Friday 10 May 2024

Remove Kubernetes Residues

df -h

sudo systemctl stop kubelet

sudo rm /usr/bin/kubelet

sudo rm -rf /etc/kubernetes

sudo rm /etc/systemd/system/kubelet.service  # If kubelet is managed by systemd

sudo rm -rf /var/lib/kubelet

sudo rm /var/lib/rancher/rke2/agent/logs/kubelet.log

sudo systemctl disable kubelet


df -h

yum remove containerd

yum remove rancher

rm -rf /var/lib/rancher/rke2

rm -rf /var/lib/rancher/

find / -name k3s-uninstall.sh

df -h



/usr/local/bin/k3s-uninstall.sh

Posted by at No comments:

Friday 23 February 2024

Putty Shortcut with auto login

 "C:\Program Files\PuTTY\putty.exe" -ssh <username>@<IP address> -pw <password

Posted by at No comments:

Monday 15 January 2024

Vertica Certificate

Server Mode

Important Files:

  1. root.crt > CA File (Self Signed) that we have used to sign the server certificate.
  2. server.crt > Certificate file of server
  3. server.key >> Private Key of server.

Steps of SSL Authentication:
  1. Client will send Hello to Server.
  2. Server will send acknowledgement to client along with the Server.crt and the server.crt file will contain the public key and certificate of the server. Certificate is used to verify that the server is correct.
  3. Client will use the public key of server to encrypt the information sent to server.
  4. Server will use its Private Key to encrypt the information sent by the client.

Mutual Mode:
  1. In Mutual Mode the client also has its own certificate file and private file.
  2. Client's certificate will be loaded into the server and server's certificate will be loaded into the client.
Modes: There are 7 modes in SSL which are as follows:

  1. Root Certificate (self signed CA Certificate) = SSL CA File
  2. Verify-full = verify CA  + hostname
  3. Verify CA = provide CA Certificate
  4. Require =  Normal SSL. Don't need to provide any file
  5. Prefer = On failure it will (Clear Channel / Plain Text) but in require fail means fail
  6. Allow = First Clear Channel then SSL.
  7. Disable = Disable SSL
How to Verify:
  1. "select * from sessions" will show "ssl_state" as server means ssl is enabled. None means ssl is disabled and Mutual means SSL is in Mutual Mode. tls_version will also contains "TLSv1.2".
  2. When starting vsql, we will get some information regarding SSL enabled DB which says "SSL connection (cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, protocol: TLSv1.2)".
Enable TLS in Vertica:

In versions 10.0.1 or later, Vertica provides In-Database Cryptographic Key and Certificate Management, which allows database administrators to manage keys and certificates in Vertica. Use the following operations to create a self-signed key:

  1. Generate the server key (private key). The following generates a 2048bit RSA private key.
CREATE KEY server_key TYPE 'RSA' LENGTH 2048;

  1. You can see the generated private key in the cryptographic_keys table.

SELECT name, type, length, key FROM cryptographic_keys WHERE name = 'server_key';
    name    | type | length |               key
------------+------+--------+---------------------------------
 server_key | RSA  |   2048 | -----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAtTQfGE8yXzz9vkz399oovOwOm2vq1iZlkbclJ7+xqdv0hCkU
.....
ip2TYY4qjRg7QE6Zzzv3eGauAIG0SxT19rfvUOnWlQ5/N/UceXC7
-----END RSA PRIVATE KEY-----

  1. Create a self-signed CA certificate.

CREATE CA CERTIFICATE ca_cert
SUBJECT '/C=IN/ST=UP/L=IN/O=OT/OU=OT/CN=Vertica Root CA'
VALID FOR 365
EXTENSIONS 'authorityKeyIdentifier' = 'keyid:always,issuer', 'nsComment' = 'Vertica generated root CA cert' 

KEY server_key;

  1. You can also see the generated certificate in certificates table.

SELECT name, expiration_date, subject, serial, certificate_text FROM certificates WHERE name = 'ca_cert';
-[ RECORD 1 ]----+-------------------------------------------------------------------------------------
name             | ca_cert
expiration_date  | 2022-03-12 08:18:32+09
subject          | C = country_code, ST = state_or_province, L = locality, O = organization, OU = org_unit, CN = Vertica Root CA
serial           | 02:BB:83:5D:4A:90:02:E1:4C:A1:9E:C3:07:D3:55:EB:F2:C3:FF:69
certificate_text | -----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgIUAruDXUqQAuFMoZ7DB9NV6/LD/2kwDQYJKoZIhvcNAQEL
.....
UW6DAcSHlDpT4+5b6L/HznN/Y/SNxUiftWXS1cUaRKJmtMIkoGPo4bGVDQ==
-----END CERTIFICATE-----

 

  1. Generate and sign the server certificate with the self-signed CA certificate.

CREATE CERTIFICATE server_crt
SUBJECT '/C=IN/ST=UP/L=IN/O=OT/OU=OT/CN=vertica-64/emailAddress=vgarg@opentext.com'
SIGNED BY ca_cert
EXTENSIONS 'authorityKeyIdentifier' = 'keyid:always,issuer', 'nsCertType' = 'server',
'extendedKeyUsage' = 'serverAuth',
'subjectAltName' = 'DNS.1:vertica-64,IP:10.20.73.64'
KEY server_key;
  1. => 
    SELECT name, expiration_date, subject, serial, certificate_text FROM certificates WHERE name = 'server_crt';
-[ RECORD 1 ]-----+---------------------------------------------------------------------------------------------------------------------
name              | server_crt
expiration_date   | 2022-03-22 08:36:17+09
subject           | C = country_code, ST = state_or_province, L = locality, O = organization, OU = org_unit, CN = verticadb, emailAddress = verticadb@vertica.com
serial            | 70:9B:BA:83:EE:8E:7F:DA:A3:F4:6C:E8:18:06:66:25:98:98:AB:17
certificate_text  | -----BEGIN CERTIFICATE-----
MIIENDCCAxygAwIBAgIUcJu6g+6Of9qj9GzoGAZmJZiYqxcwDQYJKoZIhvcNAQEL
.....
BtLYa+Dv8Fm2Eg68x+6iYT9usSVSWTQB
-----END CERTIFICATE-----

Configure Vertica to enable TLS server encryption

a. Vertica Version 11.0 or Later

In versions 11.0 or later, Vertica implements TLS CONFIGURATION objects, which manages the TLS configuration for Vertica.

1. Set the server certificate.

ALTER TLS CONFIGURATION server CERTIFICATE server_crt;

2. Enable the use of TLS on connections to the database.

ALTER TLS CONFIGURATION server TLSMODE 'ENABLE';

3. Check that the configurations were set correctly.

SELECT * FROM tls_configurations WHERE name = 'server';
  name  |  owner  | certificate | ca_certificate | cipher_suites |  mode
--------+---------+-------------+----------------+---------------+--------
 server | dbadmin | server_crt  |                |               | ENABLE

4. Verify TLS connection from vsql.

$ vsql
Welcome to vsql, the Vertica Analytic Database interactive terminal.
 
Type:  \h or \? for help with vsql commands
       \g or terminate with semicolon to execute query
       \q to quit
SSL connection (cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, protocol: TLSv1.2)

Export the Certificate
$ vsql -At -c "SELECT key FROM cryptographic_keys WHERE name = 'server_key';" -o server.key
$ vsql -At -c "SELECT certificate_text FROM certificates WHERE name = 'server_crt';" -o server.crt
$ vsql -At -c "SELECT certificate_text FROM certificates WHERE name = 'ca_cert';" -o ca.crt
Posted by at No comments:

Thursday 14 December 2023

Oracle Analytics Server setup

 https://www.youtube.com/watch?v=gG2aF3un9-U&ab_channel=datawithsatish



https://www.rittmanmead.com/blog/2020/02/oracle-analytics-server-step-by-step-installation/




Installed through RPM

https://www.youtube.com/watch?v=OSeu34Q8U58

select * from v$database;

Oracle_home: cat /etc/oratab



[oracle@part15 ~]$ cat /etc/oratab
#



# This file is used by ORACLE utilities.  It is created by root.sh
# and updated by either Database Configuration Assistant while creating
# a database or ASM Configuration Assistant while creating ASM instance.

# A colon, ':', is used as the field terminator.  A new line terminates
# the entry.  Lines beginning with a pound sign, '#', are comments.
#
# Entries are of the form:
#   $ORACLE_SID:$ORACLE_HOME:<N|Y>:
#
# The first and second fields are the system identifier and home
# directory of the database respectively.  The third field indicates
# to the dbstart utility that the database should , "Y", or should not,
# "N", be brought up at system boot time.
#
# Multiple entries with the same $ORACLE_SID are not allowed.
#
#
ORCLCDB:/opt/oracle/product/19c/dbhome_1:N
[oracle@part15 ~]$ . orainv
-bash: orainv: No such file or directory
[oracle@part15 ~]$ . oraenv
ORACLE_SID = [oracle] ? ORCLCDB
The Oracle base has been set to /opt/oracle
[oracle@part15 ~]$ echo $ORACLE_HOME
/opt/oracle/product/19c/dbhome_1

Posted by at No comments:

Sunday 10 December 2023

Oracle Setup

 https://r2schools.com/how-to-install-oracle-database-19c-on-oracle-linux-or-rhel-8-step-by-step/


2) wget https://public-yum.oracle.com/repo/OracleLinux/OL8/appstream/x86_64/getPackage/oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm

5) yum install ksh libaio-devel libnsl make nfs-utils xorg-x11-utils -y

6) rpm -i oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm (This will create user automatically)

7) passwd oracle

8) mkdir -p /u01/app/oracle/product/19.3/db_home

chown -R oracle:oinstall /u01

chmod -R 775 /u01


10) vi .bashrc


export CV_ASSUME_DISTID=OL7


export ORACLE_BASE=/u01/app/oracle

export ORACLE_HOME=/u01/app/oracle/product/19.3/db_home


#export ORACLE_SID=CDB


export LD_LIBRARY_PATH=\$ORACLE_HOME/lib:/lib:/usr/lib

export CLASSPATH=\$ORACLE_HOME/jlib:\$ORACLE_HOME/rdbms/jlib

export NLS_LANG=american_america.al32utf8

export NLS_DATE_FORMAT="yyyy-mm-dd:hh24:mi:ss"


PATH=$PATH:$HOME/.local/bin:$ORACLE_HOME/bin


export PATH


11) wget https://download.oracle.com/otn/linux/oracle19c/190000/LINUX.X64_193000_db_home.zip?AuthParam=1701689594_ed34b15e02ff20ba8b414b422feaf14d


mv LINUX.X64_193000_db_home.zip /u01/app/oracle/product/19.3/db_home/.


12) yum install -y xauth

13) yum install -y xclock

14) Open Putty enabling xforwarding.

15) Run xclock

16) su oracle

17) Run xclock (Initially it didn't worked but loging out and loging in twice make it worked. run xclock everytime you login)

18) Run install through oracle user.


Path to Note: /u01/app/oracle/product/19.3/db_home/dbs


export ORACLE_SID=orcl

sqlplus / as sysdba


1) sqlplus / as sysdba

2) STARTUP

3) ALTER DATABASE OPEN;

4) STARTUP MOUNT;



c##testuser >> test123


GRANT CREATE SESSION TO C##TESTUSER;

GRANT ALL PRIVILEGES TO c##testuser;


sqlplus c##testuser/test123@//localhost:1521/orcl

sqlplus / as sysdba

ps -ef | grep smon


SHUTDOWN IMMEDIATE

lsnrctl status


To make it working with network, edit the listener file:

/u01/app/oracle/product/19.3/db_home/network/admin/listener.ora

change localhost with IP Address. Restart DB and restart listener.

select username from dba_users;


show pdbcs; > for getting all PDBS DBs in Oracle

Posted by at No comments:

Wednesday 5 July 2023

Enable Copy Paste in VM

 From the vCenter Server HTML5 Web Client:

  1. Power off the VM.
  2. Enable the Copy & Paste for the Windows/Linux virtual machine:
    1. Right-click the virtual machine and click Edit Settings.
    2. Click the VM Options tab, expand Advanced, and click Edit Configuration.
    3. Click on Add Configuration Params three times to give three rows
    4. Fill in the Name and Value fields as mentioned below:
Name:                                 Value:
isolation.tools.copy.disable          FALSE
isolation.tools.paste.disable         FALSE
isolation.tools.setGUIOptions.enable  TRUE
    1. Click OK to save and exit out of the Configuration Parameters wizard. Note: These options override any settings made in the guest operating system’s VMware Tools control panel.
    2. Click OK to save and exit out of the Edit Settings wizard.
  1. Power on the VM
  2. Then use Copy/Paste directly on Windows/Linux/any other platform.
  3. For paste operation's target platform is Linux, Older X applications do not use a clipboard. Instead, they let you paste the currently selected text (called the "primary selection") without copying it to a clipboard. Pressing the middle mouse button is usually the way to paste the primary selection. For more information see Copying and pasting from a Windows guest to Linux host.


From the vCenter Server Flash Web Client.

  1. Power off the VM.
  2. Enable the Copy & Paste for the Windows/Linux virtual machine:
    1. Right-click the virtual machine and click Edit Settings.
    2. Click the VM Options tab, expand Advanced, and click Edit Configuration.
    3. Fill in the Name and Value fields as mentioned below. After entering each one, click the Add button. 
Name:                                 Value:
isolation.tools.copy.disable          FALSE
isolation.tools.paste.disable         FALSE
isolation.tools.setGUIOptions.enable  TRUE
    1. Click OK to save and exit out of the Configuration Parameters wizard. Note: These options override any settings made in the guest operating system’s VMware Tools control panel.
    2. Click OK to save and exit out of the Edit Settings wizard.
  1. Power on the VM
  2. Then use Copy/Paste directly on Windows/Linux/any other platform. 
  3. For paste operation's target platform is Linux, Older X applications do not use a clipboard. Instead, they let you paste the currently selected text (called the "primary selection") without copying it to a clipboard. Pressing the middle mouse button is usually the way to paste the primary selection. For more information see Copying and pasting from a Windows guest to Linux host.

Posted by at No comments:

Monday 3 July 2023

Restart Network

 systemctl restart NetworkManager.service

Posted by at No comments:
Subscribe to: Posts (Atom)