When I started this project it was meant to be just tips and tricks from random projects I encounter in my travels through the IT world, but like always, life makes it own corrections… Sometimes they are for better, other times they are are for worse.
The 2019 started like usual with with all sorts of interesting projects and new ideas and new tech to play with. It was fun while it lasted… But all was not well by the summer time. I had a pet project that I was doing with couple of people and at one point I got played. The project died and I had invested so much time to it that the rest of projects had slipped away and taken over by other people. This happens from time to time with joggling multiple projects… No biggie I thought then – boy was I mistaken… By the beginning of summer it was clear that the pet project was dead for me and I was dismissed from it even tho I had put in 100% of my time and energy. So I thought I would spend a nice summer with my family any by autumn another project would come along as it had happened from years before. Little did I know how much time it had took and how much people had I alienated because of it… Yes there were few small projects that took few days or even up to a week but nothing special – nothing to look forward to… Even small insignificant projects wanted NDA so nothing to write about – so I put this project into a dormant state – there was just nothing interesting I could write about that I thought would be interesting….
And then the 2020 happened – things could not go worse I thought. Well I was mistaken again. Who would have thought that a small insignificant corona virus that has raised it’s head for decade or to would have so big impact on the world. It was not the first time a flu like virus has raised it’s ugly head in the midst of the regular flu season… Who would have thought that it would turn the world upside down and throw it to chaos and disarray. Yes – it is better than living in the dark ages where the plague roamed freely and there was no real cure for it, but still – moving away from your comfort zone is always hard, but still… Being used to a certain standard of living and getting it taken away so easily and with all the restrictions on travel, shopping… I know people in large metropolis's are used to it to wear a mask day to day bases, but to the rest of the world it is not normal. It just rubs against the grain… Yes there are good things that have came from it like most IT conscious companies have had to create remote working capabilities to their employees so people can work remotely and without the hassle of getting to an office exactly the same time as the rest of 90% of people. But still the infrastructure project have withered away and everyone wants a web shop or a e-commerce site to dropshipping from china. And if that was not enough that airmail from china was 20 days before – it has gone up to 90...120 days if it even arrives. The USA and china trade war is also creating some friction between China an the rest of the world and to sum it up – we live in the interesting times.
What will it mean to this site? Well… in short – I don’t have something interesting lined up for some time now so the best I can do is try to tinker with my home lab and hope it is enough. Maybe something interesting or useful comes up form time to time but no fancy new hardware or licensed software for the time being – lets see what the future brings and take it a day at a time. The project is not dead but just shifted to lower priority.
PS! My writing skills have also deteriorated over the past two years (have not written for public consumption for few years) so I’ll try to improve myself again :)
Thursday, October 8, 2020
Tuesday, February 5, 2019
WSUS broken from start...
Today (well 5 days ago actually) I hit a problem... with Windows Server 2019 and WSUS. Maybe it is just a luck thing, or may be it is just an issue with Linux expert trying to fiddle in the windows world, but my goal was to set up an WSUS server and the first thing after adding a WSUS role to it - well the initial configuration failed to complete.
The WSUS content directory is not accessible.
System.Net.WebException: The remote server returned an error: (503) Server Unavailable.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)
To start from the beginning - working on one project I was asked to setup WSUS (Windows Server Update Services) because the Windows updates were wreaking havoc and people were pretty pissed off on the management about it.
Right...
Linux guy starting to administer Windows...
That's like asking for trouble...
As I was the only one who had even heard of it, I said "How hard can it be"...
Big mistake...
I'm not in any way certified to administer windows - I poke it with a long stick from as far as I can, but I take this "experiment" as a learning experience, so I try it at least. On a positive note - the server manager with its role based "installation" feature is kind of nice try to make things as simple as possible (if it works). Like windows loves to do, the next.. next.. next... and we are installing. Great I thought - if it really is that simple, then in about some time later we should have a working update server and all the update fuss can be done like once a month or as needed or... (I have never used it so I really don't know how its supposed to work - all I know that when WSUS is added to the domain and all PC's report to it no updates will be installed if they are not "approved" in there".
And then the problems started... The error above... The first thing I saw was that the initial configuration (script?) failed to complete. Well this is great... Fresh clean install of Windows Server 2019 - only role installed was WSUS and it failed. I had a bad feeling it could not go that smoothly from the start, but I hoped for the best. What can I do now - I guess google will have a quick solution for it?
Well - yes and no - after searching for hours I finally found a thing that was wrong in my installation. It seems that some kind of connection limit is set to 0 so IIS won't accept any connections (even from the initial configuration script?).
So to remedy the problem:
1) open IIS manager
2) navigate to wsus administration
3) on the right under browse website go advanced settings
4) under limits if max connections is 0 change to 2
That at least fixed the problem for me, so that the initial configuration script would setup the WSUS service and allowed me to select the software collections to sync.
As I'm writing it postmortem from notes scribbled on a peace of paper I don't have the original link where I found the solution, but it seems like it is a common problem that has not been fixed for a long time and it may reoccur with updates.
To be continued...
The WSUS content directory is not accessible.
System.Net.WebException: The remote server returned an error: (503) Server Unavailable.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)
To start from the beginning - working on one project I was asked to setup WSUS (Windows Server Update Services) because the Windows updates were wreaking havoc and people were pretty pissed off on the management about it.
Right...
Linux guy starting to administer Windows...
That's like asking for trouble...
As I was the only one who had even heard of it, I said "How hard can it be"...
Big mistake...
I'm not in any way certified to administer windows - I poke it with a long stick from as far as I can, but I take this "experiment" as a learning experience, so I try it at least. On a positive note - the server manager with its role based "installation" feature is kind of nice try to make things as simple as possible (if it works). Like windows loves to do, the next.. next.. next... and we are installing. Great I thought - if it really is that simple, then in about some time later we should have a working update server and all the update fuss can be done like once a month or as needed or... (I have never used it so I really don't know how its supposed to work - all I know that when WSUS is added to the domain and all PC's report to it no updates will be installed if they are not "approved" in there".
And then the problems started... The error above... The first thing I saw was that the initial configuration (script?) failed to complete. Well this is great... Fresh clean install of Windows Server 2019 - only role installed was WSUS and it failed. I had a bad feeling it could not go that smoothly from the start, but I hoped for the best. What can I do now - I guess google will have a quick solution for it?
Well - yes and no - after searching for hours I finally found a thing that was wrong in my installation. It seems that some kind of connection limit is set to 0 so IIS won't accept any connections (even from the initial configuration script?).
So to remedy the problem:
1) open IIS manager
2) navigate to wsus administration
3) on the right under browse website go advanced settings
4) under limits if max connections is 0 change to 2
That at least fixed the problem for me, so that the initial configuration script would setup the WSUS service and allowed me to select the software collections to sync.
As I'm writing it postmortem from notes scribbled on a peace of paper I don't have the original link where I found the solution, but it seems like it is a common problem that has not been fixed for a long time and it may reoccur with updates.
To be continued...
Friday, January 11, 2019
Installing Linux in 2019
It is January of
2019 Lets see how easy it has become to install Linux on a PC. Does
it still require complicated hands on hacking to get it up and
running? Well it depends on a flavor you choose, but most of the
mainstream distributions wont need more than few clicks and couple of
text boxes to fill. I could say that it takes even less of an effort
than the first boot of an sysprepped stock windows 10 next, next,
next, no, no no, no… setup. So lets see how easy it really is.
To begin with we
need an installation media from which we can install the
distribution. My go-to flavor for desktop/graphical environment is
Fedora (specifically
KDE spin) and for servers CentOS
. I have used other distributions like Debian, Ubuntu, SUSE Linux
Enterprise Server, Oracle Linux and Red Hat Enterprise Linux, but
Oracle, SUSE and Red Hat are subscription based services so are less
used on services that do not require to be certified on specific
distribution. With Debian/Ubuntu… I can use them, but have never
mastered the software packaging so I don’t use them much…
So today’s
subject is installing basic CentOS machine called bazaar (well I have
installed it and it is installed on physical hardware so to get the
screenshots I’m just creating an virtual machine under KVM). This
will become headless “server” for RPM cache to begin with and
possibly acquire some more roles in the future.
So why do I need an
rpm cache? Well – I have 4 Fedora machines, 3 CentOS machines and
about 40 CentOS VM (no they are not online 24/7 – I boot them
up/patch them as needed) for different projects and to play with. I
patch them regularly and well my internet connection is not great
(12Mbit down/1Mbit up) so when I have to upgrade Fedora 28 to Fedora
29 (which means downloading about 1..2GB of rpm-s for 4 times…
taking an hour or two each time… well I’m tiered of waiting). I’m
planning to do this upgrade in a week or two so I need an rpm caching
server. This is not an issue with Fedora only – CentOS also
releases major updates that may be as bit as 1GB (depends on how many
packages are installed) and doing it 40 times… well… it takes a
lot of time just to download everything again and again.
So how powerful the
hardware needs to be? The answer is – I don’t know yet. I had an
ASUS Eee Box EB1012P lying around with 4GB RAM, 250GB 2.5’’ WD
SATA drive and a gigabit LAN adapter. The CPU is not fast, RAM is
not fast, HDD is not fast, but it has 2 core 4 thread 13W TDP CPU. So
average power consumption is low - it should stay around 5..20W so it
is perfect for 24/7 operation. Yes an SoC like an Raspberry Pi would
be more power efficient but I have had bad experience with SD cards
dying on heavy IO and I don’t currently have a plan to start making
backups of the rpm cache so Eee it is...
To start with I
downloaded an CentOS 7 IOS and transferred it to an USB stick. Boot
the machine and pressing F8 select the removable media as a boot
device. The screen should look like this:
If the Install
option is not highlighted then just press the up arrow on the
keyboard an select it and press enter. The screen should look similar
to this:
It should boot and
ask for an language selection:
I like the language
to stay English so it is easier to search for problems when they
occur but it is up to the administrator to use the language they
want. When done click continue and you should be arriving at a screen
like this:
I’m hoping, that
setting the timezone and keyboard layout is self explanatory so I
wont go into that. Also leaving software installation source as local
media is recommended (there is possibility to add external
repositories, but relying on experience, it is easier to add them
after the installation has completed). Since it will become headless
“server” minimal install is sufficient.
On a production
server I would leave kdump enabled as it will create kernel dumps
that can help debug hardware issues, but when creating VM’s for
testing I usually disable it as VM’s dont have direct hardware
connected to them. I also like to disable the security policy as the
policies are not included with CentOS and are available only on
official Red Hat Enterprise Linux. This does not mean that CentOS is
less secure than RHEL – it just means it is not certified under the
example policies. Under network configuration… well it should be
self explanatory… I’ll use dhcp in this example, but servers
should be configured with static IP.
The hing that needs
a little attention is the installation destination:
This VM has a 20GB
virtual disk attached to it and since it has no partitions on it it
is automatically selected and it should be good enough for basic
installation (it is easier to make changes afterwards to change
partitioning as it uses LVM by default than try to make a custom
partitioning beforehand). So all that is left is click done and then
“Begin Installation”. We are on the final stretch…
This should be the
screen we are on now. Setting root password is like setting local
administrator password in windows. The user root is the superuser
that can do anything in the machine so its password should be strong.
The user creation tab is optional but recommended as root user should
be used only on an emergency's and not for day to day operation.
This screen is
similar to setting the root user password with exception of adding
username to it AND “Make this user administrator” option.
Checking this box grants this use an option to run commands as a root
without knowing the root password using "sudo" command. If this is done
all that is left to do is wait for the installation to complete and
reboot the machine when the option appears.
Now, if everything
went well we should be greeted with a boot screen like this:
That means that the
installation was successful and we have a brand new Linux machine
available.
This should be
sufficient for an example on how to install Linux in 2019 and in the
near future we’ll configure it.
Subscribe to:
Posts (Atom)