• Java cut-down program:
  import java.rmi.*;
  ` `
  import com.microfocus.TestSystem.LUDIS.TestSystemLUDIS;
  ` `
  public class JeremyTest
{
  ` public static void main(String[] args) throws Exception { TestSystemLUDIS ludis = null; `
  ` System.setSecurityManager(new RMISecurityManager()); `
  ` ludis = (TestSystemLUDIS)Naming.lookup(“rmi://nwb-xtest/TestSystemLUDIS”); `
  ` } }`

• Perl & LWP (HTTP) - Oreilly
• Web Basics with LWP (including cookies)
• HTTP::Request (and other Perl classes)

• Load Balancer (level 4, i.e. TCP, not level 7):
  • gobetween
  • GoBetween can work with dnsmasq (also see my notes)
• md5:
  • Different ways to generate an md5 checksum:
    d:\sysinternals\sigcheck.exe -h c:\temp\appurl.exe
certutil.exe -hashfile c:\temp\appurl.exe md5
• SSH client (tabbed and with sftp client and XWindows server): https://mobaxterm.mobatek.net/
• Tree Size (free) download

• bginfo.exe
  Shared startup folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
  Command-line args: C:\SysinternalsSuite\Bginfo.exe /silent /nolicprompt /timer:0
  Original Windows wallpaper: C:\Windows\web\wallpaper\Windows\img0.jpg
• sigcheck.exe:
  • Check if a file is known to virustotal.com:
    d:\sysinternals\sigcheck.exe -v c:\temp\appurl.exe

• psexec.exe examples (of running remote commands)
• List processes including command-line:
  WMIC path win32_process get Caption,Processid,Commandline
WMIC /OUTPUT:C:\Process.txt path win32_process get Caption,Processid,Commandline
• List handles being used by all processes (Note: This matches the Threads and Handles counts in Task Manager): handle -s [-p processsname]

• IIS
  • Restart: iisrestart /noforce (see also here)
  • Windows Server 2016: The IIS service long name in services.msc is “World Wide Web Publishing Service” (the command-line short name is “W3SVC”).
  • vbscript to log something to the IIS response log file under C:\inetpub\log\ (NOTE: the client connection has to work):
    Response.AppendToLog "Database Being Accessed"
• SSH:
  • Using pscp.exe (from PuttyGen) to copy from Linux to Windows:
    pscp -pw mypssword hub@nwb-tpccrhes1:/var/mfcobol/es/TPCCVSAM/ESmonitor1.log .

• Event Log: Search System event log for Windows low disk space warning “disk is at or near capacity”:
  psloglist -s system | findstr c/:"capacity"
  (I’ve been unable to confirm this, but “capacity” is 200Mb free, or possibly when free space is less than 10% of the disk size).
• Size of a folder:
  PS C:\> Get-ChildItem -recurse "C:\temp\" | Measure-Object -Property Length -sum | Format-Table @{Label="Size MB"; Expression={[math]::Round($_.Sum / 1MB,2)}}
Size MB
-------
1882.14
• Free disk space on each drive:
  PS C:\> gwmi win32_logicaldisk | Format-Table DeviceId,Size,@{Label="Freespace MB"; Expression={[math]::Round($_.FreeSpace/1MB)}}
DeviceId Size Freespace MB
-------- ---- ------------
C: 506333229056 181282
D: 2000263573504 1722109
• Robocopy
  • robocopy syntax
  • Mirror directories (and preserve timestamps, for files and dirs):
    robocopy \\source_dir \\dest_dir /MIR /COPY:DT /DCOPY:DT /E
  • Copy specific files from the top-level folder (not subdirs):
    robocopy \\nwb-xtest\public\ D:\public\ /COPY:DT /DCOPY:DT /E /LEV:1 OpenJDK*
  • Non-mirror normal copy, with sub-dir and file not overwritten:
    robocopy \\nwb-xtest\c$\Inetpub\wwwroot\ C:\Inetpub\wwwroot\ /COPY:DT /DCOPY:DT /E /XD "aspnet_client" /XF "iisstart.htm"
  • Mirroring svn files (exclude “.svn” dirs, creation “C:\automation” dir, don’t list folder names:
    robocopy \\nwb-xtest\c$\automation\ C:\automation /MIR /COPY:DAT /DCOPY:DAT /E /XD ".svn" /NDL
  • My MF directory clone, but minus the .git folder:
    robocopy C:\Users\jclough\git\MF D:\MF /MIR /COPY:DT /DCOPY:DT /E /XD C:\Users\jclough\git\MF\.git
  • Compare the contents of two folders:
    robocopy "Folder1" "Folder2" /L /NJH /NJS /NP /NS
• SMB:
  • SMB1 decprecated by Windows (Note: Windows Server 2003 only supports SMB1)
    Note: If you need to add support for the SMBv1 protocol client-side, use appwiz.cpl and add/remove features.
• Windows symbolic links
  • A “junction” is a link to a target folder. Example (using the sysinternals tool “junction.exe”): junction.exe c:\users\jclough\My_Files "c:\users\jclough\OneDrive - Rocket Software, Inc\My_Files"
    And to later verify that this is a junction:
    junction.exe c:\users\jclough\My_Files
...
c:\users\jclough\My_Files: JUNCTION
    ` Substitute Name: c:\users\jclough\OneDrive - Rocket Software, Inc\My_Files`

• Show log history including code changes: svn log --diff
• Revert add’ed documents: svn revert
• List inherited svn properties (and their value):
  svn proplist --show-inherited-props -v .
• svn unencrypted password caching on Linux:
  Example file: /home/hub/.subversion/auth/svn.simple/65b1be3cfa4a989d76fe9c3b14b925b2
• Checkout a specific version of file (using Tortoise):
  1. Right click on your source file, and select “TortoiseSVN” -> “Show log”.
  2. Right click on a revision in the log, and select “Save revision to…”.
  3. Let the old revision overwrite your current file.
  4. Commit the overwritten source file.
• checkout:
  svn co http://nwb-svn/... --username=jc
svn --non-interactive --trust-server-cert --no-auth-cache --username fred --password bert co ...
• commit: svn commit --username jc -m"My change" scripts/compcob
  Note: We don’t seem to be using svn propset svn:executable ON compcob, which means executable permission is not preserved. See here
• Resolving conflicts
  Note: Using Tortoise “Resolve” does not commit anything. It should be enough to remove the “conflict” icon in Windows.
• Creating a branch:
  svn copy http://nwb-svn/mf/old/estest/trunk http://nwb-svn/mf/old/estest/branches/XXXXXXXXX -m"New branch"

• Anaconda (Python3.7 + Jupyter Notebook)
  • Declare a matrix of values (e.g. rather than import CSV)
  • Import a CSV file
  • “percentiles” explained
  • matplotlib graphs and datetime ticks
  • matplotlib and multiple graphs:
    • Example 1
    • Example 2
  • Disable a Cell (by making it raw) - instead of having to comment-out all the Python code: “esc and then r”

• One-liners:
  powershell -command "Get-Help .\pac_tpcc.ps1 -examples"
• Managing Windows scheduled tasks:
  Start|Enable|Disable-ScheduledTask -TaskName Execute
• Remoting - from execute_Test.ps1:
  Enable-PSRemoting -force
Set-Item WSMan:\localhost\Client\TrustedHosts $pair_IP -Force
Restart-Service WinRm
• See all the properties of an object:
  $date | Select-Object -Property *
• Get a property/member value (i.e. excluding the key “FullName”):
  $dir = [string](Get-ChildItem -Directory -Path "C:\TPCC5_1\LOAD Ramped*" | Sort CreationTime -Descending | Select-Object -First 1 FullName).FullName
• See the CLR (.NET) version being used by PS (this can be changed with a .config file): $PSVersionTable
• Creating in-built help usage
• Running command-line: powershell.exe -file Stop-Region.ps1 -Region VREG01 -Server localhost
• Preventing default parameter values from being overwritten with non-named parameter arguments:
  Declare the last parameter like this to catch-all the non-named parameters args…
  [Parameter(Mandatory=$False, Position=0)][Array]$RemainingNonNamedArgs
• Creating a function library file

• nginx
  • (YouTube) Nginx as a load balancer
  • Installation (Windows)
• Putty (and PuttyGen)

• awk:
  • Remove some columns: awk '{$6=$8=""; print $0}' file
• cut:
  • Display first x characters: cut -c 1-35 <file>
  • Cut the first x characters: cut -c 1-35 --completement <file>
• grep:
  • Treat binary file as text file: grep -a data fsstatus.log
• sed:
  • sed on a string (not a file) using a here string: sed "s/,/','/g" <<< "A,B,C"
  • Extract last section from multiple top outputs: COLUMNS=1024 top -b -d 1 -n 2 -c | sed -n 'H;/^top/h;\${g;p;}'
• sort
  • Sort numeric column 3 in CSV file: sort -t ',' -n -k 3,3 data.csv

• alternatives command (e.g. to set to a specific default Java version)
  • sudo alternatives --config java
  • Introduction to the alternatives command in Linux
  • To remove an alternatives entry: asroot alternatives --remove java /home1/hub/java11_64.ansible/jdk-11.0.20.1+1/bin/java
• User accounts:
  • Add user to sudoers
    One method is to add the user to wheel group: # usermod -aG wheel username. Now log in again as username and run groups command.
  • Create group: sudo groupadd ansible
  • Create user (also add user to sudoers via wheel group membership):
    sudo useradd -g ansible -G wheel ansible
  • Set password: passwd ansible
  • Remove prompt for password when using sudo (not most secure, but very handy for using ansible etc):
    Run visudo
    Comment-out and comment these lines, to leave them like this:

    ## Allows people in group wheel to run all commands
    #%wheel ALL=(ALL)       ALL
    ## Same thing without a password
    %wheel  ALL=(ALL)       NOPASSWD: ALL
    

    To test, running sudo id should return root

• Cron
• ps
  • Seeing all of the command-line: ps auxww | grep java
• System-wide LD_LIBRARY_PATH update:
  • LD_LIBRARY_PATH - how to update for a system service: Add the directory to /etc/ld.so.conf or a new file in /etc/ld.so.conf.d/, depending on distro. After that, you must run (at least on Redhat) ldconfig as root.
  • See also https://developer.ibm.com/technologies/linux/tutorials/l-lpic1-102-3/.
• System-wide PATH update:
  • See files in /etc/profile.d
• rpm:
  • List installed packages: rpm -qa
  • List files in an uninstalled rpm: rpm -qpl ./BaseOS/Packages/yum-utils-4.0.8-3.el8.noarch.rpm
  • List files in an installed rpm: rpm -ql postgresql12-server.x86_64 | grep conf
  • Idenitfy the package a file came from: rpm -qf /usr/bin/svn
  • Install an rpm, and automatically install any dependencies (via yum): yum --nogpgcheck localinstall VirtualBox-6.1-6.1.12_139181_el8-1.x86_64.rpm
• systemd:
  • Debug service startup faiure: journalctl -xe -u redis
  • List all services: systemctl list-unit-files | grep -i postgres or sudo systemctl list-units --type=service
  • Example config file path: /usr/lib/systemd/system/MFSafeNet.service
• top:
  • top -c and 200% cpu! (type shift+i to see shared per-cpu core usage): See here
  • Filter top output by process name: asroot top -c -p $(pgrep -d',' -f cascd) (see here
• yum:
  • Yum cheatsheet
  • List files in an uninstalled package:
    yum repoquery --list postgresql12-contrib.x86_64
  • List all available versions of each package, rather than the most recent version:
    yum --showduplicates --disablerepo="*" --enablerepo="pgdg10" list available
  • Install a package version that is not the most recent:
    yum --showduplicates --disablerepo="*" --enablerepo="pgdg10" install postgresql10-server-10.12
    Another example:
    yum --showduplicates --disablerepo="*" --enablerepo="pgdg10" install postgresql10-odbc-10.03.0000-1PGDG.rhel7
    Note: Take the package base name (e.g. “postgresql10-server”) and then add the version (e.g. “10.12”). See also here.

• Basic usage example:

  screen -S my-session bash
  ctrl+a d
  screen -ls
  screen -r my-session
  

• How to use Linux Screen
• Manual (gnu.org)
• Name session: screen -S session_name
• Name session using a screenfile: screen -S sentinel-demo -c ~/scripts/screenfile-sentinel-demo
• Rename the screen session (the name listed by “screen -ls”): Ctrl+a then type :sessionname MyNewSessionName
• Re-name a screen window’s title: Hit Enter to open that window, and then ctl+a + shift+a
• Detach: Ctrl+a then d
• List sessions: screen -ls
• Re-attach to session: screen -r <name> or <pid>

• Configure Red Hat EL 8 on Windows Hyper-V
• Firewall management using firewalld
• ksmtuned can hog CPU
• Red Hat Networking Guide
• Network configuration GUI: nmtui (see also nmcli)
  • If you edit the details of an interface (E.g. the search domains for ens192), then it will update a file such as: sysconfig/network-scripts/ifcfg-ens192
  • To re-generate /etc/resolv.conf after updating the search domains, you can run this: asroot systemctl restart NetworkManager
  • If ifup ... fails, you can try asroot nmcli device connnect ens192
• Version: cat /etc/os-release
• Check network status: asroot systemctl -l status network.service

• List threads:
  ps -p <pid> -L
• environment variables in a process:
  [rhel7tpcc-hub]cat /proc/29640/environ | tr '\0' '\n' | grep COBPATH
COBPATH=/home/hub/pkg_260324_es/lib/es
• pstree:
  • See child processes: pstree -pa (see also /proc/<parent-pid>/task/)
• Redirecting to stdout and stderr:
  • script:
    echo "hello world stdout"
echo "hello world stderr" >&2
echo "hello world tty" >/dev/tty
• shared memory:
  • ipcs command
• signals:
  • https://www-uxsup.csx.cam.ac.uk/courses/moved.Building/signals.pdf
  • SIGABRT (6): The program called the abort() function. This is an emergency stop.
  • SIGSEGV (11): An attempt was made to access memory not allocated to the process. This is often caused by reading off the end of arrays etc.
• strace:
  • Follow child processes (-ff), capture child process output in separate files (-o), and don’t truncate the strings (-v -s 1024):
    strace -v -s 1024 -o test -ff casstart /rTPCCDBFH /uSYSAD /pSYSAD
    See also: https://www.thegeekstuff.com/2011/11/strace-examples/
• sysctl (configure kernel parameters at runtime):
  • Updating /etc/sysctl.conf:
    1. Use sysctl -a to get the full name.
    2. Add the new value to /etc/sysctl.d/99-custom.conf (Note: On my system, this is a symbolic link to /etc/sysctl.conf).
    3. Reboot (alternatively, to avoid the reboot for now, run: sysctl -p /etc/sysctl.d/99-custom.conf).
• UID/GID of running process:
  cat /proc/<PID>/status (the first two values are real and then effective id)
Uid: 0 0 0 0
Gid: 1 1 1 1
• ulimit:
  • Soft and Hard limits:
    # ulimit -u -S
# ulimit -u -H
  • Nice examples (from Oracle install)
  • General procedure: edit /etc/security/limits.conf (and/or files in /etc/security/limits.d) and then run sysctl -p
  • Names of common items to change
  • Check used network socket counts using lsof:
    [nwb-tpccrh76es2-hub]asroot lsof -a -U -uhub |wc -l
17
[nwb-tpccrh76es2-hub]for i in {1..1000}; do curl localhost:8222/esmac/casrdo00 >nul 2>&1; done
[nwb-tpccrh76es2-hub]asroot lsof -a -U -uhub |wc -l
• gdb:
  • Attach: gdb -p <pid>
  • List threads: (gdb) info threads
  • Switch to thread: (gdb) thread <num>
  • Show strack trac: (gdb) backtrace

• iftop: Displays per-network-connection traffic every 2,10,40 seconds:
  iftop -n -N -P -i ens192 -f 'port 9223' -t -L 15
  (remove “-t” to see curses-style ui, “-L” is the number of results to display, “-P” is to show ports.)
  Note: To see curses output property in putty, go to “Window > Translation” and tick “Enable VT100 line drawing even in UTF-8 mode”.
• Load averages (e.g. top, uptime)
• pidstat:
  • Installation: yum install sysstat
  • thegeekstuff.com
  • Example: 5 samples, one second between each, then give me an average:
    pidstat -C cassi -l 1 5
Average: UID PID %usr %system %guest %wait %CPU CPU Command
Average: 1001 27616 0.80 1.39 0.00 0.00 2.19 - pidstat -C cassi -l 1 5
Average: 1001 31248 6.57 3.98 0.00 0.00 10.56 - cassi32 /rTPCCDBFH -rTPCCDBFH
Average: 1001 31254 6.37 3.19 0.00 0.00 9.56 - cassi32 /rTPCCDBFH -rTPCCDBFH
Average: 1001 31260 3.78 1.79 0.00 0.00 5.58 - cassi32 /rTPCCDBFH -rTPCCDBFH
Average: 1001 31264 6.18 2.99 0.00 0.00 9.16 - cassi32 /rTPCCDBFH -rTPCCDBFH
Average: 1001 31266 12.75 7.37 0.00 0.00 20.12 - cassi32 /rTPCCDBFH -rTPCCDBFH
• top:
  • “top” in batch mode (i.e. can be redirected to a file) and include command-line args: top -b -n 1 -c

• “arp” command:
  • ARP (Address Resolution Protocol) relates a host’s IP address to the hardware address (MAC address) assigned to your network adapter.
  • Use “ping” (to populate the arp tables) and then use “arp” to see the MAC address, e.g.:
    lcdc@E1317T:~$ ping 192.168.1.254
...
jcdc@E1317T:~$ arp 192.168.1.254
Address HWtype HWaddress Flags Mask Iface
_gateway ether 5c:b1:3e:1c:5f:42 C wlp1s0
• “dig” DNS lookups:
  • Dig is useful because you can target a specific DNS server, e.g.: dig @8.8.8.8 www.amazon.com
• “ip” command:
  • List interfaces: ip addr
  • Enable/disable interface: ip link set up|down dev enp2s0
• Curl:
  • download
  • CICSWS example (see URIMAP etc and “CICWS Repro steps.txt”):
    C:\curl\curl\bin\curl.exe -v -X POST localhost:9233/tpccws/NewOrder -H "Content-Type: text/xml;charset=UTF-8" --data-binary "@C:/curl/New_Order_request.txt"
• netcat, netc, nc:
  server: nc -l -p <port>
• Alternative to netstat: “ss” command, and also the “ip” command.
• tcpdump:
  tcpdump dst port 6742
• “mtr” (My Traceroute) command - a combination of “ping” and “traceroute”.
  • See https://www.redhat.com/sysadmin/linux-mtr-command
• Red Hat networking interface setup:
  • https://www.redhat.com/sysadmin/start-nic-boot
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s1-networkscripts-interfaces
• SSH:
  • Important files:
    • $HOME/.ssh/known_hosts
    • $HOME/.ssh/authorized_keys (On a remote machine, add your public key to this file).
    • $HOME/.ssh/config (Define an alias here for your ssh connection, to simplify connection, e.g. specify ssh port and username)
  • Configure password-less login (sshkeygen):
    Create public/private keypair: ssh-keygen (e.g. ssh-keygen -b 1024 -t rsa) (Note: Press Return for all questions, including passphrase. Not the most secure, but hey).
    Copy the public key to the machine(s) you want to log into: ssh-copy-id nwb-jcdccentos2
    You can now login without using a password: (as user ansible): ssh nwb-jcdccentos2

• find command:
  • Search for multiple file names: find . -type f \( -name "*.png" -o -name "*.jpg" -o -name "*.deb" -o -name ".pdf" \)
  • Follow symlinks: find -L $COBDIR -iname ...
  • find with compex exec: find . -iname console.log.tr4 -exec sh -c "echo {} && grep 'CASSI5030I PLTPI Phase 2 List(T1) Processing Completed' {} | wc -l" \;
• List symlinks: find -type l
• Mount cdrom using /etc/fstab: /home/hub/Downloads/rhel-8.1-x86_64-dvd.iso /media/cdrom/ iso9660 loop,ro 0 0
• List symbols of binary:

  # nm -D /usr/pgsql-10/lib/libpq.so.5.10 | grep PQconninfo
  0000000000010150 T PQconninfo
  0000000000010220 T PQconninfoFree
  00000000000118b0 T PQconninfoParse
  

• rsync
  • Exclude directory: rsync -avz --exclude VirtualBox_VMs /home/jcdc . (See here)
• Determine file creation time (see also here)
  • Method 1: “stat filename” - But even on my ext4 filesystem (RH Linux) the “Birth” value was unfortunately blank (apparently, it is down to the kernel if the “Birth” value is populated):

    [wibble]stat myfile.txt
    File: '/home/fred/myfile.txt'
    Size: 329066          Blocks: 648        IO Block: 4096   regular file
    Device: 802h/2050d      Inode: 2229605     Links: 1
    Access: (0644/-rw-r--r--)  Uid: ( 1000/     hub)   Gid: ( 1000/     hub)
    Access: 2023-09-20 09:58:38.000000000 +0100
    Modify: 2023-09-20 09:58:38.000000000 +0100
    Change: 2023-09-20 10:06:05.316755558 +0100
     Birth: -
    

  • Method 2: “debugfs” (Note this must be run as root) - looks for the “crtime” value (not “ctime”!):

    [wibble]asroot debugfs -R 'stat myfile.txt' /dev/sda2
    debugfs 1.42.9 (28-Dec-2013)
    Inode: 2229605   Type: regular    Mode:  0644   Flags: 0x80000
    Generation: 2201300265    Version: 0x00000000:00000001
    User:  1000   Group:  1000   Size: 329066
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 648
    Fragment:  Address: 0    Number: 0    Size: 0
     ctime: 0x650ab5fd:4b853998 -- Wed Sep 20 10:06:05 2023
     atime: 0x650ab43e:00000000 -- Wed Sep 20 09:58:38 2023
     mtime: 0x650ab43e:00000000 -- Wed Sep 20 09:58:38 2023
    crtime: 0x650ab5fd:4b0b269c -- Wed Sep 20 10:06:05 2023
    

• Extract “hel” character range from variable:
  s1="hello world"
echo ${s1:0:3}
• Built-in variables (including the current function name)
• Sort an array in bash
• Use process redirection (to log output to multiple places):
  # Process substitution is not a POSIX compliant feature and so it may have to be enabled
# See https://www.linuxjournal.com/content/shell-process-redirection
set +o posix
exec > >(tee /tmp/test.log | logger -t user-data -s) 2>&1
echo "Send to stderr. This will be logged to a file, syslog, and the screen $(date)" >&2
echo "Send to stdout. This will be logged to a file, syslog, and the screen $(date)"
• Bash arrays:
  #!/usr/bin/bash
declare -a HOSTS_ARRAY=('nwb-tpccrh76es1' 'nwb-tpccrh76es2' 'nwb-tpccrh76es3' 'nwb-mlora1' 'nwb-mlora2' 'nwb-mlora3');
declare -a FILES_ARRAY=('lib/mfescache.jar');
function update_files()
{
  ` local _host _file `
  ` for _host in “${HOSTS_ARRAY[@]}” ; do for _file in “${FILES_ARRAY[@]}” ; do echo “scp -p $_file hub@${_host}:/home1/hub/pkg-es/$_file” scp -p $_file hub@${_host}:/home1/hub/pkg-es/$_file done done } update_files`
• “set” command:
  #!/bin/ksh
echo "Input args: $@"
echo "Args count: $#"
echo "Adding another arg..."
set -- $@ wibble
echo "New input args: $@"
echo "New args count: $#"

• JXplorer (free) LDAP browser (java)
• ldapsearch:
  • (Red Hat) ldapsearch examples
  • Man page
• ldifde:
  • Export AD config

• Dashboards
• Granfana URL to jump to a specific time range:
  Haven’t tried this yet, but I think it will work: https://grafana.com/docs/grafana/latest/reference/timerange/
• Annotations:
  • Basics
• Loki
• promtail
• Grafana vs MS OpsBridge
• Grafana / Influxdb / Telegraf - capturing windows performance counters
• Use Prometheus (and PushGateway) to record process “top” snapshots
• Introduction to Prometheus
• Getting started with Prometheus
• PushGateway
• Querying my Pushgateway manually: http://nwb-tpccrhes1:9091/metrics:
  cpu_usage{instance="nwb-tpccrhes1",job="top",pid="1",process="/usr/lib/systemd/systemd_--system_--deserialize_22"} 0
cpu_usage{instance="nwb-tpccrhes1",job="top",pid="10",process="[rcu_sched]"} 0
cpu_usage{instance="nwb-tpccrhes1",job="top",pid="108",process="[kthrotld]"} 0
cpu_usage{instance="nwb-tpccrhes1",job="top",pid="1083",process="[kdmflush]"} 0
• Prometheus vs InfluxDB:
  ME: Both are time-series databases. They have different SQL-like query languages; Prometheus’s language is briefer than InfluxDB; for example there are functions such as “sum”, “avg” and “topk”. The main difference is that Prometheus ‘scrapes targets’ to retrieve the metrics, whereas InfluxDB expects the metrics to be ‘pushed’ to it, for example using Telegraf.
• Windows download
• Influxdb:
  • My notes regarding querying the databases created in InfluxDB
  • Introduction to Telegraf / InfluxDB
  • Database(s) location: C:\Users\testing\.influxdb
  • Dropping databases (untested by me): https://community.influxdata.com/t/commad-to-delete-a-particular-series-from-influxdb/5600/7

• Books: Oreilly
• Book: Pro Git
• Book: Subversion

• Client errors:
  • [Microsoft][SQL Server Native Client 11.0]Named Pipes Provider: Could not open a connection to SQL Server [5].
[Microsoft][SQL Server Native Client 11.0]Login timeout expired
    Solution: Use SQL Server Configuration Manager (an mmc dialog). Expand the network connectivity section on the left. Enable TCP/IP (or named pipes, if that’s what you want).
• MS SQL Server “mixed mode” authenticaton
• Switch SQL Server authentication mode
• Check basic connectivity to instance name
• Determine instance name and version
• List databases: sqlcmd -S localhost -U sa -P Passport1 -Q "select name from sys.databases"
• Table: Describe table:
  exec sp_help '$DISTRICT_@4_RecordLocks$'
• “who” has SQL Server sessions running?
  (Be careful using the query feature in the SQL Server Management UI. This is a session, and also prevents you from deleting the database, until you kill that query session).
• Indexes:
  • View indexes:
    EXEC sp_helpindex 'Customer'
GO
    Note: It looks like a restore of a db backup with indexes with restore/create the indexes again.
  • Dropping indexes:
    This doesn’t look very easy to automate/script, so I will use the SQL Server UI for now (expand each table to see the indexes, but don’t delete the primary key indexes).
• Example Queries:
  • To run an adhoc query, right-click on the database name and select “New Query”.
  • How to specify the table: select finalresult from [tpccresults].[dbo].[tpcc_data] Where finalresult IS NOT NULL group by finalresult order by Max(RIGHT(REPLICATE(N' ', 500) + package, 500)) DESC
  • Show table schema: select * from INFORMATION_SCHEMA.COLUMNS where TABLE_NAME='tpcc_data'
  • SQL Server has no “LIMIT” query clause! You need to use “TOP”, e.g.:
    select top 5 test_id,test_params,test_luid32,test_luid64 from [tpccresults].[dbo].[tpcc_data] order by test_id desc
  • SQL Server update example:
    update [tpccresults].[dbo].[tpcc_data] set test_type = 'SILK_PAC' where test_id = 3597 and test_type = 'SILK_ZIP'
• odbcconf.exe (soon to be deprecated by PowerShell)
• ODBC Driver “SQL Server” vs “SQL Server Native Client”
• SQL Server Log
• Forcibly close all connections to database
• SQL Server Single User mode

• General PG admin (including creating new users, aka “roles”)
• Adding specific access (least privilege model)
• Optimization and Tuning
• Downloads
• PG transactions (xact_commit and xact_rollback)
• See config values:
  psql -U postgres postgres -c "show all;" | grep cost
• Version:
  C:\>psql --version
psql (PostgreSQL) 10.11
• Locate main config file:
  PGPASSWORD=fred psql -U escc postgres -c "show config_file;"
config_file
----------------------------------------
/var/lib/pgsql/10/data/postgresql.conf
• Locate hba (host-based-authentication) file:
  psql -U postgres
postgres=# show hba_file
• List connections to a database:
  Colin: “To see what the connections to the database are, can you run the following query against the cross-region database”:
  psql -U postgres "MicroFocus\$CAS\$CrossRegion" -c "SELECT * FROM pg_stat_activity"
• List databases - one-liner:
  ` psql -U postgres -c “select datname from pg_database”`
• List databases, then quit:
  psql -U postgres
\list
\q
• List databaases from pg_database:

  postgres=# select datname from pg_database;
           datname
  ------------------------------
   postgres
   template1
   template0
   MicroFocus$CAS$CrossRegion
   MicroFocus$CAS$Region$MYPAC
   MicroFocus$SEE$Files$VSAM
   MicroFocus$CAS$Region$MYPAC2
  (7 rows)
  

• pgpass.conf:
  Note: pgpass.conf simply provides the password for you.
  C:\>type %APPDATA%\postgresql\pgpass.conf
localhost:5432:*:postgres:Passport1!
• dump single database:
  /usr/pgsql-10/bin/pg_dump -U escc -W -F t 'MicroFocus$SEE$Files$MLVSAM' > MLVSAM.tar
• Restore single database dump:
  NOTE: The pg_restore command is very confusing!!! If you are importing the backup archive into the same database, then you need to use “–dbname=postgres”. This is because the name of the database being restored is actually in the archive file. But, if you want to import the backup archive into a differently-named database, then you use “–dbname==", but you will have to create the database first yourself! See my script `pg_backup.sh`
• Add a user
  • Create a user with postgres privileges:

    psql -U postgres postgres
    # \du
    # create user escc with encrypted password 'CC1adm1n';
    # alter user escc with SUPERUSER CREATEDB REPLICATION;
    

• PG Replication status
• Vacuum and analyze (includes query to show last of both)

• (IBM) DB2:
  • clpplus (Note: Oracle uses “sqlplus”):
    • List databases:
      <I haven't found a way to do this yet!>
    • Connect to a database (as per DB2 on the tpcc 6-pair):
      clpplus testing/password@localhost/tpcc
    • db2dsdriver.cfg:
      “db2dsdriver.cfg is an XML file that contains a list of DSN aliases and their properties. It is used to store connection details in one place.”

• Docker
  • Windows Docker port binding failure - Listing reserved network port ranges:
    netsh interface ipv4 show excludedportrange protocol=tcp`
  • Kubernetes cluster:
    I think this is a container-of-containers, e.g. redis container, es container, pg container, openldap container, etc.
  • Docker Volumes:
    Apparently you can use a Volume to overcome file-case issues when a Linux container is building source files hosted on the Windows host.
  • Podman and Podman on Github:
    The biggest problem with Docker is the use of a single daemon process. All child processes are owned by this process, i.e. this a single point of failure. There are also security implications. Podman has addressed many of these problems. The commands you are familiar with in Docker work the same for Podman. The claim is that if you have existing scripts that run Docker you can create a docker alias for podman and all your scripts should work (alias docker=podman).
    Installation on Red Hat 8.1: yum install podman (Note: you don’t need Docker installed to use Podman).
    • Detach from an interactive container:
      Holding-down Ctrl, press P and then Q.
      To re-attach to the detached interative container:
      podman attach web_test
    • List containers in a pod:
      podman pod ps
podman ps -a --pod
    • Remove pod, even if it contains containers (see “man podman-pos-rm”):
      podman pod rm -a -f
    • Run command “ps” in a container:
      podman exec web_test ps
    • View log in a container:
      Note: Anything that the program writes to stdout or stderr will be recorded here.
      podman logs web_test
    • Podman Networking between containers:
      Note: The Docker “–link” option to network containers is no longer supported (see here).
      • The simplest container networking method - using a “Pod”:
        Note: When using a pod, each container has the same IP address, i.e. everything runs in the same “localhost”.
        Note: You can run this as a non-root user (aka “rootless”).
        Example:
        podman pod create --name=mypod
podman run --detached --name=web --pod=mypod nginx:latest
podman run --interative --tty --pod=mypod --name=web_test busybox:latest /bin/sh
# wget -O - http://localhost:80
        (This example is based on page 18 of DockerInAction).
        Note: Grouping containers into a pod also enables you to manage them as one, podman pod stop|start.
      • Using IP apddress:
        Note: This only works as root user (aka “rootfull” containers), because network device association cannot be achieved unless running as root.
        # podman run -dt --rm --name web nginx:latest
# podman inspect web | grep IPAddress
"IPAddress": "10.88.0.2"
        From the host:
        # curl http://10.88.0.2:80
# podman run -it --name shell nginx:latest /bin/sh
        From inside the “shell” container:
        # curl http://10.88.0.2:80
    • The order that the Docker/Podman container registries are queried:
      /etc/containers/registries.conf

• AWS Support
• AWS Getting Started
• Various AWS Quick Starts
• Code (AWS in Action 2nd Ed)
• AWS CLI   AWS CLI version 2
• AWS Cost Calculator   AWS Usage Reports   AWS Resource Limits
• “Availability Zones”: Goups of isolated data centers, called availability zones, within a geographical region.
• “CloudWatch”: Monitoring the health of virtual machines and triggering recovery automatically if needed.
• “CloudFormation”: AWS CloudFormation translates the templates into API (HTTP) calls.
• IAM (Identity and Access Management service):
  • An IAM user is used to authenticate people accessing your AWS account.
  • An IAM group is a collection of IAM users. Groups can’t be used to authenticate, but they centralize authorization (e.g. if you want to stop your admin users from terminating EC2 instances, you only need to change the policy for the group instead of changing it for all admin users).
  • An IAM role is used to authenticate AWS resources, for example an EC2 instance. When using an IAM role, your access keys are injected into your EC2 instance automatically. By default, no role is attached to an EC2 instance and therefore the EC2 instance is not allowed to make any calls to the AWS API. To attach an inline role (i.e. not a “managed-role”) to an instance, you must first create an instance profile.
  • An IAM policy is used to define the permissions for a user, group, or role. IAM users and IAM roles use policies for authorization.
• AWS instance hosts not pingable by default

• Ansible:
  • Installation on Centos 8:
    Install the epel (enterprise) package: sudo yum install epel-release -y
    Then install ansible: subdo yum install -y ansible
    We need to install Python:
    Run yum install python and then pick python36: yum install python36
• Bolt:
  • Getting Started

This is test post two.

This is test post one.

Next you can update your site name, avatar and other options using the _config.yml file in the root of your repository (shown below).