Found my forgotten Raspberry Pi

And, naturally, decided to put it to use (although, for exactly what… is currently unclear). 😊

So… how?

As there was already a micro SD card inside my Raspberry Pi, I was all set!

Basically, what I had to do:

  • download the OS image (Raspberry Pi OS Lite)
  • download imaging software (Etcher)
  • extract the OS onto micro SD card
  • enable SSH by adding an empty file called “ssh” (yes, without any extension) to the boot volume
  • boot it up
  • set it up as I like

Extracting the OS image onto micro SD card is a “breeze” with right tools – select OS image, select where do you want to put it and click Flash:

After it’s finished, don’t forget to enable yourself the SSH access (it’s easier that way):

Done.

Let’s put the card back into Raspberry Pi and boot it up.

Few seconds later, you can use (e.g.) Windows Terminal and included SSH client to access your Raspberry Pi (default networking option is DHCP, with default username of pi and password raspberry):

I wanted to “tweak” my installation a bit (with the provided raspi-config script), so I’ve used the following for disabling unnecessary devices, custom network settings, etc.:

And after a while, my Raspberry Pi is finally ready:

Cheers!

Figuring out your public IP address with PowerShell

Sometimes, you need to know your public IP address because of… reasons. My particular reason was creating firewall rule to limit SSH only from my current public IP address, to a machine on the Internet. And how to do it?

You can always use free services like What Is My IP?, which shows you your public IP address in a nice form:

But there are also other ways – if you’re running Linux (or WSL) and do a Google search for the command that can help you, you’ll probably get this (https://askubuntu.com/questions/95910/command-for-determining-my-public-ip?noredirect=1&lq=1):

And if you’re using Windows, PowerShell is here to help you! I like “oneliners”, even if they are not always easy to read:

I’m sure that my friend Aleksandar (PowerShell guru & Microsoft MVP) has a better way, but for me, this works just fine. šŸ™‚

Hope it helps!

Cheers!

Creating some virtual machines in Azure with PowerShell

The other day I was creating some Linux virtual machines (I know, I know…) and, with Azure being my preferred hosting platform, I’ve decided to create this machines by using a simple PowerShell script. Not because I’m so good at PowerShell, but because I like it… and sometimes I really don’t like clicking through the wizard to create multiple machines.

I wanted to create multiple machines with ease, each with “static” IP address from the provided subnet, accessible via the Internet (SSH, HTTP) and running the latest Ubuntu Linux, of course.

So, I was browsing through the official documentation (a.k.a. docs.com, more specifically https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-powershell), and I’ve come up with this (my version of the official docs):

If this helps you with similar task – you’re welcome.

Cheers!

Software Management in Linux (Packt)

Learn software management with advanced Linux administration in this tutorial by Frederik Vos, a Linux trainer and evangelist and a senior technical trainer of virtualization technologies, such as Citrix XenServer and VMware vSphere.

— post by Frederik Vos, provided by Packt —

Software management

In the old days, installing software was aĀ matterĀ of extracting an archive to a filesystem. There were several problems with this approach:

  • It was difficult to remove the software if the files were copied into directories that were also used by another software
  • It was difficult to upgrade software, maybe because the files were still in use or were renamed
  • It was difficult to handle shared libraries

That’s why Linux distributions invented software managers.

The RPM software manager

In 1997, Red Hat released the first version ofĀ theirĀ package manager, RPM. Other distributions such as SUSE adopted this package manager. RPM is the name of theĀ rpm utility, as well asĀ theĀ name of the format and the filename extension.

The RPM package contains the following:

  • A CPIO archive
  • Metadata with information about the software, such as a description and dependencies
  • Scriptlets for pre and post-installation scripts

In the past, Linux administrators used theĀ rpmĀ utility to install/update and remove software on a Linux system. If there was a dependency, theĀ rpmĀ command was able to tell exactly which other packages you needed to install. However, theĀ rpmĀ utility couldn’t fix the dependencies or possible conflicts between packages.

Nowadays, theĀ rpmĀ utility isn’t used any longer to install or remove software; instead, you use more advanced software installers.Ā After the installation of software withĀ yumĀ (Red Hat/CentOS) orĀ zypperĀ (SUSE), all the metadata goes into a database. Querying thisĀ rpmĀ database with theĀ rpmĀ command can be very handy.

A list of the most commonĀ rpmĀ query parameters are as follows:

Parameter Description
-qa List allĀ the installedĀ packages.
-qi <software> List information.
-qc <software> List the installed configuration files.
-qd <software> List the installed documentation and examples.
-ql <software> List all the installed files.
-qf <filename> Shows the package that installed this file
-V <software> Verifies the integrity/changes after the installation of a package;Ā useĀ -vaĀ to do it for all installed software.
-qp Use this parameter together with other parameters if the package is not already installed. It’s especially useful if you combine this parameter withĀ –scriptĀ to investigate the pre and post-installation scripts in the package.

The followingĀ screenshotĀ is an example ofĀ gettingĀ information about the installed SSH server package:

The output of theĀ -VĀ parameter indicates that the modification time has changed since the installation. Now, make another change in theĀ sshd_configĀ file:

If you verify theĀ installedĀ package again, there is anĀ SĀ added to the output, indicating that the file size is different, and aĀ T, indicating that the modificationĀ timeĀ has changed:

Other possible characters in the output are as follows:

S File size
M Mode (permissions)
5 Checksum
D Major/minor on devices
L Readlink mismatch
U User ownership
G Group ownership
T Modification time
P Capabilities

For text files, theĀ diffĀ command can help show the differences between the backup in theĀ /tmpĀ directory and the configuration inĀ /etc/ssh:

You can also restoreĀ theĀ originalĀ fileĀ as follows:

The DPKG software manager

The Debian distribution doesn’tĀ useĀ the RPM format; instead, itĀ usesĀ the DEB format invented in 1995. The format is in use on all Debian and Ubuntu-based distributions.

A DEB package contains:

  • A file,Ā debian-binary, with the version of the package
  • An archive file, control.tar, with metadata (package name, version, dependencies, and maintainer)
  • An archive file, data.tar, containing the actual software

Management of DEB packages can be done with theĀ dpkgĀ utility. LikeĀ rpm, the utility is not in use any longer to install software. Instead, the more advancedĀ aptĀ command is used.Ā All the metadata goes into a database, which can be queried withĀ dpkgĀ orĀ dpkg-query.

The important parameters ofĀ dpkg-queryĀ are as follows:

-l Lists all the packages without parameters, but you can use wildcards, for example,Ā dpkg -l *ssh*
-L <package> Lists files in an installed package
-p <package> Shows information about the package
-s <package> Shows the state of the package

The first column from the output ofĀ dpkg -lĀ also shows a status as follows:

The first character in the first column is the desired action,Ā the second is the actual state of the package, and a possible third character indicates an error flag (R).Ā iiĀ means that the package is installed.

The possibleĀ desiredĀ states are as follows:

  • (u) unknown
  • (h) hold
  • (r) remove
  • (p) urge

The important packageĀ statesĀ are as follows:

  • n(ot) installed
  • H(a)lf installed
  • Hal(F) configured

Software management with YUM

Your Update ManagerĀ orĀ Yellowdog Updater ModifiedĀ (YUM) is a modernĀ softwareĀ managementĀ toolĀ that was introduced by Red Hat in Enterprise Linux version 5, replacing theĀ up2dateĀ utility. It isĀ currentlyĀ in use in all Red Hat-based distributions but will be replaced withĀ dnf, which is used by Fedora. TheĀ goodĀ news is thatĀ dnfĀ is syntax-compatible withĀ yum.

Yum isĀ responsibleĀ for:

  • Installing software, including dependencies
  • Updating software
  • Removing software
  • Listing and searching for software

The important basic parameters are as follows:

Command DescriptionĀ 
yum search Search for software based onĀ packageĀ name/summary
yum provides SearchĀ forĀ software basedĀ onĀ a filename in a package
yum install Install software
yum info InformationĀ andĀ status
yum update UpdateĀ allĀ software
yum remove RemoveĀ software

You can also install patterns of software, for instance, the pattern or groupĀ File and Print ServerĀ is a convenient way to install the NFS and Samba file servers together with the Cups print server:

Command Description
yum groups list List theĀ availableĀ groups.
yum groups install Install a group.
yum groups info InformationĀ aboutĀ a group, including theĀ groupĀ names that are in use by the Anaconda installer.Ā This information is important for unattended installations.
yum groups update Update softwareĀ withinĀ a group.
yum groups remove Remove theĀ installedĀ group.

AnotherĀ niceĀ feature ofĀ yumĀ isĀ workingĀ with history:

Command Description
yum history list List theĀ tasksĀ executed byĀ yum
yum history info <number> List the content of a specific task
yum history undo <number> Undo the task; a redo is also available

TheĀ yumĀ command uses repositories to be able to do all the software management. To list the currently configured repositories, use:

To add another repository, you’ll need theĀ yum-config-managerĀ tool, which creates and modifies the configuration files inĀ /etc/yum.repos.d. For instance, if you want to add a repository to install Microsoft SQL Server, use the following:

TheĀ yumĀ functionality can be extended with plugins, for instance, to select the fastest mirror, enabling the filesystemĀ /Ā LVM snapshots and runningĀ yumĀ as a scheduled task (cron).

Software management with Zypp

SUSE, like Red Hat, uses RPM forĀ packageĀ management. But instead of usingĀ yum, they use another toolset with Zypp (also known as libZypp) as backend. Software management can be doneĀ withĀ the graphical configuration software YaST or the command-line interface tool Zypper. The important basic parameters are as follows:

Command Description
zypper search SearchĀ forĀ software
zypper install InstallĀ software
zypper remove RemoveĀ software
zypper update UpdateĀ software
zypper dist-upgrade Perform aĀ distributionĀ upgrade
zypper info ShowĀ information

There is a search option to search for a command,Ā what-provides, but it’s very limited. If you don’t know the package name, there is a utility calledĀ cnfĀ instead. Before you can useĀ cnf, you’ll need to installĀ scout; this way, the package properties can be searched:

After this, you can useĀ cnf:

If you want to update your system to aĀ newĀ distribution version, you have to modify the repositories first. For instance, if you want to update from SUSE LEAP 42.3 to version 15.0, executeĀ theĀ following procedure:

  1. First, install the available updates for your current version:

  1. Update to the latest version in the 42.3.x releases:

  1. Modify the repository configuration:

  1. InitializeĀ the new repositories:

  1. Install the new distribution:

  1. Now, reboot after the distribution upgrade.

Besides installing packages, you can also install the following:

  • patterns: Groups of packages, for instance, to install a complete web server including PHP and MySQL (also known as a lamp)
  • patches: Incremental updates for a package
  • products: Installation of an additional product

To list the available patterns, use:

To install them, use:

The same procedure applies to patches and products. Zypper uses online repositories to view the currently configured repositories:

You can add repositoriesĀ withĀ theĀ addrepoĀ parameter, for instance,Ā to add a community repository for the latest PowerShell version on LEAP 15.0:

If you add a repository, you must always refreshĀ theĀ repositories:

Software management with apt

In Debian/Ubuntu-based distributions, softwareĀ managementĀ is doneĀ viaĀ theĀ aptĀ utility, which is a recent replacement for the utilities,Ā apt-getĀ andĀ apt-cache.

The most-used commands include:

Command Description
apt list ListĀ packages
apt search SearchĀ inĀ descriptions
apt install InstallĀ aĀ package
apt show ShowĀ packageĀ details
apt remove Remove aĀ package
apt update Update catalog ofĀ availableĀ packages
apt upgrade Upgrade theĀ installedĀ software
apt edit-sources Edit theĀ repositoryĀ configuration

Repositories are configured inĀ /etc/apt/sources.listĀ and files in theĀ /etc/apt/sources.list.d/Ā directory. Alternatively, there is a command,Ā apt-add-repository, available:

TheĀ aptĀ repositories have the concept of release classes:

  • Old stable, tested in the previous version of a distribution
  • Stable
  • Testing
  • Unstable

They also have the concept of components:

  • Main: Tested and provided with support and updates
  • Contrib: Tested and provided with support and updates, but there are dependencies that are not in main, but for instance, in non-free
  • Non-free: Software that isn’t compliantĀ withĀ the Debian Social Contract Guidelines (https://www.debian.org/social_contract#guidelines)

UbuntuĀ addsĀ someĀ extraĀ components:

  • Universe: Community provided, no support, updates possible
  • Restricted: Proprietary device drivers
  • Multiverse: Software restricted by copyright or legal issues

If you found this article interesting, you can explore Frederik Vos’ Hands-On Linux Administration on Azure to administer Linux on Azure. Hands-On Linux Administration on Azure will help you efficiently run Linux-based workloads in Azure and make the most of the important tools required for deployment.

Cheers!

Deploying Linux machines by using System Center 2016: Virtual Machine Manager templates

In light of “Microsoft loves Linux” initiative, you can now deploy your Linux virtual machines by using templates in the System Center 2016: Virtual Machine Manager. As I was searching on how to do this (successfully), there were couple of articles that helped, so I’ve decided to do a short list of all the necessary steps (in one place).

Steps to make your Linux VM template deployments work:

  • create a new (Generation 2) virtual machine (as you would normally do)
  • install the Linux operating system in that virtual machine (as you would normally do)
    • HINT: A list of supported Linux distributions and versions on Hyper-V is available here.
  • install the Linux Integration Services (LIS) (as per this post):
    • open the “modules” file
    • add the following to the end of this file:
    • save it (Ctrl+X and Y)
    • install LIS and reboot the machine by using the following commands:
    • check if the services are running by using the command:
  • install the Virtual Machine Manager agent (as per this post):
    • share the folder C:\Program Files\Microsoft System Center 2016\Agents\Linux on your VMM machine
    • copy the VMM agent files to Linux virtual machine
      • as a real Windows admin, I did it through the GUI
    • install the agent:
  • fix the boot for Generation 2 virtual machine (boot information is by default stored in the VM configuration file, not on disk – Ben wrote a great article on this ā€œissueā€)
    • Ben’s way (didn’t work for me):
      • change directory to the boot EFI directory
      • copy the ubuntu directory in to a new directory named boot
      • change directory to the newly created boot directory
      • rename the shimx64.efi file
    • TriJetScud’s way in the comments (worked for me with Ubuntu 16.04 Generation 2 VM):
  • shutdown the virtual machine and copy its VHDX to the VMM Library
    • HINT: Don’t forget to refresh the VMM Library.
  • go to the VMM Library, right-click the copied VHDX and select the Create VM templateĀ option
  • proceed with creating the template as you normally would, to the part Configure Operating System
    • HINT: If you are using Secure boot, don’t forget to select theĀ MicrosoftUEFICertificateAuthority template in hardware settings.
  • there, under Guest OS profile, you select the option to create a new Linux operating system customization settings
  • next you specify your guest OS settings and finish creating the template
  • now you can create a new Linux virtual machine from the template you’ve configured!

Hope it helps!

Cheers!

Office 365 and BIND

And now… something completely different. Smile

The other day I was ā€œplayingā€ with setting up Office 365 for one of our clients – they have Linux machines for their DNS servers, and BIND as their DNS solution. As this was my first encounter with configuring BIND by myself, I just wanted to share steps I’ve taken to make it work (in my lab environment) – maybe it will help someone…

DISCLAIMER: I’m not a Linux/UNIX expert! I try to figure out what I need, and then try to make this work… with the help of Internet resources (or experts), of course. There is plenty of resources on how to do this already, but I like to have things in one place if I need them again. Smile

So, I’ve began my experiment with wondering which Linux distribution should I take. After some consulting (thanks, Ingrid Smile), the final choice was pretty easy – Fedora (criteria – had to be relatively easy to use (for non-Linux person like me), had to work in Hyper-V without much trouble, and there should be someone who can help if I got stuck). Smile

After a pretty simple installation process (wizard, Next, …, Next, Finish), I’ve had my Fedora box up and running.

image
Now, the more complicated part – setup this box to be BIND server, and load the correct records in it, so that Office 365 can add and verify my domain.

Here are the high-level steps (I’ve used Terminal, with su rights):

1. install few packages to get things up and running:

2. configure the BIND (DNS) server to run at startup:

3. query the firewall rules for UDP port 53 access:

4. open the required firewall ports (list of TCP and UDP ports):

5. edit the /etc/named.conf file:

6. comment the lines that are preventing your BIND server from responding to ā€œoutsideā€ requests:

7. add your local subnet to allowed list (and add some forwarders for resolving other domains and records):

8. enable recursion:

9. add your zone and a ā€œpointerā€ to your zone file:

10. create and edit the zone file specified:

11. add the required records to your zone file (by the instructions that Office 365 gives you; sorry about the formatting):

12. save the files, and check the new zone:

13. restart the service and start using it:

And Office 365 response after this – success! Smile

image
Things I’ve learnedĀ during this ā€œadventureā€:

  • you should be careful about the trailing ā€œ.ā€ (dot) in FQDN-s that you are using – if you miss it somewhere, you’ll get errors loading the zone
  • there are great guides that can help you – one of them is BIND9 Server: How to (although I’ve seen it a bit too late Smile)
  • don’t be afraid to ask for help!

I cannot stress this enough – this recipe is not the secure way of doing things – it’s sole purpose is to make BIND work in my lab environment!

If I missed (or misunderstood) something, feel free to comment and correct me.

Cheers!

UpdatedĀ (20160917):Ā There was a tiny error in my zone file – switched priority and wieght fields (thank you,Ā Lenny, for pointing it out).