Mervin Praison -

MySQL Configure Password

Post author By praison
Post date March 27, 2023

Main Method

$ sudo mysql_secure_installation

Alternate method

Using sudo

$ sudo mysql -u root

Create a new database:

CREATE DATABASE newdb;

Grant privileges to a new user:

GRANT ALL ON newdb.* TO yournewuser@localhost IDENTIFIED BY 'yourpassword';
FLUSH privileges;

Python

Python Change Version

Post author By praison
Post date March 23, 2023

update-alternatives --install /usr/bin/python3 python3 /usr/local/bin/python3.9 1
update-alternatives --install /usr/bin/python3 python3 /usr/local/bin/python3.8 2

Containers

OPcache in Docker

Post author By praison
Post date March 20, 2023

[opcache]
opcache.enable=1
opcache.revalidate_freq=0
opcache.validate_timestamps=0
opcache.max_accelerated_files=10000
opcache.memory_consumption=192
opcache.max_wasted_percentage=10
opcache.interned_strings_buffer=16
opcache.fast_shutdown=1

FROM php:8.1-fpm-alpine

# Install build dependencies and the OPcache extension
RUN apk add --no-cache $PHPIZE_DEPS \
    && docker-php-ext-install opcache \
    && apk del $PHPIZE_DEPS

# Copy the opcache.ini into your Docker image    
COPY docker/php/opcache.ini /usr/local/etc/php/conf.d/opcache.ini

# Run your application
CMD php-fpm

Containers

Cluster Role Binding in K8s

Post author By praison
Post date March 20, 2023

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

DevOps

DevOps Pets Vs Cattles

Post author By praison
Post date March 17, 2023

Immutable (Type 3)	Immutable Cattle (Type 2)	Mutable Pets ( Type 1)
Stateless Servers	Web array servers	Mainframes
Web Server	Management Servers	Solitary Servers
Application Server	Multi-master datastores	Load balancers
	HPC Head Node / Compute Nodes	Firewalls
		Database systems
		AD Domain Controllers

Linux

Linux Add Bridge Network with Static IP

Post author By praison
Post date March 15, 2023

#!/bin/bash
ifconfig eth0 192.168.0.82 netmask 255.255.255.0 up
route add default gw 192.168.0.254 eth0
echo "nameserver 8.8.8.8" > /etc/resolv.conf
echo "nameserver 8.8.4.4" >> /etc/resolv.conf

Containers

K8s Run Command after Container starts

Post author By praison
Post date March 15, 2023

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: auth
spec:
  replicas: 1
  template:
    metadata:
        labels:
          app: auth
    spec:
      containers:
        - name: auth
          image: {{my-service-image}}
          env:
          - name: NODE_ENV
            value: "docker-dev"
          resources:
            requests:
              cpu: 100m
              memory: 100Mi
          ports:
            - containerPort: 3000
          lifecycle:
            postStart:
              exec:
                command: ["/bin/sh", "-c", {{cmd}}]

PHP

OPcache default config

Post author By praison
Post date March 15, 2023

Name	Default
opcache.enable	1
opcache.enable_cli	0
opcache.memory_consumption	128
opcache.interned_strings_buffer	8
opcache.max_accelerated_files	10000
opcache.max_wasted_percentage	5
opcache.use_cwd	1
opcache.validate_timestamps	1
opcache.revalidate_freq	2
opcache.revalidate_path	0
opcache.save_comments	1
opcache.fast_shutdown	0
opcache.enable_file_override	0
opcache.optimization_level	0x7FFEBFFF
opcache.inherited_hack	1
opcache.dups_fix	0
opcache.blacklist_filename
opcache.max_file_size	0
opcache.consistency_checks	0
opcache.force_restart_timeout	180
opcache.error_log
opcache.log_verbosity_level	1
opcache.record_warnings	0
opcache.preferred_memory_model
opcache.protect_memory	0
opcache.mmap_base	null
opcache.restrict_api
opcache.file_update_protection	2
opcache.huge_code_pages	0
opcache.lockfile_path	/tmp
opcache.opt_debug_level	0
opcache.file_cache	NULL
opcache.file_cache_only	0
opcache.file_cache_consistency_checks	1
opcache.file_cache_fallback	1
opcache.validate_permission	0
opcache.validate_root	0
opcache.preload
opcache.preload_user
opcache.cache_id
opcache.jit	tracing
opcache.jit_buffer_size	0
opcache.jit_debug	0
opcache.jit_bisect_limit	0
opcache.jit_prof_threshold	0.005
opcache.jit_max_root_traces	1024
opcache.jit_max_side_traces	128
opcache.jit_max_exit_counters	8192
opcache.jit_hot_loop	64
opcache.jit_hot_func	127
opcache.jit_hot_return	8
opcache.jit_hot_side_exit	8
opcache.jit_blacklist_root_trace	16
opcache.jit_blacklist_side_trace	8
opcache.jit_max_loop_unrolls	8
opcache.jit_max_recursive_calls	2
opcache.jit_max_recursive_returns	2
opcache.jit_max_polymorphic_calls	2

Containers

runAsUser in K8s Container

Post author By praison
Post date March 15, 2023

apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo-2
spec:
  securityContext:
    runAsUser: 1000
  containers:
  - name: sec-ctx-demo-2
    image: gcr.io/google-samples/node-hello:1.0
    securityContext:
      runAsUser: 2000
      allowPrivilegeEscalation: false

Containers

K8s Environment Variable

Post author By praison
Post date March 15, 2023

apiVersion: v1
kind: Pod
metadata:
  name: envar-demo
  labels:
    purpose: demonstrate-envars
spec:
  containers:
  - name: envar-demo-container
    image: gcr.io/google-samples/node-hello:1.0
    env:
    - name: DEMO_GREETING
      value: "Hello from the environment"