Posted on

Cannot change boot order VMware – items cannot be modified in user mode

Recently I had a problem changing the boot order on a Windows VM hosted on vSphere 6.7 with BIOS configured as boot software.

When I tried to change the boot order I could locate the message:

All items on this menu cannot be modified in user mode. If any items require changes, please consult your system Supervisor.

As a result I could not boot from the CD device. This happens because the boot order is defined on the .vmx file of the virtual machine. In more detail the bios.bootOrder attribute should be changed accordingly.

Download and edit .vmx. You should add cdrom as the first option.

Rename the existing .vmx for backup purposes


Force a BIOS boot on setup screen

Upload the .vmx file on VM datastore folder.

Then the boot will be performed from CD as expected.

Posted on

Log commands for all users on Linux – Redhat auditd

As security is one of the most important things on your infrastructure, you should enable logging for all commands and actions that a user performs (logins included).

In this article I will explain the procedure using auditd which comes preinstalled with many Linux distributions.

First things first, check if auditd is already installed and started on your system.

Then go to the rules file and open it with your favorite editor.

vi /etc/audit/rules.d/audit.rules

Add the below two rules to the end of the file.

-a exit,always -F arch=b32 -S execve -k auditcmd
-a exit,always -F arch=b64 -S execve -k auditcmd

Then execute on terminal:

augenrules 

You should then restart the service. Trying to do so with systemctl you may encounter the below error:

Execute auditd stop and start using the below commands:

service auditd stop
service auditd start

Verify existing rules:

auditctl -l

You are now ready and you can test the logging functionality. Perform a sudo action with a non root user.

Locate the action from logs.

Posted on

Deploy wordpress with mysql in less than a minute using docker containers

For testing purposes I had to deploy a wordpress installation and perform some work. As the standalone installation with wamp/mamp/xampp software would require time, I chose docker and containers for the deployment.

You can use the below docker-compose.yml file and have a working site stack in less than a minute. 

version: '3.1'

services:

  wordpress:
    image: wordpress
    restart: always
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_HOST: host.docker.internal
      WORDPRESS_DB_USER: root
      WORDPRESS_DB_PASSWORD: password
      WORDPRESS_DB_NAME: wordpress
    volumes:
      - wordpress:/var/www/html

  db:
    image: mysql:latest
    restart: always
    environment:
      MYSQL_DATABASE: wordpress
      MYSQL_USER: user1
      MYSQL_PASSWORD: password
      MYSQL_ROOT_PASSWORD: password
    ports:
      - 3306:3306
    volumes:
      - db:/var/lib/mysql

volumes:
  wordpress:
  db:

You can run the above composer file with: 

docker compose up -d

In order to access the new wordpress installation you should go to 0.0.0.0:8080 or localhost:8080

You can clone the code from the below repository:

https://github.com/geralexgr/wordpress-mysql-containers/

Posted on

Create a release pipeline and deploy to local Kubernetes cluster with Azure Devops

On a previous article I described how you could create your self hosted agent to run your pipelines on Azure Devops. In this article I will explain how you can use this agent to deploy resources on your local Kubernetes cluster. As a prerequisite you should already have a kubernetes cluster locally. You can do that by installing Docker and enable the option for a kube cluster.

First things first you should connect your local Kubernetes cluster with Azure devops. For that reason you should go on Project settings -> Service connections and select Kubernetes

You can select between three different options. I selected kubeconfig

Get the output of the below command and paste it on the box. Then select untrusted certificates and add press verify and save.

kubectl config view --raw

Then you should go and create a release pipeline. Go on releases tab and press create release.

In the setup of the release pipeline you can change the trigger from automatic to manual. You should select your build pipeline that will trigger the release. In my case I selected the one I created on a previous article.

On the tasks of the release pipeline you should select the agent pool, as a result your self hosted agent. Depending on which pool you placed your agent you should add it appropriately. In my case it was on the default pool.

Then you can go and create the tasks of the release.

I chose two tasks, one for a deployment creation through kubectl commands and another one for a service exposure. You could also apply a .yml config file.

In this deployment I selected a sample image I created on a previous article, selected the namespace, added the requested parameters and selected create as the command. KubernetesConnection is the service connection that you will create and add on the first steps.

When you run the release pipeline you should see that the self hosted agent will be prepared for the run.

The job will start on your locally deployed agent.

The stages will start running.

Taken into account that everything is correct with your commands and configuration the job will be successful.

The green button of result indicate the win of your try.