Migrate DNS to Google Cloud Platform

Just done it, super easy to migrate your DNS service to GCP.

From your account, I use Cloud shell session directly.

Replace silverston.fr and silverston by your domain

Create your new zone :

gcloud dns managed-zones create --dns-name="silverston.fr." --description="My awesome domain" "silverston" 

Import your zone

gcloud dns record-sets import -z=silverston --zone-file-format silverston.fr.txt --delete-all-existing 

--delete-all-existing is necessary to delete existing NS records and use Google instead.

Get your GCP NS servers :

gcloud dns managed-zones describe silverston

You will get your NS servers, for example :

nameServers: 

- ns-cloud-a1.googledomains.com.
- ns-cloud-a2.googledomains.com.
- ns-cloud-a3.googledomains.com.
- ns-cloud-a4.googledomains.com.

gcloud dns managed-zones describe examplezonename

Update your NS in your current registar to use googledomains (use the servers you get in the previous step)

And you're done.
Control DNS propagation using :

watch dig +short NS silverston.fr

source: https://cloud.google.com/dns/docs/migrating

FTP to IBM System i

Sometimes you need still old school admin tricks, to upload files (WAS installation) to ISeries, the only native way, without to install SSH or other stuff is still FTP.
When it happens the easiest way is to use ftpclient.

ftp ipnode
login
password
change naming format because native DB format is limit 10 character long names
quote site namefmt 1
put
And you're done.

Previously you did create a new catalog and upload the files in this Catalog/directory.

Resolutions 2019

Hello,

I was thinking to the following resolutions since the beginning of 2019 but I rather to write them down because if I don't I will probably not complete, so I share them :

• Get Chef first certification : Chef Fluency, maybe less important than 2-3y ago compared to Kubernetes but I did begin so I must complete.    
• To get cloud certifications like AWS but most likely GCP because I use it more.
• To do my first mobile app probably based on Strava.
• To bike 12000km this year, including a backpacking weekend. I did 11000km in 2018.
• To share theses experiences on the blog and more.

Thank you

Proxmox, create external VNC access

Hello,

Sometimes using Proxmox, you can't connect to VM console, to troubleshot boot issues, slow network, java applet version, ...
To address thoses issues, the best solution is to create an external VNC session to login into your VM.
From your Proxmox server, open a VNC connection using NC (netcat) to forward port :

/bin/nc -l -p 5900 -w 100 -c '/usr/sbin/qm vncproxy VMID'

Install VNCTiger, very seasy and high-performance vnc client.

Connect to your Proxmox ip and port (ex: 5900), accept the certificats.
Login and password are the same to connect to your Proxmox, login : root@pam and your password.

Er voila, an emergency remote access to use when everything turns bad and your Windows VM does a BSOD.

Redirect HTTP to HTTPS using Apache and Google Cloud Platform Loadbalancer

Using Apache to redirect HTTP to HTTP, if https version of the site is not configured via Apache ModSSL it doesn't set %{HTTPS} variable to "on" and keeps redirecting infinitely.

The best way to do is to send X-Forwarded-Proto header from load balancer to Apache and configure RewriteCond as follow.

If not already done enablerewrite and ssl

a2enmod rewrite
a2enmod ssl

Then in HTTP vhost configure

<VirtualHost *:80>
....

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L,R=301]

...

</VirtualHost>

Instead of the common usage :

RewriteCond %{HTTPS} off

source : https://stackoverflow.com/a/19722706

Google cloud platform, forward HTTP to HTTPS

 Hello,

One of the common issue using GCP is loadbalancer HTTP to HTTPS forward.
Still a feature request but not resolved yet.

The best solution I found is the following.
Using Nginx server, HTTP connection are forward to HTTPS in server:443 part.

server {
        listen 443 ssl default_server;
        listen [::]:443 ssl;
if ($http_x_forwarded_proto = "http") {
        return 301 https://$host$request_uri;
    }
(rest of your configuration : ssl, ...)
}


This way your site is always HTTPS.

Configurer chrony Ubuntu chez AWS

Hello,

Souvent on oublie de configurer le temps et la zone et avec le temps (justement), il y a un dephasage, pour eviter ce probleme configurer NTP, remplace par Chrony.

Sur Ubuntu AWS :

• sudo apt install chrony
• sudoedit /etc/chrony/chrony.conf
• Indiquer l'IP du serveur NTP AWS:

# Note that if Chrony tries to go "online" and dns lookup of the servers
# fails they will be discarded. Thus under some circumstances it is
# better to use IP numbers than host names.
server 169.254.169.123 prefer iburst
server 0.debian.pool.ntp.org offline minpoll 8
server 1.debian.pool.ntp.org offline minpoll 8
server 2.debian.pool.ntp.org offline minpoll 8
server 3.debian.pool.ntp.org offline minpoll 8

• sudo /etc/init.d/chrony restart

on controle :

• chronyc sources -v
• chronyc tracking 
• Leap status doit etre normal
• date

Ne pas oublie de refaire son image ensuite. 

Source :  Setting the Time for Your Linux Instance