SonarQube installation on CentOS

Pre-Requirement: 

Add port forwarding rule to Vagrantfile
config.vm.network "forwarded_port", guest: 9000, host: 9000

Then reload VM with below command

vagrant reload

Follow below instructions to install and configure SonarQube

1) Download the SonarQube software.
cd /opt
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.6.zip

2) Extract sonarqube software
sudo unzip sonarqube-7.6.zip
sudo mv sonarqube-7.6 sonarqube

4) Please change permissions 

cd /opt/

sudo chown -R vagrant:vagrant sonarqube

5) Start Sonar
cd /opt/sonarqube/bin/linux-x86-64
./sonar.sh start

You should able to access SonarQube over 9000 port now. By default admin/admin will be credentials for SonarQube.

If you are using VM or Vagrant please enable port forwarding.

6) Enable Sonar as service on centos 7
Create sonar service file
sudo vi /etc/systemd/system/sonarqube.service

7) Cope below content to above file. If you want to change user to run sonarqube process please update User and Group.

[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=simple
User=vagrant
Group=vagrant
PermissionsStartOnly=true
ExecStart=/bin/nohup java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-7.6.jar
StandardOutput=syslog
LimitNOFILE=65536
LimitNPROC=8192
TimeoutStartSec=5
Restart=always

[Install]
WantedBy=multi-user.target


8) Start and Enable Sonar Service
sudo systemctl start sonarqube
sudo systemctl enable sonarqube

9) Check SonarQube status to ensure it is working as expected.
sudo systemctl status  sonarqube

BEEF Installation on Kali Linux

The following installation instructions are suitable for Linux based operating systems.

In theory, BeEF should work on any operating system which can run Ruby 2.5+ and NodeJS. However, only MacOS and Linux are officially supported.

You will not find MacOS installation instructions in this guide. They are currently high on the list of wiki tasks to be completed.

It's highly recommended that you use a Ruby Environment Manager when installing BeEF on Ubuntu, due to restricted permissions. Please note that you do not need to install Ruby as per the above instructions, if using Ruby Environment Manager.

In order to install BeEF and RVM you will need to install Git and Curl first, as they do not come out of the box with Ubuntu.

$ sudo apt-get install git
$ sudo apt-get install curl

To install RVM, firstly go to https://rvm.io/rvm/install and install the GPG keys. Then install RVM, without dependencies:

$ \curl -sSL https://get.rvm.io | bash -s -- --autolibs=install-packages 


Now install those dependencies as root while in the applications users $HOME directory:

$ sudo .rvm/bin/rvm requirements 


Now that the dependencies are installed we need to install the stable releases of both RVM and Ruby. As the application user enter:

$ \curl -sSL https://get.rvm.io | bash -s stable --ruby


BeEF requires Ruby 2.5.x. Before navigating to the beef directory run:

$ rvm install "ruby-2.5.3"


Then simply reload your shell!

You can verify your installation of RVM and Ruby by running:

$ rvm -v
$ ruby -v


After following the above steps, simply clone the repository and install BeEF as per below.

Source

Obtain application source code either by downloading the latest archive:
$ wget https://github.com/beefproject/beef/archive/master.zip


Or cloning the Git repository from Github:
$ git clone https://github.com/beefproject/beef


Installation

Once a suitable version of Ruby is installed, run the install script in the BeEF directory:
$ ./install


This script installs the required operating system packages and all the prerequisite Ruby gems.

If installation failed with rake not found error. Run below command.

gem install rake -v '13.0.1'

Upon successful installation, be sure to read the Configuration page on the wiki for important details on configuring and securing BeEF.

Start BeEF

To start BeEF, first change the username and password config.yaml and then simply run:
  $ ./beef

Jenkins Interview Questions | Part 1

Q1.  What is Jenkins ?

Ans. It is a continuous integration tool from which we can build, test, deploy application continuously and report status to project team.

Q2. What is Continuous Integration ?

Ans. Continuous Integration is a process where isolated changes are tested frequently and reported at same time. This help us to get quick feedback to Project Team to improve efficiency. 

Q3.  What is the difference between Maven and Jenkins ?

Ans. Maven is Build Automation Technology whereas Jenkins is a continuous integration tool.

Q4.  Which SCM tools Jenkins supports ?

Ans.  Jenkins can support Subversion, Git, Mercurial, Perforce, Clearcase, CVS and RTC

We need to install plugins based on our peoject requirements. In our project we are using git as    SCM tool so we are using git scm plugin in our jenkins.

Q5.  What are the various ways in which build can be scheduled in Jenkins ?

Ans. Builds can be triggered by source code management  commits. ( Poll SCM or Commit Hooks )

        Can be triggered after completion of other builds. (build other projects in post build actions)

        Can be scheduled to run at specified time ( crons )

        Manual Build Requests

Q6.  What is the relation between hudson and Jenkins ?

Ans. Hudson was the earlier name and version of current Jenkins. After some dispute with Oracle , the project name was changed from Hudson to Jenkins.

Q7.  What you do to make sure that your project build doesn't break in Jenkins ?

Ans. I make sure that I perform successful clean install on my local machine with all unit tests.

Then I make sure that I check in all code changes.

Then I do a Synchronize with repository to make sure that all required config and POM changes and any difference is checked into the repository. 

Q7.  What you do when you see a broken build for your project in Jenkins ?

Ans. I will open the console output for the build and will try to see if any file changes were missed.

If not able to find the issue that way, Will clean and update my local workspace to replicate the problem on my local and will try to solve it.

Q8. can you list out some plugins for Jenkins which are used by in your project ?

Ans. GreenBalls, Parameterise build plugin, SMTP, Maven Integrator plugin, Build Pipeline plugins, workspace clean plugin, conditional plugin, build pipeline plugin, HTML publisher plugin, dashboard view plugin

Q9. What is Poll SCM in Jenkins ?

Ans. Poll SCM is used to help us in scheduling job when ever there is new commit happened on SCM.

We can configure this setting based on our requirement. In our project we configured for 5 mins.

H/5 * * * *

Q10. How you can notify your project about build status ?

Ans. Jenkins will support multiple types of Notification channel types like Email, Slack and Microsoft team. In our project we are using SMTP plugin to send email about status of jenkins job to our peoject team.

Q11. How do you install Jenkins plugin ?

Ans: There are multiple ways to install jenkins plugin on Jenkins server.

       a)  Go to Manage Jenkins, click on Plugin management option. Under Available tab we can select the plugin which we want to use and click on install.

       b) We can copy jenkins plugin to plugins folder in Jenkins server and restart Jenkins.

       c) Go to Manage Jenkins, click on Plugin management option. Under Advaned tab we can upload plugin directly.

Q12.  How do you conigure proxy settings in Jenkins if Network is proxied in your project ?

Ans.  In our project we don’t have any proxy server configured. Incase if we want to configure, Go to Manage Jenkins, click on Plugin management option. Under Advaned tab we can configurr proxy server

Q13. How do you pass parameters from one job to another job ?

Ans. This can be done from Post build actions. We can choose Trigger Parameterized builds on other project to pass parameters to downstream job.

Install Jenkins on CentOS 8

Pre-Requirement:

Update repo details

sudo sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*

sudo sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*

Please Follow below instructions to install and configure CentOS 8:

1)  Install epel-release.
sudo yum install epel-release -y

2) Install open-jdk
sudo yum install java-11-openjdk -y

3) Configure Jenkins repo.
curl --silent --location http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo | sudo tee /etc/yum.repos.d/jenkins.repo

4) Add Jenkins key.

sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key

5) Install Jenkins.

sudo yum install jenkins -y

6) Once Installation of Jenkins installation is completed start jenkins service.
sudo systemctl start jenkins

7) Enable Jenkins service to be restart on system reboot
sudo systemctl enable jenkins

8) By Default Jenkins will run and accessible over 8080 port. We need to open port to access in our browser if we are using Jenkins on Virtual Environment.

i) If you are using Vagrant please add below line to Vagrantfile and restart vm.
config.vm.network "forwarded_port", guest: 8080, host: 8080

ii)  If you are using Oracle VirtualBox please follow below steps to open 8080 port

Right Click on VM and go to settings.

Click On Network and expand advanced button.

Click on Port Forwarding button and add a new port mapping as mentioned in below screen.

9) Once you finished above step you should able to access Jenkins on your favorite browser.

10) You need to copy the password from  /var/lib/jenkins/secrets/initialAdminPassword to text box and click on continue.



11) Click on Suggested Plugin Installation. This will install all required plugins to start with CI & CD pipeline.

Kubernetes probes for PostgreSQL pods

It is a good practice to always define liveness and readiness probes on all you Kubernetes deployments. A simple “SELECT 1;” is good enough to establish that DB pod is ready to accept connections. The probes for that may look like this:

readinessProbe:
  exec:
    command: ["psql", "-w", "-U", "abcd", "-d", "my-db", "-c", "SELECT 1"]
  initialDelaySeconds: 15
  timeoutSeconds: 2
livenessProbe:
  exec:
    command: ["psql", "-w", "-U", "abcd", "-d", "my-db", "-c", "SELECT 1"]
  initialDelaySeconds: 45
  timeoutSeconds: 2

In the above example a user “abcd” connects to a database called “my-db”, without a password. The “-w” flag means “never ask for a password”.

If your user does have a password, you can supply it via the PGPASSWORD environment variable. Remember to omit the “-w” flag.

PostgreSQL Queries for Admins

-- show running queries (pre 9.2)
SELECT procpid, age(clock_timestamp(), query_start), usename, current_query 
FROM pg_stat_activity 
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%' 
ORDER BY query_start desc;

-- show running queries (9.2)
SELECT pid, age(clock_timestamp(), query_start), usename, query 
FROM pg_stat_activity 
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%' 
ORDER BY query_start desc;

-- kill running query
SELECT pg_cancel_backend(procpid);

-- kill idle query
SELECT pg_terminate_backend(procpid);

-- vacuum command
VACUUM (VERBOSE, ANALYZE);

-- all database users
select * from pg_stat_activity where current_query not like '<%';

-- all databases and their sizes
select * from pg_user;

-- all tables and their size, with/without indexes
select datname, pg_size_pretty(pg_database_size(datname))
from pg_database
order by pg_database_size(datname) desc;

-- cache hit rates (should not be less than 0.99)
SELECT sum(heap_blks_read) as heap_read, sum(heap_blks_hit)  as heap_hit, (sum(heap_blks_hit) - sum(heap_blks_read)) / sum(heap_blks_hit) as ratio
FROM pg_statio_user_tables;

-- table index usage rates (should not be less than 0.99)
SELECT relname, 100 * idx_scan / (seq_scan + idx_scan) percent_of_times_index_used, n_live_tup rows_in_table
FROM pg_stat_user_tables 
ORDER BY n_live_tup DESC;

-- how many indexes are in cache
SELECT sum(idx_blks_read) as idx_read, sum(idx_blks_hit)  as idx_hit, (sum(idx_blks_hit) - sum(idx_blks_read)) / sum(idx_blks_hit) as ratio
FROM pg_statio_user_indexes;

-- Dump database on remote host to file
$ pg_dump -U username -h hostname databasename > dump.sql

-- Import dump into existing database
$ psql -d newdb -f dump.sql