Sam Mingo slmingol

How to setup your own CA with OpenSSL

For educational reasons I've decided to create my own CA. Here is what I learned.

First things first

Lets get some context first.

$ sudo -i
# vim /etc/systemd/system/disable-transparent-huge-pages.service
# systemctl enable disable-transparent-huge-pages
# systemctl start disable-transparent-huge-pages
# systemctl status disable-transparent-huge-pages
# cat /sys/kernel/mm/transparent_hugepage/enabled
# cat /sys/kernel/mm/transparent_hugepage/defrag

Keybase proof

I hereby claim:

I am slmingol on github.
I am slm (https://keybase.io/slm) on keybase.
I have a public key ASDFYWPLXz7NcMqaIlzjDxptnfhKxN1UDjflhKk57Q0tAQo

To claim this, I am signing this object:

Building RPMs using OpenSUSE's Open Build Service in n easy steps

Get yourself an account on OBS, and create your home project
Get the CLI and build tool

$ apt-add-repository "deb http://download.opensuse.org/repositories/openSUSE:/Tools/xUbuntu_14.04/ /"                                             
$ curl http://download.opensuse.org/repositories/openSUSE:/Tools/xUbuntu_14.04/Release.key | sudo apt-key add -                                   
$ apt-get update
$ apt-get install -y osc build

An Ansible summary

Jon Warbrick, July 2014, V3.2 (for Ansible 1.7)

Configuration file

intro_configuration.html

First one found from of

	IMPORTANT DISCLAIMER: Many of the found "properties" aren't really useful or mistakenly listed,
	like those starting with "org.apache.hadoop.*". The tool simply greps a pattern in the matching
	files, and some of them are not used as properties. On the other hand, all named properties from
	the given configuration file are removed, so quite a few are valid. Again, some of those are still
	hidden on purpose, since it is not useful to tinker with them unless in extreme situations, or
	during test runs. Be VERY CAREFUL of what you do. I warned ya!

	$ sh target/bin/run-finder -d /projects/opensource/hbase/hbase-trunk-rw-git/ -u -s \
	--exclude /generated --exclude /generated/ --exclude /target \
	--exclude /test/ -c hbase-common/src/main/resources/hbase-default.xml -o /dev/null

	{
	"Statement": [
	{
	"Sid": "PackerSecurityGroupAccess",
	"Action": [
	"ec2:CreateSecurityGroup",
	"ec2:DeleteSecurityGroup",
	"ec2:DescribeSecurityGroups",
	"ec2:AuthorizeSecurityGroupIngress",
	"ec2:RevokeSecurityGroupIngress"


	REST API

	### Artifactory ####

	deploy artifact using REST
	curl -u myUser:myP455w0rd! -X PUT "http://localhost:8081/artifactory/my-repository/my/new/artifact/directory/file.txt" -T Desktop/myNewFile.txt

	query artifacts by Repo and Path
	curl -u user:pw -X POST -k http://mrxartifactory:8081/artifactory/api/search/aql -d "items.find({\"type\" : \"file\",\"\$and\":[{\"repo\" : {\"\$match\" : \"myRepo\"}, \"path\" : {\"\$match\" : \"myPkg\"} }]}).include(\"name\",\"repo\",\"path\",\"size\")"

	# Automated AMI Backups
	#
	# @author Robert Kozora <bobby@kozora.me>
	#
	# This script will search for all instances having a tag with "Backup" or "backup"
	# on it. As soon as we have the instances list, we loop through each instance
	# and create an AMI of it. Also, it will look for a "Retention" tag key which
	# will be used as a retention policy number in days. If there is no tag with
	# that name, it will use a 7 days default value for each AMI.
	#

	---
	# Idempotent way to build a /etc/hosts file with Ansible using your Ansible hosts inventory for a source.
	# Will include all hosts the playbook is run on.
	# Inspired from http://xmeblog.blogspot.com/2013/06/ansible-dynamicaly-update-etchosts.html

	# https://gist.github.com/rothgar/8793800

	- hosts: all
	tasks:
	- name: Build HBase /etc/hosts file