LINUX.ORG.RU

Сообщения chemtech

 

perf buffer not large enough. entry_SYSCALL_64_after_hwframe+0x41/0xa6

Имеется виртуалка в OpenStack с Ubuntu у заказчика.

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.5 LTS
Release:        18.04
Codename:       bionic

Ядро

uname -r
4.15.0-159-generic

Сегодня увидел в dmesg такие логи. Что это может быть? Что можно еще посмотреть?

[Wed Oct 20 14:28:18 2021] ------------[ cut here ]------------
[Wed Oct 20 14:28:18 2021] perf buffer not large enough
[Wed Oct 20 14:28:18 2021] WARNING: CPU: 0 PID: 12288 at /build/linux-teTg6M/linux-4.15.0/kernel/trace/trace_event_perf.c:288 perf_trace_buf_alloc+0x86/0xa0
[Wed Oct 20 14:28:18 2021] Modules linked in: ip6table_filter ip6_tables xt_nat veth vsock_diag vsock sctp_diag sctp dccp_diag dccp raw_diag unix_diag af_packet_diag netlink_diag udp_diag tcp_diag inet_diag ipt_REJECT nf_reject_ipv4 xt_tcpudp xt_conntrack ipt_MASQUERADE nf_nat_masquerade_ipv4 nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack br_netfilter bridge stp llc overlay aufs nls_iso8859_1 input_leds kvm_intel kvm irqbypass joydev serio_raw sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath
[Wed Oct 20 14:28:18 2021]  linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc hid_generic aesni_intel aes_x86_64 crypto_simd glue_helper cryptd usbhid psmouse ahci libahci virtio_scsi hid virtio_net
[Wed Oct 20 14:28:18 2021] CPU: 0 PID: 12288 Comm: dockerd Not tainted 4.15.0-159-generic #167-Ubuntu
[Wed Oct 20 14:28:18 2021] Hardware name: OpenStack Foundation OpenStack Nova, BIOS 1.10.2-1ubuntu1 04/01/2014
[Wed Oct 20 14:28:18 2021] RIP: 0010:perf_trace_buf_alloc+0x86/0xa0
[Wed Oct 20 14:28:18 2021] RSP: 0018:ffffa60a42453cd0 EFLAGS: 00010282
[Wed Oct 20 14:28:18 2021] RAX: 0000000000000000 RBX: 000000000000109c RCX: 0000000000000000
[Wed Oct 20 14:28:18 2021] RDX: 000000000000001c RSI: ffffffffa2d63c3c RDI: 0000000000000246
[Wed Oct 20 14:28:18 2021] RBP: ffffa60a42453ce8 R08: 000013084d9fabc3 R09: ffffffffa2d63c20
[Wed Oct 20 14:28:18 2021] R10: 000000000000104e R11: 0000000000000001 R12: 000000000000104e
[Wed Oct 20 14:28:18 2021] R13: ffffa60a42453e28 R14: 000000000000000f R15: ffff9a3a8e0d5000
[Wed Oct 20 14:28:18 2021] FS:  00007fca2e7fc700(0000) GS:ffff9a3d3fc00000(0000) knlGS:0000000000000000
[Wed Oct 20 14:28:18 2021] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[Wed Oct 20 14:28:18 2021] CR2: 000000000000000f CR3: 000000042adfc004 CR4: 00000000007606f0
[Wed Oct 20 14:28:18 2021] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[Wed Oct 20 14:28:18 2021] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[Wed Oct 20 14:28:18 2021] PKRU: 55555554
[Wed Oct 20 14:28:18 2021] Call Trace:
[Wed Oct 20 14:28:18 2021]  kprobe_perf_func+0xb4/0x250
[Wed Oct 20 14:28:18 2021]  ? do_execveat_common.isra.34+0x5/0x7d0
[Wed Oct 20 14:28:18 2021]  kprobe_dispatcher+0x34/0x50
[Wed Oct 20 14:28:18 2021]  aggr_pre_handler+0x45/0x80
[Wed Oct 20 14:28:18 2021]  ? do_execveat_common.isra.34+0x1/0x7d0
[Wed Oct 20 14:28:18 2021]  kprobe_ftrace_handler+0x8f/0xf0
[Wed Oct 20 14:28:18 2021]  ftrace_ops_assist_func+0xa9/0x130
[Wed Oct 20 14:28:18 2021]  0xffffffffc07c80d5
[Wed Oct 20 14:28:18 2021]  ? do_execveat_common.isra.34+0x1/0x7d0
[Wed Oct 20 14:28:18 2021]  do_execveat_common.isra.34+0x5/0x7d0
[Wed Oct 20 14:28:18 2021]  SyS_execve+0x31/0x40
[Wed Oct 20 14:28:18 2021]  ? do_execveat_common.isra.34+0x5/0x7d0
[Wed Oct 20 14:28:18 2021]  ? copy_oldmem_page+0xb0/0xb0
[Wed Oct 20 14:28:18 2021]  do_syscall_64+0x73/0x130
[Wed Oct 20 14:28:18 2021]  entry_SYSCALL_64_after_hwframe+0x41/0xa6
[Wed Oct 20 14:28:18 2021] RIP: 0033:0x555a8ebc944b
[Wed Oct 20 14:28:18 2021] RSP: 002b:000000c000fd3bb8 EFLAGS: 00000202 ORIG_RAX: 000000000000003b
[Wed Oct 20 14:28:18 2021] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000555a8ebc944b
[Wed Oct 20 14:28:18 2021] RDX: 000000c000f34740 RSI: 000000c0014cb6d0 RDI: 000000c0014882a0
[Wed Oct 20 14:28:18 2021] RBP: 000000c000fd3d58 R08: 0000000000000000 R09: 0000000000000000
[Wed Oct 20 14:28:18 2021] R10: 0000000000000000 R11: 0000000000000202 R12: 0000555a8ebbda50
[Wed Oct 20 14:28:18 2021] R13: 0000000000000018 R14: 0000000000000017 R15: 0000000000000100
[Wed Oct 20 14:28:18 2021] Code: c7 44 18 f8 00 00 00 00 5b 41 5c 41 5d 5d c3 80 3d a2 06 48 01 00 75 15 48 c7 c7 9b 60 4e a2 c6 05 92 06 48 01 01 e8 4a de ef ff <0f> 0b 5b 31 c0 41 5c 41 5d 5d c3 0f 1f 44 00 00 66 2e 0f 1f 84 
[Wed Oct 20 14:28:18 2021] ---[ end trace 4571369f97795a2f ]---

 ,

chemtech ()

pam_tally2: Error opening /var/log/tallylog for update: Permission denied

Коллеги, собираю rpm и при установке появляется сообщение.

pam_tally2: Error opening /var/log/tallylog for update: Permission denied
pam_tally2: Authentication error
useradd: failed to reset the tallylog entry of user "victoriametrics"

Selinux включен.

Current mode:                   enforcing

Не пойму как я установка задействует /var/log/tallylog

Исходный код: https://github.com/patsevanton/victoriametrics-rpm

CentOS Linux release 7.9.2009 (Core)

Как воспроизвести ошибку

yum -y install yum-plugin-copr
yum -y copr enable antonpatsev/VictoriaMetrics
yum makecache
yum -y install vmsingle

 

chemtech ()

Elements of a set are identified only by their value and don't have any separate index or key to select

Тестирую вот этот код на terraform 1.0

git clone https://git.cloud-team.ru/lections/kubernetes_setup.git
cd terraform
TF_IN_AUTOMATION=1 terraform apply -auto-approve

Вот такая ошибка

│ Error: Invalid index
│ 
│   on k8s-cluster.tf line 380, in output "load_balancer_public_ip":
│  380:   value = yandex_lb_network_load_balancer.k8s-load-balancer.listener.*.external_address_spec.0.address
│ 
│ Elements of a set are identified only by their value and don't have any separate index or key to select with, so it's only possible to perform operations across all
│ elements of the set.

Как можно поправить эту ошибку?

 

chemtech ()

Помочь разобраться с проектом https://github.com/Corollarium/localtls

How correctly generate certificate by project https://github.com/Corollarium/localtls ?

Run dnsserver.py

python3 dnsserver.py --domain yourdomain.net --soa-master=ns1.yourdomain.net --soa-email=email@yourdomain.net --ns-servers=ns1.yourdomain.net,ns2.yourdomain.net --log-level ERROR --http-port 80 --http-index /somewhere/index.html
12:12:47: starting DNS server on 10.128.0.20/ on port 53, upstream DNS server "1.1.1.1"
12:12:47: Starting httpd...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
12:12:47: Cannot find wildcard certificate. Run certbotdns.py now and then restart this. Meanwhile HTTP will not work.
Run python3 certbotdns.py wildcard 10.128.0.20.yourdomain.net email@yourdomain.net
python3 certbotdns.py wildcard 10.128.0.20.yourdomain.net email@yourdomain.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for 10.128.0.20.yourdomain.net
Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
Output from manual-auth-hook command python3:
_acme-challenge.10.128.0.20.yourdomain.net

Waiting for verification...
Challenge failed for domain 10.128.0.20.yourdomain.net
dns-01 challenge for 10.128.0.20.yourdomain.net
Cleaning up challenges
Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: 10.128.0.20.yourdomain.net
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS
   record exists for this domain
None
None
Run python3 certbotdns.py wildcard yourdomain.net email@yourdomain.net
python3 certbotdns.py wildcard yourdomain.net email@yourdomain.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for yourdomain.net
Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
Output from manual-auth-hook command python3:
_acme-challenge.yourdomain.net

Waiting for verification...
Challenge failed for domain yourdomain.net
dns-01 challenge for yourdomain.net
Cleaning up challenges
Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: yourdomain.net
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.yourdomain.net - check that a DNS record exists for
   this domain
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
None
None

cat /var/log/letsencrypt/letsencrypt.log

2021-07-15 12:17:18,809:DEBUG:certbot.main:certbot version: 0.40.0
2021-07-15 12:17:18,809:DEBUG:certbot.main:Arguments: ['--noninteractive', '--agree-tos', '--email', 'email@yourdomain.net', '--manual', '--preferred-challenges=dns', '--manual-public-ip-logging-ok', '--manual-auth-hook', 'python3 /root/localtls/certbotdns.py deploy', '--manual-cleanup-hook', 'python3 /root/localtls/certbotdns.py cleanup', '-d', '*.10.128.0.20.yourdomain.net']
2021-07-15 12:17:18,809:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-07-15 12:17:18,815:DEBUG:certbot.log:Root logging level set at 20
2021-07-15 12:17:18,815:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-07-15 12:17:18,816:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2021-07-15 12:17:18,816:DEBUG:certbot.plugins.selection:Single candidate plugin: * manual
Description: Manual configuration or run your own shell scripts
Interfaces: IAuthenticator, IPlugin
Entry point: manual = certbot.plugins.manual:Authenticator
Initialized: <certbot.plugins.manual.Authenticator object at 0x7ff1b3515b80>
Prep: True
2021-07-15 12:17:18,817:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.manual.Authenticator object at 0x7ff1b3515b80> and installer None
2021-07-15 12:17:18,817:INFO:certbot.plugins.selection:Plugins selected: Authenticator manual, Installer None
2021-07-15 12:17:18,819:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/130687661', new_authzr_uri=None, terms_of_service=None), 6439102b194ec0e68f3614050ef16266, Meta(creation_dt=datetime.datetime(2021, 7, 15, 12, 8, 58, tzinfo=<UTC>), creation_host='localhost'))>
2021-07-15 12:17:18,819:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-07-15 12:17:18,820:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2021-07-15 12:17:19,454:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-07-15 12:17:19,454:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "7ze8_jIGrbk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-07-15 12:17:19,455:INFO:certbot.main:Obtaining a new certificate
2021-07-15 12:17:19,533:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem
2021-07-15 12:17:19,535:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem
2021-07-15 12:17:19,536:DEBUG:acme.client:Requesting fresh nonce
2021-07-15 12:17:19,536:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-07-15 12:17:19,692:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-07-15 12:17:19,692:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 01027bBVN5WDeZpizkLAGJ-TU5tZ4IdGMDmKlYxnPMjKZjA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2021-07-15 12:17:19,692:DEBUG:acme.client:Storing nonce: 01027bBVN5WDeZpizkLAGJ-TU5tZ4IdGMDmKlYxnPMjKZjA
2021-07-15 12:17:19,693:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "*.10.128.0.20.yourdomain.net"\n    }\n  ]\n}'
2021-07-15 12:17:19,694:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDI3YkJWTjVXRGVacGl6a0xBR0otVFU1dFo0SWRHTURtS2xZeG5QTWpLWmpBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "FeiGKN-j-X_VZYeTxGKRgZyyuhJfP2zeopROjQszKwtkkodu6M2aaTu_sEnssp-28Ad0Y94p9YyoSbqFoA45y4McRf-KE-7DEeetshZhJq63K2al-unfyF0zcKAxqcgvHAtLv28SjHRmCzFimV91FD-93OzksmbOXksKlijmNFhWPgK_4gI6F7SZ4u23AfMzRC4Z2UFa679hngQwIYIZ9kJz1jPXCuLm53YuGMQwQHZDW-0nlo9K2YTT2FK29wzM0Sm4qH9IC8Fz7mIXb8GEJ91U_s-BEh1t321Rt1vNbzb9lxysBdo2EmYhcXR7ENT42UC3j1tKQH_f3FEhDppRrQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIiouMTAuMTI4LjAuMjAueW91cmRvbWFpbi5uZXQiCiAgICB9CiAgXQp9"
}
2021-07-15 12:17:20,036:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 351
2021-07-15 12:17:20,036:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Content-Type: application/json
Content-Length: 351
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/130687661/11093878505
Replay-Nonce: 0102PVAWzO6fdI-avHs2w8h5kpLwy-ry33EvAURV0ec6fK8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2021-07-22T12:17:19Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "*.10.128.0.20.yourdomain.net"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/130687661/11093878505"
}
2021-07-15 12:17:20,038:DEBUG:acme.client:Storing nonce: 0102PVAWzO6fdI-avHs2w8h5kpLwy-ry33EvAURV0ec6fK8
2021-07-15 12:17:20,038:DEBUG:acme.client:JWS payload:
b''
2021-07-15 12:17:20,040:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDJQVkFXek82ZmRJLWF2SHMydzhoNWtwTHd5LXJ5MzNFdkFVUlYwZWM2Zks4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDgzNjMwMTUzNCJ9",
  "signature": "GwMw8_KAmv3p6m9YnxHGA4vyEQA_s1UZgj_4Uhis-wpazLPsmt3FBYc8WagPNKvcRWbym8HuHokA6tZ-1zGBdeIj7Rugkp-rANfXlHnv27uXmFc9aKyK8pmp_dm-d3hB5Br6VElSOW4w2CftjQFB7GviuMZa-_F0TrBkZsdKcYeA7k3Ux03RhPw30YEAsY9W-h0yk_RTz6ljPGdHnJGMuGJK5sXU3fiQ8LfcEpHtb6p3lnuq3ZpmJt3xZr-izLRwLUu-EtHmbs3fiBzCPPnh9PRxSa12-MI9sCkJxWsHlBhPInhPFq3ZhGK08IVze1rlR0kIr7ks9TRVhByJi-Q7DQ",
  "payload": ""
}
2021-07-15 12:17:20,240:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14836301534 HTTP/1.1" 200 399
2021-07-15 12:17:20,240:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:20 GMT
Content-Type: application/json
Content-Length: 399
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102-r9ZGsiYTbA2bP5UIEnrArG7hPo2SyQGK2g0QCxqk3w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "10.128.0.20.yourdomain.net"
  },
  "status": "pending",
  "expires": "2021-07-22T12:17:19Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
      "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4"
    }
  ],
  "wildcard": true
}
2021-07-15 12:17:20,241:DEBUG:acme.client:Storing nonce: 0102-r9ZGsiYTbA2bP5UIEnrArG7hPo2SyQGK2g0QCxqk3w
2021-07-15 12:17:20,241:INFO:certbot.auth_handler:Performing the following challenges:
2021-07-15 12:17:20,241:INFO:certbot.auth_handler:dns-01 challenge for 10.128.0.20.yourdomain.net
2021-07-15 12:17:20,242:INFO:certbot.hooks:Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
2021-07-15 12:17:20,286:INFO:certbot.hooks:Output from manual-auth-hook command python3:
_acme-challenge.10.128.0.20.yourdomain.net

2021-07-15 12:17:20,287:INFO:certbot.auth_handler:Waiting for verification...
2021-07-15 12:17:20,288:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "dns-01"\n}'
2021-07-15 12:17:20,289:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDItcjlaR3NpWVRiQTJiUDVVSUVuckFyRzdoUG8yU3lRR0syZzBRQ3hxazN3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8xNDgzNjMwMTUzNC9VZzJERHcifQ",
  "signature": "AqvdAXbEiLJPnm5x6_g_gRNT2I1UgngtmEnUf_YRZ9F873ODh00ZVo6CdXPs3rpBTlaiOMSmAk1ph6qY1bR1EqGXZcrY4t5Bd8PPgqWIA9Bg5Vq3EYGUyhzTqlbxu0UJ48RMTQ1JFmzuv2PDo9W47P-pr33ZrWE5tr9t2TMtMtY41OuqSUNASHWzcfAgSbvwQESgTFj9LZ5r8Quzj4Jpa7yEZtkDPsWBBHL4q8TaQ-yDAlXqtglbQh7-R-Pa_yr3GmdnlTvwVdUbUZC1E4H4jw5lWldmGfdQwuoUmnkq308NreZlDGXAwPfOwXaVNBTP6xgOM4pwMPvyPyjGbwFmXQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImRucy0wMSIKfQ"
}
2021-07-15 12:17:20,498:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/14836301534/Ug2DDw HTTP/1.1" 200 185
2021-07-15 12:17:20,499:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:20 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw
Replay-Nonce: 0102COQryNwPHH-FuEIUaF9WNVvgWFFILwC3G6xAx6oyzec
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "dns-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
  "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4"
}
2021-07-15 12:17:20,499:DEBUG:acme.client:Storing nonce: 0102COQryNwPHH-FuEIUaF9WNVvgWFFILwC3G6xAx6oyzec
2021-07-15 12:17:21,501:DEBUG:acme.client:JWS payload:
b''
2021-07-15 12:17:21,502:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDJDT1FyeU53UEhILUZ1RUlVYUY5V05WdmdXRkZJTHdDM0c2eEF4Nm95emVjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDgzNjMwMTUzNCJ9",
  "signature": "IYFePWKtNBCj_POrkZ3PPnSb3E-re1BipC2nRmSZzKRHHDIBJX--DOMQRtYE62rb_SxKwOcIKUWvX3qWN05kEmYiXjWEk5XH0oj6ZQhtJUB7wol6_V0moHQ-mMdfkMr_WJom4NrUQj_k8KGNW4nif7eSIeRtt8M4DlyRjd13u-23xf1JMjb-fgvNepMqbxVSWqZL3VbXvBjgqHstluoZDSxfnOwi1EdG3cE7hPZwQKUGmVyWdRMd7HzlnXdWs5CKcOQ-nz_C3hXtcOo2LGmQIYlWFQk--EgEw6GfnPtBWhZuYfFX5REz5EKLrw3qcfT6u2R8mAcKqRLzwQQL3NzgEg",
  "payload": ""
}
2021-07-15 12:17:21,708:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14836301534 HTTP/1.1" 200 694
2021-07-15 12:17:21,708:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:21 GMT
Content-Type: application/json
Content-Length: 694
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102GGYr1RrT1oew0rcdfZ4reh2WLHiFRr5XWJKy19x2iDk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "10.128.0.20.yourdomain.net"
  },
  "status": "invalid",
  "expires": "2021-07-22T12:17:19Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:dns",
        "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS record exists for this domain",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
      "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4",
      "validated": "2021-07-15T12:17:20Z"
    }
  ],
  "wildcard": true
}
2021-07-15 12:17:21,709:DEBUG:acme.client:Storing nonce: 0102GGYr1RrT1oew0rcdfZ4reh2WLHiFRr5XWJKy19x2iDk
2021-07-15 12:17:21,709:WARNING:certbot.auth_handler:Challenge failed for domain 10.128.0.20.yourdomain.net
2021-07-15 12:17:21,709:INFO:certbot.auth_handler:dns-01 challenge for 10.128.0.20.yourdomain.net
2021-07-15 12:17:21,709:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: 10.128.0.20.yourdomain.net
Type:   dns
Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS record exists for this domain
2021-07-15 12:17:21,710:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2021-07-15 12:17:21,710:DEBUG:certbot.error_handler:Calling registered functions
2021-07-15 12:17:21,710:INFO:certbot.auth_handler:Cleaning up challenges
2021-07-15 12:17:21,710:INFO:certbot.hooks:Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
2021-07-15 12:17:21,753:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1265, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

 , ,

chemtech ()

Уже есть .github.io page. Не добавляется helm-charts в pages.

Имеется уже существующий https://github.com/Drill4J/drill4j.github.io

Отображается как drill4j.github.io

Пытаюсь добавить helm-charts в github pages.

Сделал https://github.com/Drill4J/helm-charts

Но оно не работает.

helm repo add myhelmrepo https://drill4j.github.io/helm-charts Error: looks like "https://drill4j.github.io/helm-charts" is not a valid chart repository or cannot be reached: failed to fetch https://drill4j.github.io/helm-charts/index.yaml : 404 Not Found

Как правильно добавить https://github.com/Drill4J/helm-charts в github pages?

Спасибо

 ,

chemtech ()

DNS service for local IP addresses with SSL/HTTPS support

У кого-нибудь удавалось поднять SSL/HTTPS для локальных адресов, например 192.168.1.0/24, без добавления корневых сертификатов в браузер?

Есть проекты:

http://local-ip.co/

https://sslip.io/

https://github.com/Corollarium/localtls

Если с http://local-ip.co/ все понятно - там уже сгенерирован сертификат и он только для сети 10.0.0.0/8

То как быть с остальными локальными сетями ?

 , , ,

chemtech ()

git rev-list «$OLDREV»..«$NEWREV» --not --all unknown revision or path not in the working tree.

Имеется Gitlab 13.1.2

Добавил в /opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/ файл хука https://github.com/patsevanton/git-server-pre-receive-hooks/blob/master/reject-not-allowlist-email.sh

Глобальный gitlab хук, который отклоняет коммиты с адресами электронной почты не из разрешенного списка

Но возникает сообщение написанное в заголовке сообщения Вывод сообщения, когда делаем git push

remote: ++ git rev-list '49c8d42b40373944923ef839c2dee3afe24d746a 24d9fa75a13f90ddeda8c5ef12243bf80caa7c12 refs/heads/master..' --not --all
remote: fatal: ambiguous argument '49c8d42b40373944923ef839c2dee3afe24d746a 24d9fa75a13f90ddeda8c5ef12243bf80caa7c12 refs/heads/master..': unknown revision or path not in the working tree.
remote: Use '--' to separate paths from revisions, like this:

Фрагмент кода:

ZERO_COMMIT="0000000000000000000000000000000000000000"
while read -r OLDREV NEWREV REFNAME; do

    if [[ "$NEWREV" = "$ZERO_COMMIT" ]]
    then
        # Branch or tag got deleted
        continue
    elif [[ "$OLDREV" = "$ZERO_COMMIT" ]]
    then
        # New branch or tag
        echo "then"
        echo "$NEWREV"
        SPAN=$(git rev-list "$NEWREV" --not --all)
    else
        echo "else"
        echo "$OLDREV"
        echo "$NEWREV"
        SPAN=$(git rev-list "$OLDREV".."$NEWREV" --not --all)
    fi

Я так понимаю нужно поправить git rev-list. Но как? Спасибо

 

chemtech ()

Написать console java app: показать время sql транзакции и время select

Взять Postgresql бд. Заполнить таблицу в БД тестовыми данными

SQL скрипт взят отсюда https://use-the-index-luke.com/sql/example-schema/postgresql/performance-testing-scalability

CREATE TABLE scale_data (
   section NUMERIC NOT NULL,
   id1     NUMERIC NOT NULL,
   id2     NUMERIC NOT NULL
);
INSERT INTO scale_data
SELECT sections.*, gen.*
     , CEIL(RANDOM()*100) 
  FROM GENERATE_SERIES(1, 300)     sections,
       GENERATE_SERIES(1, 900000) gen
 WHERE gen <= sections * 3000;

Написать console java app. В нем в бесконечном цикле показывать:

  • время sql транзакции (begin UPDATE scale_data SET id1 = (случайное значение) where id=(случайное значение) COMMIT;)

  • время sql запроса: select id1 from scale_data where id1=(случайное число);

Все это выводить в консоль: transaction: 2ms select: 1ms transaction: 3ms select: 2ms transaction: 2ms select: 1ms transaction: 3ms select: 2ms

Уточнение: Возможно SQL нужно поправить.

Подробности https://freelance.habr.com/tasks/307920

 ,

chemtech ()

Как сказать wget чтобы качал TeamCity.tar.gz, если нет файла, и не качал TeamCity.tar.gz, если файл есть, и чтобы exit code был 0?

Пытаюсь скачать TeamCity.tar.gz через wget

https://github.com/patsevanton/teamcity-server-rpm/blob/master/teamcity-serve...

``` wget --no-clobber %{url} -O TeamCity.tar.gz ``` wget --no-clobber выводит exit code не 0

File `TeamCity.tar.gz' already there; not retrieving. error: Bad exit status from /var/tmp/rpm-tmp.ip99tu (%prep)

Как сказать wget чтобы качал TeamCity.tar.gz, если нет файла, и не качал TeamCity.tar.gz, если файл есть, и чтобы exit code был 0?

 

chemtech ()

Как получить пакет showduplicates rpm, используя модуль python yum?

Я пытаюсь получить RPM пакеты через API Yum с Python. Но я не могу использовать опцию --showduplicates.

#!/usr/bin/env python

import sys
import yum

yb = yum.YumBase()
yb.conf.showduplicates = True
yb.setCacheDir()
yb.repos.disableRepo('*')
yb.repos.enableRepo('grafana')

plist = yb.doPackageLists(patterns=sys.argv[1:])

if plist.available:
    print "Available Packages"
    for pkg in sorted(plist.available):
        print pkg, pkg.repo

 , ,

chemtech ()

Postgresql overview dashboard for postgres_exporter

Сделал dashboard Postgresql overview для postgres_exporter.

Чем отличается от других дашбородов postgres_exporter?

Я объединил все другие дашборды postgres_exporter в один.

Пока что это дашбор показывает общую информацию по кластеру.

Как руки дойдут, планирую сделать дашборд для информации по конретной БД внутри PostgreSQL.

В этом дашборде мне не хватает знаний в promql и postgresql.

Поэтому я надеюсь на то что вы мне поможете советом как улучшить дашборд или сделаете pull request.

Краткая инструкция по использованию.

PostgreSQL и Prometheus устанавливаем стандартно.

Postgres_exporter и Prometheus можно установить для Redhat систем из этого репозитория: https://github.com/lest/prometheus-rpm

Устанавливаем графану

Берем dashboard здесь

https://github.com/patsevanton/postgresql_overview_postgres_exporter

Почему то не могу экспортировать dashboard чтобы опубликовать его на grafana.com

Выходит такая ошибка:

Скриншоты

https://habrastorage.org/webt/e6/w-/p3/e6w-p3if6zw4kug1qi327uj8nqc.jpeg

https://habrastorage.org/webt/_j/nr/qr/_jnrqr7jzo5jmixsyudgblw9zte.jpeg

https://habrastorage.org/webt/dy/zm/nz/dyzmnzfmgnbs09kaawhjjfcrqrw.jpeg

https://habrastorage.org/webt/3f/sa/oo/3fsaoof3obeka8o0cjeiv2famcw.jpeg

https://habrastorage.org/webt/zg/me/xz/zgmexzb97zio0xcr4gvbnvyeoe0.jpeg

https://habrastorage.org/webt/xm/sd/4j/xmsd4jhin8-_a2ywmehg7ohir_8.jpeg

https://habrastorage.org/webt/km/sb/yc/kmsbycvyy5zpgphtlq8enzefob4.jpeg

https://habrastorage.org/webt/b0/yo/q-/b0yoq-rwfingvptkzqdrwsdzjvi.jpeg

https://habrastorage.org/webt/tr/81/ug/tr81ugngobhru0miibe7bgt4rp8.jpeg

https://habrastorage.org/webt/in/de/eu/indeeudff0os9fzdqdfhrpdboby.jpeg

P.S. похоже вот этот issue https://github.com/grafana/grafana/issues/20577

 , ,

chemtech ()

Как в prometheus вычесть из текущего счетчика commit счетчик commit за предыдущую минуту?

Тестирую https://github.com/wrouesnel/postgres_exporter

В postgresql статистика по commit суммируется в pg_stat_statement. Как в prometheus вычесть из текущего счетчика commit счетчик commit за предыдущую минуту?

Скрин где значение статистики из pg_stat_statement непрерывно растет https://habrastorage.org/webt/gk/0l/yh/gk0lyhc-afr26pedbcnar2f0vxi.png

 ,

chemtech ()

Написать инструкцию и сделать демо по аутентификации в Minio в LDAP

Заказ тут: https://freelance.habr.com/tasks/300920

Мои наработки:

docker run -p 1389:389 -p 1636:636 --name test-ldap --detach gitea/test-openldap

Поиск в LDAP работает

ldapsearch -x -H ldap://localhost:1389 -b "dc=planetexpress,dc=com" -D "cn=Philip J. Fry,ou=people,dc=planetexpress,dc=com" -w fry '(uid=*)' dn

экспортирую переменные

export MINIO_IDENTITY_LDAP_SERVER_ADDR=127.0.0.1:1389
export MINIO_IDENTITY_LDAP_USERNAME_SEARCH_FILTER='(uid=%s)'
export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn=%s,ou=people,dc=planetexpress,dc=com'
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN="dc=planetexpress,dc=com"
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER='(&(objectclass=group)(member=%s))'
export MINIO_IDENTITY_LDAP_GROUP_NAME_ATTRIBUTE=cn
export MINIO_IDENTITY_LDAP_STS_EXPIRY=60h
export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY=on
export MINIO_IDENTITY_LDAP_SERVER_INSECURE=on

запускаю minio

minio server /mnt/data

Пытаюсь войти под логином/паролем: admin/GoodNewsEveryone

Выдает ошибку:

The access key ID you provided does not exist in our records

 

chemtech ()

Как прикрутить ldap аутентификацию и авторизацию в minio?

Часть данные взял отсюда https://github.com/minio/minio/issues/9435

Запускаю

docker run -p 1389:389 -p 1636:636 --name test-ldap --detach gitea/test-openldap

Поиск в LDAP работает

ldapsearch -x -H ldap://localhost:1389 -b "dc=planetexpress,dc=com" -D "cn=Philip J. Fry,ou=people,dc=planetexpress,dc=com" -w fry '(uid=*)' dn

экспортирую переменные

export MINIO_IDENTITY_LDAP_SERVER_ADDR=127.0.0.1:1389
export MINIO_IDENTITY_LDAP_USERNAME_SEARCH_FILTER='(uid=%s)'
export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn=%s,ou=people,dc=planetexpress,dc=com'
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN="dc=planetexpress,dc=com"
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER='(&(objectclass=group)(member=%s))'
export MINIO_IDENTITY_LDAP_GROUP_NAME_ATTRIBUTE=cn
export MINIO_IDENTITY_LDAP_STS_EXPIRY=60h
export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY=on
export MINIO_IDENTITY_LDAP_SERVER_INSECURE=on

запускаю minio

minio server /mnt/data

Пытаюсь войти под логином/паролем: admin/GoodNewsEveryone

Выдает ошибку:

The access key ID you provided does not exist in our records

 ,

chemtech ()

Имеет ли смысл делать topk(3, increase(pg_stat_statements_calls[10m])) в prometheus, если pg_stat_statements кумулятивный?

Статистика в PostgreSQL в таблице pg_stat_statements кумулятивная. То есть она накапливается и данные там суммируются. pg_stat_statements сбрасываю раз в сутки.

Имеет ли смысл делать такой запрос в prometheus

topk(3, increase(pg_stat_statements_calls{datname!~"template.*", datname!~"postgres", instance=~"$instance", datname=~"$datname"}[10m]))

?

Или лучше делать вот такой запрос в prometheus

topk(3, pg_stat_statements_calls{datname!~"template.*", datname!~"postgres", instance=~"$instance", datname=~"$datname"})

?

 ,

chemtech ()

Как вывести в таблицу queryid из запроса topk(5, sum by (datname,queryid) (increase(pg_stat_statements_mean_time_seconds... ?

Есть запрос в prometheus в postgres_exporter

topk(5, sum by (datname,queryid) (increase(pg_stat_statements_mean_time_seconds{datname!~"template.*", datname!~"postgres", instance=~"$instance", datname=~"$datname"}[1m])))

Таблица с запросом выглядит вот так

https://habrastorage.org/webt/x4/ej/jk/x4ejjkw4pzzocqmgk7zzmetlzuq.jpeg

Как вывести в таблицу queryid из этого запроса ?

 

chemtech ()

Как сделать более плавные графики в запросе topk(5, sum by (datname) (increase(pg_stat_statements_mean_time_seconds..... в prometheus ?

Есть запрос в prometheus в postgres_exporter

topk(5, sum by (datname) (increase(pg_stat_statements_mean_time_seconds{datname!~"template.*", datname!~"postgres", instance=~"$instance"}[1m]) > 10 ))

График с запросом выглядит вот так

https://habrastorage.org/webt/sb/4e/id/sb4eidbln70tbwbnnzekpdvlyxa.jpeg

Как сделать более плавные графики в запросе topk(5, sum by (datname) (increase(pg_stat_statements_mean_time_seconds….. в prometheus ?

 

chemtech ()

Не создается пользователь, описанный в %pre в spec файле для сборки rpm

Собираю Sentry в rpm. Проект тут https://github.com/patsevanton/sentry-rpm

Здесь https://github.com/patsevanton/sentry-rpm/blob/master/spec/sentry-9.1.2.spec#L185

Указано:

%pre
/usr/bin/echo "create group sentry"
/usr/bin/cat /etc/group | grep sentry
/usr/bin/getent group sentry > /dev/null || /usr/sbin/groupadd -r sentry
/usr/bin/echo "create user sentry"
/usr/bin/cat /etc/passwd | grep sentry
/usr/bin/getent passwd sentry > /dev/null || /usr/sbin/useradd -r -d /home/sentry -s /bin/bash -g sentry sentry

Но пользователь не создается.

В rpm скриптов я не вижу.

https://habrastorage.org/webt/yn/ex/d9/ynexd9qdvwosenurs7jzdqk34eq.png

Что может быть?

 ,

chemtech ()

Посоветуйте проект, который бы мог создавать разные SQL запросы в postgresql для отладки postgres_exporter

Здравствуйте. Есть такой проект postgres_exporter https://github.com/wrouesnel/postgres_exporter

Посоветуйте проект, который бы мог создавать разные SQL запросы в postgresql для отладки postgres_exporter

То есть чтобы были разные SQL запросы: select, insert, update, delete.

 

chemtech ()

Как поправить запрос к prometheus для получения графика top-5 pg_database_size?

Делаю мониторинг по статье POWA-like мониторинг PostgreSQL с помощью Prometheus https://habr.com/ru/post/345370/

Запрос вот такой

pg_database_size{datname!~"template.*", datname!~"postgres", instance=~"$server", datname=~"$database"}/(1024*1024*1024)

Скриншот: https://habrastorage.org/webt/dt/kt/gv/dtktgvnkekh2vmtsrxea3w1h1ds.jpeg

Как поправить запрос к prometheus для получения графика top-5 pg_database_size?

Спасибо

 ,

chemtech ()

RSS подписка на новые темы