nmap (Network Mapper) is an open source tool for network exploration and security auditing and a powerfull port scanner. It can be used locally on localhost as netstat alternative, but it’s main use case is to scan remote hosts for open ports, system type, running services, etc…
Read More
Some Linux distributions (for example: RedHat) have aliases configured in the system, especially for root user, which modify basic command line operations like: cp, mv by adding “-i” parameter to prevent user from accidental overwriting or deleting files (interactive mode). This can be disturbing, especially when we are dealing with many files at a time. To get rid of this issue we can modify aliases in the system to disable interactive mode.
Read More
The administration of the large-scale production cloud environments requires the management of dozens of customer’s virtual servers (OpenStack Instances) in the cloud on the daily basis. Manual configuration of the multiple newly created Instances in the OpenStack cloud at a time would be problematic for cloud administrators. Luckily, OpenStack is equipped with metadata service cooperating with the so-called cloud-init script, which together do the magic of automated Instances’ mass configuration.
Metadata service runs usually on Controller node in multi-node environment and is accessible by the Instances running on Compute nodes to let them retrieve instance-specific data, like IP address or hostname. Instances access metadata service at http://169.254.169.254. The HTTP request from Instance either hits the router or DHCP namespace depending on the route in the Instance. The metadata proxy service adds Instance IP address and Router ID information to the request. The metadata proxy service sends this request to neutron-metadata-agent. The neutron-metadata-agent service forwards the request to the nova-api-metadata server, by adding some new headers, i.e. Instance ID, to the request. The metadata service supports two sets of APIs: an OpenStack metadata API and an EC2-compatible API.
OpenStack Snapshots can be utilized to backup Instance before some critical changes are made on Instance OS or to migrate Instance to the new OpenStack Cloud.
In this tutorial we will create snapshot from existing Instance to launch it in different Cloud, but you can also create snapshot just to backup the Instance and restore it’s state later in the same Cloud, if needed.
Read More
After OpenStack installation it can turn out, that the IP allocation pool of the subnet, we have just created is too small. If the allocation pool refers to public / provider network, we will quickly run out of free Floating IPs. Moreover, OpenStack Dashboard (Horizon) doesn’t provide the ability to extend or modify subnet IP alocation pool of already created subnet with already allocated IPs. But we can use dirty workaround and manually edit MariaDB which stores Openstack configuration data.
Read More
LUKS (Linux Unified Key Setup) is encryption standard designed for Linux to encrypt Linux volumes or partitions. The implementation of LUKS is based on cryptsetup script as a basic disk encryption backend tool.
In this tutorial we will create Linux partition on KVM based CentOS 7, encrypt partition using LUKS cryptsetup and mount it permanently in particular mount point.
Read More