OpenTechShed

Blog of Things

LEMP Stack Install using cloud-init

In this blog post, I will describe how to automate the installation of LEMP stack on Ubuntu server using cloud-init. cloud-init allows us to spin a server for testing/development. LEMP stack consists of four major software components.

  • Linux – The operating system on which the EMP is running.
  • NGINX – Another powerful web server, similar to Apache.
  • MariaDB – An open-source relational database management system.
  • PHP – Server-side scripting language used to process web pages.

You can further enhance the configuration by pulling code automatically from a Git repository and also configure the database automatically.

Further information about LEMP stack is available at https://lemp.io.

View Full Post

Troubleshooting cloud-init

In a recent blog post, I explained how one could set up a modern-day engineer’s command center on Ubuntu using cloud-init. While writing and testing the cloud-init configuration, I came across few issues that warranted me to write up a post on how to troubleshoot the cloud-init problems. This blog post describes:

  1. Use of syntax checkers to validate cloud-init configuration.
  2. Log files generated by cloud-init.
  3. Sample errors

View Full Post

Modern Day Engineer’s Control Center

Network Engineers, System Administrators, and DevOps engineers have to use the various open source software to do their day to day jobs. This could be things like using Ansible for server or network configuration, it could be Terraform to deploy and maintain infrastructure, Git for version control, or CLIs provided by cloud infrastructure providers. Even with small teams, one of the challenges that I have seen is how to make sure that the systems can be easily setup on day 1.

I had touched base on cloud-init briefly in an earlier post, but that relied on downloading a bash script and executing it. This blog post covers details on the commonly used software and how to build a Linux based system automatically. It assumes that the system is being built on OpenStack or any other cloud provider infrastructure such as AWS, GCP, Azure, or Digital Ocean and uses Ubuntu 16.04 as the operating system.

View Full Post

bash and mailgun for ad-hoc reporting

Mailgun provides an easy way to send out emails that can be integrated in your scripts and in turn helps with automated reporting. Often times we have to run some ad-hoc reports that are short-lived (hopefully) but need to be automated so that nobody has to go through the pain of running them manually. Working with large datasets of information, this becomes a requirement for me every now and then. Most of the times it is someone requesting for information that is not exposed using a web interface or API. While making the information using a web interface or API is definitely a good long-term solution, in order to be agile, I use mailgun and a simple shell script to automate the reporting.

In this blog post, we will look at a script that will

  1. Connect to a PostgreSQL database
  2. Execute a select query
  3. Exports the information into a CSV file
  4. Email the CSV file to a list of email addresses that have been specified.

View Full Post

Export logs from FortiGate to FTP server

This is a quick post on how to export logs from a FortiGate to FTP server. On FortiGates running FortiOS 5.6 and above, one can easily transfer all logs from memory to an FTP server.

View Full Post

FortiGate Virtual Machine Config Drive – Missing Pieces

With FortiOS version 5.4.1 and above, Fortinet added support for initial configuration of a FortiGate virtual machine by attaching a cloud-init config drive. When the FortiGate VM powers up for the first time, it will automatically read the data from the config drive and apply both license and configuration to the FortiGate. This is an excellent way to automate deployments of FortiGate virtual machines in production or lab environments. You can read more about the config drive support and how to use one at http://cookbook.fortinet.com/config-drive-esx-vcenter-vmware-5-4/. In this blog post, I will try to capture some of the missing pieces and also provide pointers on how to troubleshoot.

View Full Post

Installing VMware vSphere SDK for Perl v6.5 on Ubuntu 14.04

VMware has a guide available at https://pubs.vmware.com/vsphere-65/topic/com.vmware.ICbase/PDF/vsphere-perl-sdk-65-installation-guide.pdf, which if you follow carefully you will be able to successfully install the vSphere SDK for Perl without any issues. I, unfortunately, didn’t follow the guide properly and landed into some issues, which I have documented here. This blog post captures:

  1. How to install vSphere SDK for Perl on Ubuntu 14.04
  2. Issues encountered

View Full Post

FortiOS 5.4 automatically repeat commands using auto-script

FortiOS 5.4 introduced a long-awaited feature called auto-script. Head over to http://help.fortinet.com/fos50hlp/54/index.htm and then “5.4 What’s New” if you are interested in learning more. For those of us, who have worked on Cisco routers and used aliases or EEM feature, the auto-script feature is somewhere in between the two. It allows commands to be executed periodically or either once and I see this to be a great add to the feature set, especially when it comes to collecting lots of information quickly. This blog post captures:

  1. How to configure auto-script feature
  2. How to execute a script
  3. How to view the results.
  4. How to upload results to an FTP server
  5. Maximum limit
  6. Few features that I would like to see in future FortiOS releases

View Full Post

Using esxcli to add port groups and vlans in bulk

Introduction

esxcli is a command line tool that can be used to manage VMware ESXi host. In my opinion it’s a good way to learn more about the inner workings of ESXi and can be used in scripts for automating tasks. In this blog post, I will show you how to use esxcli to add portgroups and vlans to vSwitch0 of an ESXi host.

View Full Post

Testing DSCP using ping tcpdump and tshark

Introduction and Setup

If you came here via a search engine, chances are that you looking for a quick and dirty way of testing DSCP on your network. Differentiated Services, described in RFC 2474 and RFC 2475 provide a way to mark, prioritize, police, etc IP flows based on various attributes. This allows network operators to maintain different levels of QoS on their networks.

This post captures details on how to generate traffic from a client with different DSCP fields set and verify that they are received on the server side.

View Full Post

Page 1 of 2