Thursday 9 July 2020

Linux Authentication and Access - A different approach

A small briefing that covers the basic points of creating a new user in a Linux host. We start with a simple username/password old and insecure authentication method and then we add RSA certificate to make the user authentication modern and more robust. In the second section, we copy the private key to our windows machine and we configure windows PuTTY so that we connect to the Linux server using RSA certificates.
In the second part of the article, we make a very short introduction to Chef Technology and how this can be used in order to automate user provisioning on a host. This example does exactly the same user provisioning operations shown in the first part but this time with Chef.
In the last section we introduce we introduce a simple Jenkins pipeline that demonstrates the use of the sftp and ssh commands for the linux user we previously created. 
Just 10 minutes reading.

Read the full article here:

Monday 22 June 2020

Web based CRUD operations made with ZKoss ZK Framework with JPA, Spring, using Intellij Idea

Hi folks!

This month we will continue the ZKoss/ZK framework. series and we present you a full functional example of a simple ZKoss ZK web application that makes JPA/CRUD operations on a database entity. The user is introduced to a web form that is build around a ZK listbox and presents the contents of a DB table. The user through the web form can perform CRUD operations (Create, Retrieve, Update and Delete  table records that are subsequently persisted in the DB level using Hibernate JPA implementation. In the article we come across with the DAO/Adapter pattern, we explain how ZK implements the the MVVM Pattern and we explain the design using  simple elements of the UML methodology.
The implementation of the  example utilizes technologies such as J2EE JPA, Spring framework and Maven in order to compile and build the WAR artifact over  the Intelij IDEA  programming environment/IDE.

Read the full article in Illumine IT articles GitHub:

https://github.com/illumine/articles/tree/master/ZK-JPA-Spring-Tutorial-with-IDEA-Maven

Thursday 28 May 2020

ZKoss ZK framework for Java Application Development





Publish those two training sessions dealing with ZKoss hashtag ZK framework for Java web application development.

Both those training sessions were given to the engineers/analysts of MOU S.A. some years ago.



Wednesday 15 April 2020

ακατάληπτα σύμβολα στην ελληνική γραμματοσειρά του microworlds pro

MICROWORLDS PRO Πρόβλημα εγκατάστασης στα Microsoft Windows 10



Το φοβερό MICROWORLDS PRO - το επίσημο εποπτικό μέσο που προτείνει το Υπ. Παιδέιας - δε παίζει πάντα στα Microsoft Windows 10. Γιατί? Γιατί απλά η εφαρμογή που προτείνει το Υπ. Παιδείας είναι αρχαία βασισμένη σε 32 bit βιβλιοθήκες, χρησιμοποιεί άλλο code page από τις περισσότερες σύγχρονες εγκαταστάσεις των Microsoft Windows 10 και φυσικά κατά την εγκατάσταση στην οθόνη βγαίνουν μπαρμπουτσαλα στην καθομιλουμένη και _"ακατάληπτα σύμβολα στην ελληνική γραμματοσειρά του microworlds pro" όπως το έθεσε η γραφουσσα εδω



Για την υποστήριξη της εφαρμογής MICROWORLDS PRO που δυστυχώς ακόμη τυραννάει τους μαθητές Γυμνασίων και Λυκείων η Illumine IT Consulting έγραψε το παρακάτω άρθρο

Friday 3 January 2020

Creating a Full Web Based Business

Hi folks! Merry Christmas to everyone!

One of my old clients asked me how to create a full web business site. the site should be able to do the common basic usual stuff:
  • Promote the company - Inform customers about the brand
  • Present products 
  • Do online sales
The interesting part of the story is that this guy did not want me to do the actual site work. Instead he asked me:
  •  to make a TODO list of ll basic steps with a correct order so that nothing is missing and everything is in order.  Write down a well formed procedure. 
  • also to put all those artifacts that should be delivered in each of the steps from the side of the implementing contract company, so that the contractor is checked - ensuring no hidden details
Read the full article  on Illumine IT Consulting GitHub Space

Thursday 17 October 2019

Elementary Linux Performance Monitoring

The basic tool here is top
Monitoring a single process can be done with -p option, in the next example we measure the MySQL process:

[root@(db-master) ~]# top -p 2521
top - 15:42:54 up 40 days, 10:46,  4 users,  load average: 0.14, 0.24, 0.48
Tasks:   1 total,   0 running,   1 sleeping,   0 stopped,   0 zombie
%Cpu0  :  1.0 us,  1.0 sy,  0.0 ni, 98.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu1  :  0.0 us,  0.0 sy,  0.0 ni,100.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
KiB Mem:  32551020 total, 32285684 used,   265336 free,   149660 buffers
KiB Swap:  3129340 total,   402572 used,  2726768 free. 16662620 cached Mem

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
 2521 mysql     20   0 18.725g 0.014t   4548 S 6.000 46.50   2735:03 mysqld

Load Average is a linux/unix mystery: Linux load averages are "system load averages" that show the running thread (task) demand on the system as an average number of running plus waiting threads. This measures demand, which can be greater than what the system is currently processing. 
For an extended excellent article around Linux Load Average, refer to Brendan Gregg's Blog

On the other hand good old ps which is available on all UNIX flavors and LINUX distributions can also help. The following command shows the most CPU consuming processes  in ascending order along with their virtual size 

[root@(db-master) ~]# ps -e -o pid,pcpu,vsz,comm= | sort -n  --key=3
...
 1669  0.0 752396 isecespd
 1759  0.0 1561472 isectpd
 2521 52.4 19634584 mysqld

To get the process tree try pstree -aAl:

[root@(db-master) ~]# pstree -aAl
systemd --switched-root --system --deserialize 24
  |-VGAuthService -s
  |-agetty --noclear tty1 linux
  |-automount -p /var/run/automount.pid
  |   `-5*[{automount}]
  |-cron -n
  |-dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
  |-discagnt /etc/init.d/discagnt start
  |   `-discagnt
  |-haveged -w 1024 -v 0 -F
...

For systems that do not have  pstree  try ps -ejH  

To get information about threads created by processes  try  ps -eLf

To get information about disk performance try iostat:

 [root@(mmcp_prod_corp)(db-master) ~]# iostat -dcm
Linux 4.4.121-92.117-default (mo-1400a55c2)     10/17/19        _x86_64_        (8 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           7.22    0.00    0.59    1.19    0.00   91.00

Device:            tps    MB_read/s    MB_wrtn/s    MB_read    MB_wrtn
sda               1.56         0.01         0.01      44144      51244
sdb             146.49         5.48         1.79   19159479    6250758

Finally to see all open files by a process such as data/shared objects/dynamic libraries and sockets use lsof. In the following example we can see all open files of mysql process:

[root@(db-master) ~]# lsof -p 2521
COMMAND  PID  USER   FD   TYPE             DEVICE     SIZE/OFF     NODE NAME
mysqld  2521 mysql  cwd    DIR              254,2         4096  6815769 /monsoon/mysql/data
mysqld  2521 mysql  rtd    DIR              254,0         4096        2 /
mysqld  2521 mysql  txt    REG              254,0    250387936   794500 /usr/sbin/mysqld
mysqld  2521 mysql  mem    REG              254,0        97056  1065145 /lib64/libresolv-2.22.so
mysqld  2521 mysql  mem    REG              254,0        26976  1065107 /lib64/libnss_dns-2.22.so


To see the TCP listening server sockets on a linux server, we can do that with netstat -tulpn

[root@(db-master) ~]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      2521/mysqld
tcp        0      0 0.0.0.0:2738            0.0.0.0:*               LISTEN      3282/discagnt
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3289/sshd
tcp        0      0 127.0.0.2:25            0.0.0.0:*               LISTEN      3671/master
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3671/master
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      38622/0
tcp        0      0 :::7938                 :::*                    LISTEN      3317/nsrexecd
tcp        0      0 :::5666                 :::*                    LISTEN      1/systemd
udp     4352      0 0.0.0.0:68              0.0.0.0:*                           1521/wickedd-dhcp4
udp        0      0 10.97.6.160:123         0.0.0.0:*                           3343/ntpd


while for all open TCP sockets:

[root@(db-master) ~]# netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 mo-1400a55c2.zone:mysql mo-6740a22da.zone:46138 ESTABLISHED
tcp        0     64 mo-1400a55c2.zone1.:ssh mo-657dabf53.zone:58606 ESTABLISHED
tcp        0      0 mo-1400a55c2.zone:mysql mo-23acddcc0.zone:50068 ESTABLISHED





Friday 20 September 2019

Creating a RSA Key pair, a Self Signed Certificate and put it on a JKS Java Key Store

Generating a Key Pair (Private/Public key) and a Self-Signed Certificate and store them to a JKS Java Key Store 

Job done on a Linux box using the openssl tools and JDK 's keytool

1) Generate RSA key pair of 2048 bits
openssl genrsa -out illumineit.com.key 2048  

2) Generate certificate request for CA (.csr)
openssl req -x509 -sha256 -new -subj '/C=CY/ST=Nikosia/L=Center/CN=illumineit.com'  -key illumineit.com.key -out illumineit.com.csr

3) Generate self signed certificate expiry-time 10 years from the certificate request
openssl x509 -sha256 -days 3652 -in illumineit.com.csr -signkey illumineit.com.key -out illumineit.com.crt


4) Import the pair (private key and selfsigned certificate) in a new JKS (Trustore and Keystore together)
# Create PKCS12 keystore from private key and public certificate.
openssl pkcs12 -export -name illumineit.com -in illumineit.com.crt -inkey illumineit.com.key -out illumineit.com.p12 -passin pass:welcome -password pass:welcome

# Convert PKCS12 keystore into a JKS keystore
keytool -importkeystore -destkeystore illumineit.com.jks -srckeystore illumineit.com.p12 -srcstoretype pkcs12 -alias illumineit.com -srcstorepass welcome  -storepass welcome  -noprompt