LHasa solution for url: https://sadservers.com/scenario/lhasa

In this case we could use awk to sum all numbers in second columns and divide by number of entries ( 100 of them) So 520.4 / 100 -> 5.20

awk '{sum+=$2;} END{print sum;}' scores.txt

Task at: https://sadservers.com/scenario/taipei

Inside of this task we have port knocking, very famous solution to bring protection to access for certain port. More information on this: https://wiki.archlinux.org/title/Port_knocking

One simple way to unlock port 80 is to use nmap 2-3 times on all ports to open port 80:

nmap -Pn -p 1-65535 localhost

Famous port knocking with nmap tool

Solution for: https://sadservers.com/scenario/command-line-murders

File people contain all names, what we need is to find md5 hash of real name to add into mysolution file.

First, command to extract all people names:

awk '{print $1" "$2}' people >> find

After that we need to extract proper name with md5 hash from file "find", so use command:

while read -r col1 ; do
   echo $col1  "$(echo $col1 | md5sum )" | grep 9bba101c7369f49ca890ea96aa242dd5
done < find

and here you go your killer name:

Killer name

Solution for: https://sadservers.com/scenario/santiago

We have 3 files, each contains word "Alice". To count how many there is lines with word Alice

grep Alice *.txt | wc -l

After that we could find file with only once with:

grep Alice *.txt | cut  -d ":" -f 1 | sort | uniq -c | sort -r

Solution for Saskatoon Command:

awk '{print $1}' access.log | sort | uniq -c | sort -r | head -20

With awk, we pickup first field from the line - that is IP address. Second command - make sort this lines so next one command uniq could easy count (that is -c) and sort -r will set reverse list from highest to lower counts of IPs

Count of IPs from access log

For the task https://sadservers.com/scenario/saint-john there is easy solution by usage of tool called lsof (short for list list open files) where man pages https://man7.org/linux/man-pages/man8/lsof.8.html gives details of usage. Take notice here: I use command kill -9, but in case of important tasks like email servers and similar where are data valuable please use kill -15

Solution in one picture:

I'm solving SadServers Challenges!

I've decided to dive into the world of SadServers challenges (https://sadservers.com/scenarios)! This platform offers a variety of system administrator scenarios that test your troubleshooting skills and Linux knowledge.

With over 26 years of experience, I've encountered a wide range of Linux issues, including the infamous "Out of Memory" (OOM) problems with drivers.

Here's the exciting part:

I'll be tackling these challenges and sharing my solutions right here! The first one will be published today, June 7th, 2024, and I'll keep this page updated with links to all my future solutions.

Stay tuned for some in-depth troubleshooting and Linux problem-solving!

Easy

Saint John - Easy - solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-saint-john-task

Saskatoon - Easy solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-saskatoon

Santiago - Easy solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-santiago

Command line murderers - Easy solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-command-line-murderes

Taipei - Easy solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-taipei

Lhasa - Easy math solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-lhasa

Bucharest - Easy, Postgres solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-bucharest

Bilbao - Easy Kubernetes issue solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-biblao-k8s-task

Apia - Easy file tools usage solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-apia-task

Medium

Manhattan - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-manhattan-medium

Tokyio - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-tokyio-solution

Cape town - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-cape-town

Salta - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-salta-solution

Venice - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-venice

Oaxaca - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-oaxaca

Melbourn - medium, solution: https://www.vladimircicovic.com/2024/06/sadserver-solutions-melbourne

Optimizacija i ubrzavanje bloga uz pomoć Geo DNS i reverznih proksija

digitalocean image

Vikend eksperiment jeste postavljanje više PoP (Point of Presence. Više na https://www.cachefly.com/news/why-points-of-presence-pops-are-pivotal-for-optimal-cdn-performance/) servera kako bi lag/kašnjenje bilo manje.

Koristio sam gotove servise: EasyDNS i Linode Cloud.

EasyDNS nudi GeoDNS za 9$ mjesečno. Moguće je prema geografskoj lokaciji odrediti koji DNS zapis tj povratni odgovor na DNS upit (od A recorda pa dalje). Sa Linodom je moguće "kopirati" na više lokacija širom svijeta (paralelno) kada se sredi prvi box/server. Linode mjenja IP adresu servera koji se klonira a sve ostalo ostaje kako jeste (config, šifre, ključevi, SSL sertifikati, ostalo)

Tako da podesimo 1 server i uradimo kloniranje na više mjesta i samim tim napravimo PoP (https://www.cachefly.com/news/why-points-of-presence-pops-are-pivotal-for-optimal-cdn-performance/)

prije proxy servera

poslije dodavanja Geo DNS i reversnih proxy servera

Testiranje uz pomoc: https://www.dotcom-tools.com/website-speed-test

Geo DNS Pool

Koraci koje trebamo uraditi su sljedeći:

• Kreirati bazni reverse Nginx proxy
• Klonirati na različite lokacije
• Testirati uz pomoć Curl-a
• Podesiti GeoDNS na EasyDNS
• Testirati DNS propagaciju i web prisutnost

Nginx reverse proxy

Konfiguracija za revezni proxy (neću davati druge nepotrebne informacije):

http {

   # putanja za /cache mora biti kreirana i podešena za nginx usera/grupu www-data

   # levels - do kojeg nivoa će ići poddirektorijumi za kesiranje

  # Broj objekata koje će sačuvati u kešu - 10m

  # maksimalna veličina fajla koji može biti keširan - 1g

proxy_cache_path /cache levels=1:2 keys_zone=m_cache:10m max_size=1g;

   server {

           location / {

                proxy_cache m_cache;

                proxy_cache_valid 200 302 120m;   
                # vremenski koliko dugo - 120 minuta

                proxy_cache_valid 404 1m;     

                proxy_pass https://9.8.7.1;   
                # ovdje je 9.8.7.1 izvorni sajt

             }

}

Kako testirati da li je proxy podešen

Ako imamo Linux komandnu liniju onda izvršite komandu:

curl -H "host: www.vladimircicovic.com" -k https://172.232.148.193/

Ovdje koristimo host header i IP adresu gdje Curl upucujemo da ignorise SSL/TLS sertifikat i validnost (porediće IP adresu i domenu u SSL sertifikatu, i zatim odbiti da pošalje zahtjev, zato dodajemo -k opciju) Sa ovom komandom bi trebalo da vidimo početnu stranicu.

Kako testirati DNS za odredjene zemlje

Jedan od bržih načina da se vidi DNS propagacija (https://www.digicert.com/faq/dns/what-is-dns-propagation) jeste sajt: https://dnschecker.org/#A/www.vladimircicovic.com

Drugi način ako imate Linux komandnu liniju:

dig +short A www.vladimircicovic.com @118.127.62.178 

172.105.181.107

Gdje je javni DNS server za Australiju dostupan sa: https://public-dns.info/nameserver/au.html

IP adresa 172.105.181.107 je za Australiju i druge zemlje Okeanije.

Kako testirati web pristup za odredjene zemlje

Najbolje je uz pomoć sajta https://www.dotcom-tools.com/website-speed-test ali postoje i slični gdje je moguće testirati.

Optimizacija web stranice i ograničavanje sadržaja radi bržeg učitavanja

Npr možete prikazati 5, 10 zadnjih postova na svom sajtu. Tako učitavanje bude jako teško za klijenta. Jedan od načina jeste ograničavanjem količine broja postova na prvoj strani.

Alat za testiranje: https://pagespeed.web.dev/

Prije ograničavanja sadržaja:

Poslije ograničavanja sadržaja:

This is a quick and short text on how to install Kubernetes on Ubuntu 22.04. Spend the last 2 weeks solving issues with Containerd and Kubernetes.

After reviewing the GitHub issue for Kubernetes - found this to solve a problem that I have.

The problem manifests as up/down for Kubernetes health and running buggy. On Ubuntu 20.04 there was no problem. The issue is connected with Containerd Cgroups settings for version 1.5.9 (any above this version would work fine, read a link that I provided on information). So let us start with installation.

Kubernetes map - from cloudsigma.com

Kubernetes setup on Ubuntu 22.04

Let me guess you have 2 machines, with Ubuntu 22.04 installed. First, will be used for the k8s control pane. The second will be used as a worker/pod. Both machines have the same steps for k8s installation. Please notice that the IP addresses I am using are from my network - so add proper IP for cp1 and worker1
Here you go for the k8s control pane and worker:

apt update
apt upgrade

echo is this IP of your machine?

echo "192.168.50.204  worker1.example.com worker1" >> /etc/hosts

echo "192.168.50.165 cp1.example.com cp1" >> /etc/hosts

hostnamectl set-hostname cp1
hostnamectl set-hostname worker1

modprobe br_netfilter
modprobe overlay

cat << EOF | tee /etc/modules-load.d/k8s-modules.conf
br_netfilter
overlay
EOF

cat << EOF |  tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

sysctl --system

apt-get update ; apt-get install -y containerd

mkdir -p /etc/containerd

containerd config default | tee /etc/containerd/config.toml

sed -i "s/SystemdCgroup = false/SystemdCgroup = true/g" /etc/containerd/config.toml

systemctl restart containerd

swapoff -a

apt-get install -y apt-transport-https curl

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add

apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"

apt install -y kubeadm kubelet kubectl

After you finish these commands on both machines, you have an exclusive command for the k8s control pane and for the worker. For Control Pane:

kubeadm init --pod-network-cidr=192.168.0.0/16

mkdir -p $HOME/.kube

cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

chown $(id -u):$(id -g) $HOME/.kube/config

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

After you finish this on the Control Pane machine, there will be a command printed similar to this and copy to CLI of worker1:

kubeadm join 192.168.50.165:6443 --token azlcfh.36lef5ty7890en1r6 --discovery-token-ca-cert-hash sha256:47a02b63e60278025d3423883a05a48e06f943195f06ebe414d929f60028e

Or you can execute on Control Pane and get printed:

kubeadm token create --print-join-command

and then execute on Worker1 command that is printed The output of this command is copied/past on the worker machine. You can add more worker machines with no problem.

If all goes ok you will be able to check with:

kubectl run curl --image=radial/busyboxplus:curl -i --tty 

this would run a container on pods and you can see if the network and other parts are running ok. Type exit to leave the container. to delete this pod:

kubectl delete pods curl

You can also see how this goes with my video: Youtube K8s setup

Thanks to this people

@Jocix84 and @Bojana_dev for support, direction, and inspiration!