Anno nuovo, configuration management nuovo…

Buon anno a tutti i lettori di devopsrecipes.info ūüôā

Qualche giorno fa, approfittando dell’apparente calma lavorativa tipica delle feste natalizie, ho deciso di studiare GO (https://golang.org/).

Molto figo, ma soprattutto, usare i puntatori mi ha fatto tornare indietro nel tempo quando “smanettavo” pesantemente¬†in C.

Quel che √® uscito fuori, tra un p√≤ i programmi pieni di “foo” e “foobar” senza senso, √® stato Congruit. Un nuovo configuration management tool scritto in GO ma che opera prettamente in Bash…

Link al repo Github

logomakr_9879lg

Naturalmente √® molto minimale ma ha un non so che di “Bash” che lo colora molto di Sys-admin.

Diciamo che nell’ottica Devops √® un p√≤ pi√Ļ Ops. Pull request al repo sono benvenute ūüėČ

Saluti

Advertisements

Install Chef Server on Suse Linux Enterprise 11

Hi Folks!

Today I dealt with a problem… and I found a solution because Chef is a great tool!

At moment there is not an RPM for Suse Linux available from the official website, but this does not matter ūüôā

Problem: Install Chef Server, Chefdk, Chef-manage into a Suse Linux Enterprise 11 virtual machine without installing the rpm packages of RHEL systems.

Screen Shot 2016-08-02 at 19.02.17.png

This is what you can do:

  1. Dowload the following packages:
    • chef-server-core-12.8.0-1.el6.x86_64.rpm,
    • chefdk-0.16.28-1.el6.x86_64.rpm,
    • chef-manage-2.4.1-1.el6.x86_64.rpm
  2. Extract all stuff from RPM with:
    • rpm2cpio ¬†chef-manage-2.4.1-1.el6.x86_64.rpm ¬† | cpio -idmv

  3. Move content of the extraction to the correct folders: /opt/{chef,chef-manage,opscoode}
  4. Set PATH=”/opt/opscode/bin:/opt/chefdk/bin/:/data/opt/chef-manage/bin:$PATH” in your profile login script
  5. chef-server-ctl reconfigure
  6. chef-manage-ctl reconfigure
  7. again chef-server-ctl reconfigure

At the end all services are up and running

Screen Shot 2016-08-02 at 19.12.35.png

and my workstation too ūüôā

Chef Automate – Installation guide

Hi guys!

let’s take a look of Chef Automate.. In this post we will se how to install it quickly.

Screen Shot 2016-07-28 at 12.38.39

I will install it through Vagrant but you can use my cookbook into a Chef Server.


Requirements:

  1. a Chef Server. Change¬†default[‘chef_automate’][‘chef_server’][‘url’] with the correct IP
  2. an user’s key (client.pem) of a member of your¬†Chef Server Organization. Change¬†default[‘chef_automate’][‘key’][‘base’] and¬†default[‘chef_automate’][‘key’][‘name’] with your values
  3. a Virtualbox private network 192.168.56.0 (or you can set a port forwarding into the Vagrantfile in order access to the webserver through  http://127.0.0.1)
  4. a delivery.license file. Put it into the cookbook directory. You can see it on /vagrant into the guest vm.

Start the provision..

  1. git clone https://github.com/lucky-sideburn/chef_automate.git
  2. vagrant up
  3. https://automate-box01/e/umbrella_corporation/ or use your preferred internal IP or use port forwarding to 127.0.0.1
  4. Select your enterprise

Screen Shot 2016-07-28 at 19.47.56

5. Enjoy!

Screen Shot 2016-07-28 at 20.21.16


 

Thanks!

Eugenio Marzo – Devops Engineer @Sourcesense


sourcesenseLogo266

Autoscaling with EC2 and Chef

Dear all,

It has been a long time since my last post and here I am with a new one, just to keep track of my current¬†study case…

I would like to put in place an auto-scaling mechanism for my lab platform.

Currently I have one Ha-Proxy load balancer with 2 backends. I will perform stress test on my front-end  with Jmeter and create automatically a virtual machine joined to my Chef infrastructure in order to increase resources.

In this post I will describe just how to set ¬†up¬†an initial configuration of autoscaling-group + Chef ( today it is¬†Friday… on Monday I will do the rest ūüėČ

Let’s start ¬†with the needed components:

  1. a Chef server
  2. one HaProxy load balancer
  3. two tomcat backend

Now I try the script for the unattended bootstrap. This script adds a new node under the Chef Server. I tried it on a simple virtual machine locally, using a Centos 7 running in Virtualbox.

[ ! -e /etc/chef ] && mkdir /etc/chef

cat <<EOF > /etc/chef/validation.pem
-----BEGIN RSA PRIVATE KEY-----
your super secret private key :)
-----END RSA PRIVATE KEY-----
EOF

cat <<EOF > /etc/chef/client.rb
log_location STDOUT
chef_server_url "https://mychefserver.goofy.goober/organizations/myorg"
ssl_verify_mode :verify_none
validation_client_name "myorg-validator"
EOF

cat <<EOF > /etc/chef/first-boot.json


{
 "run_list": ["role[tomcat_backend]"]
}


EOF

curl -L https://www.opscode.com/chef/install.sh | \
bash -s -- -v 12.9.41 &> /tmp/get_chef.log
chef-client -E amazon_demo -j /etc/chef/first-boot.json  \
&> /tmp/chef.log 


If things have done correctly you will see the new node into your Chef server dashboard..Check the logs on the new node in case of problems..

/tmp/chef.log
/tmp/get_chef.log

Now let’s create the autoscaling-group in Amazon¬†EC2

Screen Shot 2016-05-06 at 13.43.35.png

Then select your preferred instance… I am using RHEL 7.2

Screen Shot 2016-05-06 at 13.44.48.png

Insert the bootstrap script “User data file” (the one we just created)

Screen Shot 2016-05-06 at 13.49.17.png

I have no instances running on my cloud, so the following configuration will generate a virtual machine due to the min required is 1.

Screen Shot 2016-05-06 at 17.42.56.png

After a minute I got an email saying:

Description: Launching a new EC2 instance: $my_id_istance
Cause: At 2016-05-06T15:10:17Z an instance was started in response to a 
difference between desired and actual

Finally I have a new configured node in my Chef server.. . which is the autoscaling_node01.

Screen Shot 2016-05-06 at 16.00.44.png

That’s all folks!

Bye for now…

Eugenio Marzo
DevOps Engineer at SourceSense

 

Install Linux Centos 7 with kickstart on Virtualbox

Hi guys,

let’s see how to install the new version of Centos using a kickstart file.

  1. Preparing a web-server for publish a simple kickstart file (nodeA). We will use Virtuabox with an internal network 192.168.56.0 and install the OS on nodeB
  2. After the installation on nodeA will be generated a kickstart /root/anaconda-fs.cfg
  3. Assign the IP address 192.168.56.2  on NODE A  ( `yum install net-tools` for install ifconfig). Please remember to use a virtual network interface bound to the internal network 192.168.56.0  

ip_main_server

3. Stop the firewall on NODE A  and install Apache with `yum install httpd`stop_firewall

4. Check if the web server is running with `systemctl status httpd.service`

5. Copy anaconda-ks.cfg (the kickstart generated during the installation of nodeA) and copy it on the document root directory of Apache.

anaconda_copy

6. Try to dowload the kickstart file using  `wget http://192.168.56.2/ks.cfg`

7. Create a second node on Virtualbox and add a network interface (type Host-Only Adapter for contact 192.168.56.2).   In this case the virtual network card will be named enp0s9interfacenodeb

 

8. start and boot from Centos 7 installation CD-ROM, once appear the menu press TAB and configure your network options and kickstart location

kickstart

9. press enter..  youR virtual machine will be installed in few minutes, the root password will be foobar.123

In the next post we will see more details about kickstart syntax and options.

 

 

 

Removing a Disk from a Logical Volume

Hi, let’s see how to remove a disk from a logical volume without losing data.

This is the initial schema:

Server:
CentosLab01 (Centos 6.5)

Disk to use:
Disk /dev/sdb: 1073 MB, 1073741824 bytes (DISK A)
Disk /dev/sdc: 1073 MB, 1073741824 bytes (DISK B)
Disk /dev/sdd: 1073 MB, 1073741824 bytes (DISK C)

Creating lv_test logical volume composed by A and B disk (sdb and sdc)

1. Phycal volumes
[root@CentosLab01 ~]# pvcreate /dev/sdb Physical volume "/dev/sdb" successfully created
[root@CentosLab01 ~]# pvcreate /dev/sdc Physical volume "/dev/sdc" successfully created

2. Volume Group
[root@CentosLab01 ~]# vgcreate vg01
/dev/sdb /dev/sdc Volume group "vg01" successfully created

3. Logical Volume
[root@CentosLab01 ~]# lvcreate --extents 100%FREE --name lv_test vg01

Logical volume “lv_test” created

4. Formatting lv_test
[root@CentosLab01 ~]# mkfs.ext4 /dev/mapper/vg01-lv_test

5. Mounting disk in /media/test_disk
[root@CentosLab01 ~]# mkdir /media/my_disk

[root@CentosLab01 ~]# mount /dev/mapper/vg01-lv_test /media/my_disk/

[root@CentosLab01 ~]# df -h | grep my_disk

\/dev/mapper/vg01-lv_test 2.0G 35M 1.9G 2% /media/my_disk

Once we created LVM of 2gb let’s write data of 1,5 GB. We will use dd

1. Convert 1.5 GB to Bytes ( 1572864000 byte )

2. Creating files..

[root@CentosLab01 ~]# dd if=/dev/zero of=/media/my_disk/noodles.log bs=1572864000 count=1

1+0 records in 1+0 records out 1572864000 bytes (1.6 GB) copied, 8.09875 s, 194 MB/s

Now our LVM has 81% of used space

[root@CentosLab01 ~]# df -h | grep my_disk /dev/mapper/vg01-lv_test

2.0G 1.5G 371M 81% /media/my_disk

 

Keep MD5sum of noodles.log that we will compare after the disk replacing.

[root@CentosLab01 my_disk]# md5sum noodles.log

eeba7b4eee6de684b86e346a3c11d4d5  /media/my_disk/noodles.log

Create also an additional file just to be sure..

[root@CentosLab01 ~]# echo "my file " >> /media/my_disk/myfile.txt
[root@CentosLab01 ~]# cat /media/my_disk/myfile.txt
my file

Now let’s assume that DISK B (/dev/sdc) is a slow disk, instead DISK A and DISK B are fast and we have a not homogeneus situation and we want replace DISK B with DISK C (/dev/sdd).

 

Below the required steps:

1. make physical volume of /dev/sdd

[root@CentosLab01 ~]# pvcreate /dev/sdd
Physical volume "/dev/sdd" successfully created

2. Add sdd to the volume group VG01

[root@CentosLab01 ~]# vgextend vg01 /dev/sdd
Volume group "vg01" successfully extended
Now VG01 contains 3 disks
[root@CentosLab01 ~]# vgdisplay  -v vg01
Using volume group(s) on command line
Finding volume group "vg01"
--- Volume group ---
VG Name               vg01

--- Physical volumes ---
PV Name               /dev/sdb
PV UUID               uvRKib-g4Ki-iKeD-bR1C-zOWI-OD9j-CFHpAY
PV Status             allocatable
Total PE / Free PE    255 / 0

PV Name               /dev/sdc
PV UUID               IlrLvj-VqeH-Nvmt-S6ut-je0V-1oue-jG567x
PV Status             allocatable
Total PE / Free PE    255 / 0

PV Name               /dev/sdd
PV UUID               feeRxG-BmRR-VRcp-sAao-xTQR-blXv-bSO1qu
PV Status             allocatable

 

Now the volume group has 3 disks, the LVM has been not extended and neither the filesystems, then  we still have a /media/my_disk of 2.0 GB

 

3. Let’s see the real usage of disks

[root@CentosLab01 ~]# pvs -o+pv_used
PV         VG             Fmt  Attr PSize    PFree    Used
/dev/sda2  vg_centoslab01 lvm2 a--     7.51g       0     7.51g
/dev/sdb   vg01           lvm2 a--  1020.00m       0  1020.00m
/dev/sdc   vg01           lvm2 a--  1020.00m       0  1020.00m
/dev/sdd   vg01           lvm2 a--  1020.00m 1020.00m       0

4. Move EXTENTS from DISK B (/dev/sdc) in order to have an “empty” not used disk

[root@CentosLab01 ~]# pvmove /dev/sdc
/dev/sdc: Moved: 3.9%
/dev/sdc: Moved: 100.0%

Now DISK B has 0 used extents:

[root@CentosLab01 ~]# pvs -o+pv_used
PV         VG             Fmt  Attr PSize    PFree    Used
/dev/sda2  vg_centoslab01 lvm2 a--     7.51g       0     7.51g
/dev/sdb   vg01           lvm2 a--  1020.00m       0  1020.00m
/dev/sdc   vg01           lvm2 a--  1020.00m 1020.00m       0
/dev/sdd   vg01           lvm2 a--  1020.00m       0  1020.00m


5. We are ready to reduce the VOLUME GROUP


[root@CentosLab01 ~]# vgreduce vg01 /dev/sdc
Removed "/dev/sdc" from volume group "vg01"

The partition is still of 2.0gb

[root@CentosLab01 ~]# df -h | grep my_disk
/dev/mapper/vg01-lv_test            2.0G  1.5G  371M  81% /media/my_disk

and the data is still there ūüôā
[root@CentosLab01 ~]# cat /media/my_disk/myfile.txt
my file
[root@CentosLab01 ~]# md5sum /media/my_disk/noodles.log
eeba7b4eee6de684b86e346a3c11d4d5  /media/my_disk/noodles.log

launch vgdisplay -vv vg01 for see which physical volumes are members of VG01.

Configure Samba with Active Directory integration (Centos 6)

Let’s see how to integrate your samba server with Microsoft Active Diretory.

Domain: NOODLES   (NETBIOS name)
FQDN: noodles.foo.org
Domain controller 1: dc01.noodles.foo.org
Domain controller 2: dc02.noodles.foo.org
Local Unix account: puppet
Domain Account: NOODLES\puppet

Packages to install via yum: [ krb5-libs , krb5-devel , samba , samba-common , samba-winbind , samba-client , samba-winbind-client ]

  • create unix local user named “puppet”
  • Install package using yum
  • map “puppet” with “NOODLES\puppet” editing /etc/samba/smbusers:
  • puppet = NOODLES\puppet

  • Make sure that you can reach the domain controllers by the Linux server
  • Configure Kerberos. ¬†Example:[root@mylinuxbox puppet]# cat /etc/krb5.conf

[libdefaults]
default_realm = NOODLES.FOO.ORG[realms]
NOODLES.FOO.ORG = {
kdc = dc01.noodles.foo.org
kdc = dc02.noodles.foo.org

admin_server = dc01.noodles.foo.org
}

  • Configure Samba (/etc/samba/smb.conf)

  • [global]
    nameresolveorder = hosts wins bcast
    maxlogsize = 1500
    passwordserver = dc01 dc02
    usernamemap = /etc/samba/smbusers
    clientntlmv2auth = yes
    dnsproxy = no
    disablespoolss = yes
    printcapname = /dev/null
    realm = NOODLES.FOO.ORG
    logfile = /var/log/samba/smbd.log
    preferredmaster = no
    loadprinters = no
    printing = bsd
    socketoptions = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    localmaster = no
    workgroup = NOODLES
    serverstring = Samba Server
    security = ADS
    # auth methods = guest, sam, winbind
    restrict anonymous = 2

    follow symlinks = yes
    wide links = yes
    unix extensions = no

    [share]
    path=/usr/local/
    writable=yes
    browsable=yes
    create mask = 0766
    valid users= puppet
    force user = puppet

  • Join Linux server to the domain
  • net ads join -U puppetadmin@NOODLES.FOO.ORG

    print details of connection with active directory

    [puppet@mylinuxbox puppet]# net ads info

    LDAP server: [ ip address of dc01]
    LDAP server name: DC01.noodles.foo.org
    Realm: NOODLES.FOO.ORG
    Bind Path: dc=NOODLES,dc=FOO,dc=ORG
    LDAP port: 389
    Server time: Thu, 10 Apr 2014 10:52:59 CEST
    KDC server: [ ip address of dc01]
    Server time offset: 0

    restart samba
    Try access to //mylinuxbox/share using NOODLES\puppet