Thursday, December 8, 2011

Centos create puppet rpm package



 Centos create puppet RPM package.


    I usually upgrade puppet using rpm package and always love to stay on latest stable. The EPEL repo usually does not update the repositories as I want. Recently  I wanted to update to latest stable 2.7.6


 Ensure that you have rpm-build package installed.

yum -y install rpm-build

wget http://www.puppetlabs.com/downloads/puppet/puppet-2.7.6.tar.gz

tar zxf puppet-2.7.6.tar.gz

cp puppet-2.7.6.tar.gz /usr/src/rpm/SOURCES/puppet-2.7.6.tar.gz

rpmbuild -bb puppet-2.7.6/conf/redhat/puppet.spec

  The above command should provide you the new rpms

Wrote: /usr/src/rpm/RPMS/x86_64/puppet-2.7.6-1.x86_64.rpm
Wrote: /usr/src/rpm/RPMS/x86_64/puppet-server-2.7.6-1.x86_64.rpm


 While I was installing 2.7.6 I had issues that the rpmbuild failed with the following error.
==================
sed: can't read lib/puppet/network/http_server/mongrel.rb: No such file or directory
=================


 Replacing http_server with http in line number 79 in the puppet.spec file fixed the issue.

Thursday, November 3, 2011

Puppet Dashboard On and external node using external database



 Install and configure puppet dashboard in a host other than puppet master and using an external DB server



 Installation.


package requirements:

ruby-augeas
ruby
ruby-shadow
ruby-rdoc
ruby-mysql
ruby-libs
rubygems
ruby-devel
rubygem
ruby-irb


Gem packages

gem update --system 1.3.6

gem install rack --no-ri --no-rdoc

gem install rake -v 0.9.2 --no-ri --no-rdoc




Download puppet dashboard

wget http://www.puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.2.tar.gz


tar zxf puppet-dashboard-1.2.2.tar.gz

mv puppet-dashboard puppet_dash
cd puppet_dash
cp config/database.yml.example config/database.yml
cp config/settings.yml.example config/settings.yml


edit the config/database.yml and update database settings.

Add the following entry as it will not there by default

under production settings:

production:
  database: puppetdash_prod
  username: dashboard
  password: yourpasswd
  encoding: utf8
  adapter: mysql
  host: puppethost

Update mysql privileges

create databases

rake RAILS_ENV=production db:create

create table structure

rake RAILS_ENV=production db:migrate


start the server

./script/server -e production


Enable reporting in slave and master


In each client puppet.conf add the following entry

[agent]
report = true



In the puppet master puppet.conf add the following entry


[master]
reports = http, store
reporturl = http://puppetdashboard:3000/reports/upload



Restart the puppet master and all the clients with the new configuration. Now the puppet dashboard should be populated with the new data.

Wednesday, October 26, 2011

Reliance and Huawei e173 3G datacard on Ubuntu


 Recently I migrated to Reliance 3G services. The installation disk did not come with any applet for linux systems. Hence I had a little trouble connecting it to the internet using default network manager. You can use rcomnet APN.

 I thought of getting a applet like the one they have for windows and mac. After some searching I came across a blog post which covered it.


    Download the following installation file linux.zip ( DOWNLOAD LINK )



unzip linux.zip


cd linux

chmod +x install

./install


Once it is done then it will install the drivers required for the device to be operational and also installs a applet for movistar mobile network which is widely used in europe.


 The applet will automatically pop-up when you insert the datacard. Click connect. Change the language to english from the menu and you should be able to use a english interface.


Monday, September 26, 2011

puppet (header too long (OpenSSL::X509::CRLError)




             In an automated environment where new instances are added automatically and manged by puppet it is a great problem when the puppet master has some issues. It can act as a SPOF.
                   I happened as a accidental problem that puppet master had a 100% disk usage. As a result the requests from puppet clients of new instances were failing with 503 error. On checking the puppet master I could see the following error in puppet master error log.


=============================

Exception PhusionPassenger::UnknownError in PhusionPassenger::Rack::ApplicationSpawner (header too long (OpenSSL::X509::CRLError)) (process 598, thread #): ============================= 

            We have replaced passenger instead of the built in webrick for performance. Now checking the master there were no error. Accidentally when I tried to list out the certificates that are there in the host I got the following error. 
 ============================= 
puppetca --list --all err: Could not call list: header too long ============================= 

            Searching the forums I could see that this can happen if there were 0 byte certificate requests in /var/puppet/ssl/ca/requests or ( /var/lib/puppet/ssl/ca/requests ). In our case it was the /etc/puppet/ssl/ca/ca_crl.pem which was 0 byte. Removed the file and everything was back to normal. 

           It is quite a bad day when the master of automation gets involved in some kind of trouble.

Sunday, September 11, 2011

Disable Notifications during Maintainence From Command Line.

We have lot of scripts which do automatic maintenance work during weekends. Eventhough the scripts are written to take care of errors it doesn't have a option to notify nagios that the maintenance work is taking place.

The person who is Oncall also gets frustrated seeing the alerts disturbing his weekend peace. He might even screw up the entire maintenance taking place.

Hence we needed the script to notify nagios that a maintenance is taking place and not to send out notifications.

We were using nagios3 as the monitoring service. The great command line utility curl came in handy here.

We use curl to send a POST request to the nagios admin interface emulating a user experience.


Disable notification to service.

curl -d "cmd_mod=2&cmd_typ=23&host=rayber01&service=MYSQL&btnSubmit=Commit" "https://rayber.blogspot.com/nagios/cgi-bin/cmd.cgi" --insecure -uray:testray

Host= rayber01 Hostname for which you need service notification disabled
-uray:testray = User authentication in nagios interface.




Enable Notification of service:

Once the maintenance work is complete we need to enable notification for the service.

curl -d "cmd_mod=2&cmd_typ=22&host=rayber01&service=MYSQL&btnSubmit=Commit" "https://rayber.blogspot.com/nagios/cgi-bin/cmd.cgi" --insecure -uray:testray


You can do a lot of other custom commands using curl. I use Firebug to translate the POST requests being send to the nagios admin interface.

You can completely disable notifications on a host as well..

Wednesday, August 3, 2011

Multicast Routing issues in Ganglia

Sometimes the Gmond process does not start and spews the following error.
==========================
gmond -d 10
udp_recv_channel mcast_join=10.16.101.81 mcast_if=NULL port=8664 bind=10.16.101.81
Error creating multicast server mcast_join=10.16.101.81 port=8664 mcast_if=NULL family='inet4'. Exiting.
==========================

This happens due to some multicast routing issues. I am not sure exactly what is causing this problem. The fix is to explicitly add a route.

============================

route add -host 239.2.11.71 dev eth0

=============================


Need to learn what is causing this problem though..

Thursday, July 28, 2011

Using CCRB to manage multiple environments with same code base

Usually the code should be tested in a development environment before pushing the code to production. Automating test process is an important process in deployment. CCRB is a great tool to do this.


The code base is written in such a way that it can be deployed to development or production based on environment variables passed using the capistrano deployment script.

The development deployment initiates a CCRB build and testing process in the development cruisecontrol project which has the same code base. During this process the CCRB should be capable of invoking a development environment variable.

In comman setups we have the environmental variable 'development' and 'production' to differentiate the between production and development.

We add the following entries to cruise_config.rb to pass the 'development' environmental variables to the ccrb build.
============
ENV['env'] = 'development'
============

You can create a file named build_requested in project rootdir to initiate a build process.

Tuesday, July 26, 2011

Capistrano Using User Input

Capistrano does not accept ruby methods. Suppose I need to get user input I can't use gets.strip and it would spew Method not found error.

You can use the following method to get the user input in capistrano deploy scripts.
==============
puts "This is a critical code do you want to proceed (y/n)"
value = STDIN.gets[0..0] rescue nil
exit unless value == 'y' or value == 'Y'
===============

Capistrano is full and fast automation solution. Don't include too much of user interaction in that unless necessary.

Tuesday, July 12, 2011

Bash Execute a Remote Command as Sudo

Just difficult for me to remember this thing. This is a way to execute remote command which can executed only using sudo privileges.
===============
ssh -t testuser@testserver "/usr/bin/sudo sh -c w"
===============

Thursday, July 7, 2011

Migrate Thunderbird email from Mac to Ubuntu

This is a simple step to migrate thunderbird mails from Mac OSX to Ubuntu.


Create the following directories in Ubuntu Desktop

cd /home/rayber
mkdir .thunderbird

Mount the mac HD

mount -t hfsplus /dev/sda2 /media/mac
Copy the data from mac homedir

cp -rpf /media/mac/Users/home/rayber/Library/Thunderbird/* .thunderbird/


You are now good to go. Start thunderbird and you should be able to start from the place where you stopped in Mac.

Tuesday, July 5, 2011

SSH with Empty Password and no ssh keys

This is a guide to zero security in linux. It is applicable only in places where security is not a threat and there is no threat from external networks.

The following options would allow a system running ssh to have a user with empty password so that you can use this user to login without any password or ssh keys.


I am adding a test user for this purpose.

useradd noneknowme
passwd -d noneknowme

Configure ssh server to allow empty passwords.

Edit the following line in /etc/ssh/sshd_config
================
PermitEmptyPasswords yes
================

Restart sshd using /etc/init.d/sshd restart

Now you should be able to access the host with ssh with username noneknowme without any issues.
===============
ssh -l noneknowme test
[noneknowme@test ~]$
================

Don't try this . I am using this as a reference. Thanks to linuxquestions.org

Friday, July 1, 2011

script to check swap usage by process ( approximate )

The following command returns the total swap usage.

swapon -s

The following script would obtain the total MB of swap used obtained from proc filesystem and sum it up.

for pid in `ps -ef|grep -i java| grep -v grep|awk '{print $2}'`; do echo -n "Pid: $pid "; cat /proc/$pid/smaps |grep -i swap| awk '{SUM += $2} END {print "SUM: " SUM " kB (" SUM/1024 " MB)"}'; done

Thanks to linuxquestions.org

Monday, May 30, 2011

Zero Padding in Bash

I was wondering what is the best way to do "Zero Padding" in Bash. Suppose you need to iterate through a for loop and you need 01, 02, 03 sequence instead of 1, 2,3 then that is Zero padding.

Some of the methods I could get from the internet.

1. Using printf

for ((i=2;i<16;i++)); do printf "%02d" $i; done

2. Using seq

There were couple of solutions when you use seq

* seq -f '%02g' 1 15

* seq -w 1 15


Enjoy being fast using bash..