htop command not found centos 7

In a freshly installed CentOS or RHEL servers, we may get the following error while trying to use htop. For installing htop, we need epel repository. Following the below steps to install htop.

yum clean all

yum install epel-release

yum install htop

How to set Kafka Heap Size?

Setting Kafka Heap size is simple, by default Kafka runs with 512MB as the heap size. For increasing the heap size, set the following environment variable and restart Kafka.

export KAFKA_HEAP_OPTS="-Xmx2G -Xms2G"

Kafka will check for KAFKA_HEAP_OPTS before it starts and if there is no value set for this variable, it assigns 512MB as the value, else it will pick up the configured value.

Gunicorn Connection in Use: (‘0.0.0.0’, 8000)

I develop web services using python flask. One of the common error that I see while deploying the application is “Gunicorn Connection in Use: (‘0.0.0.0’, 8000)”.

This means that the port 8000 is busy with some other running process. But when I check the status of the port with the following command, I get empty response. That means there are no active application using the port. Some stale process is making the port busy.

netstat -tulpn | grep 8000

I even tried with the ps command to see any active process, but that also did not help.

ps -aux

If the ps command list the process, we can kill the process directly using the kill command

kill -9 {PID}

In my case I do not have the PID. So the only option to kill these kind of zombie application by using the below command.

sudo fuser -k {PORT}/tcp

In my case, the port number is 8000, so the command will be.

sudo fuser -k 8000/tcp

This trick helped me several times, hope this helps someone else also.

 

SELinux modes – Simple explanation

Everyone who uses linux might be familiar with SELinux. The full form of SELinux is Security-Enhanced Linux. It is a kernel level security module that enhances the access level security policies.

In this post I will be quickly explaining about the various modes in SELinux.

There are three modes in SELinux

  • Enforcing
  • Permissive
  • Disabled

In CentOS and RHEL systems , the SELinux configurations are controlled using the configuration file /etc/sysconfig/selinux.

The changes made to this file needs a system reboot. We can disable the SELinux permanently only with a system reboot. But we can set the SELinux into permissive mode without reboot. This can be easily performed by issuing a setenforce command. The details are explained in my another blog post.

Here we can set SELinux to any of the modes mentioned above.

In the Enforcing mode, SELinux is completely active and it will allow access only using the SELinux policies. User can configure the policies to enable access to their application.

In the Permissive mode, the SELinux will be monitoring and logging all the activities that would have been denied if it is in the enforcing state. The SELinux will not block any activities in this state.

In the Disabled mode, SELinux will be completely disabled.

VPN installation in Raspberry Pi

What is a VPN ?

VPN stands for Virtual Private Network. VPN extends the private network to external networks so that the users can securely interact with the systems within the private network. I will write another post with the complete details of VPN. We will be concentrating on the installation of VPN in raspberry pi in this post.

VPN is a very important requirement for every enterprises. Now a days even individual started using VPN. It is very easy to configure a VPN. Most of the large enterprises use paid VPN services. There are so many VPN service providers available in the market.

This post is about setting up a free VPN service. This can be used in small or medium scale businesses or for your personal purpose as well. I am using this VPN service from the past several years and it worked very well without any issues.

Installation of VPN in raspberry Pi

raspberrypi

I have used raspberry Pi for the installation of OpenVpn. The simplest way to install and configure VPN is raspberry Pi is using Pi-VPN. PiVPN supports two VPN backends

  • OpenVPN
  • WireGuard

While doing the installation, it asks for the user to select the preference and it installs accordingly. OpenVPN can be operated in TCP and UDP. I have used both of these protocols. From my personal experience, the best performing and stable one is UDP.

The only advantage with TCP is that we can run Open VPN in TCP port 443 and it bypasses almost all firewalls in external network. The TCP port 443 is globally open for HTTPS. So we can easily access the VPN using the same port. In this way we will not have to request for additional exceptions in the firewall to enable the VPN access.

WireGuard is a new VPN protocol. It uses a completely new protocol as compared to Open VPN. It is fast and secure. This is under development. Currently if you look at the installations, the majority share goes to Open VPN. This is mainly because it was there in the industry from several years and it already proved its capability. WireGuard will be up in the market soon.

More details about the configuration of PiVPN is described in the following URLs.

  1. PiVPN installation
  2. Additional Reference

Integration with Network

The integration is very easy. In two steps we can integrate the VPN.

  • Connect the raspberry Pi to your network using an ethernet cable
  • Create a rule in your firewall or router to allow the traffic from outside to the raspberry Pi through a NAT rule. (Create a port forwarding rule to route the requests from outside to the raspberry Pi connected to the internal network.)

dependency xml is not available

The error “dependency xml is not available” can be resolved by installing the following packages.

For CentOS/RHEL

yum install libxml2 libxml2-devel

For Ubuntu

apt-get install libxml2-dev