:: TOC ::

Cron
Docker
IPMI
IPTABLES
LXC
Network
Resources/Misc
Visudo
ZFS

:: Update Server ::

https://help.ubuntu.com/lts/serverguide/installing-upgrading.html do-release-upgrade

:: Cron ::

• Explain the crontab: https://crontab.guru/

:: Network ::

• Hints

  • Do not mix ifconfig XX up with ifup XXX
  • If ifup is not working use --force
  • Handle service networking restart with care
  • Do not specify 2 or more gateways on the same interface
  • Shut down interfaces: sudo ip link set eth0 down
  • Remove virtual interface: ifconfig eth0:1 down
  • Good ifup, ifdown description: https://www.computerhope.com/unix/ifup.htm

• NAT

  • Introduction: http://www.the-art-of-web.com/system/iptables-nat/
  • Introduction2: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html
  • Masquerade: POSTROUTING allows packets to be altered as they are leaving the firewall's external device. The -j MASQUERADE target is specified to mask the private IP address of a node with the external IP address of the firewall/gateway.

• Check state of interfaces
  cat /run/network/ifstate

• List all network cards
  lspci | egrep -i --color 'network|ethernet'

• Show all ip addresses
  ip addr show

• Show interfaces and their name
  lshw -class network

• Show/manipulate network interfaces
  cat /etc/network/interfaces

• Check speed / connection of network cards
  ethtool <eth0>

• Network class
  lshw -class network

• Find active internet connections
  netstat -tulpen

• Get names of interfaces
  ip link

• Services listening on port
  lsof -nPi tcp:the-port

• Monitor traffic
  nethogs <interface>

• Port forwarding
  /etc/rc.local

• Check speed between two servers
  

  • sudo apt-get install iperf
  • We'll start an iperf server on one of the machines:
    iperf -s
  • And then on the other computer, tell iperf to connect as a client:
    iperf -c <address of other computer>

• Login problems via SSH
  Getting a pam_systemd(sshd:session): Failed to stat runtime dir: No such file or directory message: Added directory with user_id in /run/users/

• Chaging DNS resolving
  

  • sudo nano /etc/resolvconf/resolv.conf.d/base
  • sudo resolvconf -u

• Virtual networks
  https://en.wikipedia.org/wiki/Virtual_network
  https://linuxconfig.org/configuring-virtual-network-interfaces-in-linux
  

• Reload an interface (e.g., after changing /etc/network/interfaces)
  sudo ifdown <interface> && sudo ifup <interface>
sudo service networking restart

IPTABLES

• List IPTABLES
  iptables -S
iptables -L

• IPTABLES Links
  https://help.ubuntu.com/community/IptablesHowTo

• Portforwardings settings
  Rules are set in /etc/rc.local

• Portforwarding: show current setup
  iptables -t nat -v -L -n --line-number

• Portforwarding: set rule
  iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport PORT -m comment --comment "COMMENT" -j DNAT --to-destination xxx.xxx.xxx.xxx:PORT
  Example:
  iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport 10002 -m comment --comment "My-LXC" -j DNAT --to-destination 10.0.0.10:22
  

• Portforwarding: Delete rule (use line number)
  https://www.cyberciti.biz/faq/how-to-iptables-delete-postrouting-rule/
  iptables -t nat -D PREROUTING 3

:: Disks ::

• Display block devices
  blkid -o list

• Display all disks
  

parted
print all

• Display all SCSI disks
  lsscsi -s

• http://docs.oracle.com/cd/E19253-01/820-2313/6ndu3p9cf/index.html
• http://docs.oracle.com/cd/E19253-01/820-2313/6ndu3p9cd/index.html
• http://docs.oracle.com/cd/E19253-01/820-2313/gbiqe/index.html
• http://docs.oracle.com/cd/E19253-01/819-5461/gbinw/

:: ZFS ::

• List all zfs-folders/zfs-volumes
  zfs list

• Status of zpool
  zpool status

• Export zpool (unmount)
  zpool export <zpoolname>

• Remove/destroy
  zpool destroy <zpoolname>

• Show snapshots
  zfs list -t snapshot

• Volumes
  

zfs list -t volumes
Volumes are listed here: /dev/zvol/tank/

• Show iostats
  zpool iostat 2

• Show detailed io
  sudo zpool iostat -v <pool>

• Send a ZFS snapshot
  zfs send -v storage/xxx@29062017 | pv -B 1g | ssh xxx.xxx.xxx.xxx zfs receive storage/xxx

• ZFS Raid levels
  http://www.zfsbuild.com/2010/05/26/zfs-raid-levels/

• Improve performance of ZFS
  https://icesquare.com/wordpress/how-to-improve-zfs-performance/

• ZFS RAID level performance
  https://icesquare.com/wordpress/zfs-performance-mirror-vs-raidz-vs-raidz2-vs-raidz3-vs-striped/ https://calomel.org/zfs_raid_speed_capacity.html

• ZFS Cache
  http://serverascode.com/2014/07/03/add-ssd-cache-zfs.html

• More information on ZFS
  http://breden.org.uk/2009/05/10/home-fileserver-zfs-file-systems/

• Understanding the spaces used by ZFS
  https://blogs.oracle.com/observatory/understanding-the-space-used-by-zfs

:: Docker ::

• Cheat-sheet
  https://github.com/wsargent/docker-cheat-sheet

• List Running containers
  docker ps -a

• Create image from Dockerfile
  docker build

• Create and start a container in one operation
  

docker run 
-d         detach
--name     Name of the container
--restart  Automatically restart the container -  no, always
-p         Ports
-v         Bind a volume

creates and starts a container

• Docker start
  starts a container

• Update a single container of docker-compose
  docker-compose up -d --no-deps --build <service_name>

• Look at all the info on a container (including IP address)
  docker inspect

• Delete a container
  docker rm

• Connect to docker
  docker exec -it <containerIdOrName> bash

• Problem loading packages during docker build
  https://stackoverflow.com/questions/42064246/failed-to-establish-a-new-connection-errno-2-name-or-service-not-known

sudo nano /lib/systemd/system/docker.service Add the dns after ExecStar. --dns 10.252.252.252 --dns 10.253.253.253 Should look like that: ExecStart=/usr/bin/dockerd -H fd:// --dns 10.252.252.252 --dns 10.253.253.253

systemctl daemon-reload
sudo service docker restart

• Change port binding of existing container
  https://stackoverflow.com/questions/19335444/how-do-i-assign-a-port-mapping-to-an-existing-docker-container

1) stop the container 
2) change the file /var/lib/docker/containers/[hash_of_the_container]/hostconfig.json
3) restart your docker engine (to flush/clear config caches)
4) start the container

• Problem restarting with network issue

docker network ls
docker network disconnect -f <networkname>
docker network rm <networkname>

moby/moby#20398

:: IPMI ::

https://www.thomas-krenn.com/de/wiki/IPMI_Grundlagen https://help.ubuntu.com/community/IPMI https://www.thomas-krenn.com/de/wiki/IPMI_Konfiguration_f%C3%BCr_Supermicro_Systeme https://www.thomas-krenn.com/de/wiki/Softwaretools_f%C3%BCr_IPMI_im_%C3%9Cberblick

• Read the SEL - system error log: ipmitool sel list

• Clear the SEL ipmitool sel clear

:: Switch ::

Dell 5500

"Although they can work in small EQL (and other iSCSI) SAN networks they should be seen as campus-access switches and not as SAN switches." https://en.wikipedia.org/wiki/Dell_PowerConnect#5500_series

:: KVM ::

kvm list machines: virsh list --all
kvm shutdown: virsh shutdown vm-name
kvm shutdown: connect to the machine via ssh and type "init 0"
kvm start: virsh start vm-name

:: LXC ::

• LXC information:
  http://www.cyberciti.biz/faq/howto-forcefully-stop-and-kill-lxc-container-on-linux/
  https://help.ubuntu.com/lts/serverguide/lxc.html
  

• List machines:
  lxc-ls -f

• Shutdown:
  lxc-stop --name [container-name] --nokill
  

• Start:
  lxc-start --name [container-name] -d
  

• Reboot:
  lxc-stop --name [container-name] -r
  

• Attach: lxc-attach -n [container-name]
  run command inside container

• Copy from one host to another
  Simply copy the folder in /var/lib/lxc

• LXC on ZFS:
  https://www.scotte.org/2016/07/lxc-containers-on-zfs

• Networking
  http://containerops.org/2013/11/19/lxc-networking/

• Network config
  To make LXC respect the network config set iface eth0 inet manual
  https://serverfault.com/questions/571714/setting-up-bridged-lxc-containers-with-static-ips

• Port forwarding LXC: https://wiki.debian.org/LXC/MasqueradedBridge

• Backup
  https://stackoverflow.com/questions/23427129/how-do-i-backup-move-lxc-containers

lxc-stop -n $NAME
cd /var/lib/lxc
tar --numeric-owner -czvf container_fs.tar.gz $NAME
rsync -avh container_fs.tar.gz user@newserver:/var/lib/lxc/
rsync -avPrh -e "ssh -p 10009" folder user@SERVER:/DEST/

:: Services ::

• List all running services
  service --status-all

:: Visudo ::

sudo visudo Be aware that adding a user to the sudo group overrides the entries in sudoers

:: SSH ::

https://help.ubuntu.com/lts/serverguide/openssh-server.html

:: Resources / Misc ::

• Memory
  http://www.linuxatemyram.com/

• Htop
  https://github.com/brentp/450k-analysis-guide

• Find
  http://www.binarytides.com/linux-find-command-examples/

:: RSYNC ::

• Use only limited bandwith:
  rsync --bwlimit=<kb/second> <source> <dest>

:: Useful information ::

1. Move to the previous directory - We all use cd .. to move to move to an upper directory. You can also use cd - to move to the previous directory - just like a back button.

test@linoxide:~/Downloads$ cd -
 /home/xy
test@linoxide:~$ cd -
 /home/xy/Downloads

2. Repeat your last command - To replay as the previous command, just type !!

$ apt install vlc
 E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
$ sudo !!
 sudo apt install vlc

3. Keep executing a command until it succeeds - use the exit code of the command directly. The command kept running until it found run.sh and printed out its content.

$ while ! ./run.sh; do sleep 1; done
cat: run.sh: No such file or directory
linoxide.com

4. View progress of file transfers In Linux, you cannot really know the rate of a file transfer progress until it's done. Using the pv command, you can monitor the progress of file transfers.

$ pv access.log | gzip > access.log.gz
 611MB 0:00:11 [58.3MB/s] [=> ] 15% ETA 0:00:59

5. Easily schedule events Using the at command, you can easily schedule events at anytime.

echo wget https://sample.site/test.mp4 | at 2:00 PM
To view the queued jobs, type 
atq

6. Display at output as a table When you use the ls command or other commands to throw outputs, they are often very long and need scrolling. You can easily display all the outputs in a table form using the column -t command.

$ cat /etc/passwd | column -t

7. Keyboard Tricks

• The clear command clears the terminal screen with a blank one. Pressing Ctrl + L on your keyboard does the same thing, but faster.
• To go through previous commands, press Alt + . .
• Ctrl + U clears the content you've typed already. Try this when you want to clear the password field in the command line.
• To reverse search your command history, press Ctrl + R

8. Compress, split and encrypt files Trying to transfer large files across computers is a tedious task. We can easily do this by compressing the files and creating a multi-part archive if the files are extremely large. To encrypt, we add the -e switch.

$ zip -re test.zip AdbeRdr11010_en_US.exe run.sh Smart_Switch_pc_setup.exe
 Enter password:
 Verify password:
 adding: AdbeRdr11010_en_US.exe (deflated 0%)
 adding: run.sh (stored 0%)
 adding: Smart_Switch_pc_setup.exe (deflated 2%)

9. Stress test your battery - Try this command:

$ cat /dev/urandom > /dev/null

10. Renaming/moving files with suffixes - If you want to quickly rename or move a bunch of files with suffix, try this command.

$ cp /home/sample.txt{,-old}
This will translate to:
$ cp /home/sample.txt /home/sample.txt-old
To rename files of a particular extension in batch, try this:
$ rename 's/comes_here_/goes_there/' *.txt