fedora

Migrating from owncloud to nextcloud in Fedora and CentOS

Over the past few months the question of "are you going to maintain nextcloud too and what is going to happen to owncloud" has come up more than a few times.

The nextcloud packages have recently made it through package review and nextcloud 10 will be arriving in Fedora and EPEL7 soon.

This article dives into the steps to migrate for those who want to do so.

Getting groovy with jenkins

Jenkins is often the tool of choice in Continuous Integration environments.

Somewhat ironically this engine at the centre of many DevOps strategies is a rather remarkable pain to provision and configure from Configuration Management tools.

There are ongoing efforts to improve this state of affairs with the likes of GitlabCI and Travis nipping at the heels of the old dog (Blue Ocean initiative), but they only help once it is actually provisioned.

In this article we'll delve into configuring a Jenkins instance via ansible to take a couple of empty systems and end up with projects found in GitHub with anything having a Jenkinsfile automatically being run.

A Day in the Life of a Fedora Packager

I'm often asked what role a packager plays and why it can take so long from an upstream release to a package arriving in Fedora or EPEL sometimes.

In this article we'll step through what happens on an OwnCloud update upstream and the journey it takes to arrive in Fedora and EPEL.

VM testing quick and dirty

Having ansible check libvirt for hosts to configure is very useful for quick role testing but that VM still has to be created in the first place, you have to look up the IP to SSH to it still and removing it afterwards needs to be clean.

Of course virsh gives us a lot of scriptable capabilities ...

Ansible and libvirt, a marriage made in python

I've recently started making better use of Ansible for orchestration and agentless configuration management. Like most of us test virtual machines are very important to me but the lack of DNS resolution for $random VM made updating an inventory file a bit of a chore. So I decided to explore other options to make my life easier.

Building RPMs for fun and profit

Building RPMs is an important part of being a linux administrator in the RHEL world. Being on a package managed distribution local source builds leave an inconsistent environment and can be hard to clean up afterwards. Trying to replicate the system using configuration management tools can also end up being very painful when doing this, and if in an environment that involves auditors being able to pull up full package lists and changelogs via rpm becomes extremely useful.

But how best to build these in a way that is reproducible and keeps a clean build environment?

Polkit Configuration, Usage and Reasons

Polkit (formerly known as PolicyKit) integration is becoming more common in applications but the configuration and use of it remains a bit of a black art. This is not helped by the significant difference in doing so between CentOS6 and Fedora/CentOS7 rendering guides between the two as incompatible.

This article explores the differences between these versions and expands on the brief references in the libvirt and firewalld articles with more detail.

Firewalld configuration and usage

One of the new entries to the Fedora and CentOS worlds is firewalld.

The principle behind this is an abstracted layer so that a setting in this will provide rules for ipv4 and ipv6 rather than needing to set rules for them individually, along with clear output of exactly what is permitted from where.

There have been other tools to do this as a static translator from a friendly language to the iptables syntax, an example being shorewall, but adding to this firewalld allows for dynamic configuration over dbus so that permitted daemons can change configuration (eg a bittorent client could be allowed to open the port it is listening on automatically when needed) or so that NetworkManager can assign an interface to a particular zone. In addition due to the way the rules are manipulated it prevents the issue of a mistake in /etc/sysconfig/iptables causing the iptables service to fail to parse the rules and consequently not setting up any rules at all. If the default rule was set to DROP on the INPUT chain a 'service iptables restart' could completely lock out remote access to the system in this case.

There is frequently some apparent confusion over terms like 'Default Zone' and what that actually means which this article will hopefully clear up.

Why you shouldn't hate and disable NetworkManager anymore

One of the quirks of distributions has always been the difference in how they handle network configuration.

Red Hat based systems have generally used /etc/sysconfig/network(-scripts) and debian based systems /etc/network/interfaces

These have generally called out to ifconfig (or more recently ip) to carry out various actions to configure the network stack appropriately. This methodology was (mostly) fine for static interfaces that never change but when WiFi began to grow more prevalent more flexible ways to handle these or switch between configurations became desirous.

A few tools appeared (such as wicd) but there has been some effort to consolidate on NetworkManager as a common point. This common point has native configuration in /etc/NetworkManager but most often the plugin infrastructure is used to read/write the network config in the standard location for the distro.

The first release seen in Enterprise Linux was EL6. This was fine for a laptop user in a graphical environment connecting to WiFi but pretty useless in almost every server scenario and the recommendation was to disable it and use the standard network service. In EL7 this has changed and the recommendation is to use NetworkManager where possible unless there is a specific edge case preventing doing so.

Multiple IPs on an interface on Fedora and EL6/7

Having multiple IPs on an interface is a fairly common requirement - especially when hosting multiple SSL sites when SNI is not an available possibility due to supporting clients that cannot cope with this.

In EL5 and the network service of EL6 and EL7 this functionality was provided by network aliases. With NetworkManager the configuration is a little different - and this new syntax is supported by the network service as well in EL6 and EL7. In this article we delve into the tools and the how of carrying this out.

Pages

Subscribe to RSS - fedora