Mount the CD/DVD ROM and copy the Packages directory
cp -r /media/CentOS_6.7_Final/Packages /Repository
rpm -ivh createrepo-0.9.9-24.el6.noarch
[root@master ~]# cat /etc/yum.repos.d/example.repo
[example]
name=Master server Repository
baseurl=file:///Repository
enabled=1
gpgcheck=0
* Now run the createrepo command on the newly created /Repository
[root@master ~]# createrepo /Repository
[root@master ~]# yum repolist
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: centos.vwtonline.net
* extras: centos.gbeservers.com
* updates: distro.ibiblio.org
repo id repo name status
base CentOS-6 - Base 5,062
example Master server Repository 3,150
extras CentOS-6 - Extras 39
puppetlabs-pc1 Puppet Labs PC1 Repository el 7 - i386 72
updates CentOS-6 - Updates 732
repolist: 9,055
Saturday, March 11, 2017
Wednesday, March 8, 2017
recursive function shell script for File System Monitoring
/opt/newdir file system is 92% full and we want to send an email to root once it goes above 90%
[root@dns1 shellscripts]# df -h /opt/newdir/
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/lvm--raid-myvol01
97M 84M 7.9M 92% /opt/newdir
[root@dns1 shellscripts]# df -h /opt/newdir/ | awk '{print $4}' | grep -v "Avail" | sed 's/%$//'
92
[root@dns1 shellscripts]# cat recursive_functions.sh
#!/bin/bash
# define first function
my_one() {
monitor_new_dir=`df -h /opt/newdir/ | awk '{print $4}' | grep -v "Avail" | sed 's/%$//'`
size=90
if [ $size -lt $monitor_new_dir ]
then
echo "Filesystem is $monitor_new_dir% full. Please take action"| mail -s "Do the clean up now" root
else
echo "You are good"
fi
my_two
}
my_two() {
echo This is second function
}
my_one
Here is the OutPut:
[root@dns1 shellscripts]# ./recursive_functions.sh
This is second function
[root@dns1 shellscripts]# mail
600 root Sat Mar 4 11:04 21/803 "Do the clean up now"
>N601 root Sat Mar 4 11:05 21/787 "Do the clean up now"
& 601
Message 601:
From root@dns1.example.com Sat Mar 4 11:05:02 2017
Return-Path:
From: root
Date: Sat, 04 Mar 2017 11:05:02 -0800
To: root@dns1.example.com
Subject: Do the clean up now
User-Agent: Heirloom mailx 12.4 7/29/08
Content-Type: text/plain; charset=us-ascii
Status: R
Filesystem is 92% full. Please take action
[root@dns1 shellscripts]# df -h /opt/newdir/
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/lvm--raid-myvol01
97M 84M 7.9M 92% /opt/newdir
[root@dns1 shellscripts]# df -h /opt/newdir/ | awk '{print $4}' | grep -v "Avail" | sed 's/%$//'
92
[root@dns1 shellscripts]# cat recursive_functions.sh
#!/bin/bash
# define first function
my_one() {
monitor_new_dir=`df -h /opt/newdir/ | awk '{print $4}' | grep -v "Avail" | sed 's/%$//'`
size=90
if [ $size -lt $monitor_new_dir ]
then
echo "Filesystem is $monitor_new_dir% full. Please take action"| mail -s "Do the clean up now" root
else
echo "You are good"
fi
my_two
}
my_two() {
echo This is second function
}
my_one
Here is the OutPut:
[root@dns1 shellscripts]# ./recursive_functions.sh
This is second function
[root@dns1 shellscripts]# mail
600 root Sat Mar 4 11:04 21/803 "Do the clean up now"
>N601 root Sat Mar 4 11:05 21/787 "Do the clean up now"
& 601
Message 601:
From root@dns1.example.com Sat Mar 4 11:05:02 2017
Return-Path:
From: root
Date: Sat, 04 Mar 2017 11:05:02 -0800
To: root@dns1.example.com
Subject: Do the clean up now
User-Agent: Heirloom mailx 12.4 7/29/08
Content-Type: text/plain; charset=us-ascii
Status: R
Filesystem is 92% full. Please take action
Sunday, March 5, 2017
Nestat socket states - from man page reference
[root@puppet-agent1 shellscript]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1946/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1807/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2076/master
tcp 0 0 :::22 :::* LISTEN 1946/sshd
tcp 0 0 ::1:631 :::* LISTEN 1807/cupsd
tcp 0 0 ::1:25 :::* LISTEN 2076/master
udp 0 0 0.0.0.0:631 0.0.0.0:* 1807/cupsd
udp 0 0 0.0.0.0:68 0.0.0.0:* 1772/dhclient
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
Address and port number of the local end of the socket. Unless the --numeric (-n) option is specified, the socket address is resolved
to its canonical host name (FQDN), and the port number is translated into the corresponding service name.
Foreign Address
Address and port number of the remote end of the socket. Analogous to "Local Address."
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED
The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN
The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listen option.
CLOSING
Both sockets are shut down but we still don't have all our data sent.
UNKNOWN
The state of the socket is unknown.
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1946/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1807/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2076/master
tcp 0 0 :::22 :::* LISTEN 1946/sshd
tcp 0 0 ::1:631 :::* LISTEN 1807/cupsd
tcp 0 0 ::1:25 :::* LISTEN 2076/master
udp 0 0 0.0.0.0:631 0.0.0.0:* 1807/cupsd
udp 0 0 0.0.0.0:68 0.0.0.0:* 1772/dhclient
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
Address and port number of the local end of the socket. Unless the --numeric (-n) option is specified, the socket address is resolved
to its canonical host name (FQDN), and the port number is translated into the corresponding service name.
Foreign Address
Address and port number of the remote end of the socket. Analogous to "Local Address."
The state of the socket. Since there are no states in raw mode and usually no states used in UDP, this column may be left blank. Normally this can be one of several values:
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED
The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN
The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listen option.
CLOSING
Both sockets are shut down but we still don't have all our data sent.
UNKNOWN
The state of the socket is unknown.
Saturday, March 4, 2017
puppet agent installation on Centos 6.5
First enable the puppet repository by installing the puppetlabs-release-6-10.noarch.rpm package
[root@puppet-agent ~]# rpm -ivh https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
Retrieving https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
warning: /var/tmp/rpm-tmp.FD1UUR: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing... ########################################### [100%]
1:puppetlabs-release ########################################### [100%]
[root@puppet-agent ~]# yum install puppet
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: centos.gbeservers.com
* extras: mirrors.usinternet.com
* updates: centos-distro.cavecreek.net
puppetlabs-deps | 2.5 kB 00:00
puppetlabs-deps/primary_db | 27 kB 00:00
puppetlabs-products | 2.5 kB 00:00
puppetlabs-products/primary_db | 170 kB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be installed
--> Processing Dependency: ruby >= 1.8.7 for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby >= 1.8 for package: puppet-3.8.7-1.el6.noarch
[root@puppet-agent ~]# rpm -ivh https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
Retrieving https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
warning: /var/tmp/rpm-tmp.FD1UUR: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing... ########################################### [100%]
1:puppetlabs-release ########################################### [100%]
[root@puppet-agent ~]# yum install puppet
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: centos.gbeservers.com
* extras: mirrors.usinternet.com
* updates: centos-distro.cavecreek.net
puppetlabs-deps | 2.5 kB 00:00
puppetlabs-deps/primary_db | 27 kB 00:00
puppetlabs-products | 2.5 kB 00:00
puppetlabs-products/primary_db | 170 kB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be installed
--> Processing Dependency: ruby >= 1.8.7 for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby >= 1.8 for package: puppet-3.8.7-1.el6.noarch
Out put truncated .....
[root@puppet-agent ~]# puppet --version
3.8.7
Configuration:
1. In the main section of the puppet.conf
[root@puppet-agent ~]# vi /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
server = skywalker.example.com
2. Allow the firewall on port 8140 or disable it if you are just testing the puppet
3. Generate the client cert
[root@puppet-agent ~]# puppet agent -t
Info: Creating a new SSL key for puppet-agent.example.com
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppet-agent.example.com
Info: Certificate Request fingerprint (SHA256): 57:C0:26:83:1D:20:FB:46:03:91:50:47:12:CE:41:CE:D0:56:06:40:D8:E6:A7:67:D4:FD:E4:10:A0:AD:F8:E6
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
4. ignore the error for "waitforcecert" we yet have to sign the client from the puppet master
[root@puppet-agent ~]# puppet cert list
Notice: Signed certificate request for ca
5. Display the cert from master
[root@skywalker puppet]# puppet cert list -a
"puppet-agent.example.com" (SHA256) 57:C0:26:83:1D:20:FB:46:03:91:50:47:12:CE:41:CE:D0:56:06:40:D8:E6:A7:67:D4:FD:E4:10:A0:AD:F8:E6
6. Cert is signed now
[root@skywalker puppet]# puppet cert sign puppet-agent.example.com
Signing Certificate Request for:
"puppet-agent.example.com" (SHA256) 57:C0:26:83:1D:20:FB:46:03:91:50:47:12:CE:41:CE:D0:56:06:40:D8:E6:A7:67:D4:FD:E4:10:A0:AD:F8:E6
Notice: Signed certificate request for puppet-agent.example.com
Notice: Removing file Puppet::SSL::CertificateRequest puppet-agent.example.com at '/etc/puppetlabs/puppet/ssl/ca/requests/puppet-agent.example.com.pem'
7. now run - puppet agent -t
[root@puppet-agent ~]# puppet agent -t
Info: Caching certificate for puppet-agent.example.com
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for puppet-agent.example.com
output truncated ....
puppet agent is seen in the inventory of the puppet master to manage.
Thanks.
Friday, March 3, 2017
puppet agent Cert error - No route to the host
after installing the agent and trying to register the cert with the master server got the following error:
Resolution : Either allow client via firewall so that puppet master can talk to the client and vice versa
or stop the firewall and the error should go away.
Error: Could not request certificate: No route to host - connect(2)
Resolution : Either allow client via firewall so that puppet master can talk to the client and vice versa
or stop the firewall and the error should go away.
Error: Could not request certificate: No route to host - connect(2)
Subscribe to:
Posts (Atom)