Monday, September 23, 2024

Create 'myuser' Linux user to run your dedicated software 

sudo apt update -y && sudo apt upgrade -y
sudo adduser myuser

Note the password you used for defining myuser user

(reference)

Give myuser 'sudo' permissions

sudo visudo

Add the below line right after the line with 'root' definitions

myuserALL=(ALL) NOPASSWD:ALL

Add 'myuser' as a tty user so it can run 'screen' with no issues:

sudo vi /etc/group

Modify

tty:x:5:

to look

tty:x:5:
myuser

Create folder for myuser software & logs

su - myuser

sudo mkdir /opt/myuser

sudo mkdir /opt/myuser/logs
su - myuser
sudo mkdir /opt/myuser/logs
sudo mkdir /opt/myuser &&

sudo chown -R myuser:myuser/opt/myuser

Allow user 'myuser' to remotly access the AMI via SSH

cd ~    
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
vi .ssh/authorized_keys

Export public key from a key-pair:

On Windows:

Open PuttyGen -> Conversions ->Import Key and import your ".pem" file. Right-click in the UI field labeled "Public key for pasting..." -> Select All ->Copy

On MAC/Linux use command:

ssh-keygen -y -f <.pem-file>

Note: the file should start from ssh-rsa and should end with imported-openssh-key

Paste content (public key) into vi editor, save and close the file.

Extend the user limit: add the below two lines

myuser    hard    nofile      500000
myuser    soft    nofile      500000

to sudo vi /etc/security/limits.conf

Check that you can SSH to the instance with your new user myuser.

Next, reboot and remove the original user - either 'ubuntu' or 'ec2-user'

sudo deluser ubuntu

Optional:

Add a cron job to clean up any our log file older than 14 days

crontab -e

if asked to select an editor for crontab select option '3' - vi.

Add to the crontab file

# Every 4 hours try removing any of our log files older than 14 days back
0 */4 * * * find /opt/myuser/logs -name '*.log.*' -mtime +2 -print -delete

save file and exit the editor.

Posted by at No comments:

Saturday, August 24, 2024

AWS EC2 EBS disks operations

 

Increase or replace an EBS disk

  1. Make a snapshot / backup copy

  2. Stop the service which uses this disk (e.g. sudo service mysql stop)

  3. Unmount the disk sudo umount /dev/xvdb

  4. Via AWS console, "detach Volume"

  5. Either "Modify Volume" adding some more space, or "Create" a new one with required size

  6. "Attach" volume back to the AMI via console

  7. Edit vi /etc/fstab to allow mount / permanent mount, adding a line like

/dev/nvme1n1  /home/adjesty/mnt auto defaults,noatime,nofail 0 2

7a. For a new volume, create the file system then mount & change the ownership / permissions from 'root'

sudo mkfs.ext4 /dev/xvdg

If there is a need to change the default amount of inodes** (Crawlers case when we create zillions of very small files) then use "-i <bytes-per-node>" flag as per reference

sudo mkfs.ext4 -i 1800 /dev/xvdg

the above will allocate 1800 bytes per an inode, so a 1GB disk will get 596,523 inodes (assuming each file is less than 1,800 bytes)

sudo mount /dev/xvdg
sudo chown -R mysql:mysql /db_tmp

7b. For the increased volume, mount & extend the file system

First, check that the device is in /etc/fstab, e.g.:

/dev/xvdg /db_data auto defaults,noatime,nofail 0 2

Next, mount it & then resize

sudo mount /dev/xvdg
sudo resize2fs /dev/xvdg

check with df -h that you have got the designed size:

Filesystem      Size  Used Avail Use% Mounted on
udev            216M     0  216M   0% /dev
tmpfs            46M  1.9M   44M   5% /run
/dev/nvme0n1p1  9.7G  7.6G  2.1G  79% /
tmpfs           230M     0  230M   0% /dev/shm
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           230M     0  230M   0% /sys/fs/cgroup
/dev/loop2       33M   33M     0 100% /snap/amazon-ssm-agent/2996
/dev/loop3       56M   56M     0 100% /snap/core18/2066
/dev/loop1       34M   34M     0 100% /snap/amazon-ssm-agent/3552
/dev/loop5       99M   99M     0 100% /snap/core/11081
/dev/loop6       56M   56M     0 100% /snap/core18/2074
/dev/loop4      100M  100M     0 100% /snap/core/11316
tmpfs            46M     0   46M   0% /run/user/1001
/dev/nvme1n1    492G   14G  458G   3% /home/adjesty/mnt

AWS instructions are here

For machines that already come with disks:

adjesty@ip-172-31-15-45:~$ lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
loop0         7:0    0    89M  1 loop /snap/core/7713
loop1         7:1    0    18M  1 loop /snap/amazon-ssm-agent/1480
loop3         7:3    0    18M  1 loop /snap/amazon-ssm-agent/1455
loop4         7:4    0  89.1M  1 loop /snap/core/8039
nvme0n1     259:0    0 838.2G  0 disk /qt
nvme1n1     259:1    0    10G  0 disk 
└─nvme1n1p1 259:2    0    10G  0 part /

sudo mkfs.ext4 /dev/nvme0n1
sudo mkdir /ext
sudo mount /dev/nvme0n1 /ext
Posted by at No comments:
Subscribe to: Posts (Atom)