systemd ssh SOCKS proxy

By | March 6, 2018

There is nothing to say, just example..

cat /etc/systemd/system/ssh-scocks-proxy.service
Description=Socks proxy via SSH

ExecStart=/usr/bin/ssh -NTC -o ServerAliveInterval=30 -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no -i -D

# Restart every >2 seconds to avoid StartLimitInterval failure



Linux memory usage per user

By | March 10, 2016

if [[ "$1" = "-h" || "$1" = "--help" ]]
        echo "Usage: $(basename $0) [user]"
        echo ""
        echo "  -h [--help] - shows this help"
        exit 0

if [[ -z $1 ]]
        for i in `ps -e -o user --no-header | sort | uniq`; do
                echo "$i: $(ps -u $i  -o rss --no-header | paste -sd+ -| bc)KB"
        echo "$1: $(ps -u $1  -o rss --no-header | paste -sd+ -| bc) KB"

rsyslog – redirect program logs to separate file

By | March 3, 2016

There is nothing complicated – just create new configuration file and restart service:

echo "if $programname == 'program_name' then /var/log/*rogram_name.log
& ~" > /etc/rsyslog.d/program_name.conf

service rsyslog restart

“& ~” – means, do not duplicate infomation in general syslog file

bind9 log file Ubuntu

By | November 6, 2015

to forward log info from syslog to another file for bind9 server in Ubuntu you have to:

  1. add logging section in any name.conf* file:
    logging {
        channel bind_log {
        file "/var/log/named.log";
        print-time yes;
        print-category yes;
        print-severity yes;
        category default { bind_log;};
        category xfer-in { bind_log;};
        category xfer-out { bind_log;};
        category update { bind_log;};
        category security { bind_log;};
        category queries { bind_log;};
  2. update apparmor config by adding to file /etc/apparmor.d/usr.sbin.named
     /var/log/named.log rw, 
  3. apparmor_parser -r /etc/apparmor.d/usr.sbin.named
  4. service bind9 restart

Install docker-registry in openshift

By | October 27, 2015

there are a lot of docs regarding installation. I will post only commands here with very small comments.

  1.  if not exist:
    echo '{"kind":"ServiceAccount","apiVersion":"v1","metadata":{"name":"registry"}}' | oc create -n default -f -
  2. Add a line under users with the user name system:serviceaccount:default:registry in:
    oc edit scc privileged
  3. Create the registry and specify that it use the new registry service account:
    oadm registry --service-account=registry --config=/etc/origin/master/admin.kubeconfig --credentials=/etc/origin/master/openshift-registry.kubeconfig --latest-images
  4. in case you will use gluster storage (as me) to store registry. Create gluster endpoint file:
    apiVersion: v1
    kind: Endpoints
      name: gluster
    - addresses:
      - ip: 
      - port: 1

    oc create -f gluster_endpoint.yml

  5. Attach GlusterFS volume to the registry:
    oc volume dc/docker-registry --add --overwrite --name=registry-storage --mount-path=/registry --source='{"glusterfs": { "endpoints": "gluster", "path": "/gluster/volume/name"}}'
  6. Update dc to run privileged container by updating tag privileged: true in deploymentconfig docker-registry:
    oc edit dc docker-registry
  7. Making it visible from outside by adding tag hostNetwork: true in deploymentconfig docker-registry (after dnsPolicy: ClusterFirst):
    oc edit dc docker-registry
  8. once new pod created checking repository content:
    oc login
    oc whoami -t
    docker login -u username -e any_email_address -p token_value docker_registry_host:5000
    docker pull
    docker tag docker_registry_host:5000/current_namespace/ubuntu
    docker push docker_registry_host:5000/current_namespace/ubuntu

PS. Used links:
Openshift – v1.GlusterfsVolumeSource
Openshift – volume source type
Openshift – Managing Volumes
Openshift – Deploying a Docker Registry