To display statistics only for a process name that match a string using top, you could use the following:
top -c -p $(pgrep -d',' -f firefox)Here is a screenshot which only shows stats for firefox:
Hope this helps! Cheers!
Source/Credits/Reference: StackOverflow
This is part of my project to understand the IR protocol and try to decode IR signals that being send from my AC’s remote to the AC itself. So that the idea is: If I can figure out the different IR signals that being that transmitted, then I should be able to replay the traffic and control the Aircon from my PC or use my own custom IR hub instead of sending data to some third party – Alexa or Google Assistant. This may be applicable on other devices as well that use an IR transmitter/receiver like a TV/remote controlled fan/hubs.
Disclaimer: I am no means an electronics expert. This is just me experimenting and playing around trying to make sense of how IR works with no prior knowledge of how the protocol works. If you are electronics expert, then this post is probably not for you are better off pressing CTRL+W on your keyboard.
Requirements:
Here is a picture of the KY-22 IR receiver.
Circuit Connection:
Connect pin labelled “Y” on the KY-022 to Pin 11 on the Arduino
Connect pin labelled G to GND pin on the Arduino
Connect pin labelled R pin to the 5V pin on Arduino
-Below is the source for the IR decoder:
#include <IRremote.h> int RECV_PIN = 11; // define input pin on Arduino. IRrecv irrecv(RECV_PIN); decode_results results; // decode_results class is defined in IRremote.h IRsend irsend; void setup() { Serial.begin(9600); // Set Serial monitor baud rate irrecv.enableIRIn(); // Start the receiver } void loop() { if (irrecv.decode(&results)) { Serial.println(results.value, HEX); irrecv.resume(); // Receive the next value } delay(1000); }
Upload the code to the Arduino and then navigate to Tools>Serial Monitor.
Now point your IR remote to the IR receiver sensor and press any key in the remote. Now, you should see the HEX value that was send from the remote in the serial console.
For example, a test case I pointed my AC’s remote to the IR receiver(KY-022) and pressed the power button. This result printed on the Serial Monitor was HEX value 90900E0A. Note: While pressing the power On button, the remote had 25 degrees set.
Here is a sample screenshot of the setup.
Here is a screenshot of the source and the data from the serial session.
Similarly when pressing the Power Off button in the return, a different IR code of 80900C0A was send.
Hell Yeah!!!!! Ok, maybe I got excited bit too much.
I know this probably sounds dumb, but I did notice something interesting on how this is all put together. So, lets say the temperature of the AC in the remote is set to 16C. Now, if I press the “+” button to increase the temperature to 17C, then I see a different code and if I press it again again, I see a different code being send.
Here what the different hex codes for different temperatures look like(used by pressing the increment/+ sign on the remote):
Temp 16: 90000E0A Temp 17: 90800E0A Temp 18: 90400E0A Temp 19: 90C00E0A Temp 20: 90200E0A Temp 21: 90A00E0A Temp 22: 90600E0A Temp 23: 90E00E0A Temp 24: 90100E0A Temp 25: 90900E0A Temp 26: 90500E0A Temp 27: 90D00E0A Temp 28: 90300E0A Temp 29: 90B00E0A Temp 30: 90700E0A
Trying to make sense of IR (Sort Of):
So, in a programming point of view, I was expecting something like “new temperature” = “current temperature” + 1 and then set the value rite? Well this sort of the same with a slight difference which I guess is the way IR protocol works. So, the handheld IR remote has some logic in itself. Here is my assumption of what is happening.
Next, I will need to learn how to get a IR transmitter and replay these codes so that I can control my Aircon and other electronics from my PC. Maybe create a DIY IR hub and hook it to my PC?
So, I did buy a IR transmitter to replay the signals but the transmitter that I received was DOA. Well that went well. Haha!
Anyways, will probably order a new transmitter to test this out post the whole COVID-19 shiZstorm.
Regards.
ΞXΤЯ3МΞ
Sources/Credits/References:
PS: Credits to Arduino modules for making it super simple to understand this. Below are credits/resources that helped out.
Arduino Modules.info
IR-Project
Duino4projects
Sparkfun
Robojax
This is a guide that describes on how to mount a remote Samba share configured on TrueNAS on to a Linux machine.
Login in your Linux machine. (I am using a Linux Mint 19.3 in this demo. This should technically work on other Debian/Ubuntu based systems as well).
Use the following commands to get your current user’s user ID (UID) and group ID (GID) respectively.
id -u $USER id -G $USER
Create a file /etc/.truenas_creds. This is where you would store the samba credentials.
Replace text in red with the username and password of the remote SMB share which was configured in TrueNas.
cat /etc/.truenas_creds username=enter_username_here password=enter_password_here
Modify the file permissions so that root is the owner and set the file permission to 600.
sudo chown root: /etc/.truenas_creds sudo chmod 600 /etc/.truenas_creds
In your linux machine, create a folder to where you want the contents of the remote samba share to be mounts. For example: create a directory named /mnt/truenas/.
sudo mkdir /mnt/truenas/
-Below is a sample syntax that can be used for populating /etc/fstab.
//ip-of-nas-server/enter-remote-samba-share/location /enter-local-mount/location/here/ cifs credentials=/etc/.truenas_creds,iocharset=utf8,uid=enter_your_uid_here,gid=enter_your_gid_here,noperm 0 0
-Here is what that I added in /etc/fstab.
//192.168.1.12/mnt/truenas /mnt/truenas/ cifs credentials=/etc/.truenas_creds,iocharset=utf8,uid=1000,gid=1000,noperm 0 0
My TrueNAS server’s IP => 192.168.1.12
Remote samba share => /mnt/truenas
Local mount location => /mnt/truenas/
Credentials for samba share => /etc/.truenas_creds
-Once complete, run the following to mount all entries looking at /etc/fstab.
mount -a
-If there are no errors in the above command, check your local mount path to verify that the mount was successful.
ls -l /mnt/truenas/
References:
I recently bought an Intel NUC for my homelab (NUC7i5BNH with 64Gigs of RAM) which has been running ESXi for the past few months and I have been happy with its performance so far. Fear for the worst, I noticed a few minor UI issues in the build that I was running which had been really bugging me. For Example: When using the search bar in the HTML5 UI, it partially hides the last search result in the list which was super annoying.
Luckily, VMware fixed these issues in one of the newer 6.7 patch releases and this blog post details on how I updated ESXi 6.7 U3 to the latest patch release on my NUC. To be precise, the upgrade was from ESXi-6.7.0-20190802001-standard (Build 14320388) to ESXi-6.7.0-20200604001 (Build 16316930). PS: I am not using vCenter in my homelab.
Short Version:
1. Backup your VMs/ESXI configuration. Download the latest patch from VMware’s website (Link).
2. Upload the ESXI patch release to the server’s datastore.
3. SSH into the NUC and get the full location of uploaded patch in your datastore. Find the profiles bundled within the patch file.
4. Put the ESXI server in maintenance mode and start the update.
4. Once update is complete, reboot the NUC, disable maintenance mode and you are good to go.
[Disclaimer: Please review VMware’s best practices for performing an ESXI upgrade which also includes taking backup of your ESXI configuration + VMs. if you plan to upgrade for a production system, make sure all necessary backups are taken before attempting the procedure. My NUC which is the 5th gen, the update worked right of the box without any customization. If you are running the new 10th generation Intel NUC, then you may need have make some modification to the VIBs for the upgrade to work.]
Long Version:
Go to VMware’s patch page and download the latest patch version for the ESXI release (Link).
In my case, I downloaded the latest patch which at the time of writing this post was ESXi670-202006001.zip.
Before the upgrade, my Intel NUC was running the below build:
[root@nuc:~] vmware -vl VMware ESXi 6.7.0 build-14320388 VMware ESXi 6.7.0 Update 3
-To check the volumes in the datastore. I did upload my patch to the ssd datastore which is a symlink.
[root@nuc:~] ls /vmfs/volumes/ -l total 1792 drwxr-xr-x 1 root root 8 Jan 1 1970 317122ee-8c7e716b-adf9-8414e6a14676 drwxr-xr-x 1 root root 8 Jan 1 1970 5e4867ab-521f3ade-c1f4-94c691adc828 drwxr-xr-t 1 root root 86016 Jun 26 18:10 5e486a9d-f29d23c4-81b6-94c691adc828 drwxr-xr-x 1 root root 8 Jan 1 1970 dafb9eea-924c7ebf-4eba-5b7ab8fcbb15 lrwxr-xr-x 1 root root 35 Jun 26 18:16 ssd -> 5e486a9d-f29d23c4-81b6-94c691adc828
Verify the full path/location of the uploaded image.
[root@nuc:~] ls /vmfs/volumes/5e486a9d-f29d23c4-81b6-94c691adc828/ESXi670-202006001.zip
/vmfs/volumes/5e486a9d-f29d23c4-81b6-94c691adc828/ESXi670-202006001.zip
Using esxcli, find the profiles that are bundled with the offline installer. The profile name will be used later when performing the upgrade.
[root@nuc:~] esxcli software sources profile list -d /vmfs/volumes/5e486a9d-f29d23c4-81b6-94c691adc828/ESXi670-202006001.zip Name Vendor Acceptance Level Creation Time Modification Time ------------------------------- ------------ ---------------- ------------------- ------------------- ESXi-6.7.0-20200604001-standard VMware, Inc. PartnerSupported 2020-06-04T02:21:11 2020-06-04T02:21:11 ESXi-6.7.0-20200604001-no-tools VMware, Inc. PartnerSupported 2020-06-04T02:21:11 2020-06-04T02:21:11 [root@nuc:~]
Place the ESXI host in maintenance mode before starting the upgrade.
[root@nuc:~] esxcli system maintenanceMode set -e trueVerify that ESXI is running in Maintenance mode.
[root@nuc:~] esxcli system maintenanceMode get
Enabled
The output “Enabled” means that the host is in maintenance mode.
To perform the patch upgrade, pass the path and the profile as well.
[root@nuc:~] esxcli software profile update -d /vmfs/volumes/5e486a9d-f29d23c4-81b6-94c691adc828/ESXi670-202006001.zip -p ESXi-6.7.0-20200604001-standard Update Result Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective. Reboot Required: true VIBs Installed: VMW_bootbank_ixgben_1.7.1.16-2vmw.670.3.104.16075168, .... [root@nuc:~]
Once the update is complete, reboot the ESXI server.
[root@nuc:~] reboot
Once the host is back up, SSH into the ESXI host. The host will still be in maintenance mode which is expected.
[root@nuc:~] esxcli system maintenanceMode get
Enabled
Disable maintenance mode
[root@nuc:~] esxcli system maintenanceMode set -e false [root@nuc:~] esxcli system maintenanceMode get Disabled
Now, verify that the update completed and is running the new build.
[root@nuc:~] vmware -vl VMware ESXi 6.7.0 build-16316930 VMware ESXi 6.7.0 Update 3 [root@nuc:~]
Well, Thats it folks!! Hope this helps.
PS: I anticipated the update process to be super confusing and tedious. However, it turned out to be fairly simple thanks to jeffreykusters and VMware’s instructions which I have credited them for below).
Credits/References/Sources:
This is a tutorial on how to check checksums of a CentOS image using GPG to verify the integrity of a downloaded CentOS ISO image.
1. Download the public key from the CentOS website
Open a terminal and create a directory where you need to download the ISO and the checksum file.
mkdir validate && cd validate/
Download the GPG public key from the official CentOS website. (You can find the full list of CentOS keys here. )
wget https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official
Below are the contents of the downloaded file which shows that this is a public key.
cat RPM-GPG-KEY-CentOS-Official -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux) mQINBFzMWxkBEADHrskpBgN9OphmhRkc7P/YrsAGSvvl7kfu+e9KAaU6f5MeAVyn rIoM43syyGkgFyWgjZM8/rur7EMPY2yt+2q/1ZfLVCRn9856JqTIq0XRpDUe4nKQ 8BlA7wDVZoSDxUZkSuTIyExbDf0cpw89Tcf62Mxmi8jh74vRlPy1PgjWL5494b3X 5fxDidH4bqPZyxTBqPrUFuo+EfUVEqiGF94Ppq6ZUvrBGOVo1V1+Ifm9CGEK597c aevcGc1RFlgxIgN84UpuDjPR9/zSndwJ7XsXYvZ6HXcKGagRKsfYDWGPkA5cOL/e f+yObOnC43yPUvpggQ4KaNJ6+SMTZOKikM8yciyBwLqwrjo8FlJgkv8Vfag/2UR7 JINbyqHHoLUhQ2m6HXSwK4YjtwidF9EUkaBZWrrskYR3IRZLXlWqeOi/+ezYOW0m vufrkcvsh+TKlVVnuwmEPjJ8mwUSpsLdfPJo1DHsd8FS03SCKPaXFdD7ePfEjiYk nHpQaKE01aWVSLUiygn7F7rYemGqV9Vt7tBw5pz0vqSC72a5E3zFzIIuHx6aANry Gat3aqU3qtBXOrA/dPkX9cWE+UR5wo/A2UdKJZLlGhM2WRJ3ltmGT48V9CeS6N9Y m4CKdzvg7EWjlTlFrd/8WJ2KoqOE9leDPeXRPncubJfJ6LLIHyG09h9kKQARAQAB tDpDZW50T1MgKENlbnRPUyBPZmZpY2lhbCBTaWduaW5nIEtleSkgPHNlY3VyaXR5 QGNlbnRvcy5vcmc+iQI3BBMBAgAhBQJczFsZAhsDBgsJCAcDAgYVCAIJCgsDFgIB Ah4BAheAAAoJEAW1VbOEg8ZdjOsP/2ygSxH9jqffOU9SKyJDlraL2gIutqZ3B8pl Gy/Qnb9QD1EJVb4ZxOEhcY2W9VJfIpnf3yBuAto7zvKe/G1nxH4Bt6WTJQCkUjcs N3qPWsx1VslsAEz7bXGiHym6Ay4xF28bQ9XYIokIQXd0T2rD3/lNGxNtORZ2bKjD vOzYzvh2idUIY1DgGWJ11gtHFIA9CvHcW+SMPEhkcKZJAO51ayFBqTSSpiorVwTq a0cB+cgmCQOI4/MY+kIvzoexfG7xhkUqe0wxmph9RQQxlTbNQDCdaxSgwbF2T+gw byaDvkS4xtR6Soj7BKjKAmcnf5fn4C5Or0KLUqMzBtDMbfQQihn62iZJN6ZZ/4dg q4HTqyVpyuzMXsFpJ9L/FqH2DJ4exGGpBv00ba/Zauy7GsqOc5PnNBsYaHCply0X 407DRx51t9YwYI/ttValuehq9+gRJpOTTKp6AjZn/a5Yt3h6jDgpNfM/EyLFIY9z V6CXqQQ/8JRvaik/JsGCf+eeLZOw4koIjZGEAg04iuyNTjhx0e/QHEVcYAqNLhXG rCTTbCn3NSUO9qxEXC+K/1m1kaXoCGA0UWlVGZ1JSifbbMx0yxq/brpEZPUYm+32 o8XfbocBWljFUJ+6aljTvZ3LQLKTSPW7TFO+GXycAOmCGhlXh2tlc6iTc41PACqy yy+mHmSv =kkH7 -----END PGP PUBLIC KEY BLOCK-----
2. Check and verify the fingerprint of the downloaded public key.
Using gpg, check the fingerprint of the downloaded public key file using the following command:
gpg --dry-run --import --import-options import-show ./RPM-GPG-KEY-CentOS-Official
pub rsa4096 2019-05-03 [SC]
99DB70FAE1D7CE227FB6488205B555B38483C65D
uid CentOS (CentOS Official Signing Key) <[email protected]>
gpg: Total number processed: 1
From the output, the fingerprint is 99DB70FAE1D7CE227FB6488205B555B38483C65D.
Now, we need to verify if the fingerprint matches the one documented in official CentOS page.
So, go to https://www.centos.org/keys/ and search for the above fingerprint.
[Note: You could split the fingerprint into blocks of four characters as shown below: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D ]
If the fingerprint matches the one documented in the official CentOS key documentation page, then the public key is untampered and can be trusted.
[Note: If you are using a newer version of gpg, then you can use “gpg –quiet –with-fingerprint ./RPM-GPG-KEY-CentOS-Official“. I did not use the –with-fingerprint flag as the version of gpg installed in my machine does not show the fingerprints with the –with-fingerprint flag.]
3. Import the Public key to your GNUPG keyring
Now, import the downloaded key to your gnupg keyring.
gpg --import ./RPM-GPG-KEY-CentOS-Official gpg: key 05B555B38483C65D: public key "CentOS (CentOS Official Signing Key) <[email protected]>" imported gpg: Total number processed: 1 gpg: imported: 1
The above shows that it processed and imported 1 key to you local store.
To list the keys currently in your gnupng keyring, you can use the following:
gpg --list-keys /home/r3con/.gnupg/pubring.kbx ------------------------------ pub rsa4096 2019-05-03 [SC] 99DB70FAE1D7CE227FB6488205B555B38483C65D uid [ unknown] CentOS (CentOS Official Signing Key) <[email protected]
4. Download the CentOS ISO image
Download the CentOS ISO file:
wget http://mirrors.piconets.webwerks.in/centos-mirror/8.1.1911/isos/x86_64/CentOS-8.1.1911-x86_64-dvd1.iso
5. Download the CHECKSUM.asc file and verify that it is not tampered with.
Once the download is complete, download the “CHECKSUM.asc” file from the CentOS website:
wget http://mirror.centos.org/centos/8/isos/x86_64/CHECKSUM.asc
If you read the contents of the CHECKSUMS.asc file, you will see that it contains a PGP signed message with the checksums for the CentOS ISO image.
cat CHECKSUM.asc -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 # CentOS-8.1.1911-x86_64-boot.iso: 625999872 bytes SHA256 (CentOS-8.1.1911-x86_64-boot.iso) = 7fea13202bf2f26989df4175aace8fdc16e1137f7961c33512cbfad844008948 # CentOS-8.1.1911-x86_64-dvd1.iso: 7554990080 bytes SHA256 (CentOS-8.1.1911-x86_64-dvd1.iso) = 3ee3f4ea1538e026fff763e2b284a6f20b259d91d1ad5688f5783a67d279423b -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXh3OvAW1VbOEg8ZdAQihSxAArC0gfNTr0bWPOT/k40lTSoxgDF0qGn4+ d5j9noV3c0Xqd4Um/hxs7ha/qTg82DISYC8+5XHRvU3k156Mxh7dy4FoPopwItoc lpMjnXwDYC/Iptp1XHiD2sun+z+omC2B+DcZergDwrrJzb7CZzxGr84Ztl6Wd54s jCI3dQEsakQUEEuekr3mHtB1R4QHHaRwVwUJSzRQYLF3XiCq788IUaI2sf5kHXsg BxWhzHsBCPG4/FC0ev9ujp5OP/j2FZq4S0cp1+53t/BauyGPOdbvQw71xKsHZQ3J G9TNaFzlAqZJDKpz+XgjQ1V/7kKaFY3dCbxITxbOdSGAMh25cbWd2AamnCFuTzIq vpWY8xWgx6kQ8aLI+VekOYYl4zZswmJBBogXDURCJTqRY6efkT8qhuWVS/obWjBL L3uLL6w4ZkkatUZwglcj2+BhXefAGZgfBExI/xUHFzyXdB8Jv/YwYTTEsREZhf+T 8ggDOOznlUvrNz/atYKwNqAWbC2oY5UXL2OhDznm3lXwQPJG9vZ2Hx6UFpEuuBOR m407o8rfosEbnHgxh9qQ2gnlk+m30VZqhr2dQnOibdY7YtHqk++5snr+yDmXKWDU r08BLy0qGdI8CDxOS0DDb5MmIa5xc2c3w0Jt5q+H9tD7VAlg5uJBju0GwXSsiWHf PlXTxMDETyY= =TBYO -----END PGP SIGNATURE-----
To verify that downloaded “CHECSUMS.asc” file is not tampered and is indeed from CentOS, use the –verify flag.
gpg --verify CHECKSUM.asc gpg: Signature made Tue Jan 14 19:52:52 2020 IST gpg: using RSA key 05B555B38483C65D gpg: Good signature from "CentOS (CentOS Official Signing Key) <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
The above outputs shows the the signature is good and CHECSUM.asc file is good and not tampered.
At this point, you should have the following files in the directory:
ls -l total 7377932 -rwxrwxrwx 1 r3con r3con 1179 Jun 3 11:10 CHECKSUM.asc -rwxrwxrwx 1 r3con r3con 7554990080 Jan 4 03:17 CentOS-8.1.1911-x86_64-dvd1.iso -rwxrwxrwx 1 r3con r3con 1683 Sep 12 2019 RPM-GPG-KEY-CentOS-Official
6. Verifying the checksum of the downloaded image using the CHECKSUM.asc file.
To verify the checksums of the downloaded ISO image using the following command:
sha256sum -c CHECKSUM.asc 2>&1 | grep OK
CentOS-8.1.1911-x86_64-dvd1.iso: OK
This shows that the checksum matches and the downloaded ISO file is intact or not tampered with.
Hope this helps. Cheers
Source/Credits/References:
Lets say we have a file with list of IPs that are space separated and you want to read each of the values to pass to a loop to perform an operation. Here is an example file with IP Addresses separated by a space:
cat ips.txt 192.168.1.1 192.168.1.10
Now, lets say you want to loop through these IPs and run a ping command against each of them.
cat ping.sh #!/bin/bash # IFS is an internal bash variable. Here, we set its value as space. IFS=$" " # Read the file "ips.txt" and store the list of values to a variable "ips" ips="$(cat ips.txt)" # Run the following loop which will loop through each of the ips and run a ping test for ip in $ips; do ping -c 1 $ip; done # Unset the IFS variable so that it wont mess with the reset of the script unset IFS
-Running this loop, will loop through the list of IP addresses and perform a ping.
./ping.sh PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.660 ms --- 192.168.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.660/0.660/0.660/0.000 ms PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data. 64 bytes from 192.168.1.10: icmp_seq=1 ttl=64 time=0.108 ms --- 192.168.1.10 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.108/0.108/0.108/0.000 ms
Hope this helps!
Happy scripting folks! 🙂
Source/References: Link
This is a guide on how to monitor a Linux device(s) using Telgraf, InfluxDB and Chronograph. To make things easier, we will be running all these components using Docker.
Requirements:
1. Create a custom docker network:
-Lets create a custom docker bridge network. Below, I have created a custom docker network with the name “influxdb”.
docker network create influxdb
You can name it whatever you want. You just need to make sure that name is passed in the –net flag in other docker commands.
You can verify that the network is created using the following command:
docker network ls
-Below are the sample outputs:
extr3me@op3n:~$ docker network ls NETWORK ID NAME DRIVER SCOPE 0d72e4098315 bridge bridge local e3808d2b4078 host host local d2c5b3842508 influxdb bridge local a25ec7e0c8a2 none null local
2. Run InfluxDB:
-InfluxDB is database where all the statistics of the host will be stored. To create an instance of InfluxDB, run the following command pass the network name as well as shown below:
docker run -d --name=influxdb --net=influxdb influxdb3. Run Telegraf:
-Before you run Telegraf, you would need to create Telegraf config file. Run the below commands to generate a sample Telegraf configuration file.
mkdir telegraf docker run --rm telegraf telegraf config > telegraf/telegraf.conf ls telegraf/
-Modify the above telegraf.conf as per your requirement. For starters, you can un-comment the outputs.influx block and the urls section. So, the config file would have the following:
[[outputs.influxdb]] urls = ["http://influxdb:8086"]
-The above output block tells Telegraf where the Influxdb database is located. Once this configuration file is passed to telegraph in the next section, then Telegraf will interact with InfluxDB (read and write data) via API.
-Now that we have the configuration file ready, we can run Telegraf and pass the configuration file.
-Below I am passing /sys /proc and /etc as readonly mounts inside the container. Optionally, I have passed the docker socket as well as a bind mount so that I can monitor the resource usage of docker and the running containers too.
docker run -d --restart=always --name telegraf \ --net=influxdb --hostname=telegraf \ -e "HOST_PROC=/rootfs/proc" \ -e "HOST_SYS=/rootfs/sys" \ -e "HOST_ETC=/rootfs/etc" \ -v $(pwd)/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ -v /sys:/rootfs/sys:ro \ -v /proc:/rootfs/proc:ro \ -v /etc:/rootfs/etc:ro \ telegraf
You can add/modify the source as you wish to monitor more data. You just need to make sure that the the necessary mounts/variables are passed as well.
4. Run Chronograf:
-Chronograf is used to visualize the data using a browser. It can talk to InfluxDB and display the data in forms of graphs etc.
-To run Chronograf, you can run the following docker command:
docker run -d --name chronograf -p 8888:8888 --net=influxdb chronograf --influxdb-url=http://influxdb:8086
-Verify all containers are running using “docker ps -a”
extr3me@op3n:~$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a9da408e41b0 chronograf "/entrypoint.sh --in_" 39 seconds ago Up 38 seconds 0.0.0.0:8888->8888/tcp chronograf 326255e6d234 telegraf "/entrypoint.sh tele_" 36 minutes ago Up 36 minutes 8092/udp, 8125/udp, 8094/tcp telegraf 51c95679a803 influxdb "/entrypoint.sh infl_" About an hour ago Up About an hour 8086/tcp influxdb
The above output shows that all the three containers are up and running.
-Now, you can access the Chronograf Dashboard from your browser by visiting the following URL.
http://localhost:8888Once you are in the Chronograf UI, you can navigate to “Host Lists” and click on host to view the collected stats.
Below is a screenshot of Chronograf that is displays the host information:
Troubleshooting:
To troubleshoot API issues, you could create a sample container in same “influxdb” network and install curl in it.
For example: You could create an alpine container attached to the influxdb network.
docker run --net=influxdb -it alpine shThen install curl using “apk add curl”. Below is the sample outputs:
/ # apk add curl fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz (1/4) Installing ca-certificates (20191127-r1) (2/4) Installing nghttp2-libs (1.40.0-r0) (3/4) Installing libcurl (7.67.0-r0) (4/4) Installing curl (7.67.0-r0) Executing busybox-1.31.1-r9.trigger Executing ca-certificates-20191127-r1.trigger OK: 7 MiB in 18 packages
-Once curl is installed, Then try the following sample InfluxDB API calls pointing to the InfluxDB endpoint from within the Alpine container:
curl -i -XPOST http://influxdb:8086/query --data-urlencode "q=show databases"
-Below are sample outputs:
/ # curl -i -XPOST http://influxdb:8086/query --data-urlencode "q=show databases" HTTP/1.1 200 OK Content-Type: application/json Request-Id: e58a61db-6fa6-11ea-85a3-0242ac120002 X-Influxdb-Build: OSS X-Influxdb-Version: 1.7.10 X-Request-Id: e58a61db-6fa6-11ea-85a3-0242ac120002 Date: Thu, 26 Mar 2020 21:15:19 GMT Transfer-Encoding: chunked {"results":[{"statement_id":0,"series":[{"name":"databases","columns":["name"],"values":[["_internal"],["telegraf"]]}]}]}
-Here is another example on how to to check if you are able to create a database:
curl -i -XPOST http://influxdb:8086/query --data-urlencode "q=CREATE DATABASE telegraf"To troubleshoot issues related to Telegraf, you review the docker logs.
docker logs -f telegraf
To troubleshoot issues with InfluxDB, you can manually access InfluxDB’s shell/CLI and run commands (just like you would in other database servers such as MySQL.)
Below is an example on how to view the list of databases from InfluxDB shell.
docker exec -it influx sh # influx Connected to http://localhost:8086 version 1.7.10 InfluxDB shell version: 1.7.10 > show databases name: databases name ---- _internal telegraf
I hope this helps. Do share, leave a like/comment below! Cheers!
Regards,
ΞXΤЯ3МΞ
Sources/References:
https://hub.docker.com/_/telegraf/
https://hub.docker.com/_/chronograf/
https://www.jacobtomlinson.co.uk/monitoring/2016/06/23/running-telegraf-inside-a-container/
Lets assume you have a CA certificate “ca.crt” that you want your system or utilities like curl to trust then you can do the following:
Copy the CA certificate to /etc/pki/ca-trust/source/anchors/
sudo cp ca.crt /etc/pki/ca-trust/source/anchors/
Then you can run the following command to update Fedora’s local CA store.
sudo update-ca-trust
Now you system and tools like curl will trust certificates signed by this CA.
Verify that SSL connection is trusted using curl :
Lets say you have a webserver server whose certificate was signed by the above root CA and the signed certificate is already uploaded to the webserver. You can verify that your Fedora client trusts the certificate using curl.
curl -vvv https://test-server-fqdn.com
In the above curl command, I am passing the verbose flag -vvv which is optional. It is handy for troubleshooting purposes SSL issues.
If the connection is trusted, the SSL connection should work and you would see a message such as below from the curl outputs:
* server certificate verification OKNote: This was tested on Fedora 31.
Source/References:
https://serverfault.com/questions/394815/how-to-update-curl-ca-bundle-on-redhat
https://www.linux.org/docs/man8/update-ca-trust.html
To run a bash script (Example: bash-script.sh) from inside a perl script, you could use the following syntax:
system("sh", "bash-script.sh")
Note: Here, once the bash script completes execution it will continue with the execution of the perl script.
Example:
Perl Script: perl-script.pl
Bash Script: bash-script.sh
Below is a perl script “perl-script.pl” which calls an external bash script “bash-script.sh”.
#!/usr/bin/perl
use strict;
use warnings;
print "Running parent perl script. \n";
print "Starting to call external bash script\n";
# Sample Argument to be passed to the bash script
my $my_arg = "ARG1";
# With arguments - pass them inside quotes seperated by commas
system("sh", "bash-script.sh","$my_arg");
print "Back to parent perl script\n";
Below is the sample “bash-script.sh” which prints the variable.
#!/bin/bash echo "---Start of Bash script---" a=$1 echo "Argument from Perl script is" $a
To test, execute the perl script:
./perl-script.pl
Credits/References
https://stackoverflow.com/questions/3200801/how-can-i-call-a-shell-command-in-my-perl-script
After a fresh install of Ubuntu, my terminal was being flooded with “print_req_error: I/O error, dev fd0, sector 0” error.
This is because, your kernel thinks you have a floppy disk fd0, but cant find one. To fix this issue, you can run the following in your terminal:
sudo rmmod floppy echo "blacklist floppy" | sudo tee /etc/modprobe.d/blacklist-floppy.conf sudo dpkg-reconfigure initramfs-tools EDIT: Thanks @Joanmi for your comment (For the noticing the issue with sudo command.)
Misc: If you are deploying a new virtual machine, you can avoid this issue by deleting the Floppy Disk drive.
Source: StackOverflow