tux Machines <a class="reference external" href="https://t.co/ZwRHZSSDTB">https://t.co/ZwRHZSSDTB</a></p>
<p>12 days of Varnish <a class="reference external" href="https://t.co/nRmJnsqXEZ">https://t.co/nRmJnsqXEZ</a></p>
<p>How To Debug In Django. Useful Tips <a class="reference external" href="https://t.co/ZHkWRXnieN">https://t.co/ZHkWRXnieN</a></p>
<p>PHP-FPM tuning: Using 'pm static' for Max Performance <a class="reference external" href="https://t.co/R04KvRVExA">https://t.co/R04KvRVExA …</a></p><p>Interesting ideea - Teleport <a class="reference external" href="https://t.co/USwfd9lR40">https://t.co/USwfd9lR40</a></p>
<p>The source code is the license | Tux Machines <a class="reference external" href="https://t.co/ZwRHZSSDTB">https://t.co/ZwRHZSSDTB</a></p>
<p>12 days of Varnish <a class="reference external" href="https://t.co/nRmJnsqXEZ">https://t.co/nRmJnsqXEZ</a></p>
<p>How To Debug In Django. Useful Tips <a class="reference external" href="https://t.co/ZHkWRXnieN">https://t.co/ZHkWRXnieN</a></p>
<p>PHP-FPM tuning: Using 'pm static' for Max Performance <a class="reference external" href="https://t.co/R04KvRVExA">https://t.co/R04KvRVExA</a></p>
<p>How to Install Laravel 5 PHP Framework with Nginx on Ubuntu 16.04 <a class="reference external" href="https://t.co/Y0QKg2pMF2">https://t.co/Y0QKg2pMF2</a></p>
<p>3x faster than Flask <a class="reference external" href="https://t.co/GfvX8Ja8S4">https://t.co/GfvX8Ja8S4</a></p>
<p>The 2018 Guide to Building Secure PHP Software <a class="reference external" href="https://t.co/objcSMHgME">https://t.co/objcSMHgME</a></p>
<p>How to Run Multiple Websites with Different PHP Versions in Nginx <a class="reference external" href="https://t.co/cpjIfcwcqg">https://t.co/cpjIfcwcqg</a></p>
<p>23 Development Tools for Boosting Website Performance <a class="reference external" href="https://t.co/FAR4IikufZ">https://t.co/FAR4IikufZ</a></p>
<p>Using Dompdf in CodeIgniter 3.x · dompdf/dompdf Wiki · GitHub <a class="reference external" href="https://t.co/4zdOVLXVYt">https://t.co/4zdOVLXVYt</a></p>
<p>Sensu Metrics Collection <a class="reference external" href="https://t.co/6mvRgWKLIw">https://t.co/6mvRgWKLIw</a></p>
Sugestii, tutoriale - nov 20172017-12-06T00:00:00+02:002017-12-06T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2017-12-06:/sugestii-tutoriale-11-2017.html<p>Data Visualization With DataTables.js and Highcharts.js <a class="reference external" href="https://t.co/jUj7PRQ4on">https://t.co/jUj7PRQ4on</a></p>
<p>How to Index and Query Data With Haystack and Elasticsearch in Python <a class="reference external" href="https://t.co/u8M0Wcm7WG">https://t.co/u8M0Wcm7WG</a></p>
<p>GitLab Performance Monitoring with Grafana <a class="reference external" href="https://t.co/Yls4GSHz9w">https://t.co/Yls4GSHz9w</a></p>
<p>Laracasts: Free Visual Studio Code Course - Laravel News <a class="reference external" href="https://t.co/GGdRqcoAAM">https://t.co/GGdRqcoAAM</a></p>
<p>Infrastructure …</p><p>Data Visualization With DataTables.js and Highcharts.js <a class="reference external" href="https://t.co/jUj7PRQ4on">https://t.co/jUj7PRQ4on</a></p>
<p>How to Index and Query Data With Haystack and Elasticsearch in Python <a class="reference external" href="https://t.co/u8M0Wcm7WG">https://t.co/u8M0Wcm7WG</a></p>
<p>GitLab Performance Monitoring with Grafana <a class="reference external" href="https://t.co/Yls4GSHz9w">https://t.co/Yls4GSHz9w</a></p>
<p>Laracasts: Free Visual Studio Code Course - Laravel News <a class="reference external" href="https://t.co/GGdRqcoAAM">https://t.co/GGdRqcoAAM</a></p>
<p>Infrastructure As Code : Automating AWS ec2 Virtual Machines Using SaltStack <a class="reference external" href="https://t.co/3ktYke7R25">https://t.co/3ktYke7R25</a></p>
<p>An Ansible2 Tutorial <a class="reference external" href="https://t.co/ANg9bRI2mZ">https://t.co/ANg9bRI2mZ</a></p>
<p>How to Auto-Scale Your Cloud with #SaltStack <a class="reference external" href="https://t.co/ABNT0DRb1d">https://t.co/ABNT0DRb1d</a></p>
<p>Monitor Swarm Cluster with TICK stack &amp; Slack <a class="reference external" href="https://t.co/EUmDfOMf8F">https://t.co/EUmDfOMf8F</a></p>
<p>7 Open-Source Test Automation Frameworks <a class="reference external" href="https://t.co/utWGU32DpP">https://t.co/utWGU32DpP</a></p>
<p>How to Optimize MySQL: Indexes, Slow Queries, Configuration <a class="reference external" href="https://t.co/qB24IjA7i4">https://t.co/qB24IjA7i4</a></p>
<p>Build and test applications with Ansible Container <a class="reference external" href="https://t.co/PIlescgwDn">https://t.co/PIlescgwDn</a></p>
<p>Awesome Laravel Repos <a class="reference external" href="https://t.co/MpyHozKpRM">https://t.co/MpyHozKpRM</a></p>
Sugestii, tutoriale - oct 20172017-11-03T00:00:00+02:002017-11-03T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2017-11-03:/sugestii-tutoriale-10-2017.html<p>How to Create Your First Static Site with Pelican and Jinja2 <a class="reference external" href="https://t.co/CE0AUuTspW">https://t.co/CE0AUuTspW</a></p>
<p>Audit your systems HubbleStack <a class="reference external" href="https://t.co/eSSGfBWxVh">https://t.co/eSSGfBWxVh</a></p>
<p>Hosting a secure WordPress site on AWS at low costs <a class="reference external" href="https://t.co/mTVBALNmVB">https://t.co/mTVBALNmVB</a></p>
<p>Design Blocks <a class="reference external" href="https://t.co/dWxMbwtZj1">https://t.co/dWxMbwtZj1</a></p>
<p>Who’s to Blame? (v0.1) <a class="reference external" href="https://t.co/WmQQlPrsoq">https …</a></p><p>How to Create Your First Static Site with Pelican and Jinja2 <a class="reference external" href="https://t.co/CE0AUuTspW">https://t.co/CE0AUuTspW</a></p>
<p>Audit your systems HubbleStack <a class="reference external" href="https://t.co/eSSGfBWxVh">https://t.co/eSSGfBWxVh</a></p>
<p>Hosting a secure WordPress site on AWS at low costs <a class="reference external" href="https://t.co/mTVBALNmVB">https://t.co/mTVBALNmVB</a></p>
<p>Design Blocks <a class="reference external" href="https://t.co/dWxMbwtZj1">https://t.co/dWxMbwtZj1</a></p>
<p>Who’s to Blame? (v0.1) <a class="reference external" href="https://t.co/WmQQlPrsoq">https://t.co/WmQQlPrsoq</a></p>
<p>Building A Large-Scale Design System <a class="reference external" href="https://t.co/5y6Kzk1Mug">https://t.co/5y6Kzk1Mug</a></p>
<p>How to Install OpenLiteSpeed HTTP Server with PHP 7.1 on Ubuntu 16.04 LTS <a class="reference external" href="https://t.co/sge5AUdoTh">https://t.co/sge5AUdoTh</a></p>
<p>HAProxy vs nginx: Why you should NEVER use nginx for load balancing! <a class="reference external" href="https://t.co/1ulMsTL9mk">https://t.co/1ulMsTL9mk</a></p>
<p>Monitoring as a Service <a class="reference external" href="https://t.co/Bw7DI63XYf">https://t.co/Bw7DI63XYf</a></p>
Sugestii, tutoriale - sept 20172017-10-03T00:00:00+03:002017-10-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-10-03:/sugestii-tutoriale-09-2017.html<p>Automate your Laravel deployment with Capistrano 3 <a class="reference external" href="https://t.co/avP6xQZ72c">https://t.co/avP6xQZ72c</a></p>
<p>Let's Compare: RunCloud vs Forge vs ServerPilot <a class="reference external" href="https://t.co/sUiVIhbdAz">https://t.co/sUiVIhbdAz</a></p>
<p>Fixing invalid-default-value for timestamp field MySQL <a class="reference external" href="https://t.co/0GAcbOpNNn">https://t.co/0GAcbOpNNn</a></p>
<p>Using machine learning to name colors <a class="reference external" href="https://t.co/CnAnIxcCiN">https://t.co/CnAnIxcCiN</a></p>
<p>A Full Stack in One Command <a class="reference external" href="https://t.co/PreWNQchYE">https://t …</a></p><p>Automate your Laravel deployment with Capistrano 3 <a class="reference external" href="https://t.co/avP6xQZ72c">https://t.co/avP6xQZ72c</a></p>
<p>Let's Compare: RunCloud vs Forge vs ServerPilot <a class="reference external" href="https://t.co/sUiVIhbdAz">https://t.co/sUiVIhbdAz</a></p>
<p>Fixing invalid-default-value for timestamp field MySQL <a class="reference external" href="https://t.co/0GAcbOpNNn">https://t.co/0GAcbOpNNn</a></p>
<p>Using machine learning to name colors <a class="reference external" href="https://t.co/CnAnIxcCiN">https://t.co/CnAnIxcCiN</a></p>
<p>A Full Stack in One Command <a class="reference external" href="https://t.co/PreWNQchYE">https://t.co/PreWNQchYE</a></p>
<p>How to Install Ubuntu via PXE Server Using Local DVD Sources <a class="reference external" href="https://t.co/vAww4JORfc">https://t.co/vAww4JORfc</a></p>
<p>Influxdata/TICK-docker <a class="reference external" href="https://t.co/74HJ2nIt9l">https://t.co/74HJ2nIt9l</a></p>
<p>Titter to RSS Feed, Subscribe using Thunderbird <a class="reference external" href="https://t.co/jJa3dHC7Nv">https://t.co/jJa3dHC7Nv</a></p>
<p>The Non-marketing Guide: DKIM, SPF &amp; DMARC <a class="reference external" href="https://t.co/iyFTth868t">https://t.co/iyFTth868t</a></p>
<p>PiCluster - A Simple, Web-based Docker Management Application <a class="reference external" href="https://t.co/zRLrLIzWDR">https://t.co/zRLrLIzWDR</a></p>
<p>What is Software Testing? <a class="reference external" href="https://t.co/Wz9TeYj2gC">https://t.co/Wz9TeYj2gC</a></p>
<p>Google Chrome Puppeteer for Headless Automation <a class="reference external" href="https://t.co/Yk7WfKMu5H">https://t.co/Yk7WfKMu5H</a></p>
Sugestii, tutoriale - aug 20172017-09-02T00:00:00+03:002017-09-02T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-09-02:/sugestii-tutoriale-08-2017.html<p>Gentoo linux ~ the fresh ebuilds <a class="reference external" href="https://t.co/3slaKB6erQ">https://t.co/3slaKB6erQ</a></p>
<p>Securing haproxy and nginx via HTTP Headers <a class="reference external" href="https://t.co/HNIE60im5U">https://t.co/HNIE60im5U</a></p>
<p>How To Set Up a Firewall with PF on FreeBSD to Protect a Web Server <a class="reference external" href="https://t.co/7Jl7d1IuA2">https://t.co/7Jl7d1IuA2</a></p>
<p>Monitor Linux with Grafana <a class="reference external" href="https://t.co/fdX8H3OSmv">https://t.co/fdX8H3OSmv</a></p>
<p>Web Automation Test …</p><p>Gentoo linux ~ the fresh ebuilds <a class="reference external" href="https://t.co/3slaKB6erQ">https://t.co/3slaKB6erQ</a></p>
<p>Securing haproxy and nginx via HTTP Headers <a class="reference external" href="https://t.co/HNIE60im5U">https://t.co/HNIE60im5U</a></p>
<p>How To Set Up a Firewall with PF on FreeBSD to Protect a Web Server <a class="reference external" href="https://t.co/7Jl7d1IuA2">https://t.co/7Jl7d1IuA2</a></p>
<p>Monitor Linux with Grafana <a class="reference external" href="https://t.co/fdX8H3OSmv">https://t.co/fdX8H3OSmv</a></p>
<p>Web Automation Test Solutions with Docker, Selenium and Cucumber.js <a class="reference external" href="https://t.co/ZXZYmcL9OM">https://t.co/ZXZYmcL9OM</a></p>
<p>Continuous Integration with Jenkins: How? and Why? <a class="reference external" href="https://t.co/eLcibgtcWs">https://t.co/eLcibgtcWs</a></p>
<p>Continuous Integration with Jenkins: More about Free-style Jobs steps. <a class="reference external" href="https://t.co/lcYV3veddX">https://t.co/lcYV3veddX</a></p>
<p>Architecting a HA Wordpress Using Docker Swarm, Traefik &amp; GlusterFS… <a class="reference external" href="https://t.co/x9gJCXRuEd">https://t.co/x9gJCXRuEd</a></p>
<p>Comparing Seven Monitoring Options for Docker | Rancher Labs <a class="reference external" href="https://t.co/ArzVeCC7hz">https://t.co/ArzVeCC7hz</a></p>
<p>Simple and full-featured mail server using Docker <a class="reference external" href="https://t.co/QaHreaBcAq">https://t.co/QaHreaBcAq</a></p>
<p>Securing a Server with Ansible <a class="reference external" href="https://t.co/VtM24OJpMN">https://t.co/VtM24OJpMN</a></p>
<p>SSH key rotation <a class="reference external" href="https://t.co/iUfcVDUtYf">https://t.co/iUfcVDUtYf</a></p>
<p>How to Master Your API Workflow with Postman — SitePoint <a class="reference external" href="https://t.co/dOMRrKw5SW">https://t.co/dOMRrKw5SW</a></p>
<p>Tips to Reduce Docker Image Sizes <a class="reference external" href="https://t.co/y0P89tLaOI">https://t.co/y0P89tLaOI</a></p>
<p>Monitoring a docker environment using TICK stack <a class="reference external" href="https://t.co/JW7xmiIfbL">https://t.co/JW7xmiIfbL</a></p>
<p>7 Nginx Rewrite Rule Examples with Reg-Ex and Flags <a class="reference external" href="https://t.co/MJyhpiU2tB">https://t.co/MJyhpiU2tB</a></p>
Sugestii, tutoriale - iulie 20172017-08-04T00:00:00+03:002017-08-04T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-08-04:/sugestii-tutoriale-07-2017.html<p>Try InfluxDB and Grafana by docker <a class="reference external" href="https://t.co/70taEzAdQ5">https://t.co/70taEzAdQ5</a></p>
<p>Visual Studio Code treasures <a class="reference external" href="https://t.co/ToziAUzm2q">https://t.co/ToziAUzm2q</a></p>
<p>A Gentle Introduction to tmux <a class="reference external" href="https://t.co/PodpVoKyVO">https://t.co/PodpVoKyVO</a></p>
<p>How to prepare and restore WordPress backups <a class="reference external" href="https://t.co/lbC03iMxLZ">https://t.co/lbC03iMxLZ</a></p>
<p>Anatomy of a chatbot <a class="reference external" href="https://t.co/6OwmmkiLTi">https://t.co/6OwmmkiLTi</a></p>
<p>How to Install Different …</p><p>Try InfluxDB and Grafana by docker <a class="reference external" href="https://t.co/70taEzAdQ5">https://t.co/70taEzAdQ5</a></p>
<p>Visual Studio Code treasures <a class="reference external" href="https://t.co/ToziAUzm2q">https://t.co/ToziAUzm2q</a></p>
<p>A Gentle Introduction to tmux <a class="reference external" href="https://t.co/PodpVoKyVO">https://t.co/PodpVoKyVO</a></p>
<p>How to prepare and restore WordPress backups <a class="reference external" href="https://t.co/lbC03iMxLZ">https://t.co/lbC03iMxLZ</a></p>
<p>Anatomy of a chatbot <a class="reference external" href="https://t.co/6OwmmkiLTi">https://t.co/6OwmmkiLTi</a></p>
<p>How to Install Different PHP (5.6, 7.0 and 7.1) Versions in Ubuntu <a class="reference external" href="https://t.co/WZGJvidfqy">https://t.co/WZGJvidfqy</a></p>
Sugestii, tutoriale - iunie 20172017-07-10T00:00:00+03:002017-07-10T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-07-10:/sugestii-tutoriale-06-2017.html<p>5 ways to make Django Admin safer <a class="reference external" href="https://t.co/xTyACRg1Pu">https://t.co/xTyACRg1Pu</a></p>
<p>How to Change Apache Server Name to Anything in Server Headers <a class="reference external" href="https://t.co/C2kATEHIe8">https://t.co/C2kATEHIe8</a></p>
<p>#pelican blog but this rise the stake <a class="reference external" href="https://t.co/fSBNjtIWrw">https://t.co/fSBNjtIWrw</a></p>
<p>Key Guidelines to Continuous Integration and Jenkins CI Server <a class="reference external" href="https://t.co/NCC4IolpJA">https://t.co/NCC4IolpJA …</a></p><p>5 ways to make Django Admin safer <a class="reference external" href="https://t.co/xTyACRg1Pu">https://t.co/xTyACRg1Pu</a></p>
<p>How to Change Apache Server Name to Anything in Server Headers <a class="reference external" href="https://t.co/C2kATEHIe8">https://t.co/C2kATEHIe8</a></p>
<p>#pelican blog but this rise the stake <a class="reference external" href="https://t.co/fSBNjtIWrw">https://t.co/fSBNjtIWrw</a></p>
<p>Key Guidelines to Continuous Integration and Jenkins CI Server <a class="reference external" href="https://t.co/NCC4IolpJA">https://t.co/NCC4IolpJA</a></p>
<p>How to Create Interactive JavaScript Charts from Custom Data Sets <a class="reference external" href="https://t.co/1sizmmpnev">https://t.co/1sizmmpnev</a></p>
<p>Using Celery With Django for Background Task Processing <a class="reference external" href="https://t.co/9dHpEfexVn">https://t.co/9dHpEfexVn</a></p>
<p>15 Git Branch Command Examples to Create and Manage Branches <a class="reference external" href="https://t.co/mWrYnDh5en">https://t.co/mWrYnDh5en</a></p>
<p>Building an API with Django REST Framework and Class-Based Views <a class="reference external" href="https://t.co/74Xfx9edWL">https://t.co/74Xfx9edWL</a></p>
<p>Guide to Becoming a Full-Stack Developer in 2017 <a class="reference external" href="https://t.co/V08pWwXI37">https://t.co/V08pWwXI37</a></p>
<p>Systemd and Containers: An Introduction to systemd-nspawn <a class="reference external" href="https://t.co/9oBC19Cdti">https://t.co/9oBC19Cdti</a></p>
<p>The DevOps tool arsenal <a class="reference external" href="https://t.co/0SUtL3Nc5j">https://t.co/0SUtL3Nc5j</a></p>
<p>awless - an #AWS cli <a class="reference external" href="https://t.co/HAHDvMRHli">https://t.co/HAHDvMRHli</a></p>
<p>Deploy != Release (Part 1) <a class="reference external" href="https://t.co/BgSV1xfUcm">https://t.co/BgSV1xfUcm</a></p>
<p>Deployment Strategies &amp; Release Best Practices <a class="reference external" href="https://t.co/4fHWu0tghc">https://t.co/4fHWu0tghc</a></p>
<p>Modern #Django Guide <a class="reference external" href="https://t.co/WEsFaMQ0EZ">https://t.co/WEsFaMQ0EZ</a></p>
Sugestii, tutoriale - mai 20172017-06-03T00:00:00+03:002017-06-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-06-03:/sugestii-tutoriale-05-2017.html<p>Web Developer Security Checklist <a class="reference external" href="https://t.co/LA6nsGLfCl">https://t.co/LA6nsGLfCl</a></p>
<p>7 Awesome ChatOps Open Source Software For Conversation-driven Development and Management <a class="reference external" href="https://t.co/attG5tCqJw">https://t.co/attG5tCqJw</a></p>
<p>Modalități de a face analizele BigData .... <a class="reference external" href="https://t.co/XkYzIEXIcU">https://t.co/XkYzIEXIcU</a></p>
<p>The Ultimate Guide to Deploying PHP Apps in the Cloud — SitePoint <a class="reference external" href="https://t.co/IiHjpPRakw">https://t.co/IiHjpPRakw</a></p>
<p>Chatops with …</p><p>Web Developer Security Checklist <a class="reference external" href="https://t.co/LA6nsGLfCl">https://t.co/LA6nsGLfCl</a></p>
<p>7 Awesome ChatOps Open Source Software For Conversation-driven Development and Management <a class="reference external" href="https://t.co/attG5tCqJw">https://t.co/attG5tCqJw</a></p>
<p>Modalități de a face analizele BigData .... <a class="reference external" href="https://t.co/XkYzIEXIcU">https://t.co/XkYzIEXIcU</a></p>
<p>The Ultimate Guide to Deploying PHP Apps in the Cloud — SitePoint <a class="reference external" href="https://t.co/IiHjpPRakw">https://t.co/IiHjpPRakw</a></p>
<p>Chatops with Powershell <a class="reference external" href="https://t.co/1tgeYVfpz6">https://t.co/1tgeYVfpz6</a></p>
<p>Ansible v.s. Salt (SaltStack) v.s. StackStorm <a class="reference external" href="https://t.co/47d6GasbfL">https://t.co/47d6GasbfL</a></p>
<p>How to Install Magento 2 with Apache, Varnish and Memcache – Blog <a class="reference external" href="https://t.co">https://t.co</a>/WtiwMlhhms`https://t.co/jnPxqpbKvu <<a class="reference external" href="https://t.co/jnPxqpbKvu">https://t.co/jnPxqpbKvu</a>>`_</p>
<p>MyCLI <a class="reference external" href="https://t.co/tv9V5ezhTN">https://t.co/tv9V5ezhTN</a></p>
Sugestii, tutoriale - apr 20172017-05-05T00:00:00+03:002017-05-05T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-05-05:/sugestii-tutoriale-04-2017.html<p>How To Measure MySQL Query Performance with mysqlslap <a class="reference external" href="https://t.co/40RitUsNVx">https://t.co/40RitUsNVx</a></p>
<p>TCP/UDP Load Balancing with NGINX <a class="reference external" href="https://t.co/ebUVsm5P5N">https://t.co/ebUVsm5P5N</a></p>
<p>Tool for deploy #Magento2 on servers <a class="reference external" href="https://t.co/pvZCccTstr">https://t.co/pvZCccTstr</a></p>
<p>Full Monitoring System: Graphite, collectd and StatsD - Part 1 <a class="reference external" href="https://t.co/NQaArezuIQ">https://t.co/NQaArezuIQ</a></p>
<p>Full monitoring system: Installing Graphite …</p><p>How To Measure MySQL Query Performance with mysqlslap <a class="reference external" href="https://t.co/40RitUsNVx">https://t.co/40RitUsNVx</a></p>
<p>TCP/UDP Load Balancing with NGINX <a class="reference external" href="https://t.co/ebUVsm5P5N">https://t.co/ebUVsm5P5N</a></p>
<p>Tool for deploy #Magento2 on servers <a class="reference external" href="https://t.co/pvZCccTstr">https://t.co/pvZCccTstr</a></p>
<p>Full Monitoring System: Graphite, collectd and StatsD - Part 1 <a class="reference external" href="https://t.co/NQaArezuIQ">https://t.co/NQaArezuIQ</a></p>
<p>Full monitoring system: Installing Graphite, collectd and StatsD - Part 2 <a class="reference external" href="https://t.co/61qSonmr9a">https://t.co/61qSonmr9a</a></p>
<p>Full monitoring system: Graphite, collectd and StatsD - Part 3 <a class="reference external" href="https://t.co/ftcyRfkgMO">https://t.co/ftcyRfkgMO</a></p>
<p>How we fine-tuned HAProxy to achieve 2,000,000 concurrent SSL connections <a class="reference external" href="https://t.co/fFgrwNoMkY">https://t.co/fFgrwNoMkY</a></p>
<p>Graph Databases: Talking about your Data Relationships.. <a class="reference external" href="https://t.co/U459bQM4f9">https://t.co/U459bQM4f9</a></p>
<p>Provisioning django application using ansible <a class="reference external" href="https://t.co/0iiwODeOGk">https://t.co/0iiwODeOGk</a></p>
<p>How To Secure Your Web App With HTTP Headers – Smashing Magazine <a class="reference external" href="https://t.co/K39OKOtqe4">https://t.co/K39OKOtqe4</a></p>
<p>10 Free WordPress Themes that Utilize Material Design <a class="reference external" href="https://t.co/TayQhJrrHb">https://t.co/TayQhJrrHb</a></p>
<p>10 Free Lightweight CSS Frameworks for a Fast Start <a class="reference external" href="https://t.co/wsSjESAxoT">https://t.co/wsSjESAxoT</a></p>
<p>Secure &amp; Speed Up Your Website <a class="reference external" href="https://t.co/k8AjYfQHqy">https://t.co/k8AjYfQHqy</a></p>
<p>How to turn Django Admin into a lightweight dashboard <a class="reference external" href="https://t.co/6yuKqsDYcE">https://t.co/6yuKqsDYcE</a></p>
Sugestii, tutoriale - mar 20172017-04-03T00:00:00+03:002017-04-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2017-04-03:/sugestii-tutoriale-03-2017.html<p>1M downloads of an open source project <a class="reference external" href="https://t.co/HzLdREULvR">https://t.co/HzLdREULvR</a></p>
<p>How to Install a Production Ready Naemon Monitoring Server <a class="reference external" href="https://t.co/3mqJ4QAy2l">https://t.co/3mqJ4QAy2l</a></p>
<p>Zero downtime local build Laravel 5 deploys with Deployer <a class="reference external" href="https://t.co/uGFnsFjUrO">https://t.co/uGFnsFjUrO</a></p>
<p>370 Free Online Programming &amp; Computer Science courses <a class="reference external" href="https://t.co/z8Q8melbKP">https://t.co/z8Q8melbKP</a></p>
<p>Choosing …</p><p>1M downloads of an open source project <a class="reference external" href="https://t.co/HzLdREULvR">https://t.co/HzLdREULvR</a></p>
<p>How to Install a Production Ready Naemon Monitoring Server <a class="reference external" href="https://t.co/3mqJ4QAy2l">https://t.co/3mqJ4QAy2l</a></p>
<p>Zero downtime local build Laravel 5 deploys with Deployer <a class="reference external" href="https://t.co/uGFnsFjUrO">https://t.co/uGFnsFjUrO</a></p>
<p>370 Free Online Programming &amp; Computer Science courses <a class="reference external" href="https://t.co/z8Q8melbKP">https://t.co/z8Q8melbKP</a></p>
<p>Choosing a centralized logging and monitoring system <a class="reference external" href="https://t.co/5vWTyLVVD9">https://t.co/5vWTyLVVD9</a></p>
<p>Monitoring Apache web server performance <a class="reference external" href="https://t.co/yBRIafefzz">https://t.co/yBRIafefzz</a></p>
<p>ssh_scan: A prototype SSH configuration and policy scanner <a class="reference external" href="https://t.co/gYHaIl7Ypd">https://t.co/gYHaIl7Ypd</a></p>
<p>Get Started Running Laravel in a Docker Container <a class="reference external" href="https://t.co/OChRFzvjYE">https://t.co/OChRFzvjYE</a></p>
<p>First steps with Laravel and Continuous Delivery <a class="reference external" href="https://t.co/2jdcGWB3wH">https://t.co/2jdcGWB3wH</a></p>
<p>Code as Craft, Etsy's Engineering Blog <a class="reference external" href="https://t.co/aWR05JfRTs">https://t.co/aWR05JfRTs</a></p>
Sugestii, tutoriale - febr 20172017-03-15T00:00:00+02:002017-03-15T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2017-03-15:/sugestii-tutoriale-02-2017.html<p>Build packages for multiple platforms (deb, rpm, etc) for your apllication <a class="reference external" href="https://t.co/CA5Lo84KDT">https://t.co/CA5Lo84KDT</a></p>
<p>How to install and configure Varnish cache on Ubuntu Linux 16.04 LTS <a class="reference external" href="https://t.co/G0GdRRxMzQ">https://t.co/G0GdRRxMzQ</a></p>
<p>Meet Flint OS, a Chromium OS Fork for Raspberry Pi &amp; PCs That Runs Android Apps <a class="reference external" href="https://t.co/wf4PToeItY">https://t …</a></p><p>Build packages for multiple platforms (deb, rpm, etc) for your apllication <a class="reference external" href="https://t.co/CA5Lo84KDT">https://t.co/CA5Lo84KDT</a></p>
<p>How to install and configure Varnish cache on Ubuntu Linux 16.04 LTS <a class="reference external" href="https://t.co/G0GdRRxMzQ">https://t.co/G0GdRRxMzQ</a></p>
<p>Meet Flint OS, a Chromium OS Fork for Raspberry Pi &amp; PCs That Runs Android Apps <a class="reference external" href="https://t.co/wf4PToeItY">https://t.co/wf4PToeItY</a></p>
<p>Download wallpapers from #reddit <a class="reference external" href="https://t.co/CZH9yYLwj7">https://t.co/CZH9yYLwj7</a></p>
<p>Capistrano for Wordpress <a class="reference external" href="https://t.co/lB0fWhqHgv">https://t.co/lB0fWhqHgv</a></p>
<p>Modern WordPress Development Workflow – Part #3 – WordPress Deployment - YouTube <a class="reference external" href="https://t.co/dfN9e2rg3a">https://t.co/dfN9e2rg3a</a></p>
<p>How to delete or remove a MySQL/MariaDB user account on Linux or Unix <a class="reference external" href="https://t.co/NhPGfakXBz">https://t.co/NhPGfakXBz</a></p>
<p>smem – Linux Memory Reporting/Statistics Tool <a class="reference external" href="https://t.co/5tDjwylm7x">https://t.co/5tDjwylm7x</a></p>
<p>A collective list of public JSON APIs for use in web development. <a class="reference external" href="https://t.co/nT3f5tELOj">https://t.co/nT3f5tELOj</a></p>
<p>How to Setup IP Failover on Ubuntu with KeepAlived <a class="reference external" href="https://t.co/7MGq04L5jJ">https://t.co/7MGq04L5jJ</a></p>
<p>Magallanes v3 <a class="reference external" href="https://t.co/ZahgC81K21">https://t.co/ZahgC81K21</a></p>
<p>Million requests per second with Python <a class="reference external" href="https://t.co/CNkPwq0YNX">https://t.co/CNkPwq0YNX</a></p>
Download wallpaper de pe Reddit2017-02-20T00:00:00+02:002017-02-20T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2017-02-20:/download-wallpaper-de-pe-reddit.html<p class="first last">Descarcare top wallpapere de pe Reddit.com</p>
<p>De multa vreme am citit despre aplicatii ce descarca local wallpaperele de pe <a class="reference external" href="http://www.reddit.com/r/wallpaper+wallpapers/">Reddit.com</a>, dar nu am gasit nimic satisfacator.</p>
<p>Anterior am mai lucrat cu API-ul celor de la Reddit.com (<a class="reference external" href="https://www.reddit.com/dev/api/">link api</a>) si am gasit implementarea</p>
<p>Am realizat urmatorul script in PHP ce l-am salvat in /usr/local/bin/reddit_wall</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span></pre></div></td><td class="code"><div><pre><span></span><span class="x">#!/usr/bin/php</span>
<span class="cp"><?php</span>
<span class="nb">error_reporting</span><span class="p">(</span><span class="mi">0</span><span class="p">);</span>
<span class="nv">$path</span><span class="o">=</span><span class="s2">"/home/cristi/Pictures/reddit/"</span><span class="p">;</span>
<span class="nv">$pageData</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nb">file_get_contents</span><span class="p">(</span> <span class="s2">"http://www.reddit.com/r/wallpaper+wallpapers/.json?limit=500"</span><span class="p">));</span>
<span class="nv">$k</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
<span class="k">foreach</span> <span class="p">(</span><span class="nv">$pageData</span><span class="o">-></span><span class="na">data</span><span class="o">-></span><span class="na">children</span> <span class="k">as</span> <span class="nv">$post</span><span class="p">)</span> <span class="p">{</span>
<span class="k">foreach</span> <span class="p">(</span><span class="nv">$post</span><span class="o">-></span><span class="na">data</span><span class="o">-></span><span class="na">preview</span><span class="o">-></span><span class="na">images</span> <span class="k">as</span> <span class="nv">$image</span><span class="p">)</span> <span class="p">{</span>
<span class="k">if</span> <span class="p">(</span><span class="nb">strpos</span><span class="p">(</span><span class="nv">$image</span><span class="o">-></span><span class="na">source</span><span class="o">-></span><span class="na">url</span><span class="p">,</span> <span class="s1">'.png'</span><span class="p">)</span> <span class="o">!==</span> <span class="k">false</span><span class="p">)</span> <span class="p">{</span>
<span class="nv">$ext</span> <span class="o">=</span> <span class="s2">".png"</span><span class="p">;</span>
<span class="p">}</span> <span class="k">else</span> <span class="p">{</span>
<span class="nv">$ext</span> <span class="o">=</span> <span class="s2">".jpg"</span><span class="p">;</span>
<span class="p">}</span>
<span class="nv">$picUrl</span> <span class="o">=</span> <span class="nb">str_replace</span><span class="p">(</span><span class="s2">"&amp;"</span><span class="p">,</span><span class="s2">"&"</span><span class="p">,</span><span class="nv">$image</span><span class="o">-></span><span class="na">source</span><span class="o">-></span><span class="na">url</span><span class="p">);</span>
<span class="nv">$data</span> <span class="o">=</span> <span class="nb">file_get_contents</span><span class="p">(</span><span class="nv">$picUrl</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="nb">strlen</span><span class="p">(</span><span class="nv">$data</span><span class="p">)</span> <span class="o">></span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span>
<span class="nv">$file</span> <span class="o">=</span> <span class="nb">fopen</span><span class="p">(</span><span class="nv">$path</span><span class="o">.</span><span class="nv">$k</span><span class="o">++.</span><span class="nv">$ext</span><span class="p">,</span> <span class="s2">"w+"</span><span class="p">);</span>
<span class="nb">fputs</span><span class="p">(</span><span class="nv">$file</span><span class="p">,</span> <span class="nv">$data</span><span class="p">);</span>
<span class="nb">fclose</span><span class="p">(</span><span class="nv">$file</span><span class="p">);</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
<p>unde $path este locatia unde se salveaza imaginile descarcate.</p>
<p>Pentru rulare am facut fisierul executabil si il rulez prin cron. Sterg cele anterioare pentru ca ordinea imaginilor se schimba</p>
<div class="highlight"><pre><span></span><span class="go">0 * * * * cristi /bin/rm -f /home/cristi/Pictures/reddit/*.*; /usr/local/bin/reddit_wall >/dev/null 2>&1</span>
</pre></div>
Sugestii, tutoriale - ian 20172017-02-14T00:00:00+02:002017-02-14T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2017-02-14:/sugestii-tutoriale-01-2017.html<p>Git Stats — Cool Visualisations For Local Git Statistics With Contribution Calendars <a class="reference external" href="https://t.co/jDIZHTlaLG">https://t.co/jDIZHTlaLG</a></p>
<p>ElasticSearch with Django the easy way <a class="reference external" href="https://t.co/WEGfc4Qtst">https://t.co/WEGfc4Qtst</a></p>
<p>Build a Node.js API in Under 30 Minutes <a class="reference external" href="https://t.co/yCSyZSECn3">https://t.co/yCSyZSECn3</a></p>
<p>How to setup MariaDB SSL and secure connections from clients <a class="reference external" href="https://t.co/Etk96JjY9F">https://t …</a></p><p>Git Stats — Cool Visualisations For Local Git Statistics With Contribution Calendars <a class="reference external" href="https://t.co/jDIZHTlaLG">https://t.co/jDIZHTlaLG</a></p>
<p>ElasticSearch with Django the easy way <a class="reference external" href="https://t.co/WEGfc4Qtst">https://t.co/WEGfc4Qtst</a></p>
<p>Build a Node.js API in Under 30 Minutes <a class="reference external" href="https://t.co/yCSyZSECn3">https://t.co/yCSyZSECn3</a></p>
<p>How to setup MariaDB SSL and secure connections from clients <a class="reference external" href="https://t.co/Etk96JjY9F">https://t.co/Etk96JjY9F</a></p>
<p>How to add two-factor authentication to Linux with Google Authenticator <a class="reference external" href="https://t.co/h5J6M9wXtZ">https://t.co/h5J6M9wXtZ</a></p>
<p>302 Found <a class="reference external" href="https://t.co/UU5Ggxut2h">https://t.co/UU5Ggxut2h</a></p>
<p>How I stay up-to-date as a Developer <a class="reference external" href="https://t.co/jb9YsZluRq">https://t.co/jb9YsZluRq</a></p>
<p>From Zero to Front-end Hero (Part 1) <a class="reference external" href="https://t.co/umQB5lD4ZE">https://t.co/umQB5lD4ZE</a></p>
<p>10 things I learned making the fastest site in the world <a class="reference external" href="https://t.co/uaIAWtHrnB">https://t.co/uaIAWtHrnB</a></p>
<p>open-guides/og-aws: 📙 Amazon Web Services — a practical guide <a class="reference external" href="https://t.co/2N7QyKdtTO">https://t.co/2N7QyKdtTO</a></p>
<p>A curated list of amazingly awesome open source sysadmin resources <a class="reference external" href="https://t.co/BFZ0nKuDka">https://t.co/BFZ0nKuDka</a></p>
<p>Monitoring of a Ceph Cluster with Ceph-dash on CentOS 7 <a class="reference external" href="https://t.co/tl0S5JDn21">https://t.co/tl0S5JDn21</a></p>
<p>Re-Introducing Jenkins: Automated Testing with Pipelines <a class="reference external" href="https://t.co/mFMEkhtObJ">https://t.co/mFMEkhtObJ</a></p>
<p>How to Setup Nginx as loadbalancer for Apache or Tomcat for HTTP/HTTPS <a class="reference external" href="https://t.co/2O4S8VaSdA">https://t.co/2O4S8VaSdA</a></p>
<p>Top 10 PHP Security Tips <a class="reference external" href="https://t.co/pBtg3XEb65">https://t.co/pBtg3XEb65</a></p>
<p>The Ultimate List of Best Websites to Learn Coding <a class="reference external" href="https://t.co/xIsZP4ZAFA">https://t.co/xIsZP4ZAFA</a></p>
<p>Top 10 Django Projects Started in 2016 — End of Year Review <a class="reference external" href="https://t.co/gOecu3WIOB">https://t.co/gOecu3WIOB</a></p>
<p>10 Linux System Administrators New Year’s Resolutions (2017) <a class="reference external" href="https://t.co/Q2jSY93NxQ">https://t.co/Q2jSY93NxQ</a></p>
<p>Blue Ocean <a class="reference external" href="https://t.co/WdyBjirtjn">https://t.co/WdyBjirtjn</a></p>
Sugestii, tutoriale - dec 20162016-12-24T00:00:00+02:002016-12-24T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2016-12-24:/sugestii-tutoriale-12-2016.html<p>A map of the internet in 1973. Yes, all of it. <a class="reference external" href="https://t.co/69OSYHat7c">https://t.co/69OSYHat7c</a></p>
<p>Top 50 Free Icon Sets for Web Designers from 2016 <a class="reference external" href="https://t.co/f3Gc6XBsqS">https://t.co/f3Gc6XBsqS</a></p>
<p>Top 50 CSS Libraries, Frameworks and Tools from 2016 <a class="reference external" href="https://t.co/4fhJqBOIa9">https://t.co/4fhJqBOIa9</a></p>
<p>Sending PHP Event Messages to Remote Logstash on …</p><p>A map of the internet in 1973. Yes, all of it. <a class="reference external" href="https://t.co/69OSYHat7c">https://t.co/69OSYHat7c</a></p>
<p>Top 50 Free Icon Sets for Web Designers from 2016 <a class="reference external" href="https://t.co/f3Gc6XBsqS">https://t.co/f3Gc6XBsqS</a></p>
<p>Top 50 CSS Libraries, Frameworks and Tools from 2016 <a class="reference external" href="https://t.co/4fhJqBOIa9">https://t.co/4fhJqBOIa9</a></p>
<p>Sending PHP Event Messages to Remote Logstash on Windows <a class="reference external" href="https://t.co/VYday8dfiC">https://t.co/VYday8dfiC</a></p>
<p>How to setup rsyslog for Centralized Log Management <a class="reference external" href="https://t.co/8K15lAdNOR">https://t.co/8K15lAdNOR</a></p>
<p>Git Behind the Curtain: What Happens When You Commit, Branch, and Merge <a class="reference external" href="https://t.co/u5f9opltcF">https://t.co/u5f9opltcF</a></p>
<p>Can Frameworks lead to tribalism among developers - Laravel News <a class="reference external" href="https://t.co/ZDPe85femB">https://t.co/ZDPe85femB</a></p>
<p>15 Best Hacking Movies That You Should Watch Right Now <a class="reference external" href="https://t.co/vse5nVMvls">https://t.co/vse5nVMvls</a></p>
<p>Collection Of 51 Free eBooks On Python Programming <a class="reference external" href="https://t.co/VWjp7BQi5m">https://t.co/VWjp7BQi5m</a></p>
<p>Visualize The Best Python Books <a class="reference external" href="https://t.co/xepBqldnA6">https://t.co/xepBqldnA6</a></p>
<p>TDD in Python <a class="reference external" href="https://t.co/l5bAeXjS3S">https://t.co/l5bAeXjS3S</a></p>
<p>Python: Kwargs and Args <a class="reference external" href="https://t.co/6VB9Mx6Bg6">https://t.co/6VB9Mx6Bg6</a></p>
<p>Sabayon 16.11 is out. Try it. <a class="reference external" href="https://t.co/AvgZQlReeh">https://t.co/AvgZQlReeh</a></p>
<p>Jenkins Security: DevOps Library Jenkins <a class="reference external" href="https://t.co/npw1m9psoy">https://t.co/npw1m9psoy</a></p>
<p>Why Good Linux Sysadmins Use Markdown <a class="reference external" href="https://t.co/JWGkaSWzLb">https://t.co/JWGkaSWzLb</a></p>
Django2016-11-05T00:00:00+02:002016-11-05T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2016-11-05:/django.html<p>Carti interesante legate de Django:</p>
<p>Django book: <a class="reference external" href="http://djangobook.com/">http://djangobook.com/</a></p>
<p>Django oficial: <a class="reference external" href="https://docs.djangoproject.com/">https://docs.djangoproject.com/</a></p>
<p>Django REST framework: <a class="reference external" href="http://www.django-rest-framework.org/#quickstart">http://www.django-rest-framework.org/#quickstart</a></p>
<p>Test-Driven Development with Python: <a class="reference external" href="http://www.obeythetestinggoat.com/book/praise.harry.html">http://www.obeythetestinggoat.com/book/praise.harry.html</a></p>
<p>Utile:</p>
<p>Lista de librarii pentru Django <a class="reference external" href="https://github.com/rosarior/awesome-django">https://github.com/rosarior/awesome-django</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https …</a></p><p>Carti interesante legate de Django:</p>
<p>Django book: <a class="reference external" href="http://djangobook.com/">http://djangobook.com/</a></p>
<p>Django oficial: <a class="reference external" href="https://docs.djangoproject.com/">https://docs.djangoproject.com/</a></p>
<p>Django REST framework: <a class="reference external" href="http://www.django-rest-framework.org/#quickstart">http://www.django-rest-framework.org/#quickstart</a></p>
<p>Test-Driven Development with Python: <a class="reference external" href="http://www.obeythetestinggoat.com/book/praise.harry.html">http://www.obeythetestinggoat.com/book/praise.harry.html</a></p>
<p>Utile:</p>
<p>Lista de librarii pentru Django <a class="reference external" href="https://github.com/rosarior/awesome-django">https://github.com/rosarior/awesome-django</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https://djangopackages.org/</a></p>
Tutoriale Django2016-10-30T00:00:00+03:002016-10-30T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-10-30:/tutoriale-django.html<p><a class="reference external" href="https://www.djangoproject.com/">Django</a> este un puternic framework in python ce ascunde o multime de functionalitati sub capota sau foarte usor de adaugat.</p>
<p>Dezvoltarea de aplicatii in python si in Django in special pare mai putin promovata pe la noi dar prin alte parti are o mare raspandire cu aplicatii pana in domeniul …</p><p><a class="reference external" href="https://www.djangoproject.com/">Django</a> este un puternic framework in python ce ascunde o multime de functionalitati sub capota sau foarte usor de adaugat.</p>
<p>Dezvoltarea de aplicatii in python si in Django in special pare mai putin promovata pe la noi dar prin alte parti are o mare raspandire cu aplicatii pana in domeniul bancar.</p>
<p>Mai jos gasiti cateva tutoriale video pe care le recomand a le parcurge dupa ce parcurgeti documentatia <a class="reference external" href="https://docs.djangoproject.com/">oficiala</a></p>
<p>Django 1.8 - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzRcd-q4vR5qAgOZUuz8041S">https://www.youtube.com/playlist?list=PLEsfXFp6DpzRcd-q4vR5qAgOZUuz8041S</a></p>
<p>Django 1.9 - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzQFqfCur9CJ4QnKQTVXUsRy">https://www.youtube.com/playlist?list=PLEsfXFp6DpzQFqfCur9CJ4QnKQTVXUsRy</a></p>
<p>Django 1.10 - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzQSEMN5PXvEWuD2gEWVngCZ">https://www.youtube.com/playlist?list=PLEsfXFp6DpzQSEMN5PXvEWuD2gEWVngCZ</a></p>
<p>Django API - <a class="reference external" href="https://www.youtube.com/playlist?list=PLEsfXFp6DpzTOcOVdZF-th7BS_GYGguAS">https://www.youtube.com/playlist?list=PLEsfXFp6DpzTOcOVdZF-th7BS_GYGguAS</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https://djangopackages.org/</a></p>
<p>Django Book - <a class="reference external" href="http://djangobook.com/">http://djangobook.com/</a></p>
<p>How to Install Django with PostgreSQL and Nginx on Ubuntu 16.04 <a class="reference external" href="https://t.co/2dQRrTYQsK">https://t.co/2dQRrTYQsK</a></p>
Sugestii, tutoriale - sept 20162016-10-08T00:00:00+03:002016-10-08T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-10-08:/sugestii-tutoriale-09-2016.html<p>25 Free Web-Based Apps &amp; Tools For Working With CSS <a class="reference external" href="https://t.co/lTdCdkNF9v">https://t.co/lTdCdkNF9v</a></p>
<p>Interactive emails make websites useless <a class="reference external" href="https://t.co/su7pfjHpCX">https://t.co/su7pfjHpCX</a></p>
<p>How to install and use KDEConnect on Ubuntu 16.04LTS <a class="reference external" href="https://t.co/CkJ4Mhj4ns">https://t.co/CkJ4Mhj4ns</a></p>
<p>Fighting Recruiter Spam with PHP - Proof of Concept <a class="reference external" href="https://t.co/d8ur5tc4fe">https://t.co/d8ur5tc4fe</a></p>
<p>Upgrade …</p><p>25 Free Web-Based Apps &amp; Tools For Working With CSS <a class="reference external" href="https://t.co/lTdCdkNF9v">https://t.co/lTdCdkNF9v</a></p>
<p>Interactive emails make websites useless <a class="reference external" href="https://t.co/su7pfjHpCX">https://t.co/su7pfjHpCX</a></p>
<p>How to install and use KDEConnect on Ubuntu 16.04LTS <a class="reference external" href="https://t.co/CkJ4Mhj4ns">https://t.co/CkJ4Mhj4ns</a></p>
<p>Fighting Recruiter Spam with PHP - Proof of Concept <a class="reference external" href="https://t.co/d8ur5tc4fe">https://t.co/d8ur5tc4fe</a></p>
<p>Upgrade your SSH keys! <a class="reference external" href="https://t.co/RElxckHOMn">https://t.co/RElxckHOMn</a></p>
<p>How to Protect Your Website Against SQL Injection Attacks <a class="reference external" href="https://t.co/JHIfVdVMUB">https://t.co/JHIfVdVMUB</a></p>
<p>15 Best Useful Free Linux Ebooks in PDF For Newbies by Pro Hacker <a class="reference external" href="https://t.co/a6eG7Y5YYb">https://t.co/a6eG7Y5YYb</a></p>
<p>How to Build a Semi-Circle Donut Chart With CSS <a class="reference external" href="https://t.co/DKDdr2ytK1">https://t.co/DKDdr2ytK1</a></p>
<p>50 Free UI Kits, Templates, Icons, Mockups &amp; Fonts for Web Designers for August 2016 <a class="reference external" href="https://t.co/RiUvgNEsXX">https://t.co/RiUvgNEsXX</a></p>
<p>11 Sites to Help You Find Material Design Inspiration <a class="reference external" href="https://t.co/RKEqlu8XUM">https://t.co/RKEqlu8XUM</a></p>
<p>The Headless Web <a class="reference external" href="https://t.co/fynLSXT1fu">https://t.co/fynLSXT1fu</a></p>
<p>How Netflix does A/B Testing <a class="reference external" href="https://t.co/1SkNQtIRuK">https://t.co/1SkNQtIRuK</a></p>
<p>OpenSSH 7.3 Officially Released, Now Refuses RSA Keys Smaller than 1024 Bits <a class="reference external" href="https://t.co/uEucmfpnlA">https://t.co/uEucmfpnlA</a></p>
<p>Lessons from building mobile-friendly, accessible data tables — Shopify UX — Medium <a class="reference external" href="https://t.co/FdyQTKn5C5">https://t.co/FdyQTKn5C5</a></p>
<p>Troy Hunt: I wanna go fast: HTTPS' massive speed advantage <a class="reference external" href="https://t.co/DZ8s7tlL0D">https://t.co/DZ8s7tlL0D</a></p>
Sugestii, tutoriale - iul 20162016-08-04T00:00:00+03:002016-08-04T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-08-04:/sugestii-tutoriale-07-2016.html<p>Storing large binary files in git repositories | Linuxaria <a class="reference external" href="https://t.co/MMM5MtCifx">https://t.co/MMM5MtCifx</a></p>
<p>Uzbl - web interface tools which adhere to the unix philosophy. <a class="reference external" href="https://t.co/sbSviZiP35">https://t.co/sbSviZiP35</a></p>
<p>Troubleshoot Nginx: 10 typical errors - Server Density Blog <a class="reference external" href="https://t.co/2kOz4v9iNh">https://t.co/2kOz4v9iNh</a></p>
<p>Ten sources of free big data on Internet <a class="reference external" href="https://t.co/Lgs0kKzEc1">https://t.co/Lgs0kKzEc1 …</a></p><p>Storing large binary files in git repositories | Linuxaria <a class="reference external" href="https://t.co/MMM5MtCifx">https://t.co/MMM5MtCifx</a></p>
<p>Uzbl - web interface tools which adhere to the unix philosophy. <a class="reference external" href="https://t.co/sbSviZiP35">https://t.co/sbSviZiP35</a></p>
<p>Troubleshoot Nginx: 10 typical errors - Server Density Blog <a class="reference external" href="https://t.co/2kOz4v9iNh">https://t.co/2kOz4v9iNh</a></p>
<p>Ten sources of free big data on Internet <a class="reference external" href="https://t.co/Lgs0kKzEc1">https://t.co/Lgs0kKzEc1</a></p>
<p>Top 10 Best Free Hacking Tools Of 2016 For Windows and Linux <a class="reference external" href="https://t.co/LmPaB8lIgA">https://t.co/LmPaB8lIgA</a></p>
Sugestii, tutoriale - iunie 20162016-07-03T00:00:00+03:002016-07-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-07-03:/sugestii-tutoriale-06-2016.html<p>Jenkins Material Theme <a class="reference external" href="https://t.co/qId2YH2og4">https://t.co/qId2YH2og4</a></p>
<p>HTTP/2 will make the Internet faster. So why the slow adoption? <a class="reference external" href="https://t.co/KopQSgZBYk">https://t.co/KopQSgZBYk</a></p>
<p>Troubleshoot Nginx: 10 typical errors - Server Density Blog <a class="reference external" href="https://t.co/2kOz4v9iNh">https://t.co/2kOz4v9iNh</a></p>
<p>Ten sources of free big data on Internet <a class="reference external" href="https://t.co/Lgs0kKzEc1">https://t.co/Lgs0kKzEc1</a></p>
<p>Top 10 Best …</p><p>Jenkins Material Theme <a class="reference external" href="https://t.co/qId2YH2og4">https://t.co/qId2YH2og4</a></p>
<p>HTTP/2 will make the Internet faster. So why the slow adoption? <a class="reference external" href="https://t.co/KopQSgZBYk">https://t.co/KopQSgZBYk</a></p>
<p>Troubleshoot Nginx: 10 typical errors - Server Density Blog <a class="reference external" href="https://t.co/2kOz4v9iNh">https://t.co/2kOz4v9iNh</a></p>
<p>Ten sources of free big data on Internet <a class="reference external" href="https://t.co/Lgs0kKzEc1">https://t.co/Lgs0kKzEc1</a></p>
<p>Top 10 Best Free Hacking Tools Of 2016 For Windows and Linux <a class="reference external" href="https://t.co/LmPaB8lIgA">https://t.co/LmPaB8lIgA</a></p>
Sugestii, tutoriale - mai 20162016-06-03T00:00:00+03:002016-06-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-06-03:/sugestii-tutoriale-05-2016.html<p>Splitting a Monolithic Application Into Services <a class="reference external" href="https://t.co/sDp2gAw0FA">https://t.co/sDp2gAw0FA</a></p>
<p>2 unit tests. 0 integration tests <a class="reference external" href="https://t.co/V2Z9F4G1sJ">https://t.co/V2Z9F4G1sJ</a></p>
<p>Good and Bad CSS Practices for Beginners <a class="reference external" href="https://t.co/Ael8lhQpQX">https://t.co/Ael8lhQpQX</a></p>
<p>8 Super Common Mistakes That Beginner Designers Make <a class="reference external" href="https://t.co/DezYzBNean">https://t.co/DezYzBNean</a></p>
<p>The Ultimate WordPress Development Environment <a class="reference external" href="https://t.co/sFCjNbgTM9">https://t …</a></p><p>Splitting a Monolithic Application Into Services <a class="reference external" href="https://t.co/sDp2gAw0FA">https://t.co/sDp2gAw0FA</a></p>
<p>2 unit tests. 0 integration tests <a class="reference external" href="https://t.co/V2Z9F4G1sJ">https://t.co/V2Z9F4G1sJ</a></p>
<p>Good and Bad CSS Practices for Beginners <a class="reference external" href="https://t.co/Ael8lhQpQX">https://t.co/Ael8lhQpQX</a></p>
<p>8 Super Common Mistakes That Beginner Designers Make <a class="reference external" href="https://t.co/DezYzBNean">https://t.co/DezYzBNean</a></p>
<p>The Ultimate WordPress Development Environment <a class="reference external" href="https://t.co/sFCjNbgTM9">https://t.co/sFCjNbgTM9</a></p>
<p>Introducing DGit by Patrick Reynolds <a class="reference external" href="https://t.co/gqxJJO34jU">https://t.co/gqxJJO34jU</a></p>
<p>Password Management in Linux by using chage <a class="reference external" href="https://t.co/Tjs8dBg89L">https://t.co/Tjs8dBg89L</a></p>
<p>How to Set Up 2-Factor Authentication for Login and sudo <a class="reference external" href="https://t.co/toF5hzbtDf">https://t.co/toF5hzbtDf</a></p>
<p>HAproxy: mapping process to CPU core for maximum... <a class="reference external" href="https://t.co/uiPfNMNrwa">https://t.co/uiPfNMNrwa</a></p>
<p>Ansible as Automation Glue <a class="reference external" href="https://t.co/D8ngMUkkpD">https://t.co/D8ngMUkkpD</a></p>
<p>Growing up with MySQL <a class="reference external" href="https://t.co/9IW5R95znZ">https://t.co/9IW5R95znZ</a></p>
<p>Why aren’t we using SSH for everything? <a class="reference external" href="https://t.co/mayPYunMdF">https://t.co/mayPYunMdF</a></p>
<p>How can I create an SPF record for my domain? <a class="reference external" href="https://t.co/5ooKdXIBj8">https://t.co/5ooKdXIBj8</a></p>
<p>Automate All the Things With Ansible: Part One <a class="reference external" href="https://t.co/zckcrg6LHt">https://t.co/zckcrg6LHt</a></p>
<p>How To Secure HAProxy with Let's Encrypt on Ubuntu 14.04 <a class="reference external" href="https://t.co/sKWCZ3uA78">https://t.co/sKWCZ3uA78</a></p>
<p>IPTABLES VS FIREWALLD - <a class="reference external" href="https://t.co/LrSlKsb3OZ">https://t.co/LrSlKsb3OZ</a></p>
<p>Chart.js | Open source HTML5 Charts for your website <a class="reference external" href="https://t.co/kzWorLlo1D">https://t.co/kzWorLlo1D</a></p>
<p>An Ultimate Guide To CSS Pseudo-Classes And Pseudo-Elements <a class="reference external" href="https://t.co/Vw7z6NmGEP">https://t.co/Vw7z6NmGEP</a></p>
<p>PHP-PM grows up to be a credible option for high performance PHP <a class="reference external" href="https://t.co/xUokcBJ6Qq">https://t.co/xUokcBJ6Qq</a></p>
<p>How to run your Symfony application on Ubuntu Xenial <a class="reference external" href="https://t.co/fyCqukWxOP">https://t.co/fyCqukWxOP</a></p>
<p>How to Use JSON Data Fields in MySQL Databases <a class="reference external" href="https://t.co/1DP6DiCXJz">https://t.co/1DP6DiCXJz</a></p>
<p>Web Usability: A Complete List of UX/UI Best Practices <a class="reference external" href="https://t.co/dc9rLXGvA1">https://t.co/dc9rLXGvA1</a></p>
Tutoriale Python2016-05-27T00:00:00+03:002016-05-27T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-05-27:/tutoriale-python.html<p>Lista de tutoriale <a class="reference external" href="http://noeticforce.com/best-free-tutorials-to-learn-python-pdfs-ebooks-online-interactive">http://noeticforce.com/best-free-tutorials-to-learn-python-pdfs-ebooks-online-interactive</a>></p>
<p>Lista de librarii API <a class="reference external" href="https://github.com/ardydedase/list-of-python-api-wrappers">https://github.com/ardydedase/list-of-python-api-wrappers</a></p>
<p>Lista de framework-uri, librarii si software <a class="reference external" href="https://github.com/vinta/awesome-python">https://github.com/vinta/awesome-python</a></p>
<p>Lista de librarii pentru Flask <a class="reference external" href="https://github.com/humiaozuzu/awesome-flask">https://github.com/humiaozuzu/awesome-flask</a></p>
<p>Lista de librarii pentru Django <a class="reference external" href="https://github.com/rosarior/awesome-django">https://github.com/rosarior/awesome-django</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https …</a></p><p>Lista de tutoriale <a class="reference external" href="http://noeticforce.com/best-free-tutorials-to-learn-python-pdfs-ebooks-online-interactive">http://noeticforce.com/best-free-tutorials-to-learn-python-pdfs-ebooks-online-interactive</a>></p>
<p>Lista de librarii API <a class="reference external" href="https://github.com/ardydedase/list-of-python-api-wrappers">https://github.com/ardydedase/list-of-python-api-wrappers</a></p>
<p>Lista de framework-uri, librarii si software <a class="reference external" href="https://github.com/vinta/awesome-python">https://github.com/vinta/awesome-python</a></p>
<p>Lista de librarii pentru Flask <a class="reference external" href="https://github.com/humiaozuzu/awesome-flask">https://github.com/humiaozuzu/awesome-flask</a></p>
<p>Lista de librarii pentru Django <a class="reference external" href="https://github.com/rosarior/awesome-django">https://github.com/rosarior/awesome-django</a></p>
<p>Django packages <a class="reference external" href="https://djangopackages.org/">https://djangopackages.org/</a></p>
Sugestii, tutoriale - apr 20162016-05-15T00:00:00+03:002016-05-15T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-05-15:/sugestii-tutoriale-04-2016.html<p>Exotic PHP implementations: HippyVM, JPHP, Tagua VM, Peachpie <a class="reference external" href="https://t.co/5E3W7FXwRO">https://t.co/5E3W7FXwRO</a></p>
<p>Lessons from Building a Node App in Docker <a class="reference external" href="https://t.co/FWTF9FYVC6">https://t.co/FWTF9FYVC6</a></p>
<p>Top 10 Websites that will Teach you Coding/Programming for Free <a class="reference external" href="https://t.co/ONFkBO9fG2">https://t.co/ONFkBO9fG2</a></p>
<p>Kogaion Linux Alpha3 available <a class="reference external" href="https://t.co/x3vqo9BT3i">https://t.co/x3vqo9BT3i</a></p>
<p>17 Useful PHP …</p><p>Exotic PHP implementations: HippyVM, JPHP, Tagua VM, Peachpie <a class="reference external" href="https://t.co/5E3W7FXwRO">https://t.co/5E3W7FXwRO</a></p>
<p>Lessons from Building a Node App in Docker <a class="reference external" href="https://t.co/FWTF9FYVC6">https://t.co/FWTF9FYVC6</a></p>
<p>Top 10 Websites that will Teach you Coding/Programming for Free <a class="reference external" href="https://t.co/ONFkBO9fG2">https://t.co/ONFkBO9fG2</a></p>
<p>Kogaion Linux Alpha3 available <a class="reference external" href="https://t.co/x3vqo9BT3i">https://t.co/x3vqo9BT3i</a></p>
<p>17 Useful PHP Testing, Debugging and Optimization Tools <a class="reference external" href="https://t.co/dM8VgWLF3F">https://t.co/dM8VgWLF3F</a></p>
<p>Monitoring Processes with Supervisord - <a class="reference external" href="https://t.co/hjU4Y1DzYH">https://t.co/hjU4Y1DzYH</a></p>
<p>PHP 7.0 (and 5.6) on Ubuntu <a class="reference external" href="https://t.co/EdRmVsU2Ex">https://t.co/EdRmVsU2Ex</a></p>
<p>A Programmer Makes Interactive Bootstrap Cheatsheet <a class="reference external" href="https://t.co/ObFCaSicZB">https://t.co/ObFCaSicZB</a></p>
<p>Using Selenium with PHPUnit <a class="reference external" href="https://t.co/GtREYc5eiF">https://t.co/GtREYc5eiF</a></p>
<p>Continuous integration with Jenkins - Tutorial <a class="reference external" href="https://t.co/yyHqXEGWRk">https://t.co/yyHqXEGWRk</a></p>
<p>Setup &amp; Configure Jenkins for Your Team | Codementor <a class="reference external" href="https://t.co/Y2bxFU5z3d">https://t.co/Y2bxFU5z3d</a></p>
<p>Jenkins CCJPE Certification Course <a class="reference external" href="https://t.co/fVZmjClCXT">https://t.co/fVZmjClCXT</a></p>
<p>Preserving Coding Standards: 5 Tools to Get You Started <a class="reference external" href="https://t.co/Fg334DZfFC">https://t.co/Fg334DZfFC</a></p>
<p>Large scale image processing on the fly in 25ms with Google's first Netw... <a class="reference external" href="https://t.co/vTCWE3r6NP">https://t.co/vTCWE3r6NP</a></p>
<p>ttystudio - Record the Terminal session in GIF | Unixmen <a class="reference external" href="https://t.co/CJihekVeZf">https://t.co/CJihekVeZf</a></p>
<p>How to Install, Create and Manage LXC (Linux Containers) in RHEL/CentOS 7 <a class="reference external" href="https://t.co/lK0a0YaQwP">https://t.co/lK0a0YaQwP</a></p>
<p>How to Use Awk and Regular Expressions to Filter Text or String in Files <a class="reference external" href="https://t.co/N2bvKYHb4N">https://t.co/N2bvKYHb4N</a></p>
<p>A Simple Web Developer's Guide To Color – Smashing Magazine <a class="reference external" href="https://t.co/5fzt7x6yhb">https://t.co/5fzt7x6yhb</a></p>
<p>6 jQuery Infinite Scrolling Demos <a class="reference external" href="https://t.co/asrf6feKez">https://t.co/asrf6feKez</a></p>
<p>Easy Deployment of PHP Applications with Deployer <a class="reference external" href="https://t.co/Cs2OU2C4cK">https://t.co/Cs2OU2C4cK</a></p>
<p>Buidling a database driven RESTFUL JSON API with Flask.. <a class="reference external" href="https://t.co/0ZdX7eZYji">https://t.co/0ZdX7eZYji</a></p>
<p>Passwordless encryption of the Linux root partition on Debian 8 with an USB key <a class="reference external" href="https://t.co/ZOmtMc3CI2">https://t.co/ZOmtMc3CI2</a></p>
Sugestii, tutoriale - mar 20162016-04-03T00:00:00+03:002016-04-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2016-04-03:/sugestii-tutoriale-03-2016.html<p>Assembling a CI Service for a Django project on Jenkins <a class="reference external" href="https://t.co/fokwh0IYaD">https://t.co/fokwh0IYaD</a></p>
<p>Setting up Jenkins to run headless Selenium tests in Docker containers <a class="reference external" href="https://t.co/pabAiGexGb">https://t.co/pabAiGexGb</a></p>
<p>Beautify your Jenkins with the Material Design theme! <a class="reference external" href="https://t.co/pOp4Bbx6t6">https://t.co/pOp4Bbx6t6</a></p>
<p>Docker Goes Native for Windows and Mac <a class="reference external" href="https://t.co/uCGcprO4Df">https://t …</a></p><p>Assembling a CI Service for a Django project on Jenkins <a class="reference external" href="https://t.co/fokwh0IYaD">https://t.co/fokwh0IYaD</a></p>
<p>Setting up Jenkins to run headless Selenium tests in Docker containers <a class="reference external" href="https://t.co/pabAiGexGb">https://t.co/pabAiGexGb</a></p>
<p>Beautify your Jenkins with the Material Design theme! <a class="reference external" href="https://t.co/pOp4Bbx6t6">https://t.co/pOp4Bbx6t6</a></p>
<p>Docker Goes Native for Windows and Mac <a class="reference external" href="https://t.co/uCGcprO4Df">https://t.co/uCGcprO4Df</a></p>
<p>mayankchd/movie: A CLI for getting information about movies and comparing two movies <a class="reference external" href="https://t.co/bcf61IIQZS">https://t.co/bcf61IIQZS</a></p>
<p>Pure Storage Brings Petabyte Scale To All Flash <a class="reference external" href="https://t.co/4vL3Bxw7d7">https://t.co/4vL3Bxw7d7</a></p>
<p>Visualizing Apache Log Data… with Minecraft! <a class="reference external" href="https://t.co/GmNU7LViGf">https://t.co/GmNU7LViGf</a></p>
<p>The PHP-FIG: Past, Present &amp; Future <a class="reference external" href="https://t.co/qKyiaPfxKo">https://t.co/qKyiaPfxKo</a></p>
<p>Free WordPress Themes for Small Businesses <a class="reference external" href="https://t.co/Dz0ra2HBpy">https://t.co/Dz0ra2HBpy</a></p>
<p>Install Multiple Versions of Node.js using nvm <a class="reference external" href="https://t.co/3hMCuWE69L">https://t.co/3hMCuWE69L</a></p>
<p>Million Container Challenge (C1M) <a class="reference external" href="https://t.co/YvSOgv2F0S">https://t.co/YvSOgv2F0S</a></p>
<p>List of Python API Wrappers <a class="reference external" href="https://t.co/VjW67Hb5v6">https://t.co/VjW67Hb5v6</a></p>
<p>#brandcolors <a class="reference external" href="https://t.co/Y2BJIMNQ2H">https://t.co/Y2BJIMNQ2H</a></p>
<p>Getting Ready For HTTP/2: A Guide For Web Designers And Developers <a class="reference external" href="https://t.co/By0gtKHkme">https://t.co/By0gtKHkme</a></p>
<p>3 More Joins You Should Be Familiar With <a class="reference external" href="https://t.co/clerFQqQRs">https://t.co/clerFQqQRs</a></p>
<p>Microcontainers <a class="reference external" href="https://t.co/wawurPWXTD">https://t.co/wawurPWXTD</a></p>
Sugestii, tutoriale - ian 20162016-02-14T00:00:00+02:002016-02-14T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2016-02-14:/sugestii-tutoriale-01-2016.html<p>How to Restrict SFTP Users to Home Directories Using chroot Jail <a class="reference external" href="https://t.co/NaygMNCJxG">https://t.co/NaygMNCJxG</a></p>
<p>Integrate Xdebug with netbeans <a class="reference external" href="https://t.co/JUuU68tcsm">https://t.co/JUuU68tcsm</a></p>
<p>An in-Depth Walkthrough of Supercharging Apps with Blackfire <a class="reference external" href="https://t.co/ShgSVjzFns">https://t.co/ShgSVjzFns</a></p>
<p>Appserver.io - Next-generation infrastructure <a class="reference external" href="http://appserver.io/">appserver.io</a></p>
Integrare Xdebug cu Netbeans2016-01-16T00:00:00+02:002016-01-16T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2016-01-16:/integrare-xdebug-cu-netbeans.html<p>Ca dezvoltatori de proiecte web/php de multe ori suntem nevoiti sa cautam problemele din codul scris. Cea mai uzuala metoda este adaugarea de clasicelor linii:</p>
<div class="highlight"><pre><span></span><span class="go">print_r($variable);</span>
<span class="go">var_dump($variable);</span>
<span class="go">die('here I am');</span>
</pre></div>
<p>O metoda mai eficienta insa este utilizarea extensiei <a class="reference external" href="http://xdebug.org">Xdebug</a> ce permite afisarea multor informatii utile.</p>
<p>Instalarea …</p><p>Ca dezvoltatori de proiecte web/php de multe ori suntem nevoiti sa cautam problemele din codul scris. Cea mai uzuala metoda este adaugarea de clasicelor linii:</p>
<div class="highlight"><pre><span></span><span class="go">print_r($variable);</span>
<span class="go">var_dump($variable);</span>
<span class="go">die('here I am');</span>
</pre></div>
<p>O metoda mai eficienta insa este utilizarea extensiei <a class="reference external" href="http://xdebug.org">Xdebug</a> ce permite afisarea multor informatii utile.</p>
<p>Instalarea se poate face prin pachete precompilate ori via PECL. Cum instalam pe Ubuntu:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>apt<span class="w"> </span>install<span class="w"> </span>php5-xdebug
</pre></div>
<p>Completam in fiserul <strong>/etc/php5/mods-available/xdebug.ini</strong> cu umatoarele setari principale:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span>
<span class="normal">8</span>
<span class="normal">9</span></pre></div></td><td class="code"><div><pre><span></span><span class="go">zend_extension=xdebug.so</span>
<span class="go">xdebug.remote_enable="1"</span>
<span class="go">xdebug.remote_handler="dbgp"</span>
<span class="go">xdebug.remote_host="localhost"</span>
<span class="go">xdebug.remote_mode="req"</span>
<span class="go">xdebug.remote_port="9000"</span>
<span class="go">xdebug.remote_autostart="1"</span>
<span class="go">xdebug.remote_log=""</span>
<span class="go">xdebug.idekey="netbeans-xdebug"</span>
</pre></div></td></tr></table></div>
<p>Pentru alte setari puteti consulta <a class="reference external" href="http://xdebug.org/docs/">documentatia oficiala</a>.</p>
<p>Repornim serverul web</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>service<span class="w"> </span>apache2<span class="w"> </span>restart
</pre></div>
<p>In aplicatia Netbeans verificam sa avem urmatarele setari:</p>
<img alt="" src="/images/xdebug1.png" />
<p><strong>Tip:</strong> verificati ca framework-ul folosit sa permita includerea in url a caracterelor <strong>? & =</strong>.</p>
<p>In cod marcam puncte de oprire unde dorim sa oprim aplicatia si sa facem analiza:</p>
<img alt="" src="/images/xdebug2.png" />
<p>Pornim din bara de unelte aplicatia in mod debug, astfel aplicatia se deschide intr-un nou tab cu link de forma <strong>http://aplicatie/index.php?XDEBUG_SESSION_START=netbeans-xdebug</strong>.</p>
<img alt="" src="/images/xdebug3.png" />
<p><strong>Tip:</strong> recomand instalarea extensiei <strong>NetBeans Connector</strong> in Chrome.</p>
<p>Navigam spre pagina dorita si aplicatia se opreste iar in Netbeans apare o fereastra in care putem vizualiza variabilele folosite in acel punct:</p>
<img alt="" src="/images/xdebug4.png" />
<p>Continuarea rularii aplicatiei, spre urmatorul punct de oprire - daca e cazul - se face din bara de unelte</p>
<img alt="" src="/images/xdebug5.png" />
<p>La final oprim aplicatia din modul debug:</p>
<img alt="" src="/images/xdebug6.png" />
<p>De asemenea Xdebug permite analiza functionarii aplicatiilor din punct de vedere al performantei cu profiler-ul integrat.</p>
An nou - an SSL2016-01-01T00:00:00+02:002016-01-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2016-01-01:/an-nou-an-ssl.html<p class="first last">Generare si implementare certificat Let's Encrypt</p>
<p>Mereu am dorit configurarea serverului meu pe HTTPS, dar am evitat din cauza faptului ca certificate SSL gratuite nu se acordau domeniului meu si nu am dorit investirea in unul oficial. Asta a fost pana a aparut <a class="reference external" href="https://letsencrypt.org/">Let’s Encrypt</a> ce ofera certificate gratuite in mod automat.</p>
<p>Modalitatea de obtinere a certificatului este usoara. Conform documentatiei am urmat pasii:</p>
<ol class="arabic simple">
<li>Am oprit serverul local nginx pentru ca validarea sa se faca mai simplu.</li>
<li>Am clonat repo letsencrypt</li>
</ol>
<div class="highlight"><pre><span></span><span class="go">git clone https://github.com/letsencrypt/letsencrypt</span>
</pre></div>
<ol class="arabic simple" start="3">
<li>Am efectuat o rulare de test</li>
</ol>
<div class="highlight"><pre><span></span><span class="go">cd letsencrypt</span>
<span class="go">./letsencrypt-auto certonly --standalone --test-cert -d cgherman.go.ro</span>
</pre></div>
<p>ce mi-a generat dupa o perioada lunga de timp si compilare o structura de foldere in <strong>/etc/letsencrypt</strong>. Certificatul generat nu era valabil - fiind de test.</p>
<ol class="arabic simple" start="4">
<li>Am refacut procesul</li>
</ol>
<div class="highlight"><pre><span></span><span class="go">./letsencrypt-auto certonly --standalone -d cgherman.go.ro</span>
</pre></div>
<p>ce mi-a generat un nou set de certficate impreuna cu lanturile de incredere de aceasta data un certificat valid <strong>90 de zile</strong> in folderul <strong>/etc/letsencrypt/live/cgherman.go.ro</strong> pe care l-am vizualizat cu comanda</p>
<div class="highlight"><pre><span></span><span class="go">openssl x509 -noout -text -in cert.pem</span>
</pre></div>
<ol class="arabic simple" start="5">
<li>Pentru o mai buna securitate am generat o cheie DHE pe 2048 de biti</li>
</ol>
<div class="highlight"><pre><span></span><span class="go">openssl dhparam -out etc/nginx/ssl/dhparam.pem 2048</span>
</pre></div>
<ol class="arabic simple" start="6">
<li>Am modificat fisierul de configurare a serverului nginx pentru domeniul meu. si am redirectionat pe HTTPS:</li>
</ol>
<div class="highlight"><pre><span></span><span class="go">server {</span>
<span class="go"> listen 443 ssl;</span>
<span class="go"> ssl on;</span>
<span class="go"> root /var/www/cgherman.go.ro;</span>
<span class="go"> index index.html index.htm;</span>
<span class="go"> server_name cgherman.go.ro;</span>
<span class="go"> ssl_certificate /etc/letsencrypt/live/cgherman.go.ro/fullchain.pem;</span>
<span class="go"> ssl_certificate_key /etc/letsencrypt/live/cgherman.go.ro/privkey.pem;</span>
<span class="go"> ssl_protocols TLSv1.1 TLSv1.2;</span>
<span class="go"> ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';</span>
<span class="go"> ssl_prefer_server_ciphers on;</span>
<span class="go"> add_header Strict-Transport-Security max-age=15768000;</span>
<span class="go"> ssl_dhparam /etc/nginx/ssl/dhparam.pem;</span>
<span class="go"> location / {</span>
<span class="go"> try_files $uri $uri/ /index.html;</span>
<span class="go"> }</span>
<span class="go">}</span>
<span class="go">server {</span>
<span class="go"> listen 80 default_server;</span>
<span class="go"> server_name cgherman.go.ro;</span>
<span class="go"> return 301 https://$server_name$request_uri;</span>
<span class="go">}</span>
</pre></div>
<ol class="arabic simple" start="7">
<li>Am repornit serverul si am rulat o testare la <a class="reference external" href="https://www.ssllabs.com/ssltest/">SSL Labs</a> si ooaauu ce am primit:</li>
</ol>
<img alt="" src="/images/ssl.png" />
<p>Regenerarea unui nou certificat se face simplu, prin pasul 4 si un restart al serverului.</p>
Sugestii, tutoriale - nov 20152015-12-03T00:00:00+02:002015-12-03T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-12-03:/sugestii-tutoriale-11-2015.html<p>20 Beautiful &amp; Free Resume Templates for Designers <a class="reference external" href="https://t.co/CC5KH5ejsf">https://t.co/CC5KH5ejsf</a></p>
<p>Why Pre-Built Websites Could be the Next Big Thing <a class="reference external" href="https://t.co/rEYsqAKR54">https://t.co/rEYsqAKR54</a></p>
<p>Top 5 Material Design Frameworks for 2015 <a class="reference external" href="https://t.co/L8bSYM2rhF">https://t.co/L8bSYM2rhF</a></p>
<p>Simplify Command-Line Package Management with APT instead of apt-get <a class="reference external" href="https://t.co/4U1cZW4ZeZ">https://t.co/4U1cZW4ZeZ</a></p>
<p>Lock …</p><p>20 Beautiful &amp; Free Resume Templates for Designers <a class="reference external" href="https://t.co/CC5KH5ejsf">https://t.co/CC5KH5ejsf</a></p>
<p>Why Pre-Built Websites Could be the Next Big Thing <a class="reference external" href="https://t.co/rEYsqAKR54">https://t.co/rEYsqAKR54</a></p>
<p>Top 5 Material Design Frameworks for 2015 <a class="reference external" href="https://t.co/L8bSYM2rhF">https://t.co/L8bSYM2rhF</a></p>
<p>Simplify Command-Line Package Management with APT instead of apt-get <a class="reference external" href="https://t.co/4U1cZW4ZeZ">https://t.co/4U1cZW4ZeZ</a></p>
<p>Lock and unlock your computer with a Pendrive <a class="reference external" href="https://t.co/iZvKCVZuGQ">https://t.co/iZvKCVZuGQ</a></p>
<p>Explore Our Cosmic Neighborhood With This Gorgeous Scientific Calendar <a class="reference external" href="https://t.co/S0eUNaRtH1">https://t.co/S0eUNaRtH1</a></p>
<p>5 Tips to Increase Node.js Application Performance <a class="reference external" href="https://t.co/6qBcpxfdqD">https://t.co/6qBcpxfdqD</a></p>
<p>“Copy to Clipboard” Made Easy with Clipboard.js <a class="reference external" href="https://t.co/OrXXTmeqrR">https://t.co/OrXXTmeqrR</a></p>
<p>Slide Rules were the Original Personal Computers <a class="reference external" href="https://t.co/HkmzkI4NLj">https://t.co/HkmzkI4NLj</a></p>
<p>11-year-old girl starts business creating and selling secure passwords <a class="reference external" href="https://t.co/OlkehktD0E">https://t.co/OlkehktD0E</a></p>
<p>Resources To Learn and Get Good with Laravel <a class="reference external" href="https://t.co/jVfLbIbPFA">https://t.co/jVfLbIbPFA</a></p>
Sugestii, tutoriale - oct 20152015-11-01T00:00:00+02:002015-11-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-11-01:/sugestii-tutoriale-10-2015.html<p>Echo JS is a User-Voted JavaScript News Community <a class="reference external" href="https://t.co/jYDA0GecaM">https://t.co/jYDA0GecaM</a></p>
<p>Enjoy CSS Generates Custom &amp; Valid CSS3 Code <a class="reference external" href="https://t.co/HCqFvmGGFV">https://t.co/HCqFvmGGFV</a></p>
<p>How To Install LEMP Stack On Ubuntu 15.10 <a class="reference external" href="https://t.co/YoZePymKQh">https://t.co/YoZePymKQh</a></p>
<p>12 Useful PHP Commandline Usage Every Linux User Must Know <a class="reference external" href="https://t.co/NVlGgTArKT">https://t.co …</a></p><p>Echo JS is a User-Voted JavaScript News Community <a class="reference external" href="https://t.co/jYDA0GecaM">https://t.co/jYDA0GecaM</a></p>
<p>Enjoy CSS Generates Custom &amp; Valid CSS3 Code <a class="reference external" href="https://t.co/HCqFvmGGFV">https://t.co/HCqFvmGGFV</a></p>
<p>How To Install LEMP Stack On Ubuntu 15.10 <a class="reference external" href="https://t.co/YoZePymKQh">https://t.co/YoZePymKQh</a></p>
<p>12 Useful PHP Commandline Usage Every Linux User Must Know <a class="reference external" href="https://t.co/NVlGgTArKT">https://t.co/NVlGgTArKT</a></p>
<p>Material Design UI Colors Palette Webapp <a class="reference external" href="https://t.co/s2MUgWGrzS">https://t.co/s2MUgWGrzS</a></p>
<p>A List of Open Source Static Site Generators <a class="reference external" href="https://t.co/TSphWnXUbb">https://t.co/TSphWnXUbb</a></p>
<p>Managing Cronjobs with Laravel <a class="reference external" href="https://t.co/c0UYTF2UJU">https://t.co/c0UYTF2UJU</a></p>
<p>Stylesheets <a class="reference external" href="https://t.co/tK2M6Stz4F">https://t.co/tK2M6Stz4F</a></p>
<p>musicForProgramming(); <a class="reference external" href="https://t.co/Vi6VIdS5FD">https://t.co/Vi6VIdS5FD</a></p>
<p>HTTP/2: the Pros, the Cons, and What You Need to Know <a class="reference external" href="https://t.co/3l9OXHNeSu">https://t.co/3l9OXHNeSu</a></p>
<p>3 Ways to Create a Mobile App with WordPress <a class="reference external" href="https://t.co/d5AwFpy8yy">https://t.co/d5AwFpy8yy</a></p>
<p>Microsoft Debuts Its First Release of Homemade SSH for Windows <a class="reference external" href="https://t.co/3ks88vIiUR">https://t.co/3ks88vIiUR</a></p>
<p>Loading Images the Lazy Loading Way <a class="reference external" href="https://t.co/QnfmroIDMp">https://t.co/QnfmroIDMp</a></p>
<p>Awesome Slim <a class="reference external" href="https://t.co/R9bv9QrKnO">https://t.co/R9bv9QrKnO</a></p>
<p>tuptime - Shows Historical and Statistical Running Time of Linux Systems <a class="reference external" href="http://t.co/gg3facHEnv">http://t.co/gg3facHEnv</a></p>
<p>Deployer <a class="reference external" href="http://t.co/jlFg3D7Faw">http://t.co/jlFg3D7Faw</a></p>
<p>Make a Github Pages blog with Pelican <a class="reference external" href="http://t.co/CA6jwEamgb">http://t.co/CA6jwEamgb</a></p>
<p>Backing up and Restoring Large WordPress Databases <a class="reference external" href="http://t.co/ry8188uqUd">http://t.co/ry8188uqUd</a></p>
<p>Do I need to know math to be a developer? <a class="reference external" href="https://t.co/yJZkrV1mdX">https://t.co/yJZkrV1mdX</a></p>
<p>Five Years of Building Instagram <a class="reference external" href="https://t.co/TYDo4lf9wg">https://t.co/TYDo4lf9wg</a></p>
<p>Best Tools for Designers <a class="reference external" href="https://t.co/UuhgczHnNm">https://t.co/UuhgczHnNm</a></p>
<p>Snowball, For Importing Data To #AWS By #fedex <a class="reference external" href="http://t.co/dOJCweQ6KS">http://t.co/dOJCweQ6KS</a></p>
<p>21 OpenSSL Examples to Help You in Real-World <a class="reference external" href="http://t.co/oo6MZsFRvE">http://t.co/oo6MZsFRvE</a></p>
<p>How to Setup Basic Apache Authentication using VirtualHost <a class="reference external" href="http://t.co/XoAuC45Mk9">http://t.co/XoAuC45Mk9</a></p>
<p>Paper Kit UI brings Color to Bootstrap <a class="reference external" href="http://t.co/l4WwHNJC35">http://t.co/l4WwHNJC35</a></p>
<p>28 Powerful Open Source CSS Frameworks &amp; Libraries <a class="reference external" href="http://t.co/XYI69LV5hb">http://t.co/XYI69LV5hb</a></p>
<p>Powerline - Adds Powerful Statuslines and Prompts to Vim Editor and Bash Terminal <a class="reference external" href="http://t.co/kWA5ILlHhf">http://t.co/kWA5ILlHhf</a></p>
<p>The Beginner’s Guide to Nano, the Linux Command-Line Text Editor <a class="reference external" href="http://t.co/UO0TROwbE7">http://t.co/UO0TROwbE7</a></p>
Deploy aplicatii web cu Capistrano2015-10-31T00:00:00+02:002015-10-31T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-10-31:/deploy-aplicatii-web-cu-capistrano.html<p class="first last">Deploy aplicatii web cu Capistrano</p>
<p>Am prezentat anterior efectuarea deploy-ului la aplicatiile web folosind <a class="reference external" href="../deploy-aplicatii-web-cu-git/">git</a>.
Este o solutie simpla ce se aplica la proiectele mici si one-man job. Dar in cazul proiectelor mai mari/complexe situatia e diferita:</p>
<ul class="simple">
<li>exista un risc mai mare ca un bug sa scape;</li>
<li>e nevoie de un sistem de deploy pe mai multe stagii de dezvoltare (devel, testare, productie);</li>
<li>e nevoie de un sistem de deploy pe mai multe servere simultan;</li>
<li>e nevoie de un sistem care sa permita un rollback rapid si usor al codului la o versiune stabila anterioara.</li>
</ul>
<p>O aplicatie ce rezolva cu success astfel de probleme este <a class="reference external" href="http://capistranorb.com/">Capistrano</a>, scris in Ruby si folosit intens de aceasta comunitate.</p>
<p>Instalarea este usoara daca avem instalata pe sistem un versiune de Ruby >= 1.9.3 sau daca folosim <a class="reference external" href="https://rvm.io/">RVM</a>:</p>
<div class="highlight"><pre><span></span><span class="go">gem install capistrano</span>
</pre></div>
<p>Scriptul de de deploy poate fi instalat oriunde de exemplu in folderul <strong>cap-deploy</strong>. in care initializam configuratia de deploy cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">cap install</span>
</pre></div>
<p>sau in cazul multii stage:</p>
<div class="highlight"><pre><span></span><span class="go">cap install STAGES=devel,test,productie</span>
</pre></div>
<p>ce va produce urmatoarea structura:</p>
<div class="highlight"><pre><span></span><span class="go">.</span>
<span class="go">├── Capfile</span>
<span class="go">├── config</span>
<span class="go">│ ├── deploy</span>
<span class="go">│ │ ├── devel.rb</span>
<span class="go">│ │ ├── productie.rb</span>
<span class="go">│ │ └── test.rb</span>
<span class="go">│ └── deploy.rb</span>
<span class="go">└── lib</span>
<span class="go"> └── capistrano</span>
<span class="go"> └── tasks</span>
</pre></div>
<p>Setarile generale legate de proiect se regasesc in fisierul <strong>config/deploy.rb</strong></p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span></pre></div></td><td class="code"><div><pre><span></span><span class="n">config</span><span class="w"> </span><span class="n">valid</span><span class="w"> </span><span class="n">only</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">current</span><span class="w"> </span><span class="n">version</span><span class="w"> </span><span class="n">of</span><span class="w"> </span><span class="no">Capistrano</span>
<span class="n">lock</span><span class="w"> </span><span class="s1">'3.4.0'</span>
<span class="c1">#nume aplicatie</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:application</span><span class="p">,</span><span class="w"> </span><span class="s1">'proiect'</span>
<span class="c1"># locatia repo git ptr poiect</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:repo_url</span><span class="p">,</span><span class="w"> </span><span class="s1">'git@github.com:user/proiect_repo.git'</span>
<span class="c1"># locatia unde se face deploy pe server</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:deploy_to</span><span class="p">,</span><span class="w"> </span><span class="s1">'/var/www/</span><span class="si">#{</span><span class="n">fetch</span><span class="p">(</span><span class="ss">:application</span><span class="p">)</span><span class="si">}</span><span class="s1">'</span>
<span class="c1"># tipul repo, default git</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:scm</span><span class="p">,</span><span class="w"> </span><span class="ss">:git</span>
<span class="c1"># fisierele comune ce nu se regasesc in repo din motive de securitate si se face link</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:linked_files</span><span class="p">,</span><span class="w"> </span><span class="n">fetch</span><span class="p">(</span><span class="ss">:linked_files</span><span class="p">,</span><span class="w"> </span><span class="o">[]</span><span class="p">)</span><span class="o">.</span><span class="n">push</span><span class="p">(</span><span class="s1">'config/database.yml'</span><span class="p">,</span><span class="w"> </span><span class="s1">'config/secrets.yml'</span><span class="p">)</span>
<span class="c1"># foldere comune ce nu se regasesc in repo (upload, logs, cache etc)</span>
<span class="n">set</span><span class="w"> </span><span class="ss">:linked_dirs</span><span class="p">,</span><span class="w"> </span><span class="n">fetch</span><span class="p">(</span><span class="ss">:linked_dirs</span><span class="p">,</span><span class="w"> </span><span class="o">[]</span><span class="p">)</span><span class="o">.</span><span class="n">push</span><span class="p">(</span><span class="s1">'log'</span><span class="p">,</span><span class="w"> </span><span class="s1">'tmp/pids'</span><span class="p">,</span><span class="w"> </span><span class="s1">'tmp/cache'</span><span class="p">,</span><span class="w"> </span><span class="s1">'tmp/sockets'</span><span class="p">,</span><span class="w"> </span><span class="s1">'vendor/bundle'</span><span class="p">,</span><span class="w"> </span><span class="s1">'public/system'</span><span class="p">)</span>
<span class="c1"># Numar de deploy-uri ce se pastreaza pe server, default sunt 5</span>
<span class="c1"># set :keep_releases, 5</span>
</pre></div></td></tr></table></div>
<p>La nivel de stagiu se definesc serverele, de exemplu in fisierul <strong>config/deploy/productie.rb</strong></p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span>
<span class="normal">8</span>
<span class="normal">9</span></pre></div></td><td class="code"><div><pre><span></span><span class="c1"># Definire la nivel de server</span>
<span class="n">server</span><span class="w"> </span><span class="s1">'fe-1.domeniu.ro'</span><span class="p">,</span><span class="w"> </span><span class="ss">user</span><span class="p">:</span><span class="w"> </span><span class="s1">'deploy'</span><span class="p">,</span><span class="w"> </span><span class="ss">roles</span><span class="p">:</span><span class="w"> </span><span class="sx">%w{app}</span>
<span class="n">server</span><span class="w"> </span><span class="s1">'fe-2.domeniu.ro'</span><span class="p">,</span><span class="w"> </span><span class="ss">user</span><span class="p">:</span><span class="w"> </span><span class="s1">'deploy'</span><span class="p">,</span><span class="w"> </span><span class="ss">roles</span><span class="p">:</span><span class="w"> </span><span class="sx">%w{app web}</span>
<span class="c1"># Definire servere dupa rol</span>
<span class="n">role</span><span class="w"> </span><span class="ss">:app</span><span class="p">,</span><span class="w"> </span><span class="sx">%w{deploy@fe-1.domeniu.ro deploy@fe-2.domeniu.ro}</span><span class="p">,</span>
<span class="n">role</span><span class="w"> </span><span class="ss">:web</span><span class="p">,</span><span class="w"> </span><span class="sx">%w{deploy@fe-2.domeniu.ro}</span><span class="p">,</span>
</pre></div></td></tr></table></div>
<p>Trebuie sa ne asiguram ca:</p>
<ul class="simple">
<li>cheia noastra publica se regaseste pe fiecare server de deploy</li>
<li>serverul are o cheie valida cu care se poate conecta la serverul de git unde este gazduit poiectul</li>
</ul>
<p>Ca masura suplimentara de protectie se recomanda folosirea metodei de forward a cheii private (utilizate de user-ul ce face deploy), dupa cum este explicat <a class="reference external" href="https://developer.github.com/guides/using-ssh-agent-forwarding/#setting-up-ssh-agent-forwarding">aici</a>.</p>
<p>Deploy-ul propriu zis se face usor cu comanda <strong>cap</strong> in folderul de pe calculatorul master (ce controleaza operatia de deploy)</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span>
<span class="normal">8</span></pre></div></td><td class="code"><div><pre><span></span><span class="c1"># deploy pe serverele de dezvoltare</span>
<span class="n">cap</span><span class="w"> </span><span class="n">devel</span><span class="w"> </span><span class="n">deploy</span>
<span class="c1"># deploy pe serverele de testare</span>
<span class="n">cap</span><span class="w"> </span><span class="nb">test</span><span class="w"> </span><span class="n">deploy</span>
<span class="c1"># deploy pe serverele de productie</span>
<span class="n">cap</span><span class="w"> </span><span class="n">productie</span><span class="w"> </span><span class="n">deploy</span>
</pre></div></td></tr></table></div>
<p>Comanda va crea urmatoarea structura de foldere pe servere:</p>
<div class="highlight"><pre><span></span><span class="go">├── current -> /var/www/proiect/releases/20151018104909</span>
<span class="go">├── releases</span>
<span class="go">│ └── 20151018104909</span>
<span class="go">├── repo</span>
<span class="go">├── revisions.log</span>
<span class="go">└── shared</span>
<span class="go"> ├── config</span>
<span class="go"> └── tmp</span>
<span class="go"> ├── pids</span>
<span class="go"> ├── cache</span>
<span class="go"> └── vendors</span>
</pre></div>
<p>unde gasim:</p>
<ul class="simple">
<li><strong>releases</strong> - versiunile de cod puse pe server in foldere cu data si ora efectuarii deploy-ului</li>
<li><strong>repo</strong> - copia locala a repo-ului</li>
<li><strong>shared</strong> - foldere si fisiere comune tuturor deploy-urilor</li>
<li><strong>current</strong> - o legatura simbolica la versiunea curenta a codului. De accea directorul radacina a aplicatiei este pecificat acesta</li>
<li><strong>revision.log</strong> - un log al operatiilor efectuate</li>
</ul>
<p>Spor la deploy.</p>
Deploy aplicatii web cu git2015-10-03T00:00:00+03:002015-10-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-10-03:/deploy-aplicatii-web-cu-git.html<p class="first last">Deploy aplicatii web cu git</p>
<p>Multi dintre noi folosim local GIT pentru salvarea/stocarea modifcarilor facute la proiecte.
Dar putini folosesc GIT si pentru transferul (deploy) proiectelor pe serverele pe care ruleaza aplicatia.</p>
<p>Beneficiul major pe care il vad eu este ca se transfera toate fisierele modificate din proiect (si testate local sau
prin alt sistem).</p>
<p>Ce avem nevoie pentru aplicarea acestui sistem:</p>
<ul class="simple">
<li>un repo local cu git (normal);</li>
<li>acces la serverul de productie (de obicei prin SSH) ce are instalat git;</li>
<li>un repo extern accesibil de dezvoltator cat si de la serverul de productie sunt sunt replicate commiturile din proiect.</li>
</ul>
<p>Ca repo extern se foloseste cel mai des Github, Bitbucket (pe care il prefer ca home dezvoltator) sau solutii/servicii dedicate.</p>
<p>Primul pas este crearea unui repository pe serviciul dorit si adaugarea la proiectul nostru:</p>
<div class="highlight"><pre><span></span><span class="go">git add remote bitbucket https://user@bitbucket.org/user/repo.git</span>
</pre></div>
<p>unde ca argumente sunt:</p>
<ul class="simple">
<li>numele dorit ca identificare al repo extern: <strong>bitbucket</strong></li>
<li>adresa remote pentru repo: <strong>https://user@bitbucket.org/user/repo.git</strong></li>
</ul>
<p>Alternativ se poate folosi si varianta de conectare prin SSH:</p>
<div class="highlight"><pre><span></span><span class="go">git add remote bitbucket git@bitbucket.org:user/repo.git</span>
</pre></div>
<p>Mai departe dezvoltarea proiectului merge normal cu posibilitatea de a salva pe repo remote
modificarile locale facute:</p>
<div class="highlight"><pre><span></span><span class="go">git add .</span>
<span class="go">git commit -m "salvare intermediara"</span>
<span class="go">git push bitbucket master</span>
</pre></div>
<p>Buun... A venit momentul ca proeictul sa fie descarcat pe serverul de productie.
Ne conectam pe server si clonam (duplicam) repo-ul in folderul <strong>proiect</strong></p>
<div class="highlight"><pre><span></span><span class="go">git clone https://user@bitbucket.org/user/repo.git proiect</span>
</pre></div>
<p>In cazul in care proeictul contine multe commit-uri fi folderul <strong>.git</strong> este mare putem clona pe server
doar ultimul commit:</p>
<div class="highlight"><pre><span></span><span class="go">git clone --depth=1 https://user@bitbucket.org/user/repo.git proiect</span>
</pre></div>
<p>Acum deploy-urile ulterioare se pot realiza mui usor ruland in folderul <strong>proiect</strong> comanda:</p>
<div class="highlight"><pre><span></span><span class="go">git pull</span>
</pre></div>
<p>Modul recomndabil prin care se fac modificari la proiect sa fie:</p>
<ol class="arabic simple">
<li>modificare in repo local al dezvoltatorului;</li>
<li>replicarea pe repo remote;</li>
<li>publicarea pe serverul de productie.</li>
</ol>
<p>Acest mod asigura existemta tuturor modificarilor in toate locurile.</p>
<p><strong>Nota:</strong></p>
<ul class="simple">
<li>Aceasta metoda se poate aplica la proiecte de complexitate mica, cu modificari mici si fregvente pe un singur server.</li>
<li>Pentru proiecte mari sau replicare pe mai multe servere exista alte solutii de deploy (de ex <a class="reference external" href="http://capistranorb.com/">Capistrano</a>).</li>
<li>In cazul cand aveti doar access FTP la server exista servicii dedicate chiar si gratuite (De ex Ftploy).</li>
</ul>
<p>Mai multe gasiti <a class="reference external" href="http://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes">aici</a>.</p>
Sugestii, tutoriale - sept 20152015-10-03T00:00:00+03:002015-10-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-10-03:/sugestii-tutoriale-09-2015.html<p>How Git hooks made me a better (and more lovable) developer | Wouter Admiraal's Blog <a class="reference external" href="http://t.co/JcEUsD81MV">http://t.co/JcEUsD81MV</a></p>
<p>beLazy.js touts Lazy-Loading Images at 1KB JavaScript <a class="reference external" href="http://t.co/CeZeJOxtD9">http://t.co/CeZeJOxtD9</a></p>
<p>Demystifying RegEx with Practical Examples <a class="reference external" href="http://t.co/Ykd6S4xnLw">http://t.co/Ykd6S4xnLw</a></p>
<p>Chrome, Firefox, Safari, Opera, Edge? Impressive Web Browser Alternatives – Smashing Magazine …</p><p>How Git hooks made me a better (and more lovable) developer | Wouter Admiraal's Blog <a class="reference external" href="http://t.co/JcEUsD81MV">http://t.co/JcEUsD81MV</a></p>
<p>beLazy.js touts Lazy-Loading Images at 1KB JavaScript <a class="reference external" href="http://t.co/CeZeJOxtD9">http://t.co/CeZeJOxtD9</a></p>
<p>Demystifying RegEx with Practical Examples <a class="reference external" href="http://t.co/Ykd6S4xnLw">http://t.co/Ykd6S4xnLw</a></p>
<p>Chrome, Firefox, Safari, Opera, Edge? Impressive Web Browser Alternatives – Smashing Magazine <a class="reference external" href="http://t.co/0Qkaomnr0o">http://t.co/0Qkaomnr0o</a></p>
<p>Advanced WordPress Management With WP-CLI – Smashing Magazine <a class="reference external" href="http://t.co/8cIO9K299r">http://t.co/8cIO9K299r</a></p>
<p>Removing the Pain of User Authorization with Sentinel <a class="reference external" href="http://t.co/yBwV50JX0m">http://t.co/yBwV50JX0m</a></p>
<p>This GIF Takes 1,000 Years to Play Till the End <a class="reference external" href="http://t.co/LeCODC6zHb">http://t.co/LeCODC6zHb</a></p>
<p>git-flow cheatsheet <a class="reference external" href="http://t.co/cNwDRXTfaV">http://t.co/cNwDRXTfaV</a></p>
<p>Reddit Shell offers CLI-Style Surfing in your Browser <a class="reference external" href="http://t.co/M9I8XKCcRQ">http://t.co/M9I8XKCcRQ</a></p>
<p>Learn Useful 'Vi/Vim' Editor Tips and Tricks to Enhance Your Skills - Part 1 <a class="reference external" href="http://t.co/4n4f40LXTp">http://t.co/4n4f40LXTp</a></p>
<p>10 Useful Commands to Collect System and Hardware Information in Linux <a class="reference external" href="http://t.co/udoLYzPEMn">http://t.co/udoLYzPEMn</a></p>
<p>8 Interesting ‘Vi/Vim’ Editor Tips and Tricks for Every Linux Administrator - Part 2 <a class="reference external" href="http://t.co/A3yCG9KXyk">http://t.co/A3yCG9KXyk</a></p>
<p>How to configure virtual hosts in Apache HTTP server <a class="reference external" href="http://t.co/PVdTYWJPp4">http://t.co/PVdTYWJPp4</a></p>
<p>10 Best Python Frameworks for Web Developers <a class="reference external" href="http://t.co/If6CRIwNaw">http://t.co/If6CRIwNaw</a></p>
<p>Mastering Django <a class="reference external" href="http://t.co/YU78PGuHyN">http://t.co/YU78PGuHyN</a></p>
<p>Managing Huge Repositories with Git <a class="reference external" href="http://t.co/tyaHvHvi9y">http://t.co/tyaHvHvi9y</a></p>
<p>How to find out information about a LXC (Linux container) CPU & Memory Usage <a class="reference external" href="http://t.co/PmWlm2F6mC">http://t.co/PmWlm2F6mC</a></p>
Sugestii, tutoriale - aug 20152015-09-06T00:00:00+03:002015-09-06T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-09-06:/sugestii-tutoriale-08-2015.html<p>Top 10 Remote Developer Myths Busted - X-Team | Developer Resourcing <a class="reference external" href="http://t.co/ZuJvcDcSai">http://t.co/ZuJvcDcSai</a></p>
<p>The 19 Best Newsletters for Front-End Web Developers <a class="reference external" href="http://t.co/fIm06PhuTX">http://t.co/fIm06PhuTX</a></p>
<p>The Composer Lock File <a class="reference external" href="http://t.co/RU6qHMKUIN">http://t.co/RU6qHMKUIN</a></p>
<p>How To Find the Best Free JS Plugins for your Website <a class="reference external" href="http://t.co/YaTLFQSEA1">http://t.co/YaTLFQSEA1</a></p>
<p>Open Source …</p><p>Top 10 Remote Developer Myths Busted - X-Team | Developer Resourcing <a class="reference external" href="http://t.co/ZuJvcDcSai">http://t.co/ZuJvcDcSai</a></p>
<p>The 19 Best Newsletters for Front-End Web Developers <a class="reference external" href="http://t.co/fIm06PhuTX">http://t.co/fIm06PhuTX</a></p>
<p>The Composer Lock File <a class="reference external" href="http://t.co/RU6qHMKUIN">http://t.co/RU6qHMKUIN</a></p>
<p>How To Find the Best Free JS Plugins for your Website <a class="reference external" href="http://t.co/YaTLFQSEA1">http://t.co/YaTLFQSEA1</a></p>
<p>Open Source Presentation Tools: Are We There Yet? <a class="reference external" href="http://t.co/c9Z3a9cz4V">http://t.co/c9Z3a9cz4V</a></p>
<p>Deploying a Django App with mod_wsgi on Ubuntu 14.04 <a class="reference external" href="http://t.co/UZHXVA5zoT">http://t.co/UZHXVA5zoT</a></p>
<p>Deploy Your Rails App to AWS <a class="reference external" href="http://t.co/6kv1N2cRqE">http://t.co/6kv1N2cRqE</a></p>
<p>10 Essential Atom Add-ons <a class="reference external" href="http://t.co/pXyvOcwssE">http://t.co/pXyvOcwssE</a></p>
<p>PSA: Hide your .git/config directory <a class="reference external" href="http://t.co/1Emu9tD3vZ">http://t.co/1Emu9tD3vZ</a></p>
<p>20 Responsive CSS Frameworks and Grids Worth Considering <a class="reference external" href="http://t.co/YpEpFBFvnZ">http://t.co/YpEpFBFvnZ</a></p>
<p>Designing Flexible Pie Charts With CSS and SVG — Smashing Magazine <a class="reference external" href="http://t.co/nmDoCDTzQg">http://t.co/nmDoCDTzQg</a></p>
<p>Deploying a Git repository via FTP <a class="reference external" href="http://t.co/NNnGUVIj6p">http://t.co/NNnGUVIj6p</a></p>
<p>Introduction to Elasticsearch in PHP <a class="reference external" href="http://t.co/aHbIanANuU">http://t.co/aHbIanANuU</a></p>
<p>6 Free Online Tools to Make Your Life Easier <a class="reference external" href="http://t.co/s1QLaTYCbL">http://t.co/s1QLaTYCbL</a></p>
<p>10 Time-saving Tips for Pythonists <a class="reference external" href="http://t.co/ifVLqVgDhE">http://t.co/ifVLqVgDhE</a></p>
<p>Building an Automated Config Management Server using Ansible+Flask+Redis | beingasysadmin <a class="reference external" href="http://t.co/aWELkJQmF9">http://t.co/aWELkJQmF9</a></p>
Sugestii, tutoriale - iul 20152015-08-04T00:00:00+03:002015-08-04T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-08-04:/sugestii-tutoriale-07-2015.html<p>Speed Up WordPress Using Redis And Varnish On Ubuntu <a class="reference external" href="http://t.co/gX3WgTnW0Z">http://t.co/gX3WgTnW0Z</a></p>
<p>Securing a Server with Ansible <a class="reference external" href="http://t.co/lLarAJRIpL">http://t.co/lLarAJRIpL</a></p>
<p>How To Setup Ansible In Ubuntu 15.04 <a class="reference external" href="http://t.co/YqyZEvByaY">http://t.co/YqyZEvByaY</a></p>
<p>How to burn a CD/DVD through the command line <a class="reference external" href="http://t.co/j0nOwS7B8k">http://t.co/j0nOwS7B8k</a></p>
<p>18 Free …</p><p>Speed Up WordPress Using Redis And Varnish On Ubuntu <a class="reference external" href="http://t.co/gX3WgTnW0Z">http://t.co/gX3WgTnW0Z</a></p>
<p>Securing a Server with Ansible <a class="reference external" href="http://t.co/lLarAJRIpL">http://t.co/lLarAJRIpL</a></p>
<p>How To Setup Ansible In Ubuntu 15.04 <a class="reference external" href="http://t.co/YqyZEvByaY">http://t.co/YqyZEvByaY</a></p>
<p>How to burn a CD/DVD through the command line <a class="reference external" href="http://t.co/j0nOwS7B8k">http://t.co/j0nOwS7B8k</a></p>
<p>18 Free Mobile APIs Developers Should Consider <a class="reference external" href="http://t.co/a2eUQSWCYN">http://t.co/a2eUQSWCYN</a></p>
<p>Integrare Bootstrap in Symfony 2 <a class="reference external" href="http://t.co/LjE4499T49">http://t.co/LjE4499T49</a></p>
<p>Există extratereștrii? Timo-T ne lămurește <a class="reference external" href="http://t.co/PTI5PFZf92">http://t.co/PTI5PFZf92</a></p>
<p>40 Tiny Web-Based Tools &amp; Apps for Working With CSS <a class="reference external" href="http://t.co/EISgW6HxFK">http://t.co/EISgW6HxFK</a></p>
<p>Adding jQuery and Bootstrap to Write a Mobile-Friendly and Responsive Web Application <a class="reference external" href="http://t.co/je7wzyjBeh">http://t.co/je7wzyjBeh</a></p>
<p>How to Sign Into Two or More Skype Accounts at Once <a class="reference external" href="http://t.co/cYHavxMA1u">http://t.co/cYHavxMA1u</a></p>
<p>Sublime Text (3) for PHP Developers <a class="reference external" href="http://t.co/ydHyYi1GvA">http://t.co/ydHyYi1GvA</a></p>
<p>Learn to code with this free book: Automate the Boring Stuff with Python <a class="reference external" href="https://t.co/iRAvxfxD8v">https://t.co/iRAvxfxD8v</a></p>
Integrare Bootstrap in sabloane - Tutorial Symfony2015-07-19T00:00:00+03:002015-07-19T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-07-19:/integrare-bootstrap-in-sabloane-tutorial-symfony.html<p>Cei mai multi dezvoltatori nu au talente extraordinare in scrierea de CSS si cel mai des utilizeaza librarii CSS existe ce ofera cam tot ce e necesar pentru realizarea de interfete corespunzatoare pentru utilizatori. Dintre cele mai utilzate sunt <a class="reference external" href="http://getbootstrap.com/">Bootstrap</a> si <a class="reference external" href="http://foundation.zurb.com/">Foundation</a></p>
<p>Vom vorbi despre integrarea <strong>Bootstrap</strong> intr-un proiect Symfony …</p><p>Cei mai multi dezvoltatori nu au talente extraordinare in scrierea de CSS si cel mai des utilizeaza librarii CSS existe ce ofera cam tot ce e necesar pentru realizarea de interfete corespunzatoare pentru utilizatori. Dintre cele mai utilzate sunt <a class="reference external" href="http://getbootstrap.com/">Bootstrap</a> si <a class="reference external" href="http://foundation.zurb.com/">Foundation</a></p>
<p>Vom vorbi despre integrarea <strong>Bootstrap</strong> intr-un proiect Symfony 2 prin <a class="reference external" href="https://getcomposer.org/">Composer</a>.</p>
<p>Pentru asta vom include ca dependinte ale proiectului in fisierul <strong>composer.json</strong>:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span></pre></div></td><td class="code"><div><pre><span></span><span class="nt">"require"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="err">...</span>
<span class="w"> </span><span class="nt">"twitter/bootstrap"</span><span class="p">:</span><span class="w"> </span><span class="s2">"3.*"</span><span class="p">,</span>
<span class="w"> </span><span class="nt">"components/jquery"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1.11.1"</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
<p>Adaugam de asemenea in fisierul <strong>app\config\config.yml</strong> pentru ca aceste librarii sa fie accesibile prin functia Assetic:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span>
<span class="normal">35</span>
<span class="normal">36</span>
<span class="normal">37</span>
<span class="normal">38</span></pre></div></td><td class="code"><div><pre><span></span># Assetic Configuration
assetic:
debug: "%kernel.debug%"
use_controller: false
bundles: [ '*Place your bundle names here*' ]
filters:
cssrewrite: ~
assets:
bootstrap_js:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/js/bootstrap.js
bootstrap_css:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/css/bootstrap.css
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/css/bootstrap-theme.css
filters: [cssrewrite]
bootstrap_glyphicons_ttf:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/fonts/glyphicons-halflings-regular.ttf
output: "fonts/glyphicons-halflings-regular.ttf"
bootstrap_glyphicons_eot:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/fonts/glyphicons-halflings-regular.eot
output: "fonts/glyphicons-halflings-regular.eot"
bootstrap_glyphicons_svg:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/fonts/glyphicons-halflings-regular.svg
output: "fonts/glyphicons-halflings-regular.svg"
bootstrap_glyphicons_woff:
inputs:
- %kernel.root_dir%/../vendor/twitter/bootstrap/dist/fonts/glyphicons-halflings-regular.woff
output: "fonts/glyphicons-halflings-regular.woff"
jquery:
inputs:
- %kernel.root_dir%/../vendor/components/jquery/jquery.js
</pre></div></td></tr></table></div>
<p>Acum putem include aceste librarii in sablonul principal</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span></pre></div></td><td class="code"><div><pre><span></span>{# app/Resources/views/base.html.twig #}
<span class="cp"><!DOCTYPE html></span>
<span class="p"><</span><span class="nt">html</span><span class="p">></span>
<span class="p"><</span><span class="nt">head</span><span class="p">></span>
...
{% stylesheets '@bootstrap_css' %}
<span class="p"><</span><span class="nt">link</span> <span class="na">rel</span><span class="o">=</span><span class="s">"stylesheet"</span> <span class="na">type</span><span class="o">=</span><span class="s">"text/css"</span> <span class="na">media</span><span class="o">=</span><span class="s">"screen"</span> <span class="na">href</span><span class="o">=</span><span class="s">"{{ asset_url }}"</span><span class="p">/></span>
{% endstylesheets %}
...
<span class="p"></</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">body</span><span class="p">></span>
...
{% javascripts '@jquery' '@bootstrap_js' %}
<span class="p"><</span><span class="nt">script</span> <span class="na">type</span><span class="o">=</span><span class="s">"text/javascript"</span> <span class="na">src</span><span class="o">=</span><span class="s">"{{ asset_url }}"</span><span class="p">></</span><span class="nt">script</span><span class="p">></span>
{% endjavascripts %}
<span class="p"></</span><span class="nt">body</span><span class="p">></span>
<span class="p"></</span><span class="nt">html</span><span class="p">></span>
</pre></div></td></tr></table></div>
<p>Mai recomand sa modificati si fisierul <strong>app\config\security.yml</strong> in cazul cand folositi reguli de access a paginilor, incluzand <strong>fonts</strong> in lista celor ce sunt accesibile:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span></pre></div></td><td class="code"><div><pre><span></span>firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js|fonts)/
security: false
</pre></div></td></tr></table></div>
<p>Mai multe despre gestionare asset-urilor gasiti <a class="reference external" href="http://symfony.com/doc/current/cookbook/assetic/asset_management.html">aici</a>.</p>
<p><a class="reference external" href="../utilizare-sabloane-tutorial-symfony/">Anterior - Utilizare sabloane</a></p>
Utilizare sabloane - Tutorial Symfony2015-06-30T00:00:00+03:002015-06-30T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-06-30:/utilizare-sabloane-tutorial-symfony.html<p class="first last">Utilizare sabloane in Symfony 2</p>
<p>Un sablon (template) este un fisier text care genereaza un raspuns in orice format text (HTML, XML, CSV ..) si care include un mix de text si cod PHP:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span></pre></div></td><td class="code"><div><pre><span></span><span class="cp"><!DOCTYPE html></span>
<span class="p"><</span><span class="nt">html</span><span class="p">></span>
<span class="p"><</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">title</span><span class="p">></span>Welcome to Symfony!<span class="p"></</span><span class="nt">title</span><span class="p">></span>
<span class="p"></</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">body</span><span class="p">></span>
<span class="p"><</span><span class="nt">h1</span><span class="p">></span><span class="cp"><?php echo $page_title ?></span><span class="p"></</span><span class="nt">h1</span><span class="p">></span>
<span class="p"><</span><span class="nt">ul</span> <span class="na">id</span><span class="o">=</span><span class="s">"navigation"</span><span class="p">></span>
<span class="cp"><?php foreach ($navigation as $item): ?></span>
<span class="p"><</span><span class="nt">li</span><span class="p">></span>
<span class="p"><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"<?php echo $item->getHref() ?>"</span><span class="p">></span>
<span class="cp"><?php echo $item->getCaption() ?></span>
<span class="p"></</span><span class="nt">a</span><span class="p">></span>
<span class="p"></</span><span class="nt">li</span><span class="p">></span>
<span class="cp"><?php endforeach ?></span>
<span class="p"></</span><span class="nt">ul</span><span class="p">></span>
<span class="p"></</span><span class="nt">body</span><span class="p">></span>
<span class="p"></</span><span class="nt">html</span><span class="p">></span>
</pre></div></td></tr></table></div>
<p>Symfony include insa un limbaj de templating puternic numit Twig ce ne permite sa scriem sabloane usor si mai puternice decat unn sablon clasic PHP:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span></pre></div></td><td class="code"><div><pre><span></span><span class="cp"><!DOCTYPE html></span>
<span class="p"><</span><span class="nt">html</span><span class="p">></span>
<span class="p"><</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">title</span><span class="p">></span>Welcome to Symfony!<span class="p"></</span><span class="nt">title</span><span class="p">></span>
<span class="p"></</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">body</span><span class="p">></span>
<span class="p"><</span><span class="nt">h1</span><span class="p">></span>{{ page_title }}<span class="p"></</span><span class="nt">h1</span><span class="p">></span>
<span class="p"><</span><span class="nt">ul</span> <span class="na">id</span><span class="o">=</span><span class="s">"navigation"</span><span class="p">></span>
{% for item in navigation %}
<span class="p"><</span><span class="nt">li</span><span class="p">><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"{{ item.href }}"</span><span class="p">></span>{{ item.caption }}<span class="p"></</span><span class="nt">a</span><span class="p">></</span><span class="nt">li</span><span class="p">></span>
{% endfor %}
<span class="p"></</span><span class="nt">ul</span><span class="p">></span>
<span class="p"></</span><span class="nt">body</span><span class="p">></span>
<span class="p"></</span><span class="nt">html</span><span class="p">></span>
</pre></div></td></tr></table></div>
<p>Acest limbaj permite afisari rapide de variabile, putem introduce conditii sau parcurge diverse cicluri. De asemenea putem introduce filtre la textul afisat, de ex sa facem traduceri in diverse limbi.</p>
<p>De asemenea Twig este si foarte rapid pentru ca acse sabloane sunt compilate in format nativ PHP si stocate in cache situat in <strong>app/cache/{environment}/twig</strong>.</p>
<p>De obicei aceste sabloane din proiect includ parti comune ca header, footer, bare laterale (sidebar) - definite sub firma de <strong>block-uri</strong> - ce pot fi reunite intr-un sablon de baza care ulterior va fi extins/ suprascris de catre sablonul copil. Un exemplu de astfel de sablon poate fi:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span>
<span class="normal">35</span></pre></div></td><td class="code"><div><pre><span></span>{# app/Resources/views/base.html.twig #}
<span class="cp"><!DOCTYPE html></span>
<span class="p"><</span><span class="nt">html</span><span class="p">></span>
<span class="p"><</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">meta</span> <span class="na">charset</span><span class="o">=</span><span class="s">"UTF-8"</span> <span class="p">/></span>
<span class="p"><</span><span class="nt">title</span><span class="p">></span>{% block title %}{% endblock %} - Symfony demo<span class="p"></</span><span class="nt">title</span><span class="p">></span>
{% stylesheets '@bootstrap_css' %}
<span class="p"><</span><span class="nt">link</span> <span class="na">rel</span><span class="o">=</span><span class="s">"stylesheet"</span> <span class="na">type</span><span class="o">=</span><span class="s">"text/css"</span> <span class="na">media</span><span class="o">=</span><span class="s">"screen"</span> <span class="na">href</span><span class="o">=</span><span class="s">"{{ asset_url }}"</span><span class="p">/></span>
{% endstylesheets %}
<span class="p"><</span><span class="nt">link</span> <span class="na">rel</span><span class="o">=</span><span class="s">"icon"</span> <span class="na">type</span><span class="o">=</span><span class="s">"image/x-icon"</span> <span class="na">href</span><span class="o">=</span><span class="s">"{{ asset('favicon.ico') }}"</span> <span class="p">/></span>
<span class="p"></</span><span class="nt">head</span><span class="p">></span>
<span class="p"><</span><span class="nt">body</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"container"</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"row"</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"col-md-2 col-xs-3"</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"page-header"</span> <span class="na">style</span><span class="o">=</span><span class="s">"margin-top: 66px;"</span><span class="p">></span>
<span class="p"><</span><span class="nt">h3</span><span class="p">></span>{{ 'Side Menu'|trans }}<span class="p"></</span><span class="nt">h3</span><span class="p">></span>
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
<span class="p"><</span><span class="nt">ul</span><span class="p">></span>
<span class="p"><</span><span class="nt">li</span><span class="p">><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"/ro"</span><span class="p">></span>RO<span class="p"></</span><span class="nt">a</span><span class="p">></</span><span class="nt">li</span><span class="p">></span>
<span class="p"><</span><span class="nt">li</span><span class="p">><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"/en"</span><span class="p">></span>EN<span class="p"></</span><span class="nt">a</span><span class="p">></</span><span class="nt">li</span><span class="p">></span>
<span class="p"><</span><span class="nt">li</span><span class="p">><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"/de"</span><span class="p">></span>DE<span class="p"></</span><span class="nt">a</span><span class="p">></</span><span class="nt">li</span><span class="p">></span>
<span class="p"></</span><span class="nt">ul</span><span class="p">></span>
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"col-md-10 col-xs-9"</span><span class="p">></span>
{% include "::messages.html.twig" %}
{% block body %}{% endblock %}
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
{% javascripts '@jquery' '@bootstrap_js' %}
<span class="p"><</span><span class="nt">script</span> <span class="na">type</span><span class="o">=</span><span class="s">"text/javascript"</span> <span class="na">src</span><span class="o">=</span><span class="s">"{{ asset_url }}"</span><span class="p">></</span><span class="nt">script</span><span class="p">></span>
{% endjavascripts %}
<span class="p"></</span><span class="nt">body</span><span class="p">></span>
<span class="p"></</span><span class="nt">html</span><span class="p">></span>
</pre></div></td></tr></table></div>
<p>Aici regasim doua <strong>{% block-uri %}</strong> ce pot fi suprascrise de sablonul parinte:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span></pre></div></td><td class="code"><div><pre><span></span>{% extends '::base.html.twig' %}
{% block title %}{{ 'Category edit'|trans }}{% endblock %}
{% block body -%}
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"row page-header"</span><span class="p">></span>
<span class="p"><</span><span class="nt">h2</span><span class="p">></span>Category edit
<span class="p"><</span><span class="nt">a</span> <span class="na">href</span><span class="o">=</span><span class="s">"{{ path('admin_category') }}"</span> <span class="na">class</span><span class="o">=</span><span class="s">"btn btn-default pull-right"</span><span class="p">></span>{{ 'List'|trans }}<span class="p"></</span><span class="nt">a</span><span class="p">></span>
<span class="p"></</span><span class="nt">h2</span><span class="p">></span>
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
<span class="p"><</span><span class="nt">div</span> <span class="na">class</span><span class="o">=</span><span class="s">"row"</span><span class="p">></span>
{{ form(edit_form) }}
<span class="p"></</span><span class="nt">div</span><span class="p">></span>
{% endblock %}
</pre></div></td></tr></table></div>
<p>Uzual aceste pagini se regasesc in folderul <strong>app/Resources/views/</strong> pentru sabloanele parinte, cat si in fiecare bundle in folderul <strong>Tutorial/TestBundle/Resources/views/</strong> (si subdirectoare).</p>
<p>Mai multe gasiti <a class="reference external" href="http://symfony.com/doc/current/book/templating.html">aici</a>.</p>
<p><a class="reference external" href="../creare-controller-tutorial-symfony/">Anterior - Creare controller</a>
<a class="reference external" href="../integrare-bootstrap-in-sabloane-tutorial-symfony">Urmator - Integrare Bootstrap</a></p>
Sugestii, tutoriale - iun 20152015-06-29T00:00:00+03:002015-06-29T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-06-29:/sugestii-tutoriale-06-2015.html<p class="first last">Sugestii, tutoriale - iun 2015</p>
<p>OpenMandriva Linux Will Continue to Provide 32-bit (i586) Builds of the Distribution - Softpedia <a class="reference external" href="http://t.co/Xt51X55Xxk">http://t.co/Xt51X55Xxk</a></p>
<p>Docker &amp; supervisord tutorial <a class="reference external" href="http://t.co/d2dLFo4oV6">http://t.co/d2dLFo4oV6</a></p>
<p>Setup Linux Containers Using LXC On Ubuntu <a class="reference external" href="http://t.co/gig2Ym1i8G">http://t.co/gig2Ym1i8G</a></p>
<p>How to Configure Network (NIC) Bonding/Teaming on Debian Linux <a class="reference external" href="http://t.co/XRseUcz9Fq">http://t.co/XRseUcz9Fq</a></p>
<p>How To Install Varnish Cache 4.0 In CentOS 7 <a class="reference external" href="http://t.co/lthpFCIdT5">http://t.co/lthpFCIdT5</a></p>
<p>The Complete Guide to Reducing Page Weight <a class="reference external" href="http://t.co/FIYwuvbIkA">http://t.co/FIYwuvbIkA</a></p>
<p>2Mb Web Pages: Who's to Blame? <a class="reference external" href="http://t.co/Ak5Y0zCllT">http://t.co/Ak5Y0zCllT</a></p>
<p>25 Syntax Highlighters: Tried and Tested <a class="reference external" href="http://t.co/yDJtoAgTei">http://t.co/yDJtoAgTei</a></p>
<p>Top 50 Free Icon Fonts for Web Design <a class="reference external" href="http://t.co/TZvBXjIgW5">http://t.co/TZvBXjIgW5</a></p>
<p>Choosing a JavaScript Charting Library: the Main Contenders <a class="reference external" href="http://t.co/yHtQjN376i">http://t.co/yHtQjN376i</a></p>
<p>Fancy, Responsive Charts with Chart.js <a class="reference external" href="http://t.co/v7xjP37iZB">http://t.co/v7xjP37iZB</a></p>
<p>Regular Expressions in 10 Different Languages <a class="reference external" href="http://t.co/FfTaTZJLDc">http://t.co/FfTaTZJLDc</a></p>
<p>Mastering Composer - Tips and Tricks <a class="reference external" href="http://t.co/JmV1FkDCo9">http://t.co/JmV1FkDCo9</a></p>
<p>Awesome Symfony 2 <a class="reference external" href="https://t.co/2G1iTWugFB">https://t.co/2G1iTWugFB</a></p>
<p>What you should do before pushing php code to production git repository <a class="reference external" href="http://t.co/QQ5GkRxpWw">http://t.co/QQ5GkRxpWw</a></p>
<p>ROSA Enterprise Desktop X2 Brings UEFI and Secure Boot Support <a class="reference external" href="http://t.co/vxuv1HfTNt">http://t.co/vxuv1HfTNt</a></p>
<p>50 CSS and JavaScript Tools, Frameworks and Libraries <a class="reference external" href="http://t.co/8gwmbgl9Tj">http://t.co/8gwmbgl9Tj</a></p>
<p>How to monitor user login history on CentOS with utmpdump <a class="reference external" href="http://t.co/MwExJWFBbf">http://t.co/MwExJWFBbf</a></p>
<p>4 Free Shell Scripting eBooks for Linux Newbies and Administrators <a class="reference external" href="http://t.co/ifyVhemLpI">http://t.co/ifyVhemLpI</a></p>
<p>Top 5 Material Design Frameworks to Use in 2015 <a class="reference external" href="http://t.co/XM1YugTc4o">http://t.co/XM1YugTc4o</a></p>
Creare controller - Tutorial Symfony2015-06-20T00:00:00+03:002015-06-20T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-06-20:/creare-controller-tutorial-symfony.html<p class="first last">Creare controller in Symfony 2</p>
<p>Contrller-ul e partea de cod ce preia informatiile dintro cerere HTTP (<strong>Request</strong>) si genereaza un raspuns HTTP (obiect <strong>Response</strong>). Acest raspuns poate fi o pagina HTML, un document XML sau un obiect JSOn serializat, o imagine, o eroare 404 sau ce ne dorim. Controller-ul contine logica necesara generarii paginii de raspuns dorite.</p>
<p>Un controller poate fi generat prin 2 metode: manual sau cu utilitarul app/console. Ultima alternativa ne ajuta la generarea metodelor incluse in controller</p>
<div class="highlight"><pre><span></span><span class="go">php app/console generate:controller</span>
<span class="go">Every page, and even sections of a page, are rendered by a controller.</span>
<span class="go">This command helps you generate them easily.</span>
<span class="go">First, you need to give the controller name you want to generate.</span>
<span class="go">You must use the shortcut notation like AcmeBlogBundle:Post</span>
<span class="go">Controller name: TutorialTestBundle:Pagina</span>
<span class="go">Determine the format to use for the routing.</span>
<span class="go">Routing format (php, xml, yml, annotation) [annotation]: yml</span>
<span class="go">Determine the format to use for templating.</span>
<span class="go">Template format (twig, php) [twig]:</span>
<span class="go">Instead of starting with a blank controller, you can add some actions now. An action</span>
<span class="go">is a PHP function or method that executes, for example, when a given route is matched.</span>
<span class="go">Actions should be suffixed by Action.</span>
<span class="go">New action name (press <return> to stop adding actions): indexAction</span>
<span class="go">Action route [/index]: /</span>
<span class="go">Templatename (optional) [TutorialTestBundle:Pagina:index.html.twig]:</span>
<span class="go">New action name (press <return> to stop adding actions): newAction</span>
<span class="go">Action route [/new]:</span>
<span class="go">Templatename (optional) [TutorialTestBundle:Pagina:new.html.twig]:</span>
<span class="go">New action name (press <return> to stop adding actions): editAction</span>
<span class="go">Action route [/edit]: {id}/edit</span>
<span class="go">Templatename (optional) [TutorialTestBundle:Pagina:edit.html.twig]:</span>
<span class="go">New action name (press <return> to stop adding actions): deleteAction</span>
<span class="go">Action route [/delete]: {id}/delete</span>
<span class="go">Templatename (optional) [TutorialTestBundle:Pagina:delete.html.twig]:</span>
<span class="go">New action name (press <return> to stop adding actions):</span>
<span class="go">You are going to generate a "TutorialTestBundle:Pagina" controller</span>
<span class="go">using the "yml" format for the routing and the "twig" format</span>
<span class="go">for templating</span>
<span class="go">Do you confirm generation [yes]?</span>
<span class="go">Generating the bundle code: OK</span>
</pre></div>
<p>Ce produce urmatorul fisier <strong>Tutorial/TestBundle/Controller/PaginaController.php</strong>:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span></pre></div></td><td class="code"><div><pre><span></span><span class="cp"><?php</span>
<span class="k">namespace</span> <span class="nx">Tutorial\TestBundle\Controller</span><span class="p">;</span>
<span class="k">use</span> <span class="nx">Symfony\Bundle\FrameworkBundle\Controller\Controller</span><span class="p">;</span>
<span class="k">class</span> <span class="nc">PaginaController</span> <span class="k">extends</span> <span class="nx">Controller</span>
<span class="p">{</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">indexAction</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">render</span><span class="p">(</span><span class="s1">'TutorialTestBundle:Pagina:index.html.twig'</span><span class="p">,</span> <span class="k">array</span><span class="p">(</span>
<span class="c1">// ...</span>
<span class="p">));</span> <span class="p">}</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">newAction</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">render</span><span class="p">(</span><span class="s1">'TutorialTestBundle:Pagina:new.html.twig'</span><span class="p">,</span> <span class="k">array</span><span class="p">(</span>
<span class="c1">// ...</span>
<span class="p">));</span> <span class="p">}</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">editAction</span><span class="p">(</span><span class="nv">$id</span><span class="p">)</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">render</span><span class="p">(</span><span class="s1">'TutorialTestBundle:Pagina:edit.html.twig'</span><span class="p">,</span> <span class="k">array</span><span class="p">(</span>
<span class="c1">// ...</span>
<span class="p">));</span> <span class="p">}</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">deleteAction</span><span class="p">(</span><span class="nv">$id</span><span class="p">)</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">render</span><span class="p">(</span><span class="s1">'TutorialTestBundle:Pagina:delete.html.twig'</span><span class="p">,</span> <span class="k">array</span><span class="p">(</span>
<span class="c1">// ...</span>
<span class="p">));</span> <span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
<p>Sunt generate niste pagini de baza pentru afisare in <strong>Tutorial/TestBundle/Resources/views/Pagina</strong>:</p>
<ul class="simple">
<li>delete.html.twig</li>
<li>edit.html.twig</li>
<li>index.html.twig</li>
<li>new.html.twig</li>
</ul>
<p>De asemenea sunt adaugate rute (descrieri ale actiunilor definite) in fisierul <strong>Tutorial/TestBundle/Resources/config/routing.yml</strong> (voi descrie aceasta functie intr-un articol viitor):</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span></pre></div></td><td class="code"><div><pre><span></span>index:
path: /
defaults: { _controller: TutorialTestBundle:Pagina:index }
new:
path: /new
defaults: { _controller: TutorialTestBundle:Pagina:new }
edit:
path: {id}/edit
defaults: { _controller: TutorialTestBundle:Pagina:edit }
delete:
path: {id}/delete
defaults: { _controller: TutorialTestBundle:Pagina:delete }
</pre></div></td></tr></table></div>
<p>Mai multe gasiti <a class="reference external" href="http://symfony.com/doc/current/book/controller.html">aici</a>.</p>
<p><a class="reference external" href="../creare-entitati-tutorial-symfony/">Anterior - Creare entitati</a></p>
Creare entitati - Tutorial Symfony2015-05-28T00:00:00+03:002015-05-28T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-28:/creare-entitati-tutorial-symfony.html<p class="first last">Creare entitati in Symfony 2</p>
<p>Entitatea - <strong>entity</strong> - e o clasa in care sunt descrise campurile unei tabele si include metode de setare si afisare campuri.
Mai tarziu voi mentiona si includerea aici a regulilor de validare a datelor ce se introduc.</p>
<p>O entitate poate fi generata prin 2 metode: manual sau cu utilitarul app/console:</p>
<div class="highlight"><pre><span></span><span class="go">php app/console doctrine:generate:entity</span>
<span class="go">The Entity shortcut name: TutorialTestBundle:Carti</span>
<span class="go">Determine the format to use for the mapping information.</span>
<span class="go">Configuration format (yml, xml, php, or annotation) [annotation]:</span>
<span class="go">Instead of starting with a blank entity, you can add some fields now.</span>
<span class="go">Note that the primary key will be added automatically (named id).</span>
<span class="go">Available types: array, simple_array, json_array, object,</span>
<span class="go">boolean, integer, smallint, bigint, string, text, datetime, datetimetz,</span>
<span class="go">date, time, decimal, float, blob, guid.</span>
<span class="go">New field name (press <return> to stop adding fields): titlu</span>
<span class="go">Field type [string]:</span>
<span class="go">Field length [255]:</span>
<span class="go">New field name (press <return> to stop adding fields): descriere</span>
<span class="go">Field type [string]: text</span>
<span class="go">New field name (press <return> to stop adding fields): pagini</span>
<span class="go">Field type [string]: integer</span>
<span class="go">New field name (press <return> to stop adding fields):</span>
<span class="go">Do you want to generate an empty repository class [no]?</span>
<span class="go">You are going to generate a "TutorialTestBundle:Carti" Doctrine2 entity</span>
<span class="go">using the "annotation" format.</span>
<span class="go">Do you confirm generation [yes]?</span>
<span class="go">Generating the entity code: OK</span>
</pre></div>
<p>Ce produce urmatorul fisier <strong>Tutorial/TestBundle/Entity/Carti.php</strong>:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal"> 10</span>
<span class="normal"> 11</span>
<span class="normal"> 12</span>
<span class="normal"> 13</span>
<span class="normal"> 14</span>
<span class="normal"> 15</span>
<span class="normal"> 16</span>
<span class="normal"> 17</span>
<span class="normal"> 18</span>
<span class="normal"> 19</span>
<span class="normal"> 20</span>
<span class="normal"> 21</span>
<span class="normal"> 22</span>
<span class="normal"> 23</span>
<span class="normal"> 24</span>
<span class="normal"> 25</span>
<span class="normal"> 26</span>
<span class="normal"> 27</span>
<span class="normal"> 28</span>
<span class="normal"> 29</span>
<span class="normal"> 30</span>
<span class="normal"> 31</span>
<span class="normal"> 32</span>
<span class="normal"> 33</span>
<span class="normal"> 34</span>
<span class="normal"> 35</span>
<span class="normal"> 36</span>
<span class="normal"> 37</span>
<span class="normal"> 38</span>
<span class="normal"> 39</span>
<span class="normal"> 40</span>
<span class="normal"> 41</span>
<span class="normal"> 42</span>
<span class="normal"> 43</span>
<span class="normal"> 44</span>
<span class="normal"> 45</span>
<span class="normal"> 46</span>
<span class="normal"> 47</span>
<span class="normal"> 48</span>
<span class="normal"> 49</span>
<span class="normal"> 50</span>
<span class="normal"> 51</span>
<span class="normal"> 52</span>
<span class="normal"> 53</span>
<span class="normal"> 54</span>
<span class="normal"> 55</span>
<span class="normal"> 56</span>
<span class="normal"> 57</span>
<span class="normal"> 58</span>
<span class="normal"> 59</span>
<span class="normal"> 60</span>
<span class="normal"> 61</span>
<span class="normal"> 62</span>
<span class="normal"> 63</span>
<span class="normal"> 64</span>
<span class="normal"> 65</span>
<span class="normal"> 66</span>
<span class="normal"> 67</span>
<span class="normal"> 68</span>
<span class="normal"> 69</span>
<span class="normal"> 70</span>
<span class="normal"> 71</span>
<span class="normal"> 72</span>
<span class="normal"> 73</span>
<span class="normal"> 74</span>
<span class="normal"> 75</span>
<span class="normal"> 76</span>
<span class="normal"> 77</span>
<span class="normal"> 78</span>
<span class="normal"> 79</span>
<span class="normal"> 80</span>
<span class="normal"> 81</span>
<span class="normal"> 82</span>
<span class="normal"> 83</span>
<span class="normal"> 84</span>
<span class="normal"> 85</span>
<span class="normal"> 86</span>
<span class="normal"> 87</span>
<span class="normal"> 88</span>
<span class="normal"> 89</span>
<span class="normal"> 90</span>
<span class="normal"> 91</span>
<span class="normal"> 92</span>
<span class="normal"> 93</span>
<span class="normal"> 94</span>
<span class="normal"> 95</span>
<span class="normal"> 96</span>
<span class="normal"> 97</span>
<span class="normal"> 98</span>
<span class="normal"> 99</span>
<span class="normal">100</span>
<span class="normal">101</span>
<span class="normal">102</span>
<span class="normal">103</span>
<span class="normal">104</span>
<span class="normal">105</span>
<span class="normal">106</span>
<span class="normal">107</span>
<span class="normal">108</span>
<span class="normal">109</span>
<span class="normal">110</span>
<span class="normal">111</span>
<span class="normal">112</span>
<span class="normal">113</span>
<span class="normal">114</span>
<span class="normal">115</span>
<span class="normal">116</span>
<span class="normal">117</span>
<span class="normal">118</span>
<span class="normal">119</span>
<span class="normal">120</span>
<span class="normal">121</span>
<span class="normal">122</span>
<span class="normal">123</span></pre></div></td><td class="code"><div><pre><span></span><span class="cp"><?php</span>
<span class="k">namespace</span> <span class="nx">Tutorial\TestBundle\Entity</span><span class="p">;</span>
<span class="k">use</span> <span class="nx">Doctrine\ORM\Mapping</span> <span class="k">as</span> <span class="nx">ORM</span><span class="p">;</span>
<span class="sd">/**</span>
<span class="sd"> * Carti</span>
<span class="sd"> *</span>
<span class="sd"> * @ORM\Table()</span>
<span class="sd"> * @ORM\Entity</span>
<span class="sd"> */</span>
<span class="k">class</span> <span class="nc">Carti</span>
<span class="p">{</span>
<span class="sd">/**</span>
<span class="sd"> * @var integer</span>
<span class="sd"> *</span>
<span class="sd"> * @ORM\Column(name="id", type="integer")</span>
<span class="sd"> * @ORM\Id</span>
<span class="sd"> * @ORM\GeneratedValue(strategy="AUTO")</span>
<span class="sd"> */</span>
<span class="k">private</span> <span class="nv">$id</span><span class="p">;</span>
<span class="sd">/**</span>
<span class="sd"> * @var string</span>
<span class="sd"> *</span>
<span class="sd"> * @ORM\Column(name="titlu", type="string", length=255)</span>
<span class="sd"> */</span>
<span class="k">private</span> <span class="nv">$titlu</span><span class="p">;</span>
<span class="sd">/**</span>
<span class="sd"> * @var string</span>
<span class="sd"> *</span>
<span class="sd"> * @ORM\Column(name="descriere", type="text")</span>
<span class="sd"> */</span>
<span class="k">private</span> <span class="nv">$descriere</span><span class="p">;</span>
<span class="sd">/**</span>
<span class="sd"> * @var integer</span>
<span class="sd"> *</span>
<span class="sd"> * @ORM\Column(name="pagini", type="integer")</span>
<span class="sd"> */</span>
<span class="k">private</span> <span class="nv">$pagini</span><span class="p">;</span>
<span class="sd">/**</span>
<span class="sd"> * Get id</span>
<span class="sd"> *</span>
<span class="sd"> * @return integer</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">getId</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">id</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Set titlu</span>
<span class="sd"> *</span>
<span class="sd"> * @param string $titlu</span>
<span class="sd"> * @return Carti</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">setTitlu</span><span class="p">(</span><span class="nv">$titlu</span><span class="p">)</span>
<span class="p">{</span>
<span class="nv">$this</span><span class="o">-></span><span class="na">titlu</span> <span class="o">=</span> <span class="nv">$titlu</span><span class="p">;</span>
<span class="k">return</span> <span class="nv">$this</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Get titlu</span>
<span class="sd"> *</span>
<span class="sd"> * @return string</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">getTitlu</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">titlu</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Set descriere</span>
<span class="sd"> *</span>
<span class="sd"> * @param string $descriere</span>
<span class="sd"> * @return Carti</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">setDescriere</span><span class="p">(</span><span class="nv">$descriere</span><span class="p">)</span>
<span class="p">{</span>
<span class="nv">$this</span><span class="o">-></span><span class="na">descriere</span> <span class="o">=</span> <span class="nv">$descriere</span><span class="p">;</span>
<span class="k">return</span> <span class="nv">$this</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Get descriere</span>
<span class="sd"> *</span>
<span class="sd"> * @return string</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">getDescriere</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">descriere</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Set pagini</span>
<span class="sd"> *</span>
<span class="sd"> * @param integer $pagini</span>
<span class="sd"> * @return Carti</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">setPagini</span><span class="p">(</span><span class="nv">$pagini</span><span class="p">)</span>
<span class="p">{</span>
<span class="nv">$this</span><span class="o">-></span><span class="na">pagini</span> <span class="o">=</span> <span class="nv">$pagini</span><span class="p">;</span>
<span class="k">return</span> <span class="nv">$this</span><span class="p">;</span>
<span class="p">}</span>
<span class="sd">/**</span>
<span class="sd"> * Get pagini</span>
<span class="sd"> *</span>
<span class="sd"> * @return integer</span>
<span class="sd"> */</span>
<span class="k">public</span> <span class="k">function</span> <span class="nf">getPagini</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">return</span> <span class="nv">$this</span><span class="o">-></span><span class="na">pagini</span><span class="p">;</span>
<span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
<p>In acest exemplu am folosit modul de definire a metadatelor <em>annotation</em> similar cu phpdoc. Metodele de afisare a datelor si setare sunt descrise mai sus.</p>
<p>In cazul in care definim manual campurile, metodele de afisare a datelor si setare se genereaza cu comanda:</p>
<div class="highlight"><pre><span></span><span class="go">php app/console doctrine:generate:entities Tutorial/TestBundle/Entity/Carti</span>
</pre></div>
<p>Pasul urmator este generarea tabelului aferent in baza de date:</p>
<div class="highlight"><pre><span></span><span class="go">php app/console doctrine:schema:update --force</span>
</pre></div>
<p>Mai multe gasiti <a class="reference external" href="http://symfony.com/doc/current/book/doctrine.html#creating-an-entity-class">aici</a>.</p>
<p><a class="reference external" href="../conectare-la-baza-de-date-tutorial-symfony/">Anterior - Conectare la baza de date</a>
<a class="reference external" href="../creare-controller-tutorial-symfony/">Urmator - Creare controller</a></p>
Conectare la baza de date - Tutorial Symfony2015-05-27T00:00:00+03:002015-05-27T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-27:/conectare-la-baza-de-date-tutorial-symfony.html<p class="first last">Creare entitati in Symfony 2</p>
<p>In marea majoritate a cazurilor un site are in spate o baza de date in care se stocheaza datele afisate in diverse pagini. Nici Symfony nu face exceptie.
Pentru conectarea la diverse baze de date - Mysql, PostgreSQL, SQLite sau Microsoft SQL - se foloseste libraria <a class="reference external" href="http://www.doctrine-project.org/">Doctrine</a>.</p>
<p>Configurarea bazei de date se face simplu in fisierul <strong>app/config/parameters.yml</strong>:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span></pre></div></td><td class="code"><div><pre><span></span>parameters:
database_driver: pdo_mysql
database_host: localhost
database_name: test_project
database_user: root
database_password: parola
</pre></div></td></tr></table></div>
<p>Apoi aceste valori se preiau in fisierul <strong>app/config/config.yml</strong>:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span></pre></div></td><td class="code"><div><pre><span></span>doctrine:
dbal:
driver: "%database_driver%"
host: "%database_host%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
</pre></div></td></tr></table></div>
<p>Iar crearea bazei de date se realizeaza usor:</p>
<div class="highlight"><pre><span></span><span class="go">php app/console doctrine:database:drop --force</span>
<span class="go">php app/console doctrine:database:create</span>
</pre></div>
<p><a class="reference external" href="../creare-bundle-tutorial-symfony/">Anterior - Creare bundle</a>
<a class="reference external" href="../creare-entitati-tutorial-symfony/">Urmator - Creare entitati</a></p>
Creare bundle - Tutorial Symfony2015-05-26T00:00:00+03:002015-05-26T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-26:/creare-bundle-tutorial-symfony.html<p class="first last">Creare bundle in Symfony 2</p>
<p>In Symfony se foloseste notiunea de <strong>bundle</strong> ce poate fi asemanat unui modul/plugin si care poate apoi fi utilizat in diverse proiecte.</p>
<p>Aceste bundle-uri se gasesc in folderul <strong>/src</strong> si cel mai des se regasesc sub structura de <strong>Producator/NumeBundle</strong>. Din fericire Symfony include un utilitar ce genereaza aceasta structura si adauga intrari in fisierele de configurare:</p>
<div class="highlight"><pre><span></span><span class="go">php app/console generate:bundle</span>
<span class="go">.....</span>
<span class="go">Bundle namespace: Tutorial/TestBundle</span>
<span class="go">.....</span>
<span class="go">Target directory [/var/www/home/www/symfo_home/src]:</span>
<span class="go">.....</span>
<span class="go">Configuration format (yml, xml, php, or annotation): yml</span>
<span class="go">You are going to generate a "Tutorial\TestBundle\TutorialTestBundle" bundle</span>
<span class="go">in "/var/www/home/www/symfo_home/src/" using the "yml" format.</span>
<span class="go">Do you confirm generation [yes]?</span>
<span class="go">Generating the bundle code: OK</span>
<span class="go">Checking that the bundle is autoloaded: OK</span>
<span class="go">Confirm automatic update of your Kernel [yes]?</span>
<span class="go">Enabling the bundle inside the Kernel: OK</span>
<span class="go">Confirm automatic update of the Routing [yes]?</span>
<span class="go">Importing the bundle routing resource: OK</span>
</pre></div>
<p>Vom gasi noul bundle creat in folderul <em>src/Tutorial/TestBundle</em> si sunt incluse intrari in urmatoarele fisiere de configurare:</p>
<ul class="simple">
<li>app/AppKernel.php</li>
<li>app/Resource/routing.yml</li>
</ul>
<p>Recomandari privind modul de numire a acestor bundle gasiti <a class="reference external" href="http://symfony.com/doc/current/cookbook/bundles/best_practices.html#index-1">aici</a>.</p>
<p><a class="reference external" href="../creare-virtualhost-in-apache-tutorial-symfony/">Anterior - Creare virtualhost in apache</a>
<a class="reference external" href="../conectare-la-baza-de-date-tutorial-symfony/">Urmator - Conectare la baza de date</a></p>
Creare virtualhost in apache - Tutorial Symfony2015-05-25T00:00:00+03:002015-05-25T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-25:/creare-virtualhost-in-apache-tutorial-symfony.html<p class="first last">Creare virtualhost in apache pentru Symfony 2</p>
<p>In unele cazuri dorim sa rulam proiectul nostru Symfony sub Apache. Iata setarile pentru un virtualhost la varianta dev</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost *:80></span>
<span class="go"> ServerName symfony.dev</span>
<span class="go"> ServerAlias www.symfony.dev</span>
<span class="go"> DocumentRoot /var/www/symfo_tut/web</span>
<span class="go"> <Directory "/var/www/symfo_tut/web"></span>
<span class="go"> DirectoryIndex app_dev.php</span>
<span class="go"> Options -Indexes FollowSymLinks SymLinksifOwnerMatch</span>
<span class="go"> AllowOverride None</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from all</span>
<span class="go"> </Directory></span>
<span class="go"> <Directory /var/www/symfo_tut></span>
<span class="go"> Options FollowSymlinks</span>
<span class="go"> </Directory></span>
<span class="go"> CustomLog "/var/log/apache2/symfony.local-access.log" combined</span>
<span class="go"> ErrorLog "/var/log/apache2/symfony.local-error.log"</span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>si pentru versiunea de productie:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost *:80></span>
<span class="go"> ServerName symfony.prod</span>
<span class="go"> ServerAlias www.symfony.prod</span>
<span class="go"> DocumentRoot /var/www/symfo_tut/web</span>
<span class="go"> <Directory "/var/www/symfo_tut/web"></span>
<span class="go"> DirectoryIndex app.php</span>
<span class="go"> Options -Indexes FollowSymLinks SymLinksifOwnerMatch</span>
<span class="go"> RewriteEngine On</span>
<span class="go"> AllowOverride All</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from All</span>
<span class="go"> </Directory></span>
<span class="go"> <Directory /var/www/symfo_tut></span>
<span class="go"> Options FollowSymlinks</span>
<span class="go"> </Directory></span>
<span class="go"> CustomLog "/var/log/apache2/symfony.local-access.log" combined</span>
<span class="go"> ErrorLog "/var/log/apache2/symfony.local-error.log"</span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>Nu uitati sa adaugati aceste domenii in <em>/etc/hosts</em>:</p>
<div class="highlight"><pre><span></span><span class="go">127.0.0.1 symfony.dev www.symfony.dev</span>
<span class="go">127.0.0.1 symfony.prod www.symfony.prod</span>
</pre></div>
<p>Acum putem testa in browser cele doua vesiuni: <em>http://symfony.dev</em> si <em>http://symfony.prod</em></p>
<p><a class="reference external" href="../instalare-symfony-2-tutorial-symfony/">Anterior - Instalare Symfony 2</a>
<a class="reference external" href="../creare-bundle-tutorial-symfony/">Urmator - Creare bundle</a></p>
Instalare Symfony 2 - Tutorial Symfony2015-05-24T00:00:00+03:002015-05-24T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-24:/instalare-symfony-2-tutorial-symfony.html<p class="first last">Instalare Symfony 2</p>
<p>Am decis sa scriu o serie de mici articole legate de <a class="reference external" href="http://symfony.com/">Symfony 2</a> un puternic framework PHP ce creste ca influenta in fiecare zi.</p>
<p>Studiind documentatia oficiala am constatat ca uneori poate fi confuza, fiind scrisa de geek pentru geek nu pentru un user nou venit.</p>
<p>Instalarea acestui framework cu ajutorul utilitarului <a class="reference external" href="https://getcomposer.org/">Composer</a>:</p>
<div class="highlight"><pre><span></span><span class="go">composer create-project symfony/framework-standard-edition symfo_tut/ '~2.6'</span>
</pre></div>
<p>Pentru a testa instalarea corecta putem porni serverul intern:</p>
<div class="highlight"><pre><span></span><span class="go">cd symfo_tut/</span>
<span class="go">php app/console server:start</span>
</pre></div>
<p>In browser la adresa <em>http://127.0.0.1:8000</em> vom vedea pagina de Welcome</p>
<div class="figure">
<img alt="" src="https://cgherman.go.ro/images/welcome.png" />
</div>
<p>Pentru productie in functie de versiunea de linux/server web instalat se mai <a class="reference external" href="http://symfony.com/doc/current/book/installation.html">configurari suplimentare</a>.</p>
<p><a class="reference external" href="../creare-virtualhost-in-apache-tutorial-symfony/">Urmator - Creare virtualhost in apache</a></p>
Sugestii, tutoriale - apr 20152015-05-14T00:00:00+03:002015-05-14T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-05-14:/sugestii-tutoriale-04-2015.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>Install Log.io on CentOS 7 <a class="reference external" href="http://t.co/jnPxqptlU4">http://t.co/jnPxqptlU4</a></p>
<p>Running Your Own Open Source Email Server <a class="reference external" href="http://t.co/QASVzza3Cr">http://t.co/QASVzza3Cr</a></p>
<p>How to deploy a web application quickly with Ubos on Raspberry Pi <a class="reference external" href="http://t.co/JlinUWOd2p">http://t.co …</a></p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>Install Log.io on CentOS 7 <a class="reference external" href="http://t.co/jnPxqptlU4">http://t.co/jnPxqptlU4</a></p>
<p>Running Your Own Open Source Email Server <a class="reference external" href="http://t.co/QASVzza3Cr">http://t.co/QASVzza3Cr</a></p>
<p>How to deploy a web application quickly with Ubos on Raspberry Pi <a class="reference external" href="http://t.co/JlinUWOd2p">http://t.co/JlinUWOd2p</a></p>
<p>GRUB2 &amp; EFI recovery - Tutorial <a class="reference external" href="http://t.co/8RHoJHblKO">http://t.co/8RHoJHblKO</a></p>
<p>8 Best Resources for Interface Icons <a class="reference external" href="http://t.co/AMTCnAnSoT">http://t.co/AMTCnAnSoT</a></p>
<p>10 Material Design Web Frameworks Worth Considering <a class="reference external" href="http://t.co/JUHtP8My8v">http://t.co/JUHtP8My8v</a></p>
<p>Lumen - PHP Micro-Framework By Laravel <a class="reference external" href="http://t.co/QuH7V1BDsN">http://t.co/QuH7V1BDsN</a></p>
<p>Bittorrent's Maelstrom: Using Torrents to Host Websites <a class="reference external" href="http://t.co/nySm5CRvLH">http://t.co/nySm5CRvLH</a></p>
<p>How To Configure Django With Apache In CentOS 7 <a class="reference external" href="http://t.co/1WUNo0J1eN">http://t.co/1WUNo0J1eN</a></p>
<p>Set up Automatic Virtual Hosts with Nginx and Apache <a class="reference external" href="http://t.co/VJSbVgI06N">http://t.co/VJSbVgI06N</a></p>
<p>7 Command Line Tools for Browsing Websites and Downloading Files in Linux <a class="reference external" href="http://t.co/DvTlP0pUxb">http://t.co/DvTlP0pUxb</a></p>
<p>Free resourses for developers <a class="reference external" href="http://t.co/awgIpPClew">http://t.co/awgIpPClew</a></p>
<p>Chromixium - Chrome OS alternative <a class="reference external" href="http://t.co/X10YZbS06g">http://t.co/X10YZbS06g</a></p>
<p>40+ tools for writing better PHP <a class="reference external" href="http://t.co/ASEXIRk2DF">http://t.co/ASEXIRk2DF</a></p>
<p>Shell In A Box - A Web-Based SSH Terminal to Access Remote Linux Servers <a class="reference external" href="http://t.co/wiRQMYkJjy">http://t.co/wiRQMYkJjy</a></p>
<p>A Beginner's Guide to npm — the Node Package Manager <a class="reference external" href="http://t.co/y1ijKd21mA">http://t.co/y1ijKd21mA</a></p>
<p>7 Ways to Optimize Jenkins <a class="reference external" href="http://t.co/jFkL8S9kyu">http://t.co/jFkL8S9kyu</a></p>
<p>6 Node.js Static Site Generators <a class="reference external" href="http://t.co/BxpkC2v9vT">http://t.co/BxpkC2v9vT</a></p>
Sugestii, tutoriale - mar 20152015-04-14T00:00:00+03:002015-04-14T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2015-04-14:/sugestii-tutoriale-03-2015.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>FreeBSD Unix Find Out Which Programs Are Listing On a Given Port Number <a class="reference external" href="http://t.co/LS0RrSVs1R">http://t.co/LS0RrSVs1R</a></p>
<p>Sabayon 15.04 Linux Distro Brings Xfce 4.12, Native Nvidia and AMD Video Drivers Support - Softpedia <a class="reference external" href="http://t.co/VwDhlJ44ez">http://t …</a></p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>FreeBSD Unix Find Out Which Programs Are Listing On a Given Port Number <a class="reference external" href="http://t.co/LS0RrSVs1R">http://t.co/LS0RrSVs1R</a></p>
<p>Sabayon 15.04 Linux Distro Brings Xfce 4.12, Native Nvidia and AMD Video Drivers Support - Softpedia <a class="reference external" href="http://t.co/VwDhlJ44ez">http://t.co/VwDhlJ44ez</a></p>
<p>101 Open Source Tools for Developers <a class="reference external" href="http://t.co/pXMB9Zl6WN">http://t.co/pXMB9Zl6WN</a></p>
<p>Ways To Secure Your Ubuntu 14.04 Server Running LAMP <a class="reference external" href="http://t.co/PAgt8LQMnk">http://t.co/PAgt8LQMnk</a></p>
<p>How to set up networking between Docker containers <a class="reference external" href="http://t.co/X7GQYpfG4l">http://t.co/X7GQYpfG4l</a></p>
<p>How to install Jenkins in Ubuntu and Centos <a class="reference external" href="http://t.co/2KZxalHHbZ">http://t.co/2KZxalHHbZ</a></p>
<p>Sketch for Beginners: Design a Bold Email Newsletter <a class="reference external" href="http://t.co/B3mv9voWWA">http://t.co/B3mv9voWWA</a></p>
<p>The Command Line for Web Design: Grasping the Basics <a class="reference external" href="http://t.co/rwSNAvxHol">http://t.co/rwSNAvxHol</a></p>
<p>Quick Apache Hadoop Admin Command Reference Examples <a class="reference external" href="http://t.co/rMl8CK9k0h">http://t.co/rMl8CK9k0h</a></p>
<p>List Of Free Windows SSH Client Tools To Connect To Your Linux Server <a class="reference external" href="http://t.co/PyD0F53fnv">http://t.co/PyD0F53fnv</a></p>
Sugestii, tutoriale - feb 20152015-03-14T00:00:00+02:002015-03-14T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-03-14:/sugestii-tutoriale-02-2015.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>A Decade Later, YouTube Remains a Mystery, Especially to Itself — The Message — Medium <a class="reference external" href="http://t.co/iKpkdCk0DD">http://t.co/iKpkdCk0DD</a></p>
<p>How safe are Perl, PHP, and Ruby? The experts weigh in | InfoWorld <a class="reference external" href="http://t.co/jtmg0y1Qjd">http://t.co/jtmg0y1Qjd</a></p>
<p>Another 20 Docs …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>A Decade Later, YouTube Remains a Mystery, Especially to Itself — The Message — Medium <a class="reference external" href="http://t.co/iKpkdCk0DD">http://t.co/iKpkdCk0DD</a></p>
<p>How safe are Perl, PHP, and Ruby? The experts weigh in | InfoWorld <a class="reference external" href="http://t.co/jtmg0y1Qjd">http://t.co/jtmg0y1Qjd</a></p>
<p>Another 20 Docs and Guides for Front-End Developers <a class="reference external" href="http://t.co/5b2WdIYjf0">http://t.co/5b2WdIYjf0</a></p>
<p>How To Speed Up SSH / SCP Connections <a class="reference external" href="http://t.co/8musMQFWn3">http://t.co/8musMQFWn3</a></p>
<p>Introduction - SQL School <a class="reference external" href="http://t.co/JQUB3XCmfI">http://t.co/JQUB3XCmfI</a></p>
<p>Docker Containers on the Desktop <a class="reference external" href="http://t.co/OvRF1wMDZE">http://t.co/OvRF1wMDZE</a></p>
<p>8 best desktop environments for Linux | ITworld <a class="reference external" href="http://t.co/MRnLb1vfRG">http://t.co/MRnLb1vfRG</a></p>
<p>18 Must Have Browser Plugins / Extensions For SysAdmins <a class="reference external" href="http://t.co/pwrsAAsKbV">http://t.co/pwrsAAsKbV</a></p>
<p>Comandă de capturi în Firefox | CNet.ro <a class="reference external" href="http://t.co/9TF2igcRkx">http://t.co/9TF2igcRkx</a></p>
<p>A collection of useful .htaccess snippets. <a class="reference external" href="https://t.co/U7Xra5LoW6">https://t.co/U7Xra5LoW6</a></p>
<p>20 Free Web Design Ebooks from 2014 <a class="reference external" href="http://t.co/TbCWPhwCUq">http://t.co/TbCWPhwCUq</a></p>
<p>Postfix Reverse lookup | Emil's bits <a class="reference external" href="http://t.co/KeVlEyb10Z">http://t.co/KeVlEyb10Z</a></p>
<p>Installing And Configuring Logwatch In Ubuntu 14.04 | Unixmen <a class="reference external" href="http://t.co/0JGkf19zxR">http://t.co/0JGkf19zxR</a></p>
<p>Dedicated Mail Server Hosting Multiple Domains – Step 1 – Distro Install and Prepare | Emil's bits <a class="reference external" href="http://t.co/p4Vh6IN2AZ">http://t.co/p4Vh6IN2AZ</a></p>
<p>Best Practices for Apache Logging: What To Log In Apache <a class="reference external" href="http://t.co/YtEtPM4sK4">http://t.co/YtEtPM4sK4</a></p>
Sugestii, tutoriale - ian 20152015-02-01T00:00:00+02:002015-02-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-02-01:/sugestii-tutoriale-01-2015.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>mytop - a top clone for MySQL <a class="reference external" href="http://t.co/L8wG4itQgR">http://t.co/L8wG4itQgR</a></p>
<p>Linux Basics: How To Use The 'free' Command In Linux <a class="reference external" href="http://t.co/XTKo0HFLp0">http://t.co/XTKo0HFLp0</a></p>
<p>How to Configure 'FirewallD' in RHEL/CentOS 7 and Fedora 21 <a class="reference external" href="http://t.co/RXJrhdefVa">http …</a></p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>mytop - a top clone for MySQL <a class="reference external" href="http://t.co/L8wG4itQgR">http://t.co/L8wG4itQgR</a></p>
<p>Linux Basics: How To Use The 'free' Command In Linux <a class="reference external" href="http://t.co/XTKo0HFLp0">http://t.co/XTKo0HFLp0</a></p>
<p>How to Configure 'FirewallD' in RHEL/CentOS 7 and Fedora 21 <a class="reference external" href="http://t.co/RXJrhdefVa">http://t.co/RXJrhdefVa</a></p>
<p>How to monitor harddisk health with smartmontools on Ubuntu <a class="reference external" href="http://t.co/OeGslYEHwm">http://t.co/OeGslYEHwm</a></p>
<p>List Of Tools To Monitor The Health Of Your Linux System <a class="reference external" href="http://t.co/mTxzp2B78N">http://t.co/mTxzp2B78N</a></p>
<p>git - the simple guide - no deep shit! <a class="reference external" href="http://t.co/sDn0JO7YmR">http://t.co/sDn0JO7YmR</a></p>
<p>Popular Open Source CSS Frameworks for Developers <a class="reference external" href="http://t.co/jXyX7cR6Xq">http://t.co/jXyX7cR6Xq</a></p>
<p>How to Guide on Modern Monitoring and Alerting - <a class="reference external" href="http://t.co/OJAfBSlCpl">http://t.co/OJAfBSlCpl</a></p>
<p>Visualize Your Code's Quality with PhpMetrics <a class="reference external" href="http://t.co/O7oMLRn2mG">http://t.co/O7oMLRn2mG</a></p>
<p>PHP Tips, Resources and Best Practices for 2015 <a class="reference external" href="http://t.co/mOrC3r3c4A">http://t.co/mOrC3r3c4A</a></p>
<p>PHP: The Right Way <a class="reference external" href="http://t.co/N4yDY6x7Zy">http://t.co/N4yDY6x7Zy</a></p>
<p>PHP Versions <a class="reference external" href="http://t.co/CfjcLZDySn">http://t.co/CfjcLZDySn</a></p>
<p>Cheat Sheets For Every Occasion <a class="reference external" href="http://t.co/t0oALw2alS">http://t.co/t0oALw2alS</a></p>
<p>Monit - monitor your processes simply HOWTO <a class="reference external" href="http://t.co/QVBnettPiJ">http://t.co/QVBnettPiJ</a></p>
<p>PHP Install Statistics <a class="reference external" href="http://t.co/6SJUNXAtJP">http://t.co/6SJUNXAtJP</a></p>
Testarea proiectelor PHP cu Jenkins2015-01-02T00:00:00+02:002015-01-02T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-01-02:/testarea-proiectelor-php-cu-jenkins.html<p class="first last">Testarea proiectelor PHP cu Jenkins</p>
<p><a class="reference external" href="http://jenkins-ci.org/">Jenkins</a> este un server utilizat la testarea si compilarea aplicatiilor software. Este un element cheie in sistemele <a class="reference external" href="http://en.wikipedia.org/wiki/Continuous_integration">CI</a> (countinuous integration)</p>
<p>Mai jos sunt descrisi pasii necesari pentru instalarea serverului Jenkins + suport pentru testare PHP pe un server Ubuntu</p>
<div class="highlight"><pre><span></span><span class="go">apt-get install wget curl git subversion</span>
</pre></div>
<p>Instalam Jenkins</p>
<div class="highlight"><pre><span></span><span class="go">wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -</span>
<span class="go">echo "deb http://pkg.jenkins-ci.org/debian binary/" >> /etc/apt/sources.list</span>
<span class="go">apt-get update</span>
<span class="go">apt-get install jenkins</span>
</pre></div>
<p>Instalam module in jenkins via CLI</p>
<div class="highlight"><pre><span></span><span class="go">wget http://localhost:8080/jnlpJars/jenkins-cli.jar</span>
<span class="go">java -jar jenkins-cli.jar -s http://localhost:8080 install-plugin checkstyle cloverphp dry htmlpublisher</span>
<span class="go">java -jar jenkins-cli.jar -s http://localhost:8080 install-plugin jdepend plot pmd violations git gitlab-plugin xunit</span>
</pre></div>
<p>Instalam php5-cli si cateva module php:</p>
<div class="highlight"><pre><span></span><span class="go">apt-get install php5-cli php5-xsl php5-mysql php5-curl php5-dev php-pear</span>
</pre></div>
<p>Pentru testarea codului PHP vom folosi cateva utilitare:</p>
<ul class="simple">
<li><a class="reference external" href="https://github.com/sebastianbergmann/phploc">phploc</a> - determinarea marimii si a structurii proiectului</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear config-set auto_discover 1</span>
<span class="go">pear install pear.phpunit.de/phploc</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="http://pdepend.org/">pdepend</a> - determina calitatea codului scris</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear channel-discover pear.pdepend.org</span>
<span class="go">pear install pdepend/PHP_Depend</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="http://phpmd.org/">phpmd</a> - cauta inadvertente in codul scris, functii prea complicate, parametrii si metode neutilizate</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear channel-discover pear.phpmd.org</span>
<span class="go">pear install phpmd/PHP_PMD</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="https://github.com/squizlabs/PHP_CodeSniffer">PHP_CodeSnifer</a> - ne indica incalcari ale diferitelor standarde/recomandari ale codului</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear install PHP_CodeSniffer</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="https://github.com/sebastianbergmann/phpcpd">phpcpd</a> - detecteaza codul duplicat in proiect</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear install pear.phpunit.de/phpcpd</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="http://www.phpdoc.org/">phpDocumentor</a> - genereaza documentatia codului din tag-urile phpdoc</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">wget -O /usr/local/bin/phpdoc http://phpdoc.org/phpDocumentor.phar</span>
<span class="go">chmod +x /usr/local/bin/phpdoc</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="https://phpunit.de/">PHPUnit</a> - frammework de testare a metodelor</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">wget -O /usr/local/bin/phpunit https://phar.phpunit.de/phpunit.phar</span>
<span class="go">chmod +x /usr/local/bin/phpunit</span>
</pre></div>
<ul class="simple">
<li><a class="reference external" href="http://www.phing.info/">phing</a> - motorul utilizat pentru rularea tuturor utilitarelor de mai sus</li>
</ul>
<div class="highlight"><pre><span></span><span class="go">pear channel-discover pear.phing.info</span>
<span class="go">pear install phing/phing</span>
</pre></div>
<p>Instalam template pentru proiectele PHP la Jenkins (va fi folsit ca proiect template)</p>
<div class="highlight"><pre><span></span><span class="go">curl https://raw.github.com/sebastianbergmann/php-jenkins-template/master/config.xml | java -jar</span>
<span class="go">jenkins-cli.jar -s http://localhost:8080 create-job php-template</span>
</pre></div>
<p>Creem un nou proiect prin copierea setarilor de la proiectul php-template. setam repository pentru codul sursa. iar ca comanda de build adaugam ca comanda shell:</p>
<div class="highlight"><pre><span></span><span class="go">phing -logger phing.listener.NoBannerLogger</span>
</pre></div>
<p>In structura proiectului in folderul radacina trebuie sa creem un folder build gol al carui continut va fi ignorat de catre SVN/Git si adaugam fisierele atasate.
Verificam si ajustam caile specificate in fisierele xml, si apoi comitem in repository.
Testarea se incepe prin comanda Build now si in consola avem posibilitatea vizualizarii output-ul comenzilor.
Fiecare build salvat va include rapoarte separate.</p>
<p>Surse:</p>
<p><a class="reference external" href="http://programmingarehard.com/2013/09/26/zero-to-jenkins.html">http://programmingarehard.com/2013/09/26/zero-to-jenkins.html</a>
<a class="reference external" href="http://thoughtsandideas.wordpress.com/2013/08/24/setting-up-jenkins-continuous-integration-for-a-php-project-on-a-ma">http://thoughtsandideas.wordpress.com/2013/08/24/setting-up-jenkins-continuous-integration-for-a-php-project-on-a-ma</a>
<a class="reference external" href="https://bitbucket.org/dadamssg/jenkinsdemo/src">https://bitbucket.org/dadamssg/jenkinsdemo/src</a></p>
Sugestii, tutoriale - dec 20142015-01-01T00:00:00+02:002015-01-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2015-01-01:/sugestii-tutoriale-12-2014.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>How to configure fail2ban to protect Apache HTTP server - Xmodulo <a class="reference external" href="http://t.co/Cm6FpH1Z5q">http://t.co/Cm6FpH1Z5q</a></p>
<p>The “Game of Thrones†Cast Being Normal in Everyday Life (48 pics + 1 gif) - <a class="reference external" href="http://t.co">http://t.co</a>/YeDSHnySoN`http://t.co …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>How to configure fail2ban to protect Apache HTTP server - Xmodulo <a class="reference external" href="http://t.co/Cm6FpH1Z5q">http://t.co/Cm6FpH1Z5q</a></p>
<p>The “Game of Thrones†Cast Being Normal in Everyday Life (48 pics + 1 gif) - <a class="reference external" href="http://t.co">http://t.co</a>/YeDSHnySoN`http://t.co/IhC0yB35m2 <<a class="reference external" href="http://t.co/IhC0yB35m2">http://t.co/IhC0yB35m2</a>>`_</p>
<p>Tuning WordPress to Handle High Amounts of Traffic <a class="reference external" href="http://t.co/OIVZrjW5Fn">http://t.co/OIVZrjW5Fn</a></p>
<p>The 5 Most Popular Frontend Frameworks of 2014 Compared <a class="reference external" href="http://t.co/krMNf4aVUu">http://t.co/krMNf4aVUu</a></p>
<p>How to Setup a Complete Mail Server (Postfix) using 'SquirrelMail' (Webmail) on Ubuntu/Debian <a class="reference external" href="http://t.co/KGEW6qmDCI">http://t.co/KGEW6qmDCI</a></p>
<p>More Useful Jenkins Plugins for PHP Projects <a class="reference external" href="http://t.co/Mp7AvOq4Cc">http://t.co/Mp7AvOq4Cc</a></p>
<p>How To Add, Delete, and Grant Sudo Privileges to Users on a FreeBSD Server <a class="reference external" href="http://t.co/y8z2hJN78r">http://t.co/y8z2hJN78r</a></p>
<p>Installing and Securing Jenkins <a class="reference external" href="http://t.co/KliILSJImQ">http://t.co/KliILSJImQ</a></p>
<p>Preparing and Building a PHP Project in Jenkins <a class="reference external" href="http://t.co/MxUBpgmikd">http://t.co/MxUBpgmikd</a></p>
<p>10 New Frontend Web Frameworks Worth Considering <a class="reference external" href="http://t.co/8wF9F90x0e">http://t.co/8wF9F90x0e</a></p>
<p>Analyzing a PHP Project with Jenkins <a class="reference external" href="http://t.co/xLqOn7a2MO">http://t.co/xLqOn7a2MO</a></p>
<p>8 ways to contribute to open source without writing code <a class="reference external" href="http://t.co/rvKiY1kdZy">http://t.co/rvKiY1kdZy</a></p>
Sugestii, tutoriale - nov 2014 (2)2014-12-01T00:00:00+02:002014-12-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2014-12-01:/sugestii-tutoriale-11-2014-2.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>The 7 Best Search Engines for Finding Free Images <a class="reference external" href="http://t.co/tm5AVSLCN5">http://t.co/tm5AVSLCN5</a></p>
<p>The Future of Email Marketing - Market Blog <a class="reference external" href="http://t.co/nQY2Tq3K6r">http://t.co/nQY2Tq3K6r</a></p>
<p>12 Essential MySQL Insert Command Examples <a class="reference external" href="http://t.co/WQvFP7MoUE">http://t.co/WQvFP7MoUE</a></p>
<p>Useful Shortcuts …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>The 7 Best Search Engines for Finding Free Images <a class="reference external" href="http://t.co/tm5AVSLCN5">http://t.co/tm5AVSLCN5</a></p>
<p>The Future of Email Marketing - Market Blog <a class="reference external" href="http://t.co/nQY2Tq3K6r">http://t.co/nQY2Tq3K6r</a></p>
<p>12 Essential MySQL Insert Command Examples <a class="reference external" href="http://t.co/WQvFP7MoUE">http://t.co/WQvFP7MoUE</a></p>
<p>Useful Shortcuts for a Faster Workflow in Sublime Text 3 <a class="reference external" href="http://t.co/51ecsuOxt8">http://t.co/51ecsuOxt8</a></p>
<p>Cache is the new RAM | MemSQL - The Database for Speed, Scale & Simplicity <a class="reference external" href="http://t.co/QYFu1zG65H">http://t.co/QYFu1zG65H</a></p>
Sugestii, tutoriale - nov 2014 (1)2014-11-16T00:00:00+02:002014-11-16T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2014-11-16:/sugestii-tutoriale-11-2014-1.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>9 GIFs That Explain Responsive Design Brilliantly <a class="reference external" href="http://t.co/mKzcQTUq32">http://t.co/mKzcQTUq32</a></p>
<p>Reducing Abandoned Shopping Carts In E-Commerce <a class="reference external" href="http://t.co/VeSql3rOQs">http://t.co/VeSql3rOQs</a></p>
<p>Transactional HTML Email Templates <a class="reference external" href="http://t.co/GKcaVDVI4K">http://t.co/GKcaVDVI4K</a></p>
<p>How to Run Multiple Versions of PHP …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>9 GIFs That Explain Responsive Design Brilliantly <a class="reference external" href="http://t.co/mKzcQTUq32">http://t.co/mKzcQTUq32</a></p>
<p>Reducing Abandoned Shopping Carts In E-Commerce <a class="reference external" href="http://t.co/VeSql3rOQs">http://t.co/VeSql3rOQs</a></p>
<p>Transactional HTML Email Templates <a class="reference external" href="http://t.co/GKcaVDVI4K">http://t.co/GKcaVDVI4K</a></p>
<p>How to Run Multiple Versions of PHP on One Server <a class="reference external" href="http://t.co/CzBgGuajij">http://t.co/CzBgGuajij</a></p>
<p>30 Useful Linux Commands for System Administrators <a class="reference external" href="http://t.co/sn2s1g2Ouu">http://t.co/sn2s1g2Ouu</a></p>
Tutorial phyton (start)2014-11-14T00:00:00+02:002014-11-14T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2014-11-14:/tutorial-phython-start.html<p class="first last">Tutorial phyton</p>
<p>In ultima saptamana am luat contact mai serios cu Python si am ramas placut impresionant. Chiar mai mult ca si acest blog este generat de Pelican - scris la randul lui in python.</p>
<p>Asa ca am decis sa ma apuc serios de invatat acest limbaj, cat si de un framework - Django</p>
<p>Am parcurs mare parte din cursurile de la <a class="reference external" href="http://www.codecademy.com/en/tracks/python">Codeacademy</a> si sintaxa fiind de multe ori similara cu cea din Jquery.</p>
<p>Acest lucru imi da ocazia de a scrie un totarial pe tema python si django. Asa ca va astept sa reveniti pentru episoadele urmatoare.</p>
Sugestii, tutoriale - oct 2014 (2)2014-11-01T00:00:00+02:002014-11-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2014-11-01:/sugestii-tutoriale-10-2014-2.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>Sorry, Windows Fans, but Can You Run 100 Apps at Once and Still Use the PC? - Softpedia <a class="reference external" href="http://t.co/WPJfrc6VTp">http://t.co/WPJfrc6VTp</a></p>
<p>Linux Today - 30 Useful Linux Commands for System Administrators <a class="reference external" href="http://t.co/sn2s1g2Ouu">http://t.co/sn2s1g2Ouu</a></p>
<p>Bootstrap 3 …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>Sorry, Windows Fans, but Can You Run 100 Apps at Once and Still Use the PC? - Softpedia <a class="reference external" href="http://t.co/WPJfrc6VTp">http://t.co/WPJfrc6VTp</a></p>
<p>Linux Today - 30 Useful Linux Commands for System Administrators <a class="reference external" href="http://t.co/sn2s1g2Ouu">http://t.co/sn2s1g2Ouu</a></p>
<p>Bootstrap 3.3.0 released · Bootstrap Blog <a class="reference external" href="http://t.co/joLlem4ED7">http://t.co/joLlem4ED7</a></p>
<p>8 Tips To Solve Linux and Unix Disk Full &amp; Can’t Write/Failure Problems <a class="reference external" href="http://t.co/ULjD3R2UzK">http://t.co/ULjD3R2UzK</a></p>
<p>Google Chrome DevTools Tutorials <a class="reference external" href="http://t.co/6L4rgk2JP7">http://t.co/6L4rgk2JP7</a></p>
<p>How To Use Vagrant To Create Small Virtual Test Lab on a Linux / OS X / MS-Windows <a class="reference external" href="http://t.co/YuwsuDbtjp">http://t.co/YuwsuDbtjp</a></p>
<p>How to monitor a log file on Linux with logwatch - Xmodulo <a class="reference external" href="http://t.co/V3N1ETvm15">http://t.co/V3N1ETvm15</a></p>
<p>Using Pull Requests as Code Reviews - Tuts+ Code Tutorial <a class="reference external" href="http://t.co/8MTQgFci7Y">http://t.co/8MTQgFci7Y</a></p>
<p>Securing Your Server Login - Tuts+ Code Tutorial <a class="reference external" href="http://t.co/UNmUZtPgNm">http://t.co/UNmUZtPgNm</a></p>
<p>Installing Composer Packages | Rafael Dohms <a class="reference external" href="http://t.co/9QhTIC5ONZ">http://t.co/9QhTIC5ONZ</a></p>
<p>An Extensive Collection of Cheatsheets for Web Designers - Market Blog <a class="reference external" href="http://t.co/AyAIif4ALV">http://t.co/AyAIif4ALV</a></p>
<p>How to download an ISO image with BitTorrent fast and safely from the command line - Xmodulo <a class="reference external" href="http://t.co/3EMZa5mWDc">http://t.co/3EMZa5mWDc</a></p>
<p>30 of Our Favorite jQuery Plugins from the Last Few Months <a class="reference external" href="http://t.co/F5EgYhh2wX">http://t.co/F5EgYhh2wX</a></p>
Sugestii, tutoriale - oct 2014 (1)2014-10-16T00:00:00+03:002014-10-16T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2014-10-16:/sugestii-tutoriale-10-2014-1.html<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>15 Free Mobile UI Kit PSDs for App Designers <a class="reference external" href="http://t.co/W8lx1WkjMz">http://t.co/W8lx1WkjMz</a></p>
<p>Flarum: Forums Reimagined by Toby Zerner ââ¬â Kickstarter <a class="reference external" href="http://t.co/tcHxZAWFjO">http://t.co/tcHxZAWFjO</a></p>
<p>Configure "No Password SSH Keys Authentication" with PuTTY on …</p><p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>15 Free Mobile UI Kit PSDs for App Designers <a class="reference external" href="http://t.co/W8lx1WkjMz">http://t.co/W8lx1WkjMz</a></p>
<p>Flarum: Forums Reimagined by Toby Zerner ââ¬â Kickstarter <a class="reference external" href="http://t.co/tcHxZAWFjO">http://t.co/tcHxZAWFjO</a></p>
<p>Configure "No Password SSH Keys Authentication" with PuTTY on Linux Servers <a class="reference external" href="http://t.co/llU8KAWzln">http://t.co/llU8KAWzln</a></p>
<p>LFCS: How to use GNU 'sed' Command to Create, Edit, and Manipulate files in Linux - Part 1 <a class="reference external" href="http://t.co/AhAI8BQfZp">http://t.co/AhAI8BQfZp</a></p>
<p>20 More Docs and Guides for Front-End Developers <a class="reference external" href="http://t.co/tI0Smf4MAh">http://t.co/tI0Smf4MAh</a></p>
<p>A New Breed of Free Source Code Editors <a class="reference external" href="http://t.co/i37NlvO1Ne">http://t.co/i37NlvO1Ne</a></p>
<p>How to Install Laravel Homestead on Windows <a class="reference external" href="http://t.co/ZWMPnLka9Z">http://t.co/ZWMPnLka9Z</a></p>
<p>Adding Charts to Your Site with Highcharts - Tuts+ Code Tutorial <a class="reference external" href="http://t.co/GU9hcLoTnT">http://t.co/GU9hcLoTnT</a></p>
<p>How to configure HTTP load balancer with HAProxy on Linux - Xmodulo <a class="reference external" href="http://t.co/0F883JZCz2">http://t.co/0F883JZCz2</a></p>
Sugestii, tutoriale - sept 2014 (2)2014-10-01T00:00:00+03:002014-10-01T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2014-10-01:/sugestii-tutoriale-09-2014-2.html<p class="first last">Sugestii, tutoriale - sept 2014 (2)</p>
<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>OpenMandriva Lx 2014.1 Gets Newer Kernel, New KDE Version, and Better Boot Time - Softpedia <a class="reference external" href="http://t.co/UuYdIvcxbu">http://t.co/UuYdIvcxbu</a></p>
<p>Docker for the Laravel framework <a class="reference external" href="http://t.co/40Q88uqRg6">http://t.co/40Q88uqRg6</a></p>
<p>Experimenting with load balancing using nginx (and heartbeat) <a class="reference external" href="http://t.co/fr22Mbc1O4">http://t.co/fr22Mbc1O4</a></p>
<p>How Do You Work With Other People's Code? <a class="reference external" href="http://t.co/fwdzmGA1tG">http://t.co/fwdzmGA1tG</a></p>
<p>How to Boot Linux ISO Images Directly From Your Hard Drive <a class="reference external" href="http://t.co/c6yEC22c0o">http://t.co/c6yEC22c0o</a></p>
<p>An Introduction to Icon Fonts with Font Awesome and IcoMoon <a class="reference external" href="http://t.co/ui5N45NZum">http://t.co/ui5N45NZum</a></p>
<p>PHP Continuous integration, with Jenkins and Phing <a class="reference external" href="http://t.co/6JrSYELWV2">http://t.co/6JrSYELWV2</a></p>
<p>Creating isolated environments for PHP applications with PEAR dependencies <a class="reference external" href="http://t.co/2tL6zJlXJU">http://t.co/2tL6zJlXJU</a></p>
<p>Zero to Jenkins - PHP Continuous Integration <a class="reference external" href="http://t.co/3G8y8rb6wZ">http://t.co/3G8y8rb6wZ</a></p>
<p>How to create a software RAID-1 array with mdadm on Linux - Linux FAQ <a class="reference external" href="http://t.co/6BWStML2qQ">http://t.co/6BWStML2qQ</a></p>
<p>Rsync (Remote Sync): 10 Practical Examples of Rsync Command in Linux <a class="reference external" href="http://t.co/x1mdNFHA0r">http://t.co/x1mdNFHA0r</a></p>
Sugestii, tutoriale - sept 2014 (1)2014-09-16T00:00:00+03:002014-09-16T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2014-09-16:/sugestii-tutoriale-09-2014-1.html<p class="first last">Sugestii, tutoriale - sept 2014 (1)</p>
<p>O colectie de articole din domeniu linux/web/dezvoltare pe care le consider utile:</p>
<p>Perform Multiple Operations in Linux with the 'xargs' Command - Make Tech Easier <a class="reference external" href="http://t.co/zfyHTGD0qp">http://t.co/zfyHTGD0qp</a></p>
<p>How to Install Yii Framework on a Debian VPS with Nginx <a class="reference external" href="http://t.co/jnPxqptlU4">http://t.co/jnPxqptlU4</a></p>
<p>Speed Index: Measuring Page Load Time a Different Way <a class="reference external" href="http://t.co/zjAIP51k9e">http://t.co/zjAIP51k9e</a></p>
<p>The Fundamentals of Building a WordPress Server Dashboard - Tuts+ Code Tutorial <a class="reference external" href="http://t.co/6y6UdBbAGr">http://t.co/6y6UdBbAGr</a></p>
<p>An Introduction to Static Apps <a class="reference external" href="http://t.co/jbKcAJKHuT">http://t.co/jbKcAJKHuT</a></p>
<p>Mosh: alternative to ssh client <a class="reference external" href="http://t.co/xbSTCHaNrN">http://t.co/xbSTCHaNrN</a></p>
<p>[QUICK TIP] How To Enable Hardware Acceleration In Chromium / Chrome Browser | Unixmen <a class="reference external" href="http://t.co/jqTe9HQCtW">http://t.co/jqTe9HQCtW</a></p>
<p>Colourful ! systemd vs sysVinit Linux Cheatsheet <a class="reference external" href="http://t.co/MKthxqtNbH">http://t.co/MKthxqtNbH</a></p>
<p>Phansible <a class="reference external" href="http://t.co/XB7xVPfHYN">http://t.co/XB7xVPfHYN</a></p>
Boot iso cu grub22014-05-03T00:00:00+03:002014-05-03T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2014-05-03:/boot-iso-cu-grub2.html<p class="first last">Boot iso cu grub2</p>
<p>Sunt o persoana curioasa uneori si mereu am testat distributiile noi de Linux, cel mai des folosind Virtualbox, mai ales din comoditate, sau mai rar scriind-ule pe un stick USB.</p>
<p>Un amic mi-a mentionat de posibilitea de a boota direct din imaginile ISO aflate pe HDD. Asa ca m-am pus pe cercetat...</p>
<p>Exemple privind boot-area distributiilor {UKL}buntu si derivate se gaseau dar cu Gentoo/Sabayon a fost o intreaga aventura. In final cu putin ajutor gasit am gasit formula de bootare.</p>
<p>Pentru asta am adaugat in /etc/grub.d/40_custom intrarea:</p>
<div class="highlight"><pre><span></span><span class="go">menuentry "Sabayon 14.05 GNOME ISO" {</span>
<span class="go"> set cmdline="looptype=squashfs loop=/livecd.squashfs cdroot"</span>
<span class="go"> set isofile="/iso/Sabayon_Linux_14.05_amd64_GNOME.iso"</span>
<span class="go"> loopback loop (hd0,gpt5)${isofile}</span>
<span class="go"> linux (loop)/boot/sabayon ${cmdline} root=/dev/ram0 intrd=/boot/sabayon.igz isoboot=${isofile}</span>
<span class="go"> initrd (loop)/boot/sabayon.igz</span>
<span class="go">}</span>
</pre></div>
<dl class="docutils">
<dt>Clarificari:</dt>
<dd><ul class="first last simple">
<li>imaginea iso am salvat-o in folderul iso/ din partitia /home (ce-a de a 5-a partitie)</li>
</ul>
</dd>
</dl>
<p>Apoi pentru a avea access am regenerat meniu de boot cu comanda</p>
<div class="highlight"><pre><span></span><span class="go">grub2-mkconfig -o /boot/grub/grub.cfg</span>
</pre></div>
<p>Si voila, am putut porni imaginile.</p>
Twitter social machine2014-04-06T00:00:00+03:002014-04-06T00:00:00+03:00Cristian Ghermantag:cgherman.go.ro,2014-04-06:/twitter-social-machine.html<p class="first last">Utilizand Twitter ca social machine</p>
<p>Fiind un utlizator inrait a serviciului RSS de multi ani, via Google Reader, ulterior via <a class="reference external" href="http://feedly.com/">Feedly</a> am dorit sa pot impartasii facil amicilor, colegilor articole care le consider utile, interesante.</p>
<p>Un coleg mi-a aratat <a class="reference external" href="https://ifttt.com/wtf">IFTTT</a> un serviciu gratuit ce interconecteaza diferite servicii online in multiple moduri in mod automat (postari noi pe site-uri pot ajunge automat pe Twitter, Facebook,etc) pe baza de "retete".</p>
<p>Asa ca mi-am creat propria reteta ce imi publica pe contul meu de Twitter - <a class="reference external" href="https://twitter.com/c_gherman">@c_gherman</a> - linkuri catre articolele pe care le salvez pe Feedly.</p>
<p>Personal nu am vrut sa amestec contul de Facebook pe care il consider mai putin potrivit la asa ceva.</p>
Versiuni multiple de PHP pe Sabayon Linux2014-02-01T00:00:00+02:002014-02-01T00:00:00+02:00Cristian Ghermantag:cgherman.go.ro,2014-02-01:/versiuni-multiple-de-php-pe-sabayon.html<p class="first last">Instalare versiuni multiple de php pe Sabayon Linux</p>
<p>Am folosit doar aplicatii diponibile in distributia standard.</p>
<p>Pentru instalare am folosit package managerul equo pentru pachetele binare si emerge pentru compilarea pachetelor din surse:</p>
<p>Am instalat apache2 si modulul fcgid pentru rularea php.</p>
<div class="highlight"><pre><span></span><span class="go">equo install app-admin/apache-tools-2.2.25 www-apache/mod_fcgid-2.3.9 www-servers/apache-2.2.25</span>
</pre></div>
<p>Am instalat din pachete binare versiunile 5.3.28 si 5.4.24 la PHP:</p>
<div class="highlight"><pre><span></span><span class="go">equo install dev-lang/php-5.3.28-r1 dev-lang/php-5.4.24</span>
</pre></div>
<p>Pentru activarea mod_php si mod-fcgid am adaugat in fisierul /etc/conf.d/apache2 in linia de optiuni urmatorii parametrii:</p>
<div class="highlight"><pre><span></span><span class="go">"-D PHP5 -D FCGID"</span>
</pre></div>
<p>Folosind functia eselect disponibila am setat versiunea de php ce o voi folosi cu php in modul clasic</p>
<div class="highlight"><pre><span></span><span class="gp">root@cristi ~ # </span>eselect<span class="w"> </span>php<span class="w"> </span>list<span class="w"> </span>apache2
<span class="go"> [1] php5.3</span>
<span class="go"> [2] php5.4 *</span>
</pre></div>
<p>Versiunea poate fi setata cu comanda</p>
<div class="highlight"><pre><span></span><span class="gp">root@cristi ~ # </span>eselect<span class="w"> </span>php<span class="w"> </span><span class="nb">set</span><span class="w"> </span>apache2<span class="w"> </span><span class="m">2</span>
</pre></div>
<p>Similar pute seta versiunea pe care o va folosi consola php</p>
<div class="highlight"><pre><span></span><span class="gp">root@cristi ~ # </span>eselect<span class="w"> </span>php<span class="w"> </span>list<span class="w"> </span>cli
<span class="go"> [1] php5.3</span>
<span class="go"> [2] php5.4 *</span>
</pre></div>
<p>Am repornit serverul apache</p>
<div class="highlight"><pre><span></span><span class="go">systemd restart apache2</span>
</pre></div>
<p>Am creat micul fisier pentru afisarea modulelor php , info.php in /var/www/localhost</p>
<div class="highlight"><pre><span></span><span class="cp"><?php</span>
<span class="nb">phpinfo</span><span class="p">();</span>
<span class="cp">?></span>
</pre></div>
<p>Si testatam functionarea serverului apache cu PHP 5.4 ruland in modul clasic la adresa <a class="reference external" href="http://127.0.0.1/info.php">http://127.0.0.1/info.php</a></p>
<p>Versiunile de PHP 5.5 si 5.6 nu se regasesc inca intre pachetele binare si au fost instalate din surse cu ajutorul aplicatiei emerge iar PHP 5.6 find inca in varianta alpha este blocat default la instalare de catre echipa Gentoo. Pentru activare am adaugat in fisierul /etc/portage/package.unmask/00-sabayon.package.unmask linia:</p>
<div class="highlight"><pre><span></span><span class="go">=dev-lang/php-5.6.0_alpha1</span>
</pre></div>
<p>Compilarea am executat-o cu comenzile:</p>
<div class="highlight"><pre><span></span><span class="go">emerge =dev-lang/php-5.5.8</span>
<span class="go">emerge =dev-lang/php-5.6.0_alpha1</span>
</pre></div>
<p>fiecare compilare durand 5-10 min pe sistemul meu. (dependintele necesare se compileaza de asemeneea)</p>
<p>In lista de versiuni php se va modifica:</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>eselect<span class="w"> </span>php<span class="w"> </span>list<span class="w"> </span>apache2
<span class="go"> [1] php5.3</span>
<span class="go"> [2] php5.4 *</span>
<span class="go"> [3] php5.5</span>
<span class="go"> [4] php5.6</span>
</pre></div>
<p>NOTA: fiecare versiune de PHP stocheaza separat executabilele si fiserele de configurare ceea ce permite o configurare mai precisa conform nevoilor in fiecare caz.</p>
<p>Am creat cateva domenii virtuale locale pe care le voi folosi la testare si le-am introdus in /etc/hosts</p>
<div class="highlight"><pre><span></span><span class="go">127.0.0.1 php53.local php54.local php55.local php56.local</span>
</pre></div>
<p>Am creat 2 foldere in /var/www</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>mkdir<span class="w"> </span>/var/www/bin
<span class="gp"># </span>mkdir<span class="w"> </span>/var/www/phptest<span class="w"> </span>-<span class="w"> </span>ca<span class="w"> </span>folder<span class="w"> </span>de<span class="w"> </span>proiecte
</pre></div>
<p>Am modificat ca proprietar al celor 2 folder userul cristi.</p>
<div class="highlight"><pre><span></span><span class="gp"># </span>chown<span class="w"> </span>cristi:cristi<span class="w"> </span>/var/www/bin
<span class="gp"># </span>chown<span class="w"> </span>cristi:cristi<span class="w"> </span>/var/www/phptest
</pre></div>
<p>Am creat fisiere de configurare a domeniilor in /etc/apache2/vhosts.d:</p>
<p>php53-local.conf</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost 127.0.0.1:80></span>
<span class="go"> ServerName php53.local</span>
<span class="go"> DocumentRoot /var/www/phptest</span>
<span class="go"> SuexecUserGroup cristi cristi</span>
<span class="go"> <Directory "/var/www/phptest"></span>
<span class="go"> AddHandler fcgid-script .php</span>
<span class="go"> FCGIWrapper /var/www/bin/php5.3.fcgi .php</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from all</span>
<span class="go"> AllowOverride All</span>
<span class="go"> Options Indexes IncludesNOEXEC FollowSymLinks ExecCGI</span>
<span class="go"> </Directory></span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>php54-local.conf:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost 127.0.0.1:80></span>
<span class="go"> ServerName php54.local</span>
<span class="go"> DocumentRoot /var/www/phptest</span>
<span class="go"> SuexecUserGroup cristi cristi</span>
<span class="go"> <Directory "/var/www/phptest"></span>
<span class="go"> AddHandler fcgid-script .php</span>
<span class="go"> FCGIWrapper /var/www/bin/php5.4.fcgi .php</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from all</span>
<span class="go"> AllowOverride All</span>
<span class="go"> Options Indexes IncludesNOEXEC FollowSymLinks ExecCGI</span>
<span class="go"> </Directory></span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>php55-local.conf:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost 127.0.0.1:80></span>
<span class="go"> ServerName php55.local</span>
<span class="go"> DocumentRoot /var/www/phptest</span>
<span class="go"> SuexecUserGroup cristi cristi</span>
<span class="go"> <Directory "/var/www/phptest"></span>
<span class="go"> AddHandler fcgid-script .php</span>
<span class="go"> FCGIWrapper /var/www/bin/php5.5.fcgi .php</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from all</span>
<span class="go"> AllowOverride All</span>
<span class="go"> Options Indexes IncludesNOEXEC FollowSymLinks ExecCGI</span>
<span class="go"> </Directory></span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>php56-local.conf</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span></pre></div></td><td class="code"><div><pre><span></span><span class="go"><VirtualHost 127.0.0.1:80></span>
<span class="go"> ServerName php56.local</span>
<span class="go"> DocumentRoot /var/www/phptest</span>
<span class="go"> SuexecUserGroup cristi cristi</span>
<span class="go"> <Directory "/var/www/phptest"></span>
<span class="go"> AddHandler fcgid-script .php</span>
<span class="go"> FCGIWrapper /var/www/bin/php5.6.fcgi .php</span>
<span class="go"> Order allow,deny</span>
<span class="go"> Allow from all</span>
<span class="go"> AllowOverride All</span>
<span class="go"> Options Indexes IncludesNOEXEC FollowSymLinks ExecCGI</span>
<span class="go"> </Directory></span>
<span class="go"></VirtualHost></span>
</pre></div></td></tr></table></div>
<p>In folderul /var/www/bin am creat scripturi pentru rularea fisierelor php via fcgid</p>
<div class="highlight"><pre><span></span><span class="gp">root@cristi /var/www/bin # </span>ll
<span class="go">total 16K</span>
<span class="go">-rwxr-xr-x 1 cristi cristi 205 Jan 29 23:06 php5.3.fcgi*</span>
<span class="go">-rwxr-xr-x 1 cristi cristi 205 Jan 29 23:06 php5.4.fcgi*</span>
<span class="go">-rwxr-xr-x 1 cristi cristi 205 Dec 22 21:35 php5.5.fcgi*</span>
<span class="go">-rwxr-xr-x 1 cristi cristi 205 Jan 29 23:53 php5.6.fcgi*</span>
</pre></div>
<p>php5.3.fcgi:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span></pre></div></td><td class="code"><div><pre><span></span><span class="gp">#</span>!/bin/sh
<span class="go">PHPRC=/etc/php/cgi-php5.3/</span>
<span class="go">export PHPRC</span>
<span class="go">export PHP_FCGI_MAX_REQUESTS=5000</span>
<span class="gp"># </span>See<span class="w"> </span>http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<span class="go">export PHP_FCGI_CHILDREN=0</span>
<span class="go">exec /usr/lib64/php5.3/bin/php-cgi</span>
</pre></div></td></tr></table></div>
<p>php5.4.fcgi:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span></pre></div></td><td class="code"><div><pre><span></span><span class="gp">#</span>!/bin/sh
<span class="go">PHPRC=/etc/php/cgi-php5.4/</span>
<span class="go">export PHPRC</span>
<span class="go">export PHP_FCGI_MAX_REQUESTS=5000</span>
<span class="gp"># </span>See<span class="w"> </span>http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<span class="go">export PHP_FCGI_CHILDREN=0</span>
<span class="go">exec /usr/lib64/php5.4/bin/php-cgi</span>
</pre></div></td></tr></table></div>
<p>php5.5.fcgi:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span></pre></div></td><td class="code"><div><pre><span></span><span class="gp">#</span>!/bin/sh
<span class="go">PHPRC=/etc/php/cgi-php5.5/</span>
<span class="go">export PHPRC</span>
<span class="go">export PHP_FCGI_MAX_REQUESTS=5000</span>
<span class="gp"># </span>See<span class="w"> </span>http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<span class="go">export PHP_FCGI_CHILDREN=0</span>
<span class="go">exec /usr/lib64/php5.5/bin/php-cgi</span>
</pre></div></td></tr></table></div>
<p>php5.6.fcgi:</p>
<div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span>
<span class="normal">7</span></pre></div></td><td class="code"><div><pre><span></span><span class="gp">#</span>!/bin/sh
<span class="go">PHPRC=/etc/php/cgi-php5.6/</span>
<span class="go">export PHPRC</span>
<span class="go">export PHP_FCGI_MAX_REQUESTS=5000</span>
<span class="gp"># </span>See<span class="w"> </span>http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<span class="go">export PHP_FCGI_CHILDREN=0</span>
<span class="go">exec /usr/lib64/php5.6/bin/php-cgi</span>
</pre></div></td></tr></table></div>
<p>Repornim serverul apache:</p>
<div class="highlight"><pre><span></span><span class="go">systemd restart apache2</span>
</pre></div>
<p>si creem un fisier info.php in folderul /var/www/phptest.</p>
<p>Acum putem testa domeniile pentru a verifica configuratiile domeniilor:</p>
<p><a class="reference external" href="http://php53.local">http://php53.local</a></p>
<p><a class="reference external" href="http://php54.local">http://php54.local</a></p>
<p><a class="reference external" href="http://php55.local">http://php55.local</a></p>
<p><a class="reference external" href="http://php56.local">http://php56.local</a></p>
<p>NOTA: Nici un animal nu a fost ranit in acest experiment.</p>