Author:
erics, April 17th, 2023
First, use the AWS Console to modify the volume to the desired size, in our example we want to go from 10GB to 25GB for the root filesystem For a Xen ext4 root volume
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# df -h Filesystem Size Used Avail Use% Mounted on /dev/xvda1 9.8G 9.6G 26M 100% / /dev/xvdf 200G 99G 102G 50% /volumes/data # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT xvda 202:0 0 10G 0 disk └─xvda1 202:1 0 10G 0 part / xvdf 202:80 0 200G 0 disk /volumes/data # growpart /dev/xvda 1 CHANGED: disk=/dev/xvda partition=1: start=4096 old: size=20967390,end=20971486 new: size=52424670,end=52428766 # lsblk lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT xvda 202:0 0 25G 0 disk └─xvda1 202:1 0 25G 0 part / xvdf 202:80 0 200G 0 disk /volumes/data # resize2fs /dev/xvda1 resize2fs 1.43.5 (04-Aug-2017) Filesystem at /dev/xvda1 is mounted on /; on-line resizing required old_desc_blocks = 1, new_desc_blocks = 2 The filesystem on /dev/xvda1 is now 6553083 (4k) blocks long. # df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/xvda1 ext4 25G 9.6G 15G 40% / /dev/xvdf xfs 200G 99G 102G 50% /volumes/data |
For NVMe First, use lsblk to see the raw partitions:
|
|
# df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/nvme0n1p1 xfs 20G 2.8G 18G 14% / # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme0n1 259:0 0 40G 0 disk ├─nvme0n1p1 259:1 0 20G 0 part / └─nvme0n1p128 259:2 0 1M 0 part |
Note how the partition at 259:1 is only 20GB, […]
Categories: How-To's, Technology Tags: Amazon, Amazon Linux 2, AWS, df, df -hT, Disk, EBS, Expand, Filesystem, Grow, howto, Linux, Linux2, lsblk, NVMe, partition, Resize, tips, volume, XFS
| 
No comments
Author:
erics, July 29th, 2021
SUMMARY: Needed to create an AWS IAM Policy to allow a user access to create and delete EBS snapshots. This script also needed to be able to list volumes:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ec2:DeleteSnapshot", "ec2:ModifySnapshotAttribute", "ec2:CreateSnapshots", "ec2:ResetSnapshotAttribute", "ec2:CreateSnapshot" ], "Resource": [ "arn:aws:ec2:*:ACCOUNT_ID_HERE:volume/*", "arn:aws:ec2:*:ACCOUNT_ID_HERE:snapshot/*", "arn:aws:ec2:*:ACCOUNT_ID_HERE:instance/*" ] }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "ec2:DescribeSnapshotAttribute", "ec2:DescribeVolumes", "ec2:DescribeSnapshots" ], "Resource": "*" } ] } |
Categories: How-To's, Technology Tags: Amazon, AWS, Create, Delete, howto, IAM, JSON, Policy, Snapshot, tips, User, volume
| No comments
Author:
erics, July 28th, 2021
SUMMARY: Needed to create an AWS IAM Policy to allow a user access to two buckets and their associated CDN’s in WordPress W3 Total Cache
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::wyzaerd-demo-prod" }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:PutObjectAcl" ], "Resource": "arn:aws:s3:::wyzaerd-demo-prod/*" }, { "Sid": "VisualEditor2", "Effect": "Allow", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::wyzaerd-demo-dev" }, { "Sid": "VisualEditor3", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:PutObjectAcl" ], "Resource": "arn:aws:s3:::wyzaerd-demo-dev/*" }, { "Sid": "VisualEditor4", "Effect": "Allow", "Action": [ "s3:ListAllMyBuckets", "cloudfront:ListDistributions" ], "Resource": "*" } ] } |
Categories: How-To's, Technology Tags: Amazon, AWS, Bucket, CDN, CloudFront, howto, IAM, JSON, Policy, S3, tips, User, W3 Total Cache
| No comments
Author:
erics, July 16th, 2021
PROBLEM: Email delivery to Google was failing with a “Service Unavailable” error:
|
|
relay=aspmx.l.google.com. [IPv6:2607:f8b0:400d:c0c::1a], dsn=5.0.0, stat=Service unavailable |
Note that the network address for the destination is shown as IPv6! That is the root cause of the issue: 1. Sendmail is sending mail from the IPv6 address instead of the IPv4 address 2. Google rejects IPv6 senders without proper reverse […]
Categories: How-To's, Technology Tags: Amazon, Amazzon Linux, AWS, Delivery, DSN, Email, howto, IPv4, IPv6, Linux, make, Restart, SendMail, sendmail.cf, sendmail.mc, service, Service Unavailable, SPF, tips, Unavailable
| No comments
Author:
erics, February 19th, 2021
First, use lsblk to see the raw partitions:
|
|
# df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/nvme0n1p1 xfs 20G 2.8G 18G 14% / # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme0n1 259:0 0 40G 0 disk ├─nvme0n1p1 259:1 0 20G 0 part / └─nvme0n1p128 259:2 0 1M 0 part |
Note how the partition at 259:1 is only 20GB, while the entire disk at 259:0 is 40GB. A partition resize is required in this case.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# sudo growpart /dev/nvme0n1 1 CHANGED: partition=1 start=4096 old: size=41938911 end=41943007 new: size=83881951 end=83886047 # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme0n1 259:0 0 40G 0 disk ├─nvme0n1p1 259:1 0 40G 0 part / └─nvme0n1p128 259:2 0 1M 0 part # df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/nvme0n1p1 xfs 20G 2.8G 18G 14% / # sudo xfs_growfs -d / meta-data=/dev/nvme0n1p1 isize=512 agcount=11, agsize=524159 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=1 spinodes=0 data = bsize=4096 blocks=5242363, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=1 log =internal bsize=4096 blocks=2560, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 data blocks changed from 5242363 to 10485243 # df -hT /dev/nvme0n1p1 xfs 40G 2.8G 38G 7% / If the XFS tools are not already installed, you can install them as follows: sudo yum install xfsprogs |
For an EXT4 filesystem, use the resize2fs command instead:
|
|
sudo resize2fs /dev/nvme0n1p1 |
For more information, please visit the AMW Docs: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recognize-expanded-volume-linux.html
Categories: How-To's, Technology Tags: Amazon, Amazon Linux 2, AWS, df, df -hT, Disk, EBS, Expand, Filesystem, Grow, howto, Linux, Linux2, lsblk, NVMe, partition, Resize, tips, volume, XFS
| No comments
Author:
erics, March 25th, 2020
I tried upgrading pip when prompted to do so: sudo pip install –upgrade pip This worked, but removed the system install in /usr/bin/pip and replaced it with /usr/local/bin/pip – NOT GOOD! The solution is as follows:
|
|
/usr/local/bin/pip uninstall pip yum remove python27-pip yum install python27-pip |
Categories: How-To's, Technology Tags: Amazon, Amazon Linux, AWS, CentOS, Downgrade, howto, Install, Linux, pip, pip install, pip uninstall, tips, Uninstall, upgrade, Yum
| No comments
Author:
erics, October 24th, 2019
All credit to Matt Wilcox for this excellent article, for which this post is based – thank you, Matt! https://mattwilcox.net/web-development/unexpected-ddos-blocking-china-with-ipset-and-iptables/ All commands run as root!
|
|
yum install -y ipset vi blockchina (see below for contents) chmod 755 blockchina ./blockchina |
Do this once only:
|
|
iptables -A INPUT -p tcp -m set --match-set china src -j DROP; service iptables save |
Then add blockchina to the root cron
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
#!/bin/sh # # blockchina # DIR=/etc # Create the ipset list ipset -N china hash:net # remove any old list that might exist from previous runs of this script rm $DIR/cn.zone # Pull the latest IP set for China wget -P $DIR http://www.ipdeny.com/ipblocks/data/countries/cn.zone # Add each IP address from the downloaded list into the ipset 'china' for i in $(cat $DIR/cn.zone ); do ipset -A china $i; done # Update iptables service iptables restart |
Categories: How-To's, Technology Tags: Amazon, Amazon Linux, AWS, Block, China, DDOS, dos, Firewall, ipset, IPTables, Linux, root, traffic
| No comments
Author:
erics, October 3rd, 2019
To sync various cloud resources, use the excellent cli tool rclone from https://rclone.org/docs/ For this use case, the need was to sync from Box to an AWS S3 bucket. Install rclone:
|
|
curl https://rclone.org/install.sh | sudo bash |
Configure both S3 and Box – for remote name labels I just used “S3” and “Box”:
Validate Access and Functionality:
|
|
rclone lsd Box: rclone lsd S3: |
Perform […]
Categories: How-To's, Technology Tags: Amazon, AWS, AWS S3, Box, Clone, rclone, rsync, S3, Sync
| No comments
Author:
erics, August 22nd, 2019
As root:
|
|
PACKAGES=`yum list installed | grep php | awk -F. '{print $1}' | tr "\n\r" " "` echo $PACKAGES yum remove -y $PACKAGES |
~or~
|
|
yum remove php56 php56-cli php56-common php56-devel php56-gd php56-jsonc php56-jsonc-devel php56-mbstring php56-mcrypt php56-mysqlnd php56-pdo php56-pecl-imagick php56-process php56-xml |
THEN:
|
|
yum install php72 php72-bcmath php72-cli php72-common php72-devel php72-gd php72-imap php72-json php72-mysqlnd php72-pdo php72-pecl-apcu php72-pecl-imagick php72-pecl-imagick-devel php72-pecl-memcache php72-php-bcmath php72-php-common php72-php-json php72-process php72-runtime php72-xml php72-mbstring php72-pecl-mcrypt |
Be sure to restart your web server!!
Categories: How-To's, Technology Tags: Amazon, AWS, Install, Linux, php, php7, upgrade, Yum, yum install, yum list, yum remove, yum search
| No comments
Author:
erics, February 4th, 2019
Use the ssh-keygen command on a computer to which you’ve downloaded your private key .pem file; for example: First, ensure permissions will allow ssh-keygen to work: chmod 600 /path/to/the/file/your-key-pair.pem Then generate an RSA public key: ssh-keygen -y -f /path/to/the/file/your-key-pair.pem > your-key-pair.pub
Categories: How-To's, Technology Tags: .pem, .pub, Amazon, apple, AWS, cli, howto, key, key-pair, KeyPair, Linux, Mac, MacOS, macosx, Pubkey, public, Public Key, ssh-keygen, tips
| No comments
