Diary of IT Man – Self-Study in cloudacademy.com

by Posted in Diary of IT Man(IT人在工廠日記) Leave a comment

Because I got a free training account from CloudAcademy.com for 14 days, I took this benefit to self-study the cloud technology during Christmas Holiday. CloudAcademy.com is a on-line learning web site for IT professional to continuously leaning IT. I strongly recommend it to you to try, it is Good Stuff…

I completed the following courses:

– Completion Certificate for Set Up VPC Peering between Amazon Virtual Private Clouds (VPCs)
– Completion Certificate for Introduction to Virtual Private Cloud (VPC)
– Completion Certificate for Diagnose Cancer with an Amazon Machine Learning Classifier
– Completion Certificate for Deploy WordPress using CloudFormation
– Completion Certificate for Automate Image Labeling with Amazon Rekognition
– Completion Certificate for Serverless Web Development with Python for AWS
– Completion Certificate for Securing your VPC using Public and Private subnets
– Completion Certificate for Amazon Machine Learning for Human Activity Recognition
– Completion the Overview of Azure Services Course
– Completion the Introduction to Amazon Web Services (AWS) Course
– Completion the Introduction to Google BigQuery Course
– Completion the AWS Virtual Private Cloud: Subnets and Routing Course

Note:
CloudAcademy.com is a provider-neutral learning platform that helps both companies and individuals learn Cloud Computing technologies. Actually, Cloud computing is changing how people interact with information and knowledge, how developers build applications, and how companies organize and collect data both on and offline. Today, a developer with a great idea has access to the same infrastructure as a Fortune 500 company, and is capable of creating, deploying, and selling a solution that will rival global technology companies.

Although Amazon was the distinct pioneer in this area (and continues to innovate and expand), many other companies have entered the Cloud Computing frontier, such as Microsoft, Google, and Rackspace. What we see today is the birth of the next chapter in IT, where boundless technological resources are available on-demand to whoever needs them.

Changing the very shape of modern computing and the Internet itself, Cloud Computing is a relatively new technology that can be defined in a number of different ways. At its core, however, it just means “running your applications on a computer infrastructure other than your own”. Computing in the Cloud makes many different solutions available to you. Both the tasks and the methods used to achieve them can be quite varied. You might need full infrastructure or perhaps just a back-end where you can build your application – or maybe you just need one narrowly focused service.

 

AWS Command Interface Setup

by Posted in 4. Others 2 Comments

Installing the AWS Command Line Interface

The primary distribution method for the AWS CLI on Linux, Windows, and macOS is pip, a package manager for Python that provides an easy way to install, upgrade, and remove Python packages and their dependencies.

Current AWS CLI Version

The AWS CLI is updated frequently with support for new services and commands. To see if you have the latest version, see the releases page on GitHub.

Requirements

  • Python 2 version 2.6.5+ or Python 3 version 3.3+
  • Windows, Linux, macOS, or Unix

Note

Older versions of Python may not work with all AWS services. If you seeInsecurePlatformWarning or deprecation notices when you install or use the AWS CLI, update to a recent version.

If you already have pip and a supported version of Python, you can install the AWS CLI with the following command:

$ pip install awscli --upgrade --user

The --upgrade option tells pip to upgrade any requirements that are already installed. The --user option tells pip to install the program to a subdirectory of your user directory to avoid modifying libraries used by your operating system.

If you encounter issues when you attempt to install the AWS CLI with pip, you can install the AWS CLI in a virtual environment to isolate the tool and its dependencies, or use a different version of Python than you normally do.

Standalone Installers

For offline or automated installations on Linux, macOS, or Unix, try the bundled installer. The bundled installer includes the AWS CLI, its dependencies, and a shell script that performs the installation for you.

On Windows, you can also use the MSI installer. Both of these methods simplify the initial installation, with the tradeoff of being more difficult to upgrade when a new version of the AWS CLI is released.

After you install the AWS CLI, you may need to add the path to the executable file to your PATH variable. For platform specific instructions, see the following topics:

Verify that the AWS CLI installed correctly by running aws --version.

$ aws --version
aws-cli/1.11.84 Python/3.6.2 Linux/4.4.0-59-generic botocore/1.5.47

The AWS CLI is updated regularly to add support for new services and commands. To update to the latest version of the AWS CLI, run the installation command again.

$ pip install awscli --upgrade --user

If you need to uninstall the AWS CLI, use pip uninstall.

$ pip uninstall awscli

If you don’t have Python and pip, use the procedure for your operating system:

Sections

Configuring the AWS CLI

This section explains how to configure settings that the AWS Command Line Interface uses when interacting with AWS, such as your security credentials and the default region.

Note

The AWS CLI signs requests on your behalf, and includes a date in the signature. Ensure that your computer’s date and time are set correctly; if not, the date in the signature may not match the date of the request, and AWS rejects the request.

Sections

Quick Configuration

For general use, the aws configure command is the fastest way to set up your AWS CLI installation.

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json

The AWS CLI will prompt you for four pieces of information. AWS Access Key ID and AWS Secret Access Key are your account credentials.

To get the access key ID and secret access key for an IAM user

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. If you don’t have access keys, you can create them from the AWS Management Console. We recommend that you use IAM access keys instead of AWS account root user access keys. IAM lets you securely control access to AWS services and resources in your AWS account.

The only time that you can view or download the secret access keys is when you create the keys. You cannot recover them later. However, you can create new access keys at any time. You must also have permissions to perform the required IAM actions. For more information, see Delegating Permissions to Administer IAM Users, Groups, and Credentials in the IAM User Guide.

  1. Open the IAM console.
  2. In the navigation pane of the console, choose Users.
  3. Choose your IAM user name (not the check box).
  4. Choose the Security credentials tab and then choose Create access key.
  5. To see the new access key, choose Show. Your credentials will look something like this:
    • Access key ID: AKIAIOSFODNN7EXAMPLE
    • Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  6. To download the key pair, choose Download .csv file. Store the keys in a secure location.Keep the keys confidential in order to protect your account, and never email them. Do not share them outside your organization, even if an inquiry appears to come from AWS or Amazon.com. No one who legitimately represents Amazon will ever ask you for your secret key.

Related topics

Default region is the name of the region you want to make calls against by default. This is usually the region closest to you, but it can be any region. For example, type us-west-2 to use US West (Oregon).

Note

You must specify an AWS region when using the AWS CLI. For a list of services and available regions, see Regions and Endpoints. The region designators used by the AWS CLI are the same names that you see in AWS Management Console URLs and service endpoints.

Default output format can be either jsontext, or table. If you don’t specify an output format, json is used.

If you have multiple profiles, you can configure additional, named profiles by using the --profile option.

$ aws configure --profile user2
AWS Access Key ID [None]: AKIAI44QH8DHBEXAMPLE
AWS Secret Access Key [None]: je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY
Default region name [None]: us-east-1
Default output format [None]: text

To update any of your settings, simply run aws configure again and enter new values as appropriate. The next sections contain more information on the files that aws configure creates, additional settings, and named profiles.

Configuration Settings and Precedence

The AWS CLI uses a provider chain to look for AWS credentials in a number of different places, including system or user environment variables and local AWS configuration files.

The AWS CLI looks for credentials and configuration settings in the following order:

  1. Command line options – region, output format and profile can be specified as command options to override default settings.
  2. Environment variables – AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN.
  3. The AWS credentials file – located at ~/.aws/credentials on Linux, macOS, or Unix, or at C:UsersUSERNAME .awscredentials on Windows. This file can contain multiple named profiles in addition to a default profile.
  4. The CLI configuration file – typically located at ~/.aws/config on Linux, macOS, or Unix, or at C:UsersUSERNAME .awsconfig on Windows. This file can contain a default profile, named profiles, and CLI specific configuration parameters for each.
  5. Container credentials – provided by Amazon EC2 Container Service on container instances when you assign a role to your task.
  6. Instance profile credentials – these credentials can be used on EC2 instances with an assigned instance role, and are delivered through the Amazon EC2 metadata service.

IT人在工廠日記 – 可惡的離職員工勒索

by Posted in Diary of IT Man(IT人在工廠日記) Leave a comment

最近,工厂有名會計主管離職,可是因為補償問題談不合,雖然他手握一些黑材料,但是公司不願意妥協於這種勒索行為,最後該名主管公開投訴本厂,引來地稅、國稅和海關立案,前來查厂,認真麻煩。現時公司要花錢疏通,比補償给該員工的錢多幾十倍呢!
對此類員工的勒索,應該要衡量利害,千萬不要意氣用事,而立刻拒絕。最重要,是自身要奉公守法,才不怕勒索。

Diary of IT Man – obtained a MCSE Windows Server – Cloud Platform and Infrastructure

by Posted in Diary of IT Man(IT人在工廠日記) Leave a comment

Cheers that I obtained a MCSE-Cloud Platform and Infrastructure certification several weeks ago. I just needed to take one Microsoft exam # 70-753 to upgrade from MCSA to MCSE. Originally, I did not plan to have MCSE because it did not find it has any benefit to my career. However, because I had a a spare Microsoft exam coupon, so, I decided to take this Azure exam. I prepared the exam for two months, mainly studied from Microsoft resource and studied braindump question from passleaders.com. Although I could only find 20% of my exam questions from braindump, I still luckily passed the exam in one-take. Next, I will prepare my pmp project exam.

Odoo 11 Overview

by Posted in 3. IT Application (應用軟件), 3.1 ERP System (資源管理) Leave a comment

Good news that I got a new version of odoo ver 11. A lot of good stuff there.

For this version, focused most of our efforts on improving the API so it will run faster and be easier for developers to work with. This isn’t to say there’s nothing for the end user, though. it made small changes to many apps to make them more intuitive and more useful. Odoo V11 introduced global keyboard shortcuts and a global search feature to make navigating Odoo quicker and easier than ever.

Odoo Community:

  • Usability
  • Speed
  • New Design (from current Odoo Enterprise)
  • Mobile

Odoo Enterprise:

  • Accounting
  • Localizations
  • Services Companies
  • Odoo Studio (make it even better)
  • Reporting & Dashboard (a more BI-like tool)

Functional Changes(features)

  • Timesheet app:
  1. New view for Timesheet recording
  2. validation policy: decide to invoice on recorded timesheets or on approved one
  3. New report has been added to analyze the differences between attendances and timesheets
  4. New timesheet flow: Create timesheet entries using the mobile app, tasks, and/or the timesheet menu. Then, a manager approves them and launches the invoicing through the approvals menu.
  • New Product Catalog app: install the Product app to access the catalog from your apps dashboard
  • Accounting app:
  1. New module to import CAMT.053 XML files to populate bank statements
  2. Analytic accounting analysis
  • Subscription app: new dashboard, cohort analysis, analysis by company and all companies

Discuss app:

  1. Counter near starred items
  2.  Users can now type some shortcuts directly in the text box. For example: /leave to leave the channel, /who to list who is in the channel and /help to see a list of commands
  • New payment acquirer: Payumoney and payment Stripe
  • Usability
  1. Odoo WMS: picking form improvements, changes in delivery slips, variants menu entry
  2.  Odoo Subscription: onboarding, adding tags on self subscriptions
  3.  Odoo Accounting: Revenue recognition usability improvements
  • New global search in the home page (start typing something to see relevant menus)
  • Keyboard shortcuts: details on the top right menu on the home page
  • New website dashboard

Purchase: manage purchase agreement, blanket.

http://technaureus.com/features-of-odoo-11/

The following is a youtube video to give you a quick overview.

Tips on using Microsoft Azure

by Posted in 4. Others Leave a comment

Tips 1. How to find password of wordpress logon

  • The default user account of wordpress in Azure is ‘user’.
  • The application password is randomly generated during the first boot. This password can be viewed as follows:

In the “Support + Troubleshooting” menu, select the “Boot diagnostics” option.Application credentials

Review the system log until you find the application password.

Application credentials

IMPORTANT: This password is only shown the first time you start the image. Please save your password in a safe place. We also recommend changing it in your application to a different value.

Tips 1. How to Setup Nested Virtualization in Azure

Deploy Azure VM

To setup Nested Virtualization inside an Azure Virtual Machine, you first need to create a new Virtual Machines using one of the new instance sizes like Ev3 or Dv3 and Windows Server 2016.I also recommend to install all the latest Windows Server patches to the system.

Optional: Optimize Azure VM Storage

This step is optional, but if you want to better performance and more storage for your Nested Virtual Machines to run on, this makes sense.

Azure VM Data Disks

In my case I attached 2 additional data disks to the Azure VM. Of course you can choose more or different sizes. Now you can see 2 new data disk inside your Azure Virtual Machine. Do not format them, because we gonna create a new storage spaces pool and a simple virtual disk, so we get the performance form both disks at the same time. In the past this was called disk striping.

Azure VM Storage Spaces

With that you can create a new Storage Spaces Storage Pool and a new Virtual Disk inside the VM using the storage layout “Simple” which basically configures it as striping.

Azure VM Storage Spaces PowerShell

I also formatted the disk and set the drive letter to V:, this will be the volume where I will place my nested virtual machines.

Install Hyper-V inside the Azure VM

Install Hyper-V on Windows Server using PowerShell

The next step would be to install the Hyper-V role in your Azure Virtual Machine. You can use PowerShell to do this since this is a regular Windows Server 2016.This command will install Hyper-V and restart the virtual machine.

Azure VM Hyper-V

After the installation you have Hyper-V installed and enabled inside your Azure Virtual Machine, now you need to configure the networking for the Hyper-V virtual machines. For this we will use NAT networking.

Configure Networking for the Nested Environment

Hyper-V NAT Network inside Azure VM

To allow the nested virtual machine to access the internet, we need to setup Hyper-V networking in the right why. For this we use the Hyper-V internal VM Switch and NAT networking. I described this here: Set up a Hyper-V Virtual Switch using a NAT Network

Create a new Hyper-V Virtual Switch

First create a internal Hyper-V VM Switch

Configure the NAT Gateway IP Address

The Internal Hyper-V VM Switch creates a virtual network adapter on the host (Azure Virtual Machine), this network adapter will be used for the NAT Gateway. Configure the NAT gateway IP Address using New-NetIPAddress cmdlet.

Configure the NAT rule

After that you have finally created your NAT network and you can now use that network to connect your virtual machines and use IP Address from 172.21.21.2-172.21.21.254.

Now you can use these IP Addresses to assign this to the nested virtual machines. You can also setup a DHCP server in one of the nested VMs to assign IP addresses automatically to new VMs.

Optional: Create NAT forwards inside Nested Virtual Machines

To forward specific ports from the Host to the guest VMs you can use the following commands.

This example creates a mapping between port 80 of the host to port 80 of a Virtual Machine with an IP address of 172.21.21.2.

This example creates a mapping between port 82 of the Virtual Machine host to port 80 of a Virtual Machine with an IP address of 172.21.21.3.

Optional: Configure default Virtual Machine path

Since I have created an extra volume for my nested virtual machines, I configure this as the default path for Virtual Machines and Virtual Hard Disks.

Create Nested Virtual Machines inside the Azure VM

Azure Nested Virtualization

Now you can basically start to create Virtual Machines inside the Azure VM. You can for example use an existing VHD/VHDX or create a new VM using an ISO file as you would do on a hardware Hyper-V host.

Some crazy stuff to do

There is a lot more you could do, not all of it makes sense for everyone, but it could help in some cases.

  • Running Azure Stack Development Kit – Yes Microsoft released the Azure Stack Development Kit, you could use a large enough Azure virtual machine and run it in there.
  • Configure Hyper-V Replica and replicate Hyper-V VMs to your Azure VM running Hyper-V.
  • Nested a Nested Virtual Machine in a Azure VM – You could enable nesting on a VM running inside the Azure VM so you could do a VM inside a VM inside a VM. Just follow my blog post to created a nested Virtual Machine: Nested Virtualization in Windows Server 2016 and Windows 10

In my opinion Nested Virtualization is mostly help full if you run Hyper-V Containers, but it also works great, if you want to run some Virtual Machines inside a Azure VM, for example to run a lab or test something.

info source: https://www.thomasmaurer.ch/2017/07/how-to-setup-nested-virtualization-in-microsoft-azure/

Build a LAMP Web Server with WordPress under Raspberry Pi

by Posted in 3. IT Application (應用軟件), 3.4 RaspberryPi(草莓電腦) Tagged 1 Comment

Information Source: https://www.raspberrypi.org/learning/lamp-web-server-with-wordpress/worksheet/

Learn to set up a LAMP (Linux, Apache, MySQL, PHP) stack on your Raspberry Pi and configure it to work as a web server. You’ll download and install WordPress and set up a basic website which you can access on any device on the same network as your Pi.

Set up Apache Web Server

Apache is a popular web server application you can install on the Raspberry Pi to allow it to serve web pages.

On its own, Apache can serve HTML files over HTTP, and with additional modules can serve dynamic web pages using scripting languages such as PHP.

Install Apache

First install the apache2 package by typing the following command into the terminal:

sudo apt-get install apache2 -y

Test the web server

By default, Apache puts a test HTML file in the web folder. This default web page is served when you browse to http://localhost/ on the Pi itself, or http://192.168.1.10 (whatever the Pi’s IP address is) from another computer on the network. To find out the Pi’s IP address, type hostname -I at the command line (or read more about finding your IP address) in our documentation.

Browse to the default web page, either on the Pi or from another computer on the network, and you should see the following:

Apache it works

This means you have Apache working!

Changing the default web page

This default web page is just a HTML file on the filesystem. It is located at /var/www/html/index.html.

Note: The directory was /var/www in Raspbian Wheezy but is now /var/www/html in Raspbian Jessie

Navigate to this directory in the Terminal and have a look at what’s inside:

cd /var/www/html
ls -al

This will show you:

total 12
drwxr-xr-x  2 root root 4096 Jan  8 01:29 .
drwxr-xr-x  3 root root 4096 Jan  8 01:28 ..
-rw-r--r--  1 root root  177 Jan  8 01:29 index.html

This shows that there is one file in /var/www/html/ called index.html. The . refers to the directory itself /var/www/html and the .. refers to the parent directory /www/.

What the columns mean

  1. The permissions of the file or directory
  2. The number of files in the directory (or 1 if it’s a file).
  3. The user which owns the file or directory
  4. The group which owns the file or directory
  5. The file size
  6. The last modification date & time

As you can see, by default the html directory and index.html file are both owned by the rootuser, so you’ll need to use sudo to edit them.

Try editing this file and refreshing the browser to see the web page change. Press Ctrl + X and hit Enter to save and exit.

Install PHP

PHP is a preprocessor; it’s code that runs when the server receives a request for a web page. It runs, works out what needs to be shown on the page, then sends that page to the browser. Unlike static HTML, PHP can show different content under different circumstances. Other languages are capable of this, but since WordPress is written in PHP, that’s what we need to use this time. PHP is a very popular language on the web; large projects like Facebook and Wikipedia are written in PHP.

Install the PHP and Apache packages with the following command:

sudo apt-get install php5 libapache2-mod-php5 -y

Test PHP

Create the file index.php:

sudo leafpad index.php

(or use nano)

Put some PHP content in it:

<?php echo "hello world"; ?>

Now save the file. Next delete index.html because it takes precendence over index.php:

sudo rm index.html

Refresh your browser. You should see “hello world”. This is not dynamic but it is still served by PHP. If you see the raw PHP above instead of “hello world”, reload and restart Apache like so:

sudo service apache2 restart

Otherwise try something dynamic, for example:

<?php echo date('Y-m-d H:i:s'); ?>

Or show your PHP info:

<?php phpinfo(); ?>

Install MySQL

MySQL (pronounced My Sequel or My S-Q-L) is a popular database engine. Like PHP, its overwhelming presence on web servers enhanced its popularity. This is why projects like WordPress use it, and why those projects are so popular.

Install the MySQL Server and PHP-MySQL packages by entering the following command into the terminal:

sudo apt-get install mysql-server php5-mysql -y

When installing MySQL you will be asked for a root password. You’ll need to remember this to allow your website to access the database.

Now restart Apache:

sudo service apache2 restart

Download WordPress

You can download WordPress from wordpress.org using the wget command. Helpfully, a copy of the latest version of WordPress is always available at wordpress.org/latest.tar.gz and wordpress.org/latest.zip, so you can grab the latest version without having to look it up on the website. At the time of writing, this is version 4.5.

Navigate to /var/www/html/, and download WordPress to this location. You’ll need to empty the folder first (be sure to check you’re not deleting files you need before running rm); change the ownership of this folder to the pi user too.

cd /var/www/html/
sudo rm *
sudo wget http://wordpress.org/latest.tar.gz

Now extract the tarball, move the contents of the folder it extracted (wordpress) to the current directory and remove the (now empty) folder and the tarball to tidy up:

sudo tar xzf latest.tar.gz
sudo mv wordpress/* .
sudo rm -rf wordpress latest.tar.gz

Running the ls or (tree -L 1) command here will show you the contents of a WordPress project:

.
├── index.php
├── license.txt
├── readme.html
├── wp-activate.php
├── wp-admin
├── wp-blog-header.php
├── wp-comments-post.php
├── wp-config-sample.php
├── wp-content
├── wp-cron.php
├── wp-includes
├── wp-links-opml.php
├── wp-load.php
├── wp-login.php
├── wp-mail.php
├── wp-settings.php
├── wp-signup.php
├── wp-trackback.php
└── xmlrpc.php

This is the source of a default WordPress installation. The files you edit to customise your installation belong in the wp-content folder.

You should now change the ownership of these files to the Apache user:

sudo chown -R www-data: .

Set up your WordPress Database

To get your WordPress site set up, you need a database. Run the mysql command in the terminal and provide your login credentials (e.g. username root, password password):

mysql -uroot -ppassword

Here I have provided my password (the word password) on the command line; there is no space between -p and your password.

Alternatively you can simply supply an empty -p flag and wait to be asked for a password:

mysql -uroot -p

Now you will be prompted to enter the root user password you created earlier.

Once you’re connected to MySQL, you can create the database your WordPress installation will use:

mysql> create database wordpress;

Note the semi-colon ending the statement. On success you should see the following message:

Query OK, 1 row affected (0.00 sec)

Exit out of the MySQL prompt with Ctrl + D.

WordPress Configuration

You need to find out your Pi’s IP address to access it in the browser, so in a terminal type the command hostname -I.

Navigate to http://YOUR-IP-ADDRESS e.g. http://192.168.1.5 in the web browser on your Pi.

You should see a WordPress weclome page.

WordPress welcome screen

Click the Let's go! button.

Now fill out the basic site information as follows:

Database Name:      wordpress
User Name:          root
Password:           <YOUR PASSWORD>
Database Host:      localhost
Table Prefix:       wp_

and click Submit to proceed.

Now hit the Run the install button.

Now you’re getting close.

WordPress Welcome screen

Fill out the information: give your site a title, create a username and password and enter your email address. Hit the Install WordPress button, then log in using the account you just created.

Now you’re logged in and have your site set up, you can see the website by visiting your IP address in the browser on the Pi or another computer on the network. To log in again (or on another computer), go to http://YOUR-IP-ADDRESS/wp-admin.

Friendly permalinks

It’s recommended that you change your permalink settings to make your URLs more friendly.

To do this, log in to WordPress and go to the dashboard.

Go to Settings then Permalinks.

Select the Post name option and click Save Changes.

You’ll need to enable Apache’s rewrite mod:

sudo a2enmod rewrite

You’ll also need to tell the virtual host serving the site to allow requests to be overwritten.

Edit the Apache configuration file for your virtual host:

sudo leafpad /etc/apache2/sites-available/000-default.conf

(or use nano)

Add the following lines after line 1:

<Directory "/var/www/html">
    AllowOverride All
</Directory>

ensuring it’s within the <VirtualHost *:80> like so:

<VirtualHost *:80>
    <Directory "/var/www/html">
        AllowOverride All
    </Directory>
    ...

And then restart Apache again:

sudo service apache2 restart

Customisation

WordPress is very customisable. By clicking your site name in the WordPress banner along the top of the page (when logged in), you’ll be taken to the Dashboard. From here you can change the theme, add pages and posts, edit the menu, add plugins and lots more. This is just a taster for getting something interesting set up on the Raspberry Pi’s web server.