We Keep Coding

Google cloud compute engine - disable automatic updates (centos)

I wonder if there is a way to disable automatic updates of our Linux machines on Google Cloud (yum update)
As far as I know during maintenance window our servers get new packages of software installed. (I checked yum.log). Since our installed software must be specific version (not latest) we don't want Google to run updates for us because it usually breaks all kind of dependencies...
I have searched on Google but didn't find any info about that.
Thanks.

The centOS 7 image used in Compute Engine includes the yum-cron installed and enabled by default. You can verify it by either using one of the following commands:
sudo yum list installed yum-cron
sudo systemctl status yum-cron.service
The yum-cron will periodically check for updates and apply them if there are updates available.
Solution
If you have yum-cron running on your instance, you can disable auto-updates by accessing the configuration file /etc/yum/yum-cron.conf. Then change the following variables to ‘no’:
update_messages = no
download_updates = no
apply_updates = no
This will prevent the system from updating automatically.
As an alternative, you can opt for uninstalling the package on your system using the following command.
sudo yum remove yum-cron
This part is missing in the official documentation so It will be added soon.

docker context create ecs myecs - requires exactly one argument

I'm trying to create a Docker context that will automatically integrate with AWS's ECS.
I'm following this tutorial
The author just does:
docker context create ecs myecs and gets a "pick an integration" prompt, whereas I get an error saying it needs exactly 1 argument.
docker context create" requires exactly 1 argument.
See 'docker context create --help'.
Usage: docker context create [OPTIONS] CONTEXT
Create a context

You need to install the Docker Compose CLI preview
The below curl is from here: Docker docs
curl -L https://raw.githubusercontent.com/docker/compose-cli/main/scripts/install/install_linux.sh | sh
sudo docker context create ecs myecs
It didn't work without sudo for me for some reason.
After the script finished I had some weird errors:
cp: cannot stat '/tmp/tmp.d4QjhW8T6k/docker-compose': No such file or directory and docker context create ecs myecs didn't work at first, but once I tried with sudo it worked fine.
EDIT: . ~/.zshrc (or just close your terminal and open a new one) made it possible for me to run docker context create ecs myecs without sudo.

Author of the blog/tutorial here. It looks like you don't have the pre-requsite installed. In the blog I call out the pre-req in pieces like this.
....In July, Docker released a beta for Docker Desktop that embedded these functionalities and, on September 15th, Docker released an updated experience in their Docker Desktop stable channel....
and then
...For now the only thing you need is Docker Desktop and an AWS account. For this test , I am using Docker Desktop (stable) version 2.5.0.1....
and finally
The core of this integration is built around a new tool dubbed Compose CLI (this is not to be confused with the original docker-compose CLI). This new CLI surfaces to the user as new functionalities in the docker command. While in Docker Desktop all this plumbing is completely hidden and available out of the box, if you are using a Linux machine you can set it up using either a script or a manual install. This new CLI is, essentially, a new version of the docker binary.
Eager to understand more how we could make it more clear / front and center that there were stuff to install and/or minimum software versions you had to use.
Thanks for trying it out!

If you're on Linux and you're running the docker context create ecs myecscontext command from the docs then try enabling experimental features in docker:
Edit /etc/docker/daemon.json
Set contents to
{
"experimental": true
}
Restart docker service sudo systemctl restart docker
Exit your terminal and open a new one so that the changes take effect.
Source1
Source2

I had same issue but after installing Docker Desktop version problem resolved.
Server side version doesn't have such kind of functionality.

Migrate from Helm to Istioctl

I'am running Istio 1.3.5 on my kubernetes cluster. I have installed it using Helm. But, this method will be deprecated in the future, so I'd like to migrate to Istioctl.
Is there a way to migrate "silently" my actual Istio deployment from helm to istioctl ?
I read something about istioctl manifest migrate but it's not very clear.
I also read that I need to upgrade to 1.4.3 before upgrading to 1.5.x. So I'd like to take this opportunity to switch to the Istioctl installation mode.
Thank you for your help.

Unfortunately there is not yet a migration path for helm to istioctl.
There is an issue on github exactly about that.
There is not yet a migration path for helm to istioctl, but it will certainly exist in 1.6,which is what this issue is tracking. You can go directly from 1.4 - 1.6 if desired once that is in place. Sorry about some of the confusion, as didn't do a great job around this
So waiting a little bit more might be the easiest solution. As with migration path will most likely offer better support and documentation.
Like You mentioned it is possible to manually migrate istio from helm to istioctl after upgrading with helm first. However this is not a simple task.
Hope it helps.

How to upgrade version of terraform in windows

How to upgrade version of terraform in windows. Now i am using 0.9 and on windows using git bash. can someone help me with the process or commands.
Note: I did some google search but no use.
Thanks

I know you specified using bash but this is the first answer that comes up in searches so this is more FYI for future travelers.
To find the location of terraform.exe in powershell:
(get-command terraform.exe).Path
I had used Chocolaty to install Terraform so to upgrade:
choco upgrade terraform

This is using Git Bash on Windows
Download the latest version and unzip it
Navigate to that folder through your bash CLI
Now type which terraform
Copy the path of the terraform
Now type
cp terraform.exe <your Terraform path>
e.g. cp terraform.exe /c/WINDOWS/System32/terraform
Now check by using
terraform --version

Firstly, I would read the upgrade guides written by Hashicorp to make upgrading versions transparent. In your case I would read both 0.10 and 0.11 as they're likely to have changes that will affect you.
Secondly, in addition to this test in isolation with later versions of Terraform, i.e. not using remote state file and in a sandbox environment.
Lastly, locate where the current Terraform binary is located, perhaps check your Environment Variables for a PATH that may lead to where the executable is, and replace that with the latest version of Terraform which you can download here.

Use
choco install terraform --version=0.12.14 --force
to install version that you like.

Docker with tcp:// and --tls in WebStorm IDE

I'd like to use the WebStorm IDE (Windows) to manage my Docker images. For the local installation it works perfectly fine, but I have problems with my secured instance.
I can connect with the following command:
docker -H tcp://<<URL>>:<<PORT>> --tls --tlskey <<path_to_key>>/key.pem --tlscert <<path_to_cert>>/cert.pem info
so I guess I just need the option to enable tls.
Does WebStorm or IntelliJ have this option?

As of 2019.1 (maybe earlier), it is possible (but appearently undocumented) to connect to a TLS-enabled docker daemon. Simply use https://<host>:2376 instead of tcp://<host>:2376 and make sure you either set the certificate directory or have your certificates in ~/docker/. The files must be named ca.pem, cert.pem and key.pem.
Update: As I also just found out, in 2019.1 remote docker interpreters only work with Dockerfiles, not with docker-compose.

There is no such option in PhpStorm 2017.3 EAP #PS-173.3415.21 (which should be pretty much the same), and also the docs for 2017.2 state, that you need to either use Unix socket or tpc without tls (https://www.jetbrains.com/help/phpstorm/docker.html#docker_settings).