go to https://api.slack.com/apps to create new app, get a api url https://api.slack.com/apps get existing secret (config) of alertmanager oc -n openshift-monitoring get secret alertmanager-main --template='' |base64 -d > alertmanager.yaml edit secret like this : in this example, receiver slack will be default receivier, every alert didn’t ...

this is a Openshift cluster build demo by ansible uses US-West AWS site EC2 example of US-West(N. California) role type cpu ram master01 r5a.xlarge 4 32 infra01 t3a.xlarge 4 16 compute01 c5.4xlarge 16 32 ...

in this example we will have subnet like this : region subnet zone_a zone_b N. California 172.31.0.0/16 172.31.0.0/24 172.31.1.0/24 Singapore 172.32.0.0/16 172.32.0.0/24 172.32.1.0/24 VPC > Create VPC (IPv4 CIDR block ...

This is the fix of Zabbix plugin for Grafana error : public/plugins/alexanderzobnin-zabbix-app/datasource-zabbix/module.js not found after update edit docker-compose to disable plugin auto update (backup ./grafana/data first): grafana-xxl: image: monitoringartist/grafana-xxl:latest ports: - "3000:3000" environment: - UPGRADEALL=...

apt install python-pip pip install elasticsearch-curator vi /srv/curator/curator.yml --- client: hosts: - 127.0.0.1 port: 9200 url_prefix: use_ssl: False certificate: client_cert: client_key: ssl_no_validate: False http_auth: timeout: 30 master_only: False logging: loglevel: INFO logfile: logformat: default ...

download helm repo add coreos https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/ helm fetch coreos/prometheus-operator helm fetch coreos/kube-prometheus tar -zxf kube-prometheus-0.0.105.tgz tar -zxf prometheus-operator-0.0.29.tgz vi prometheus-operator/values.yaml change following : prometheusConfigReloader: repository: quay.io/c...

saltstack - one of the alternatives of ansible, better function by installing agent (minion). TCP 4505、4506 port needed on all master and minion yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el7.noarch.rpm yum install salt-minion vi /etc/salt/minion change #master: salt to master: 192.168.1.101 (192.168.1.101 is m...

PGID and PUID can found by : id user user is your docker user create db and config folder : mkdir -p /srv/snipeit/volumes mkdir -p /srv/snipeit/config docker-compose.yml version: "3" services: snipeit: depends_on: - db image: linuxserver/snipe-it restart: always environment: APP_URL: https://snipeit.yourdoma...

if you need excel fit csv file cell by cell (separate by comma or semicolon), Add this on the first line of the CSV file: sep=; or sep=, save it and reopen

docker command docker run -it --rm --name certbot \ -v /srv/nginx/certs/letsencrypt:/etc/letsencrypt \ -v /var/log/letsencrypt:/var/log/letsencrypt \ -v /srv/nginx/www/letsencrypt:/var/www/.well-known \ quay.io/letsencrypt/letsencrypt -t certonly \ --agree-tos --renew-by-default \ --register-unsafely-without-email --agree-tos \ --...

Ubuntu cannot update because of boot partition full, take a snapshot before system change is always good. get kernel images not running : dpkg --list 'linux-image*'|awk '{ if ($1=="ii") print $2}'|grep -v `uname -r` output like below : linux-image-4.4.0-128-generic linux-image-extra-4.4.0-124-generic linux-image-extra-4.4.0-127-generic l...

docker-compose.yaml : version: "3" services: nginx: image: jwilder/nginx-proxy:alpine restart: always networks: - frontend ports: - "443:443" - "80:80" volumes: - ./volumes/ssl:/etc/nginx/certs - /var/run/docker.sock:/tmp/docker.sock:ro teampass: image: teampass/teampass restart: al...

wget https://raw.githubusercontent.com/helm/charts/master/stable/kubernetes-dashboard/values.yaml helm install stable/kubernetes-dashboard --name dashboard -f values.yaml login token : found replicaset-controller-token by kubectl -n kube-system get secret kubectl -n kube-system describe secret replicaset-controller-token-XXXXX

kurbernetes 3 master etcd and also worker HA ready example infrastructure : VIP of keepalived (loadblancer ip) : 192.168.0.100 k8s-node1 : 192.168.0.101 roles : etcd master worker haproxy keepalived k8s-node2 : 192.168.0.102 roles : etcd master worker haproxy keepalived k8s-node3 : 192.168.0.103 roles : etcd master worker haproxy keepalived a...

The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY just run : sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys yourpublickey apt-get update reference link : https://chrisjean.com/fix-apt-get-update-the-following-signatures-couldnt-be-verified-because-the-public-key-is-not-available/

install docker and kubernetes first : apt-get update apt-get install -y docker.io (use follow if you use rancher) curl https://releases.rancher.com/install-docker/17.03.2.sh | sh apt-get update apt-get install -y \ apt-transport-https \ ca-certificates \ curl \ software-properties-common curl -fsSL https://download.docker.com/l...

Cgroups, AKA control groups, use for control, limit, prioritization cpu, memory, IO resources, useful for linux container. enable cgroup : vi /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1" GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

Gen key : docker run --rm sentry config generate-secret-key replace generated key to !!!SECRET!!! in docker-compose.yml docker-compose.yml : version: '2' volumes: pgdb: services: redis: image: redis postgres: image: postgres environment: POSTGRES_USER: sentry POSTGRES_PASSWORD: sentry POSTGRES_DB: sen...

error when you exec some docker container : rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused “exec: "bash": executable file not found in $PATH” this error may appear when your container doesn’t have /bin/bash solution : use docker exec -it container_id /bin/sh instead of ...

place ``` {% raw %}content_with_special_charactors{% endraw %} end with ```

you can check docker logs by following command, useful for troubleshooting like connection problem : docker logs <container_id_or_name> clear the log by : echo "" > $(docker inspect --format='{{.LogPath}}' <container_id_or_name>)

Clonezilla will prompt a mbr/gpt mismatch error when cloning windows 10, because Windows 8 or 10 uses an MBR disk in legacy mode, but UEFI requires GPT. To prevent an unnecessary mistake, here comes a very useful software, easy to use, ssd support, fast, lightweight and FREEEEEEE! AOMEI Backupper is a Clonezilla live, Acronis True Image, Norto...

Beaver Builder plugin : an easy use drag and drop layout builder CloudFlare Flexible SSL : solve http/https problem behind CDN, not just CloudFlare, CDN such as kangle also worked Google Font Fix : solve user behind GFW loading google font problem JP Custom CSS : Custom CSS to override your website’s, cannot override css wi...

First, use div id to identify a button area : <div id="button01"><img src="https://yourdomain/button_area.webp" width="150 "></div> Then, use css to change image, first one is normal status, second one is hover status : #button01 { width: 150px; background: url(https://domain/yourimage.webp) no-repeat; background-size: 1...

Dumb things like Samsung ultrabook 530u with a mixed hdd contain both tradition hdd and ssd hdd, you cannot install windows by a normal way. Insert installation media (usb/dvd) Select Custom install to view partitions. Advanced > delete all partitions Press Shift+F10 to launch cmd > diskpart list disk, list part, usually tradit...

String: 192.168.0.2 regular expression : (\d+).(\d+).(\d+).(\d+) substitution : \1\2\3\4 result : 19216802 every ( ) represent a group, \d+ means any digits, all the line mean there are four groups between “.” and those group can only be digits. subsitution simply show goup1 group2 group3 group4

remove non-using docker containers with bash. vi remove_container.sh paste below : #!/bin/bash read -p "Press any key to remove non-using container, or ctrl+c to exit... " -n1 -s echo "begin remove" # Delete all stopped containers docker ps -q -f status=exited | xargs --no-run-if-empty docker rm # Delete all dangling (unused) images docke...

chkconfig no longer available in Ubuntu, systemctl is an alternate option for Ubuntu. Unlike sysv-rc-conf, it is an offical way. List service name : systemctl list-units can use grep like : systemctl list-units |grep "docker" or use / after systemctl list-units use enable to tell systemd to start services automatically at boot, like “chk...

add docker.service to system startup first : systemctl enable docker.service detail see : systemctl usage add restart: always like this : mysql: env_file: .env_mysql image: mysql:5.6 restart: always volumes: - /home/database:/var/lib/mysql env_file: - mysql_env add cron job, replace directory_has_dockercomposeyml to your...

A powershell script can auto detect vm guest which power on, then shutdown and wait until they are all complete. After vm guest shutdown confirmed, hypervisor will shutdown with confirmation. create a powershell script file and name it to shutdown.ps1 $vsphere="vcentername/ip" $hypervisor="hypervisorname/ip" $cred = Get-Credential Get-Module...

rkhunter, a software provide basic rootkit scan, easy to install and use install : apt-get install rkhunter update : rkhunter --update usage : manual : man rkhunter scan rootkit : rkhunter --checkall auto continue without pressing enter : rkhunter --checkall --skip-keypress reference link : http://rkhunter.sourceforge.net/ htt...

gzip is a common use compress tool, fast and easy to use. this will compress and replace filename with filename.gz it is useful when zipping single files like log : gzip filename unzip by gzip -d , this will also replace filename.gz with filename : gzip -d filename.gz a tricky thing, gzip -r will compress every single file inside director...

Not enough space in system disk, will cause cannot boot and many problems, there is a stupid but easy way to prevent, use fallocate to create a 1GB file, you can delete it to free the disk when there is urgent case. fallocate command basic syntax : fallocate -l Image_Size_Here /path/to/image.img for example, create a 1GB file : fallocate -l...

using hosts.allow and hosts.deny to control sshd connection in ubuntu please make sure your hosts.allow works first, or you will lost control after create hosts.deny. adding your ip range which allow using sshd for example 192.168.0.1/24 : vi /etc/hosts.allow sshd: 192.168.0.1/24 deny all other ip using sshd : vi /etc/hosts.deny sshd:all ...

There is a way to find your outgoing/public ip using google’s ns server, for security reason I do not recommend using curl/wget, using dig command is better : dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}' reference link : https://www.cyberciti.biz/faq/how-to-find-my-public-ip-address-from-command-line-on-a-...

There may be some tmp or cache folder you don’t need while backup, here is a simple script for tar and exclusion. Place it to same path to the folder you want to tar, fill in the variable below, src is target folder, dest is output path, exc1 is your first excluded folder, exc2 is second, you can extend exc3 by adding variable and add –exclude=...

A tool for dell server running esxi5 collecting hardware error place it to /tmp/ chmod 755 esxi5_tty.sh ./esxi5_tty.sh collect the result in /tmp/ Download it form github : esxi5_tty

Since Server2012 task manager become hard to use and details are hided. There are two suggested tools for troubleshooting. Two useful tools for troubleshooting, using tcpview to find out which program using your port or mass sending. Then use process explorer to find process and dll loaded. https://docs.microsoft.com/en-us/sysinternals/downloa...

A regular expression, regex or regexp (sometimes called a rational expression) is, in theoretical computer science and formal language theory, a sequence of characters that define a search pattern. This is a useful website for Regular expression testing https://regex101.com/ reference link : https://en.wikipedia.org/wiki/Regular_expression

login and get a line token from https://notify-bot.line.me click your name > My page > Generate token > select a group or 1-on-1 means send to you only vi /usr/lib/zabbix/alertscripts/LINE_Notify.sh #!/bin/sh export PATH="/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin" export LANG=C # LINE Notify API access token access...

vm monitoring according to our docker+zabbix post, there is an advanced use to monitor vmware docker+zabbix+postgresql+snmptrap+zabbix_agent for ubuntu docker or zabbix_server.conf setting you can see 4 lines added to /home/zabbix/server-pgsql/ubuntu/run_zabbix_component.sh # for vm ZBX_STARTVMWARECOLLECTORS=${ZBX_STARTVMWARECOLLECTORS:-"250...

robocopy is a powerful build in copy and backup tools since windows 7. usage : robocopy [[ ...]] [] a simple variable version: set src=c:\sourcefolder set dest=e:\destinationfolder set log=c:\temp\log.txt robocopy %src% %dest% /log:%log% pause you can add options like mir,backup mode, timestamp anythings you like. refernce link: https...

while advanced mass sender or mass sender installed, you cannot remove it by a normal way please backup your system and follow the steps : start > run > regedit ctrl+f find mass sender drop down those path you see at regedit delete those record at regedit contain mass send and reboot now you can go to those path and delete mass...

Before you start please go to https://support.symantec.com/en_US/article.INFO3983.html to check your linux kernels support or not, it is not advised to upgrade your kernel for install sep. install 32bit library before you start : (those are i386 libraries, cannot search by apt-cache search) sudo apt-get install ia32-libs sudo apt-get install l...

Some adware or homepage kidnap software may using chrome policies, after clearing the extensions and temp, cache, even reinstall chrome cannot solve the problem, you may try this. create this batch file and run as admin. Or run cmd as admin then cd to this file location and execute. @echo off IF NOT EXIST %WINDIR%\System32\GroupPolicy goto ne...

A website include all popular anti-virus online scanning, just upload a file and scan. [https://www.virustotal.com][https://www.virustotal.com]

When you install windows 7 to a usb3.0 only pc you will found that you cannot move your mouse, keyboard after boot from cd, I tried intel’s usb3.0 tool but no luck, it does not support lenovo drivers, usb3.0 still doesn’t work after installation, and finally I found this : Windows USB Installation Tool https://www.gigabyte.com/Support/Utility ...

ProtonMail is an end-to-end encrypted email, it uses client-side encryption to protect email contents and user data before they are sent to ProtonMail servers, in contrast to other common email providers such as Gmail and Hotmail. That means you cannot decrypt during transfer, even ISP and protonmail themselves cannot decrypt (at least at prense...

After uninstall a program like anti-virus or smartsheild, you still see it auto start after reboot, they usually hide in /system/library/cache or /system/library/user. To find them, use your terminal type this command : find / -name "your_target_program" then remove by : sudo rm -rif /path/to/your/target

install partclone by : apt-get update apt-get install partclone combine and extract clonezilla gzip file to img file : cat sda1.hfsplus-ptcl-img.gz.a* | gzip -d -c | partclone.restore -W -o /tmp/sda1.img -L /tmp/partclone.log image extracted can browse with hsexplorer: for windows browsing mac os x hfsplus image reference link : http://www....

If there is no other date format option or cannot change date format to your favourite in windows 10 setting, follow me 😎 use the search near start button, type control panel, enter Clock, Language and Region > Region (yes, not data and time, is Region) > Additional settings under format tab > date tab Now, you can customize your fav...

use vmcli to get both assigned and used cpu memory and harddisk information and gen a csv report install Windows Management Framework 4.0 : https://www.microsoft.com/en-us/download/details.aspx?id=40855 (don’t try to get 3.0, the patch cause my windows 7 sp1 crashed) install vmware powercli 6.5 : https://my.vmware.com/web/vmwa...

download the zip file from : https://github.com/deviantony/docker-elk unzip to /home/elk/ Folder Structure : /home/elk ├── elasticsearch │   ├── config │   └── data ├── extensions │   └── logspout ├── kibana │   └── config └── logstash ├── config └── pipeline and don...

often used : tree -a print all file, do not pirnt hidden files tree -d list directories only tree -f show full path -o filename output result to a custom file Combo with grep : tree -a /var/log |grep gz list all gz file under /var/log practice : tree -a /var/log -o /tmp/log.txt |grep gz now cat /tmp/log.txt to see the result

you cannot click or touch kaspersky when you are in remote session or teamviewer, vnc go to options, untick the enable self-defense, apply reference link : https://support.kaspersky.com/5241 http://www.inetnj.com/?page_id=643

get your login by choosing starter https://freedns.afraid.org/pricing/ finish the form and verify by email https://freedns.afraid.org/domain/registry/ pick a domain listed (better a public one, if you choose a private one, you will need the admin to confirm your subdomain registry) enter your subdomain and destination IP, usually we don’t need...

1. Download atom 2. install atom package sync-setting 3. get your token here : https://github.atom.io/auth/github_package/token 4. get your personal access token here : https://github.com/settings/tokens > generate new token > select gist 5. copy your token and add it to package setting

1. Download atom 2. On the welcome screen, click to go to 'git' 3. create or open an existing project 4. On Github panel, login with authentication token get your token here : https://github.atom.io/auth/github_package/token 5. Open project 6. On github preview, see message about not being able to automatically pin 7. Enter URL of pull request ...

snmp install apt-get update apt-get install snmp snmp-mibs-downloader apt-get install snmpd two ways to find snmp directory net-snmp-config --default-mibdirs or snmptranslate -Dinit_mib .1.3 2>&1 |grep MIBDIR snmp.conf path /etc/snmp/snmp.conf

flush ip address after vi interface ip addr flush ens160 service networking restart Show ip info ip addr show

Both “service host local system” and “compatTelRunner” are used for windows update. They use up lots of resources for only checking the compatibility of windows update, especially from 7 to 10 Disable them by following steps: service host local system high usage disable superfatch in services.msc compatTelRunner taskschd.msc > T...

check inode used : df -ih will show something like : /dev/mapper/ubuntu--vg-root show filesystem : blkid /dev/mapper/ubuntu--vg-root

1. add host configuration > hosts > create host > host name (for example : test.local) new groups : webserver agent interfaces ip address : 127.0.0.1 <– just add ip, doesn’t need agent update 2. add web scenarios configuration > hosts > click web at your created host > create web scenario scenario name : availability...

zabbix config goto administration > media types > create media type name : gmail-auth-smtp type : Script Script name : gmail-auth-smtp.py Script parameters : {ALERT.SENDTO} {ALERT.SUBJECT} {ALERT.MESSAGE} goto administration > users > admin > media add media type : gmail-auth-smtp send to : your@email.com select your alert lev...

place this on top import logging logging.basicConfig(filename='/var/log/custom.log', level=logging.DEBUG, format='%(asctime)s - %(levelname)s - %(message)s') logger = logging.getLogger(__name__) logging.debug('this is a debug message.') place your debug message anywhere you like : logger.debug('this is the array: %s',sys.argv[1]) in thi...

1. download the dockerfiles and structure : dockerfiles&structure structure : /home/zabbix ├── agent ├── server-pgsql ├── snmptraps ├── web-nginx-pgsql └── zbx_env ├── etc ├── usr └── var 2. place docker-compose.yml place docker-compose.yml to /home/zabb...

useful when there is no nmlic and brctl installed or configured but still bridge running, and they still here after reboot show docker controlled network docker network ls delete non-using docker bridge docker network prune some useful docker command : rebuild docker with no cache docker-compose build --no-cache

run cmd as admin netsh firewall set portopening protocol = TCP port = 1433 name = SQLPort mode = ENABLE scope = SUBNET profile = CURRENT netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN

apt-get update apt-get install apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - apt-key fingerprint 0EBFCD88 verify key fingerprint: Key fingerprint = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 add-apt-repository "deb [arch=amd64] http...

🔺 🔺 🔺 please make sure you want to delete history of zabbix before you execute files in this procedure 🔺 🔺 🔺 create and config sh file vi purge.sh #!/bin/bash read -r -p "Are You Sure to purge old data from zabbix? [Y/n] " input case $input in [yY][eE][sS]|[yY]) echo "purge start" psql -Uzabbix -dzabbix -a -f "./purge.sql" echo "purge...

install begin cd ~/Downloads wget http://repo.zabbix.com/zabbix/3.4/ubuntu/pool/main/z/zabbix-release/zabbix-release_3.4-1+xenial_all.deb dpkg -i zabbix-release_3.4-1+xenial_all.deb apt-get update cat /etc/apt/sources.list.d/zabbix.list should added deb-src http://repo.zabbix.com/zabbix/3.4/ubuntu xenial main apt-get install nginx postg...