- all process run in /proc
ls /proc- We can see what command is used to run the process
cat /proc/<process_id>/cmdline- process std std error log can be found in
cat /proc/<process_id>/fd/1
cat /proc/<process_id>/fd/2Month: September 2022
read std logs of process with pid
- Get process id
ps -ef | grep process_name- Go to process root direcotry
#stdout
tail -f /proc/<process_id>/fd/1
#stderror
tail -f /proc/<process_id>/fd/2Remove weak Ciphers SSL – nginx
GCM is preferred over CBC
- Verify with cipher is being used?
nmap --script ssl-enum-ciphers -p 443 example.com- update nginx.conf
ssl_ciphers HIGH:!aNULL:!MD5!TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;Implement HTTPOnly and Secure Cookie
- Added header in nginx.conf
add_header Set-Cookie "Path=/; HttpOnly; Secure";
- How to verify?
Developer tool > Application > Storage > Cookies
Backup and Restore etcd snapshot for Kubernetes
- Create a deployment to verify the restore in the end
k create deploy nginx-test --image=nginx2. Update the cert path as per /etc/kubernetes/mainifest/etcd.yaml
ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:2379 \
--cacert=<trusted-ca-file> \
--cert=<cert-file> --key=<key-file> \
snapshot save /tmp/etcd.backup2. Stop kubelet
systemctl stop kubelet3. Stop kube-api and etcd
mv /etc/kubernetes/manifests/kube-apiserver.yaml /root/
mv /etc/kubernetes/manifests/etcd.yaml /root/4. Restore the etcd.backup
ETCDCTL_API=3 etcdctl --endpoints 127.0.0.1:2379 snapshot restore etcd.backupIt will create “default.etcd” directory in current directory
[root@lp-k8control-1 etcd]# ls default.etcd/
member5. Look at /etc/kubernetes/manifests/etcd.yaml etcd-data (/var/lib/etcd) directory path
[root@lp-k8control-1 default.etcd]# ls /var/lib/etcd
member6. Copy member directory content from default.etcd to /var/lib/etcd
7. Start kube-api and etcd
mv /root/kube-apiserver.yaml /etc/kubernetes/manifests/kube-apiserver.yaml
mv /root/etcd.yaml /etc/kubernetes/manifests/etcd.yaml8. Restart kubelet service
systemctl restart kubelet9. Verify if nginx deployment we created in step 1 is restored
k get deploySwitch relay with Raspberry pi + Arduino Uno
The 5V Relay switch require that i have require around 52mA current to work properly.
- Raspberry pi max GPIO current with 5v Relay = ?
- Arduino pin 13 current with 5v Relay = 38.5mA
- Arduino pin 13 + 12 current with 5v Relay = 45 mA
- Arduino pin 13 + 12 + 2 current with 5v Relay = 47.3 mA ( This worked )
So Now i can use Arduino as a switch on/off. Also I needed this switching to be based on some external events. So I used Aurdino Pin 2 as INPUT pin and added one 2.7K ohm resistor to from pin2 to Ground.
int status = 0;
void setup() {
pinMode(13, OUTPUT);
pinMode(12, OUTPUT);
pinMode(2, INPUT);
}
void loop() {
status = digitalRead(2);
if (status == HIGH) {
digitalWrite(13, HIGH);
digitalWrite(12, HIGH);
digitalWrite(8, HIGH);
}
else {
digitalWrite(13, LOW);
digitalWrite(12, L0W);
digitalWrite(8, LOW);
}
}Switch ON = 7PM
Switch OFF = 12AM
- added Cronjob on Raspberry Pi 4
0 19 * * * /usr/bin/python3.8 /opt/led.py on
0 0 * * * /usr/bin/python3.8 /opt/led.py onled.py
import RPi.GPIO as GPIO
from time import sleep
import sys
GPIO.setwarnings(False)
GPIO.setmode(GPIO.BCM)
GPIO.setup(21, GPIO.OUT, initial=GPIO.LOW)
if sys.argv[1] == "on":
GPIO.output(21, GPIO.HIGH)
#print("on")
exit()
elif sys.argv[1] == "off":
GPIO.output(21, GPIO.LOW)
#print("off")
exit()
