Tikejhya: Ashish Nepal

Knowledgebase

dynamic inventory ec2.py with multiple inventory

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

While running  multiple inventory with ec2.py; You will also need to copy the ec2.ini file to location where you have ec2.py.

My structure was with 4 different environment and i didnt want to copy ec2.py all over the inventory rather use 1 and create ec2.ini according to requirement per environment. (which may be what many would like to do).

root@tikejhya:/etc/ansible# tree
.
├── development
│ └── ec2.ini
├── ec2.py
├── ext.py
├── ext.pyc
├── prod
│ └── ec2.ini
├── roles
├── staging
│ └── ec2.ini
└── uat
├── base
└── ec2.ini

Since there was not really out of the box solution; i created ext.py below and import into ec2.py.

#ec2.py

135 from ansible.module_utils import ec2 as ec2_utils
++ 136 from ext import mapper
137
138 HAS_BOTO3 = False

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

And:

487 help='Use boto profile for connections to EC2')
++ 488 parser.add_argument('--my_env', action='store', dest='my_env',
help='Use env for veriable')
490 self.args = parser.parse_args()
491
++ 492 mapper(self.args.my_env)

#ext.py
#!/usr/bin/python
import os
import sys

def mapper(self_args_my_env):
os.environ[“EC2_INI_PATH”] = “/etc/ansible/” + self_args_my_env + “/ec2.ini”
os.environ[“AWS_PROFILE”] = “profile_” + self_args_my_env

This made me able to run ansible with ec2.py followed by env parameter and use relevent boto profile.

ec2.py –my_env uat –list

chef [rendering template]

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

filebeat:
prospectors:

<% @rolename.each do |role| %>
#Some prospector should be passed in here based on role
<%= render "filebeat-syslog.yaml.erb" -%>

<%= render "filebeat-#{role}.yaml.erb" -%>
<% end %>
registry_file: <%= @path_registry %>

output:

logstash:
hosts: [“<%= node.filebeats.logstashhost %>:<%= node.filebeats.logstashport %>“]
#tls:
#certificate_authorities: [“/etc/pki/tls/certs/beats.crt”]
#insecure: true

shipper:

logging:

files:
rotateeverybytes: 10485760 # = 10MB

#In above rendering, variables comes from recipe which is loaded attributes.

$ cat attributes/default.rb
default[‘filebeat’][‘apache_log_file’] = [‘/var/log/httpd/*error_log’, ‘/var/log/httpd/*access_log’]

$ cat recipes/config.rb
rolename = node.roles

template ‘/etc/filebeat/filebeat.yml’ do
source ‘filebeat-default.yaml.erb’
mode ‘0440’
owner ‘root’
group ‘root’
variables(
path_apache_log_file: node[‘filebeat’][‘apache_log_file’],
input_type: node[‘filebeat’][‘input_type’],
document_type: node[‘filebeat’][‘document_type’],
path_registry: node[‘filebeat’][‘registry’],
:rolename => rolename,

)
end

$ cat templates/default/filebeat-default.yaml.erb
filebeat:
prospectors:

<% @rolename.each do |role| %>
#Some prospector should be passed in here based on role
<%= render "filebeat-syslog.yaml.erb" -%>

<%= render "filebeat-#{role}.yaml.erb" -%>
<% end %>
registry_file: <%= @path_registry %>

output:

logstash:
hosts: [“<%= node.filebeats.logstashhost %>:<%= node.filebeats.logstashport %>“]
#tls:
#certificate_authorities: [“/etc/pki/tls/certs/beats.crt”]
#insecure: true

shipper:

logging:

files:
rotateeverybytes: 10485760 # = 10MB
[ashnep@mgmt1-prod1 filebeats]$ cat templates/default/filebeat-magento.yaml.erb
<% @path_apache_log_file.each do |j| %>

paths:
– <%= j %>
input_type: <%= @input_type %>
<% if j =~ /error_log/ %>
document_type: apache-error-log
<% else %>
document_type: apache-access-log
<% end %>
fields:
service:
zone: <%= @zone %>

<% end %>

chef [templates]

template “/data/project/config.inc” do
source ‘config.inc.erb’
variables(
smtp_host: node[‘smtp’][‘host’],
smtp_port: node[‘smtp’][‘port’],
suffix: suffix,
)
owner ‘apache’
group ‘apache’
mode ‘0744’
end

Chef [Cron]

cron ‘job1’ do
minute ‘*/5’
command “some command here &> /dev/null”
end

Chef Basics [attributes if else, loop ]

#replace
Ohai2u tikejhya@web1-prod1!
chef (12.14.89)> node.name.gsub(/.*-/, ”)
=> “prod1″
chef (12.14.89)> node.name.gsub(/-.*/, ”)
=> “web1”
chef (12.14.89)>

#array of packages to install
default[‘dep’][‘packages’] = %w(mysql php-pdo php-ldap php-gd php-pear httpd php-cli php-mysql php-xml php-mbstring php-pecl-memcache php-devel php-common php php-mcrypt php-pecl-apc php-soap vsftpd)

# marking admin value if condition met
node.run_list?(‘role[admin]’) == true ? default[‘admin’] = TRUE : default[‘admin’] = FALSE

# if else
if node[‘admin’]
default[‘php’][‘max_execution_time’] = 30
else
default[‘php’][‘max_execution_time’] = 180
end

# case statement with loop’s
case node.chef_environment
when ‘prod’
default[‘nfs’][‘nfs_mount_point’] = ‘/data/en-UK/media’
when ‘prod2’
default[‘nfs’][‘nfs_mount_point’] = ‘/data/en-UK/media/files’
when ‘prod3’
%w(en-UK de-DE es-ES).each do |sites|
default[“#{sites}”][‘efs_mount_point’] = “/data/#{sites}/media/efs-files”
default[“#{sites}”][‘nfs_mount_point’] = “/data/#{sites}/media/nfs-files”
default[“#{sites}”][‘app_mount_point’] = “/data/#{sites}/media/files”
end

Chef [data bags]

#Chef using data bags value

#Lets see data bag called staging for webserver
$ knife data bag show staging webserver
mysql:
hostname: db1.tikeweb.com
username: admin

#load data bag into some holder
config = Chef::DataBagItem.load(‘staging’, ‘webserver’)

#load mysql hostname
node.default[‘mysql-hostname’] = config[‘mysql’][hostname]
or
node.default_unless[‘mysql-hostname’] = config[‘mysql’][hostname]

#This can now be used as variable inside recipe which you want to push via template.

Chef Basics [chef-client]

#Chef-client pull recipe from client
chef-client -o ‘recipe[filebeats]’
chef-client -o ‘recipe[filebeats]’ -l debug

Chef Basics [Knife]

#save cookbook changes
knife cookbook upload tike_web

#Show role
knife role show web

#list all client
knife node list

# show user specific databags
knife data bag show users ashnep

# show environment specific databags
knife data bag show prod prod_data

#Create cookbook
knife cookbook create filebeats

#test configuration
rubocop cookbooks/filebeats

#Upload cookbook
knife cookbook upload filebeats

#show node data
knife node show ashnep-test

#Chef bootstrap
#bootstrap 10.10.10.1
-N NODENAME
-r RUN_LIST, –run-list RUN_LIST
-E ENVIRONMENT, –environment ENVIRONMENT
-x USERNAME, –ssh-user USERNAME
–use-sudo-password (Perform a bootstrap operation with sudo; specify the password with the -P (or –ssh-password) option)

knife bootstrap 10.10.10.1 -N web1.tikejhya.com -r "role[web]" --environment dev -x tikejhya --sudo --use-sudo-password -i ~/.ssh/my_prv

Bash format option [disable autocommenting]

#Bash format option [disable autocommenting]
:set formatoptions-=cro

Magento admin user password hash

# Magento stores user password inside admin_user and hashing is done with some random key
#So here we are resetting password with somepass for user called username

UPDATE admin_user SET password=CONCAT(MD5('qXsomepass'), ':qX') WHERE username = 'username';

Page 1 of 40

Powered by WordPress & Theme by Anders Norén