Author Archives: Vitalijus Ryzakovas

Elasticsearch settings for single-node cluster

Update default template:
curl -X PUT http://localhost:9200/_template/default -H ‘Content-Type: application/json’ -d ‘{“index_patterns”: [“*”],”order”: -1,”settings”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’

If yellow indices exist, you can update them with:
curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’

If error: {“error”:{“root_cause”:[{“type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”}],”type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”},”status”:403}

curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“blocks”: {“read_only_allow_delete”: “false”}}}’

Device /dev/sdb excluded by a filter.

vgextend my-lv /dev/sdb
Device /dev/sdb excluded by a filter.

wipefs -a /dev/sdb
/dev/sdb: 8 bytes were erased at offset 0x00000200 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 8 bytes were erased at offset 0x77ffffe00 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 2 bytes were erased at offset 0x000001fe (PMBR): 55 aa

vgextend my-lv /dev/sdb
Physical volume “/dev/sdb” successfully created.
Volume group “my-lv” successfully extended

ansible create user and upload ssh key

---
- hosts: all_servers
vars:
ansible_python_interpreter: auto_legacy_silent
users:
- "user1"
- "user2"
- "user2"
tasks:
- name: "Ensure group admin exists"
group:
name: admin
state: present
- name: "Create user accounts"
user:
name: "{{ item }}"
groups: "admin"
shell: /bin/bash
with_items: "{{ users }}"
- name: "Add authorized keys"
authorized_key:
user: "{{ item }}"
key: "{{ lookup('file', 'files/'+ item + '.pub') }}"
with_items: "{{ users }}"
- name: "Allow admin users to sudo without a password"
lineinfile:
dest: "/etc/sudoers" # path: in version 2.3
state: "present"
regexp: "^%admin"
line: "%admin ALL=(ALL) NOPASSWD: ALL"

Create SSH user keys in files directory:

ssh-keygen -t rsa -f ~/files/user1.pub -C user1
ssh-keygen -t rsa -f ~/files/user2.pub -C user2
ssh-keygen -t rsa -f ~/files/user3.pub -C user3

Run ansible yaml:
ansible-playbook users_create.yaml

That will create 3 users in all_servers group with sudo privileges.

ispconfig 8080 enable ssl

cd /usr/local/ispconfig/interface/ssl/
mv ispserver.crt ispserver.crt-$(date +"%y%m%d%H%M%S").bak
mv ispserver.key ispserver.key-$(date +"%y%m%d%H%M%S").bak
mv ispserver.pem ispserver.pem-$(date +"%y%m%d%H%M%S").bak
ln -s /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.crt ispserver.crt
ln -s  /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.key ispserver.key
cat ispserver.{key,crt} > ispserver.pem
chmod 600 ispserver.pem

Where XXX web number

Convert OpenVZ to LXC


Convert OpenVZ VM to LXC VM

Install same version lxc OS
lxc launch ubuntu:20.04 lxc-server
lxc stop lxc-server

rm -rf /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs
mkdir /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs

On Ubuntu 20.04 OpenVZ VM run:
rsync -avz -e ssh --exclude=etc/inittab --exclude=etc/network/interfaces --exclude=dev/ --exclude=sys/ --exclude=proc/ / [email protected]:/var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/

vim /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces
auto lo
iface lo inet loopback
source /etc/network/interfaces.d/*.cfg

mkdir /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces.d/
vim /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces.d/eth0.cfg
# The primary network interface
auto eth0
iface eth0 inet dhcp

lxc start lxc-server

For sure you need to stop MySQL/PostgreSQL before rsync or if huge database you can resync database after syncing data from OpenVZ server

apt install keep skip alternatives


To keep php7.2 default
before apt change priority value 72 -> 92 to keep this value biggest

/var/lib/dpkg/alternatives/php
/var/lib/dpkg/alternatives/php-fpm.sock

update-alternatives --query php
Name: php
Link: /usr/bin/php
Slaves:
php.1.gz /usr/share/man/man1/php.1.gz
Status: auto
Best: /usr/bin/php7.2
Value: /usr/bin/php7.2

Alternative: /usr/bin/php7.2
Priority: 92
Slaves:
php.1.gz /usr/share/man/man1/php7.2.1.gz

Alternative: /usr/bin/php7.4
Priority: 74
Slaves:
php.1.gz /usr/share/man/man1/php7.4.1.gz