DOCKER

       What is Docker?

• It is an open source containerization Platform.
• It is used to automate the deployment of any application.

       What is Container?

• Running instance of an image.
• Containers are deployed applications bundled with all necessary dependencies and configuration files.
• All the elements share the same OS kernel.
• It is an abstraction at the app layer that packages code and dependencies together.
• Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space.

      What is Virtualization?

• It is an abstract version of a physical machine.
• Hypervisor allows multiple VMs to run on a single machine.
• Each VM includes a full copy of an OS, application and necessary binaries and libraries which takes size in GBs.
• It can be slow to boot.

         Comparison between VM and containers.

    Benefits of Container

• Run Containers in seconds instead of minutes.
• Less resources results less disk space.
• Uses less memory.
• It does not need full OS.
• Deployment and Testing is easy.

  3 Main Docker Components

• Docker Client :- Performs docker build pull and run operations to open up communications with the docker host. The Docker command then employs Docker API to call any queries to run.
• Docker Host:- Contains docker daemon, containers and associated images. The Docker daemon establishes a connection with the registry. The stored images are the type of metadata dedicated to containerized applications.
• Registry:- This is where docker images are stored. There are two of them a public registry and a private one. Docker Hub and Docker cloud are two public registries available for use by anyone.

How to configure NGINX

How to configure NGINX
===================

[root@digiportal03 alice]# rpm -ivh epel-release-6-8.noarch.rpm
warning: epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]
 
[root@digiportal03 alice]# rpm -ivh nginx-release-centos-6-0.el6.ngx.noarch.rpm
warning: nginx-release-centos-6-0.el6.ngx.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing...                ########################################### [100%]
   1:nginx-release-centos   ########################################### [100%]

[root@digiportal03 alice]# rpm -ivh nginx-1.14.0-1.el6.ngx.x86_64.rpm
warning: nginx-1.14.0-1.el6.ngx.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing...                ########################################### [100%]
   1:nginx                  ########################################### [100%]
----------------------------------------------------------------------

Thanks for using nginx!

Please find the official documentation for nginx here:
* http://nginx.org/en/docs/

Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* http://nginx.org/en/support.html

Commercial subscriptions for nginx are available on:
* http://nginx.com/products/

----------------------------------------------------------------------
Move or rename the default.conf present in the /etc/nginx/conf.d/

vim /etc/nginx/conf.d/load-balancer.conf

upstream backend {
   server 10.155.13.57;
   server 10.155.13.139;
}
server {
    listen 80;
    server_name  10.155.13.102;
        location / {
      proxy_pass http://backend;
   }
}

save and exit

After that reload ngninx service

/etc/init.d/nginx reload

Log file path:-
/var/log/nginx/
/var/log/nginx/access.log
/var/log/nginx/error.log

Default SSL and vhost config directory:-
/etc/nginx/conf.d/

Default configuration file:-
/etc/nginx/nginx.conf

How to change default Shell

If we want to change the default shell then we need to use chsh command.

Through below command we can change the default shell and after changing the default change we need to restart the server to see the changes applied or not.

ACL(Access Control List)

ACL
====

Files and directories have permission sets for the owner of the file, the group associated with the file, and all other users for the system. However, these permission sets have limitations. For example, different permissions cannot be configured for different users. Thus, Access Control Lists (ACLs) were implemented.

The Red Hat Enterprise Linux kernel provides ACL support for the ext3 file system and NFS-exported file systems. ACLs are also recognized on ext3 file systems accessed via Samba.

Along with support in the kernel, the acl package is required to implement ACLs. It contains the utilities used to add, modify, remove, and retrieve ACL information.

The cp and mv commands copy or move any ACLs associated with files and directories.

Before using ACLs for a file or directory, the partition for the file or directory must be mounted with ACL support. If it is a local ext3 file system, it can mounted with the following command:

mount -t ext3 -o acl device-name partition

For example:

mount -t ext3 -o acl /dev/VolGroup00/LogVol02 /work

Alternatively, if the partition is listed in the /etc/fstab file, the entry for the partition can include the acl option:

LABEL=/work      /work       ext3    acl        1 2

If an ext3 file system is accessed via Samba and ACLs have been enabled for it, the ACLs are recognized because Samba has been compiled with the --with-acl-support option. No special flags are required when accessing or mounting a Samba share.

By default, if the file system being exported by an NFS server supports ACLs and the NFS client can read ACLs, then ACLs are utilized by the client system. To disable ACLs on NFS share when mounting it on a client, mount it with the noacl option with the command line.

SETTING ACCESS ACLS

There are two types of ACLs: access ACLs and default ACLs. An access ACL is the access control list for a specific file or directory. A default ACL can only be associated with a directory; if a file within the directory does not have an access ACL, it uses the rules of the default ACL for the directory. Default ACLs are optional.

ACLs can be configured:

1. Per user
2. Per group
3. Via the effective rights mask
4. For users not in the user group for the file

The setfacl utility sets ACLs for files and directories. Use the -m option to add or modify the ACL of a file or directory:

# setfacl -m rules files

Rules (rules) must be specified in the following formats. Multiple rules can be specified in the same command if they are separated by commas.

u:uid:perms

Sets the access ACL for a user. The user name or UID may be specified. The user may be any valid user on the system.

g:gid:perms

Sets the access ACL for a group. The group name or GID may be specified. The group may be any valid group on the system.

m:perms

Sets the effective rights mask. The mask is the union of all permissions of the owning group and all of the user and group entries.

o:perms

Sets the access ACL for users other than the ones in the group for the file.

Permissions (perms) must be a combination of the characters r, w, and x for read, write, and execute.

If a file or directory already has an ACL, and the setfacl command is used, the additional rules are added to the existing ACL or the existing rule is modified.

Give read and write permissions

For example, to give read and write permissions to user alice:

# setfacl -m u:alice:rw /project/somefile

To remove all the permissions for a user, group, or others, use the -x option and do not specify any permissions:

# setfacl -x rules files

Remove all permissions

For example, to remove all permissions from the user with UID 500:

# setfacl -x u:500 /project/somefile

SETTING DEFAULT ACLS

To set a default ACL, add d: before the rule and specify a directory instead of a file name.

Setting default ACLs

For example, to set the default ACL for the /share/ directory to read and execute for users not in the user group (an access ACL for an individual file can override it):

# setfacl -m d:o:rx /share

RETRIEVING ACLS

To determine the existing ACLs for a file or directory, use the getfacl command. In the example below, the getfacl is used to determine the existing ACLs for a file.

Retrieving ACLs

# getfacl home/john/picture.png

The above command returns the following output:

# file: home/john/picture.png 

# owner: john 

# group: john 

user::rw- 

group::r-- 

other::r--

If a directory with a default ACL is specified, the default ACL is also displayed as illustrated below. For example, getfacl home/sales/ will display similar output:

# file: home/sales/ 

# owner: john 

# group: john 

user::rw- 

user:barryg:r-- 

group::r-- 

mask::r-- 

other::r-- 

default:user::rwx 

default:user:john:rwx 

default:group::r-x 

default:mask::rwx 

default:other::r-x

How to rollback updates using yum

One of the important task of Linux system administrator is to update packages on the servers. There can be some scenarios where Linux admin apply the updates on servers but after applying updates application hosted on the server might not work properly due to incompatibility of new updates, In that case we don’t have any option but to rollback updates.

On Linux servers (RHEL & CentOS) updates are applied with yum command and updates can be rollback with “yum history command“.

# yum history
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
ID     | Login user               | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
     8 | root <root>              | 2011-10-03 14:40 | Install        |    1   
     7 | root <root>              | 2011-09-21 04:24 | Install        |    1 ##
     6 | root <root>              | 2011-09-21 04:23 | Install        |    1 ##
     5 | root <root>              | 2011-09-16 13:35 | Install        |    1   
     4 | root <root>              | 2011-09-16 13:33 | Erase          |    1   
     3 | root <root>              | 2011-09-14 14:36 | Install        |    1   
     2 | root <root>              | 2011-09-12 15:48 | I, U           |   80   
     1 | System <unset>           | 2011-09-12 14:57 | Install        | 1025  

Suppose you want to undo the changes of ID 8

To rollback use below command

# yum history undo 8

LVM Interview Questions

Q.What Is The Difference Between Lvm And Raid?
Ans: A RAID device is a physical grouping of disk devices in order to create a logical presentation of one device whereas LVM is a logical layer that that can be manipulated in order to create and, or expand a logical presentation of a disk device to an OS.

Q. Explain Lvm Snapshot?
Ans:LVM snapshots allow the administrator to create a new block device which presents an exact copy of a logical volume, frozen at some point in time.

Q. How You Will Check On Your Server Or System Device-mapper Is Installed Or Not?

Ans:
Check the following file:
#cat /proc/misc
if this file contains “device-mapper” term it means device mapper is installed on your system.

Q. How Are Snapshots In Lvm2 Different From Lvm1?
Ans:
In LVM2 snapshots are read/write by default, whereas in LVM1, snapshots were read only.

Q. What Is The Maximum Size Of A Single Lv?
Ans:
For 2.4 based kernels, the maximum LV size is 2TB. For 32-bit CPUs on 2.6 kernels, the maximum LV size is 16TB. For 64-bit CPUs on 2.6 kernels, the maximum LV size is 8EB.

Q. If A Volume Group Named As Vgname Already Exists But We Need To Extend This Volume Group Up To 4gb. Explain All Steps?
Ans:
Firstly, create Physical volume (/dev/sdaX, where X is the partition number) of size 4GB.
Now run following command: # vgextend vgname /dev/sdaX

Q. If A Volume Group Vgname Have 3 Pv’s (/dev/sda5, /dev/sda6, /dev/sda7) But We Want To Remove /dev/sda7 Pv From This Vgname?
Ans:
# vgreduce vgname /dev/sda7

Q. Which Command Is Used To Extend A Logical Volume?
Ans:
# lvextend -size +<addsize> /dev/<vgname>/<lvname>

resize2fs /dev/<vgname>/<lvname>

Q. What Is The Partition Type Number For Swap, Raid And Lvm?
Ans:
SWAP (82), RAID (fd) and LVM (8e)

Q. How To Add A Disk To A Volume Group?
Ans:
suppose disk is /dev/sdb
# pvcreate /dev/sdb
# vgextend <vgname> /dev/sdb

Q. How To Remove A Disk From A Volume Group?
Ans:
Syntax:

# vgreduce <vgname> <disk>
Example:
# vgreduce vgname /dev/sdb

Q. How To Backup New Lvm Data Structures?

Ans:

# vgcfgbackup /dev/vgname

Q. Is It Possible To Increase The Logical Volume On Fly?

Ans:
Yes. LVM has the feature to increase the volume without unmount it.

Q. How To Reduce The Logical Volume? Is It Possible To Reduce On Fly?

Ans:
No. we can't reduce the logical volume on fly. Here is the steps to reduce the logical volume.

Un-mount the filesystem
Run e2fsck on the volume device
Reduce the Filesystem using resize2fs
Reduce the logical Volume using lvreduce
Mount the filesystem back for production.
Q. How Do You Scan The New Lun Or Disk?

Ans:
Use "echo 1 > /sys/class/scsi_host/hostx/scan" to scan disk from newly connected SAN or DISKS and also replace the "x" with number of host id present under /sys/class/scsi_host/.

Q. How To Scan Disks For Existing Volume Group?

Ans:
Use "vgscan" to scan existing volume group from newly connected SAN or DISKS.
But we should use "pvscan" prior to executing this command.

Q. How To Scan A Logical Volume From Exising Volume Group?

Ans: lvscan

Q. How To Stop The Logical Volume? Or Deactivate The Logical Volume?

Ans: "lvchange -an /dev/vg_name/lv_name"

Q. How To Activate The Logical Volume Which Is In Deactivated State?

Ans: "lvchange -ay /dev/vg_name/lv_name".

Q. How To Disable The Volume Group? Or Deactivate The Volume Group?

Ans: "vgchange -an volume_group_name".

Q. How To Enable The Volume Group? Or Activate The Volume Group?
Ans: "vgchange -ay volume_group_name" .

Q. How Do You Find That What Are The Disks Are Used For Logical Volume Mirroring?
Ans: use "lvs -a -o +devices"

Q. What Are Steps To Perform In Order To Increase The Logical Volume On Fly?

Ans:
Extend the logical volume
Increase the Filesystem size
Verify the status using df command or lvs command.
Q. How To List The Imported Volume Groups?

Ans:Use "vgs" command to display the imported volume group.

Q. How To Create Partition From The Raw Disk ?

Ans:
Using fdisk utility we can create partitions from the raw disk.Below are the steps to create partition from the raw dsik :

fdisk /dev/hd* (IDE) or /dev/sd* (SCSI)
Type n to create a new partition
After creating partition , type w command to write the changes to the partition table.
Q. What Does Sar Provides And At Which Location Sar Logs Are Stored ?

Ans:
Sar Collect, report, or save system activity information. The default version of the sar command (CPU utilization report) might be one of the first facilities the user runs to begin system activity investigation, because it monitors major system resources. If CPU utilization is near 100 percent (user + nice + system), the workload sampled is CPU­bound.

By default log files of Sar command is located at /var/log/sa/sadd file, where the dd parameter indicates the current day.

Q. How To Reduce Or Shrink The Size Of Lvm Partition ?

Ans:
Below are the logical Steps to reduce size of LVM partition :

Umount the filesystem using umount command, ­use resize2fs command ,
e.g resiz2fs /dev/mapper/myvg­mylv 10G ­Now use the lvreduce command ,
e.g lvreduce ­L 10G /dev/mapper/myvgmylv

Above Command will shrink the size & will make the filesystem size 10GB.

Q. How To Increase The Size Of Lvm Partition ?
Ans:

Below are the Logical Steps :

Use the lvextend command (lvextend ­L +100M /dev/<Name of the LVM Partition> , in this example we are extending the size by 100MB.
resize2fs /dev/<Name of the LVM Partition>
check the size of partition using ‘df ­h’ command

Q. Why Lvm Is Required?

Ans:
LVM stands for Logical Volume Manager , to resize filesystem's size online we required LVM partition in Linux. Size of LVM partition can be extended and reduced using the lvextend & lvreduce commands respectively.

Q. How To Create Partition From The Raw Disk?
Ans:
Using fdisk utility we can create partitions from the raw disk.Below are the steps to create partition from the raw disk :

fdisk /dev/hd* (IDE) or /dev/sd* (SCSI)
Type n to create a new partition
After creating partition , type w command to write the changes to the partition table.
Q. How To Decommission/remove Lvm Completely From The Host?

Ans:
Un-mount all the logical filesystems
Remove the logical volumes using "lvremove" command.
Destroy the volume group using "vgremove" command.
Use "pvremove" command remove the physical volumes from the system.
Q. If The Vg02 Has Two Physical Volumes Called /dev/sdc/ & /dev/sdd. How Do You Remove /dev/sdd From Vg02?
Ans:
"vgreduce vg02 /dev/sdd/"

Q. Assume Volume Group "vg02" Is Already Exists. How Do You Extend The Volume Group With 50gb? Provide All The Steps With Commands?
Ans:

Get the 50GB lun from storage team.(/dev/sdd)
Create physcical volume ( # pvcreate /dev/sdd )
Extend the volume group (# vgextend vg02 /dev/sdd)
Q. How To Extent The Volume Group?
Ans:

Using "vgextend" we can increase the volume group.

Q. What Are The Steps Involved To Create The Logical Volume From Scratch?
Ans:
Create a physical volume using pvcreate command: #pvcreate /dev/sdc
Create a volume group using "vgcreate" command: #vgcreate vg02 /dev/sdc
Create a logical volume using "lvcreate" command: #lvcreate -L 100M -n vol1 vg02
Create a filesystem on logical volume using mkfs command: #mkfs -t ext4 /dev/vg02/vol1
Mount the filesystem using mount command for use: #mount -t ext4 /dev/vg02/vol1 /vol1

Q. How Are Snapshots In Lvm2 Different From Lvm1 In Redhat Linux?
Ans:LVM1 snapshots are readonly by default where LVM2 snapshots were read/write.

Q. What Is Lvmdump?

Ans:"lvmdump" is tool for LVM2 to collect the various information for diagnostic purposes.By default, it creates a tarball suitable for submission along with a problem report

Q. How To Re-create The Device Files For Lvm Volumes?

Ans:Run "vgmknodes" to recreate the LVM devices files.

Q. How To Take A Lvm Configuration Backup?

Ans:Use "vgcfgbackup vg_name" to take the latest configuration backup of volume group. The default volume group backup location is "/etc/lvm/backup" .

Q. How To Rename Volume Group? Can We Rename The Vg On Fly?

Ans:Yes. Its possible to rename the volume group on fly. But the mounted volumes will not reflect the same unless you re-mount the volume with new VG name. Need to update the /etc/fstab with new VG name to mount the volumes across the system reboot.

Q. How To See The Detailed Physical Volume Information?

Ans:Use "pvdisplay /dev/disk_name"  Ex: pvdisplay /dev/sde

Q. How To See The Detailed Logical Volume Information?

Ans:Use "lvdisplay /dev/vg_name/lv_name"

Q. How To See The Detailed Volume Group Information?

Ans:Use "vgdisplay vg_name"

Q. How To List The Available Physical Volumes In Lvm?

Ans:Use "pvs" command to list the available physical volumes.

Q. How To List The Available Logical Volumes On The System?

Ans:Use "lvs" command to list the available logical volumes on the system.

how to make inactive lvm active

If any how reasons your lvm becomes active state to inative state then we need to use below commands to make lvm active.

root@server ~]# lvchange -a y mylv

[root@server ~]# mount /dev/myvg/mylv /mnt
[root@server ~]# df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/yourvg/yourlv    24507776        32  24507744   1% /mnt
/dev/myvg/mylv        24507776        32  24507744   1% /mnt