Go Immutable,
Go Serverless,
Go Stateless,
Go Single thread,
Go Fail Fast,
Be Agile

=>

Get HA, (Load Balancing, Fault Tolerance, Resiliency)
Get Elastic Grow, (High Scalability)
Get Distributed Deploy,
Get Modularity,
Get Infrastructure Usage Optimization


docker run -d -p 6666:1521 -p 8181:81 -v /home/ubuntu/h2-store:/opt/h2-data --name=H2Instance oscarfonts/h2

Que fácil, NO?

Esta secuencia es la requerida para instalar java 8 manualmente:

mkdir /home/ubuntu/tempporal
cd /home/ubuntu/temporal


wget http://gustavo-arellano.com/jdk-8u121-linux-x64.gz
tar -xzvf jdk-8u121-linux-x64.gz
sudo mkdir /usr/java
sudo mv jdk1.8.0_121 /usr/java/
cd /usr/java/
sudo ln -s jdk1.8.0_121 current
sudo update-alternatives --install "/usr/bin/java" "java" "/usr/java/current/bin/java" 1
sudo update-alternatives --install "/usr/bin/javac" "javac" "/usr/java/current/bin/javac" 1


cd /home/ubuntu/temporal


wget http://www-us.apache.org/dist/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz
tar -xzvf apache-maven-3.3.9-bin.tar.gz
sudo mkdir /usr/maven
sudo mv apache-maven-3.3.9 /usr/maven/
cd /usr/maven/
sudo ln -s apache-maven-3.3.9 current
sudo update-alternatives --install "/usr/bin/mvn" "mvn" "/usr/maven/current/bin/mvn" 1


cd /home/ubuntu/
java -version
javac -version
mvn -version

Cheers,
Goose

Contenedor Docker para Jomla

docker run -v /home/ec2-user/temporal:/var/www/html -p 10003:80 -e JOOMLA_DB_HOST=54.205.148.178:3306 -e JOOMLA_DB_USER=garellano -e JOOMLA_DB_PASSWORD=secreto -d gustavoarellano/joomla-1

Los siguientes comandos fueron probados únicamente en UBUNTU 16.10:

openssl genpkey -algorithm RSA -out rafaCA.key -pkeyopt rsa_keygen_bits:1024
(genera rafaCA.key —> que es la llave privada)

openssl rsa -pubout -in rafaCA.key -out rafaCA.pem
(con rafaCA.key genera rafaCA.pem —> que es la llave pública)

openssl req -key rafaCA.key -new -out rafaCA.csr
(con rafaCA.key genera rafaCA.csr —> Request del certificado… Este paso no es realmente necesario para efectuar el siguiente)

openssl req -key rafaCA.key -new -x509 -days 365 -out rafaCA.crt
(con rafaCA.key genera rafaCA.crt —> Certificado)

Lo anterior genera los siguientes 4 archivos.
Los importantes son: .key, .pem y .crt

Listo !!!!

Cheers,
Goose

PD
También me ha servido: (y creo que mas)
openssl req -new > llave.csr
openssl rsa -in privkey.pem -out llave.key
openssl x509 -in llave.csr -out llave.cer -req -signkey llave.key -days 1001

When asking a question about a problem caused by your code, you will get much better answers if you provide code people can use to reproduce the problem. That code should be…

…Minimal – Use as little code as possible that still produces the same problem
…Complete – Provide all parts needed to reproduce the problem
…Verifiable – Test the code you’re about to provide to make sure it reproduces the problem

Minimal

The more code there is to go through, the less likely people can find your problem. Streamline your example in one of two ways:

Restart from scratch. Create a new program, adding in only what is needed to see the problem. This can be faster for vast systems where you think you already know the source of the problem. Also useful if you can’t post the original code publicly for legal or ethical reasons.
Divide and conquer. When you have a small amount of code, but the source of the problem is entirely unclear, start removing code a bit at a time until the problem disappears – then add the last part back.

Minimal and readable

Minimal does not mean terse – don’t sacrifice communication to brevity. Use consistent naming and indentation, and include comments if needed to explain portions of the code. Most code editors have a shortcut for formatting code – find it, and use it! Also, don’t use tabs – they may look good in your editor, but they’ll just make a mess on Stack Overflow.
Complete

Make sure all information necessary to reproduce the problem is included:

Some people might be prepared to load the parts up, and actually try them to test the answer they’re about to post.
The problem might not be in the part you suspect it is, but another part entirely.

If the problem requires some server-side code as well as an XML-based configuration file, include them both. If a web page problem requires HTML, some JavaScript and a stylesheet, include all three.
Verifiable

To help you solve your problem, others will need to verify that it exists:

Describe the problem. “It doesn’t work” is not a problem statement. Tell us what the expected behavior should be. Tell us what the exact wording of the error message is, and which line of code is producing it. Put a brief summary of the problem in the title of your question.

Eliminate any issues that aren’t relevant to the problem. If your question isn’t about a compiler error, ensure that there are no compile-time errors. Use a program such as JSLint to validate interpreted languages. Validate any HTML or XML.

Ensure that the example actually reproduces the problem! If you inadvertently fixed the problem while composing the example but didn’t test it again, you’d want to know that before asking someone else to help.

It might help to shut the system down and restart it, or transport the example to a fresh machine to confirm it really does provide an example of the problem.

mvn archetype:generate -B \
	-DarchetypeGroupId=mx.com.metasoft \
	-DarchetypeArtifactId=skeleton-archetype \
	-DarchetypeVersion=2.0.17-RELEASE \
	-DarchetypeRepository=http://52.91.168.238:8081/repository/maven-releases \
	-DgroupId=uk.org.queen \
	-DartifactId=king \
	-Dversion=0.0.1-SNAPSHOT \
	-Dpackage=uk.org.queen.king

Una sola vez:

sudo addgroup special
sudo echo "# Special users doing sudo without password" | sudo tee -a /etc/sudoers 
sudo echo "%special ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers 

Para cada usuario: (en este caso es el usuario llamado “prueba”)

sudo useradd -m -c "adding user prueba" -G special -s /bin/bash prueba
sudo echo "Hacer sudo su prueba -l"
sudo echo "Hacer ssh-keygen -t rsa"
sudo echo "Hacer cat id_rsa.pub >> authorized_keys"
sudo echo "Exportar archivo 'id_rsa' que será nuestra llave privada para acceder"

Para borrar totalmente a ese usuario:

sudo userdel -r prueba

Este post indica como instalar un cluster de cassandra con mas de un nodo. Asumo que la máquina en donde se va a instalar es un Ubuntu 16.04 obtenido de AWS:

sudo sh -c "echo 'LC_ALL=en_US.UTF-8\nLANG=en_US.UTF-8' >> /etc/environment"
sudo apt-get update
sudo apt-get install python2.7
sudo apt-get install default-jdk
    
sudo groupadd cassandra
sudo useradd -d /home/cassandra -s /bin/bash -m -g cassandra cassandra
sudo su cassandra -l
wget http://www-eu.apache.org/dist/cassandra/3.9/apache-cassandra-3.9-bin.tar.gz
tar -xzvf apache-cassandra-3.9-bin.tar.gz
nano apache-cassandra-3.9/conf/cassandra-env.sh
nano apache-cassandra-3.9/conf/cassandra.yaml

Posterior a los 11 comandos anteriores, hay que editar el archivo:

CASSANDRA_HOME/conf/cassandra.yaml

los cambios son los siguientes:

. . .
cluster_name: 'GooseDOCluster'
. . .
seed_provider:
  - class_name: org.apache.cassandra.locator.SimpleSeedProvider
    parameters:
         - seeds: "your_server_ip,your_server_ip_2,...your_server_ip_n"
. . .
listen_address: your_server_ip
. . .
rpc_address: your_server_ip
. . .
endpoint_snitch: GossipingPropertyFileSnitch
. . .

Yo puse las IP’s internas en cada : “your_server_ip” porque las externas (o públicas) no me funcionaron.
Ahora hay que reiniciar el servicio. Todos los binarios se encuentran en CASSANDRA_HOME/bin

Si llegara a haber algún problema de conexión, se tendrá que editar el archivo cassandra-env.sh reemplazando el hostname por el IP interno de la máquina:

JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=[host_name]"

Listo !!!

Me encontré con algunas problemáticas pequeñas en la instalación del balanceador HAProxy, así que decidí documentarlas para que no me vuelva a pasar esto.

1.- Instalar con apt:

sudo apt-get install haproxy

2.- Activar el servicio agregando la siguiente linea en el archivo /etc/default/haproxy:

ENABLED=1

3.- Dejar el archivo /etc/haproxy/haproxy.cfg de la siguiente manera:

global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL). This list is from:
        #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
        ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
        ssl-default-bind-options no-sslv3

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http


listen nodejs
    bind 0.0.0.0:9999
    mode http
    stats enable
    stats uri /haproxy?stats
    stats realm Strictly\ Private
    stats auth admin:hardToGuess
    stats auth ubuntu:veryHardToGuess
    balance roundrobin
    option httpclose
    option forwardfor
    server first-server 172.17.0.2:3333 check
    server second-server 172.17.0.3:3333 check

4.- Reiniciar el servicio:

sudo service haproxy restart

Si en efecto, tienes levantados dos servidores (172.17.0.2 y 172.17.0.3) y expones servicios en sus respectivos puertos 3333, podrás verlos en acción en la IP de tu máquina con HAProxy y puerto 9999.

Como dato interesante, si vas a: http://localhost:9999/haproxy?stats y te firmas como “admin” con password “hardToGuess”, podrás ver la página de estadístcas !!!!!!

Saludos,
Goose

© 2017 Goose Workshop Suffusion theme by Sayontan Sinha