Jekyll2023-07-01T09:43:18+00:00https://aryulianto.github.io/feed.xmlROARberisikan catatan hasil oprekan dan cerita perjalanan pribadi.Saputro Aryulianto[FR] Ubuntu Conference Asia 2022 – Seoul, South Korea2022-12-01T12:17:31+00:002022-12-01T12:17:31+00:00https://aryulianto.github.io/fr-ubuntu-conference-asia-2022-seoul-south-korea<p>UbuCon Asia 2022 is the first in-person and online (hybrid) event, held in Nuritkum Square, Seoul, South Korea from November 26 to 27.</p>
<p><strong>Before the conference</strong></p>
<p>I applied for my own Korean visa, just like I would for a visa to another country, and I realized that the procedure went pretty fast took about a Week. The requirements were quite clear and I was assisted by <a href="https://youngbin.xyz">Youngbin Han</a> to apply for a C-3-1 (business) visa to Korea. You can find the requirements at the following <a href="https://sites.google.com/view/koreanembassy2/visa-jangka-pendek/kunjungan-singkat-umum">link</a>.</p>
<p>My flight departed from Terminal 3 Soetta Jakarta at 10:30 PM WIB and arrived in Incheon at 7:40 AM KST. The immigration process was also quite smooth with the automatic gate. After leaving the airport, I immediately looked for T-money at a convenience store for transportation purposes during my stay here. My next destination was the Stanford Hotel Seoul, I used Arex to get there, with a travel time of just over an hour.</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8D5IIeI8yjRXT7Z21XUl2xcbeQr9rZMBxS8akPd2qsr8BQv3EmRcrt0dKyW5b6T3-DzZucQBa4FoLeeu3noIgaKgNWsr_6e3jkOlwobtaEd-HnGEQgBkZNz1Az3LWl7e72Y5iaEMePbpInNtSNYYUVu=w1658-h933-s-no?authuser=0" alt="" /></p>
<p>Upon arriving at the hotel, I met new friends with <a href="https://twitter.com/hrittikhere">Hrittik Roy</a> from India and <a href="https://www.facebook.com/myfenris">Khairul Aizat Kamarudzzaman</a> from Malaysia. On the first day, I went to the venue to check the location where many local organizers were preparing for the event tomorrow. After that, I bought food for lunch and returned to the hotel to rest.</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8AOwqvuw334xLt91lM3VYqRoo3iU1oThpHKkhBUoPa_smg-YeMGN15Y1CbdXQ9S3YbctVoW1p6XP46tgJOMaizcRLrqfLIRLVd95zm7HINvaYcOUm6fYX27ZAaCzCvc2vtOSPbUYYh11kCdYDGvXvF5=w1658-h933-s-no?authuser=0" alt="" /></p>
<p><strong>Day 1 Conference</strong></p>
<p>I attended several sessions and was quite impressed with the event organizers who provided Korea-English interpreters, making me comfortable and able to participate in any session in the main hall. I also met <a href="https://twitter.com/seongsoo_kr">Seongsoo Cho</a> from Openstack Korea User Group, and was very happy to meet and have a great time with him!</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8DcvfUdw8wAWr-qbkJ1rCfNilNr973_fvKIEEKtKAqZ2hc3rfmpHbsBzVDOlesFEee_kYUzw5ZJ5lByQqYJQkhR6TxujyiXeH_4UIPmFT-G_VFT_A2BDBS9CL5YVDv0K-LCl_3QYUxFS1uvMbj9CKJV=w1784-h933-s-no?authuser=0" alt="" /></p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8AUhInNXODpO2sCgJX2yDn3NDfU34dpyRl-J2CN6FmWZjau9qK5kHJxMAPfN6-ZHAIQiHOJSus2bFiihlYW4m9n5xkW9gzh1NpQ_StQZz9kC5GOQlWKM90ixa5kjPMIxaZ0ee4YLr9Mks8aqYYG26AJ=w1399-h933-s-no?authuser=0" alt="" /></p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8CXP_CnlBZv9ZBeUJJIfrP62cQ0IGzFeiKGmUQemUQ5mWb7NDo7nYoMZHEwpt6eW1iA7YoZSG44yekxvXtwUA49aKM2-WlBOiDz9oQQ_ywH7DG4uAw5jH4_j3slIyuxRbZf_UeTDbJ9uLbYlzVMx8Ju=w1658-h933-s-no?authuser=0" alt="" /></p>
<p>After the first day was over, I attended the conference dinner and mingled with speakers and other community folks at a fancy party room in <a href="https://en.wikipedia.org/wiki/Hongdae_(area)">Hongdae</a> :)</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8DeHhnQuUQ3z0hshOioqFDiiYivksFbCPPIhFKhGs6u1UvOLqpi8hKV1UzLOTJWGnUJ6VGJ_yFvhqG_QzMZ4LWiY2vG5kAnVspe6xObHxfwD1_wY9WzSqb2w5WsicYs7eaG7frAhcTTCd4sTJjdYgX15g=w1244-h933-s-no?authuser=0" alt="" /></p>
<p><strong>Day 2 Conference</strong></p>
<p>This was the day when I gave my talk about <strong>Play with MAAS (Metal as a Service) CLI.</strong> Since morning, I focused on preparing my slides and a live demo. If you want to see the recording and slides that I used, you can visit the following link: <a href="https://2022.ubucon.asia/sessions/play-with-maas-cli/">https://2022.ubucon.asia/sessions/play-with-maas-cli/</a>
<img src="https://lh3.googleusercontent.com/pw/AMWts8A-JaQ_sKBknRslG8A7YvnMgI9047ha165LDGb0EuTZwhnN67HIp6_-yvjwNLEqQrpPaJ15mm5QffxfWiRMF8XEfqIpjo67tHmNk85UvK9xsDWSS2yIBJ7dsnm0nzrm5shKzGpXNnmBETQ7yhqZ2Tuy9g=w1399-h933-s-no?authuser=0" alt="" /></p>
<p><strong>Group Tour</strong></p>
<p>The organizer also provided a one-day tour that included a visit to <a href="https://en.wikipedia.org/wiki/Insa-dong">Insa-dong</a>, <a href="https://en.wikipedia.org/wiki/Gyeongbokgung">Gyeongbokgung Palace</a>, <a href="https://en.wikipedia.org/wiki/Bukchon_Hanok_Village">Bukchon Hanok Village</a>, <a href="https://www.nfm.go.kr/english/index.do">National Folk Museum of Korea</a>, and <a href="https://english.visitkorea.or.kr/enu/ATR/SI_EN_3_2_3.jsp?cid=691388">The Painters</a> to saw painting performance show.</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8DuzBYGzzSx9_ppq9F4BAJeRZhS2GiOV77dzhMbRDJatjE3hPp4acZsTAtHj4ijKvDEQ3ybq7k3L-dwyw_MWec_NNDSjKMHGDO6cUWQyzrAL4T0aI4QOb3GhGGvxqYSaZr6yMNDnSRkn7J6qWR-XvjO=w1658-h933-s-no?authuser=0" alt="" />
<img src="https://lh3.googleusercontent.com/pw/AMWts8B7X6O7tv7cyfRCj2dCeelKseEGR1Fx8SU6Ez5uQO_mEIpZpU_iWT9jeKs6Pp-w0zvdgwY-aZgIfbcUoPZAJJxo6WIxyhOM7QujcSWAFmPhKqkmiNKgE8W9YlTZe9OyZaD5Ao2rnrf1fpmmZvvNqUCo=w1658-h933-s-no?authuser=0" alt="" />
<img src="https://lh3.googleusercontent.com/pw/AMWts8C0eNAWECMNb29n0St9yG-DtPgCrt06rBtYSrLcYzDRZDzYehM8FU4vTeBIHKxYHgz6pimdwttSJwJU3AiSKPb6IVJ3N2037B2H-5A21H0quC8z2AGd4osruTzfZvm7Oz1RVTZ-NWDs-8xP1vWwOLsR=w1658-h933-s-no?authuser=0" alt="" /></p>
<p>Thank you for the lovely experience. I really appreciate all the efforts made by the team to make this event a grand success.</p>
<p><strong>After the Conference</strong></p>
<p>After the UbuCon Asia 2022 event, I moved to <a href="https://en.wikipedia.org/wiki/Myeong-dong">Myeong-dong</a> to extend my stay for a few days and enjoy the beauty of the city by exploring around. Besides that, I also went solo hiking to climb <a href="https://en.wikipedia.org/wiki/Bukhansan">Bukhansan</a> or Bukhan Mountain, which I might share in a separate article.</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8CK9Oo2Bw3loHIwnahqRRKjETc6qYkaJ4cZupZ3IancJmlRmbWERqbsprhbw0vrzvytapaQHcaYq_aBOHgiVWR4dgkXP92jK934PyFsfQoGcHkRK4ksLHfvtVUbsXccY4vkT2xWZzi0VCmdtVA-xMO_=w1658-h933-s-no?authuser=0" alt="" /></p>
<p>I was also invited by my friends <a href="https://twitter.com/seongsoo_kr">Seongsoo</a> and <a href="https://twitter.com/tjswo98sj06">Seonjae</a> to go to <a href="https://seoulsky.lotteworld.com/en/main/index.do">Seoul Sky</a> to enjoy the night view of Seoul city.</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8DmrQmPnzc5PhcKXpLo_xKwteLxQ8cvpUYx22HwLT6DNM-Ikumj0v3skkD-NjT86rgYqSZCf1SSz8BPA4l6HRckYOno-e4fhQLXsG6m1K1EfK1BqL7kCkK4dm17aJUjaUwXY9MKRnNxs4Tbq9HyjopF=w1658-h933-s-no?authuser=0" alt="" /></p>
<p>South Korea is an amazing country that offers a unique blend of traditional and modern culture. The people are friendly and welcoming, and the food is delicious.</p>
<p>My experience at <a href="https://2022.ubucon.asia/">UbuCon Asia 2022</a> and in South Korea was unforgettable, and I promise to come back here soon!</p>
<p><img src="https://lh3.googleusercontent.com/pw/AMWts8AsDO_cnq7DIBCQN9Av_eK411VQn18nbNjTouOeAd5wRCic0OsFdFK3Nj5uATAn1Yfr9CiZkwAYY7Pm8RFINz-m9ZSkJ5_eP8VY2sHDCA86DvJn20npHoi4FuSb0-gMH2QUuFVZvQbWsrmis6H9lO_1=w1395-h933-s-no?authuser=0" alt="" /></p>
<p>You could see more pictures on <a href="https://photos.app.goo.gl/SPhfVVxuiFR4Rh2g6">Google Photos</a>, also the video was available on <a href="https://www.youtube.com/@UbuConAsia/videos">YouTube</a></p>
<p><strong>Kamsahamnida (감사합니다), Thank You!</strong></p>
<p>#UbuConAsia #UCA22 #Ubuntu</p>aryUbuCon Asia 2022 is the first in-person and online (hybrid) event, held in Nuritkum Square, Seoul, South Korea from November 26 to 27.Config Egress IP OpenShift 42021-12-08T12:17:31+00:002021-12-08T12:17:31+00:00https://aryulianto.github.io/egress-ip-openshift-4<p>Cara mengkonfigurasi Egress IP agar semua koneksi menuju eksternal services menggunakan fixed IP address.</p>
<p><strong>Environment Testing</strong></p>
<ul>
<li>OpenShift - OCP Cluster 4.7</li>
<li>External services (Web) - 192.168.10.29/24</li>
<li>Fix IP address untuk Egress IP - 192.168.10.179/24</li>
</ul>
<p><strong>External Web server</strong></p>
<p>Pasang paket web server untuk pengujian</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yum install -y httpd
systemctl start httpd
</code></pre></div></div>
<p>Ubah file index.html</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cat > /var/www/html/index.html << EOF
OK - from external services
EOF
</code></pre></div></div>
<p>Ujicoba akses ke localhost</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>curl localhost
</code></pre></div></div>
<p><strong>Container For Testing</strong></p>
<p>Buat project dan deploy container untuk testing</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc new-project egress-ip
oc create deployment test-nginx --image quay.io/redhattraining/hello-world-nginx
oc get deploy
</code></pre></div></div>
<p>Cek Pod berjalan di Worker mana</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc get pod -o wide
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-nginx-86856dbc5c-dpb22 1/1 Running 0 2m5s 10.129.4.175 worker01.roar.lab <none> <none>
</code></pre></div></div>
<p>Periksa IP worker dimana pod berjalan</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc get po -o custom-columns=NAME:.spec.containers[0].name,NODE:.spec.nodeName,POD_IP:.status.podIP,HOST_IP:.status.hostIP
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>NAME NODE POD_IP HOST_IP
hello-world-nginx worker01.roar.lab 10.129.4.175 192.168.10.16
</code></pre></div></div>
<p><strong>Testing Connecting to External Web Server</strong></p>
<p>Panggil external services via container</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc rsh deploy/test-nginx curl http://192.168.10.29
OK - from external services
</code></pre></div></div>
<p>Periksa log di node Web server</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>tail -f /var/log/httpd/access_log
192.168.10.16 - - [07/Dec/2021:05:31:58 +0000] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
</code></pre></div></div>
<p><strong>Basic Egress IP Test</strong></p>
<p>Set IP range ke node worker01</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc patch hostsubnet worker01 --type=merge -p '{"egressCIDRs": ["192.168.50.179/24"]}'
</code></pre></div></div>
<p>Set Egress IP untuk namespace</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc patch netnamespace egress-ip --type=merge -p '{"egressIPs": ['192.168.50.179']}'
</code></pre></div></div>
<p>Cek apakah Egress IP sudah terconfig dengan baik atau belum</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh core@192.168.10.16 ip a show dev ens3
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:3e:be:20 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.16/24 brd 192.168.10.255 scope global dynamic noprefixroute ens3
valid_lft 417sec preferred_lft 417sec
inet 192.168.10.179/24 brd 192.168.10.255 scope global secondary ens3:eip
valid_lft forever preferred_lft forever
inet6 fe80::a64b:56ee:b9a3:93cb/64 scope link noprefixroute
valid_lft forever preferred_lft forever
</code></pre></div></div>
<p>Lakukan uji test lagi</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc rsh deploy/test-nginx curl http://192.168.10.29
OK - from external services
</code></pre></div></div>
<p>Periksa kembali log di node Web server</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>tail -f /var/log/httpd/access_log
192.168.10.179 - - [07/Dec/2021:05:40:58 +0000] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
</code></pre></div></div>
<p><strong>Failover Test</strong></p>
<p>Karena Egress IP hanya jalan di worker01, lakukan ujicoba dengan menshutdown node worker01</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc get nodes
NAME STATUS ROLES AGE VERSION
master01.roar.lab Ready,SchedulingDisabled master 2d v1.20.0+bafe72f
master02.roar.lab Ready,SchedulingDisabled master 2d v1.20.0+bafe72f
master03.roar.lab Ready,SchedulingDisabled master 2d v1.20.0+bafe72f
worker01.roar.lab NotReady worker 2d v1.20.0+bafe72f
worker02.roar.lab Ready worker 2d v1.20.0+bafe72f
worker03.roar.lab Ready worker 2d v1.20.0+bafe72f
worker04.roar.lab Ready worker 2d v1.20.0+bafe72f
</code></pre></div></div>
<p>Sekarang mari kita jalankan tes lagi</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc rsh deploy/test-nginx curl http://192.168.10.29
</code></pre></div></div>
<p>Tes akan gagal karena tidak ada network yang dapat melakukan request</p>
<p><strong>Failover with 2+ nodes</strong></p>
<p>Untuk mengatasi itu, set Egress range juga di node worker yang lain</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc patch hostsubnet worker02 --type=merge -p '{"egressCIDRs": ["192.168.50.179/24"]}'
oc patch hostsubnet worker03 --type=merge -p '{"egressCIDRs": ["192.168.50.179/24"]}'
</code></pre></div></div>
<p>Cek dan pastikan Egress CIDRs dinode worker</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc get hostsubnet
NAME HOST HOST IP SUBNET EGRESS CIDRS EGRESS IPS
master01.roar.lab master01.roar.lab 192.168.10.4 10.128.0.0/23
master02.roar.lab master02.roar.lab 192.168.10.5 10.129.0.0/23
master03.roar.lab master03.roar.lab 192.168.10.6 10.130.0.0/23
worker01.roar.lab worker01.roar.lab 192.168.10.16 10.129.4.0/23 ["192.168.10.179/24"] ["192.168.10.179"]
worker02.roar.lab worker02.roar.lab 192.168.10.17 10.128.2.0/23 ["192.168.10.179/24"]
worker03.roar.lab worker03.roar.lab 192.168.10.18 10.129.2.0/23 ["192.168.10.179/24"]
</code></pre></div></div>
<p>Uji coba memanggil web server sambil mematikan worker01 dimana Egress IP bound, harusnya Egress IPs akan pindah ke node lain.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>while true; do oc rsh deploy/test-nginx curl http://192.168.10.29 ;sleep 1; done
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>oc get hostsubnet
NAME HOST HOST IP SUBNET EGRESS CIDRS EGRESS IPS
master01.roar.lab master01.roar.lab 192.168.10.4 10.128.0.0/23
master02.roar.lab master02.roar.lab 192.168.10.5 10.129.0.0/23
master03.roar.lab master03.roar.lab 192.168.10.6 10.130.0.0/23
worker01.roar.lab worker01.roar.lab 192.168.10.16 10.129.4.0/23 ["192.168.10.179/24"]
worker02.roar.lab worker02.roar.lab 192.168.10.17 10.128.2.0/23 ["192.168.10.179/24"] ["192.168.10.179"]
worker03.roar.lab worker03.roar.lab 192.168.10.18 10.129.2.0/23 ["192.168.10.179/24"]
</code></pre></div></div>
<p>Cek Egress IP di node worker02</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>core@192.168.10.17 ip a show dev ens3
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:ba:05:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.17/24 brd 192.168.10.255 scope global dynamic noprefixroute ens3
valid_lft 526sec preferred_lft 526sec
inet 192.168.10.179/24 brd 192.168.10.255 scope global secondary ens3:eip
valid_lft forever preferred_lft forever
inet6 fe80::a303:2c26:5033:c7d4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
</code></pre></div></div>
<p><strong>Terima Kasih, Thank You!</strong></p>aryCara mengkonfigurasi Egress IP agar semua koneksi menuju eksternal services menggunakan fixed IP address.[FR] openSUSE Conference 2019 – Nuremberg, Germany2019-05-31T12:17:31+00:002019-05-31T12:17:31+00:00https://aryulianto.github.io/fr-opensuse-conference-2019-nuremberg-germany<p>The openSUSE Conference is the annual openSUSE community event that brings people from around the world together to meet and collaborate.</p>
<p><strong>Before Conference</strong></p>
<p>After an 18-hour flight from Jakarta, <a href="https://twitter.com/medwinz">Mr. Edwin</a> and I finally arrived at Nuremberg. It is the city of <a href="https://www.suse.com/">SUSE’s</a> office. We arrived at Nuremberg Airport around 10.00 AM. At first, I thought the immigration checking process would be quite intimidating. Turned out, I was being too paranoid 😀 The questions asked were standard one, such as what’s the occasion coming here, where do you stay and for how long.</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967165513/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967165513_8a10209d4d_z.jpg" alt="DSC00295" width="640" height="360" /></a></p>
<p>Afterward, we bought tickets at a kiosk machine with destination to Lange Zeile, the place where we rent an apartment.</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967628868/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967628868_35cc33bd22_z.jpg" alt="DSC00158" width="640" height="360" /></a></p>
<p>We reached the apartment with no hassle. After some rest, we went directly to the openSUSE Conference 2019 venue at <a href="http://z-bau.com/" target="_blank" rel="noopener noreferrer">Z-Bau</a>. There weren’t many people around yet.</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967798717/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967798717_b3617fb630_z.jpg" alt="DSC00087" width="640" height="360" /></a></p>
<p>But we managed to meet with Katrin Murr and Douglas DeMaio, chit-chat for a while and did some helping around.</p>
<p>Before returning to the apartment, we tried to find the nearest mosque to the venue for our Friday prayer. Fortunately, we found it. It is called the Nuremberg Central Mosque. Felt content, we walked back to the apartment, took some rest and waited for the time for our breakfasting, which was around 09.53 PM.</p>
<p>Did I forget to mention that this event was held on the same month with our holy month <a href="https://en.wikipedia.org/wiki/Ramadan">Ramadan</a>? Yups, we were fasting and it was my first experience having my fasting for more than 14 hours. 🙂</p>
<p><strong>Day1 Conference</strong></p>
<p>Arrived at the location we immediately queued to re-register and take merchandise. at the registration desk I was offered to take a special edition T-shirt or Bag openSUSE Conference. finally I chose T-shirt.</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967564363/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967564363_33c369438b_z.jpg" alt="DSC00176" width="640" height="360" /></a></p>
<p>I followed some sessions on the first day and got to meet lot of new people. <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2429" target="_blank" rel="noopener noreferrer">EOS Design System</a> by Chintya and Jesus, <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2480" target="_blank" rel="noopener noreferrer">DNF vs ZYpp: Fight!</a> by Neal Gompa So exciting! <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2456" target="_blank" rel="noopener noreferrer">“Kubernetes The Hard Way” on openSUSE Cloud environment </a> by Masayuki Igawa <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2528" target="_blank" rel="noopener noreferrer">openSUSE MicroOS and openSUSE MicroOS Desktop </a> by Richard Brown</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967691743/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967691743_fae88ae687_z.jpg" alt="DSC00131" width="640" height="360" /></a></p>
<p>and the last before we left for Friday prayers <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2444" target="_blank" rel="noopener noreferrer">openSUSE MicroOS in Production</a> by Ish Sookun. After that we decided to go to the mosque. After completing the prayer, we returned to Z-Bau</p>
<p><strong>Day2 Conference</strong></p>
<p>I just followed some sessions until lunch break, after that I skipped the next session and went to the Hauptbahnhof to meet Mr. Edwin’s brother and his daughter, they live in Augsburg Germany. Then we went around the old town (Altstadt) and the fortress (Burg) in Nuremberg</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967296512/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967296512_96774ea0cb_z.jpg" alt="DSC00247" width="640" height="360" /></a></p>
<p>View from the top of Burg</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967380891/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967380891_6e155d5c76_z.jpg" alt="DSC00238" width="640" height="360" /></a></p>
<p><strong>Day3 Conference</strong></p>
<p>Third day of conference, in morning is about <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2372" target="_blank" rel="noopener noreferrer">Atomic Updates – and /etc?</a> by Thorsten Kukuk, <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2237" target="_blank" rel="noopener noreferrer">State of Ceph</a> by Kai Wagner and <a href="https://events.opensuse.org/conferences/oSC19/program/proposals/2219" target="_blank" rel="noopener noreferrer">What can you do with a self-hosted alternative to Office365, Google Apps and others </a> by Frank Karlitsche</p>
<p>After lunch the event was started by Annual Discussion with openSUSE Board. The openSUSE Board will present the outcome of their last F2F meeting, where they started driving its collective agenda for the next year. everybody is welcome to ask questions, give feedback, make suggestions and present ideas.</p>
<p><a href="https://www.flickr.com/photos/137551084@N04/47967259338/in/album-72157708843097882/"><img src="https://live.staticflickr.com/65535/47967259338_ac9998e5f8_z.jpg" alt="DSC00265" width="640" height="360" /></a></p>
<p><strong>Last Day</strong><br />
We just relax at the apartment from the morning, after Dzuhur we prepared to go to the Airport. heading back home!<br />
openSUSE Conference 2019 at Nürnberg is truly a pleasant experience, it was an unforgettable time to be the part of the #oSC19. Thank you for all the warm welcome while in Germany, and see you at the <a href="https://events.opensuse.org/conferences/summitasia19" target="_blank" rel="noopener noreferrer">openSUSE.Asia Summit 2019 Bali</a></p>
<p>You can see more pictures by me on <a href="https://www.flickr.com/photos/137551084@N04/albums/72157708843097882" target="_blank" rel="noopener noreferrer">Flickr</a></p>
<p><strong>Danke schön, Thank You!</strong></p>aryThe openSUSE Conference is the annual openSUSE community event that brings people from around the world together to meet and collaborate.Get Back OpenStack Instances State after Host Reboot2019-02-18T06:05:53+00:002019-02-18T06:05:53+00:00https://aryulianto.github.io/get-back-openstack-instances-state-after-host-reboot<p>Pernah gak ngalamin node Compute <em>reboot</em>? baik disengaja maupun tidak, lalu semua Instances OpenStack di dalamnya statusnya berubah jadi <strong>SHUTOFF</strong> dan kita mesti start atau sesuaikan <em>state</em>-nya secara manual 😀 mungkin masalah yang kalian alami sama, yaitu belum mengaktifkan opsi ini di konfigurasi Nova</p>
<pre># This option specifies whether to start guests that were running before the
# host rebooted. It ensures that all of the instances on a Nova compute node
# resume their state each time the compute node boots or restarts.
# (boolean value)
#resume_guests_state_on_host_boot=false
</pre>
<p>Lalu bagaimana agar state Instances kembali menjadi sediakala sebelum host Compute direboot, cukup aktifkan opsi ini</p>
<pre class="">vim /etc/nova/nova.conf
resume_guests_state_on_host_boot=true</pre>
<p>Setelah itu muat ulang services Nova</p>
<pre>systemctl restart openstack-nova-compute
systemctl sttus openstack-nova-compute</pre>
<p>Uji coba, cek uptime dan list Instances OpenStack untuk mengetahui state awal</p>
<pre class="">[root@openstack]# uptime; openstack server list
12:50:57 up 35 min, 1 user, load average: 0.55, 0.90, 1.10
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
| fdd0bb76-3581-44b3-a275-49198cab4e69 | cirros-3 | SHUTOFF | net-ext=172.18.1.101 | cirros-0.4.0-x86_64-disk | m1.tiny |
| 396d50fd-c919-4a89-a4f6-99cb7ea82937 | cirros-1 | ACTIVE | net-ext=172.18.1.120 | cirros-0.4.0-x86_64-disk | m1.tiny |
| c00c4b70-168a-4e91-a77f-fc701344fe35 | cirros-2 | SUSPENDED | net-ext=172.18.1.125 | cirros-0.4.0-x86_64-disk | m1.tiny |
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
</pre>
<p>Selanjutnya, coba <em>reboot</em> node Compute dan cek Instances kalian kembali</p>
<pre class="">[root@openstack]# uptime; openstack server list
12:59:31 up 3 min, 1 user, load average: 6.64, 5.49, 2.35
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
| fdd0bb76-3581-44b3-a275-49198cab4e69 | cirros-3 | SHUTOFF | net-ext=172.18.1.101 | cirros-0.4.0-x86_64-disk | m1.tiny |
| 396d50fd-c919-4a89-a4f6-99cb7ea82937 | cirros-1 | ACTIVE | net-ext=172.18.1.120 | cirros-0.4.0-x86_64-disk | m1.tiny |
| c00c4b70-168a-4e91-a77f-fc701344fe35 | cirros-2 | SUSPENDED | net-ext=172.18.1.125 | cirros-0.4.0-x86_64-disk | m1.tiny |
+--------------------------------------+----------+-----------+----------------------+--------------------------+---------+
</pre>
<p><strong>Sekian dan Terima kasih</strong></p>aryPernah gak ngalamin node Compute reboot? baik disengaja maupun tidak, lalu semua Instances OpenStack di dalamnya statusnya berubah jadi SHUTOFF dan kita mesti start atau sesuaikan state-nya secara manual 😀 mungkin masalah yang kalian alami sama, yaitu belum mengaktifkan opsi ini di konfigurasi NovaMengamankan SSH dengan Google Authenticator – openSUSE Leap 152019-01-12T14:15:00+00:002019-01-12T14:15:00+00:00https://aryulianto.github.io/mengamankan-ssh-dengan-google-authenticator-opensuse-leap-15<p>Bagi saya, akses SSH ke <em>Jump server, Jump host</em> atau <em>Jumpbox</em> menggunakan <em>Public Key _adalah mandatori, kali ini saya akan menambahkan _Multi-factor Authentication</em> (MFA) untuk akses SSH ke <em>Jump server</em> saya. Berikut langkah-langkahnya:</p>
<ol>
<li>Pasang Repositori</li>
</ol>
<pre>zypper addrepo https://download.opensuse.org/repositories/security/openSUSE_Leap_15.0/security.repo
zypper refresh</pre>
<ol>
<li>Pasang paket Google Authenticator</li>
</ol>
<pre>zypper install -y pam-google-authenticator</pre>
<ol>
<li>Jalankan Google Authenticator</li>
</ol>
<pre>google-authenticator</pre>
<p><a href="http://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth.png"><img class="alignnone size-large wp-image-1162" src="http://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-1024x463.png" alt="" width="730" height="330" srcset="https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-1024x463.png 1024w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-300x136.png 300w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-768x347.png 768w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-1200x542.png 1200w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth.png 1233w" sizes="(max-width: 730px) 100vw, 730px" /></a></p>
<p>Scan barcode atau masukan <strong>Your new secret key</strong> ke aplikasi <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en" target="_blank" rel="noopener">Google Authenticator</a></p>
<p><a href="http://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps.png"><img src="http://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps-1024x491.png" alt="" width="730" height="350" class="alignnone size-large wp-image-1182" srcset="https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps-1024x491.png 1024w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps-300x144.png 300w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps-768x369.png 768w, https://blog.aryulianto.com/wp-content/uploads/2019/01/google-auth-apps-1200x576.png 1200w" sizes="(max-width: 730px) 100vw, 730px" /></a></p>
<ol>
<li>Sunting berkas Konfigurasi SSH</li>
</ol>
<pre>vim /etc/ssh/sshd_config
ChallengeResponseAuthentication yes
AuthenticationMethods publickey,keyboard-interactive
</pre>
<ol>
<li><em>Disable</em> common-auth dan tambahkan auth google</li>
</ol>
<pre>vim /etc/pam.d/sshd
#@include common-auth
auth required pam_google_authenticator.so
</pre>
<ol>
<li>Muat ulang layanan SSH</li>
</ol>
<pre>systemctl restart sshd
systemctl status sshd
</pre>
<ol>
<li>Ujicoba SSH ke Jump server</li>
</ol>
<pre>ssh -l ary gateway.aryulianto.com -p2222
Authenticated with partial success.
Verification code:
</pre>
<p>Sekarang kalian akan dimintai kode Google Authenticator setiap kali Anda mencoba masuk melalui SSH.</p>
<p><strong>Sekian dan Terima kasih</strong></p>aryBagi saya, akses SSH ke Jump server, Jump host atau Jumpbox menggunakan Public Key _adalah mandatori, kali ini saya akan menambahkan _Multi-factor Authentication (MFA) untuk akses SSH ke Jump server saya. Berikut langkah-langkahnya:Monitoring OpenStack Instances with Service Discovery Prometheus + Grafana2018-12-23T14:03:58+00:002018-12-23T14:03:58+00:00https://aryulianto.github.io/monitoring-openstack-instances-with-service-discovery-prometheus-grafana<p>Selain bisa men_define_ target secara <em>static</em>, Prometheus juga mendukung konfigurasi secara <em>dynamically</em> menggunakan <em><strong><a href="https://prometheus.io/docs/prometheus/latest/configuration/configuration/#openstack_sd_config" rel="noopener" target="_blank">service discovery.</a></strong></em><br />
Salah satunya Prometheus dapat melakukan <em>query</em> ke Nova API untuk me-list seluruh Instances di OpenStack sebagai target untuk dimonitoring.</p>
<p>Kebutuhan:<br />
– <a href="https://prometheus.io">Prometheus</a><br />
– <a href="https://grafana.com/">Grafana</a><br />
– <a href="https://prometheus.io/docs/guides/node-exporter/">Node Exporter</a><br />
– <a href="https://www.openstack.org/">OpenStack</a> RC / Credential</p>
<p>Langkah-langkah:</p>
<p><strong>I. Prometheus Server</strong></p>
<ol>
<li>Update server dan pasang paket pendukung</li>
</ol>
<pre>yum -y update
yum -y install vim
</pre>
<ol>
<li>Unduh Prometheus Server</li>
</ol>
<pre>curl -LO "https://github.com/prometheus/prometheus/releases/download/v2.5.0/prometheus-2.5.0.linux-amd64.tar.gz"
tar xvfz nxvfz prometheus-2.5.0.linux-amd64.tar.gz -C /opt/ && mv prometheus-2.5.0.linux-amd64 prometheus-server
cd /opt/prometheus-server/
</pre>
<ol>
<li>Sunting berkas konfigurasi, sesuaikan konfigurasi yang diinginkan</li>
</ol>
<pre>vim config.yml
# my global config
global:
scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
# scrape_timeout is set to the global default (10s).
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets:
# - alertmanager:9093
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files:
# - "first_rules.yml"
# - "second_rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=` to any timeseries scraped from this config.
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'openstack-sd'
openstack_sd_configs:
- identity_endpoint: https://url-keystone-server:443/v3
username: <username>
project_id: <project_id>
password: <secret>
role:
region:
domain_name:
port: 9100
</pre>
<ol>
<li>Verifikasi berkas config Prometheus server pastikan <em>SUCCESS</em></li>
</ol>
<pre>./promtool check config config.yml</pre>
<ol>
<li>Jalankan Prometheus server sebagai service</li>
</ol>
<pre>vim /etc/systemd/system/prometheus-server.service
[Unit]
Description=Prometheus Server
[Service]
User=root
ExecStart=/opt/prometheus-server/prometheus --config.file=/opt/prometheus-server/config.yml --web.external-url=http://ip-server:9090/
[Install]
WantedBy=default.target
</pre>
<ol>
<li>Jalankan service Prometheus Server</li>
</ol>
<pre>systemctl daemon-reload
systemctl enable prometheus-server.service
systemctl start prometheus-server.service
</pre>
<ol>
<li>Verifikasi bahwa service Prometheus sudah berjalan</li>
</ol>
<pre>systemctl status prometheus-server.service
ss -tulpn |grep 9090
</pre>
<p><strong>II. Grafana</strong></p>
<ol>
<li>Pasang Grafana</li>
</ol>
<pre>yum -y install https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.1.4-1.x86_64.rpm
/sbin/chkconfig --add grafana-server
</pre>
<ol>
<li>Jalankan service Grafana</li>
</ol>
<pre>systemctl enable grafana-server.service
systemctl start grafana-server.service
systemctl status grafana-server.service
</pre>
<ol>
<li>
<p>Akses Grafana Dashboard http://ip-server:3000<br />
<code class="language-plaintext highlighter-rouge"><br />
– Login dengan usename dan passsword admin/admin<br />
– Klik 'Add Datasource'<br />
– Name: Prometheus, Type: Prometheus<br />
– Http settings: http://localhost:9090<br />
– Klik 'Save and Test'.<br />
Pastikan hasilnya 'success' dan 'datasource added'<br />
</code></p>
</li>
<li>
<p>Buat dashboard atau bisa juga unduh di <a href="https://grafana.com/dashboards" rel="noopener" target="_blank">https://grafana.com/dashboards</a> sesuai dengan kebutuhan anda, sebagai contoh:<br />
<a href="http://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard.png"><img src="http://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-1024x500.png" alt="" width="730" height="356" class="alignnone size-large wp-image-1105" srcset="https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-1024x500.png 1024w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-300x147.png 300w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-768x375.png 768w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-1200x586.png 1200w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard.png 1365w" sizes="(max-width: 730px) 100vw, 730px" /></a></p>
</li>
</ol>
<p><a href="http://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2.png"><img src="http://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2-1024x500.png" alt="" width="730" height="356" class="alignnone size-large wp-image-1120" srcset="https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2-1024x500.png 1024w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2-300x147.png 300w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2-768x375.png 768w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2-1200x586.png 1200w, https://blog.aryulianto.com/wp-content/uploads/2018/12/grafana-dashboard-2.png 1365w" sizes="(max-width: 730px) 100vw, 730px" /></a></p>
<p><strong>III. Node Exporter</strong></p>
<ol>
<li>Pasang Node Exporter ditiap Instance yang ingin anda monitoring</li>
</ol>
<pre>#!/bin/bash
sudo -i
curl -LO "https://github.com/prometheus/node_exporter/releases/download/v0.17.0/node_exporter-0.17.0.linux-amd64.tar.gz"
tar xvfz node_exporter-0.17.0.linux-amd64.tar.gz -C /opt/
cat << EOF >/etc/systemd/system/node_exporter.service
[Unit]
Description=Node Exporter
[Service]
User=root
ExecStart=/opt/node_exporter-0.17.0.linux-amd64/node_exporter
[Install]
WantedBy=default.target
EOF
systemctl daemon-reload
systemctl enable node_exporter.service
systemctl start node_exporter.service
systemctl status node_exporter.service
rm -rf node_exporter-0.17.0.linux-amd64.tar.gz
</pre>
<p>Sekarang saat ada Instances baru anda hanya perlu memasang atau menambahkan Node Exporter (bisa juga dipasang waktu <em>create</em> Instance di <em>Customization Script</em>) dan secara otomatis Prometheus server akan men-scrapenya dan <em>viola!</em> seluruh Instances bisa dimonitoring di dashboard Grafana sekarang 😀</p>
<hr />
<p><strong>Referensi:</strong><br />
<a href="https://medium.com/@pasquier.simon/monitoring-your-openstack-instances-with-prometheus-a7ff4324db6c" rel="noopener" target="_blank">https://medium.com/@pasquier.simon/monitoring-your-openstack-instances-with-prometheus-a7ff4324db6c</a></p>arySelain bisa men_define_ target secara static, Prometheus juga mendukung konfigurasi secara dynamically menggunakan service discovery. Salah satunya Prometheus dapat melakukan query ke Nova API untuk me-list seluruh Instances di OpenStack sebagai target untuk dimonitoring.Enable Soft Delete to Recover Deleted Instances OpenStack2018-10-28T05:42:50+00:002018-10-28T05:42:50+00:00https://aryulianto.github.io/enable-soft-delete-to-recover-deleted-instances-openstack<p>Ubah konfigurasi Nova di node semua Controller dan semua node Compute</p>
<pre>vim /etc/nova/nova.conf</pre>
<p>Cari nilai <em><strong>reclaim_instance_interval</strong></em></p>
<pre>reclaim_instance_interval=0</pre>
<pre># * Any positive integer(in seconds) greater than 0 will enable
# this option.
# * Any value <=0 will disable the option.
# (integer value)</pre>
<p>Ubah nilainya sesuai yang diinginkan misal ingin menahan Instance agar tidak dihapus secara permanent selama 1 hari (24 jam x 3600 = 86400 detik) berarti isikan</p>
<pre>reclaim_instance_interval=86400</pre>
<p>Muat ulang service nova-api di Node Controller</p>
<pre>systemctl restart openstack-nova-api.service
systemctl status openstack-nova-api.service</pre>
<p>Muat ulang service nova-compute di Node Compute</p>
<pre>systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service</pre>
<p>List Instances</p>
<pre>[root@openstack ~(keystone_admin)]# openstack server list
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+
| 2cffc5b3-feb3-40a6-b6af-62cdde03d69c | soft-delete | ACTIVE | extnet=10.1.1.49 | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
| 281a9a9b-0fe7-48d7-93e0-3dae7c9db695 | instance-01 | ACTIVE | extnet=10.1.1.2 | ubuntu-16.04-server-cloudimg-amd64-disk1-20180306.img | ns.2-2-20 |
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+</pre>
<p>Ujicoba hapus Instance</p>
<pre>[root@openstack ~(keystone_admin)]# openstack server delete 2cffc5b3-feb3-40a6-b6af-62cdde03d69c
[root@openstack ~(keystone_admin)]# openstack server list
+--------------------------------------+-------------+--------+-----------------+-------------------------------------------------------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------+--------+-----------------+-------------------------------------------------------+-----------+
| 281a9a9b-0fe7-48d7-93e0-3dae7c9db695 | instance-01 | ACTIVE | extnet=10.1.1.2 | ubuntu-16.04-server-cloudimg-amd64-disk1-20180306.img | ns.2-2-20 |
+--------------------------------------+-------------+--------+-----------------+-------------------------------------------------------+-----------+</pre>
<p>Cek List instance yang sudah di Hapus, jika kita aktifkan Soft Delete maka statusnya akan menjadi <strong>SOFT_DELETE</strong> sampai batas waktu yang sudah kita tentukan akan berubah menjadi <strong>DELETED</strong></p>
<pre>[root@openstack ~(keystone_admin)]# openstack server list --deleted
+--------------------------------------+------------------+--------------+------------------+-----------------------------------------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------------------+--------------+------------------+-----------------------------------------+-----------+
| 2cffc5b3-feb3-40a6-b6af-62cdde03d69c | soft-delete | SOFT_DELETED | extnet=10.1.1.49 | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
| 239c18af-3ffc-41aa-9a47-d07e9af4ac52 | test-centos | DELETED | | CentOS-7-x86_64-GenericCloud-1802.qcow2 | ns.2-4-20 |
| 83448c2a-66fe-4864-8296-253ed4bcb16f | cirros-test | DELETED | | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
+--------------------------------------+------------------+--------------+------------------+-----------------------------------------+-----------+</pre>
<p>Ujicoba Restore Instance</p>
<pre>[root@openstack ~(keystone_admin)]# openstack server restore 2cffc5b3-feb3-40a6-b6af-62cdde03d69c
[root@openstack ~(keystone_admin)]# openstack server list
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+
| 2cffc5b3-feb3-40a6-b6af-62cdde03d69c | soft-delete | ACTIVE | extnet=10.1.1.49 | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
| 281a9a9b-0fe7-48d7-93e0-3dae7c9db695 | instance-01 | ACTIVE | extnet=10.1.1.2 | ubuntu-16.04-server-cloudimg-amd64-disk1-20180306.img | ns.2-2-20 |
+--------------------------------------+-------------+--------+------------------+-------------------------------------------------------+-----------+</pre>
<p>Lalu bagaimana jika kita ingin segera memakai resource kita tanpa menunggu 1 hari? bisa gunakan perintah</p>
<pre>[root@openstack ~(keystone_admin)]# nova force-delete 2cffc5b3-feb3-40a6-b6af-62cdde03d69c
[root@openstack ~(keystone_admin)]# openstack server list --deleted
+--------------------------------------+------------------+---------+----------+-----------------------------------------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------------------+---------+----------+-----------------------------------------+-----------+
| 2cffc5b3-feb3-40a6-b6af-62cdde03d69c | soft-delete | DELETED | | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
| 239c18af-3ffc-41aa-9a47-d07e9af4ac52 | test-centos | DELETED | | CentOS-7-x86_64-GenericCloud-1802.qcow2 | ns.2-4-20 |
| 83448c2a-66fe-4864-8296-253ed4bcb16f | cirros-test | DELETED | | cirros-0.4.0-x86_64-disk.img | ns.1-1-1 |
+--------------------------------------+------------------+---------+----------+-----------------------------------------+-----------+</pre>
<p><strong>Sekian dan Terima kasih!</strong></p>aryUbah konfigurasi Nova di node semua Controller dan semua node ComputeFailover using VRRP Keepalived2018-07-24T04:33:52+00:002018-07-24T04:33:52+00:00https://aryulianto.github.io/failover-using-vrrp-keepalived<p><strong>Requirements:</strong></p>
<ul>
<li>2 Server atau lebih dalam 1 jaringan yang sama</li>
<li>1 Virtual IP (VIP)</li>
</ul>
<p>Disini saya menggunakan 3 Server Ubuntu 16.04 dan <a href="http://www.haproxy.org/" rel="noopener" target="_blank">HAProxy</a> dibelakangnya:<br />
`node1 = 10.0.0.5<br />
node2 = 10.0.0.6<br />
node3 = 10.0.0.7<br />
VIP = 10.0.0.200`</p>
<p>Langsung saja berikut cara <em>Failover</em> menggunakan VRRP <em>(Virtual Router Redundancy Protocol)</em> sebagai berikut</p>
<p>Pasang paket Keepalived disemua node</p>
<pre>apt install keepalived -y</pre>
<p>Buat Konfigurasi Keepalived disemua node</p>
<pre>vim /etc/keepalived/keepalived.conf</pre>
<pre>vrrp_script haproxy-check {
script "killall -0 haproxy"
interval 2
weight 20
}
vrrp_instance haproxy-vip {
state MASTER
priority 101
interface ens3
virtual_router_id 51
advert_int 3
unicast_src_ip 10.0.0.5
unicast_peer {
10.0.0.6
10.0.0.7
}
virtual_ipaddress {
10.0.0.200
}
track_script {
haproxy-check weight 20
}</pre>
<p>Sesuaikan bagian:<br />
`interface` (interface yang digunakan untuk failover)<br />
`priority` (prioritas masing-masing node)<br />
`unicast_src_ip` (IP node tersebut)<br />
`unicast_peer` (IP node lainnya)</p>
<p>Muat ulang servis Keepalived</p>
<pre>systemctl enable keepalived
systemctl restart keepalived
systemctl status keepalived</pre>
<p>Verifikasi disemua node:</p>
<pre>root@node3:~# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:52:a1:72 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.7/24 brd 10.0.0.255 scope global ens3
valid_lft forever preferred_lft forever
inet 10.0.0.200/32 scope global ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe52:a172/64 scope link</pre>
<p>Test Failover<br />
~ Matikan node yang saat ini menempel VIP<br />
~ Pantau konfigurasi IP di node lainnya dengan perintah</p>
<pre>watch -n1 ip address</pre>
<p><strong>Sekian.</strong></p>aryRequirements:Attach Multiple Network Interfaces to Instance OpenStack2018-06-10T14:43:28+00:002018-06-10T14:43:28+00:00https://aryulianto.github.io/attach-multiple-network-interfaces-to-instance-openstack<p>Dalam beberapa kasus kalian mungkin membutuhkan 2 <em>Internal Network</em> dalam satu Instance, dan itu memang sudah didukung dengan baik oleh <a href="http://www.openstack.org" target="_blank" rel="noopener">OpenStack</a> bahkan saat Instance sudah berjalan kita bisa dapat secara <em>live</em> menambahkan <em>Interface</em> baru 😀</p>
<p>Tapi jika ada lebih dari satu <em>Interface</em> dalam satu Instance, <em><a href="http://cloudinit.readthedocs.io/en/latest/" target="_blank" rel="noopener">cloud-init</a>/images</em> tidak secara otomatis mengkonfigurasi seluruh <em>Interface</em>. Maka dari itu kita perlu melakukan langkah tambahan agar seluruh Interface dapat berjalan dengan semestinya:</p>
<p><strong>CentOS 7</strong><br />
Cara Ke-1:</p>
<pre>sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:d4:31:b5 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.10/24 brd 10.99.99.255 scope global dynamic eth0
valid_lft 60138sec preferred_lft 60138sec
inet6 fe80::f816:3eff:fed4:31b5/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether fa:16:3e:f2:65:4a brd ff:ff:ff:ff:ff:ff</pre>
<p>Buat berkas Konfigurasi eth1</p>
<pre>sudo cp -v /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1</pre>
<p>Sesuaikan <em>Device</em> dan <em>HWADDR</em></p>
<pre>sudo vi /etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=dhcp
DEVICE=eth1
HWADDR=fa:16:3e:f2:65:4a
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
DEFROUTE=no</pre>
<p>Bring up eth1</p>
<pre>sudo ifup eth1</pre>
<p>Verifikasi</p>
<pre>sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:d4:31:b5 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.10/24 brd 10.99.99.255 scope global dynamic eth0
valid_lft 60138sec preferred_lft 60138sec
inet6 fe80::f816:3eff:fed4:31b5/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:f2:65:4a brd ff:ff:ff:ff:ff:ff
inet 10.11.11.10/24 brd 10.199.199.255 scope global dynamic eth1
valid_lft 85976sec preferred_lft 85976sec
inet6 fe80::f816:3eff:fef2:654a/64 scope link
valid_lft forever preferred_lft forever</pre>
<p>Cara Ke-2:<br />
Dengan menambahkan <strong>Configuration > Customisation Script</strong> berikut pada saat membuat Instance baru dengan <em>Multiple Interface</em>:</p>
<pre>#!/bin/bash
sudo -i
echo "dhclient" >> /etc/rc.local
chmod +x /etc/rc.local
/etc/rc.local
</pre>
<p><strong>Ubuntu 16.04</strong></p>
<pre>vim K99multinic.sh</pre>
<pre>#!/bin/bash
hname=$(hostname)
cat /etc/hosts | grep $hname >> /dev/null
if [ $? -ne 0 ];then
sudo bash -c "echo '127.0.0.1 $hname' >> /etc/hosts"
fi
netfile=$(find /etc/network/interfaces.d -name "*.cfg")
for interface in $(ls -1 /sys/class/net | grep ens) ;do
cat $netfile | grep $interface >> /dev/null
if [ $? -ne 0 ];then
sudo bash -c "echo 'auto $interface' >> ${netfile}"
sudo bash -c "echo 'iface $interface inet dhcp' >> ${netfile}"
sudo ifup $interface
fi
done</pre>
<p>Ubah permission dan Eksekusi skrip</p>
<pre>chmod +x K99multinic.sh
./K99multinic.sh</pre>
<p>Ubah kepemilikan lalu simpan ke /etc/rc0.d/ agar skrip dieksekusi saat reboot</p>
<pre>sudo chown root:root K99multinic.sh
sudo mv K99multinic.sh /etc/rc0.d/ </pre>
<p>Ujicoba reboot Instance</p>
<pre>sudo reboot</pre>
<p>Sekian dan Selamat Liburan. 🙂</p>
<hr />
<p><strong>Refrensi: </strong> <a href="https://support.metacloud.com/hc/en-us/articles/115002332667-Configuring-a-VM-to-work-with-multiple-network-interfaces" target="_blank" rel="noopener">https://support.metacloud.com/hc/en-us/articles/115002332667-Configuring-a-VM-to-work-with-multiple-network-interfaces</a><br />
<a href="https://leadwithoutatitle.wordpress.com/2017/07/06/how-to-create-a-multi-nic-ubuntu-cloud-image/" rel="noopener" target="_blank">https://leadwithoutatitle.wordpress.com/2017/07/06/how-to-create-a-multi-nic-ubuntu-cloud-image/</a></p>aryDalam beberapa kasus kalian mungkin membutuhkan 2 Internal Network dalam satu Instance, dan itu memang sudah didukung dengan baik oleh OpenStack bahkan saat Instance sudah berjalan kita bisa dapat secara live menambahkan Interface baru 😀Grep Volume ID OpenStack2018-05-31T06:47:58+00:002018-05-31T06:47:58+00:00https://aryulianto.github.io/grep-volume-id-openstack<p>List Volume ID di Satu Project</p>
<pre>openstack volume list -f value --project user | awk '{print $1}'</pre>
<p>List Volume ID di Banyak Project</p>
<pre>while read X; do openstack volume list -f value --project $X; done < file.csv | awk '{print $1}'</pre>
<p>Sekian. :)</p>aryList Volume ID di Satu Project