Friday, April 15, 2016

Setting root password for a Centos Cloud image

[red@vm-red ~]$ guestfish --rw -a ./CentOS-6-x86_64-GenericCloud-1508.qcow2 

Welcome to guestfish, the libguestfs filesystem interactive shell for
editing virtual machine filesystems.

Type: 'help' for help on commands
      'man' to read the manual
      'quit' to quit the shell

><fs> run
 100% ⟦▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒⟧ 00:00
><fs> list-filesystems
/dev/sda1: ext4
><fs> mount /dev/sda1 /
><fs> vi /etc/shadow

><fs> 


Note above not tested on Centos7

Tuesday, April 12, 2016

Listing Puppet Classes via REST API

As root on the puppet master execute this script:

[root@ost-puppet-el7-001 manifests]# cat list-classes.sh 
#!/bin/sh

PEFQDN=`hostname -f`
curl -X GET -H 'Content-Type: application/json' \
--cert /etc/puppetlabs/puppet/ssl/certs/${PEFQDN}.pem \
--key /etc/puppetlabs/puppet/ssl/private_keys/${PEFQDN}.pem \
--cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
https://${PEFQDN}:4433/classifier-api/v1/classes | python -m json.tool

Monday, February 01, 2016

Purging a file from a git repo


Step 1) Clone the repo.

Step 2) Remove the file from current repo.
$ git rm Documentation/master/rc.slack
$ git commit -m 'remove unneeded file'
$ git push origin uno_v0



Step 3) Purge the file


You need to run this command from the toplevel of the working tree.


$ git filter-branch -f --index-filter 'git rm --cached --ignore-unmatch Documentation/master/rc.slack' --prune-empty --tag-name-filter cat -- --all




Note: the output:
WARNING: Ref 'refs/remotes/origin/uno_v0' is unchanged


That is why we needed to `git rm ...` and `git commit ...` and `git push ...` in Step 2.

Step 4) push the changes to the remote


$ git push -f --all origin


This will remove the file from all branches in the remote. However, if other people have cloned this repo and have a local copy of it, they either need to throw away the old copy and re-clone or rebase all of their branches to the new history, otherwise they will bring back the file when they merge/do pull requests.











Friday, September 25, 2015

What version of a Perl CPAN module do I have installed?

[red@dev1 ~]$ perl -MDateTime -e"print DateTime->VERSION"; echo

0.4501

Wednesday, August 26, 2015

How to lock the screen on a mac

control-shift-power
or
upper left apple icon > sleep

Friday, May 15, 2015

Adding Groups, adding classes to Group, and adding nodes to Group with Puppet Enterprise 3.7's REST API and python

#!/usr/bin/env python

import requests
import json
import sys
import getopt

#
# if you get this error message:
#
#requests.exceptions.SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL #routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
#
# try executing: # pip install requests[security]
#
# to install pip execute:
#
# yum install python-pip
#

def usage(msg):
        print """
usage: add-group.py -p <FQDN of puppet master> -g <Group to add> -c <Class to assign to group> <node> [node]

        add-group.py will add the specified group to the specified Puppet Master's
        dashboard and assign the specified class to that group.  Also add-group.py
        will assigned the listed nodes to the specified group.

        example:

                $ ./add-group.py -p ppt-001.example.com \\
                > -g OSC4-Controller \\
                > -c wrapcontroller \\
                > mgmt-001 mgmt-002 mgmt-003

%s
""" % msg

'''
        p is puppetmaster
        g is group
        c is class
'''
def add_group(p,g,c):

        url="https://%s:4433/classifier-api/v1/groups" % p
        headers = {"Content-Type": "application/json"}
        data="{ \"name\": \"%s\", \"parent\": \"00000000-0000-4000-8000-000000000000\", \"environment\": \"production\", \"classes\": { \"%s\": {}} }" % (g,c)
        cacert='/etc/puppetlabs/puppet/ssl/certs/ca.pem'
        key="/etc/puppetlabs/puppet/ssl/private_keys/%s.pem" % p
        cert="/etc/puppetlabs/puppet/ssl/certs/%s.pem" % p
        result = requests.post(url,
                data=data, #no data needed for this request
                headers=headers, #dict {"Content-Type":"application/json"}
                cert=(cert,key), #key/cert pair
                verify=cacert
                )
        
        try:
                grp_id = result.json()['id']
        except:
                print "\nError:\n %s\n" % result.json()['msg']
                sys.exit(2)
        return grp_id

def assign_nodes(p,gid,nodes):
        url="https://%s:4433/classifier-api/v1/groups/%s" % (p,gid)
        headers = {"Content-Type": "application/json"}
        #
        # build the form data
        #
        data="{ \"rule\": [\"or\", "
        print "nodes=%s" % nodes
        # for i in nodes.split():
        for i in nodes:
                data += "[\"=\", \"name\", \"%s\"]," % i
        # knock off unneeded last comma
        data = data[:-1]
        data += "]}"
        print "\n:%s:\n" % data
        cacert='/etc/puppetlabs/puppet/ssl/certs/ca.pem'
        key="/etc/puppetlabs/puppet/ssl/private_keys/%s.pem" % p
        cert="/etc/puppetlabs/puppet/ssl/certs/%s.pem" % p
        result = requests.post(url,
                data=data, #no data needed for this request
                headers=headers, #dict {"Content-Type":"application/json"}
                cert=(cert,key), #key/cert pair
                verify=cacert
                )
        print result.json()

def main(argv):
        puppet_master = ''
        group_to_add  = ''
        class_to_add  = ''
        try:
                opts, args = getopt.getopt(argv,"hp:g:c:",["puppetmaster=","group=","class="])
        except getopt.GetoptError:
                usage ('usage error')
                sys.exit(2)

        for opt, arg in opts:
                if opt == '-h':
                        usage ('help called')
                        sys.exit()
                elif opt in ("-p", "--puppetmaster"):
                        puppet_master = arg
                elif opt in ("-g", "--group"):
                        group_to_add = arg
                elif opt in ("-c", "--class"):
                        class_to_add = arg

        if not puppet_master:
                usage ('Please specifiy puppet master with -p')
                sys.exit(2)
        if not group_to_add:
                usage ('Please specifiy group to add with -g')
                sys.exit(2)
        if not class_to_add:
                usage ('Please specifiy class to add with -c')
                sys.exit(2)

        print 'Puppet Master is [%s]' % puppet_master
        print 'Group to add is [%s]' % group_to_add
        print 'Class to add is [%s]' % class_to_add
        print args
        grp_id = add_group( puppet_master, group_to_add, class_to_add )
        print "Group id [%s]" % grp_id
        assign_nodes(puppet_master,grp_id,args)

if __name__ == "__main__":
        main(sys.argv[1:])

#
# Notes:
#
# curl https://${PEFQDN}:4433/classifier-api/v1/groups \
# -H "Content-Type: application/json" \
# --cert /etc/puppetlabs/puppet/ssl/certs/${PEFQDN}.pem \
# --key /etc/puppetlabs/puppet/ssl/private_keys/${PEFQDN}.pem \


# --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem | python -m json.tool
#
# curl -X POST -H 'Content-Type: application/json' \
# --cert /etc/puppetlabs/puppet/ssl/certs/${PEFQDN}.pem \
# --key /etc/puppetlabs/puppet/ssl/private_keys/${PEFQDN}.pem \
# --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
# --data "{ \"name\": \"$GROUP\", \"parent\": \"00000000-0000-4000-8000-000000000000\",
# \"environment\": \"production\", \"classes\": { \"$CLASS\": {}} }" \
# https://${PEFQDN}:4433/classifier-api/v1/groups | python -m json.tool
'''
curl -X POST -H 'Content-Type: application/json' \
  --cert /etc/puppetlabs/puppet/ssl/certs/${PEFQDN}.pem \
  --key /etc/puppetlabs/puppet/ssl/private_keys/${PEFQDN}.pem \
  --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
  -d '{ "rule": ["or", ["=", "name", "mgmt-001"], ["=", "name", "mgmt-002"], ["=", "name", "mgmt-003"]] }' \
https://${PEFQDN}:4433/classifier-api/v1/groups/$GROUP | python -m json.tool
     '{ "rule": ["or", ["=", "name", "node1"]            , ["=", "name", "node2"]            , ["=", "name", "node3"]}'
echo $NODES
DATA="'{ \"rule\": [\"or\", "
for i in $NODES
do
        DATA="${DATA} [\"=\", \"name\", \"$i\"],"

done

DATA=`echo $DATA | sed -e's/.$//g'`
DATA="${DATA}] }'"
echo "data is [$DATA]"
'''