Bash script to check when an azure’s service principal/application password or certificate expires

Sometimes you are gonna create a service principal on Azure Cloud that will manage some applications or automate some tasks. For example you might use a service principal to upload backups on Azure Storage. A service principal can be created with either password or a certificate but it has an expiration date by default. This means that in order to ensure that you can use your service principal and perform tasks you have assigned to it you have to change the password of certificate from time to time. I have created a simple script that uses azure-cli to check when the password or certificate expires. It can be executed via cron or a monit check and notify you.

Continue reading

Advertisements

Expanding an unmanaged disk on Azure linux VM

I have been working on a new project where our VMs are hosted on Microsoft Azure cloud. The default OS disk size for most Linux distros in Azure is 30GB. We needed more space so instead of adding a new virtual disk I ‘ve found out that it is possible to expand the OS disk. When the VMs were initially launched they were launched with unmanaged disks.

You should have in mind that if you need to resize the OS disk that:

  • You will need to stop the VM in order to resize the disk
  • You can not shrink the disk once you had it expand. Disk size reduction is not supported

In the following example the disk of VM will be resized from 30GB to 300GB.

Continue reading

KVM guests and synhronizing clock

I was launching a couple of Ubuntu 14.04 KVM guests and I ve noticed that time was wrong. OK I thought, a simple ntpdate command and ntp service enabled will fix the issue. Made a reboot of the guest host and show that the time was ok. Then I destroyed the guest and when I checked the time it was wrong. This can’t be right, I thought, and started researching what might be the issue. What I found is that KVM guests should always consider their hardware clock in UTC time while my guests configuration was in local time.

Continue reading

Unset/Remove apache’s X-Powered-By header in ubuntu

When a browser send a request to an apache web server, apache will send back the response data as well as response headers. You can check what kind of headers are send back with curl command.

$ curl -I http://mysite/

or if the site is on https

$ curl -Ik https://mysite/
Date: Mon, 07 Dec 2015 10:12:52 GMT
Server: Apache
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) X.X.XX
Cache-Control: no-cache

Continue reading