vlan management with iproute2

Use iproute2 to manage vlan:

# ip link add name eth0.3 link eth0  type vlan id 3
# ip link

To show vlan info you need the -d option.

# ip -d link show eth0.3
# ip l f eth0.3

Names like eth0.3 are a convention. The following works too:

# ip l a name foo3 link eth0  type vlan id 3
# ip -d l s foo3
32: foo3@eth0 [snip]
    vlan protocol 802.1Q id 12

My Fedora is getting fat…

Monitor your Fedora disk usage:

abrt-cli [list|rm]
journald --disk-usage
[sudo] yum clean all

Store vm|docker data outside /var

virsh pool-edit default
OPTIONS="-g /data/docker"

Enable virsh for `wheel` users (from goldmann.pl)

sudo tee -a /etc/polkit-1/rules.d/80-libvirt.rules << EOF
# Don't ask password if user is in the wheel group.
polkit.addRule(function(action, subject) {
  if (action.id == "org.libvirt.unix.manage" && subject.local && subject.active && subject.isInGroup("wheel")) {
      return polkit.Result.YES;


# Set context.
chcon --reference=/etc/polkit-1/rules.d /etc/polkit-1/rules.d/80-libvirt.rules

NetworkManager please, stay away from my docker0

To set a list of unmanaged-devices you can just do the following.

cat >> /etc/NetworkManager/NetworkManager.conf <<EOF




sudo nmcli connection reload

Strangely I had to put this in NetworkManager.conf. Using
/etc/NetworkManager/conf.d/20-unmanaged-bridges.conf didn’t work.

Positioning MySQL replication with GTID

mysql-fabric is a set of tools to setup resiliend and scalable mysql infrastructures.

You can create fabric groups (a set of replicated servers) with automatic failover and various policies.


#mysqlfabric group create mycluster
#mysqlfabric group add mycluster db-1:3306
#mysqlfabric group add mycluster db-2:3306
#mysqlfabric group add mycluster db-3:3306

And now pick a master: fabric will configure replication on all the nodes

#mysqlfabric group promote mycluster --slave_id DB_1_ID

Now, unless db-1 is a blank page, you’re likely to get an error :(

Fabric is trying to replicate ALL the changes happened on db-1 since its creation (included “CREATE USER root …”) to all slaves.

The solution is to
1 – get the last transaction id used for configuration;
2- tell to the slaves to skip everything until then.

It is done via

-- stop replication first, and reset what have been done until now (hopefully nothing ;)
-- tell the slave to skip the first 10 transactions from the server with id 9f36...
 SET @@GLOBAL.GTID_PURGED = '9f367fff-d91e-11e4-8ffe-0242ac110017:1-10'; 
-- now restart the slave and check that everything is fine


Remote dump of mysqlbinlog

In MySQL 5.6 the mysqlbinlog command allows:
– connecting to a remote server with  “-R”
– get all binlogs passing “–to-last-log”

To continuously dump the logs, use
– stay connected with “–stop-never” which implies “–to-last-log”

You can practice using this MySQL Community Docker Image, which provides all binaries and an easy master-slave setup.

You can try using this

# mkdir /tmp/test; cd /tmp/test
# wget https://raw.githubusercontent.com/ioggstream/mysql-community/master/ga/docker-compose.yml
# docker-compose -p test up # run master and server

# docker run --rm -ti --link=test_master_1:master --entrypoint=/bin/bash ioggstream/mysql-community -l

$mysqlbinlog -R  -h master -u root -p root  --stop-never master-bin.000001

Now just send some data to the master (eg. the sakila db)

For further info, check here http://dev.mysql.com/doc/refman/5.6/en/mysqlbinlog-backup.html

Access your docker volumes via sftp!

Docker DNS is a python application you can use to
identify your containers by hostname or name.

You can run it with behind dnsmasq using the instructions

#sudo twistd dockerdns -u http://docker-server:5000 -p 53
# host mycontainer.docker # by container-name or hostname
# host mymage.*.docker # all container from a given image

Using twisted conch, I added sftp functionalities too, so you can access your container volumes directly.

#sftp -P10022 mycontainer@docker-server
sftp$ ls /

CentOS 7 KeyMap IT

CentOS 7 utilizza di default systemd che è una suite di tools per l’amministrazione dei servizi di sistema.

per impostare il layout della tastiera si utilizza:

# localectl set-keymap it

ma facendo così le informazioni al riavvio vengono perse.

basta editare il file /etc/grub2.cfg e impostare il parametro corretto vconsole.keymap=it al posto di vconsole.keymap=it2

al riavvio le informazioni vengono preservate dato che stiamo dicendo al kernel linux di utilizzare la virtual console con keymap it

maggiori info: http://www.freedesktop.org/software/systemd/man/systemd-vconsole-setup.service.html

Firewalld to your jboss container

When you dockerize your jboss, the expose directive (luckily) doesn’t open firewall ports.

On Fedora20 you need to update your firewalld configuration:

 1- add one or more services to /etc/firewalld/zones/public.xml
 2- define ports in   /etc/firewalld/services/eap6-standalone.xml

  <port port="8080" protocol="tcp" />

  # restorecon -R /etc/firewalld/

  #firewall-cmd --reload

Eat the fig.sh (now is docker-compose)

Fig is a very simple Docker orchestrator. It can be used to describe your container environment and make it easy to replicate.

cat fig.yml
# Setup two linked containers: jboss and a log server (you need to configure
# wildfly to use syslog)
  image: jboss/wildfly
    - JAVA_OPTS=  " -Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=4000,suspend=n "
    - "8080:8080"
    - syslogserver

    image:  jplock/rsyslog
       -  /var/log:/var/log

Bridge management with iproute2

You can do simple management tasks on linux virtual bridges using iproute2.

While you can’t set STP or showmacs, you can create/delete bridges and add/remove interfaces.

The following commands are the same.

* add bridge

#brctl addbr ipbr0
#ip l a ipbr0 type bridge

* add interface to bridge

#brctl addif ipbr0 eth0
#ip l s eth0 master ipbr0

* remove interface from bridge

#brctl delif ipbr0 eth0
#ip l s eth0 nomaster

* remove bridge

#brctl delbr ipbr0
#ip l d ipbr0