diff --git a/_config.yml b/_config.yml index a417232c120d..256d7f6f3ea1 100644 --- a/_config.yml +++ b/_config.yml @@ -1,6 +1,6 @@ # Site wide configuration -title: Site Title +title: Lazy Sysadmin locale: en_US url: @@ -41,23 +41,23 @@ titlecase: true # Site owner owner: - name: Your Name + name: Prasetiyo Hadi Purwoko avatar: bio-photo.jpg bio: "Describe your self." - email: + email: pras@deuterion.net disqus-shortname: - twitter: #username - facebook: #username + twitter: xprashp + facebook: prasetiyo.hadi.p google: - plus: #username + plus: PrasetiyoHadiPurwoko analytics: verify: ad-client: ad-slot: bing-verify: - github: #username + github: prasetiyohadi stackoverflow: #123456/username from a "http://stackoverflow.com/users/123456/username" link - linkedin: #username + linkedin: prasetiyohadi xing: #username instagram: #username lastfm: #username diff --git a/_data/navigation.yml b/_data/navigation.yml index 7ef51022441f..f23a49c80c70 100644 --- a/_data/navigation.yml +++ b/_data/navigation.yml @@ -3,8 +3,8 @@ - title: About url: /about/ -- title: Sample Posts +- title: Posts url: /posts/ - title: Theme Setup - url: /theme-setup/ \ No newline at end of file + url: /theme-setup/ diff --git a/_posts/2011-03-10-sample-post.md b/_posts/2011-03-10-sample-post.md deleted file mode 100644 index 9e560d31df00..000000000000 --- a/_posts/2011-03-10-sample-post.md +++ /dev/null @@ -1,111 +0,0 @@ ---- -layout: post -title: Sample Post -excerpt: "Just about everything you'll need to style in the theme: headings, paragraphs, blockquotes, tables, code blocks, and more." -modified: 2013-05-31 -tags: [intro, beginner, jekyll, tutorial] -comments: true -image: - feature: sample-image-5.jpg - credit: WeGraphics - creditlink: http://wegraphics.net/downloads/free-ultimate-blurred-background-pack/ ---- - -
-
-

Overview

-
-
-* Auto generated table of contents -{:toc} -
-
- -## HTML Elements - -Below is just about everything you'll need to style in the theme. Check the source code to see the many embedded elements within paragraphs. - -# Heading 1 - -## Heading 2 - -### Heading 3 - -#### Heading 4 - -##### Heading 5 - -###### Heading 6 - -### Body text - -Lorem ipsum dolor sit amet, test link adipiscing elit. **This is strong**. Nullam dignissim convallis est. Quisque aliquam. - -![Smithsonian Image]({{ site.url }}/images/3953273590_704e3899d5_m.jpg) -{: .image-pull-right} - -*This is emphasized*. Donec faucibus. Nunc iaculis suscipit dui. 53 = 125. Water is H2O. Nam sit amet sem. Aliquam libero nisi, imperdiet at, tincidunt nec, gravida vehicula, nisl. The New York Times (That’s a citation). Underline.Maecenas ornare tortor. Donec sed tellus eget sapien fringilla nonummy. Mauris a ante. Suspendisse quam sem, consequat at, commodo vitae, feugiat in, nunc. Morbi imperdiet augue quis tellus. - -HTML and CSS are our tools. Mauris a ante. Suspendisse quam sem, consequat at, commodo vitae, feugiat in, nunc. Morbi imperdiet augue quis tellus. Praesent mattis, massa quis luctus fermentum, turpis mi volutpat justo, eu volutpat enim diam eget metus. - -### Blockquotes - -> Lorem ipsum dolor sit amet, test link adipiscing elit. Nullam dignissim convallis est. Quisque aliquam. - -## List Types - -### Ordered Lists - -1. Item one - 1. sub item one - 2. sub item two - 3. sub item three -2. Item two - -### Unordered Lists - -* Item one -* Item two -* Item three - -## Tables - -| Header1 | Header2 | Header3 | -|:--------|:-------:|--------:| -| cell1 | cell2 | cell3 | -| cell4 | cell5 | cell6 | -|---- -| cell1 | cell2 | cell3 | -| cell4 | cell5 | cell6 | -|===== -| Foot1 | Foot2 | Foot3 -{: rules="groups"} - -## Code Snippets - -{% highlight css %} -#container { - float: left; - margin: 0 -240px 0 0; - width: 100%; -} -{% endhighlight %} - -## Buttons - -Make any link standout more when applying the `.btn` class. - -{% highlight html %} -Success Button -{% endhighlight %} - -
Primary Button
-
Success Button
-
Warning Button
-
Danger Button
-
Info Button
- -## Notices - -**Watch out!** You can also add notices by appending `{: .notice}` to a paragraph. -{: .notice} diff --git a/_posts/2012-05-22-readability-post.md b/_posts/2012-05-22-readability-post.md deleted file mode 100644 index bdf22fc6843c..000000000000 --- a/_posts/2012-05-22-readability-post.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -layout: post -title: "Testing Readability with a Bunch of Text" -excerpt: "A ton of text to test readability." -tags: [sample post, readability, test] -comments: true ---- - -Portland in shoreditch Vice, labore typewriter pariatur hoodie fap sartorial Austin. Pinterest literally occupy Schlitz forage. Odio ad blue bottle vinyl, 90's narwhal commodo bitters pour-over nostrud. Ugh est hashtag in, fingerstache adipisicing laboris esse Pinterest shabby chic Portland. Shoreditch bicycle rights anim, flexitarian laboris put a bird on it vinyl cupidatat narwhal. Hashtag artisan skateboard, flannel Bushwick nesciunt salvia aute fixie do plaid post-ironic dolor McSweeney's. Cliche pour-over chambray nulla four loko skateboard sapiente hashtag. - -Vero laborum commodo occupy. Semiotics voluptate mumblecore pug. Cosby sweater ullamco quinoa ennui assumenda, sapiente occupy delectus lo-fi. Ea fashion axe Marfa cillum aliquip. Retro Bushwick keytar cliche. Before they sold out sustainable gastropub Marfa readymade, ethical Williamsburg skateboard brunch qui consectetur gentrify semiotics. Mustache cillum irony, fingerstache magna pour-over keffiyeh tousled selfies. - -## Cupidatat 90's lo-fi authentic try-hard - -In pug Portland incididunt mlkshk put a bird on it vinyl quinoa. Terry Richardson shabby chic +1, scenester Tonx excepteur tempor fugiat voluptate fingerstache aliquip nisi next level. Farm-to-table hashtag Truffaut, Odd Future ex meggings gentrify single-origin coffee try-hard 90's. - -* Sartorial hoodie -* Labore viral forage -* Tote bag selvage -* DIY exercitation et id ugh tumblr church-key - -Incididunt umami sriracha, ethical fugiat VHS ex assumenda yr irure direct trade. Marfa Truffaut bicycle rights, kitsch placeat Etsy kogi asymmetrical. Beard locavore flexitarian, kitsch photo booth hoodie plaid ethical readymade leggings yr. - -Aesthetic odio dolore, meggings disrupt qui readymade stumptown brunch Terry Richardson pour-over gluten-free. Banksy american apparel in selfies, biodiesel flexitarian organic meh wolf quinoa gentrify banjo kogi. Readymade tofu ex, scenester dolor umami fingerstache occaecat fashion axe Carles jean shorts minim. Keffiyeh fashion axe nisi Godard mlkshk dolore. Lomo you probably haven't heard of them eu non, Odd Future Truffaut pug keytar meggings McSweeney's Pinterest cred. Etsy literally aute esse, eu bicycle rights qui meggings fanny pack. Gentrify leggings pug flannel duis. - -## Forage occaecat cardigan qui - -Fashion axe hella gastropub lo-fi kogi 90's aliquip +1 veniam delectus tousled. Cred sriracha locavore gastropub kale chips, iPhone mollit sartorial. Anim dolore 8-bit, pork belly dolor photo booth aute flannel small batch. Dolor disrupt ennui, tattooed whatever salvia Banksy sartorial roof party selfies raw denim sint meh pour-over. Ennui eu cardigan sint, gentrify iPhone cornhole. - -> Whatever velit occaecat quis deserunt gastropub, leggings elit tousled roof party 3 wolf moon kogi pug blue bottle ea. Fashion axe shabby chic Austin quinoa pickled laborum bitters next level, disrupt deep v accusamus non fingerstache. - -Tote bag asymmetrical elit sunt. Occaecat authentic Marfa, hella McSweeney's next level irure veniam master cleanse. Sed hoodie letterpress artisan wolf leggings, 3 wolf moon commodo ullamco. Anim occupy ea labore Terry Richardson. Tofu ex master cleanse in whatever pitchfork banh mi, occupy fugiat fanny pack Austin authentic. Magna fugiat 3 wolf moon, labore McSweeney's sustainable vero consectetur. Gluten-free disrupt enim, aesthetic fugiat jean shorts trust fund keffiyeh magna try-hard. - -## Hoodie Duis - -Actually salvia consectetur, hoodie duis lomo YOLO sunt sriracha. Aute pop-up brunch farm-to-table odio, salvia irure occaecat. Sriracha small batch literally skateboard. Echo Park nihil hoodie, aliquip forage artisan laboris. Trust fund reprehenderit nulla locavore. Stumptown raw denim kitsch, keffiyeh nulla twee dreamcatcher fanny pack ullamco 90's pop-up est culpa farm-to-table. Selfies 8-bit do pug odio. - -### Thundercats Ho! - -Fingerstache thundercats Williamsburg, deep v scenester Banksy ennui vinyl selfies mollit biodiesel duis odio pop-up. Banksy 3 wolf moon try-hard, sapiente enim stumptown deep v ad letterpress. Squid beard brunch, exercitation raw denim yr sint direct trade. Raw denim narwhal id, flannel DIY McSweeney's seitan. Letterpress artisan bespoke accusamus, meggings laboris consequat Truffaut qui in seitan. Sustainable cornhole Schlitz, twee Cosby sweater banh mi deep v forage letterpress flannel whatever keffiyeh. Sartorial cred irure, semiotics ethical sed blue bottle nihil letterpress. - -Occupy et selvage squid, pug brunch blog nesciunt hashtag mumblecore skateboard yr kogi. Ugh small batch swag four loko. Fap post-ironic qui tote bag farm-to-table american apparel scenester keffiyeh vero, swag non pour-over gentrify authentic pitchfork. Schlitz scenester lo-fi voluptate, tote bag irony bicycle rights pariatur vero Vice freegan wayfarers exercitation nisi shoreditch. Chambray tofu vero sed. Street art swag literally leggings, Cosby sweater mixtape PBR lomo Banksy non in pitchfork ennui McSweeney's selfies. Odd Future Banksy non authentic. - -Aliquip enim artisan dolor post-ironic. Pug tote bag Marfa, deserunt pour-over Portland wolf eu odio intelligentsia american apparel ugh ea. Sunt viral et, 3 wolf moon gastropub pug id. Id fashion axe est typewriter, mlkshk Portland art party aute brunch. Sint pork belly Cosby sweater, deep v mumblecore kitsch american apparel. Try-hard direct trade tumblr sint skateboard. Adipisicing bitters excepteur biodiesel, pickled gastropub aute veniam. diff --git a/_posts/2013-05-22-sample-post-images.md b/_posts/2013-05-22-sample-post-images.md deleted file mode 100644 index 738e33734059..000000000000 --- a/_posts/2013-05-22-sample-post-images.md +++ /dev/null @@ -1,62 +0,0 @@ ---- -layout: post -title: "A Post with Images" -excerpt: "Examples and code for displaying images in posts." -tags: [sample post, images, test] -comments: true ---- - -Here are some examples of what a post with images might look like. If you want to display two or three images next to each other responsively use `figure` with the appropriate `class`. Each instance of `figure` is auto-numbered and displayed in the caption. - -### Figures (for images or video) - -#### One Up - -
- -
Morning Fog Emerging From Trees by A Guy Taking Pictures, on Flickr.
-
- -Vero laborum commodo occupy. Semiotics voluptate mumblecore pug. Cosby sweater ullamco quinoa ennui assumenda, sapiente occupy delectus lo-fi. Ea fashion axe Marfa cillum aliquip. Retro Bushwick keytar cliche. Before they sold out sustainable gastropub Marfa readymade, ethical Williamsburg skateboard brunch qui consectetur gentrify semiotics. Mustache cillum irony, fingerstache magna pour-over keffiyeh tousled selfies. - -#### Two Up - -Apply the `half` class like so to display two images side by side that share the same caption. - -{% highlight html %} -
- - -
Caption describing these two images.
-
-{% endhighlight %} - -And you'll get something that looks like this: - -
- - -
Two images.
-
- -#### Three Up - -Apply the `third` class like so to display three images side by side that share the same caption. - -{% highlight html %} -
- - - -
Caption describing these three images.
-
-{% endhighlight %} - -And you'll get something that looks like this: - -
- - - -
Three images.
-
diff --git a/_posts/2013-05-23-readability-feature-post.md b/_posts/2013-05-23-readability-feature-post.md deleted file mode 100644 index 4e76e1a3415d..000000000000 --- a/_posts/2013-05-23-readability-feature-post.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -layout: post -title: "Post with Large Feature Image and Text" -excerpt: "Custom written post descriptions are the way to go... if you're not lazy." -tags: [sample post, readability, test] -comments: true -image: - feature: sample-image-4.jpg - credit: WeGraphics - creditlink: http://wegraphics.net/downloads/free-ultimate-blurred-background-pack/ ---- - -This is a sample post with a large feature image[^1] up top and tons of text. Odio ad blue bottle vinyl, 90's narwhal commodo bitters pour-over nostrud. Ugh est hashtag in, fingerstache adipisicing laboris esse Pinterest shabby chic Portland. Shoreditch bicycle rights anim, flexitarian laboris put a bird on it vinyl cupidatat narwhal. Hashtag artisan skateboard, flannel Bushwick nesciunt salvia aute fixie do plaid post-ironic dolor McSweeney's. Cliche pour-over chambray nulla four loko skateboard sapiente hashtag. - -Vero laborum commodo occupy. Semiotics voluptate mumblecore pug. Cosby sweater ullamco quinoa ennui assumenda, sapiente occupy delectus lo-fi. *Ea fashion axe [Marfa cillum aliquip](#). Retro Bushwick keytar cliche.* Before they sold out sustainable gastropub Marfa readymade, ethical Williamsburg skateboard brunch qui consectetur gentrify semiotics. Mustache cillum irony, fingerstache magna pour-over keffiyeh tousled selfies. - -## Cupidatat 90's lo-fi authentic try-hard - -In pug Portland incididunt mlkshk put a bird on it vinyl quinoa. **[Terry Richardson](#) shabby chic +1**, scenester Tonx excepteur tempor fugiat voluptate fingerstache aliquip nisi next level. Farm-to-table hashtag Truffaut, Odd Future ex meggings gentrify single-origin coffee try-hard 90's. - -* Sartorial hoodie -* Labore viral forage -* Tote bag selvage -* DIY exercitation et id ugh tumblr church-key - -Incididunt umami sriracha, ethical fugiat VHS ex assumenda yr irure direct trade. Marfa Truffaut bicycle rights, kitsch placeat Etsy kogi asymmetrical. Beard locavore flexitarian, kitsch photo booth hoodie plaid ethical readymade leggings yr. - -Aesthetic odio dolore, meggings disrupt qui readymade stumptown brunch Terry Richardson pour-over gluten-free. Banksy american apparel in selfies, biodiesel flexitarian organic meh wolf quinoa gentrify banjo kogi. Readymade tofu ex, scenester dolor umami fingerstache occaecat fashion axe Carles jean shorts minim. Keffiyeh fashion axe nisi Godard mlkshk dolore. Lomo you probably haven't heard of them eu non, Odd Future Truffaut pug keytar meggings McSweeney's Pinterest cred. Etsy literally aute esse, eu bicycle rights qui meggings fanny pack. Gentrify leggings pug flannel duis. - -## Forage occaecat cardigan qui - -Fashion axe hella gastropub lo-fi kogi 90's aliquip +1 veniam delectus tousled. Cred sriracha locavore gastropub kale chips, iPhone mollit sartorial. Anim dolore 8-bit, pork belly dolor photo booth aute flannel small batch. Dolor disrupt ennui, tattooed whatever salvia Banksy sartorial roof party selfies raw denim sint meh pour-over. Ennui eu cardigan sint, gentrify iPhone cornhole. - -> Whatever velit occaecat quis deserunt gastropub, leggings elit tousled roof party 3 wolf moon kogi pug blue bottle ea. Fashion axe shabby chic Austin quinoa pickled laborum bitters next level, disrupt deep v accusamus non fingerstache. - -Tote bag asymmetrical elit sunt. Occaecat authentic Marfa, hella McSweeney's next level irure veniam master cleanse. Sed hoodie letterpress artisan wolf leggings, 3 wolf moon commodo ullamco. Anim occupy ea labore Terry Richardson. Tofu ex master cleanse in whatever pitchfork banh mi, occupy fugiat fanny pack Austin authentic. Magna fugiat 3 wolf moon, labore McSweeney's sustainable vero consectetur. Gluten-free disrupt enim, aesthetic fugiat jean shorts trust fund keffiyeh magna try-hard. - -## Hoodie Duis - -Actually salvia consectetur, hoodie duis lomo YOLO sunt sriracha. Aute pop-up brunch farm-to-table odio, salvia irure occaecat. Sriracha small batch literally skateboard. Echo Park nihil hoodie, aliquip forage artisan laboris. Trust fund reprehenderit nulla locavore. Stumptown raw denim kitsch, keffiyeh nulla twee dreamcatcher fanny pack ullamco 90's pop-up est culpa farm-to-table. Selfies 8-bit do pug odio. - -### Thundercats Ho! - -Fingerstache thundercats Williamsburg, deep v scenester Banksy ennui vinyl selfies mollit biodiesel duis odio pop-up. Banksy 3 wolf moon try-hard, sapiente enim stumptown deep v ad letterpress. Squid beard brunch, exercitation raw denim yr sint direct trade. Raw denim narwhal id, flannel DIY McSweeney's seitan. Letterpress artisan bespoke accusamus, meggings laboris consequat Truffaut qui in seitan. Sustainable cornhole Schlitz, twee Cosby sweater banh mi deep v forage letterpress flannel whatever keffiyeh. Sartorial cred irure, semiotics ethical sed blue bottle nihil letterpress. - -Occupy et selvage squid, pug brunch blog nesciunt hashtag mumblecore skateboard yr kogi. Ugh small batch swag four loko. Fap post-ironic qui tote bag farm-to-table american apparel scenester keffiyeh vero, swag non pour-over gentrify authentic pitchfork. Schlitz scenester lo-fi voluptate, tote bag irony bicycle rights pariatur vero Vice freegan wayfarers exercitation nisi shoreditch. Chambray tofu vero sed. Street art swag literally leggings, Cosby sweater mixtape PBR lomo Banksy non in pitchfork ennui McSweeney's selfies. Odd Future Banksy non authentic. - -Aliquip enim artisan dolor post-ironic. Pug tote bag Marfa, deserunt pour-over Portland wolf eu odio intelligentsia american apparel ugh ea. Sunt viral et, 3 wolf moon gastropub pug id. Id fashion axe est typewriter, mlkshk Portland art party aute brunch. Sint pork belly Cosby sweater, deep v mumblecore kitsch american apparel. Try-hard direct trade tumblr sint skateboard. Adipisicing bitters excepteur biodiesel, pickled gastropub aute veniam. - -[^1]: Texture image courtesty of [Lovetextures](http://www.lovetextures.com/) diff --git a/_posts/2013-08-12-sample-link-post.md b/_posts/2013-08-12-sample-link-post.md deleted file mode 100644 index 6649319b1c22..000000000000 --- a/_posts/2013-08-12-sample-link-post.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -layout: post -title: "Sample Link Post" -excerpt: "Example and code for using link posts." -tags: [sample post, link post] -link: http://mademistakes.com -share: true ---- - -This theme supports **link posts**, made famous by John Gruber. To use, just add `link: http://url-you-want-linked` to the post's YAML front matter and you're done. - -> And this is how a quote looks. - -Some [link](http://www.mademistakes.com) can also be shown. diff --git a/_posts/2013-08-16-code-highlighting-post.md b/_posts/2013-08-16-code-highlighting-post.md deleted file mode 100644 index 1a03d21d8df7..000000000000 --- a/_posts/2013-08-16-code-highlighting-post.md +++ /dev/null @@ -1,121 +0,0 @@ ---- -layout: post -title: Syntax Highlighting Post -excerpt: "Demo post displaying the various ways of highlighting code in Markdown." -tags: [sample post, code, highlighting] -modified: 2016-02-01 -comments: true ---- - -Syntax highlighting is a feature that displays source code, in different colors and fonts according to the category of terms. This feature facilitates writing in a structured language such as a programming language or a markup language as both structures and syntax errors are visually distinct. Highlighting does not affect the meaning of the text itself; it is intended only for human readers.[^1] - -[^1]: - -### Highlighted Code Blocks - -To modify styling and highlight colors edit `/_sass/syntax.scss`. - -{% highlight css %} -#container { - float: left; - margin: 0 -240px 0 0; - width: 100%; -} -{% endhighlight %} - -{% highlight html %} -{% raw %} - -{% endraw %} -{% endhighlight %} - -{% highlight ruby %} -module Jekyll - class TagIndex < Page - def initialize(site, base, dir, tag) - @site = site - @base = base - @dir = dir - @name = 'index.html' - self.process(@name) - self.read_yaml(File.join(base, '_layouts'), 'tag_index.html') - self.data['tag'] = tag - tag_title_prefix = site.config['tag_title_prefix'] || 'Tagged: ' - tag_title_suffix = site.config['tag_title_suffix'] || '–' - self.data['title'] = "#{tag_title_prefix}#{tag}" - self.data['description'] = "An archive of posts tagged #{tag}." - end - end -end -{% endhighlight %} - - -### Standard Code Block - - {% raw %} - - {% endraw %} - - -### Fenced Code Blocks - -To modify styling and highlight colors edit `/_sass/coderay.scss`. Line numbers and a few other things can be modified in `_config.yml`. Consult [Jekyll's documentation](http://jekyllrb.com/docs/configuration/) for more information. - -~~~ css -#container { - float: left; - margin: 0 -240px 0 0; - width: 100%; -} -~~~ - -~~~ html -{% raw %}{% endraw %} -~~~ - -~~~ ruby -module Jekyll - class TagIndex < Page - def initialize(site, base, dir, tag) - @site = site - @base = base - @dir = dir - @name = 'index.html' - self.process(@name) - self.read_yaml(File.join(base, '_layouts'), 'tag_index.html') - self.data['tag'] = tag - tag_title_prefix = site.config['tag_title_prefix'] || 'Tagged: ' - tag_title_suffix = site.config['tag_title_suffix'] || '–' - self.data['title'] = "#{tag_title_prefix}#{tag}" - self.data['description'] = "An archive of posts tagged #{tag}." - end - end -end -~~~ - -### GitHub Gist Embed - -An example of a Gist embed below. - -{% gist mmistakes/6589546 %} diff --git a/_posts/2014-01-19-final-project.md b/_posts/2014-01-19-final-project.md new file mode 100644 index 000000000000..690a11ed7a6c --- /dev/null +++ b/_posts/2014-01-19-final-project.md @@ -0,0 +1,29 @@ +--- +layout: post +title: "Final Project" +date: 2014-01-19 07:00:00 +0700 +categories: university +--- + +I have reached the eight semester in my undergraduate study and it means this semester I have to finish a final project (Tugas Akhir, ID) as a requirement to graduate. Actually I don't really into my final project's topic. There are many factors behind it. In the new curriculum, my department decide to give a final project to a team consist of two students. This is a good news because the possibility of student who will graduate is increased. But, this is somewhat a setback for me. I don't usually work in a team and for my final project I want to do a final project which is a original, only for me, my own final project. The requirement that a final project must be done by a team makes me don't feel that this is really my own final project. + +I often consider myself as a "lone wolf" and my skills and interests differ far from those in my department. For example, when most of students in my department have interest in control and instrumentation engineering or building engineering, my interest is in computation and materials engineering. Fortunately, I still like to get along well with my friends and I still can consider myself as an "activist" in my campus although my skills make me more suitable as nerd, and yes, I am starting to think that I am more nerd right now. + +###My department? +My department is Engineering Physics, a cool name, isn't it? But, I still don't know for clear what is the goal and the purpose of my own department. Some say that the core of my department is control and instrumentation engineering or building engineering. Some say that the core of my department is to measure or in instrumentation. Actually those definitions is a total demotivation because I think I do not fall into group of people who think like that. + +But, I got some enlightenment this morning from one of my teacher. His opinion in my department makes me understand what role my department holds and my skill is not a waste in my department. They talk about control, instrumentation, or anything but the real thing is beyond that. We exist because world needs some guys who can control the physics phenomenons so people from other departments can use the phenomenons in their field effectively and in the process of controlling those phenomenons there is an act of measuring, instrumentation. Moreover, my department also involved in designing the whole system, we exist in every part in the system which interact with physical world. + +Say some people from materials engineering want to process a material into something. For that purpose they need a spesific environment (temperature, pressure, etc.) or specific material. Who is responsible in creating such environment or preparing those specific (or special) material? Us. Say people from mining engineering want to explore new resources using ground signal sensor. Who is responsible in providing the sensor which suits the needs of people in mining engineering? Us. We are responsible, because if it's not us, who else will? + +###My lab? +My lab is Computational Materials Design, you hear the name. Maybe you think that this lab is suitable for me, isn't. Not really, I still do not really into this. I don't know why, this lab is my dream. But, maybe this is because the setbacks from my final project earlier. This lab is more research than engineering, actually. Here we calculate to define the properties of material we set in specific configuration and because of that this lab is somehow not really get along with the purpose of my department. Although my department needs this lab. + +This lab's work is to compute and for that it needs computer, a lot of computers, with high performance. But, for this small lab, only a few of HPC (High Performance Computer) available, and sadly, not configured optimally. I am just newbie here so I still don't really know how this lab works and what will I really do. But I can say that the people in this lab is amazing. Their works are amazing too. They often go to abroad to attend international conference or something and get a chance to meet people from abroad. They often get offering to continue their study in Japan, Europe, or USA. + +But still, it is really hard to start working. As the last person who enter this lab for this period, I often wonder how can I close the gap in knowledge and skill between mine and people who enters first. Moreover, I already have a job, and a hobby, in network engineering and administration. Although that boost my potential in computation field, it's no use if I don't know the theory and I do not like to be left behind. So, rather than struggling to study, I prefer to find a new field. So, my job now become my fall back, when I feel not motivated to study the theory. Honestly, this is what I feel now. + +###Now, what? +I don't know. Tomorrow I have to give a presentation on my final project's progress, when there is still no progress at all. This is only me anyway, I am the lazy one. Or maybe tonight I will try something new, trying to fing my dying motivation and revive it again. I think this is some kind of curse because I often compare myself with people around me and think low of myself. + +But, someday I also want to say out loud that I am proud of what I really am. Not what people think of I am. diff --git a/_posts/2014-02-09-installing-bind-dns-server-on-centos-6-5.md b/_posts/2014-02-09-installing-bind-dns-server-on-centos-6-5.md new file mode 100644 index 000000000000..bf50db33a7ee --- /dev/null +++ b/_posts/2014-02-09-installing-bind-dns-server-on-centos-6-5.md @@ -0,0 +1,186 @@ +--- +layout: post +title: "Installing BIND DNS Server on CentOS 6.5" +date: 2014-02-09 07:00:00 +0700 +categories: sysadmin +--- + +When we rent a [VPS](http://en.wikipedia.org/wiki/Virtual_private_server), we will get a public [IP address](http://en.wikipedia.org/wiki/IP_address) so we can access our VPS from anywhere in this world. But, sometimes we want a better way to access our VPS using [Domain Name](http://en.wikipedia.org/wiki/Domain_name). We will have to rent a domain name from a [Domain Name Registrar](http://en.wikipedia.org/wiki/Domain_name_registrar) and then set up our [Name server](http://en.wikipedia.org/wiki/Name_server) so that our domain name refer to our IP address. There is usually an easier way by using our registrar control panel to set up [NS records](http://en.wikipedia.org/wiki/List_of_DNS_record_types). But, if you still want to set up your own Name server, I hope this documentation will be useful for you. +#### BIND Name Server +[BIND](https://www.isc.org/downloads/bind/) or Berkeley Internet Domain Name is open source software that implements the [Domain Name System](http://en.wikipedia.org/wiki/Domain_Name_System) protocols. This is a documentation of installing BIND on CentOS 6.5 operating system. +###Getting Started +Before we install BIND, or another software, always upgrade our system first. + + # yum update + +Install BIND using **yum**. + + # yum install bind bind-utils + +Use this if you don't use IPv6. + + # echo 'OPTIONS = "4"' >> /etc/sysconfig/named + +Edit file *named.conf*. + + # vi /etc/named.conf + + options { + listen-on-v6 port 53 { none; }; + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + statistics-file "/var/named/data/named_stats.txt"; + memstatistics-file "/var/named/data/named_mem_stats.txt"; + allow-query { any; }; + allow-transfer { localhost; }; + recursion no; + + dnssec-enable yes; + dnssec-validation yes; + dnssec-lookaside auto; + + /* Path to ISC DLV key */ + bindkeys-file "/etc/named.iscdlv.key"; + + managed-keys-directory "/var/named/dynamic"; + }; + + logging { + channel default_debug { + file "data/named.run"; + severity dynamic; + }; + }; + + zone "." IN { + type hint; + file "named.ca"; + }; + + zone "server.net" { + type master; + file "/etc/server.net.hosts"; + allow-update { none; }; + }; + + zone "45.168.192.in-addr.arpa" IN { + type master; + file "/etc/45.168.192.db"; + allow-update { none; }; + }; + + include "/etc/named.rfc1912.zones"; + include "/etc/named.root.key"; + +Configure zone *server.net.hosts*. + + # vi /etc/server.net.hosts + + $TTL 86400 + @ IN SOA ns1.server.net. server.server.net. ( + 2014011807 ;serial, todays date + todays serial # + 28800 ;refresh, seconds + 7200 ;retry, seconds + 604800 ;expire, seconds + 86400 ;minimum, seconds; + ) + server.net. NS ns1.server.net. + server.net. NS ns2.server.net. + ns1 A 192.168.45.32 + ns2 A 192.168.45.32 + server A 192.168.45.32 + mail A 192.168.45.32 + server.net. A 192.168.45.32 + MX 10 mail.server.net. + www A 192.168.45.32 + +Configure reverse *45.168.192.db*. + + # vi /etc/45.168.192.db + + $TTL 86400 + @ IN SOA ns1.server.net. server.server.net. ( + 2014011807 ;serial, todays date + todays serial # + 28800 ;refresh, seconds + 7200 ;retry, seconds + 604800 ;expire, seconds + 86400 ;minimum, seconds; + ) + 45.168.192.in-addr.arpa. IN NS ns1.server.net. + 45.168.192.in-addr.arpa. IN NS ns2.server.net. + 32 IN PTR deuterion.net. + +Start BIND. + + # service named start + # chkconfig named on + +For PTR record, if you are having difficulties to set the PTR record in your NS server (the IP still does not point to your domain name), ask your registrar to configure it for you. +###Testing NS Server +Change your DNS resolver to your NS server. + + # vi /etc/resolv.conf + + nameserver 192.168.45.32 + +Try to resolve domain names and IP address. + + # dig server.net + + ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @192.168.45.32 server.net + ; (1 server found) + ;; global options: +cmd + ;; Got answer: + ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35404 + ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 + ;; WARNING: recursion requested but not available + + ;; QUESTION SECTION: + ;server.net. IN A + + ;; ANSWER SECTION: + server.net. 86400 IN A 192.168.45.32 + + ;; AUTHORITY SECTION: + server.net. 86400 IN NS ns2.server.net. + server.net. 86400 IN NS ns1.server.net. + + ;; ADDITIONAL SECTION: + ns1.server.net. 86400 IN A 192.168.45.32 + ns2.server.net. 86400 IN A 192.168.45.32 + + ;; Query time: 0 msec + ;; SERVER: 192.168.45.32#53(192.168.45.32) + ;; WHEN: Sun Feb 9 21:10:38 2014 + ;; MSG SIZE rcvd: 115 + + # dig -x 192.168.45.32 + + ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @192.168.45.32 -x 192.168.45.32 + ; (1 server found) + ;; global options: +cmd + ;; Got answer: + ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50675 + ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 + ;; WARNING: recursion requested but not available + + ;; QUESTION SECTION: + ;32.45.168.192.in-addr.arpa. IN PTR + + ;; ANSWER SECTION: + 32.45.168.192.in-addr.arpa. 86400 IN PTR server.net. + + ;; AUTHORITY SECTION: + 45.168.192.in-addr.arpa. 86400 IN NS ns1.server.net. + 45.168.192.in-addr.arpa. 86400 IN NS ns2.server.net. + + ;; ADDITIONAL SECTION: + ns1.server.net. 86400 IN A 192.168.45.32 + ns2.server.net. 86400 IN A 192.168.45.32 + + ;; Query time: 0 msec + ;; SERVER: 192.168.45.32#53(192.168.45.32) + ;; WHEN: Sun Feb 9 21:13:23 2014 + ;; MSG SIZE rcvd: 140 + +That's all, we have a working NS server. diff --git a/_posts/2014-02-09-installing-nginx-on-centos-6-5.md b/_posts/2014-02-09-installing-nginx-on-centos-6-5.md new file mode 100644 index 000000000000..a87bf29a3f37 --- /dev/null +++ b/_posts/2014-02-09-installing-nginx-on-centos-6-5.md @@ -0,0 +1,54 @@ +--- +layout: post +title: "Installing Nginx on CentOS 6.5" +date: 2014-02-09 08:00:00 +0700 +categories: sysadmin +--- + +CentOS community now works together with Redhat alongside Fedora. It's good news. So, we can hope to get a better software and support for next release of our beloved CentOS. As one of Linux (CentOS) fan, I want to share my experience installing nginx (engine-x) in CentOS 6.5. My VPS was installed as minimal server and then I added new packages, such as "Development tools" group and new repos (EPEL, CentALT). + +![nginx logo](http://nginx.org/nginx.gif) +

in CentOS

+ +First thing that I usually do before doing something is researching, usually. So, before I install nginx, I searched for tutorials and I found one in http://www.howtoforge.com/installing-nginx-with-php5-and-php-fpm-and-mysql-support-on-ubuntu-11.10. But, it is for Ubuntu and with MySQL which we not really need, yet. It is okay, because this is the fun part. We get to find the right configuration for our Linux distros. +The easiest way to install a package in CentOS (or every Linux distro) is using package manager, like yum. So, I searched http://pkgs.org to find any nginx package for CentOS and I found the latest stable nginx in CentALT repository. + + # yum --enablerepo=CentALT install nginx-stable + # /etc/rc.d/init.d/nginx start + +Open a browser and open our web server. Voila! + +![running-nginx](/images/nginx-1.PNG) + +We got a running nginx on CentOS. But, it is not everything yet. Now, we will make our nginx run PHP so we install php-fpm, a FastCGI Process Manager. + + # yum install php-fpm + # /etc/rc.d/init.d/php-fpm start + +The php-fpm daemon will start at localhost on port 9000. The nginx configuration is easy to understand and available at http://wiki.codemongers.com/NginxFullExample and http://wiki.codemongers.com/NginxFullExample2. Then, to make nginx can execute PHP files, we need to make some changes in nginx configuration file /etc/nginx/nginx.conf + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + location ~ \.php$ { + root html; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } + +Reload nginx. + + # /etc/rc.d/init.d/nginx reload + +To test if the FastCGI server works, create the following PHP file in document root. + + + +Save file as info.php and call that file in a browser. + +![running-php](/images/fastcgi.PNG) + +If it's showing the PHP information, our installation is running nicely. diff --git a/_posts/2014-02-09-installing-postfix-and-dovecot-on-centos-6-5.md b/_posts/2014-02-09-installing-postfix-and-dovecot-on-centos-6-5.md new file mode 100644 index 000000000000..165c3d5906b0 --- /dev/null +++ b/_posts/2014-02-09-installing-postfix-and-dovecot-on-centos-6-5.md @@ -0,0 +1,233 @@ +--- +layout: post +title: "Installing Postfix and Dovecot on CentOS 6.5" +date: 2014-02-09 09:00:00 +categories: sysadmin +--- + +Hello, I want to share a documentation how to setup a mail server using CentOS 6.5 using [Postfix](http://www.postfix.org/) as [SMTP](http://tools.ietf.org/html/rfc5321) server and [Dovecot](http://www.dovecot.org/) as [IMAP](http://tools.ietf.org/html/rfc3501)/[POP3](http://tools.ietf.org/html/rfc1939) server. Postfix is a well known [Message Transfer Agent](http://en.wikipedia.org/wiki/Message_transfer_agent) that mostly used today and Dovecot is also one of the widely used [Mail User Agent](http://en.wikipedia.org/wiki/Email_client). +###Preparing The Machine +In this documentation we use a CentOS 6.5 server and before we start, let's update the system. + + # yum update + +A mail server needs to have a MX record in its DNS, so make sure we have that. It is also a good thing to set the PTR record pointing to our domain too. + + # dig server.net -t ANY + ;; ANSWER SECTION: + server.net. 86312 IN MX 10 mail.server.net. + server.net. 86306 IN A 192.168.45.32 + server.net. 80528 IN NS ns2.server.net. + server.net. 80528 IN NS ns1.server.net. + +###Installing Postfix +![Postfix Logo](http://www.postfix.org/mysza.gif) + +Then install Postfix using yum if it's not already installed. + + # yum install postfix + +Edit Postfix configuration file *main.cf*, + + # vi /etc/postfix/main.cf + +This is a standard configuration, + + queue_directory = /var/spool/postfix + command_directory = /usr/sbin + daemon_directory = /usr/libexec/postfix + data_directory = /var/lib/postfix + mail_owner = postfix + myhostname = mail.server.net + myorigin = $mydomain + inet_interfaces = all + inet_protocols = ipv4 + mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain + unknown_local_recipient_reject_code = 550 + alias_maps = hash:/etc/aliases + alias_database = hash:/etc/aliases + home_mailbox = Maildir/ + smtpd_banner = $myhostname ESMTP + debug_peer_level = 2 + debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + sendmail_path = /usr/sbin/sendmail.postfix + newaliases_path = /usr/bin/newaliases.postfix + mailq_path = /usr/bin/mailq.postfix + setgid_group = postdrop + html_directory = no + manpage_directory = /usr/share/man + sample_directory = /usr/share/doc/postfix-2.6.6/samples + readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES + + # SASL configuration + smtpd_sasl_type = dovecot + smtpd_sasl_path = private/auth + smtpd_sasl_auth_enable = yes + smtpd_sasl_security_options = noanonymous + smtpd_sasl_local_domain = $myhostname + smtpd_client_restrictions = + permit_mynetworks, + reject_unknown_client, + permit + smtpd_recipient_restrictions = + permit_mynetworks, + permit_auth_destination, + permit_sasl_authenticated, + reject + + # TLS configuration + smtpd_use_tls = yes + smtpd_tls_key_file = /etc/pki/tls/private/ssl.key + smtpd_tls_cert_file = /etc/pki/tls/cert/ssl.crt + smtpd_tls_loglevel = 3 + smtpd_tls_received_header = yes + smtpd_tls_session_cache_timeout = 3600s + tls_random_source = dev:/dev/urandom + +Restart Postfix, + + # service postfix restart + +###Installing Dovecot +![Dovecot Logo](http://www.dovecot.org/dovecot.gif) + +Install Dovecot using yum, + + # yum install dovecot + +Edit Dovecot configuration file *dovecot.conf*, + + # vi /etc/dovecot/dovecot.conf + + protocols = imap pop3 + listen = * + dict { + } + !include conf.d/*.conf + +Edit *10-auth.conf*, + + # vi /etc/dovecot/conf.d/10-auth.conf + + disable_plaintext_auth = no + auth_mechanisms = plain login + !include auth-system.conf.ext + +Edit *10-mail.conf*, + + # vi /etc/dovecot/conf.d/10-mail.conf + + mail_location = maildir:~/Maildir + mbox_write_locks = fcntl + +Edit *10-master.conf*, + + # vi /etc/dovecot/conf.d/10-master.conf + + service imap-login { + inet_listener imap { + } + inet_listener imaps { + } + } + service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } + } + service lmtp { + unix_listener lmtp { + } + } + service imap { + } + service pop3 { + } + service auth { + unix_listener auth-userdb { + } + unix_listener /var/spool/postfix/private/auth { + mode = 0666 + user = postfix + group = postfix + } + } + service auth-worker { + } + service dict { + unix_listener dict { + } + } + +Edit *10-ssl.conf*, + + # vi /etc/dovecot/conf.d/10-ssl.conf + + ssl = yes + ssl_cert = + 250 2.1.0 Ok + RCPT TO: + 250 2.1.5 Ok + DATA + 354 End data with . + From: Administrator + To: User + Subject: Test Mail Server + Test Mail Server + . + 250 2.0.0 Ok: queued as 54549110F + +Check your Gmail inbox to see if the message sent successfully. Then check Dovecot using **telnet** on your mail server on port **143**. + + $ telnet mail.server.net 143 + Trying 192.168.45.32... + Connected to mail.server.net. + Escape character is '^]'. + * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. + aa login user password + aa OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in + ab select INBOX + * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded) + * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded \*)] Flags permitted. + * 0 EXISTS + * 0 RECENT + * OK [UIDVALIDITY 1390092598] UIDs valid + * OK [UIDNEXT 7] Predicted next UID + * OK [HIGHESTMODSEQ 1] Highest + ab OK [READ-WRITE] Select completed. + ac logout + * BYE Logging out + ac OK Logout completed. + Connection closed by foreign host. + +Congratulation! Now you have a working SMTP and IMAP/POP3 server! :D diff --git a/_posts/2014-02-12-installing-cacti-on-scientific-linux-6-4.md b/_posts/2014-02-12-installing-cacti-on-scientific-linux-6-4.md new file mode 100644 index 000000000000..baaa409413a2 --- /dev/null +++ b/_posts/2014-02-12-installing-cacti-on-scientific-linux-6-4.md @@ -0,0 +1,94 @@ +--- +layout: post +title: "Installing Cacti on Scientific Linux 6.4" +date: 2014-02-12 07:00:00 +categories: sysadmin +--- + +[Cacti](http://www.cacti.net/) is a network graphic monitoring tools which used the potential of [RRDTool](http://oss.oetiker.ch/rrdtool/). RRDTool is a data logging and graphing system for time series data. Cacti can show us a real time performance of network or servers which make this software become one of the most popular open source monitoring software. +![Cacti Logo](http://www.cacti.net/images/cacti_banner.png) +###Getting Started +Always update your box before we install new software. + + # yum update + +Install dependencies for cacti. + + # yum install mysql-server mysql php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-snmp php-pear-Net-SMTP php-mysql httpd + +Then create database for cacti. + + # mysql -uroot -p + mysql> create database cacti; + mysql> grant all privileges on cacti.* to cacti@localhost identified by 'password'; + mysql> flush privileges; + mysql> quit + +###Install SNMPD +Install net-snmpd. + + # yum install net-snmp-utils php-snmp net-snmp-libs + +Edit net-snmpd config file *snmpd.conf*. + + # vi /etc/snmp/snmpd.conf + + com2sec local localhost public + group MyRWGroup v1 local + group MyRWGroup v2c local + group MyRWGroup usm local + view all included .1 80 + access MyRWGroup "" any noauth exact all all none + syslocation Unknown (edit /etc/snmp/snmpd.conf) + syscontact Root (configure /etc/snmp/snmp.local.conf) + pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat + +Start snmpd. + + # /etc/init.d/snmpd start + # chkconfig snmpd on + +###Install Cacti +Install cacti from EPEL Repository. + + # yum --enablrepo=epel install cacti + +Import cacti database. + + # mysql -ucacti -p cacti < /usr/share/doc/cacti-*version*/cacti.sql + +Then edit cacti configuration file *db.php* + + # vi /etc/cacti/db.php + + $database_type = "mysql"; + $database_default = "cacti"; + $database_hostname = "localhost"; + $database_username = "cacti"; + $database_password = "password"; + $database_port = "3306"; + +Configure cacti httpd configuration to allow cacti in your network. + + # vi /etc/httpd/conf.d/cacti.conf + + Allow from 192.168.45.0/24 + +Restart httpd. + + # service httpd restart + +Uncomment cacti cronjob in cron directory. + + # vi /etc/cron.d/cacti + + */5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1 + +Then, run cacti installer by opening your cacti URL in web browser. + + http://yourdomain/cacti + +Follow the instruction and wait several moment while cacti gather the data from log files. Log in to cacti and check your graph. + +###Reference +> http://www.cyberciti.biz/faq/fedora-rhel-install-cacti-monitoring-rrd-software/ diff --git a/_posts/2014-02-12-installing-icinga-on-scientific-linux-6-4.md b/_posts/2014-02-12-installing-icinga-on-scientific-linux-6-4.md new file mode 100644 index 000000000000..71c52cca5eb2 --- /dev/null +++ b/_posts/2014-02-12-installing-icinga-on-scientific-linux-6-4.md @@ -0,0 +1,76 @@ +--- +layout: post +title: "Installing Icinga on Scientific Linux 6.4" +date: 2014-02-12 08:00:00 +categories: sysadmin +--- + +[Icinga](https://www.icinga.org/) is a well-known server or [network monitoring](http://en.wikipedia.org/wiki/Network_monitoring) that runs in many Unix/Linux distribution. Server/Network monitoring is an essential part of [Network Operations Center](http://en.wikipedia.org/wiki/Network_operations_center) because by monitoring network engineers can always get the feedback and status from network and production servers. This is a simple documentation of Icinga installation in Scientific Linux 6.4 server. +###Getting started +Before we install icinga, it best to keep our system updated. + + # yum update + +Search icinga package using **yum search** in *RPMForge* repository. + + # yum --enablerepo=rpmforge search icinga + Loaded plugins: priorities, refresh-packagekit, security + =============================== N/S Matched: icinga ============================== + icinga-api.x86_64 : PHP api for icinga + icinga-devel.x86_64 : Provides include files that Icinga-related applications may compile against + icinga-doc.x86_64 : documentation icinga + icinga-gui.x86_64 : Web content for icinga + icinga-idoutils.x86_64 : database broker module for icinga + icinga-idoutils-libdbi-mysql.x86_64 : database broker module for icinga + icinga-idoutils-libdbi-pgsql.x86_64 : database broker module for icinga + icinga-web-module-pnp.noarch : PNP Integration module for Icinga Web + icinga.x86_64 : Open Source host, service and network monitoring program + icinga-web.noarch : Open Source host, service and network monitoring Web UI + nagios-plugins.x86_64 : Host/service/network monitoring program plugins for Nagios/Icinga + nagios-plugins-setuid.x86_64 : Host/service/network monitoring program plugins for Nagios/Icinga requiring setuid + Name and summary matches only, use "search all" for everything. + +Install icinga and the dependencies. + + # yum --enablerepo=rpmforge install icinga icinga-gui icinga-doc icinga-idoutils-libdbi-mysql + # yum install mysql-server mysql-client libdbi libdbi-devel libdbi-drivers libdbi-dbd-mysql + +Create database for icinga. + + # mysql -uroot -p + mysql> CREATE DATABASE icinga; + mysql> GRANT USAGE ON icinga.* TO 'icinga'@'localhost' IDENTIFIED BY 'icinga' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0; + mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga.* TO 'icinga'@'localhost'; + mysql> FLUSH PRIVILEGES; + mysql> quit + +After we create database for icinga, import the database template to icinga database. + + # mysql -uicinga -p icinga < /usr/share/doc/icinga-idoutils-libdbi-mysql-1.8.4/db/mysql/mysql.sql + +Don't forget to disable *Selinux* if you do not use it. Insert database credential into file *ido2db.cfg*. + + # vi /etc/icinga/ido2db.cfg + + db_name=icinga + db_user=icinga + db_pass=icinga + +Now we can start icinga and don't forget to start ido2db too. + + # /etc/rc.d/init.d/ido2db start + # /etc/rc.d/init.d/icinga start + # /etc/rc.d/init.d/httpd restart + # chkconfig ido2db on + # chkconfig icinga on + +Add icinga user or update password of existing one using command below. + + # htpasswd /etc/icinga/passwd youradmin + +###Testing Icinga +We can now access icinga via this URL on browser. + + http://yourdomain/icinga + +Review the status and fix errors if any. Now you have your own icinga up and running. Congrats! diff --git a/_posts/2014-02-19-quantum-espresso-5-0-3-using-intel-math-kernel-library-11-0-optimization.md b/_posts/2014-02-19-quantum-espresso-5-0-3-using-intel-math-kernel-library-11-0-optimization.md new file mode 100644 index 000000000000..49f7cf28f7d5 --- /dev/null +++ b/_posts/2014-02-19-quantum-espresso-5-0-3-using-intel-math-kernel-library-11-0-optimization.md @@ -0,0 +1,595 @@ +--- +layout: post +title: "Quantum Espresso 5.0.3 Using Intel Math Kernel Library 11.0 Optimization" +date: 2014-02-19 07:00:00 +categories: computational material +--- + +[Quantum Espresso](http://www.quantum-espresso.org/) is a software for electronic-structure calculations and materials modeling at the nanoscale. The installation of Quantum Espresso is quite easy because it includes external libraries which it needs. But we are encouraged to install Quantum Espresso using our own machine optimized external libraries such as [Basic Linear Algebra Subprograms (BLAS)](http://en.wikipedia.org/wiki/Basic_Linear_Algebra_Subprograms), [Linear Algebra Package (LAPACK)](http://en.wikipedia.org/wiki/LAPACK), [Scalable LAPACK (SCALAPACK)](http://en.wikipedia.org/wiki/ScaLAPACK), and [Fastest Fourier Transform in the West (FFTW)](http://en.wikipedia.org/wiki/FFTW). +###External Libraries +There are several repositories or development teams which provide external libraries. For example is [Netlib](http://netlib.org/) which provides [BLAS](http://netlib.org/blas/), [LAPACK](http://netlib.org/lapack/), and [SCALAPACK](http://netlib.org/scalapack/). But, for machines with Intel processor, maybe the best external libraries out there is [Intel® Math Kernel Library](http://software.intel.com/en-us/intel-mkl) which has a non-commercial version as standalone or included in Intel® Parallel Studio XE 2013 for Linux that can be downloaded in [Intel Non-Commercial Software Development](http://software.intel.com/en-us/non-commercial-software-development). Intel® Math Kernel Library provides BLAS, LAPACK, SCALAPACK, and even FFTW interfaces. +###Getting Started +My test machine is Supermicro X9DRD-7LN4F which has Intel(R) Xeon(R) CPU E5-2660 0 @ 2.20GHz with 8 cores and 16 threads and 64 GB RAM. For compilers I will be using Intel compilers which is included in Intel® Parallel Studio XE 2013 for Linux and OpenMPI for parallelization. +####Installing Intel® Parallel Studio XE 2013 for Linux + + $ tar zxvf sources/parallel_studio_xe_2013_sp1_update1.tgz + $ ./parallel_studio_xe_2013_sp1_update1/install.sh +# + + Please make your selection by entering an option. + Root access is recommended for evaluation. + + 1. Run as a root for system wide access for all users [default] + 2. Run using sudo privileges and password for system wide access for all users + 3. Run as current user to limit access to user level + + h. Help + q. Quit + + Please type a selection [1]: 3 +# + + Step 1 of 7 | Welcome + -------------------------------------------------------------------------------- + Welcome to the Intel(R) Parallel Studio XE 2013 SP1 Update 1 for Linux* + installation program. + + + -------------------------------------------------------------------------------- + You will complete the steps below during this installation: + Step 1 : Welcome + Step 2 : License agreement + Step 3 : Activation + Step 4 : Intel(R) Software Improvement Program + Step 5 : Options + Step 6 : Installation + Step 7 : Complete + + -------------------------------------------------------------------------------- + Press "Enter" key to continue or "q" to quit: [Enter] +# + + Step 1 of 7 | Welcome > Missing Optional Prerequisite(s) + -------------------------------------------------------------------------------- + There are one or more optional unresolved issues. It is highly recommended to + resolve them all before you continue the installation. You can fix them without + exiting from the installation and re-check. Or you can quit from the + installation, fix them and run the installation again. + -------------------------------------------------------------------------------- + Missing optional prerequisites + -- Intel(R) Fortran Composer XE 2013 SP1 Update 1 for Linux*: Unsupported OS + -- Intel(R) C++ Composer XE 2013 SP1 Update 1 for Linux*: Unsupported OS + -- Power analysis is not enabled. + -------------------------------------------------------------------------------- + 1. Skip missing optional prerequisites [default] + 2. Show the detailed info about issue(s) + 3. Re-check the prerequisites + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + -------------------------------------------------------------------------------- + Do you agree to be bound by the terms and conditions of this license agreement? + Type 'accept' to continue or 'decline' to go back to the previous menu: accept +# + + Step 3 of 7 | Activation + -------------------------------------------------------------------------------- + If you have purchased this product and have the serial number and a connection + to the internet you can choose to activate the product at this time. Activation + is a secure and anonymous one-time process that verifies your software licensing + rights to use the product. Alternatively, you can choose to evaluate the product + or defer activation by choosing the evaluate option. Evaluation software will + time out in about one month. Also you can use license file, license manager, or + remote activation if the system you are installing on does not have internet + access activation options. + -------------------------------------------------------------------------------- + 1. Use existing license [default] + 2. I want to activate my product using a serial number + 3. I want to evaluate my product or activate later + 4. I want to activate either remotely, or by using a license file, or by using a license manager + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Step 4 of 7 | Intel(R) Software Improvement Program + -------------------------------------------------------------------------------- + Help improve your experience with Intel(R) software + Participate in the design of future Intel software. Select 'Yes' to give us permission to learn about how you use your Intel software and we will do the rest. + - No personally identifiable information is collected + - There are no additional follow-up emails by opting in + - You can stop participating at any time + + Learn more about the Intel(R) Software Improvement Program + http://software.intel.com/en-us/articles/software-improvement-program + + With your permission, Intel may automatically receive anonymous information about how you use your current and future Intel(R) Software Development Products. + -------------------------------------------------------------------------------- + 1. Yes, I am willing to participate and improve Intel software. (Recommended) + 2. No, I don't want to participate in the Intel(R) Software Improvement Program + at this time. + + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection: 2 +# + + Step 5 of 7 | Options > Pre-install Summary + -------------------------------------------------------------------------------- + Install location: + /home/pras/intel/parallel_studio_xe_2013 + + Component(s) selected: + Intel(R) VTune(TM) Amplifier XE 2013 Update 13 544MB + Command line interface + Sampling Driver kit + Power Driver kit + Graphical user interface + + Intel(R) Inspector XE 2013 Update 8 296MB + Command line interface + Graphical user interface + + Intel(R) Advisor XE 2013 Update 5 470MB + Command line interface + Graphical user interface + + Intel(R) Fortran Compiler XE 14.0 Update 1 612MB + Intel Fortran Compiler XE + + Intel(R) C++ Compiler XE 14.0 Update 1 580MB + Intel C++ Compiler XE + + Intel(R) Debugger 13.0 533MB + Intel Debugger + + Intel(R) Math Kernel Library 11.1 Update 1 2.0GB + Intel MKL core libraries + Intel(R) Xeon Phi(TM) coprocessor support + Fortran 95 interfaces for BLAS and LAPACK + GNU* Compiler Collection support + + Intel(R) Integrated Performance Primitives 8.0 Update 1 2.8GB + Intel IPP single-threaded libraries + + Intel(R) Threading Building Blocks 4.2 Update 1 127MB + Intel TBB + + GNU* GDB 7.5 170MB + GNU* GDB 7.5 on Intel(R) 64 (Provided under GNU General Public License + v3) + GDB Eclipse* Integration on Intel(R) 64 (Provided under Eclipse Public + License v.1.0) + + Install Space Required: 7.1GB + + Driver parameters: + Sampling driver install type: Driver kit files will be installed only + Power driver install type: Driver kit files will be installed only + Drivers will be accessible to everyone on this system. To restrict access, select Customize Installation > Change advanced options > Driver is accessible to and set group access. + + + 1. Start installation Now [default] + 2. Customize installation + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 2 +# + + Step 5 of 7 | Options > Architecture selection + -------------------------------------------------------------------------------- + Select the architecture(s) where your applications will run. If unsure, accept the default options below or see + http://software.intel.com/en-us/articles/about-target-architecture-selection-during-installation for more information. + + Target Architecture(s) of your applications: + -------------------------------------------------------------------------------- + 1. [x] IA-32 + 2. [x] Intel(R) 64 + + 3. Finish architecture selection [default] + + Note: This system is an Intel(R) 64 architecture system. + Your application may be built to run on either IA-32 or Intel(R) 64 + architectures. + + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [3]: 3 +# + + Step 5 of 7 | Options + -------------------------------------------------------------------------------- + You are now ready to begin installation. You can use all default installation + settings by simply choosing the "Start installation Now" option or you can + customize these settings by selecting any of the change options given below + first. You can view a summary of the settings by selecting "Show pre-install + summary". + -------------------------------------------------------------------------------- + 1. Start installation Now [default] + + 2. Change install directory [ /home/pras/intel/parallel_studio_xe_2013 ] + 3. Change components to install [ Custom ] + 4. Show pre-install summary + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 3 +# + + Step 5 of 7 | Options > Component selection + -------------------------------------------------------------------------------- + Select the component you wish to install. When you have completed your changes, + select option 1 to continue with the installation. + -------------------------------------------------------------------------------- + 1. Finish component selection [default] + + 2. Intel(R) VTune(TM) Amplifier XE 2013 Update 13 [All] + 3. Intel(R) Inspector XE 2013 Update 8 [All] + 4. Intel(R) Advisor XE 2013 Update 5 [All] + 5. Intel(R) Fortran Compiler XE 14.0 Update 1 [All] + 6. Intel(R) C++ Compiler XE 14.0 Update 1 [All] + 7. Intel(R) Debugger 13.0 [All] + 8. Intel(R) Math Kernel Library 11.1 Update 1 [Custom] + 9. Intel(R) Integrated Performance Primitives 8.0 Update 1 [Custom] + 10. Intel(R) Threading Building Blocks 4.2 Update 1 [All] + 11. GNU* GDB 7.5 [Custom] + + Install Space Required: 7.1GB + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 8 +# + + Step 5 of 7 | Options > Component selection + -------------------------------------------------------------------------------- + You may choose not to install some components of this product. Optional + components are shown with an option number of the left. Entering that number + will select/unselect that component for installation. When you have completed + your changes, select option 1 to return to previous menu. + -------------------------------------------------------------------------------- + 1. Finish component selection [default] + + 2. [x] Intel(R) Math Kernel Library 11.1 Update 1 + 3. [x] Intel MKL core libraries + 4. [x] Intel(R) Xeon Phi(TM) coprocessor support + 5. [x] Fortran 95 interfaces for BLAS and LAPACK + 6. [x] GNU* Compiler Collection support + 7. [ ] PGI* compiler support + 8. [ ] SP2DP interface for Intel(R) 64 + 9. [ ] Cluster support + + Install Space Required: 2.0GB + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 2 +# + + Step 5 of 7 | Options > Component selection + -------------------------------------------------------------------------------- + You may choose not to install some components of this product. Optional + components are shown with an option number of the left. Entering that number + will select/unselect that component for installation. When you have completed + your changes, select option 1 to return to previous menu. + -------------------------------------------------------------------------------- + 1. Finish component selection [default] + + 2. [ ] Intel(R) Math Kernel Library 11.1 Update 1 + 3. [ ] Intel MKL core libraries + 4. [ ] Intel(R) Xeon Phi(TM) coprocessor support + 5. [ ] Fortran 95 interfaces for BLAS and LAPACK + 6. [ ] GNU* Compiler Collection support + 7. [ ] PGI* compiler support + 8. [ ] SP2DP interface for Intel(R) 64 + 9. [ ] Cluster support + + Install Space Required: 0MB + For successful functioning of the selected components, selection of additional + components will be changed. + + Intel(R) Xeon Phi(TM) coprocessor support + Fortran 95 interfaces for BLAS and LAPACK + GNU* Compiler Collection support + + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 2 +# + + Step 5 of 7 | Options > Component selection + -------------------------------------------------------------------------------- + You may choose not to install some components of this product. Optional + components are shown with an option number of the left. Entering that number + will select/unselect that component for installation. When you have completed + your changes, select option 1 to return to previous menu. + -------------------------------------------------------------------------------- + 1. Finish component selection [default] + + 2. [x] Intel(R) Math Kernel Library 11.1 Update 1 + 3. [x] Intel MKL core libraries + 4. [x] Intel(R) Xeon Phi(TM) coprocessor support + 5. [x] Fortran 95 interfaces for BLAS and LAPACK + 6. [x] GNU* Compiler Collection support + 7. [x] PGI* compiler support + 8. [x] SP2DP interface for Intel(R) 64 + 9. [x] Cluster support + + Install Space Required: 2.1GB + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Step 5 of 7 | Options > Component selection + -------------------------------------------------------------------------------- + Select the component you wish to install. When you have completed your changes, + select option 1 to continue with the installation. + -------------------------------------------------------------------------------- + 1. Finish component selection [default] + + 2. Intel(R) VTune(TM) Amplifier XE 2013 Update 13 [All] + 3. Intel(R) Inspector XE 2013 Update 8 [All] + 4. Intel(R) Advisor XE 2013 Update 5 [All] + 5. Intel(R) Fortran Compiler XE 14.0 Update 1 [All] + 6. Intel(R) C++ Compiler XE 14.0 Update 1 [All] + 7. Intel(R) Debugger 13.0 [All] + 8. Intel(R) Math Kernel Library 11.1 Update 1 [All] + 9. Intel(R) Integrated Performance Primitives 8.0 Update 1 [Custom] + 10. Intel(R) Threading Building Blocks 4.2 Update 1 [All] + 11. GNU* GDB 7.5 [Custom] + + Install Space Required: 7.2GB + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Step 5 of 7 | Options + -------------------------------------------------------------------------------- + You are now ready to begin installation. You can use all default installation + settings by simply choosing the "Start installation Now" option or you can + customize these settings by selecting any of the change options given below + first. You can view a summary of the settings by selecting "Show pre-install + summary". + -------------------------------------------------------------------------------- + 1. Start installation Now [default] + + 2. Change install directory [ /home/pras/intel/parallel_studio_xe_2013 ] + 3. Change components to install [ Custom ] + 4. Show pre-install summary + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Installation of Open Source Components + -------------------------------------------------------------------------------- + Open source components provided under GNU General Public License v3 or Eclipse + Public License v.1.0 will be installed. + + Includes: + GNU* GDB 7.5 (Provided under GNU General Public License v3) + GDB Eclipse* Integration (Provided under Eclipse Public License v.1.0) + + For further details, please refer to the product Release Notes. + -------------------------------------------------------------------------------- + 1. Continue the installation [default] + + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Step 5 of 7 | Options > Missing Optional Prerequisite(s) + -------------------------------------------------------------------------------- + There are one or more optional unresolved issues. It is highly recommended to + resolve them all before you continue the installation. You can fix them without + exiting from the installation and re-check. Or you can quit from the + installation, fix them and run the installation again. + -------------------------------------------------------------------------------- + Missing optional prerequisites + -- No compatible Java* Runtime Environment (JRE) found + -- 32-bit libraries not found + -------------------------------------------------------------------------------- + 1. Skip missing optional prerequisites [default] + 2. Show the detailed info about issue(s) + 3. Re-check the prerequisites + + h. Help + b. Back to the previous menu + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [1]: 1 +# + + Step 6 of 7 | Installation + -------------------------------------------------------------------------------- + Each component will be installed individually. If you cancel the installation, + some components might remain on your system. This installation may take several + minutes, depending on your system and the options you selected. + -------------------------------------------------------------------------------- + Installing Command line interface component... done + -------------------------------------------------------------------------------- + Installing Sampling Driver kit component... done + -------------------------------------------------------------------------------- + Installing Power Driver kit component... done + -------------------------------------------------------------------------------- + Installing Graphical user interface component... done + -------------------------------------------------------------------------------- + Installing Command line interface component... done + -------------------------------------------------------------------------------- + Installing Graphical user interface component... done + -------------------------------------------------------------------------------- + Installing Command line interface component... done + -------------------------------------------------------------------------------- + Installing Graphical user interface component... done + -------------------------------------------------------------------------------- + Installing Intel Fortran Compiler XE for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Intel Fortran Compiler XE for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel C++ Compiler XE for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Intel C++ Compiler XE for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel Debugger for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Intel Debugger for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel MKL core libraries for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel(R) Xeon Phi(TM) coprocessor support component... done + -------------------------------------------------------------------------------- + Installing Fortran 95 interfaces for BLAS and LAPACK for Intel(R) 64 + component... done + -------------------------------------------------------------------------------- + Installing GNU* Compiler Collection support for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel MKL core libraries for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Fortran 95 interfaces for BLAS and LAPACK for IA-32 component... done + -------------------------------------------------------------------------------- + Installing GNU* Compiler Collection support for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Intel IPP single-threaded libraries for IA-32 component... done + -------------------------------------------------------------------------------- + Installing Intel IPP single-threaded libraries for Intel(R) 64 component... done + -------------------------------------------------------------------------------- + Installing Intel TBB component... done + -------------------------------------------------------------------------------- + Installing GNU* GDB 7.5 on Intel(R) 64 (Provided under GNU General Public + License v3) component... done + -------------------------------------------------------------------------------- + Installing GDB Eclipse* Integration on Intel(R) 64 (Provided under Eclipse + Public License v.1.0) component... done + -------------------------------------------------------------------------------- + Finalizing product configuration... + -------------------------------------------------------------------------------- + Preparing driver configuration scripts... done + -------------------------------------------------------------------------------- + Press "Enter" key to continue + [Enter] +# + + Step 7 of 7 | Complete + -------------------------------------------------------------------------------- + Thank you for installing and for using the Intel(R) Parallel Studio XE 2013 SP1 + Update 1 for Linux*. + + Support services start from the time you install or activate your product. If + you have not already done so, please create your support account now to take + full advantage of your product purchase. + + Your support account gives you access to free product updates and upgrades as + well as interactive technical support at Intel(R) Premier Support. + + To create your support account, please visit the Intel(R) Software Development + Products Registration Center web site + https://registrationcenter.intel.com/RegCenter/registerexpress.aspx?media=GPZ + -------------------------------------------------------------------------------- + q. Quit + -------------------------------------------------------------------------------- + Please type a selection or press "Enter" to accept default choice [q]: q +# + + + $ vi ~/.bashrc + + # .bashrc + + # Source global definitions + if [ -f /etc/bashrc ]; then + . /etc/bashrc + fi + + # User specific aliases and functions + export PATH=/home//intel/bin:$PATH + export LD_LIBRARY_PATH=/home//intel/lib/intel64:/home//intel/mkl/lib/intel64:$LD_LIBRARY_PATH + +# + + $ export PATH=/home//intel/bin:$PATH + $ export LD_LIBRARY_PATH=/home//intel/lib/intel64:/home//intel/mkl/lib/intel64:$LD_LIBRARY_PATH + +####Installing OpenMPI + + $ tar zxvf sources/openmpi-1.6.5.tar.tar.gz + $ cd openmpi-1.6.5/ + $ ./configure --prefix=/home//openmpi-install CC=icc FC=ifort F77=ifort CXX=icpc 2>&1 | tee c.txt + $ make all install 2>&1 | tee m.txt +# + + $ vi ~/.bashrc + + # .bashrc + + # Source global definitions + if [ -f /etc/bashrc ]; then + . /etc/bashrc + fi + + # User specific aliases and functions + export PATH=/home//openmpi-install/bin:/home//intel/bin:$PATH + export LD_LIBRARY_PATH=/home//openmpi-install/lib:/home//intel/lib/intel64:/home//intel/mkl/lib/intel64:$LD_LIBRARY_PATH + +# + + $ export PATH=/home//openmpi-install/bin:$PATH + $ export LD_LIBRARY_PATH=/home//openmpi-install/lib:$LD_LIBRARY_PATH + +####Compiling Intel MKL FFTW Interface + + $ cd ~/intel/mkl/interfaces/fftw3x_cdft/ + $ make libintel64 compiler=intel mpi=openmpi INSTALL_DIR=/home//fftw3x_cdft-install 2>&1 | tee m.txt + +####Installing Quantum Espresso 5.0.3 + + $ cd ~/sources/ + $ tar zxvf espresso-5.0.2.tar.gz + $ mv -v espresso-5.0.2 ~/espresso-5.0.2-mkl + $ cd ~ + $ cp -v ~/espresso-5.0.2/archive/* ~/espresso-5.0.2-mkl/archive/ + $ cp -v ~/espresso-5.0.2/pseudo/* ~/espresso-5.0.2-mkl/pseudo/ + $ cp -v ~/sources/espresso-5.0.2-5.0.3.diff ~/espresso-5.0.2-mkl/ + $ cd ~/espresso-5.0.2-mkl/ + $ tar zxvf ~/sources/PHonon-5.0.2.tar.gz + $ patch -p1 < espresso-5.0.2-5.0.3.diff + $ ./configure --enable-parallel --with-scalapack CXX=icpc SCALAPACK_LIBS="-lmkl_scalapack_lp64 -lmkl_blacs_openmpi_lp64" BLAS_LIBS="-L/home//intel/mkl/lib/intel64 -lmkl_intel_lp64 -lmkl_sequential -lmkl_core" LAPACK_LIBS="-L/home//intel/mkl/lib/intel64 -lmkl_lapack95_lp64" MPI_LIBS="-L/home//intel/mkl/lib/intel64 -lmkl_blacs_openmpi_lp64" FFT_LIBS="-L/home//fftw3x_cdft-install -lfftw3x_cdft_lp64" FCFLAGS="-O2 -xavx" CFLAGS="-O2 -xavx" FFLAGS="-O2 -xavx" 2>&1 | tee c.txt + $ make all 2>&1 | tee m.txt + $ cd PW/tests + $ ./check.pw.j + +If you do not have previous Quantum Espresso installation, don't worry, the installer and test program will automatically download required files for you. When you compare between Quantum Espresso installation with internal libraries and Quantum Espresso with Intel MKL libraries, you can expect 25% speed up. Good luck! diff --git a/_posts/2014-02-27-installing-zimbra-collaboration-server-8-foss-on-centos-6-5.md b/_posts/2014-02-27-installing-zimbra-collaboration-server-8-foss-on-centos-6-5.md new file mode 100644 index 000000000000..1c758c15e862 --- /dev/null +++ b/_posts/2014-02-27-installing-zimbra-collaboration-server-8-foss-on-centos-6-5.md @@ -0,0 +1,84 @@ +--- +layout: post +title: "Installing Zimbra Collaboration Server 8 FOSS on CentOS 6.5" +date: 2014-02-27 07:00:00 +categories: sysadmin +--- + +[Zimbra](http://www.zimbra.com/) is a well known collaboration suite which includes email, calendaring, file sharing, activity streams, social communities and more. The most popular product from Zimbra is Zimbra Collaboration Server. Zimbra Collaboration Server comes with two version: Network Edition and Open Source Edition (FOSS). This documentation shows a simple way to install Zimbra Collaboration Server Open Source Edition in CentOS 6.5. + +![Zimbra Logo](/images/zimbrs.svg) + +###Getting Started + + +Prepare the system + + # yum update + +Disable SELinux + + # vi /etc/sysconfig/selinux + SELINUXTYPE=disabled + +Disable firewall + + # service iptables stop + # service ip6tables stop + # chkconfig iptables off + # chkconfig ip6tables off + +Disable postfix + + # service postfix stop + # chkconfig postfix off + +Edit hosts file + + # vi /etc/hosts + 192.168.1.91 your.zimbra-domain.com + +Install dependencies + + # yum install nc wget nano make nc sudo sysstat libtool-ltdl glibc perl ntp + +Edit ntp configuration file + + # vi /etc/ntp.conf + #server 3.centos.pool.ntp.org iburst + server your.ntp-server.com iburst + +Start ntpdate service + + # service ntpdate start + # chkconfig ntpdate on + +Make sure you have setup your NS records for your ZCS + + your.zimbra-domain.com IN A 192.168.1.91 + IN MX 10 your.zimbra-domain.com + +###Zimbra Installation + + +Download zimbra collaboration server open source edition from [here](http://files2.zimbra.com/downloads/8.0.6_GA/zcs-8.0.6_GA_5922.RHEL6_64.20131203103705.tgz) + + # cd /tmp + # wget http://files2.zimbra.com/downloads/8.0.6_GA/zcs-8.0.6_GA_5922.RHEL6_64.20131203103705.tgz + +Extract ZCS + + # tar zxvf zcs-8.0.6_GA_5922.RHEL6_64.20131203103705.tgz + +Install ZCS and follow the instructions + + # cd zxvf zcs-8.0.6_GA_5922.RHEL6_64.20131203103705 + # ./install.sh + +Set http for web access + + # su zimbra + $ zmtlsctl http + $ zmcontrol restart + +Now you can access your new ZCS installation in http://your.zimbra-domain.com/. diff --git a/_posts/2014-03-12-find-a-virtual-machine-by-mac-address-with-vsphere-client-and-powercli.md b/_posts/2014-03-12-find-a-virtual-machine-by-mac-address-with-vsphere-client-and-powercli.md new file mode 100644 index 000000000000..279f60c095e7 --- /dev/null +++ b/_posts/2014-03-12-find-a-virtual-machine-by-mac-address-with-vsphere-client-and-powercli.md @@ -0,0 +1,37 @@ +--- +layout: post +title: "Find A Virtual Machine by MAC Address with VSphere Client and PowerCLI" +date: 2014-03-12 07:00:00 +categories: sysadmin +--- + +It is usual task to find someone computer by its MAC address when there is an issue related to his computer in the local network. The common case is IP conflict or network abuse. But, if the MAC Address shows that machine is one of many scattered VMware virtual machine out there, how do we find it? + +####vSphere Client +If you have an VMware ESX or ESXi server, [vSphere Client](https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.installclassic.doc_41/common/install/t_down_client.html) is tool to manage your virtual machines from remote computer. But, vSphere Client cannot tell the MAC Address of virtual machines from version 10 or higher and to find virtual machine based on MAC Address we must open the virtual machine Setting one by one. It is still possible when there are few virtual, but it is exhausting when we have many virtual machine. + +####vSphere PowerCLI +There is alternative method by using vSphere PowerCLI, a command-line tools to manage virtual machines in conjunction with vSphere Client. You can install vSphere PowerCLI by referring to [this](http://blogs.vmware.com/PowerCLI/2011/06/back-to-basics-part-1-installing-powercli.html) page. To find the virtual machine based on its MAC Address, open vSphere PowerCLI. +![powercli1](/images/powercli1.PNG) + + +Connect to your Virtual Machine Server (ESX or ESXI) by using command `Connect-VIServer`. +![powercli2](/images/powercli2.PNG) + + +After pressing [Enter] twice, you will be presented by a logon window. +![powercli3](/images/powercli3.PNG) + + +Login to your Virtual Machines Server. +![powercli4](/images/powercli4.PNG) + + +Then you can find the virtual machine by its MAC Address using this command `Get-VM | Get-NetworkAdapter | Where {$_.MacAddress -eq "AA:BB:CC:DD:EE:FF"} | Format-List` +![powercli5](/images/powercli5.PNG) + + +The highlighted one is the virtual machine name in your server. Good luck! + +####Reference +[Finding a virtual machine in VMware vSphere by the MAC address](http://terenceluk.blogspot.com/2013/11/finding-virtual-machine-in-vmware.html) diff --git a/_posts/2014-07-01-drbd-manual-split-brain-recovery.md b/_posts/2014-07-01-drbd-manual-split-brain-recovery.md new file mode 100644 index 000000000000..f50ec16da544 --- /dev/null +++ b/_posts/2014-07-01-drbd-manual-split-brain-recovery.md @@ -0,0 +1,20 @@ +--- +layout: post +title: "DRBD: Manual Split Brain Recovery" +date: 2014-07-01 07:00:00 +categories: sysadmin +--- + +Split Brain in DRBD is a condition where each host think that resource in another host is outdated, thus synchronization won't be occured. This condition often occurs because of network or power failure which is indicated by these variables: +#### log: Split-Brain detected, dropping connection +#### connection-state: StandAlone/WFConnection +To manually recover the cluster from split brain condition, the following steps is required. +#### 1. on victim connection state must be StandAlone + # drbdadm disconnect +#### 2. set victim as secondary + # drbdadm secondary +#### 3. reconnect victim + # drbdadm connect --discard-my-data +#### 4. on the survivor, if the connection state StandAlone enter following command + # drbdadm connect +Reference: http://www.drbd.org/users-guide-8.4/s-resolve-split-brain.html diff --git a/_posts/2014-07-01-drbd-troubleshooting-and-error-recovery-of-hard-drive-failure-or-replacement.md b/_posts/2014-07-01-drbd-troubleshooting-and-error-recovery-of-hard-drive-failure-or-replacement.md new file mode 100644 index 000000000000..e7ece844ac2c --- /dev/null +++ b/_posts/2014-07-01-drbd-troubleshooting-and-error-recovery-of-hard-drive-failure-or-replacement.md @@ -0,0 +1,24 @@ +--- +layout: post +title: "DRBD: Troubleshooting and Error Recovery of Hard Drive Failure or Replacement" +date: 2014-07-01 08:00:00 +categories: sysadmin +--- + +**DRBD** refers to block devices designed as a building block to form high availability cluster. This is done by mirroring a whole block device via an assigned network. DRBD can be understood as network based RAID-1. ([DRBD](http://www.drbd.org/)) + +Sometimes we have a disk failure on hard drive which contains DRBD backing device. The following steps can be used to replace or recover the failed drive. + +#### 1. detach drbd resource from broken backing storage + # drbdadm detach +#### 2. check state of drbd disk + # drbdadm dstate + Diskless/UpToDate +#### 3. if using internal meta data, bind DRBD device to new hard disk + # drbdadm create-md + # drbdadm attach +#### 4. if using external meta data DRBD unable to recognize hard drive was swapped, need additional step + # drbdadm create-md + # drbdadm attach + # drbdadm invalidate +Reference: http://www.drbd.org/users-guide-8.4/ch-troubleshooting.html diff --git a/_posts/2014-07-01-freebsd-check-tcpudp-open-port-or-services.md b/_posts/2014-07-01-freebsd-check-tcpudp-open-port-or-services.md new file mode 100644 index 000000000000..8a2e1a530053 --- /dev/null +++ b/_posts/2014-07-01-freebsd-check-tcpudp-open-port-or-services.md @@ -0,0 +1,18 @@ +--- +layout: post +title: "FreeBSD Check TCP/UDP Open Port or Services" +date: 2014-07-01 09:00:00 +categories: sysadmin +--- + +In this short tutorial I will show how to check TCP/UDP open port or services in FreeBSD box. For checking open port or services which uses port in FreeBSD simply issue the following commands. +####1. check TCP connection + # sockstat -Ptcp +####2. check UDP connection + # sockstat -Pudp +Combine with **grep** to search port used by specific service or service which using specific port. +####3. use grep to get service or port + # sockstat -Ptcp | grep + # sockstat -Ptcp | grep -i + # sockstat -Pudp | grep + # sockstat -Pudp | grep -i diff --git a/_posts/2014-07-01-installing-postfix-with-auth-sasl-and-ldap-support-on-freebsd.md b/_posts/2014-07-01-installing-postfix-with-auth-sasl-and-ldap-support-on-freebsd.md new file mode 100644 index 000000000000..de4fd0ba8698 --- /dev/null +++ b/_posts/2014-07-01-installing-postfix-with-auth-sasl-and-ldap-support-on-freebsd.md @@ -0,0 +1,118 @@ +--- +layout: post +title: "Installing Postfix with Auth SASL and LDAP Support on FreeBSD" +date: 2014-07-01 10:00:00 +categories: sysadmin +--- + +Install packages using FreeBSD port. +### 1. Install postfix + # Options for postfix-2.11.0,1 + _OPTIONS_READ=postfix-2.11.0,1 + _FILE_COMPLETE_OPTIONS_LIST=BDB CDB INST_BASE LDAP_SASL LMDB MYSQL NIS OPENLDAP PCRE PGSQL SASL2 SPF SQLITE TEST TLS VDA DOVECOT DOVECOT2 SASLKRB5 SASLKMIT + OPTIONS_FILE_SET+=BDB + OPTIONS_FILE_SET+=CDB + OPTIONS_FILE_UNSET+=INST_BASE + OPTIONS_FILE_SET+=LDAP_SASL + OPTIONS_FILE_UNSET+=LMDB + OPTIONS_FILE_UNSET+=MYSQL + OPTIONS_FILE_UNSET+=NIS + OPTIONS_FILE_SET+=OPENLDAP + OPTIONS_FILE_SET+=PCRE + OPTIONS_FILE_UNSET+=PGSQL + OPTIONS_FILE_SET+=SASL2 + OPTIONS_FILE_UNSET+=SPF + OPTIONS_FILE_UNSET+=SQLITE + OPTIONS_FILE_SET+=TEST + OPTIONS_FILE_SET+=TLS + OPTIONS_FILE_UNSET+=VDA + OPTIONS_FILE_UNSET+=DOVECOT + OPTIONS_FILE_UNSET+=DOVECOT2 + OPTIONS_FILE_UNSET+=SASLKRB5 + OPTIONS_FILE_UNSET+=SASLKMIT + +### 2. install openldap + # Options for openldap-client-2.4.38 + _OPTIONS_READ=openldap-client-2.4.38 + _FILE_COMPLETE_OPTIONS_LIST=FETCH + OPTIONS_FILE_UNSET+=FETCH + +### 3. install cyrus-sasl2 + # Options for cyrus-sasl-2.1.26_4 + _OPTIONS_READ=cyrus-sasl-2.1.26_4 + _FILE_COMPLETE_OPTIONS_LIST=ALWAYSTRUE AUTHDAEMOND KEEP_DB_OPEN OBSOLETE_CRAM_ATTR BDB MYSQL PGSQL SQLITE2 SQLITE3 CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM + OPTIONS_FILE_UNSET+=ALWAYSTRUE + OPTIONS_FILE_SET+=AUTHDAEMOND + OPTIONS_FILE_UNSET+=KEEP_DB_OPEN + OPTIONS_FILE_SET+=OBSOLETE_CRAM_ATTR + OPTIONS_FILE_UNSET+=BDB + OPTIONS_FILE_UNSET+=MYSQL + OPTIONS_FILE_UNSET+=PGSQL + OPTIONS_FILE_UNSET+=SQLITE2 + OPTIONS_FILE_UNSET+=SQLITE3 + OPTIONS_FILE_SET+=CRAM + OPTIONS_FILE_SET+=DIGEST + OPTIONS_FILE_SET+=LOGIN + OPTIONS_FILE_SET+=NTLM + OPTIONS_FILE_SET+=OTP + OPTIONS_FILE_SET+=PLAIN + OPTIONS_FILE_SET+=SCRAM + +### 4. install cyrus-sasl2-saslauthd + # Options for cyrus-sasl-saslauthd-2.1.26 + _OPTIONS_READ=cyrus-sasl-saslauthd-2.1.26 + _FILE_COMPLETE_OPTIONS_LIST=BDB HTTPFORM OPENLDAP + OPTIONS_FILE_SET+=BDB + OPTIONS_FILE_SET+=HTTPFORM + OPTIONS_FILE_SET+=OPENLDAP + +### 5. install postfwd + # Options for postfix-postfwd-1.32_1 + _OPTIONS_READ=postfix-postfwd-1.32_1 + _FILE_COMPLETE_OPTIONS_LIST=DOCS EXAMPLES POSTFWD2 + OPTIONS_FILE_SET+=DOCS + OPTIONS_FILE_SET+=EXAMPLES + OPTIONS_FILE_UNSET+=POSTFWD2 + +### 6. configure /usr/local/lib/sasl2/smtpd.conf + log_level: 3 + pwcheck_method: saslauthd + mech_list: PLAIN LOGIN + +### 7. configure /usr/local/etc/saslauthd.conf + ldap_servers: + ldap_bind_dn: + ldap_bind_pw: + ldap_search_base: + ldap_auth_method: ssha + ldap_time_limit: 4 + ldap_filter: + +### 8. configure /usr/local/etc/postfix/main.cf + mtpd_sasl_auth_enable = yes + smtpd_sasl_local_domain = + smtpd_sasl_authenticated_header = yes + broken_sasl_auth_clients = yes + smtpd_sasl_path = smtpd + smtp_sasl_type = cyrus + smtpd_sasl_security_options = noanonymous + + smtpd_recipient_restrictions = + permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination + +### 9. configure /usr/local/etc/postfwd.conf + id=RULE001 + sasl_username=~/^(\S+)$/ + action=rcpt(sasl_username/200/3600/DEFER Too much emails for $$sasl_username) + + +### 10. configure /etc/rc.conf + postfix_enable="YES" + saslauthd_enable="YES" + saslauthd_flags="-a ldap" + postfwd_enable="YES" + + +Reference: http://ashterix.blogspot.com/2008/10/freebsd-postfix-sasl-openldap.html diff --git a/_posts/2014-07-01-iscsilvm-automatically-enable-volume-group-contain-iscsi-disk-physical-volume.md b/_posts/2014-07-01-iscsilvm-automatically-enable-volume-group-contain-iscsi-disk-physical-volume.md new file mode 100644 index 000000000000..e782fbac0bb1 --- /dev/null +++ b/_posts/2014-07-01-iscsilvm-automatically-enable-volume-group-contain-iscsi-disk-physical-volume.md @@ -0,0 +1,12 @@ +--- +layout: post +title: "iSCSI+LVM: Automatically Enable Volume Group Contain iSCSI Disk Physical Volume" +date: 2014-07-01 11:00:00 +categories: sysadmin +--- + +When using iSCSI and LVM, sometimes we have to manually enable iSCSI disk that used as a physical volume in LVM. This is because LVM service is started earlier than iSCSI service so the iSCSI disk containing the physical volume is not present yet. Solution to this problem is to enable lvmetad in **/etc/lvm/lvm.conf**. The lvmetad is "LVM metadata daemon" that acts as in-memory cache of LVM metadata gathered from devices as they appear in the system. Whenever a block device appears and has PV label on it, it is automatically scanned via an udev rule. This update the lvmetad daemon with the LVM metadata found. Once the VG is complete (all the PVs making up the VG are present), the VG is activated. The lvmetad daemon is required for this LVM event-based autoactivation to work and the iSCSI disk must be present in the system after boot time. +#### enable lvmetad in lvm.conf + use_lvmetad = 1 + +Reference: https://bugzilla.redhat.com/show_bug.cgi?id=474833 diff --git a/_posts/2014-07-01-lvm-adding-new-physical-volume-to-volume-group.md b/_posts/2014-07-01-lvm-adding-new-physical-volume-to-volume-group.md new file mode 100644 index 000000000000..4d4dc3bcf2f6 --- /dev/null +++ b/_posts/2014-07-01-lvm-adding-new-physical-volume-to-volume-group.md @@ -0,0 +1,35 @@ +--- +layout: post +title: "LVM: Adding New Physical Volume to Volume Group" +date: 2014-07-01 12:00:00 +categories: sysadmin +--- + +Linux LVM is a logical volume manager for Linux kernel. Logical volume manager provides method of allocation space in mass storage device that more flexible than traditional partitioning scheme. Logical volume manager can create, resize, and combine partitions, potentially without interrupting system. ([Wikipedia](http://en.wikipedia.org/wiki/Logical_Volume_Manager_(Linux))) + +#### schema: new device /dev/sda + +#### 1. create needed partitions, label them with 8e (Linux LVM) + # fdisk /dev/sda +#### 2. format partitons + # mkfs.ext4 /dev/sda1 +#### 3. create physical volume + # pvcreate /dev/sda1 +#### 4. extend existing volume group + # vgextend VolGroup00 /dev/sdb1 +#### 5. extend existing logical volume + extend LogVol01 to 16GB + # lvextend -L 16G /dev/VolGroup00/LogVol01 + adding 1GB to LogVol01 + # lvextend -l+1G /dev/VolGroup00/LogVol01 +#### 6. resize logical volume to new size + # resize2fs /dev/VolGroup00/LogVol01 +#### 7. create new logical volume + create new logical volume with size 16GB + # lvcreate -L 16GB -n LogVol02 VolGroup00 + create new logical volume with all free space + # lvcreate -l+100%FREE -n LogVol02 VolGroup00 +#### 8. format new logical volume + # mkfs.ext4 /dev/VolGroup00/LogVol02 + +Reference: http://sujithemmanuel.blogspot.com/2007/04/how-to-add-disk-to-lvm.html diff --git a/_posts/2014-07-01-smtp-debugging-smtp-with-tlsssl-and-auth.md b/_posts/2014-07-01-smtp-debugging-smtp-with-tlsssl-and-auth.md new file mode 100644 index 000000000000..a391d581e8fd --- /dev/null +++ b/_posts/2014-07-01-smtp-debugging-smtp-with-tlsssl-and-auth.md @@ -0,0 +1,90 @@ +--- +layout: post +title: "SMTP: Debugging SMTP with TLS/SSL and Auth" +date: 2014-07-01 13:00:00 +categories: sysadmin +--- + +SMTP use TLS/SSL to secure connection to server and AUTH so only authenticated user can use the SMTP service. This tutorial will show steps to debug SMTP TLS/SSL and AUTH from Linux/Unix terminal. + +####1. encode your login information in base64, the following perl command which requires MIME::Base64 will do encoding + # perl -MMIME::Base64 -e 'print encode_base64("\000your_username\000your_password")' + AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA== +####2. connect to smtp server + normal non-secured SMTP + # telnet smtp.yourdomain.com 25 + + TLS connection, check STARTTLS support with EHLO command + # telnet smtp.yourdomain.com 25 + 220 SMTP banner + EHLO smtp.yourdomain.com + 250 SMTP banner + 250-smtp.yourdomain.com + 250-PIPELINING + 250-SIZE 36360000 + 250-VRFY + 250-ETRN + 250-STARTTLS + 250-ENHANCEDSTATUSCODES + 250-8BITMIME + 250 DSN + quit + # openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25 + + SSL connection + # openssl s_client -crlf -connect smtp.yourdomain.com:465 +####3. check AUTH support with EHLO command + connect to secure SMTP using TLS or SSL + # openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25 + or + # openssl s_client -crlf -connect smtp.yourdomain.com:465 + ... + EHLO smtp.yourdomain.com + 250-smtp.yourdomain.com + 250-PIPELINING + 250-SIZE 36360000 + 250-VRFY + 250-ETRN + 250-AUTH PLAIN LOGIN + 250-AUTH=PLAIN LOGIN + 250-ENHANCEDSTATUSCODES + 250-8BITMIME + 250 DSN + quit +####4. use AUTH command to authenticate + connect to secure SMTP using TLS or SSL + # openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25 + or + # openssl s_client -crlf -connect smtp.yourdomain.com:465 + ... + HELO smtp.yourdomain.com + 250 smtp.yourdomain.com + AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA== + 235 2.7.0 Authentication successful + if failed + 535 5.7.8 Error: authentication failed: authentication failure +####5. test sending message + connect to secure SMTP using TLS or SSL + # openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25 + or + # openssl s_client -crlf -connect smtp.yourdomain.com:465 + ... + HELO smtp.yourdomain.com + 250 smtp.yourdomain.com + AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA== + 235 2.7.0 Authentication successful + MAIL FROM: + 250 2.1.0 OK + RCPT TO: + 250 2.1.5 OK + DATA + 354 End data with . + From: Your Name + To: Your Destination Name + Subject: Your Email Subject + Your Email Content + . + 250 2.0.0 Ok: queued as 6A4C1D5153E + quit + Connection closed by foreign host. +Reference: https://qmail.jms1.net/test-auth.shtml diff --git a/_posts/2014-07-02-drbd-extend-drbd-disk-online.md b/_posts/2014-07-02-drbd-extend-drbd-disk-online.md new file mode 100644 index 000000000000..0927a9266086 --- /dev/null +++ b/_posts/2014-07-02-drbd-extend-drbd-disk-online.md @@ -0,0 +1,32 @@ +--- +layout: post +title: "DRBD: Extend DRBD Disk Online" +date: 2014-07-02 07:00:00 +categories: sysadmin +--- + +When using DRBD, we can grow DRBD disk online so we do not need to disturb the production process we have in the server. The requirement to this feature is the backing block device can be resized online so it is possible to resize the DRBD disk. There are two criterias that must be filled. + +####1. The backing device must be managed by a logical volume manager such as LVM +####2. The resource must currently be in the Connected connection state. +First, we need to grow the backing device on both nodes and make sure only one node in Primary node. + + # lvextend -L 16GB /dev/VolGroup00/LogVol01 + +Then, resize the DRBD service to trigger a synchronization of the new section from primary node to secondary node. + + # drbdadm resize + +If the additional space is clean, we can skip syncing the additional space by using the --assume-clean option. + + # drbdadm -- --assume-clean resize + +After that resize the file system of DRBD device. + + # resize2fs /dev/drbdX + +IMPORTANT: Always create backup, better safe than sorry. + +References: +http://www.drbd.org/users-guide/s-resizing.html +http://lists.linbit.com/pipermail/drbd-user/2008-August/009908.html diff --git a/_posts/2014-07-02-git-tutorial.md b/_posts/2014-07-02-git-tutorial.md new file mode 100644 index 000000000000..62ceb692a814 --- /dev/null +++ b/_posts/2014-07-02-git-tutorial.md @@ -0,0 +1,36 @@ +--- +layout: post +title: "Git Tutorial" +date: 2014-07-02 08:00:00 +categories: sysadmin +--- + +**Git** is a distributed version control system version control system track history of a collection of files and includes the functionality to revert to another version. + +Distributed version control system does not necessarily have a central server which stores data. + +User can copy existing repository (**cloning**). + +Every clone contains full history of the collection of files and a clone repository has the same functionality as the original repository. + +Users with sufficient authorization can **push** changes from their local repositories to remote repositories, they can also **fetch** or **pull** changes from other repositories to their local Git repository. + +Git support **branching** which means you can work on different versions of your collection files. + +**Working tree** is the current collection of files. + +Git using **SHA-1 checksum** as file integrity protection. + +Add changes to your Git repository by first add selected file to staging area and commit the changes in staging area to Git repository. + +Mark changes in the working tree by staging or add changes to staging area. + + # git add . + +After adding files to staging area you can commit this file to permanently add them to Git repository. + + # git commit + +Push the modified version of files to remote repository using push command. + + # git push diff --git a/_posts/2014-07-02-heartbeat-using-different-udp-ports-for-different-clusters-on-same-network.md b/_posts/2014-07-02-heartbeat-using-different-udp-ports-for-different-clusters-on-same-network.md new file mode 100644 index 000000000000..92e74bc2412a --- /dev/null +++ b/_posts/2014-07-02-heartbeat-using-different-udp-ports-for-different-clusters-on-same-network.md @@ -0,0 +1,44 @@ +--- +layout: post +title: "Heartbeat Using Different UDP Ports for Different Clusters on Same Network" +date: 2014-07-02 09:00:00 +categories: sysadmin +--- + +**Heartbeat** is a daemon that provides cluster infrastructure (communication and membership) services to its clients. This allow clients to know appearance or disappearance of peer processes on other machines and to easily exchange message with them.([Heartbeat - Linux-HA](http://linux-ha.org/wiki/Heartbeat)) + +Heartbeat clusters work only one on same network so if we setup different cluster (different authkeys) on same network it will show up as an error in log file. We can still setup more than one cluster in same network by setting different communication port for heartbeat. + +The following example show configuration file for two different clusters in same network. +####host configuration + 192.168.123.1 host1.cluster1 + 192.168.123.2 host2.cluster1 + 192.168.123.3 host1.cluster2 + 192.168.123.4 host2.cluster2 +####first cluster +#####/etc/ha.d/ha.cf + debugfile /var/log/ha-debug + logfile /var/log/ha-log + logfacility local0 + keepalive 2 + deadtime 20 + udpport 694 + udp eth0 + bcast eth0 + node host1.cluster1 host2.cluster1 + auto_failback on + debug 1 +####second cluster +#####/etc/ha.d/ha.cf + debugfile /var/log/ha-debug + logfile /var/log/ha-log + logfacility local0 + keepalive 2 + deadtime 20 + udpport 695 + udp eth0 + bcast eth0 + node host1.cluster2 host2.cluster2 + auto_failback on + debug 1 +Reference: http://www.gossamer-threads.com/lists/linuxha/users/57074 diff --git a/_posts/2014-07-02-installing-apache-http-server-on-freebsd.md b/_posts/2014-07-02-installing-apache-http-server-on-freebsd.md new file mode 100644 index 000000000000..f28da400e1c7 --- /dev/null +++ b/_posts/2014-07-02-installing-apache-http-server-on-freebsd.md @@ -0,0 +1,65 @@ +--- +layout: post +title: "Installing Apache HTTP Server on FreeBSD" +date: 2014-07-02 10:00:00 +categories: sysadmin +--- + +###Installation using FreeBSD ports + +Login as root, then to make sure our server's hostname can be identified locally we need to edit */etc/hosts*. + + # ee /etc/hosts + ::1 localhost localhost.example.com + 127.0.0.1 localhost localhost.example.com + 192.168.1.11 host.example.com + +Install Apache HTTP Server using following command, choose default for options, select OK. + + # cd /usr/ports/www/apache22 + # make config; make install clean + # rehash + +After installation proses finished, change Apache configuration file. + + # ee /usr/local/etc/apache22/httpd.conf + ServerAdmin you@example.com + ServerName host.example.com:80 + +To enable SSL support, uncomment following line. + + Include etc/apache22/extra/httpd-ssl.conf + +Save, then exit **ee** and open Apache' SSL configuration file. + + # ee /usr/local/etc/apache22/extra/httpd-ssl.conf + ServerName host.example.com:443 + ServerAdmin you@example.com + SSLCertificateFile /usr/local/openssl/certs/host.example.com-cert.pem + SSLCertificateKeyFile /usr/local/openssl/certs/host.example.com-unencrypted-key.pem + +Save and exit. + +###Testing Apache HTTP Server Installation + +Check possible error on configuration files. + + # apachectl configtest + +If it shows **Syntax OK** then there is no error in configuration files. Change */etc/rc.conf* so that Apache can start at boot time. + + # ee /etc/rc.conf + apache22_enable="YES" + apache22_http_accept_enable="YES" + +Save and exit from text editor and start Apache with following command. + + # /usr/local/etc/rc.d/apache22 start + +Test Apache by opening our domain in internet browser. + + http://host.example.com/ + +Test SSL support by opening our domain in HTTPS protocol. + + https://host.example.com/ diff --git a/_posts/2014-07-02-installing-cyrus-sasl-server-on-freebsd.md b/_posts/2014-07-02-installing-cyrus-sasl-server-on-freebsd.md new file mode 100644 index 000000000000..7f9574be4b23 --- /dev/null +++ b/_posts/2014-07-02-installing-cyrus-sasl-server-on-freebsd.md @@ -0,0 +1,42 @@ +--- +layout: post +title: "Installing Cyrus SASL Server on FreeBSD" +date: 2014-07-02 11:00:00 +categories: sysadmin +--- + +###Instalation using FreeBSD ports + +Login as root then enter ports directory of Cyrus SASL and run following command. + + # cd /usr/ports/security/cyrus-sasl2-saslauthd + # make config ; make install clean + # rehash + +Create file *smtpd.conf* in directory */usr/local/lib/sasl2/*. + + # ee /usr/local/lib/sasl2/smtpd.conf + +Then add following lines. + + pwcheck_method: saslauthd + mech_list: plain login + +Edit file *rc.conf* so that SASL Authentification server can start at boot time. + + # ee /etc/rc.conf + saslauthd_enable="YES" + saslauthd_flags="-a pam" + +if you want to use other authentication mechanism such as LDAP, use following flags. + + saslauthd_flags="-a ldap" + +Save and run the startup script. + + # /usr/local/etc/rc.d/saslauthd start + # /usr/local/etc/rc.d/saslauthd status + +If SASL Authentification server is running, the terminal will show output similar to this. + + saslauthd is running as pid 1234. diff --git a/_posts/2014-07-02-installing-mysql-server-on-freebsd.md b/_posts/2014-07-02-installing-mysql-server-on-freebsd.md new file mode 100644 index 000000000000..89ddc97494b1 --- /dev/null +++ b/_posts/2014-07-02-installing-mysql-server-on-freebsd.md @@ -0,0 +1,78 @@ +--- +layout: post +title: "Installing MySQL Server on FreeBSD" +date: 2014-07-02 12:00:00 +categories: sysadmin +--- + +### Installation using FreeBSD ports +Login as root, then to make sure our server's hostname can be identified locally we need to edit /etc/hosts. + + # ee /etc/hosts + ::1 localhost localhost.example.com + 127.0.0.1 localhost localhost.example.com + 192.168.1.11 host.example.com + +Install MySQL Server with following command. + + # cd /usr/ports/databases/mysql56-server + # make -D BUILD_OPTIMIZED install clean + # rehash + +After installation finished, run script for installing main database and tables used by MySQL. + + # mysql_install_db --user=mysql –basedir=/usr/local/ + +Run following command to start MySQL daemon and create password for MySQL's root. + # mysqld_safe & + # mysqladmin -u root password 'localpassword' + # mysqladmin -u root -h host.example.com password 'remotepassword' + +MySQL has three types of configuration files i.e. *my-small.cnf, my-medium.cnf, my-large.cnf,* and *my-huge.cnf*. Copy suitable configuration file to */var/db/mysql*. + + # cp /usr/local/share/mysql/my-medium.cnf /var/db/mysql/my.cnf + +To deactivate MySQL TCP Networking edit MySQL configuration file. + + # ee /var/db/mysql/my.cnf + skip-networking + +Save and exit text editor. + +### Test MySQL Server Installation + +In order MySQL to start at boot time, edit file */etc/rc.conf* + + # ee /etc/rc.conf + mysql_enable="YES" + +Restart MySQL to apply change in configuration file. + + # /usr/local/etc/rc.d/mysql-server restart + +For checking if MySQL is running correctly, run following command. + + # mysqlshow –p + +If MySQL running then the following output will appear. + + +---------------------------+ + | Databases | + +---------------------------+ + | information_schema | + | mysql | + | test | + +---------------------------+ + +If there is error then the error log is saved in file */var/db/mysql/host.example.com.err*. Check the permission of */tmp* directory. + + # ls -ld /tmp + drwxrwxrwt 7 root wheel 512 Feb 17 12:00 /tmp + +If the output is not the same with line above, repair it with following command. + + # chown root:wheel /tmp + # chmod 777 /tmp + # chmod =t /tmp + +Installation of MySQL Server is finished. diff --git a/_posts/2014-07-31-author-override.md b/_posts/2014-07-31-author-override.md deleted file mode 100644 index af81bcd6b53a..000000000000 --- a/_posts/2014-07-31-author-override.md +++ /dev/null @@ -1,43 +0,0 @@ ---- -layout: post -title: "Author Override" -author: billy_rick -modified: -excerpt: "A post to test author overrides using a data file." -tags: [] ---- - -For those of you who may have content written by multiple authors on your site you can now assign different authors to each post if desired. - -Previously the theme used a global author for the entire site and those attributes would be used in all bylines, social networking links, Twitter Card attribution, and Google Authorship. These `owner` variables were defined in `config.yml` - -Start by modifying or creating a new `authors.yml` file in the `_data` folder and add your authors using the following format. - -{% highlight yaml %} -# Authors - -billy_rick: - name: Billy Rick - web: http://thewhip.com - email: billy@rick.com - bio: "What do you want, jewels? I am a very extravagant man." - avatar: bio-photo-2.jpg - twitter: extravagantman - google: - plus: BillyRick - -cornelius_fiddlebone: - name: Cornelius Fiddlebone - email: cornelius@thewhip.com - bio: "I ordered what?" - avatar: bio-photo.jpg - twitter: rhymeswithsackit - google: - plus: CorneliusFiddlebone -{% endhighlight %} - -To assign Billy Rick as an author for our post. You'd add the following YAML front matter to a post: - -{% highlight yaml %} -author: billy_rick -{% endhighlight %} diff --git a/_posts/2014-08-25-puppet-master-agent-installation-on-freebsd.md b/_posts/2014-08-25-puppet-master-agent-installation-on-freebsd.md new file mode 100644 index 000000000000..cbe96ab20686 --- /dev/null +++ b/_posts/2014-08-25-puppet-master-agent-installation-on-freebsd.md @@ -0,0 +1,208 @@ +--- +layout: post +title: "Puppet Master-Agent Installation on FreeBSD" +date: 2014-08-25 07:00:00 +categories: sysadmin +--- + +[Puppet](http://puppetlabs.com/) is a software which can automate configuration and management of machines and software running on them. This tool has great benefits for system administrator because it helps sysadmin to be the dream of every sysadmin, **a lazy sysadmin**. Puppet has great support for many operating system. Unfortunately its installation on my favourite OS, FreeBSD, is not so smooth. An introduction of Puppet installation which I found in BSD Magazine January 2012 edition is a starting point but I have to make some modification due to some of deprecated configurations. So, here I want to show you how to install and configure the basic of Puppet in FreeBSD in its master-agent scenario. +##Let's start... +###Puppet benefits: +1. automated server installation +2. mass deployment of changes to servers +3. maintain server state consistency + +###Puppet scenario: +0. FreeBSD (master) +1. FreeBSD (agent) + +###FreeBSD initial: +update ports + + # portsnap fetch extract + # portsnap fetch update + +install portmaster via ports + + # cd /usr/ports/ports-mgmt/portmaster + # make install clean + # rehash + +switch to pkgng + + # portmaster -dB ports-mgmt/pkg + +convert package database to new pkgng format + + # pkg2ng +use pkgng by default + + # echo 'WITH_PKGNG=yes' >> /etc/make.conf + +define new repository for pkgng + + # mkdir -p /usr/local/etc/pkg/repos + # cat << 'EOF' > /usr/local/etc/pkg/repos/FreeBSD.conf + FreeBSD: { + url: "http://pkg.FreeBSD.orf/${ABI}/latest", + mirror_type: "srv", + enabled: true + } + EOF + # pkg update + +test pkgng + + # pkg install sl + # sl + +--- +###Puppet master initial: +**IMPORTANT**: Puppet requires FQDN hostname +install from ports + + # cd /usr/ports/sysutils/puppet + # make install clean + +generate puppet configuration file + + # puppet master --genconfig > /usr/local/etc/puppet/puppet.conf + +copy auth.conf-dist to auth.conf + + # cp /usr/local/etc/puppet/auth.conf-dist /usr/local/etc/puppet/auth.conf + +some "red" warnings when run `puppet help` + + Warning: Setting manifestdir is deprecated. See http://links.puppetlabs.com/env-settings-deprecations + (at /usr/local/lib/ruby/site_ruby/1.9/puppet/settings.rb:1095:in `block in issue_deprecations') + Warning: Setting manifest is deprecated in puppet.conf. See http://links.puppetlabs.com/env-settings-deprecations + (at /usr/local/lib/ruby/site_ruby/1.9/puppet/settings.rb:1095:in `block in issue_deprecations') + Warning: Setting modulepath is deprecated in puppet.conf. See http://links.puppetlabs.com/env-settings-deprecations + (at /usr/local/lib/ruby/site_ruby/1.9/puppet/settings.rb:1095:in `block in issue_deprecations') + Warning: Setting templatedir is deprecated. See http://links.puppetlabs.com/env-settings-deprecations + (at /usr/local/lib/ruby/site_ruby/1.9/puppet/settings.rb:1095:in `block in issue_deprecations') + +skeleton files creation + + # mkdir -p /usr/local/etc/puppet/files + # mkdir -p /usr/local/etc/puppet/manifests + # touch /usr/local/etc/puppet/fileserver.conf + # touch /usr/local/etc/puppet/files/sudoers + # touch /usr/local/etc/puppet/manifests/site.pp + # touch /usr/local/etc/puppet/environments/production/environment.conf + # touch /usr/local/etc/puppet/environments/production/manifests/site.pp + +edit **puppet.conf** + + [main] + environmentpath = /usr/local/etc/puppet/environments + [master] + #manifestdir = /usr/local/etc/puppet/manifests + #manifest = /usr/local/etc/puppet/manifests/site.pp + #modulepath = /usr/local/etc/puppet/modules:/usr/share/puppet/modules + #templatedir = /var/puppet/templates + pluginsource = puppet://puppetmaster.domain/plugins + pluginfactsource = puppet://puppetmaster.domain/pluginfacts + +edit **fileserver.conf** + + [files] + path /usr/local/etc/puppet/files + allow *.domain + +edit **environments/production/environment.conf** + + modulepath = /usr/local/etc/puppet/modules:/usr/share/puppet/modules + manifest = /usr/local/etc/puppet/environments/production/manifests/site.pp + ### EXPERIMENTAL ### + #config_version = get_environment_commit.sh + #environment_timeout = 5s + +edit **environments/production/manifests/site.pp** + + class sudoers { + file { "/usr/local/etc/sudoers": + ensure => file, + owner => root, + group => wheel, + mode => 440, + source => "puppet://puppetmaster.domain/files/sudoers", + } + } + + node 'puppetclient.domain' { + include sudoers + } + +start puppet master + + # echo 'puppetmaster_enable="YES"' >> /etc/rc.conf + # /usr/local/etc/rc.d/puppetmaster start + +sign the certificate when agent initiate a certificate signing session + + # puppet cert --list --all + # puppet cert --sign puppetagent.domain + +edit **files/sudoers** + + root ALL=(ALL) ALL + +update puppet agents using `kick` + + # puppet kick puppetagent.domain + +--- +###Puppet agent initial: +**IMPORTANT**: Puppet requires FQDN hostname +install from ports + + # cd /usr/ports/sysutils/puppet + # make install clean + +configure hostname + + # hostname puppetagent.domain + +create and edit new **auth.conf** + + path /run + method save + allow puppetmaster.domain + +initiate a certificate signing session from agent to master and wait to be signed and automatically closed + + # puppet agent -v --server puppetmaster.domain --waitforcert 60 --test + +enable puppet agent on **rc.conf** + + # echo 'puppet_enable="YES"' >> /etc/rc.conf + # echo 'puppet_flags="-v --listen --server puppetmaster.domain"' >> /etc/rc.conf + +start puppet agent + + # /usr/local/etc/rc.d/puppet start + +inspect **/usr/local/etc/sudoers** after puppet master kicked some changes + + # less /usr/local/etc/sudoers + +--- +###Puppet problems: +cannot connect to https://forge.puppetlabs.com + + security/ca_root_nss port needed to be installed with ETCSYMLINK turned on + +puppet kick and --listen flag is deprecated + + still can't find good configuration for using sysutils/mcollective-puppet-agent as alternative + +--- +References: +http://www.iceflatline.com/2013/02/how-to-use-portmaster-to-update-ports/ +http://www.fitzdsl.net/2013/11/utiliser-pkgng-sous-freebsd-avec-puppet/ +https://mebsd.com/make-build-your-freebsd-word/pkgng-first-look-at-freebsds-new-package-manager.html +https://forums.freebsd.org/viewtopic.php?&t=36732 +http://www.6tech.org/2013/01/how-to-install-puppet-open-source-on-centos-6-3/ +https://github.com/puppetlabs-operations/puppet-freebsd diff --git a/_posts/2014-08-25-upgrade-ghost.md b/_posts/2014-08-25-upgrade-ghost.md new file mode 100644 index 000000000000..80add2d3298e --- /dev/null +++ b/_posts/2014-08-25-upgrade-ghost.md @@ -0,0 +1,31 @@ +--- +layout: post +title: "Upgrade Ghost" +date: 2014-08-25 08:00:00 +categories: sysadmin +--- + +I have run [Ghost](https://ghost.org) for quite some time now and I have been through two upgrade process so I think it will be a good idea to save a procedure for easy upgrading. I found the instruction [here](http://www.howtoinstallghost.com/how-to-update-ghost/). + +--- +###Manually upgrade Ghost + +I usually use manual upgrade method because I don't inspect the automatic scripts yet if it is compatible with my installation. + + # cd /var/www/html/ghost + # mkdir temp + # cd temp/ + # curl -L -O https://ghost.org/zip/ghost-latest.zip + # unzip ghost-latest.zip + # cd .. + # cp temp/*.md temp/*.js temp/*.json . + # rm -R core + # cp -R temp/core . + # cp -R temp/content/themes/casper content/themes + # npm install --production + # rm -R temp + # su ghost -c /var/www/html/ghost/starter.sh -s /bin/sh + +--- +###Reference +http://www.howtoinstallghost.com/how-to-update-ghost/ diff --git a/_posts/2015-01-09-start-your-own-documentation-blog.md b/_posts/2015-01-09-start-your-own-documentation-blog.md new file mode 100644 index 000000000000..a176c16145c0 --- /dev/null +++ b/_posts/2015-01-09-start-your-own-documentation-blog.md @@ -0,0 +1,12 @@ +--- +layout: post +title: "Start Your Own Documentation Blog" +date: 2015-01-09 07:00:00 +categories: sysadmin +--- + +I am trying to write again after some month was absent from touching any electronic notes (blogs). Actually I wanted to do it from a long time ago but I was afraid don't have any material with qualities to be written. In reality, I realized that I have been encountering events that I must write about. After so long trying to make up my mind and gather my courage, I finally be able to put some ideas into my writing, starting with this re-introduction. + +This blog actually planned to be a place where I keep my documentation about thing that I have been thinkering with. But I think I was too strict. Why don't I write anything I want to write here? This is my *personal* blog after all. So, I think it is wiser to share any good things with folks from internet here. As a system administrator which also want to be a developer, I think having a blog to write about your project or anything you get in touch is essential. It keeps a record about your projects and also can be a source of help for someone working the same projects out there. + +Okay, I think this is all from me now. We will catch up again real soon, I hope. diff --git a/_posts/2015-02-21-memcached-on-centos-6.md b/_posts/2015-02-21-memcached-on-centos-6.md new file mode 100644 index 000000000000..d4dcbfa3b49f --- /dev/null +++ b/_posts/2015-02-21-memcached-on-centos-6.md @@ -0,0 +1,18 @@ +--- +layout: post +title: "Memcached on CentOS 6" +date: 2015-02-21 07:00:00 +categories: sysadmin +--- + +[Memcached](http://memcached.org/) is free & open source, high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. In this documentation I will show how to install **memcached** using yum package manager with [Atomicorp](https://www.atomicorp.com/) repository. + +--- +Install the latest Atomicorp repository from http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/ + + sudo rpm -Uvh atomic-release*rpm +Then install memcached + + sudo yum install memcached + +Reference: http://pkgs.org/centos-6/atomic-x86_64/memcached-1.4.22-4.el6.art.x86_64.rpm.html diff --git a/_posts/2015-02-21-mongodb-on-centos-6.md b/_posts/2015-02-21-mongodb-on-centos-6.md new file mode 100644 index 000000000000..daa228b52477 --- /dev/null +++ b/_posts/2015-02-21-mongodb-on-centos-6.md @@ -0,0 +1,35 @@ +--- +layout: post +title: "MongoDB on CentOS 6" +date: 2015-02-21 08:00:00 +categories: sysadmin +--- + +[MongoDB](https://www.mongodb.org/) is the only database that harnesses the innovations of NoSQL (flexibility, scalability, performance) and builds on the foundation of relational databases (expressive query language, secondary indexes, strong consistency). In this documentation, I will show how to install MongoDB on CentOS 6. + +--- +Add MongoDB repository to yum + + sudo vi /etc/yum.repos.d/mongodb.repo + + [mongodb] + name=MongoDB Repository + baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/ + gpgcheck=0 + enabled=1 +Install **MongoDB** + + sudo yum install mongo-10gen mongo-10gen-server --exclude mongodb-org,mongodb-org-server +Add this to `/etc/yum.conf` to prevent **MongoDB** from being upgraded + + sudo vi /etc/yum.conf + + ... + exclude=mongo-10gen,mongo-10gen-server + +Start **MongoDB** service and configure it to start at boot + + sudo service mongod start + sudo chkconfig mongod on + +Reference: https://docs.mongodb.org/v2.4/tutorial/install-mongodb-on-red-hat-centos-or-fedora-linux/ diff --git a/_posts/2015-02-21-open-source-phusion-passenger-module-for-nginx-on-centos-6.md b/_posts/2015-02-21-open-source-phusion-passenger-module-for-nginx-on-centos-6.md new file mode 100644 index 000000000000..640a6286cffe --- /dev/null +++ b/_posts/2015-02-21-open-source-phusion-passenger-module-for-nginx-on-centos-6.md @@ -0,0 +1,39 @@ +--- +layout: post +title: "Open Source Phusion Passenger Module for Nginx on CentOS 6" +date: 2015-02-21 09:00:00 +categories: sysadmin +--- + +[Phusion Passenger](https://www.phusionpassenger.com/) is a web server and application server for your web apps which built upon Ruby or NodeJS. In this documentation I will show how to install open source version of **Phusion Passenger** on CentOS 6.6 using Ruby gem installation. + +--- + +Check your Ruby location + + which ruby + /usr/local/rvm/rubies/ruby-2.1.5/bin/ruby +In this tutorial I assume your Ruby is installed using RVM +Install passenger using **gem** command + + gem install passenger -V + +Install passenger module for nginx + + rvmsudo passenger-install-nginx-module +Follow the installation steps and you can customize your nginx installation if you want +Download init script for nginx and install + + wget https://gist.githubusercontent.com/prasetiyohadi/90355ce4b02487261f58/raw/35319a9b63331a9503424c40489d7be27387584d/nginx + mv nginx /etc/init.d/nginx + sudo chmod +x /etc/init.d/nginx + +Start nginx service + + sudo chkconfig nginx on + sudo service nginx start + sudo service nginx status + +Reference: +https://www.phusionpassenger.com/documentation/Users%20guide%20Nginx.html#rubygems\_generic\_install +https://www.digitalocean.com/community/tutorials/how-to-deploy-rails-apps-using-passenger-with-nginx-on-centos-6-5 diff --git a/_posts/2015-02-21-redis-on-centos-6.md b/_posts/2015-02-21-redis-on-centos-6.md new file mode 100644 index 000000000000..9eee07d34c79 --- /dev/null +++ b/_posts/2015-02-21-redis-on-centos-6.md @@ -0,0 +1,65 @@ +--- +layout: post +title: "Redis on CentOS 6" +date: 2015-02-21 10:00:00 +categories: sysadmin +--- + +[Redis](http://redis.io/) is an open source, BSD licensed, advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs. In this documentation, I will show how to install **Redis** on CentOS 6. + +--- +Install **Development Tools** + + sudo yum groupinstall "Development Tools" +Download and extract latest Redis package from http://redis.io/ + + wget http://download.redis.io/releases/redis-2.8.19.tar.gz + tar zxf redis-2.8.19.tar.gz +Go to redis directory and run make + + cd redis-2.8.19 + make +it is a good idea to run make test + + sudo yum install tcl + make test +Then run make install + + sudo make install +Add `/usr/local/bin` and `/usr/local/sbin` to your **secure_path** in `/etc/sudoers` + +Install as service + + sudo ./utils/install-server.sh + Welcome to the redis service installer + This script will help you easily set up a running redis server + + Please select the redis port for this instance: [6379] + Selecting default: 6379 + Please select the redis config file name [/etc/redis/6379.conf] + Selected default - /etc/redis/6379.conf + Please select the redis log file name [/var/log/redis_6379.log] + Selected default - /var/log/redis_6379.log + Please select the data directory for this instance [/var/lib/redis/6379] + Selected default - /var/lib/redis/6379 + Please select the redis executable path [/usr/local/bin/redis-server] + Selected config: + Port : 6379 + Config file : /etc/redis/6379.conf + Log file : /var/log/redis_6379.log + Data dir : /var/lib/redis/6379 + Executable : /usr/local/bin/redis-server + Cli Executable : /usr/local/bin/redis-cli + Is this ok? Then press ENTER to go on or Ctrl-C to abort. + Copied /tmp/6379.conf => /etc/init.d/redis_6379 + Installing service... + Successfully added to chkconfig! + Successfully added to runlevels 345! + Starting Redis server... + Installation successful! +Test your redis installation + + redis-cli + 127.0.0.1:6379>INFO + +Reference: http://redis.io/download diff --git a/_posts/2015-02-21-rvm-for-managing-ruby-version-on-centos-6.md b/_posts/2015-02-21-rvm-for-managing-ruby-version-on-centos-6.md new file mode 100644 index 000000000000..da60ae0e4598 --- /dev/null +++ b/_posts/2015-02-21-rvm-for-managing-ruby-version-on-centos-6.md @@ -0,0 +1,41 @@ +--- +layout: post +title: "RVM for Managing Ruby Version on CentOS 6" +date: 2015-02-21 11:00:00 +categories: sysadmin +--- + +[RVM](https://rvm.io/) is a command-line tool which allows you to easily install, manage, and work with multiple ruby environments from interpreters to sets of gems. In this documentation I will show how to install RVM on CentOS 6.6. + +--- + +Install **Development Tools** + + sudo yum groupinstall "Development Tools" + +Install **mpapis public key** + + sudo gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 +or if failed + + curl -sSL https://rvm.io/mpapis.asc | sudo gpg2 --import - + +Install RVM for multiuser installation + + \curl -sSL https://get.rvm.io | sudo bash -s stable + +Add your user to **rvm** group + + sudo usermod -aG rvm + +Logout and login again then install **Ruby** + + rvm install 2.1 + rvm use --default 2.1 + +You have installed **Ruby** version 2.1 and set it as your default version of **Ruby**. + + ruby -v + ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-linux] + +Reference: https://rvm.io/rvm/install diff --git a/_posts/2015-02-21-varnish-4-on-centos-6.md b/_posts/2015-02-21-varnish-4-on-centos-6.md new file mode 100644 index 000000000000..1c1902a2e668 --- /dev/null +++ b/_posts/2015-02-21-varnish-4-on-centos-6.md @@ -0,0 +1,22 @@ +--- +layout: post +title: "Varnish 4 on CentOS 6" +date: 2015-02-21 12:00:00 +categories: sysadmin +--- + +[Varnish Cache](https://www.varnish-cache.org/) is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x, depending on your architecture. In this documentation, I will show how to install Varnish 4 on CentOS 6. + +--- +For first installation install **Varnish** repository + + sudo rpm --nosignature -i https://repo.varnish-cache.org/redhat/varnish-4.0.el6.rpm +Then install **Varnish** + + sudo yum install varnish +Start **Varnish** service and configure it to start at boot + + sudo service varnish start + sudo chkconfig varnish on + +Reference: https://www.varnish-cache.org/installation/redhat diff --git a/_posts/2015-02-23-elasticsearch-on-centos-6.md b/_posts/2015-02-23-elasticsearch-on-centos-6.md new file mode 100644 index 000000000000..a0c9e780e9fa --- /dev/null +++ b/_posts/2015-02-23-elasticsearch-on-centos-6.md @@ -0,0 +1,41 @@ +--- +layout: post +title: "Elasticsearch on CentOS 6" +date: 2015-02-23 07:00:00 +categories: sysadmin +--- + +[Elasticsearch](https://www.elasticsearch.org/overview/elasticsearch) is a distributed restful search and analytics. In this documentation, I will show how to install **Elasticsearch** on CentOS 6. + +--- +Install Oracle Java + + wget --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u31-b13/server-jre-8u31-linux-x64.tar.gz + sudo mkdir /opt/jre + sudo tar zxf server-jre-8u31-linux-x64.tar.gz -C /opt/jre + sudo update-alternatives --install /usr/bin/java java /opt/jre/jdk1.8.0_31/bin/java 2000 + sudo update-alternatives --install /usr/bin/javac javac /opt/jre/jdk1.8.0_31/bin/javac 2000 + sudo update-alternatives --display java + sudo update-alternatives --display javac +Import **Elasticsearch** GPG key + + sudo rpm --import https://packages.elasticsearch.org/GPG-KEY-elasticsearch +Add **Elasticsearch** repository + + sudo vi /etc/yum.repos.d/elasticsearch.repo + + [elasticsearch-1.4] + name=Elasticsearch repository for 1.4.x packages + baseurl=http://packages.elasticsearch.org/elasticsearch/1.4/centos + gpgcheck=1 + gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch + enabled=1 +Install **Elasticsearch** using **yum** + + sudo yum install elasticsearch +Start **Elasticsearch** service + + sudo service elasticsearch start + sudo chkconfig elasticsearch on + +Reference: https://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-repositories.html diff --git a/_posts/2015-02-23-fluent-treasure-datatd-agent-installation-on-centos-6.md b/_posts/2015-02-23-fluent-treasure-datatd-agent-installation-on-centos-6.md new file mode 100644 index 000000000000..0940056ad827 --- /dev/null +++ b/_posts/2015-02-23-fluent-treasure-datatd-agent-installation-on-centos-6.md @@ -0,0 +1,37 @@ +--- +layout: post +title: "Fluent Treasure Data (TD) Agent Installation on CentOS 6" +date: 2015-02-23 08:00:00 +categories: sysadmin +--- + +[Fluentd](https://www.fluentd.org/) is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data. In this documentation, I will show how to install **fluentd** (**td-agent**) on CentOS 6. + +--- +Pre-installation: increase number of maximum file descriptors + + ulimit -n + sudo vi /etc/security/limits.conf + + * soft nofile 65535 + * hard nofile 65535 + root soft nofile unlimited + root hard nofile unlimited + + sudo reboot +Pre-installation: network kernel optimization + + sudo vi /etc/sysctl.conf + + net.ipv4.tcp_tw_recycle = 1 + net.ipv4.tcp_tw_reuse = 1 + net.ipv4.ip_local_port_range = 10240 65535 + + sudo sysctl -p +Install **fluentd** (**td-agent**) + + curl -L http://toolbelt.treasuredata.com/sh/install-redhat-td-agent2.sh | sudo sh + sudo chkconfig td-agent on + sudo chkconfig td-agent start + +Reference: http://docs.fluentd.org/articles/install-by-rpm diff --git a/_posts/2015-02-23-influxdb-installation-on-centos-6.md b/_posts/2015-02-23-influxdb-installation-on-centos-6.md new file mode 100644 index 000000000000..8384a7c8b4d4 --- /dev/null +++ b/_posts/2015-02-23-influxdb-installation-on-centos-6.md @@ -0,0 +1,22 @@ +--- +layout: post +title: "InfluxDB Installation on CentOS 6" +date: 2015-02-23 09:00:00 +categories: sysadmin +--- + +[InfluxDB](http://influxdb.com/) is an open-source, distributed, time series database with no external dependencies. In this documentation, I will show how to install **InfluxDB** on CentOS 6. + +--- +Download **InfluxDB** + + wget https://s3.amazonaws.com/influxdb/influxdb-latest-1.x86_64.rpm +Install **InfluxDB** + + sudo rpm -ivh influxdb-latest-1.x86_64.rpm +Enable and start **InfluxDB** service + + sudo chkconfig influxdb on + sudo service influxdb start + +Reference: http://influxdb.com/download/ diff --git a/_posts/2015-02-23-sensu-installation-on-centos-6.md b/_posts/2015-02-23-sensu-installation-on-centos-6.md new file mode 100644 index 000000000000..b11eed107d44 --- /dev/null +++ b/_posts/2015-02-23-sensu-installation-on-centos-6.md @@ -0,0 +1,178 @@ +--- +layout: post +title: "Sensu Installation on CentOS 6" +date: 2015-02-23 10:00:00 +categories: sysadmin +--- + +[Sensu](http://sensuapp.org/) is often described as the “monitoring router”. Essentially, Sensu takes the results of “check” scripts run across many systems, and if certain conditions are met; passes their information to one or more “handlers”. Checks are used, for example, to determine if a service like Apache is up or down. Checks can also be used to collect data, such as MySQL query statistics or Rails application metrics. Handlers take actions, using result information, such as sending an email, messaging a chat room, or adding a data point to a graph. There are several types of handlers, but the most common and most powerful is “pipe”, a script that receives data via standard input. Check and handler scripts can be written in any language, and the community repository continues to grow! In this documentation, I will show how to install **Sensu** on CentOS 6. + +--- +Generate SSL certificates for communication of **Sensu** components (be sure that OpenSSL is installed) + + which openssl + openssl version + cd /tmp + wget http://sensuapp.org/docs/0.16/tools/ssl_certs.tar + tar -xvf ssl_certs.tar + cd ssl_certs + ./ssl_certs.sh generate +Install **RabbitMQ** (requires **Erlang** from EPEL repository) + + sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm + sudo yum install erlang + sudo rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc + sudo rpm -Uvh http://www.rabbitmq.com/releases/rabbitmq-server/v3.4.4/rabbitmq-server-3.4.4-1.noarch.rpm + sudo chkconfig rabbitmq-server on + sudo service rabbitmq-server start +Configure **RabbitMQ** SSL listenet + + sudo mkdir -p /etc/rabbitmq/ssl + sudo cp /tmp/sensu_ca/cacert.pem /etc/rabbitmq/ssl/ + sudo cp /tmp/server/cert.pem /etc/rabbitmq/ssl/ + sudo cp /tmp/server/key.pem /etc/rabbitmq/ssl/ + sudo vi /etc/rabbitmq/rabbitmq.config + + [ + {rabbit, [ + {ssl_listeners, [5671]}, + {ssl_allow_poodle_attack, true}, + {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"}, + {certfile,"/etc/rabbitmq/ssl/cert.pem"}, + {keyfile,"/etc/rabbitmq/ssl/key.pem"}, + {verify,verify_peer}, + {fail_if_no_peer_cert,true}]} + ]} + ]. + + sudo service rabbitmq-server restart +Create a RabbitMQ vhost for Sensu + + sudo rabbitmqctl add_vhost /sensu +Create a RabbitMQ user with permissions for the Sensu vhost + + sudo rabbitmqctl add_user +Create a RabbitMQ user with permissions for the Sensu vhost + + sudo rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*" +(Optional) Enable the RabbitMQ web management console + + sudo rabbitmq-plugins enable rabbitmq_management +Install **Redis** (you can use tutorial in this [page](http://blog.deuterion.net/redis-in-centos-6/)) +Add **Sensu** repository + + sudo vi /etc/yum.repos.d/sensu.repo + + [sensu] + name=sensu-main + baseurl=http://repos.sensuapp.org/yum/el/$releasever/$basearch/ + gpgcheck=0 + enabled=1 +Install **Sensu** using **yum** + + sudo yum install sensu +Add **Sensu** SSL certificates + + sudo mkdir -p /etc/sensu/ssl + sudo cp /tmp/ssl_certs/client/cert.pem /etc/sensu/ssl/ + sudo cp /tmp/ssl_certs/client/key.pem /etc/sensu/ssl/ +Configure **Sensu** to communicate with **RabbitMQ** + + sudo vi /etc/sensu/conf.d/rabbitmq.json + + { + "rabbitmq": { + "ssl": { + "cert_chain_file": "/etc/sensu/ssl/cert.pem", + "private_key_file": "/etc/sensu/ssl/key.pem" + }, + "host": "", + "port": 5671, + "vhost": "/sensu", + "user": "", + "password": "" + } + } +Configure **Sensu** to communicate with **Redis** + + sudo vi /etc/sensu/conf.d/redis.json + + { + "redis": { + "host": "localhost", + "port": 6379 + } + } +Configure **Sensu** API + + sudo vi /etc/sensu/conf.d/api.json + + { + "api": { + "host": "localhost", + "port": 4567, + "user": "", + "password": "" + } + } +Configure **Sensu** client + + sudo vi /etc/sensu/conf.d/client.json + + { + "client": { + "name": "", + "address": "", + "subscriptions": [ "all" ] + } + } +Enable **Sensu** services + + sudo chkconfig sensu-server on + sudo chkconfig sensu-client on + sudo chkconfig sensu-api on +Start **Sensu** services + + sudo service sensu-server start + sudo service sensu-client start + sudo service sensu-api start + +Install **Sensu** dashboard: **Uchiwa** + + sudo yum install uchiwa + +Configure **Sensu** dashboard: **Uchiwa** + + sudo cp /etc/sensu/{uchiwa.json,uchiwa.json.old} + sudo vi /etc/sensu/uchiwa.json + + { + "sensu": [ + { + "name": "Sensu", + "host": "127.0.0.1", + "ssl": false, + "port": 4567, + "user": "", + "pass": "", + "path": "", + "timeout": 5000 + } + ], + "uchiwa": { + "user": "", + "pass": "", + "port": 3000, + "stats": 10, + "refresh": 10000 + } + } +Enable and start **Uchiwa** + + sudo chkconfig uchiwa on + sudo service uchiwa start +You can access **Uchiwa** in http://sensu-server-ip:3000 + +References: +http://sensuapp.org/docs/0.16/guide +http://www.rabbitmq.com/install-rpm.html diff --git a/_posts/2015-02-24-beanstalkd-installation-on-centos-6.md b/_posts/2015-02-24-beanstalkd-installation-on-centos-6.md new file mode 100644 index 000000000000..f7ccaa514e11 --- /dev/null +++ b/_posts/2015-02-24-beanstalkd-installation-on-centos-6.md @@ -0,0 +1,20 @@ +--- +layout: post +title: "Beanstalkd Installation on CentOS 6" +date: 2015-02-24 07:00:00 +categories: sysadmin +--- + +[Beanstalkd](https://kr.github.io/beanstalkd/) is a simple, fast work queue. Its interface is generic, but was originally designed for reducing the latency of page views in high-volume web applications by running time-consuming tasks asynchronously. In this documentation, I will show how to install **Beanstalkd** on CentOS 6. + +--- +Install **Beanstalkd** from **EPEL** repository using **yum** + + sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm + sudo yum install beanstalkd +Enable and start **Beanstalkd** service + + sudo chkconfig beanstalkd on + sudo service beanstalkd start + +Reference: https://kr.github.io/beanstalkd/download.html diff --git a/_posts/2015-02-24-percona-server-5-6-installation-on-centos-6.md b/_posts/2015-02-24-percona-server-5-6-installation-on-centos-6.md new file mode 100644 index 000000000000..d680be006442 --- /dev/null +++ b/_posts/2015-02-24-percona-server-5-6-installation-on-centos-6.md @@ -0,0 +1,30 @@ +--- +layout: post +title: "Percona Server 5.6 Installation on CentOS 6" +date: 2015-02-24 08:00:00 +categories: sysadmin +--- + +[Percona Server 5.6](https://www.percona.com/software/percona-server/ps-5.6) is the latest release of drop-in replacement for MySQL®. The new version offers all the improvements found in MySQL 5.6 Community Edition plus scalability, availability, backup, and security features found only in MySQL 5.6 Enterprise Edition, which requires a support contract from Oracle to access. Percona Server 5.6 is free, open source software which includes superior diagnostics and improved integration with other Percona software. In this documentation, I will show how to install **Percona Server 5.6** on CentOS 6. + +--- +Install Percona repository + + sudo yum install http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm +Install **Percona Server 5.6** + + sudo yum install Percona-Server-client-56 Percona-Server-server-56 +Enable and start **Percona Server 5.6** + + sudo chkconfig mysql on + sudo service mysql start +Run **mysql\_secure\_installation** to secure **Percona Server 5.6** installation + + sudo /usr/bin/mysql_secure_installation +Create user defined function (UDF) from Percona Toolkit + + mysql -u root -e "CREATE FUNCTION fnv1a_64 RETURNS INTEGER SONAME 'libfnv1a_udf.so'" + mysql -u root -e "CREATE FUNCTION fnv_64 RETURNS INTEGER SONAME 'libfnv_udf.so'" + mysql -u root -e "CREATE FUNCTION murmur_hash RETURNS INTEGER SONAME 'libmurmur_udf.so'" + +Reference: https://www.percona.com/doc/percona-server/5.6/installation.html diff --git a/_posts/2015-03-20-akuisisi-data-sensor-lm35-dengan-arduino.md b/_posts/2015-03-20-akuisisi-data-sensor-lm35-dengan-arduino.md new file mode 100644 index 000000000000..a31b09419b5a --- /dev/null +++ b/_posts/2015-03-20-akuisisi-data-sensor-lm35-dengan-arduino.md @@ -0,0 +1,152 @@ +--- +layout: post +title: "Akuisisi Data Sensor LM35 dengan Arduino" +date: 2015-03-20 07:00:00 +categories: engineering +--- + +Ini adalah tulisan pertama di blog ini yang membahas tentang hardware dan yang pertama menggunakan bahasa Indonesia. Sensor temperatur LM35 ([datasheet](http://www.ti.com/lit/ds/symlink/lm35.pdf)) adalah sensor IC (Integrated Circuit) yang memberikan respon terhadap perubahan temperatur di sekitarnya dalam bentuk keluaran tegangan analog. Sensor temperatur LM35 bekerja pada tegangan 4 sampai 30V dan mempunyai respon linear 10mV/derajat Celcius pada rentang -55 sampai 150 derajat Celcius berdasarkan datasheet yang tersedia. Akuisisi data menggunakan sensor temperatur ini adalah percobaan sederhana yang bisa dikembangkan untuk perangkat [Internet of Thing](http://whatis.techtarget.com/definition/Internet-of-Things). Garis besar percobaan ini adalah keluaran dari sensor LM35 dibaca oleh Arduino melalui pin input analog (__A0__). Pin input analog Arduino mengeluarkan nilai dengan resolusi 10 bit untuk rentang 0 sampai 5V. Untuk mengetahui tegangan keluaran dari sensor LM35, diperlukan perhitungan berikut ini, + + tegangan_keluaran_lm35 = input_analog_A0 * 5V / 1024 +kemudian untuk mengetahui temperatur yang terukur dari sensor LM35, diperlukan perhitungan berikut, + + temperatur_terukur = tegangan_keluaran_lm35 / (10mV/derajatC) + +Berikut ini adalah skematik untuk rangkaian LM35 dan Arduino UNO (dibuat dengan software open-source [Fritzing](http://fritzing.org/)) +![LM35-Arduino](/images/lm35-arduino_bb.png) + +Berikut ini adalah program Arduino yang di-upload ke dalam mikrokontroler Arduino + + #define refVoltage 5.0 + #define gradVoltage 0.01 + #define tempPin 0 + + float temp; + + void setup() { + // put your setup code here, to run once: + Serial.begin(9600); + } + + void loop() { + // put your main code here, to run repeatedly: + temp = analogRead(tempPin); + + // print lm35 output reading to Serial + Serial.print(temp); + Serial.print("\t"); + + // equation to calculate measured temperature from lm35 output + temp = (refVoltage*temp)/(1024*gradVoltage); + + // print calculated temperature to Serial + Serial.println(temp); + + // acquire data every one second (1000 miliseconds) + delay(1000); + } + +Berdasarkan program Arduino di atas, keluaran Serial Arduino dapat dibaca oleh komputer dengan menghubungkan Arduino dengan komputer menggunakan kabel Serial USB TTL RS232. Komputer yang digunakan pada percobaan ini adalah [Raspberry Pi 2](http://www.raspberrypi.org/) dengan sistem operasi [Raspbian](http://www.raspbian.org/). Pada Raspbian, setelah melakukan [instalasi Arduino IDE](http://www.raspberrypi.org/forums/viewtopic.php?f=37&t=42530) dan menghubungkan kabel USB Serial dari Arduino ke Raspberry Pi, Serial Arduino akan terdeteksi sebagai __/dev/ttyACM0__. Setelah Serial USB terhubung, maka keluaran Serial dari Arduino dapat dibaca menggunakan berbagai macam bahasa pemrograman, salah satunya menggunakan bahasa pemrograman [Python](https://www.python.org/). Berikut ini adalah aplikasi Python yang digunakan untuk membaca Serial Arduino dan mengirimkan keluaran temperatur terukur LM35 ke database [MySQL](http://www.mysql.com/) dan [InfluxDB](http://influxdb.com/). + + #!/usr/bin/python + import serial + import MySQLdb + import json + import requests + import time + + # define arduino device serial port and timeout + device = '/dev/ttyACM0' + timeout = 2 + + # connect to serial port + try: + print "Trying...", device + ser = serial.Serial(device, 9600, timeout=timeout) + except: + print "Failed to connect on", device + + # create connection to MySQL database + db = MySQLdb.connect('mysql_server_host', 'mysql_user', 'mysql_password', 'mysql_database') or die('ERROR: Could not connect to database!') + + # open a cursor to the database + cur = db.cursor() + + # Influxdb server url + url = 'http://influxdb_server_host:8086/db/influxdb_database/series?u=influxdb_user&p=influxdb_password' + headers = {'Content-type': 'application/json'} + + # flush serial input + ser.flushInput() + + while True: + try: + # read data from arduino + data = ser.readline() + + # split data by tab character + datum = data.split("\t") + + # insert data to MySQL database + try: + cur.execute('insert into lm35 (output, tempc) values (%s, %s)', (datum[0], datum[1])) + db.commit() + except MySQLdb.IntegrityError: + print "ERROR: Failed to insert data!" + + # send data as JSON to InfluxDB + try: + payload = [{"points":[[float(datum[1].replace('\r\n', ''))]], "name": "influxdb_series", "columns": ["tempc"]}] + r = requests.post(url, data=json.dumps(payload), headers=headers) + except: + pass + + except: + cur.close() + db.close() + ser.close() + print "ERROR: Failed to get data from Arduino!" + break + +Setelah disimpan di dalam database MySQL, data temperatur terukur dari sensor LM35 dapat digunakan untuk analisis lebih lanjut. Terdapat aplikasi yang dapat membaca data dari database InfluxDB dan mengeluarkannya dalam bentuk grafik dengan mudah yaitu [Grafana](http://grafana.org/) yang pada percobaan ini dijalankan dengan web server [Nginx](http://nginx.org/). + +Setelah mengunduh Grafana, _copy_ file __config.sample.js__ menjadi file __config.js__ dan ubah blok konfigurasi di dalamnya menjadi seperti berikut ini, + + ... + + // InfluxDB example setup (the InfluxDB databases specified need to exist) + datasources: { + influxdb: { + type: 'influxdb', + url: "http://influxdb_server_host:8086/db/influxdb_database", + username: 'influxdb_user', + password: 'influxdb_password', + }, + grafana: { + type: 'influxdb', + url: "http://influxdb_server_host:8086/db/grafana", + username: 'grafana', + password: 'grafana_password', + grafanaDB: true + }, + }, + + ... + +Setelah itu lakukan instalasi Nginx dan buat file konfigurasi Nginx untuk Grafana seperti berikut ini, + + server { + listen 5100; + auth_basic 'Restricted'; + auth_basic_user_file /location/grafana-1.9.1/htpasswd; + location / { + root /location/grafana-1.9.1; + } + } + +Modul __auth_basic__ digunakan untuk membatasi akses ke Grafana dan untuk membuat file __htpasswd__ dan menambahkan user baru dapat menggunakan aplikasi __apache2-utils__ untuk sistem operasi Debian. Setelah menambahkan file konfigurasi, restart Nginx. + +Berikut ini adalah tampilan Grafana setelah dikonfigurasi untuk mengambil data temperatur terukur dari sensor LM35 yang disimpan di dalam InfluxDB. +![LM35 InfluxDB Grafana](/images/lm35-grafana-1.PNG) + +Pada percobaan ini, Database MySQL dan InfluxDB, serta aplikasi Grafana dan Nginx tidak berjalan di Raspberry Pi, tetapi berjalan di komputer yang mempunyai resource lebih besar untuk mencegah beban yang terlalu besar pada Raspberry Pi. Raspberry Pi dan server database dan web terhubung melalui [LAN](http://en.wikipedia.org/wiki/Local_area_network). diff --git a/_posts/2015-04-11-the-end-of-generation-of-tinkerers.md b/_posts/2015-04-11-the-end-of-generation-of-tinkerers.md new file mode 100644 index 000000000000..ccd29cb421a8 --- /dev/null +++ b/_posts/2015-04-11-the-end-of-generation-of-tinkerers.md @@ -0,0 +1,25 @@ +--- +layout: post +title: "The End of Generation of Tinkerers" +date: 2015-04-11 07:00:00 +categories: idea +--- + +####The Prologue +My college was the only college I know that gave the chance to its students to run the college network infrastructures. It encourages the students to study more outside their respective fields and share the knowledge in a community. Only a handful of people know that in the early days, the network infrastructure of my college, was built through the hands of its own students and the tradition to maintain it has been passed through the new generation of students. + +The community of students which involved in maintaining the campus network gets benefits like faster network access, special routes and proxies, and access to computers across campus networks, as the compensations of the time and energy they used for maintaining campus network infrastructures. The benefits of maintaining the campus network infrastructures, despite only obtained by a few students, has been the driving force of the community to keep tinkering with the campus networks and develop theirs and others community, also to study new technology or trends like Internet of Things, which will be too expensive for common students. + +####The Present +The network infrastructures has been evolved faster and faster by the time. Now we face terms like Software Defined Network, OpenStack, DevOps, and many more terms. The amount of knowledge and requirements needed to run the network infrastructures has grown beyond the capability of the campus students, some said. So, in the wake of new form of our college department which runs the campus network infrastructures, they decide to cut ties of any students involvement in operations of campus network infrastructures. + +The new directorate of campus network operations wants to control the network operations from the backbone until the user access, simply everything. The new directorate demands that people who runs the campus network infrastructures to work full time, so no students allowed, despite there are a few part time students which runs the most important parts of campus networks, they kick them out one by one. + +Now, the community of students which involved in running the campus network in the past facing an uncertain future. When they are not involved in running the campus networks, their existence is no more relevant than any other students communities which just a bunch of students with same hobby, or culture, or whatever ties them as a community. The new directorate offers them to do projects with strict contracts for the directorate for the substitution of running campus networks. + +####The Opinion +Before I walked out from the campus (not dropped out apparently, of course I graduated), the campus security unit has been implementing a new protocol, the so called night hours for the students, to keep them out of campus from 11 p.m. until the next morning. Of course the students communities became upset, their activity hours had been cut significantly. One of the community which greatly affected with this new protocol is our community which involved in running campus network. We usually start tinkering from the evening after courses until the next morning. But, when the new _security_ protocol implemented, its only give the students approximately four hours effective for the activity. + +Of course we cannot cope with the demand of the technology which grows faster and faster when our time to study it has been cut more than sixty percent a day. I know only a very few students has the dedication to do the jobs, but they are the tinkerers, they are the ones who inspire the others to study the technology and develop it. They are the ones who tell the other students that our campus is different than other campuses, that there are another ways than to give up to education industry scheme, that the access to technology not only limited to those who have the money. We do not have any money, but we never afraid to tinker anything because we have access, and now they want to cut it. + +I know it is no place for me, who had been out of the campus, to say those words. But, I don't want something that makes me very proud with my college gets taken away just like that, and frankly I don't need MIT if my college still supports those few students which are willing to give their time and energy so they can tinker the technology beyond their reach and I am very disappointed to see my college downgrades to the level of college with access only for the rich people. diff --git a/_posts/2015-06-08-playing-with-ansible-and-freebsd.md b/_posts/2015-06-08-playing-with-ansible-and-freebsd.md new file mode 100644 index 000000000000..909f6fa5ec90 --- /dev/null +++ b/_posts/2015-06-08-playing-with-ansible-and-freebsd.md @@ -0,0 +1,40 @@ +--- +layout: post +title: "Playing with Ansible and FreeBSD" +date: 2015-06-08 07:00:00 +categories: sysadmin +--- + +By default, FreeBSD doesn't install a python package in its standard distribution. So, we need to install python, either manually or using __ansible__ module. + + $ ansible freebsd-host -m raw -a 'env ASSUME_ALWAYS_YES=YES pkg install python' -u root + +Of course before we can use __ansible__ we have to install public key authentication and enable SSH to root user in FreeBSD host from controller machine. FreeBSD install python in different path than Linux machine, so we must set variable for the python interpreter, either in host file or variable files. + + ansible_python_interpreter: "/usr/local/bin/python" + +Then test installed python interpreter. + + $ ansible freebsd-host -m ping -u root + | success >> { + "changed": false, + "ping": "pong" + } + +For new installation of FreeBSD, we should update port distribution using __portsnap__. +The ad-hoc command + + $ ansible freebsd-host -m command -a "/usr/sbin/portsnap fetch extract" + +The playbook + + --- + - hosts: freebsd-host + remote_user: root + vars: + ansible_python_interpreter: /usr/local/bin/python + tasks: + - name: update portsnap + command: /usr/sbin/portsnap fetch extract + +After that we are ready to begin using __ansible__ to automate our servers. diff --git a/_posts/2015-06-14-re-introduction-to-python.md b/_posts/2015-06-14-re-introduction-to-python.md new file mode 100644 index 000000000000..df578d3e0d82 --- /dev/null +++ b/_posts/2015-06-14-re-introduction-to-python.md @@ -0,0 +1,396 @@ +--- +layout: post +title: "Re-Introduction to Python" +date: 2015-06-14 07:00:00 +categories: python +--- + +Python is one of the programming languages which can claim to be both **simple** and **powerful**. + +> Python is an easy to learn, powerful programming language with efficient high-level data structures and a simple but effective approach to object oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas in many platforms. + +**Guido van Rossum**, the creator of the Python language, named the language after the BBC show "Monty Python's Flying Circus". + +### Python's Features + +* Simple +* Easy to Learn +* Free and Open Source +* High-level Language +* Portable +* Interpreted +* Object Oriented +* Extensible +* Embeddable +* Extensive Libraries + +Python does not need compilation to *binary*. You just run the program directly from the source code. Internally, Python converts the source code into an intermediate form called *bytecodes* and then translates this into the native language of your computer and then runs it. + +We can use `help()` function to get quick information about any function or statement in Python. + +--- + +### Python's Basics + +* Literal constants `5, 3.14, 9.25e-3, 'This is a string' or "It's a string!"` +* Numbers + * Integers `2, 4, 10` + * Long integers + * Floating point numbers or *floats* `3.14, 12.5E-4` + * Complex numbers `(-5 + 4j), (2.3 - 4.6j)` +* Strings `'single quotes strings', "double quotes strings", '''triple quotes or multiline strings''', """another triple quotes or multiline strings"""` + * Escape sequences `\', \", \n, \t` + * Raw strings `r'You can add tab using \t', R"Newlines are indicated by \n"` + * Unicode strings `u"This is a Unicode string."` + * Strings are immutable. Once you have created a string, you cannot change it. + * String literal concatenation. `'What\'s' 'your name?'` is automatically converted in to `"What's your name?"`. +* **Variables** can store information and enable us to manipulate them and we can access them by name. +* **Identifiers** are names given to identify something i.e. variables. + * The first character must be a letter of the alphabet or an underscore. + * The rest can consist of letters, underscores, or digits. + * Identifier names are case-sensitive. +* Variables can hold values of different types called **data types**. +* Python refers to anything used in a program as an **object**. Python is strongly object-oriented in the sense that everything is an object including numbers, strings and even functions. +* A **physical line** is what you see when you write the program. +* A **logical line** is what Python sees as a single statement. +* **Explicit line joining** is writing a logical line spanning many physical lines follows. +* **Indentation** is used to determine the indentation level of the logical line, which in turn is used to determine the grouping of statements which called **block**. + +### Operators and Expressions + +* Arithmetics `+ (plus), - (minus), * (multiply), ** (power), / (division), // (floor division), % (modulo)` +* Shifts `<< (left shift), >> (right shift)` +* Bitwise `& (bitwise AND), | (bitwise OR), ^ (bitwise XOR), ~ (bitwise invert)` +* Comparison `< (less than), > (greater than), <= (less than or equal to), >= (greater than or equal to), == (equal to), != (not equal to)` +* Boolean `not (boolean NOT), and (boolean AND), or (boolean OR)` +* Operator precedence from the lowest to highest `lambda; or; and; not x; in, not in; is, is not; <, <=, >, >=, !=, ==; |; ^; &; <<, >>; +, -; *, /, %; +x, -x; ~x; **; x.attribute; x[index]; x[index:index]; f(arguments ...); (expressions, ...); [expressions, ...]; {key:datum, ...}; String conversion` + +### Control Flow + +`if` statement to check a condition and if the condition is true, we run a block of statements (called the *if-block*). + +{% highlight python %} +number = 25 +guess = int(raw_input('Guess a number : ')) +if guess == number: + print "You've guessed the number." +# optional +elif guess > number: + print "The number is lower than that." +# optional +else: + print "The number is higher than that." +print "Done." +{% endhighlight %} + +`while` statement allows you to repeatedly execute a block of statements as long as a condition is true. + + {% highlight python %} + number = 25 + running = True + while running: + guess = int(raw_input('Guess a number : ')) + if guess == number: + print "You've guessed the number." + running = False + # optional + elif guess > number: + print "The number is lower than that." + # optional + else: + print "The number is higher than that." + else: + print "The game is over." + print "Done." + {% endhighlight %} + +`for..in` statement is another looping statement which iterates over a sequence of objects. + + for i in range(1, 6): + # for i in [1, 2, 3, 4, 5]: + print i + else: + print 'The loop is over' + +`break` statement is used to break out of a loop statement i.e. stop the execution of a looping statement. + + while True: + s = raw_input('Write something : ') + if s == 'quit': + break + print 'Length of the string is', len(s) + print 'Done' + + +> **G2's Poetic Python** +> +>Programming is fun +When the work is done +if you wanna make your work also fun: +use Python! + +`continue` statement is used to tell Python to skip the rest of the statements in the current loop block and to continue to the next iteration of the loop. + + while True: + s = raw_input('Write something : ') + if s == 'quit': + break + if len(s) < 5: + continue + print 'Input is of sufficient length' + print 'Length of the string is', len(s) + +### Functions + +Functions are reusable pieces of programs. They allow you to give a name to a block of statements and you can run that block using that name anywhere in your program and any number of times. This is known as calling the function. + +**Defining a function** + + def helloWorld(): + print 'Hello World!' # block belonging to the function + # End of function + helloWorld() # call the function + +A function can take *parameters* which are just values you supply to the function so that the function can do something utilising those values. + + def printMin(a, b): + if a < b: + print a, 'is minimum' + else: + print b, 'is minimum' + printMin(4, 6) # directly give literal values + x = 9 + y = 5 + printMin(x, y) # give variables as arguments + +Variable names inside a function definition are not related in any way to other variables with the same names used outside the function i.e. variable names are *local* to the function. This is called the *scope* of the variable. + + def func(n): + print 'n is ', n + n = 2 + print 'Local n now is', n + n = 20 + func(n) + print 'n is still ', n + +`global` statement tells Python that the variable name is not local, but it is *global*. + + def func(): + global n + print 'n is ', n + n = 2 + print 'Global n now is', n + n = 20 + func() + print 'n is ', n + +*Default argument values* can be used to make some of function's parameters as optional and use default values if the user does not want to provide values for such parameters. + + def write(message, times = 1): + print message * times + write('Morning') + write('Hello', 3) + +> You cannot have a parameter with a default argument value before a parameter without a default argument value in the order of parameters declared in the function parameter list. + +*Keyword arguments* can be used to specify only some parameters or arguments in the function provided that +the other parameters have default argument values. + + def func(x, y=3, z=7): + print 'x is', x, 'and y is', y, 'and z is', z + func(6, 11) + func(12, z=18) + func(z=25, x=80) + +`return` statement is used to *return* from a function i.e. break out of the function. We can optionally *return* a *value* from the function as well. A `return` statement without a value is equivalent to `return None`. Every function implicitly contains a `return None` statement at the end. + + def minimum(a, b): + if a < b: + return a + else: + return b + print minimum(23, 17) + +`pass` statement is used in Python to indicate an empty block of statements. + + def someFunc(): + pass + +*Documentation strings* or *docstrings* are an important tool that you should make use of since it helps to document the program better and makes it more easy to understand. + + def printMin(a, b): + '''Prints the maximum of two numbers. + The two values must be integers.''' + a = int(a) # convert to integers, if possible + b = int(b) + if a < b: + print a, 'is minimum' + else: + print b, 'is minimum' + printMin(19, 13) + print printMin.__doc__ + +### Modules + +A module is basically a file containing all your functions and variables that you have defined. To reuse the module in other programs, the filename of the module **must** have a **.py** extension. A module can be *imported* by another program to make use of its functionality. This is how we can use the Python standard library as well. + +`import` statement is used to import modules i.e. **sys** module. + + import sys + print 'The command line arguments are:' + for x in sys.argv: + print x + print '\n\nThe PYTHONPATH is', sys.path, '\n' + +One way Python make importing a module faster is to create *byte-compiled* files with the extension **.pyc** which is related to the intermediate form that Python transforms the program into. + +`__name__` statement can be used to find out the name of a its module. + + if __name__ == '__main__': + print 'This program is being run by itself' + else: + print 'I am being imported from another module' + +You can create your own module just by creating a Python source code, just make sure it has **.py** extension. + + #!/usr/bin/python + # Filename: mymodule.py + def sayhello(): + print 'Hello, this is mymodule speaking.' + version = '0.1' + # End of mymodule.py + +Then you can import the module. + + import mymodule + mymodule.sayhello() + print 'Version', mymodule.version + +`from..import` statement can be used to import specific functions or variables from a module or all of it using `from..import *` statement. + + from mymodule import sayhello, version + # Alternative: + # from mymodule import * + sayhello() + print 'Version', version + +`dir()` function can be used to list the identifiers that a module defines. The identifiers are the functions, classes and variables defined in that module. + +`del` statement is used to delete a variable/name and after the statement has run you can no longer access the variable. + +### Data Structures + +A **list** is a data structure that holds an ordered collection of items i.e. you can store a sequence of items in a list. **List** is a mutable data type i.e. this type can be altered. + + readlist = [ 'memo', 'magazine', 'newspaper', 'book'] + print 'I have', len(readlist), 'items to read.' + print 'These items are:', + for item in readlist: + print item, + print '\nI also have to read the notes.' + readlist.append('notes') + print 'My reading list is now', readlist + print 'I will short my list now' + readlist.sort() + print 'Sorted reading list is', readlist + print 'The first item I will read is', readlistp[0] + olditem = readlist[0] + del readlist[0] + print 'I read the', olditem + print 'My reading list is now', readlist + +**Tuples** are just like **lists** except that they are immutable like strings i.e. you cannot modify **tuples**. + + garden = ('roses', 'poppies', 'irises') + print = 'Number of flowers in the garden is', len(garden) + + new_garden = ('daisies', 'lavender', garden) + print 'Number of flowers in the new garden is', len(new_garden) + print 'All flowers in the new garden are', new_garden + print 'Flowers brought from old garden are', new_garden[2] + print 'Last flower brought from old garden are', new_garden[2][2] + +Empty **tuple** can be specified i.e. `myempty = ()`. Single item **tuple** should be specified i.e. `singleton = (2, )` so that Python can differentiate between a tuple and a pair of parentheses surrounding the object in an expression. + +One of the most common usage of tuples is with the `print` statement. + + age = 23 + name = 'Pras' + print '%s is %d years old' % (name, age) + print 'Why is %s learning Python?' % name + +**Dictionary** is data structure which consists of keys with values pairs. Key must be unique and can only be immutable objects. Pairs of keys and valus are specified by using the notation `d = {key1 : value1, key2 : value2 }`. Key/value pairs in a dictionary are not ordered in any manner. The dictionaries are instances/objects of the **dict** class. + + # 'sl' is short for 's'tudents 'l'ist + sl = { + 'Agung': 'agung@students.com', + 'Bayu': 'bayu@university.com', + 'Deni': 'deni@study.com', + 'Hafidz': 'hafidz@learn.com' + } + print "Agung's email is %s" % sl['Agung'] + # Adding a key/value pair + sl['Ibnu'] = 'ibnu@courses.com' + # Deleting a key/value pair + del sl['Deni'] + print '\nThere are %d students in the student list\n', % len(sl) + for name, email in sl.items(): + print 'Student %s at %s' % (name, email) + if 'Ibnu' in sl: # OR sl.has_key('Ibnu') + print "\nIbnu's email is %s" % sl['Ibnu'] + +Lists, tuples and strings are examples of **sequences** which has *indexing operation* which allows us to fetch a particular item in the sequence directly and the *slicing operation* which allows us to retrieve a slice of the sequence i.e. a part of the sequence. + + readlist = ['book', 'magazine', 'memo', 'newspaper'] + # Indexing or 'Subscription' operation + print 'Item 0 is', readlist[0] + print 'Item 1 is', readlist[1] + print 'Item 2 is', readlist[2] + print 'Item 3 is', readlist[3] + print 'Item -1 is', readlist[-1] + print 'Item -2 is', readlist[-2] + # Slicing on a list + print 'Item 1 to 3 is', readlist[1:3] + print 'Item 2 to end is', readlist[2:] + print 'Item 1 to -1 is', readlist[1:-1] + print 'Item start to end is', readlist[:] + # Slicing on a string + name = 'purwoko' + print 'characters 1 to 3 is', name[1:3] + print 'characters 2 to end is', name[2:] + print 'characters 1 to -1 is', name[1:-1] + print 'characters start to end is', name[:] + +Variable only refers to the object and does not represent the object itself. The variable name points to that part of computer's memory where the object is stored. This is called as **binding** of the name to the object. + + print 'Simple Assignment' + readlist = ['book', 'magazine', 'memo', 'newspaper'] + mylist = readlist # mylist is just another name pointing to the same object! + del readlist[0] # I read the first item, so I remove it from the list + print 'readlist is', readlist + print 'mylist is', mylist + # notice that both readlist and mylist both print the same list without + # the 'book' confirming that they point to the same object + print 'Copy by making a full slice' + mylist = readlist[:] # make a copy by doing a full slice + del mylist[0] # remove first item + print 'readlist is', readlist + print 'mylist is', mylist + # notice that now the two lists are different + +The strings are all objects of the class **str**. For a complete list of such **str** methods, see `help(str)`. + + name = 'Wijayakusuma' # This is a string object + if name.startswith('Wij'): + print 'Yes, the string starts with "Wij"' + if 'a' in name: + print 'Yes, it contains the string "a"' + if name.find('jaya'): + print 'Yes, it contans the string "jaya"' + delimiter = '_*_' + mylist = ['Bandung', 'Surabaya', 'Jakarta', 'Yogyakarta'] + print delimiter.join(mylist) + +--- + +>Reference: C. H. Swaroop. *A Byte of Python*. 2005. diff --git a/_posts/2016-01-29-welcome-to-jekyll.md b/_posts/2016-01-29-welcome-to-jekyll.md new file mode 100644 index 000000000000..d9f590b66241 --- /dev/null +++ b/_posts/2016-01-29-welcome-to-jekyll.md @@ -0,0 +1,25 @@ +--- +layout: post +title: "Welcome to Jekyll!" +date: 2016-01-29 16:30:08 +0700 +categories: jekyll update +--- +You’ll find this post in your `_posts` directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run `jekyll serve`, which launches a web server and auto-regenerates your site when a file is updated. + +To add new posts, simply add a file in the `_posts` directory that follows the convention `YYYY-MM-DD-name-of-post.ext` and includes the necessary front matter. Take a look at the source for this post to get an idea about how it works. + +Jekyll also offers powerful support for code snippets: + +{% highlight ruby %} +def print_hi(name) + puts "Hi, #{name}" +end +print_hi('Tom') +#=> prints 'Hi, Tom' to STDOUT. +{% endhighlight %} + +Check out the [Jekyll docs][jekyll-docs] for more info on how to get the most out of Jekyll. File all bugs/feature requests at [Jekyll’s GitHub repo][jekyll-gh]. If you have questions, you can ask them on [Jekyll Talk][jekyll-talk]. + +[jekyll-docs]: http://jekyllrb.com/docs/home +[jekyll-gh]: https://github.com/jekyll/jekyll +[jekyll-talk]: https://talk.jekyllrb.com/ diff --git a/_posts/2016-03-22-membuat-virtual-machine-di-freebsd-dengan-bhyve-dan-vm-bhyve.md b/_posts/2016-03-22-membuat-virtual-machine-di-freebsd-dengan-bhyve-dan-vm-bhyve.md new file mode 100644 index 000000000000..9430d1c3d80b --- /dev/null +++ b/_posts/2016-03-22-membuat-virtual-machine-di-freebsd-dengan-bhyve-dan-vm-bhyve.md @@ -0,0 +1,294 @@ +--- +layout: post +title: "Membuat Virtual Machine di FreeBSD dengan bhyve dan vm-bhyve" +date: 2016-03-22 07:00:00 +categories: sysadmin +--- + +Sejak FreeBSD 10.0-RELEASE, hypervisor bhyve (lisensi BSD) sudah menjadi bagian dari _base system_. Hypervisor adalah aplikasi yang bisa membuat dan menjalankan _virtual machine_ atau yang biasa disebut _guest_ di dalam sebuah sistem operasi. _Guest_ yang didukung oleh bhyve cukup banyak, termasuk FreeBSD, OpenBSD, dan banyak distribusi Linux. Saat ini bhyve hanya mendukung konsol serial dan tidak bisa menampilkan konsol grafik. Bhyve membutuhkan prosesor baru yang mendukung Intel Extended Page Tables (EPT) atau AMD Rapid Virtualization Indexing (RVI), yang dikenal juga sebagai Nested Page Tables (NPT). Untuk Linux atau FreeBSD _guest_ dengan vCPU (virtualCPU) membutuhkan dukungan VMX _unrestricted mode_ (UG). Cara termudah untuk mengecek dukungan prosesor untuk bhyve adalah dengan menjalankan #dmesg# atau melihat isi _/var/run/dmesg.boot_ untuk fitur #POPCNT# di baris #Features2# dan #EPT# dan #UG# di baris #VT-x#. Panduan yang cukup lengkap untuk menggunakan bhyve dapat diakses di [halaman ini](https://www.freebsd.org/doc/handbook/virtualization-host-bhyve.html) + +### VM-BHYVE + +Vm-bhyve adalah aplikasi yang dibuat oleh Matt Churchyard dan diletakkan di +repositori [Githubnya](https://github.com/churchers/vm-bhyve). Aplikasi ini +dapat digunakan untuk manajemen _guest_ yang lebih mudah menggunakan hypervisor +bhyve. Beberapa fitur yang ada di aplikasi ini adalah + +* Dukungan untuk _guest_ FreeBSD/NetBSD/OpenBSD/Linux + +* Perintah sederhana untuk membuat, menjalankan dan menghentikan _guest_ + (__create__, __start__, __stop__), + +* Konfigurasi file sederhana, + +* Switch virtual yang mendukung NAT dan VLAN + +* Dukungan untuk _filesystem_ ZFS + +* Konfigurasi otomatis _serial device_ untuk mengakses konsol _guest_ + +* Integrasi dengan __rc.d__ _startup/shutdown_ + +#### Instalasi VM-BHYVE + +_Clone_ repositori dari halaman GitHub + + # git clone https://github.com/churchers/vm-bhyve.git + +Untuk menjalankan _guest_ selain FreeBSD, instal __grub2-bhyve__ + + # pkg install grub2-bhyve + +Untuk memberikan layanan DHCP ketika menggunakan switch dengan mode NAT, instal +__dnsmasq__ + + # pkg install dnsmasq + +#### Konfigurasi VM-BHYVE + +Vm-bhyve membutuhkan sebuah direktori untuk menyimpan semua _virtual machines_ +dan konfigurasi vm-bhyve. Direktori tersebut dapat berupa ZFS _mountpoint_ atau +direktori biasa. + +Jika menggunakan ZFS, buat sebuah _mountpoint_ untuk vm-bhyve + + # zfs create pool/vm + +Setelah itu ubah file __/etc/rc.conf__ + + vm_enable="YES" + vm_dir="zfs:pool/vm" + +Jika menggunakan direktori biasa, buat direktori tersebut + + # mkdir /somepath/vm + +Setelah itu ubah file __/etc/rc.conf__ + + vm_enable="YES" + vm_dir="/somepath/vm" + +Inisialisasi konfigurasi vm-bhyve dan _kernel modules_ yang dibutuhkan + + # vm init + +Perintah ini cukup dijalankan sekali saja dan untuk seterusnya akan dijalankan +oleh __rc.d__ script. + +#### Template Virtual Machine + +Vm-bhyve menggunakan _template_ ketika membuat sebuah _guest_ atau _virtual +machine_. Semua template disimpan di direktori *vm_dir/.templates/*. Contoh +template dapat diperoleh dari direktori */usr/local/share/examples/vm-bhyve/*. + + # cp /usr/local/share/examples/vm-bhyve/* /somepath/vm/.templates/ + +Kita dapat mendefinisikan sendiri template yang kita inginkan. Untuk mengetahui +format template yang dibutuhkan dapat membaca sample-templates/config.sample +untuk mengetahui opsi-opsi yang ada di dalam template deskripsi dari +fungsi-fungsinya. + +#### Switch Virtual + +Ketika sebuah _guest_ dijalankan maka secara otomatis _guest_ tersebut akan +terkoneksi dengan switch virtual yang dicantumkan di dalam file konfigurasi. +Secara _default_ semua template sampel akan terkoneksi dengan switch bernama +'public'. + +Switch bisa dibuat dengan perintah berikut ini + + # vm switch create + +Mode bridge bisa langsung dijalankan dengan menambahkan _physical interface_ ke +switch virtual + + # vm switch add + +Jika hanya menginginkan mode NAT, jangan menambahkan _physical interface_ ke +switch virtual, cukup aktifkan mode NAT + + # vm switch nat on + +Secara otomatis mode NAT akan membuat sebuah jaringan privat pada switch dan +mengarahkan semua trafik melalui _default gateway_. Untuk mengaktifkan NAT +diperlukan __PF__ yang diaktifkan di file __/etc/rc.conf__ + +Untuk mengaktifkan vlan, cukup dengan memberikan nomor vlan yang diinginkan + + # vm switch vlan + +Untuk menon-aktifkan vlan, cukup dengan memberikan angka 0 sebagai nomor vlan + + # vm switch vlan 0 + +Konfigurasi switch yang sudah ada dapat dilihat menggunakan perintah + + # vm switch list + +#### Membuat Guest/Virtual Machine + +Untuk membuat _guest/virtual machine_ cukup jalankan perintah + + # vm create + # vm create -t -s + +Contoh pertama menggunakan template __default.conf__ dan akan membuat _disk +image_ sebesar 20GB. Sedangkan contoh kedua menggunakan template +_.conf_ dan akan membuat _disk image_ sebesar dalam +GB. + +Instalasi _guest/virtual machine_ membutuhkan file ISO instalasi sistem operasi +yang akan diinstal, _download_ file ISO contoh perintah sebagai berikut untuk +sistem operasi FreeBSD. + + # vm iso ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.1/FreeBSD-10.1-RELEASE-amd64-disc1.iso + +Untuk memulai instalasi, jalankan perintah berikut + + # vm install FreeBSD-10.1-RELEASE-amd64-disc1.iso + # vm console + +Setelah instalasi selesai, __reboot__ _guest_ dari konsol dan _guest_ akan +melakukan _booting_ ke sistem operasi yang telah diinstal (dengan asumsi +instalasi berhasil). Konsol menggunakan perintah __cu__ dan untuk kembali ke +_host_ gunakan kombinasi __~+Ctrl-D__. + +Perintah-perintah berikut menjalankan dan menghentikan _guest/virtual machine_ + + # vm start + # vm stop + +Konfigurasi dasar dan keadaan setiap _guest/virtual machine_ dapat dilihat +dengan perintah berikut + + # vm list + +Untuk menghentikan seluruh _guest/virtual machine_ secara bersamaan gunakan +perintah + + # vm stopall + +Agar _guest/virtual machine_ berjalan secara otomatis ketika _host_ melakukan +_booting_, tambahkan baris berikut ke dalam file __/etc/rc.conf__ + + vm_list="vm1 vm2" + vm_delay="5" + +*vm_delay* adalah variabel yang mengatur selang waktu dijalankannya setiap +_guest/virtual machine_. Terdapat juga perintah untuk mengubah konfigurasi +_guest/virtual machine_ menggunakan _default text editor_ dengan perintah +berikut + + # vm configure + +### Instalasi CentOS Guest dengan Instalasi melalui VNC + +CentOS adalah sistem operasi GNU/Linux sehingga membutuhkan instalasi +__grub2-bhyve__ agar dapat dijalankan sebagai _guest_ di hypervisor bhyve. +Ketika melakukan instalasi _guest/virtual machine_ dengan sistem operasi +CentOS, proses instalasi yang didukung ketika menggunakan konsol hanya proses +instalasi berbasis teks yang tidak memberikan pilihan konfigurasi yang lengkap. +Sebagai alternatif, dapat dilakukan instalasi berbasis grafis menggunakan VNC +yang diakses melalui jaringan. Metode ini membutuhkan instalasi dilakukan +dengan _guest/virtual machine_ terkoneksi switch dengan mode bridge dan kita +dapat mengakses jaringan _host_ + +Instalasi seperti biasa + + # vm create -t centos -s + # vm iso http://buaya.klas.or.id/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1511.iso + # vm install CentOS-7-x86_64-Minimal-1511.iso + # vm console + +Proses instalasi akan masuk ke sesi instalasi CentOS berbasis teks. Pada tahap +ini lakukan konfigurasi jaringan atau _network_ (Opsi nomor 7) sehingga _guest/virtual +machine_ terkoneksi dengan jaringan host pada saat proses instalasi. + +Sebelum terkoneksi + + Host name: localhost.localdomain + + 1) Set host name + 2) Configure device eth0 + Please make your choice from above ['q' to quit | 'c' to continue | + 'r' to refresh]: c + ================================================================================ + ================================================================================ + Installation + + 1) [x] Language settings 2) [!] Timezone settings + (English (United States)) (Timezone is not set.) + 3) [x] Installation source 4) [!] Software selection + (Local media) (Minimal Install) + 5) [!] Installation Destination 6) [x] Kdump + (No disks selected) (Kdump is enabled) + 7) [ ] Network configuration 8) [!] Root password + (Not connected) (Password is not set.) + 9) [!] User creation + (No user will be created) + Please make your choice from above ['q' to quit | 'b' to begin installation | + 'r' to refresh]: 7 + [anaconda] 1:main* 2:shell 3:log 4:storage-lo> Switch tab: Alt+Tab | Help: F1 + +Setelah terkoneksi + + Host name: localhost.localdomain + + 1) Set host name + 2) Configure device eth0 + Please make your choice from above ['q' to quit | 'c' to continue | + 'r' to refresh]: c + ================================================================================ + ================================================================================ + Installation + + 1) [x] Language settings 2) [!] Timezone settings + (English (United States)) (Timezone is not set.) + 3) [x] Installation source 4) [x] Software selection + (Local media) (Minimal Install) + 5) [!] Installation Destination 6) [x] Kdump + (No disks selected) (Kdump is enabled) + 7) [x] Network configuration 8) [!] Root password + (Wired (eth0) connected) (Password is not set.) + 9) [!] User creation + (No user will be created) + Please make your choice from above ['q' to quit | 'b' to begin installation | + 'r' to refresh]: + [anaconda] 1:main* 2:shell 3:log 4:storage-lo> Switch tab: Alt+Tab | Help: F1 + +Kemudian pindah ke tab nomor 2:shell dengan kombinasi __Ctrl-B+2__ dan jalankan perintah + + [anaconda root@localhost ~]# anaconda --vnc + Starting installer, one moment... + anaconda 21.48.22.56-1 for CentOS 7 started. + * installation log files are stored in /tmp during the installation + * shell is available on TTY2 + * when reporting a bug add logs from /tmp as separate text/plain attachments + 15:35:19 Starting VNC... + 15:35:21 The VNC server is now running. + 15:35:21 + + WARNING!!! VNC server running with NO PASSWORD! + You can use the vncpassword= boot option + if you would like to secure the server. + + + 15:35:21 Please manually connect your vnc client to :1 to begin the install. + + 15:35:21 Attempting to start vncconfig + + + + + + [anaconda] 1:main- 2:shell* 3:log 4:storage-lo> Switch tab: Alt+Tab | Help: F1 + +Akses instalasi grafis menggunakan VNC client dengan alamat port 1 +tanpa menggunakan password. Jika ingin menggunakan password maka jalankan perintah berikut ini + + [anaconda root@localhost ~]# anaconda --vnc --vncpassword password + +Untuk menjalankan VNC server dengan password akses 'password'. Berikut ini +adalah instalasi _guest/virtual machine_ dengan sistem operasi CentOS melalui +VNC. +![CentOS-VNC-BHYVE](/images/centos-vnc-bhyve.png) diff --git a/images/centos-vnc-bhyve.png b/images/centos-vnc-bhyve.png new file mode 100644 index 000000000000..6e56b050f2c0 Binary files /dev/null and b/images/centos-vnc-bhyve.png differ diff --git a/images/fastcgi.PNG b/images/fastcgi.PNG new file mode 100644 index 000000000000..0c14e835e12a Binary files /dev/null and b/images/fastcgi.PNG differ diff --git a/images/favicon.ico b/images/favicon.ico new file mode 100644 index 000000000000..f9d2f9496f74 Binary files /dev/null and b/images/favicon.ico differ diff --git a/images/lm35-arduino_bb.png b/images/lm35-arduino_bb.png new file mode 100644 index 000000000000..624be0304310 Binary files /dev/null and b/images/lm35-arduino_bb.png differ diff --git a/images/lm35-grafana-1.PNG b/images/lm35-grafana-1.PNG new file mode 100644 index 000000000000..13b0688e561f Binary files /dev/null and b/images/lm35-grafana-1.PNG differ diff --git a/images/nginx-1.PNG b/images/nginx-1.PNG new file mode 100644 index 000000000000..74836750d8cb Binary files /dev/null and b/images/nginx-1.PNG differ diff --git a/images/powercli1.PNG b/images/powercli1.PNG new file mode 100644 index 000000000000..15529bf90d88 Binary files /dev/null and b/images/powercli1.PNG differ diff --git a/images/powercli2.PNG b/images/powercli2.PNG new file mode 100644 index 000000000000..fbe2b911212a Binary files /dev/null and b/images/powercli2.PNG differ diff --git a/images/powercli3.PNG b/images/powercli3.PNG new file mode 100644 index 000000000000..af5fd2cfe6ff Binary files /dev/null and b/images/powercli3.PNG differ diff --git a/images/powercli4.PNG b/images/powercli4.PNG new file mode 100644 index 000000000000..d7cdce96fb78 Binary files /dev/null and b/images/powercli4.PNG differ diff --git a/images/powercli5.PNG b/images/powercli5.PNG new file mode 100644 index 000000000000..1e069ebd26b1 Binary files /dev/null and b/images/powercli5.PNG differ diff --git a/images/zimbrs.svg b/images/zimbrs.svg new file mode 100644 index 000000000000..6a7aa2831638 --- /dev/null +++ b/images/zimbrs.svg @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + + + +