Jonas Genannt

Server Manager with Puppet configuration keys

nospam@example.com (Jonas Genannt) — Mon, 15 Feb 2010 21:47:35 +0100

With this post I will explain you the Puppet Configuration Key feature at the server manager.

With the puppet configuration key feature you can store configuration data used in puppet classes at your database. You can also store configuration data on server groups and add servers to that group.

Yes - it's working like ripienaar's great extlookup but with database.

For this example I have got two hosts:

valentina.brachium-system.net

web01.brachium-system.net

Both hosts are saved on the server manager.

We have some puppet configuration keys at server manager:

The first server valentina.brachium-system.net has got the following puppet key configuration:

The second server web01.brachium-system.net has got the following puppet key configuration:

We are using this puppet manifest:

# Configuration for dblookup from servermgmt:
$dblook_host = "localhost"
$dblook_user = "servermgmt"
$dblook_pass = "servermgmt"
$dblook_db = "servermgmt"

class ssh::server {
$ssh_server_password_authentication = dblookup('ssh_server_password_authentication')
$ssh_server_root_login = dblookup('ssh_server_root_login')
notice("ssh_server_password_authentication: $ssh_server_password_authentication")
notice("ssh_server_root_login: $ssh_server_root_login")
file { "/etc/ssh/sshd_config":
content => template("/home/jonas/puppet/templates/sshd_config.erb")
}
}

node default {
$pkg_install_subversion = dblookup('pkg_install_subversion')
notice("We are the server: ${fqdn}")
notice("pkg_install_subversion: $pkg_install_subversion")
include ssh::server
package {"subversion":
ensure => dblookup('pkg_install_subversion')
}
}

We run that manifest on the server valentina:

notice: Scope(Node[default]): We are the server: valentina.brachium-system.net
notice: Scope(Node[default]): pkg_install_subversion: present
notice: Scope(Class[ssh::server]): ssh_server_password_authentication: yes
notice: Scope(Class[ssh::server]): ssh_server_root_login: no

We run that manifest on the server web01:

notice: Scope(Node[default]): We are the server: web01.stg.brachium-system.net
notice: Scope(Node[default]): pkg_install_subversion: absent
notice: Scope(Class[ssh::server]): ssh_server_password_authentication: no
notice: Scope(Class[ssh::server]): ssh_server_root_login: yes

You can see on the verbose output from puppet, the information is fetched from the database - if the server has got no own value for one key, the default value is used.

You can get the source at http://github.com/hggh/servermgmt

Uploaded source of server manager to github

nospam@example.com (Jonas Genannt) — Mon, 15 Feb 2010 15:35:52 +0100

I have uploaded the source code of my server manager to github:

http://github.com/hggh/servermgmt

airberlin postcard

nospam@example.com (Jonas Genannt) — Sat, 16 Jan 2010 17:30:11 +0100

An really cool advertising postcard from airberlin airline, seen at an pub in Stuttgart:

Server/Hardware documenation

nospam@example.com (Jonas Genannt) — Sat, 28 Nov 2009 02:26:16 +0100

If you manage some servers you need to document, which server has got which ip address. I have written an small webapp for that stuff. You can create companies, networks and servers.

One server could have one operation system, one server type (like hardware or virtual) and the mac/ip addresses. For every operation system you can save an preseed configuration for debian installation.

Some screenshots of the app:

--------------

Update:

It works like the extlookup, but not with files - it does an database lookup.
--------------

Planed features:

- authentication
- connect virtual servers to hardware nodes
- ...

To our FDP and CDU/CSU guys

nospam@example.com (Jonas Genannt) — Mon, 26 Oct 2009 23:24:42 +0100

Seen near nuclear power facility Neckarwestheim(near Stuttgart) last year.

git vs svn

nospam@example.com (Jonas Genannt) — Sun, 13 Sep 2009 21:46:06 +0200

I have got one repository with 11495 files. These repository consists of jpeg, ttf, png and pdf file types. All files are binary.

I have done some benchmark with git and svn:

git clone (remote,ssh) : 38m49.516s
svn checkout (remote,ssh) : 48m20.330s

Size, after git clone : 23G
Size, after svn checkout : 24G
Size, only files without revision control: 12G

git status : 0m0.634s
svn status : 0m0.654s

Playing with nginx

nospam@example.com (Jonas Genannt) — Fri, 11 Sep 2009 23:51:32 +0200

Playing with nginx. Here are some random hints:

1.) nginx with php:

/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f "/usr/bin/php-cgi -c /etc/php5/cgi/php-nginx.ini" -P /var/run/fcgi-php.pid

2.) Deny access to .svn directories:

location ~ \.svn { deny all; }

3.) rewrite urls

if ( !-f $request_filename ) {
rewrite ^/images/([A-Za-z]+)\/(.*)$ /images/default/$2 break;
}

The rewrite rule will redirect /images/bar/foo.png if it does not exists to /images/default/foo.png

spwan-fcgi is included in the lighttpd package if you are using lenny. On squeeze and sid spawn-fcgi is an standalone package!

R.I.P. perldoc.perl.org

nospam@example.com (Jonas Genannt) — Tue, 21 Jul 2009 23:06:40 +0200

Rest in peace perldoc.perl.org. You was so excellent with your online search and code highlighting. But after the redesign Web 2.0 is gone into perldoc. This is really bad. The old layout was so great.

The new design has got some scrolling bugs ( scroll fast to bottom, than you see double boxes of text) and the manual text is too often broken into newlines.

Please have a look: The good old one and the new one. Both pages displays the same content, but the old layout has got more free space and better overview.

Arduino with Ethernetshield: Get temperature via telnet

nospam@example.com (Jonas Genannt) — Thu, 16 Jul 2009 18:57:26 +0200

You can use Arduino with Ethernetshield to fetch temperatures over network.

I have created an little sketch for Arduino. This sketch has got an "telnet" server. If you connect to the IP address of the arduino, you will get the temperature from all connected DS1820 sensors.

The DS1820 sensor is build in the 6.2 inch female plug. I have only two sensors connected, but you can connect more sensors to the One Wire Bus. It works like the old digitemp system. But digitemp needs an serial connector. My Arduino works via Network - that's really cool!

I also created an munin plugin for this Arduino system. If you edit /etc/munin/plugin-conf.d/munin-node you can supply alias names for the hex address of the sensor.

[arduino_ds1820_192.168.1.3]
env.101f9dca18020 Jonas desk
env.105269ca180a6 PC power supply
timeout 60

You have to insert the timeout 60 because the system fetches the temperature from the sensors just in time, this needs some time

Updated 3dm2 packages from 3Ware

nospam@example.com (Jonas Genannt) — Wed, 10 Jun 2009 21:24:28 +0200

I have updated my 3Ware 3dm2 debian packages.

Now version 9.5.2 is available on jonas.genannt.name. The CLI tools 9.5.2 are also available. Please have a look here.

An Debian Repository is also available.

Updated CLI packages from 3Ware

nospam@example.com (Jonas Genannt) — Sat, 06 Jun 2009 16:10:39 +0200

I have updated my 3Ware CLI debian packages.

Now version 9.5.2 is available on jonas.genannt.name.

Apache - custom logs with ServerAlias *.

nospam@example.com (Jonas Genannt) — Fri, 05 Jun 2009 09:37:01 +0200

If you have an catchall http virtual host like this:

<VirtualHost *:80 >
ServerName catchall.example.org
ServerAlias *.catchall.example.org
</VirtualHost>

You can log every virtual host on *. with:

LogFormat "%h - %v - %V %U" aliaseslog
CustomLog /var/log/apache2/catchall.example_aliases.log aliaseslog

An access to foo.catchall.example.org/test.html will be logged:

123.123.123.123 - catchall.example.org - foo.catchall.example.org /test.html

With the log file you can count the access:

cut -f 5 -d ' ' /var/log/apache2/catchall.example_aliases.log| sort | uniq -c | sort -n

This will tell you, the overall access to every host.

flat tire - again, again and again

nospam@example.com (Jonas Genannt) — Mon, 01 Jun 2009 22:19:30 +0200

Back home from my working place, I meet some broken piece of glass at the road. This (flat) tire is now fixed three times. I really should get an new one!

converting filenames from ISO-8859-15 to UTF-8

nospam@example.com (Jonas Genannt) — Mon, 01 Jun 2009 15:32:18 +0200

Useful links for converting filenames from one encoding to another:

http://www.j3e.de/linux/convmv/

http://hektor.umcs.lublin.pl/~mikosmul/computing/articles/linux-unicode.html

convmv is also available at debian. But I suggest you to use alway the newest version of convmv.

convmv, recursively converting filenames from ISO-8859-15 to UTF-8:

convmv -r --notest -f ISO-8859-15 -t UTF-8 /home

Cfengine: Multiple Domains

nospam@example.com (Jonas Genannt) — Sat, 23 May 2009 15:03:56 +0200

If you want to use multiple domains in one Cfengine configuration, you can use this configuration:

control:

    foo_bar_com::

           domain = ( foo.bar.com )

    sub_bar_com::

           domain = ( sub.bar.com )

    foo_com::

           domain = ( foo.com )

Or you can use IPRange:

classes:

    another_domain = ( IPRange(10.0.10.0/24) )



control:

    another_domain::

           domain = ( example.com )