We Keep Coding

Setup VNC for ssm-user on EC2 using user data script

I've attempted to setup an EC2 to access the MATE desktop using port forwarding using SSM agent. I've followed instructions here. I want to use the user data script to set this up, but I can't get the ssm-user to start the vncserver.
I think the ssm-user is created when I log in, not when the script runs. In any case if I do log in when the user data script is running, the config files for the vncserver appears to be setup with root access only.
Here is my user data script so far based on other so answers:
#!/bin/bash
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
echo '## install mate'
amazon-linux-extras install mate-desktop1.x -y
bash -c 'echo PREFERRED=/usr/bin/mate-session > /etc/sysconfig/desktop'
echo '## install tiger vnc'
yum install tigervnc-server -y
echo '## install chromium'
amazon-linux-extras install epel -y
yum install chromium -y
echo '## setup user'
su ssm-user
export HOME=/home/ssm-user
echo '## config vnc password'
umask 0077
mkdir -p "$HOME/.vnc"
chmod go-rwx "$HOME/.vnc"
vncpasswd -f <<<"some_password" >"$HOME/.vnc/passwd"
echo '## start vncserver'
vncserver :1
When I run this, the log shows:
su: user ssm-user does not exist
If I instead let the root user start the vncserver (removing the su ssm-user line) I'm able to connect using the SSM port forward session and VNC, but the desktop is blank. Guess this is as I'm logged in an ssm-user? Is there a way to setup the vncserver for the ssm-user via user data script?

Can minio be run as nonroot user in a docker container?

Can someone let me know if we can run MINIO as non root user?
Found some articles where it can run only as root and not as non root.
Please guide if someone has any idea on how it can achieved if possible.

From Minio docs (Run MinIO Docker as a regular user), you can provide the --user argument to the docker run command.
An example for Linux/macOS, from the doc:
mkdir -p ${HOME}/data
docker run -p 9000:9000 \
--user $(id -u):$(id -g) \
--name minio1 \
-e "MINIO_ROOT_USER=AKIAIOSFODNN7EXAMPLE" \
-e "MINIO_ROOT_PASSWORD=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY" \
-v ${HOME}/data:/data \
minio/minio server /data

How do you increase the amount of inotify watchers in Google Cloud Build?

RUN cat /proc/sys/fs/inotify/max_user_watches is 524288 on Docker for Mac
RUN cat /proc/sys/fs/inotify/max_user_watches is 8192 on Google Cloud Build's Docker
See https://github.com/guard/listen/wiki/Increasing-the-amount-of-inotify-watchers#the-technical-details for reference.

Google Cloud Build runs docker containers in privileged mode so you can simply add this step to your cloudbuild.yaml.
- name: 'ubuntu'
args: ['sh', '-c', 'sysctl fs.inotify.max_user_watches=524288']

You can get your current inotify file watch limit by executing:
$ cat /proc/sys/fs/inotify/max_user_watches
Ubuntu Lucid's (64bit) inotify limit is set to 8192.
so,you can make your limit permanent by,
$ echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf
$ sudo sysctl -p

Virtualbox VDE Network

i am programming a GUI-Tool to test some Meshnetworkingthings.
To do so i use Virtualbox, VDE2 and Wirefilter. My attempt is to generate n openwrt instances with Virtualbox, connect them with vde_switch in tap mode and simulate pocketloss etc. with wirefilter.
Here's what im trying to this point:
sudo ip tuntap add tap<i> mode tap
sudo ifconfig tap<i> <some ip> up
vde_switch -d -x -s /tmp/tap<i>/ -m 666
VBoxManage clonevm openwrt --name tap<i> --register
VBoxManage modifyvm tap<i> --nic1 generic --nicgenericdrv1 VDE --nicproperty1 network=/tmp/tap<i>/ --macaddress1 <mac>
VBoxManage startvm tap<i>
But i get the following error when i try to run a openwork instance:
Failed to open a session for the virtual machine tap.
VDEplug library: not found (VERR_PDM_HIF_OPEN_FAILED).
Failed to attach the network LUN (VERR_PDM_HIF_OPEN_FAILED).
Result Code: NS_ERROR_FAILURE (0x80004005)
Component: Console
Interface: IConsole {8ab7c520-2442-4b66-8d74-4ff1e195d2b6}
Development Environment:
I am using a MacBook Pro, where Ubuntu 14.04 runs in Virtualbox. In this Ubuntu i am developing my tool. That means i am running Virtualbox in Virtualbox.

I Solved it. First what to do:
copy libvdeplug.so.2 to libvdeplug.so
cp /usr/lib/libvdeplug.so.2 /usr/lib/libvdeplug.so
Then i forgot something in the vde_switch call:
vde_switch -d -x -s /tmp/tap<i>/ -m 666
has to be
vde_switch -d -x -s /tmp/tap<i>/ -m 666 --tap tap<i>

Trivia: What is this symbol that AWS EC2 displays once you SSH into the machine?

Just really interested about this one, what the blazes is this ASCII art here?
$ ssh foo#$AWS_IP
Last login: Sat Mar 21 08:39:27 2015 from xx.xx.xx.xx
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
I need it for my sanity.

It's ASCII art that says EC2. That stands for Elastic Compute Cloud

You can make your custom ones using utility figlet.
'showfigfonts' will show you what fonts are available, the one aws uses is named "standard"
We make custom banners like aws by ebextensions. ie create file .ebextension/000update-motd.config
commands:
setup_banner:
command: |
yum erase -y update-motd
unlink /etc/motd
amazon-linux-extras install epel -y
yum-config-manager --enable epel
yum install -y figlet
# Add Motd as Beanstalk Environment Name
echo `{"Ref": "AWSEBEnvironmentName" }` | figlet -f standard > /etc/motd
# Add warning disclaimer from your code ( optional )
# cat /var/app/current/.platform/banner >> /etc/motd
test: rpm --quiet -q update-motd || [[ ! -f /etc/motd ]]
ignoreErrors: true