понедельник, 1 февраля 2021 г.

DevOps Interview Questions (RU)


Вопросы на собеседовании

суббота, 28 ноября 2020 г.

BluePrism AutmateC.exe PowerShell Automation


Load the Queues

    $automatec = "C:\Program Files\Blue Prism Limited\Blue Prism Automate\AutomateC.exe"

    & $automatec /sso /startschedule /schedule "03.01 - Load AUH SCAL Queue" #577

    & $automatec /sso /startschedule /schedule "03.03 - Load PDR SCAL Queue" #575

    & $automatec /sso /startschedule /schedule "03.04 - Load PDR NCAL Queue" #574

    & $automatec /sso /startschedule /schedule "03.05 - Load AUH NW Queue" #563

    & $automatec /sso /startschedule /schedule "03.06 - Load PDR GA Queue" #570

Logout, Login, BotStart

# === Clean PowerShell ===

$ps = [PowerShell]::Create()

$ps.AddScript('Get-Variable | Select-Object -ExpandProperty Name') | Out-Null

$builtIn = $ps.Invoke()


$builtIn += "profile","psISE","psUnsupportedConsoleApplications" # keep some ISE-specific stuff

Remove-Variable (Get-Variable | Select-Object -ExpandProperty Name | Where-Object {$builtIn -NotContains $_})

# ======================

Function ShortLogoutLogin {



    $h = $j + ":9003"

    Write-Host $j 

    Logout -VmName $h

    Login -VmName $j


Function Logout {



    Write-Host "Execute LOGOUT ..."

    & $automatec /run $logout_process /resource $VmName /sso

    Start-Sleep -s 0


Function Login {



    Write-Host "Execute LOGIN..."

    & $automatec /run $login_process /resource $VmName /sso /startp "<inputs><input name='Login Locally' type ='Flag' value='False' /><input name='Domain' type ='Text' value='cs' /><input name='Send Secure Attention Sequence' type ='Flag' value='True' /></inputs>"

    Start-Sleep -s 0


Function StartBot {


Param($VmName, $BotName)


    & $automatec /run $BotName /resource $VmName /sso /startp $BotParams

    Start-Sleep -s 0


# ======================

$automatec = "C:\Program Files\Blue Prism Limited\Blue Prism Automate\AutomateC.exe"

#$automate = "C:\Program Files\Blue Prism Limited\Blue Prism Automate\Automate.exe"

$SCAL_AUH = "W10_Tap_SCAL_A02_MainProcess_Run_AUH"

$SCAL_PDR = "W10_Tap_SCAL_A01_MainProcess_Run_PDR"

$login_process = "Login"

$logout_process = "Logout"

$VmPrefix = "MASDCVDI000"

#$Sessions = @()

$BotParamsMap = @{"W10_Tap_SCAL_A02_MainProcess_Run_AUH"="<inputs><input name='Test Mode' type ='Flag' value='False' /></inputs>"

          "W10_Tap_SCAL_A01_MainProcess_Run_PDR"="<inputs><input name='Test Mode' type ='Flag' value='False' /></inputs>"

          "W10_Tap_NCAL_A01_MainProcess_Run_PDR"="<inputs><input name='Test Mode' type ='Flag' value='False' /></inputs>"

          "W10_Tap_GA_A01_MainProcess_Run_PDR"="<inputs><input name='Test Mode' type ='Flag' value='False' /></inputs>"


$BotNames= @("W10_Tap_SCAL_A02_MainProcess_Run_AUH",





For($i = 0; $i -lt $BotNames.Count; $i++){

    Write-Host $i ": "$BotNames[$i]


$BotIndex = Read-Host 'Enter name ofJobIndex:'

$Task = $BotNames[$BotIndex]

Write-Host $Task

$VM_except = @(560,561,562,564,565,566,568,569,570,578)

#$VM_except_flag = $true

$VM_except_flag = $false

$VM_Start = 554

$VM_End = 578

# === Loop Logout

For ($i = $VM_Start; $i -le $VM_End; $i++) {

    $j = $VmPrefix + $i

    $h = $j + ":9003"

    if ($VM_except_flag) {

        if (-Not ($VM_except.Contains($i))) {

            Logout -VmName $h



    else {

        if ($VM_except.Contains($i)) {

            Logout -VmName $h




# === Loop Login

For ($i = $VM_Start; $i -le $VM_End; $i++) {

    $j = $VmPrefix + $i

    $h = $j + ":9003"

    if ($VM_except_flag) {

        if (-Not ($VM_except.Contains($i))) {

            Login -VmName $j



    else {

        if ($VM_except.Contains($i)) {

            Login -VmName $j




# === Loop BotRun

For ($i = $VM_Start; $i -le $VM_End; $i++) {

    $j = $VmPrefix + $i

    $h = $j + ":9003"

    if ($VM_except_flag) {

        if (-Not ($VM_except.Contains($i))) {

            StartBot -VmName $h -BotName $Task



    else {

        if ($VM_except.Contains($i)) {

            StartBot -VmName $h -BotName $Task




Gitlab ECR Credentials Helper - Settings on Runner


vi /etc/gitlab-runner/config.toml

concurrent = 1

check_interval = 0


  session_timeout = 1800


  name = "EC2_i-034aeb1a7a49cda81"

  url = "https://gitlab-sfo.dolby.net/"

  token = "4EnhzuihzRrszK_y"

  executor = "docker"



    Type = "s3"

    Shared = true


      BucketName = "domain.build-agent.cache"

      BucketLocation = "us-west-2"




    tls_verify = false

    image = "alpine"

    privileged = false

    disable_entrypoint_overwrite = false

    oom_kill_disable = false

    disable_cache = false

    volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/root/.docker/config.json:/root/.docker/config.json", "/usr/bin/docker-credential-ecr-login:/usr/bin/docker-credential-ecr-login", "/cache"]

    shm_size = 0

vi /root/.docker/config.json

"credHelpers":{"83678232.dkr.ecr.us-east-1.amazonaws.com":"ecr-login","8713175.dkr.ecr.us-west-2.amazonaws.com":"ecr-login", "8124058.dkr.ecr.us-west-1.amazonaws.com":"ecr-login"}}

воскресенье, 15 ноября 2020 г.

DevOps MacOS Setup


ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)

Setup SSH Key on RepoHub

ssh-keygen -t rsa -b 4096

pbcopy < ~/.ssh/id_rsa.pub

 - go to RepoHub settings > ssh keys and add paste the public part of the key


Docker Desktop for Mac

with homebrew

AWS eksctl

brew tap weaveworks/tap
brew install weaveworks/tap/eksctl


brew install kubectl

суббота, 4 января 2020 г.

Recover Credentials from Jenkins

  1. Find the name of the Credential:
    1. Jenkins > Credentials
  2. Find the hash of the Credential:
    1. cat /etc/jenkins/home/credentials.xml
  3. Decrypt the hash in Jenkins:
    1. Go to Jenkins > Manage Jenkins > Script Console
    2. Execute println(hudson.util.Secret.decrypt("{YOUR_HASH}"))

воскресенье, 15 декабря 2019 г.

Multiple GitHub repositories with different ssh keys

Sometimes you need to have different repositories in sync via ssh, so you don't need to enter login and password each time.

To setup multiple directories with different ssh keys you'll need:

1. Create your keys (2 different):
ssh-keygen -t rsa -b 4096 -C "my_work_email@my_company.com"
2. Add your public keys in github repositories respectively - GitHubHelpSSHkeys
3. Make your ~/.ssh/config file look similar:

# Personal GitHub account
Host github.com-personal
    HostName github.com
    User git
    AddKeysToAgent yes
    UseKeychain yes
    IdentityFile ~/.ssh/personal_rsa

воскресенье, 20 октября 2019 г.

Enable ssh (passwordless authentication) Linux

ssh-keygen -t rsa

cat ~/.ssh/id_rsa.pub | ssh   root@ \
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

cat ~/.ssh/id_rsa.pub | ssh   root@ \
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

cat ~/.ssh/id_rsa.pub | ssh   root@ \
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

cat ~/.ssh/id_rsa.pub | ssh   root@ \
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

cat ~/.ssh/id_rsa.pub | ssh   root@ \
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

cat ~/.ssh/id_rsa.pub | ssh   root@ 
"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

среда, 11 сентября 2019 г.

Git Cheat Sheet

Configuring user information used across all local repositories

git config --global user.name “[firstname lastname]”
set a name that is identifiable for credit when review version history

git config --global user.email “[valid-email]”
set an email address that will be associated with each history marker

git config --global color.ui auto
set automatic command line coloring for Git for easy reviewing

Configuring user information, initializing and cloning repositories

понедельник, 22 июля 2019 г.

Kubernetes - Delete CNI plugin

kubectl delete -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
rm /opt/cni/bin/weave-*

kubectl delete -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml

среда, 19 июня 2019 г.

Kubernetes - Backup and Restore

How to backup and restore Kubernetes Cluster ?

Kurbernetes - Get the Join Command

Generate a new token:
sudo kubeadm token generate
List the tokens:
sudo kubeadm token list
Print the kubeadm join command to join a node to the cluster:
sudo kubeadm token create [token_name] --ttl 2h --print-join-command
*Get the Join Command in Kubernetes
kubeadm token create --print-join-command

Kubernetes - Drain, Uncordon, Delete Nodes

How to get out a node from a cluster for a maintenance ?

Upgrade Kubernetes Cluster

How to upgrade a Kubernetes Cluster?

понедельник, 10 июня 2019 г.

Install Kubernetes on CentOS 7

Installation and Setup

VMware VCSA Troubleshooting

Check if the service responds on port
telnet vcenter_fqdn 9443

Set new password for vcsa

Set the new password to inventory service
cd HKEY_THIS_MACHINE\services\vmdir\
set_value dcAccountPassword "new password"

Restart all services
service-control --start --all

воскресенье, 2 июня 2019 г.

Как подготовиться к экзамену AWS Certified Solution Architect - Associate ?

1. Пройти курс на Linux Academy или aCloud.ru
    - люди говорят, что cloudguru лучше под сдачу экзамена заточен...
2. Пройти не только теорию, но и практические лабораторные в пункте 1
3. Выучить лимиты и "полезные табилцы"
    - Cram карточки https://www.cram.com/flashcards/aws-10741536
      очень удобно на телефоне их решать.
4. Найти хорошие тесты, для практики.
    Мне посоветовали этие. И я очень доволен.

пятница, 26 апреля 2019 г.

Install Jenkins CentOS 7.6

How to Install and Configure Jenkins

Install Jenkins
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
yum -y install jenkins

yum -y install java-1.8.0-openjdk

systemctl enable jenkins
systemctl start jenkins

yum -y install setroubleshoot-server selinux-policy-devel
sepolicy network -t http_port_t
semanage port -m -t http_port_t -p tcp 8080

Nginx Reverse Proxy config

Configure Jenkins

Jenkins User

cat /etc/passwd |grep jenkins
jenkins:x:998:996:Jenkins Automation Server:/var/lib/jenkins:/bin/false

change false to bash
vi /etc/passwd
jenkins:x:998:996:Jenkins Automation Server:/var/lib/jenkins:/bin/bash

set a password for jenkins
passwd jenkins
<enter your password>

su - jenkins

ssh-copy-id jenkins@localhost


root    ALL=(ALL)       ALL
jenkins ALL=(ALL)       NOPASSWD: ALL

среда, 24 апреля 2019 г.

Docker LA

docker node inspect --pretty NODEID
docker node demote NID


docker commit -m "COMMENTs" -a "author" nasty_girl tcox/ubusshd:v1

#Custom Ubuntu image with SSH installed

FROM ubuntu:xenial
MAINTAINER ryanblack <ryanblack@inbox.ru>
RUN apt-get update
RUN apt-get install -y telnet openssh-server

воскресенье, 14 апреля 2019 г.

понедельник, 18 марта 2019 г.

UniFi Controller Setup for Ubiquiti Access Points

How to set up a UniFi controller and add WiFi Access Points to it.
Controller is available for Windows, as well as for Linux.

Install UniFi controller

Download and install the controller for you OS

Setup you Access Point

Before you start the access point, you have to setup special DHCP settings on your router or DHCP server you have. You´ll need the MAC-address of your Access Point. On the Acccess Point's back you'll find smth linke 1709KF09FC27CEF1E-IZSvX6 - the MAC part is: F09F C27C EF1E
Convert it into Cisco format:
just add 01 + MAC (and place the dots in the proper positions) - 01f0.9fc2.7cef.ef

Cisco DHCP setup for your Access Points.
ip dhcp pool UniFi411
   host - IP Адрес для ваше точки доступа
   client-identifier 01f0.9fc2.7cef.ef   - MAC точки доступа
   client-name UniFi411                    - Имя, на ваше усмотрение
   option 43 hex 0104.c0a8.033a     - Адрес UniFi контроллера

Convert the IP into HEX format (for 43 dhcp option):

After the Access Point will appear in your UniFi controller - click Adopt.

Reset to Factory Defaults

1) Connecto over SSH to the Access Point and execute:
     syswrapper.sh restore-default
2) Press Reset button on AP's back more than 5 sec. Sometimes you need firstly shutdown the access point, press Reset, turn on the AP back, wait more than 5 seconds, then release Reset button.

воскресенье, 10 марта 2019 г.

Install Docker on Ubuntu/Debian

Installation steps Ubuntu/Debian
#apt-get install apt-transport-https ca=certificates curl software-properties-common

Configure repository
#curl -fsSL https://download.docker./com/linux/ubuntu/gpg | sudo apt-key add -

#sudo add-apt-repository "deb {arch+amd64} https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#apt-get update

Install Docker
#apt-get install docker-ce

пятница, 8 марта 2019 г.

Get a Dockerfile from an Image

docker history --no-trunc [IMAGE]| tac | tr -s ' ' | cut -d " " -f 5- | sed 's,^/bin/sh -c #(nop) ,,g' | sed 's,^/bin/sh -c,RUN,g' | sed 's, && ,\n  & ,g' | sed 's,\s*[0-9]*[\.]*[0-9]*[kMG]*B\s*$,,g' | head -n -1

воскресенье, 3 марта 2019 г.

Install Docker Compose

yum install epel-release
yum -y install python-pip
pip install --upgrade-pip
pip install --upgrade pip
pip install docker-compose

воскресенье, 24 февраля 2019 г.

Docker installation CentOS 7

yum -y install yum-utils lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum -y update
yum -y install docker-ce
systemctl enable docker && systemctl start docker && systemctl status docker

docker images

ls -al /var/run/docker.sock
srw-rw---- 1 root docker 0 Feb 22 06:10 /var/run/docker.sock

adding a user a right to work with docker
usermod -aG docker user

All Docker files:

Error on Registry Deployment (IPtables):
 docker run -d -p 5000:5000 -v /root/certs:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dockerrepo.crt -e REGISTRY_HTTP_TLS_KEY=/cert/dockerrepo.key -v /root/auth:/auth -e REGISTRY_AUTH=htpasswd -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry:2
docker: Error response from daemon: driver failed programming external connectivity on endpoint elegant_hugle (6f83023f4c9f4cf2910b77ddd1c3227e29988e3dfb16f850d4dc7e74c8304638):  (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 5000 -j DNAT --to-destination ! -i docker0: iptables: No chain/target/match by that name.
 (exit status 1)).

iptables -t filter -F
iptables -t filter -X
systemctl restart docker

Run Ansible in VSCode on Windows 10 (via WSL + Terminal + pip)

Short instruction how to setup VSCode to execute Ansible playbooks directly from Terminal

воскресенье, 13 января 2019 г.

воскресенье, 6 января 2019 г.

Virtual Host for OwnCloud SSL LetsEncrypt (Dehydrated, Apache)


<VirtualHost *:80>
    ServerName DOMAIN.COM
        DocumentRoot /var/www/html/owncloud

        <Directory /var/www/html/owncloud>
                AddDefaultCharset UTF8
                AllowOverride All
                Order allow,deny
                Allow from all

        ErrorLog /var/log/disk-error.log
        CustomLog /var/log/disk-requests.log combined

        Alias /.well-known/acme-challenge/ /var/www/html/le/.well-known/acme-challenge/

воскресенье, 9 декабря 2018 г.

Install GLPi on CentOS7 (php7.1)

Install MariaDB:
yum -y install mariadb-server mariadb-devel
systemctl enable mariadb
systemctl start mariadb

# mysql -u root -p
> create database glpidb;
> create user 'glpiuser'@'localhost' identified by 'P@ssword01';
> grant all privileges on glpidb.* to glpiuser@localhost;
> flush privileges;

суббота, 8 декабря 2018 г.

Configure Cisco loggin to SPLUNK

logging trap informational
logging source-interface vlan 1 (that interface's ip will be identified in SPLUNK)
logging host (SPLUNK's ip)

 log config
  logging enable
  logging size 200
  notify syslog contenttype plaintext

login on-failure log
login on-success log
logging userinfo

process cpu threshold type total rising 80 interval 5
memory free low-watermark processor 20000
memory free low-watermark io 20000

Install SPLUNK on CentOS7

Install (get the link on Splunk website):
wget -O splunk-7.2.1-be11b2c46e23-linux-2.6-x86_64.rpm 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=7.2.1&product=splunk&filename=splunk-7.2.1-be11b2c46e23-linux-2.6-x86_64.rpm&wget=true'

rpm -i splunk-7.2.1-be11b2c46e23-linux-2.6-x86_64.rpm

воскресенье, 1 апреля 2018 г.

H2O MMS Settings Android

Name: H20 APN
APN: att.mvno
MMSC: http://mmsc.cingular.com
MMS proxy66.209.11.33
MMS port: 80
MCC: 310
MNC: 410
Authentication type
APN type: default,mms,supl
APN Protocol: IPv4
APN roaming protocol:  IPv4

Based on https://apn.gishan.net/settings/1360_32_h2o_wireless_apn_settings_for_samsung_galaxy_s7.php

воскресенье, 25 марта 2018 г.

E-mail settings for MFD - Cannon MF249dw

Image result for canon mf249dw

To Setup E-Mail Sending you need:

1. Set E-Mail Communication Settings.
    Login using you web browser into you printer.
    Settings > Network > Email

2. Change SMTP port number (optional, only if your smtp port is different from 25)
     Right on you printer in the Menu go
     Menu > Network Settings > TCP/IP Settings > Port Number Settings
     Select the port you need and type in (using the printer's keyboard) new port number.

воскресенье, 14 января 2018 г.

Установка модуля .vib для управления RAID контроллером Adaptec из консоли ESXi 6.0 / Install Adaptec .vib module to manage RAID Array using ESXi CLI

Для того чтобы управлять RAID массивом под управлением контроллера Adaptec
из консоли ESXi вам нужно установить специальный пакет.

воскресенье, 7 января 2018 г.

Развёртываниe HipChat Server 2.2.6

Установка и настройка Atlassian HipChat Server 2.0.

понедельник, 11 декабря 2017 г.

Удалённый доступ к базе MariaDB/MySQL

#vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
service iptables restart

#vi /etc/my.cnf

   добавить в раздел [mysqld] строки
port = 3306
bind-address =

Дать права пользователю
#msql -u root -p


#service mariadb restart

% - с любого IP из подсети