Setup Docker Local Registry

Private registry adalah tempat penyimpanan image docker secara internal sehingga image tidak harus ditambahkan ke hub.docker.com

(more…)

Install AWX on Centos 7.5

edit hostname

nano /etc/hosts
127.0.0.1	awx

install epel & update

yum install -y epel-release
yum repolist
yum -y update

install requirement packet

curl -fsSL https://get.docker.com/ | sh
yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced

start docker

systemctl start docker
systemctl enable docker

verification

docker -v
ansible --version

clone ansible awx

git clone https://github.com/ansible/awx.git
cd awx/
git clone https://github.com/ansible/awx-logos.git
cd installer/

edit inventory

nano inventory

postgres_data_dir=/var/lib/pgdocker
awx_official=true
awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
project_data_dir=/var/lib/awx/projects

view inventory

cat inventory |grep -v "#"

install ansible awx

ansible-playbook -i inventory install.yml -vv

check awx is deploy

docker container ls

 

Installing Postgresql 10 with repmgr and pgpool-II

repmgr is an open-source tool suite for managing replication and failover in a cluster of PostgreSQL servers. It enhances PostgreSQL’s built-in hot-standby capabilities with tools to set up standby servers, monitor replication, and perform administrative tasks such as failover or manual switchover operations.

Berikut daftar server yang harus disiapkan :

  • Master DB : 10.200.200.10
  • Standby DB : 10.200.200.20
  • pgpool2 : 10.200.200.30

pada master dan standby server, install postgresql 10 dan repmgr

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo apt-get update
sudo apt-get install postgresql-10

sudo sh -c 'echo "deb https://apt.2ndquadrant.com/ $(lsb_release -cs)-2ndquadrant main" > /etc/apt/sources.list.d/2ndquadrant.list'
curl https://apt.2ndquadrant.com/site/keys/9904CD4BD6BAF0C3.asc | sudo apt-key add -
sudo apt-get update
apt-get install postgresql-10-repmgr

pada master dan standby server, buat user untuk repmgr

sudo -i -u postgres
createuser --replication --createdb --createrole --superuser repmgr
psql -c 'ALTER USER repmgr SET search_path TO repmgr_test, "$user", public;'
createdb repmgr --owner=repmgr

pada master dan standby server dan user postgres,  generate ssh-keygen dan masukan kedalam database lawannya :

ssh-keygen
# Paste ssh key id_rsa.pub on other servers
nano .ssh/authorized_keys

testing ssh

# On Master
ssh 10.200.200.20
# On Standby
ssh 10.200.200.10

edit postgres configuration pada master dan standby server

exit
cd /mnt
mkdir server
mkdir server/archivedir
cd ~
sudo nano /etc/postgresql/10/main/postgresql.conf

listen_addresses = *
shared_preload_libraries = 'repmgr'
wal_level = replica
archive_mode = on
archive_command = 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f'
max_wal_senders = 5
wal_keep_segments = 64
max_replication_slots = 5
hot_standby = on

edit konektivitas postgresql pada master dan standby server

sudo nano /etc/postgresql/10/main/pg_hba.conf

host    repmgr             repmgr          10.200.200.10/32     trust
host    repmgr             repmgr          10.200.200.20/32     trust

host    replication        repmgr          10.200.200.10/32     trust
host    replication        repmgr          10.200.200.20/32     trust

restart postgresql pada master dan standby server

systemctl restart postgresql@10-main

pada master node :

sudo su postgres
psql 'host=10.200.200.20 dbname=repmgr user=repmgr'

pada standby node :

sudo su postgres
psql 'host=10.200.200.10 dbname=repmgr user=repmgr'

buat cluster configuration pada master node :

sudo nano /etc/repmgr.conf

node_id = 1
node_name = 'node1'
conninfo = 'host=10.200.200.10 user=repmgr dbname=repmgr'
data_directory='/var/lib/postgresql/10/main'
use_replication_slots = 1
reconnect_attempts=5
reconnect_interval=1
failover=automatic
pg_bindir='/usr/lib/postgresql/10/bin'
promote_command='repmgr standby promote -f /etc/repmgr.conf'
follow_command='repmgr standby follow -f /etc/repmgr.conf'
log_level=INFO
log_file='/var/log/postgresql/repmgr.log

buat cluster configuration pada standby node :

sudo nano /etc/repmgr.conf

node_id = 2
node_name = 'node2'
conninfo = 'host=10.200.200.20 user=repmgr dbname=repmgr'
data_directory='/var/lib/postgresql/10/main'
use_replication_slots = 1
reconnect_attempts=5
reconnect_interval=1
failover=automatic
pg_bindir='/usr/lib/postgresql/10/bin'
promote_command='repmgr standby promote -f /etc/repmgr.conf'
follow_command='repmgr standby follow -f /etc/repmgr.conf'
log_level=INFO
log_file='/var/log/postgresql/repmgr.log

allow automatic failover pada master dan standby node :

nano /etc/default/repmgrd

REPMGRD_ENABLED=yes
REPMGRD_CONF="/etc/repmgr.conf"

sudo service repmgrd restart

registrasi cluster pada master node :

su - postgres
repmgr primary register
repmgr cluster show

registrasi cluster pada standby node :

sudo service postgresql@10-main stop
sudo service repmgrd stop

sudo su postgres
rm -rf /var/lib/postgresql/10/main
repmgr -h 10.200.200.10 -U repmgr -d repmgr -f /etc/repmgr.conf standby clone

exit
sudo service postgresql@10-main start

sudo su postgres
repmgr -f /etc/repmgr.conf standby register
repmgr cluster show

pada pgpool-ii node, instlal pgpool-ii :

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo apt-get update
# Check your os version before running the below command using lsb_relase -a
sudo apt-get install pgpool2=3.7.5-2.pgdg18.04+1

edit pgpool-ii configuration file pada pgpool-ii node :

sudo nano /etc/pgpool2/pgpool.conf

listen_addresses = '*'
port = 5432

backend_hostname0 = '10.200.200.10'
backend_port0 = 5432
backend_weight0 = 1
backend_data_directory0 = '/var/lib/postgresql/10/main/'
backend_flag0 = 'ALLOW_TO_FAILOVER'

backend_hostname1 = '10.200.200.20'
backend_port1 = 5432
backend_weight1 = 1
backend_data_directory1 = '/var/lib/postgresql/10/main/'
backend_flag1 = 'ALLOW_TO_FAILOVER'

load_balance_mode = on
master_slave_mode = on
master_slave_sub_mode = 'stream'
sr_check_user = 'pgpool'
sr_check_database = 'pgpool'

health_check_period = 30
health_check_timeout = 20
health_check_user = 'pgpool'
health_check_password = ''
health_check_database = 'pgpool'
health_check_max_retries = 5
health_check_retry_delay = 20
connect_timeout = 10000

buat pgpool user dan password pada master node

sudo su postgres
psql 
create user pgpool;
create database pgpool;
GRANT ALL PRIVILEGES ON DATABASE "pgpool" to pgpool;

edit konektivitas pada master dan standby node :

sudo nano /etc/postgresql/10/main/pg_hba.conf
host all all 0.0.0.0/0  password
host    pgpool             pgpool          10.200.200.30/32    trust

sudo service postgresql@10-main restart

lihat apakah cluster masih aktif pada master dan standby node :

su - postgres
repmgr cluster show

restart pgpool-ii node :

sudo service pgpool2 restart
sudo service pgpool2 status

Building Postgres-BDR Cluster in Ubuntu 18.04

Untuk membuat postgres-BDR cluster yang merupakan clustering master-to-master, versi postgres yang didukung hanya versi 9.4 dan pada ubuntu 18.04, harus melakukan building postgresnya secara manual. siapkan 2 node untuk database

  • Server DB 1 : 10.200.200.100
  • Server DB 2 : 10.200.200.110

ganti semua repository pada semua server :

sudo nano /etc/apt/sources.list

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://id.archive.ubuntu.com/ubuntu/ bionic main restricted
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://id.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://id.archive.ubuntu.com/ubuntu/ bionic universe
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic universe
deb http://id.archive.ubuntu.com/ubuntu/ bionic-updates universe
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
## team, and may not be under a free licence. Please satisfy yourself as to 
## your rights to use the software. Also, please note that software in 
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://id.archive.ubuntu.com/ubuntu/ bionic multiverse
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic multiverse
deb http://id.archive.ubuntu.com/ubuntu/ bionic-updates multiverse
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic-updates multiverse

## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://id.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse
# deb-src http://id.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu bionic partner
# deb-src http://archive.canonical.com/ubuntu bionic partner

deb http://security.ubuntu.com/ubuntu bionic-security main restricted
# deb-src http://security.ubuntu.com/ubuntu bionic-security main restricted
deb http://security.ubuntu.com/ubuntu bionic-security universe
# deb-src http://security.ubuntu.com/ubuntu bionic-security universe
deb http://security.ubuntu.com/ubuntu bionic-security multiverse
# deb-src http://security.ubuntu.com/ubuntu bionic-security multiverse

install depedency untuk postgresql pada semua server :

sudo su
cd ~
sudo sh -c 'echo "deb-src http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main 9.4" > /etc/apt/sources.list.d/pgdg.list'
sudo apt-get install wget ca-certificates unzip
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get build-dep postgresql-9.4

Build Postgresql pada semua server :

wget https://github.com/2ndQuadrant/bdr/archive/bdr-pg/REL9_4_12-1.tar.gz
tar -xzvf REL9_4_12-1.tar.gz
cd ~/bdr-bdr-pg-REL9_4_12-1
./configure --prefix=/usr/lib/postgresql/9.4 --enable-debug --with-openssl
make -j4 -s install-world
cd ..

Build BDR untuk clustering pada semua server :

wget https://github.com/2ndQuadrant/bdr/archive/bdr-plugin/1.0.6.zip
unzip 1.0.6.zip
cd ~/bdr-bdr-plugin-1.0.6
PATH=/usr/lib/postgresql/9.4/bin:"$PATH" ./configure
make -j4 -s all
make -s install
cd ..

Create user postgres pada semua server :

cd ~
useradd postgres
passwd postgres
mkdir -p /var/lib/postgresql
chown postgres:postgres /var/lib/postgresql
sudo usermod -d /var/lib/postgresql postgres

Inisialisasi postgres pada semua server :

su -l postgres
export PATH=/usr/lib/postgresql/9.4/bin:$PATH
mkdir ~/9.4-bdr
initdb -D ~/9.4-bdr -A trust

edit postgres configuration pada semua server :

nano ~/9.4-bdr/postgresql.conf

listen_addresses = '*'
shared_preload_libraries = 'bdr'
wal_level = 'logical'
track_commit_timestamp = on
max_connections = 100
max_wal_senders = 10
max_replication_slots = 10
max_worker_processes = 10

edit akses postgres pada semua server :

nano ~/9.4-bdr/pg_hba.conf

local   replication     postgres                        trust
host    replication     postgres        127.0.0.1/32    trust
host    replication     postgres        ::1/128         trust

host all all 0.0.0.0/0  password

host replication postgres 10.200.200.100/32 trust
host replication postgres 10.200.200.110/32 trust

host replication bdrsync 10.200.200.100/32 password
host replication bdrsync 10.200.200.110/32 password

start postgres pada semua server :

pg_ctl -l ~/log -D ~/9.4-bdr start

buat akun untuk singkronisasi pada semua server :

psql -c "CREATE USER bdrsync superuser;"
psql -c "ALTER USER bdrsync WITH PASSWORD '12345#';"

buat akun dan database dummy untuk testing pada semua server :

createuser test_user
createdb -O test_user test_db
psql
alter user test_user with encrypted password 'test_pass';
grant all privileges on database test_db to test_user;

\c test_db
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO test_user;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO test_user;
\q

tambahkan BDR extension ke database pada semua server :

psql test_db -c 'CREATE EXTENSION btree_gist;'
psql test_db -c 'CREATE EXTENSION bdr;'

pada server DB 1 :

psql
\c test_db
SELECT bdr.bdr_group_create(
    local_node_name := 'node1',
    node_external_dsn := 'host=10.200.200.100 user=bdrsync dbname=test_db password=12345#'
);

pada server DB 2 :

psql
\c test_db
SELECT bdr.bdr_group_join(
    local_node_name := 'node2',
    node_external_dsn := 'host=10.200.200.110 user=bdrsync dbname=test_db password=12345#',
    join_using_dsn := 'host=10.200.200.100 user=bdrsync dbname=test_db password=12345#'
);

Lihat koneksi cluster :

select * from bdr.bdr_nodes;
select * from bdr.bdr_connections;

Cluster postgresql sudah terbuat. silahkan ditesting.

Fixing Ubuntu 18.04 Duplicate DHCP Address when Clone from KVM

kejadian ini saya alami saat melakukan cloning terhadap Ubuntu 18.04 Server yang sudah terinstall (cukup clone dan langsung bisa digunakan). Setiap IP DHCP yang didapatkan kesemua clone tersebut adalah sama. masalahnya terjadi pada machine ID yang sama, ganti satu atau beberapa id dengan karakter yang berbeda.

/etc/machine-id

 

Postgresql 10 Logical Replication

saya menggunakan 2 server database (ubuntu 18.04), yaitu :

  • 192.168.123.247 sebagai publisher
  • 192.168.123.232 sebagai subscriber

Pada semua server, lakukan instalasi postgresql terlebih dahulu (versi 10), setelah itu edit /etc/postgresql/10/main/postgresql.conf

listen_addresses = '*'
port = 5432

dan edit juga /etc/postgresql/10/main/pg_hba.conf

host   all        all    0.0.0.0/0      md5

lalu restart postgresql

sudo systemctl restart postgresql

Publisher server

pada server publisher, edit wal_level menjadi logical

nano /etc/postgresql/10/main/postgresql.conf
...
wal_level = logical 
...

lalu restart postgresql

sudo systemctl restart postgresql

pada server publisher, buat database dan username

sudo su - postgres
psql

CREATE DATABASE testdb;
\c testdb
CREATE TABLE article(idart int primary key,name varchar(10), quantity int);

CREATE ROLE rep REPLICATION LOGIN PASSWORD 'Password';
GRANT ALL ON article TO rep;

setelah itu isi tabel artikel

INSERT INTO article (idart, name, quantity) VALUES (1, 'articolo1', 20);
INSERT INTO article (idart, name, quantity) VALUES (2, 'articolo2', 50);

lalu create publication

CREATE PUBLICATION mypub FOR TABLE article;
\dRp+

Subscriber server

buat database serta tabel yang sama dengan publisher

sudo su - postgres
psql

CREATE DATABASE testdb;
\c testdb
CREATE TABLE article(idart int primary key,name varchar(10), quantity int);

lalu subscribe kedalam publisher

CREATE SUBSCRIPTION mysub CONNECTION 'dbname=testdb host=192.168.123.247 user=rep password=Password port=5432' PUBLICATION mypub;

lalu cek tabel, otomatis akan terisi dari server publisher

table article;

Testing

untuk melakukan testing, tambahkan data atau hapus data pada server publisher

INSERT INTO article (idart, name, quantity) VALUES (3, 'articolo3', 70);
INSERT INTO article (idart, name, quantity) VALUES (4, 'articolo4', 70);

lalu cek tabel pada server subscriber.

Secure Prometheus Exporter in Apache2

pada dasarnya, exporter prometheus ataupun prometheusnya sendiri tidak menyediakan authentikasi apapun (bawaan tidak ada), maka kita harus menambahkannya sendiri, authentifikasi ini dapat menggunakan apache2.

aktifkan proxy pada apache2

sudo a2enmod proxy
sudo a2enmod proxy_http

modifikasi file virtual host, pada use cases kali ini pada default vhost, redirect semua trafik dari / kedalam localhost:9100 sehingga akses ke exporter menjadi ip/ tanpa port.

<VirtualHost *:80>
    ProxyPreserveHost On
    ProxyPass / http://localhost:9100/
    ProxyPassReverse / http://localhost:9100/
    <Location />
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
    </Location>
</VirtualHost>

buat user dan passwordnya

sudo htpasswd -c /etc/apache2/.htpasswd username
password: password

reload apache2

sudo systemctl reload apache2

 

Install Remote GNS3 Server

GNS3 adalah platform yang sangat bagus, jika kita memiliki komputer low end yang memang kurang pas untuk menjalankan GNS3 Server. kita dapat menginstall compute core GNS3 (GNS3 Server) di node lain seperti di cloud atau dedicated server.

caranya cukup mudah, siapkan ubuntu server 16.04, lalu jalankan sebagai root :

sudo su
cd /tmp
curl https://raw.githubusercontent.com/GNS3/gns3-server/master/scripts/remote-install.sh > gns3-remote-install.sh
bash gns3-remote-install.sh --with-iou --with-i386-repository

jika ingin merubah konfigurasi port untuk melakukan telnet (apabila tersedia hanya 1 public ip untuk digunakan bersama, cukup konfigurasi port forwarding untuk port 3080 dan port 5100 sampai 6000)  cukup rubah didalam :

nano /etc/gns3/gns3_server.conf 

host = 0.0.0.0
port = 3080
images_path = /opt/gns3/images
projects_path = /opt/gns3/projects
appliances_path = /opt/gns3/appliances
configs_path = /opt/gns3/configs
report_errors = True
console_start_port_range = 5100
console_end_port_range = 6000
auth = True
user = www
password = ahaha
[Qemu]
enable_kvm = True
require_kvm = True

lalu silahkan konfigurasi GNS3 Client.

Fix Dropbox Icon in Elementary wingpanel

sudo nano /usr/share/applications/dropbox.desktop

Lalu ganti Exec dengan :

Exec=env XDG_CURRENT_DESKTOP=Unity QT_STYLE_OVERRIDE='' dropbox start

Lalu, matikan dropbox terlebih dahulu, dan jalankan lewat icons.

Instalasi NFS Server

Berikut lingkungan yang digunakan untuk instalasi NFS Server :

  • Sistem Operasi Ubuntu 16.04
  • IP Address Statik Server (10.101.101.40)
  • IP Address Statik Clinet (10.101.101.10)

Proses Instalasi

Lakukan update serta install paket utama.

apt-get update
apt-get install nfs-kernel-server

Buat folder yang digunakan untuk melakukan sharing.

mkdir /var/nfsshare

Rubah Ownership dari folder tersebut.

chown nobody:nogroup /var/nfsshare

Tambahkan directory tersebut kedalam konfigurasi NFS.

nano /etc/exports
.
.
/var/nfsshare 10.101.101.10(rw,sync,no_subtree_check)

Lakukan update kedalam NFS table.

exportfs -a

Start NFS Services

service nfs-kernel-server start

Cek Status NFS

exportfs -u

 

1 2