Monthly Archives: January 2019

VoIP system DevOPS, operations and Infrastructure management Automation

Continuous Integration and Delivery Automation using Jenkins

continous delivery hub
distribute work across multiple machines, helping drive builds, tests and deployments across multiple platforms
self-contained Java-based program
extensible using plugins

Jenkins pieline

orchestrate and automate building their project in Jenkins


Configuration management using chef cookbooks

Alternatives like puppet and Ansible, which are also a cross-platform configuration management platform


Compute virtualization and containerization using Docker

Docker containers can be used instead of virtual machines such as VirtualBox , to isolates applications and be OS and platform independent
Makes distributed development possible and automates the deployment possible

Usage: docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
–config string Location of client config files (default “/root/.docker”)
-D, –debug Enable debug mode
-H, –host list Daemon socket(s) to connect to
-l, –log-level string Set the logging level (“debug”|”info”|”warn”|”error”|”fatal”) (default “info”)
–tls Use TLS; implied by –tlsverify
–tlscacert string Trust certs signed only by this CA (default “/root/.docker/ca.pem”)
–tlscert string Path to TLS certificate file (default “/root/.docker/cert.pem”)
–tlskey string Path to TLS key file (default “/root/.docker/key.pem”)
–tlsverify Use TLS and verify the remote
-v, –version Print version information and quit

Docker commands

Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes

Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container’s changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container’s filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container’s filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes

docker container commands

List all container

docker ps 

docker container COMMAND

attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container’s changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container’s filesystem
exec Run a command in a running container
export Export a container’s filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes

docker image commands

see all iamges

>docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
sipcapture/homer-cron       latest              fb2243f90cde        3 hours ago         476MB
sipcapture/homer-kamailio   latest              f159d46a22f3        3 hours ago         338MB
sipcapture/heplify          latest              9f5280306809        21 hours ago        9.61MB
<none>                      <none>              edaa5c708b3a        21 hours ago        619MB
mysql                       5.6                 c30095c52827        36 hours ago        256MB
sipcapture/homer-app        master              1e883a8d88d4        2 days ago          454MB
postgres                    11-alpine           5239fade3a90        7 days ago          71.9MB
golang                      alpine              6b21b4c6e7a3        7 days ago          350MB
alpine                      latest              b7b28af77ffe        7 days ago          5.58MB
debian                      jessie              652b7a59e393        9 days ago          129MB
sipcapture/heplify-server   master              aa85bfa7cb3e        2 weeks ago         22.6MB
kapacitor                   1.5-alpine          2a63b9d348df        4 weeks ago         73.6MB
influxdb                    1.5-alpine          40e13f6ee02a        7 weeks ago         84MB
chronograf                  1.5-alpine          02ed2863e25b        7 weeks ago         44.5MB
sipcapture/hepsub           master              3ef6550c4bc6        2 months ago        90.6MB
hello-world                 latest              fce289e99eb9        6 months ago        1.84kB
sipcapture/homer-webapp     latest              75e5b5b7b33c        7 months ago        428MB
telegraf                    1.5-alpine          aa8daabb3b1c        10 months ago       42MB
stefanprodan/caddy          latest              655880563633        21 months ago       24.7MB

See all stats

>docker stats
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O           PIDS
f42c71741107        homer-cron          0.00%               52KiB / 994.6MiB      0.01%               2.3kB / 0B          602MB / 0B          0
0111765091ae        mysql               0.04%               452.2MiB / 994.6MiB   45.46%              1.35kB / 0B         2.06GB / 49.2kB     22

Run command from with docker

docker exec -it bash

First see all processes

docker ps

select a process and enter its bash

docker exec -it 0472a5127fff bash

to edit or update a file inside docker either install vim everytime u login in resh docker conainer like

apt-get update
apt-get install vim

or add this to dockerfile

RUN [“apt-get”, “update”]
RUN [“apt-get”, “install”, “-y”, “vim”]

see if ngrep is install , if not then install and run ngrep to get sip logs isnode that docker container

apt update
apt install ngrep
ngrep -p "14795778704" -W byline -d any port 5060

docker volume

volumes are used for persisting data generated by and used by Docker containers.
docker volumes have advantages over blind mounts such as
easier to backup or migrate , managed by docker APIs, can be safely shared among multiple containers etc

Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove all unused local volumes
rm Remove one or more volumes

docker stack

Lets to manager a cluster of docker containers thorugh docker swarm
can be defined via docker-compose.yml file

Options:
–orchestrator string Orchestrator to use (swarm|kubernetes|all)

Commands:
deploy Deploy a new stack or update an existing stack
ls List stacks
ps List the tasks in the stack
rm Remove one or more stacks
services List the services in the stack

docker service

commands :
create Create a new service
inspect Display detailed information on one or more services
logs Fetch the logs of a service or task
ls List services
ps List the tasks of one or more services
rm Remove one or more services
rollback Revert changes to a service’s configuration
scale Scale one or multiple replicated services
update Update a service

Run docker ccontainers

Run a command in a new container

Options:
–add-host list Add a custom host-to-IP mapping (host:ip)
-a, –attach list Attach to STDIN, STDOUT or STDERR
–blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
–blkio-weight-device list Block IO weight (relative device weight) (default [])
–cap-add list Add Linux capabilities
–cap-drop list Drop Linux capabilities
–cgroup-parent string Optional parent cgroup for the container
–cidfile string Write the container ID to the file
–cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
–cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
–cpu-rt-period int Limit CPU real-time period in microseconds
–cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, –cpu-shares int CPU shares (relative weight)
–cpus decimal Number of CPUs
–cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
–cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, –detach Run container in background and print container ID
–detach-keys string Override the key sequence for detaching a container
–device list Add a host device to the container
–device-cgroup-rule list Add a rule to the cgroup allowed devices list
–device-read-bps list Limit read rate (bytes per second) from a device (default [])
–device-read-iops list Limit read rate (IO per second) from a device (default [])
–device-write-bps list Limit write rate (bytes per second) to a device (default [])
–device-write-iops list Limit write rate (IO per second) to a device (default [])
–disable-content-trust Skip image verification (default true)
–dns list Set custom DNS servers
–dns-option list Set DNS options
–dns-search list Set custom DNS search domains
–entrypoint string Overwrite the default ENTRYPOINT of the image
-e, –env list Set environment variables
–env-file list Read in a file of environment variables
–expose list Expose a port or a range of ports
–group-add list Add additional groups to join
–health-cmd string Command to run to check health
–health-interval duration Time between running the check (ms|s|m|h) (default 0s)
–health-retries int Consecutive failures needed to report unhealthy
–health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
–health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
–help Print usage
-h, –hostname string Container host name
–init Run an init inside the container that forwards signals and reaps processes
-i, –interactive Keep STDIN open even if not attached
–ip string IPv4 address (e.g., 172.30.100.104)
–ip6 string IPv6 address (e.g., 2001:db8::33)
–ipc string IPC mode to use
–isolation string Container isolation technology
–kernel-memory bytes Kernel memory limit
-l, –label list Set meta data on a container
–label-file list Read in a line delimited file of labels
–link list Add link to another container
–link-local-ip list Container IPv4/IPv6 link-local addresses
–log-driver string Logging driver for the container
–log-opt list Log driver options
–mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, –memory bytes Memory limit
–memory-reservation bytes Memory soft limit
–memory-swap bytes Swap limit equal to memory plus swap: ‘-1’ to enable unlimited swap
–memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
–mount mount Attach a filesystem mount to the container
–name string Assign a name to the container
–network string Connect a container to a network (default “default”)
–network-alias list Add network-scoped alias for the container
–no-healthcheck Disable any container-specified HEALTHCHECK
–oom-kill-disable Disable OOM Killer
–oom-score-adj int Tune host’s OOM preferences (-1000 to 1000)
–pid string PID namespace to use
–pids-limit int Tune container pids limit (set -1 for unlimited)
–privileged Give extended privileges to this container
-p, –publish list Publish a container’s port(s) to the host
-P, –publish-all Publish all exposed ports to random ports
–read-only Mount the container’s root filesystem as read only
–restart string Restart policy to apply when a container exits (default “no”)
–rm Automatically remove the container when it exits
–runtime string Runtime to use for this container
–security-opt list Security Options
–shm-size bytes Size of /dev/shm
–sig-proxy Proxy received signals to the process (default true)
–stop-signal string Signal to stop a container (default “SIGTERM”)
–stop-timeout int Timeout (in seconds) to stop a container
–storage-opt list Storage driver options for the container
–sysctl map Sysctl options (default map[])
–tmpfs list Mount a tmpfs directory
-t, –tty Allocate a pseudo-TTY
–ulimit ulimit Ulimit options (default [])
-u, –user string Username or UID (format: [:])
–userns string User namespace to use
–uts string UTS namespace to use
-v, –volume list Bind mount a volume
–volume-driver string Optional volume driver for the container
–volumes-from list Mount volumes from the specified container(s)
-w, –workdir string Working directory inside the container

sample run command

docker run -it -d --name opensips -e ENV=dev imagename:2.2

-it flags attaches to an interactive tty in the container.
-e gives envrionment variables
-d runs it in background and prints container id

remove docker entities

To remove all stopped containers, all dangling images, and all unused networks:

docker system prune -a

To remove all unused volumes

docker system prune --volumes

To remove all stopped containers

docker container prune
sometimes docker images keep piling with stopped congainer such as 
REPOSITORY TAG IMAGE ID CREATED SIZE
d1dcfe2438ae 15 minutes ago 753MB
2d353828889b 16 hours ago 910MB
fb16e1be51f3 16 hours ago 910MB
3dc9b3fbe2fb 17 hours ago 910MB
7d1e4f183d93 18 hours ago 910MB
70fe962b9971 18 hours ago 910MB
c349859656b5 18 hours ago 910MB
5d4cbd1f4cbe 18 hours ago 910MB
aef6e40820f2 18 hours ago 910MB
4a4d3897f40e 18 hours ago 910MB
46bca8b4b1c3 20 hours ago 910MB
c172e5f24798 20 hours ago 910MB
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                        PORTS               NAMES
0dd6698a7517 2d353828889b "/entrypoint.sh" 13 minutes ago Exited (137) 13 minutes ago hardcore_wozniak
047a42f7a6cd d1dcfe2438ae "/bin/sh -c 'aws s3 …" 18 minutes ago Exited (1) 18 minutes ago ecstatic_heisenberg
65b2305520e9 2d353828889b "/entrypoint.sh" 27 minutes ago Exited (137) 26 minutes ago mystifying_robinson
56841a6c8da4 2d353828889b "/entrypoint.sh" 17 hours ago Exited (137) 26 minutes ago compassionate_keldysh
c23f9399c53d zt-voipmonitor "/entrypoint.sh" 17 hours ago Exited (7) 17 hours ago angry_zhukovsky
5a0f99b7485a 3dc9b3fbe2fb "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago elegant_haslett
f49a4305928a 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago boring_bose
53afb5633a60 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago suspicious_varahamihira
662f6a76ecb3 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago wizardly_booth
c5dd4e8e8a12 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago gracious_kapitsa
0d17dd07af57 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago upbeat_elbakyan
60b419a51099 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago dreamy_ptolemy
6f3a7ca0a2d4 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago stupefied_gauss
0acab30d0c33 7d1e4f183d93 "/entrypoint.sh" 17 hours ago Exited (137) 17 hours ago reverent_varahamihira
b3414b91d718 7d1e4f183d93 "/entrypoint.sh" 18 hours ago Exited (137) 17 hours ago blissful_goodall

to remove such images and their conainer , first stop and remove confainers

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

then remove all dangling images

docker rmi  $(docker images -aq --filter dangling=true)

Infrastructure management using terraform

building, changing, and versioning infrastructure
Infra as Code – can run single application to datacentres via configuration files which create execution plan
can manage low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.
Resource Graph – builds a graph of all your resources

tfenv can be used to manage terraform versions

brew unlink terraform
tfenv install 0.11.14
tfenv list 

Terraform configuration language

used for decalring resoirces and descriptions of infrastructure
.tf or .tf.json file extension
group of resources can be gathered into a module
Terraform configuration consists of a root module, where evaluation begins, along with a tree of child modules created when one module calls another.

Exmaple : launch a single AWS EC2 instance , fle server1.tf

provider "aws" {
  profile    = "default"
  region     = "us-east-1"
}

resource "aws_instance" "server1" {
  ami           = "ami-2757f631"
  instance_type = "t2.micro"
}

note : AMI IDs are region specific.
profile attribute here refers to the AWS Config File in ~/.aws/credentials

Terraform command line interface (CLI)

engine for evaluating and applying Terraform configurations.
uses plugins called providers that each define and manage a set of resource types

Command Usage: terraform [-version] [-help] [args]

Common commands:
apply Builds or changes infrastructure
console Interactive console for Terraform interpolations
destroy Destroy Terraform-managed infrastructure
env Workspace management
fmt Rewrites config files to canonical format
get Download and install modules for the configuration
graph Create a visual graph of Terraform resources
import Import existing infrastructure into Terraform
init Initialize a Terraform working directory
output Read an output from a state file
plan Generate and show an execution plan
providers Prints a tree of the providers used in the configuration
refresh Update local state file against real resources
show Inspect Terraform state or plan
taint Manually mark a resource for recreation
untaint Manually unmark a resource as tainted
validate Validates the Terraform files
version Prints the Terraform version
workspace Workspace management

All other commands:
0.12upgrade Rewrites pre-0.12 module source code for v0.12
debug Debug output management (experimental)
force-unlock Manually unlock the terraform state
push Obsolete command for Terraform Enterprise legacy (v1)
state Advanced state management

terraform init
initialize a working directory containing Terraform configuration files.

terraform validate
checks that verify whether a configuration is internally-consistent, regardless of any provided variables or existing state.


Kubernetes

container orchestration platform , automating deployment, scaling, and management of containerized applications.
can deploy to cluster of computers, automating the distribution and scheduling as well

Service discovery and load balancing – gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
Automatic bin packing – Automatically places containers based on their resource requirements and other constraints, while not sacrificing availability. Mix critical and best-effort workloads in order to drive up utilization and save even more resources.
Storage orchestration
Automatically mount the storage system of your choice, whether from local storage, a public cloud provider such as GCP or AWS, or a network storage system such as NFS, iSCSI, Gluster, Ceph, Cinder, or Flocker.
Self-healing – Restarts containers that fail, replaces and reschedules containers when nodes die, kills containers that don’t respond to your user-defined health check, and doesn’t advertise them to clients until they are ready to serve.
Automated rollouts and rollbacks – progressively rolls out changes to your application or its configuration, while monitoring application health to ensure it doesn’t kill all your instances at the same time.
Secret and configuration management – Deploy and update secrets and application configuration without rebuilding your image and without exposing secrets in your stack configuration.
Batch execution- manage batch and CI workloads, replacing containers that fail, if desired.
Horizontal scaling – Scale application up and down with a simple command, with a UI, or automatically based on CPU usage.


DevOps monitoring tools nagios

Manage Docker configs

Commands:
create Create a config from a file or STDIN
inspect Display detailed information on one or more configs
ls List configs
rm Remove one or more configs

Manage containers

Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container’s changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container’s filesystem
exec Run a command in a running container
export Export a container’s filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes

Alternatives, Senu multi-cloud monitoring or Raygun

Ref :

Terraform : https://www.terraform.io
Kubernetes : https://kubernetes.io/
Sensu : https://sensu.io/

Jenkisn – https://raygun.com/blog/best-devops-tools/