Author Archive

How to install Google cloud platform(GCP) sdk – gcloud cli tool


The instructions below were testing in Ubuntu Linux.

gcloud is the command line interface(CLI) tool for interacting with GCP services. Per Google’s product overview page for gcloud – “The Cloud SDK is a set of tools for Cloud Platform. It contains gcloud, gsutil, and bq, which you can use to access Google Compute Engine, Google Cloud Storage, Google BigQuery, and other products and services from the command-line. You can run these tools interactively or in your automated scripts”.

Let us download, install and initialize this tool in an interactive manner, accept all default settings for all prompts –

$ curl https://sdk.cloud.google.com | bash && exec -l $SHELL
$ gcloud init
If above installation steps go well, check its version –
$ gcloud version
Google Cloud SDK 224.0.0
bq 2.0.36
core 2018.11.02
gsutil 4.34
 
A simple way to validate if the CLI is working as expected is to list all the GCP regions –
$ gcloud compute regions list
NAME                     CPUS  DISKS_GB  ADDRESSES  RESERVED_ADDRESSES  STATUS  TURNDOWN_DATE
asia-east1               0/8   0/2048    0/8        0/1                 UP
asia-east2               0/8   0/2048    0/8        0/1                 UP
asia-northeast1          0/8   0/2048    0/8        0/1                 UP
asia-south1              0/8   0/2048    0/8        0/1                 UP
asia-southeast1          0/8   0/2048    0/8        0/1                 UP
australia-southeast1     0/8   0/2048    0/8        0/1                 UP
europe-north1            0/8   0/2048    0/8        0/1                 UP
europe-west1             0/8   0/2048    0/8        0/1                 UP
europe-west2             0/8   0/2048    0/8        0/1                 UP
europe-west3             0/8   0/2048    0/8        0/1                 UP
europe-west4             0/8   0/2048    0/8        0/1                 UP
northamerica-northeast1  0/8   0/2048    0/8        0/1                 UP
southamerica-east1       0/8   0/2048    0/8        0/1                 UP
us-central1              0/8   0/2048    0/8        0/1                 UP
us-east1                 2/8   31/2048   2/8        0/1                 UP
us-east4                 0/8   0/2048    0/8        0/1                 UP
us-west1                 0/8   0/2048    0/8        0/1                 UP
us-west2                 0/8   0/2048    0/8        0/1                 UP

Only the core components of the gcloud sdk are installed during initial installation. For any additional component to interact with GCP, you have to install the additional component. For instance, to install the component for interactive with Google Kubernetes Engine(GKE) you have to install kubectl


gcloud components install kubectl

Many features of GCP are available in Beta only, for that you have to install the beta component –


gcloud components install beta

Stay up to date with  –

gcloud components update 

.

Tab completion and running commands in Beta feature –


$ gcloud beta container  [tab][tab]
binauthz  clusters  get-server-config  images  node-pools  operations  subnets

$ gcloud beta container get-server-config
Fetching server config for us-east1-c
defaultClusterVersion: 1.9.7-gke.7
defaultImageType: COS
validImageTypes:
- COS
- UBUNTU
- COS_CONTAINERD
validMasterVersions:
- 1.11.2-gke.15
- 1.10.9-gke.3
- 1.10.7-gke.9
- 1.10.6-gke.9
- 1.9.7-gke.7
validNodeVersions:
- 1.11.2-gke.15
- 1.11.2-gke.9
- 1.10.9-gke.3
- 1.10.9-gke.0
- 1.10.7-gke.9
- 1.10.7-gke.6
- 1.10.7-gke.2
- 1.10.7-gke.1
- 1.10.6-gke.9
- 1.10.6-gke.6
- 1.10.6-gke.4
- 1.10.6-gke.3
- 1.10.6-gke.2
- 1.10.6-gke.1
- 1.10.5-gke.4
- 1.10.5-gke.3
- 1.10.5-gke.2
- 1.10.5-gke.0
- 1.10.4-gke.3
- 1.10.4-gke.2
- 1.10.4-gke.0
- 1.10.2-gke.4
- 1.10.2-gke.3
- 1.10.2-gke.1
- 1.9.7-gke.7
- 1.9.7-gke.6
- 1.9.7-gke.5
- 1.9.7-gke.4
- 1.9.7-gke.3
- 1.9.7-gke.1
- 1.9.7-gke.0
- 1.9.6-gke.2
- 1.9.6-gke.1
- 1.9.3-gke.0
- 1.8.12-gke.3
- 1.8.12-gke.2
- 1.8.12-gke.1
- 1.8.12-gke.0
- 1.8.10-gke.2
- 1.8.10-gke.0
- 1.8.9-gke.1
- 1.8.8-gke.0
- 1.7.15-gke.0
- 1.7.12-gke.2
- 1.6.13-gke.1

Reference –

Installation – https://cloud.google.com/sdk/docs/downloads-interactive#linux

SDK Components – https://cloud.google.com/sdk/docs/components

Tips and Tricks – https://cloudplatform.googleblog.com/2014/03/tips-and-tricks-command-line-access-to.html

Ansible : How to run playbooks as a shell script


Ansible is a powerful tool for automation, its syntax checking, verbose and dry run mode features make it a reliable and safe tool. It is particularly popular in IT infrastructure automation, such as application deployment or full fledged infrastructure plus app deployment. As an integral part of DevOps tool-set, it falls into the category of Chef, Puppet, Salt or CFEngine for the critical role it plays in IT infrastructure, Application Deployment, Configuration Management and Continuous Delivery.

In this short blog, I am writing about a little known or less popular usage of Ansible – executing it like a shell script. In a Unix-like operating system, any text file with its content starting with a #! aka Shebang, is executed by passing the text file as an argument to the characters following the Shebang. For instance, a text file /tmp/myscript.sh with its content starting with the characters #!/bin/bash is run by the program loader as /bin/bash /tmp/myscript. Following the same logic, we can execute any ansible playbook by simply starting the content of the playbook file with a path to the ansible executable. 

Thus for me to execute my playbooks just like a script, the first thing I need to know is the path to my Ansible executable –

$ which ansible
/usr/local/bin/ansible

And have a playbook – in this case, I will use two playbook – one which adds a user and the second one which deletes the same user as examples.
Notice that I am naming the playbook just like a shell script and made it executable –

$ cat add-user.sh 
#!/usr/local/bin/ansible-playbook
---
- hosts: localhost
  tasks:
  - name: Add user
    user: name={{ username }} comment={{ comment }} state=present shell={{ shell }}
    become: yes

When I execute this script, I will pass the parameters needed to add a user as ansible Extra variables. Now let us run the script in dry run mode first –

$ id john
id: ‘john’: no such user

$ ./add-user.sh -e "username=john comment='John Doe' shell=/bin/bash" -v --check
Using /etc/ansible/ansible.cfg as config file

PLAY [localhost] ************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************
ok: [localhost]

TASK [Add user] *************************************************************************************************************************************
changed: [localhost] => {"changed": true}

PLAY RECAP ******************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0

Everything looks good, so let us execute it –

$ ./add-user.sh -e "username=john comment='John Doe' shell=/bin/bash" -v
Using /etc/ansible/ansible.cfg as config file

PLAY [localhost] ************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************
ok: [localhost]

TASK [Add user] *************************************************************************************************************************************
changed: [localhost] => {"changed": true, "comment": "John Doe", "create_home": true, "group": 1002, "home": "/home/john", "name": "john", "shell": "/bin/bash", "state": "present", "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n", "stderr_lines": ["useradd: warning: the home directory already exists.", "Not copying any file from skel directory into it."], "system": false, "uid": 1002}

PLAY RECAP ******************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0

$ id john
uid=1002(john) gid=1002(john) groups=1002(john)

Deleting the user is similar, we just write an equivalent playbook and we pass only the username name as an extra var this time –

$ cat del-user.sh
#!/usr/local/bin/ansible-playbook
---
- hosts: localhost
tasks:
- name: Delete user
user: name={{ username }} state=absent
become: yes

$ ./del-user.sh -e username=john -v --check
Using /etc/ansible/ansible.cfg as config file

PLAY [localhost] ************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************
ok: [localhost]

TASK [Delete user] **********************************************************************************************************************************
changed: [localhost] => {"changed": true}

PLAY RECAP ******************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0

$ ./del-user.sh -e username=john -v
Using /etc/ansible/ansible.cfg as config file

PLAY [localhost] ************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************
ok: [localhost]

TASK [Delete user] **********************************************************************************************************************************
changed: [localhost] => {"changed": true, "force": false, "name": "john", "remove": false, "state": "absent"}

PLAY RECAP ******************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0

$ id john
id: ‘john’: no such user

You can find more on Ansible in the documentation section of the official site.

What type of storage engine a MySQL table uses?


MySQL supports several storage engines such as InnoDB, MyISAM, BLACKHOLE, CSV. Depending on your use case, you might configure your MySQL table to use certain storage engine. To see the list of storage engines MySQL supports, simply run “SHOW ENGINES\G” under a mysql prompt.

To find out the particular storage engine used by a table, run the ‘show table status’ command for the named table as below. The first example is the mysql user table, which uses InnoDB –


mysql> use mysql;

mysql> show table status like 'user' \G
*************************** 1. row ***************************
Name: user
Engine: InnoDB
Version: 10
Row_format: Compact
Rows: 1
Avg_row_length: 16384
Data_length: 16384
Max_data_length: 0
Index_length: 49152
Data_free: 10485760
Auto_increment: 2
Create_time: 2013-08-26 22:52:09
Update_time: NULL
Check_time: NULL
Collation: binary
Checksum: NULL
Create_options:
Comment:
1 row in set (0.00 sec)

A sample table which uses MyISAM storage engine –


mysql> show table status like 'servers' \G
*************************** 1. row ***************************
Name: servers
Engine: MyISAM
Version: 10
Row_format: Fixed
Rows: 0
Avg_row_length: 0
Data_length: 0
Max_data_length: 433752939111120895
Index_length: 1024
Data_free: 0
Auto_increment: NULL
Create_time: 2013-08-24 01:42:15
Update_time: 2013-08-24 01:42:15
Check_time: NULL
Collation: utf8_general_ci
Checksum: NULL
Create_options:
Comment: MySQL Foreign Servers table
1 row in set (0.00 sec)

A table for logging slow queries is stored in a CSV storage engine –


mysql> show table status like 'slow_log' \G
*************************** 1. row ***************************
Name: slow_log
Engine: CSV
Version: 10
Row_format: Dynamic
Rows: 2
Avg_row_length: 0
Data_length: 0
Max_data_length: 0
Index_length: 0
Data_free: 0
Auto_increment: NULL
Create_time: NULL
Update_time: NULL
Check_time: NULL
Collation: utf8_general_ci
Checksum: NULL
Create_options:
Comment: Slow log
1 row in set (0.00 sec)

 

Features of some of the storage engines –

  • InnoDB: is a transaction-safe (ACID compliant) storage engine for MySQL that has commit, rollback, and crash-recovery capabilities to protect user data. 
  • MyISAM: These tables have a small footprint. Table-level locking limits the performance in read/write workloads, so it is often used in read-only or read-mostly workloads in Web and data warehousing configurations.
  • Memory: Stores all data in RAM, for fast access in environments that require quick lookups of non-critical data.
  • CSV: Its tables are really text files with comma-separated values. CSV tables let you import or dump data in CSV format, to exchange data with scripts and applications that read and write that same format.
  • Archive: These compact, unindexed tables are intended for storing and retrieving large amounts of seldom-referenced historical, archived, or security audit information.
  • Blackhole: The Blackhole storage engine accepts but does not store data, similar to the Unix /dev/null device. Queries always return an empty set.

 

References –

https://dev.mysql.com/doc/refman/8.0/en/storage-engines.html

nf_conntrack: table full, dropping packet


I actually saw this error in a Docker host, and Docker uses iptables and allof Docker’s iptables rules are added to the DOCKER chain. In this case though, it wasn’t the Docker iptables rules that were a problem, it is just that limits were reached in the connection tracking of the netfilter module. You might see this error in /var/log/messages or /var/log/kern

The full error message looked like this –

May 29 09:10:37 docker kernel: [74350.150400] nf_conntrack: table full, dropping packet
May 29 09:10:37 docker kernel: [74350.155361] nf_conntrack: table full, dropping packet
May 29 09:10:37 docker kernel: [74350.160282] nf_conntrack: table full, dropping packet
May 29 09:10:37 docker kernel: [74350.181547] nf_conntrack: table full, dropping packet
May 29 09:10:37 docker kernel: [74350.184807] nf_conntrack: table full, dropping packet
May 29 09:10:37 docker kernel: [74350.184913] nf_conntrack: table full, dropping packet

Resolution – increase maximum number of connections being tracked and/or reduce tracking timeouts. Look for these run time kernel parameters –

[root@kauai /]# sysctl net.ipv4.netfilter.ip_conntrack_tcp_timeout_established
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 27000
[root@kauai /]# sysctl net.netfilter.nf_conntrack_generic_timeout
net.netfilter.nf_conntrack_generic_timeout = 60
[root@kauai /]# sysctl net.ipv4.netfilter.ip_conntrack_max
net.ipv4.netfilter.ip_conntrack_max = 64268

These are the settings which resolved my issue, simply doubled the values –

sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=54000
sysctl -w net.netfilter.nf_conntrack_generic_timeout=120
sysctl -w net.ipv4.netfilter.ip_conntrack_max=128536

To make this permanent, add the lines above to the /etc/sysctl.conf file.

 

References –

https://security.stackexchange.com/questions/43205/nf-conntrack-table-full-dropping-packet

https://docs.docker.com/network/iptables/

GCP NEXT 2018

Google Cloud Platform 2018 conference


Google does an annual cloud conference, for this year of 2018, it will be held in Moscone Center, San Francisco from 24th to 26th of July.

You can view the conference details, calendar and registration information here.

The conference name is generally referred by Google as NEXT, and this year’s – “Next ’18 is a three day global exhibition of inspiration, innovation, and education where we learn from one another how the cloud can transform how we work and power everyone’s successes.” The event has several hands on sessions, the main themes of the sessions are –

  • Application development
  • Collaboration and Productivity
  • Data Analytics
  • Infrastructure and Operations
  • IoT
  • Machine Learning and AI
  • Mobility and Devices
  • Security

I am posting the event calendar from the site here –

Monday, July 23

7 AM–6 PM   : Event Check In

9 AM–6 PM   : Bootcamps

5 PM–7 PM   : Women Techmakers Social

6 PM–8 PM  : Celebrate Diversity Reception

 

Tuesday, July 24

7 AM–6 PM   : Late Event Check In Available

9 AM–10:30 AM   : Keynote

10:30 AM–5:30 PM   : Expo, Google & Partner Showcase, Hands-on Labs, and Equality Lounge

11 AM–5:30 PM   : Office Hours & Meetups

11 AM–5:55 PM   : Spotlight & Breakout Sessions

11 AM–6 PM   : Certification Testing

 

Wednesday, July 25

7 AM–6 PM   : Late Event Check In Available

9 AM–10:30 AM   : Keynote

10:30 AM–5:30 PM   : Expo, Google & Partner Showcase, Hands-on Labs, and Equality Lounge

11 AM–5:30 PM   : Office Hours & Meetups

11 AM–5:55 PM   : Spotlight & Breakout Sessions

11 AM–6 PM   : Certification Testing

7 PM–10 PM   : Evening Event

 

Thursday, July 26

8 AM–4 PM   : Registration & Badge Pickup

9 AM–10:30 AM   : Keynote

9 AM–2:30 PM   : Expo, Google & Partner Showcase, and Hands-on Labs

9 AM–2:35 PM   : Spotlight & Breakout Sessions

9:30 AM–1:45 PM   : Office Hours & Meetups

10:30 AM–12:30 PM   : Equality Lounge

11 AM–6 PM   : Certification Testing

Friday, July 27

8 AM–5 PM   : Bootcamps

 

Link – https://cloud.withgoogle.com/next18/sf

Google joins AWS and Azure as leader in Gartner’s 2018 IaaS Magic Quadrant


After intensive investing in Cloud Computing, particularly geared towards enterprises, Google has finally joined Amazon (Amazon Web Services) and Microsoft (Azure) as a leader in Infrastrucutre as a service (Iaas) in Gartner’s Magic Quadran for 2018. GCP – Google Cloud Platform – is very intuitive to use and particular popular among data scientists.

 

https://www.cloudcomputing-news.net/news/2018/may/29/gartners-2018-iaas-magic-quadrant-google-joins-leaders-zone-only-six-vendors-make-cut/

“Google has clambered into the leaders’ section of Gartner’s latest infrastructure as a service (IaaS) Magic Quadrant, while the wheat has been separated from the chaff.

The annual report concluded that the cloud IaaS market is now a three-horse race in the top right box, with the leaders’ zone not being an Amazon Web Services (AWS) and Microsoft-only area for the first time since 2013.  …

https://cloudplatform.googleblog.com/2018/05/Google-named-a-Leader-in-2018-Gartner-Infrastructure-as-a-Service-Magic-Quadrant.html

“We’re pleased to announce that Gartner recently named Google as a Leader in the 2018 Gartner Infrastructure as a Service Magic Quadrant.
With an increasing number of enterprises turning to the cloud to build and scale their businesses, research from organizations like Gartner can help you evaluate and compare cloud providers.

…”

 

Visit https://linuxfreelancer.com/getting-started-google-cloud-platform/ for links to get started with GCP.