ANSIBLE

to get host inventory 

- name: Install this only for local dev machine
  pip: name=pyramid
  when: inventory_hostname == "local"

     instead of inventory_hostname , can use group_names to get individual group

copy command fails for large files use synchronize

tasks:
    - name: Transfer file from ServerA to ServerB
      synchronize:
        src: /path/on/server_a
        dest: /path/on/server_b

Vagrant

Vagrant is a tool to create development environment quickly. Suppose if your application need an environment which contains web, app, db, lb tiers, so creating virtual systems manually will take more time. Since vagrant keeps its configuration you can create these environments quickly.


for more details what it does, go through the documents when ever you get time. But I think we can  jump to some practice .

1. Download Vagrant from : https://www.vagrantup.com/downloads.html
2. Download putty and putty keygen ( if you are trying out in windows) http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
3. Oracle Virtualbox .



To start with we need a box. Box is nothing but the package for vagrant to create environment. ie if you want to create an Ubuntu VM  , you need to get one Ubuntu box image. You can find it in
https://atlas.hashicorp.com/boxes/search

example: ubuntu/trusty64


Now the tools and other stuffs are ready with us. Install above listed 3 items. If your system ask for restart , obey it no other way :)

Once you set it up we can go for next step


vagrant is the command using to manage the boxes . if you simply type vagrant in command prompt and type enter you will get the options and parameters.

>vagrant
Usage: vagrant [options] []

    -v, --version                    Print the version and exit.
    -h, --help                       Print this help.

Common commands:
     box             manages boxes: installation, removal, etc.
     connect         connect to a remotely shared Vagrant environment
     destroy         stops and deletes all traces of the vagrant machine
     global-status   outputs status Vagrant environments for this user
     halt            stops the vagrant machine
     help            shows the help for a subcommand
     init            initializes a new Vagrant environment by creating a Vagrant file
     login           log in to HashiCorp's Atlas
     package         packages a running vagrant environment into a box
     plugin          manages plugins: install, uninstall, update, etc.
     port            displays information about guest port mappings
     powershell      connects to machine via powershell remoting
     provision       provisions the vagrant machine
     push            deploys code in this environment to a configured destination
     rdp             connects to machine via RDP
     reload          restarts vagrant machine, loads new Vagrantfile configuration
     resume          resume a suspended vagrant machine
     share           share your Vagrant environment with anyone in the world
     snapshot        manages snapshots: saving, restoring, etc.
     ssh             connects to machine via SSH
     ssh-config      outputs OpenSSH valid configuration to connect to the machine
     status          outputs status of the vagrant machine
     suspend         suspends the machine
     up              starts and provisions the vagrant environment
     version         prints current and latest Vagrant version

For help on any individual command run `vagrant COMMAND -h`

Additional subcommands are available, but are either more advanced
or not commonly used. To see all subcommands, run the command
`vagrant list-commands`.


Now we can use option box

>vagrant box 

Usage: vagrant box []

Available subcommands:
     add
     list
     outdated
     remove
     repackage
     update

For help on any individual subcommand run `vagrant box -h`

Now it is expecting a box image name

>vagrant box add ubuntu/trusty64

The above command will download a box image  and will cache in your system.
Now you can create a new VM configuration with this box image by

>vagrant init ubuntu/trusty64

This will create a Vagrant configuration file in the local directory with this ubuntu/trusty64 box image

>vagrant up

the above command will start VM with the configuration which created in above steps

>vagrant list

will list out the boxes running presently


you can ssh to the started VM though port 2222 ( if you run multiple boxes it will change, see the logs while you starting the VM)

[JMETER] could not initialise key store java.io.ioexception: >> illegal option: -ext

could not initialise key store java.io.ioexception: >> illegal option: -ext in

This issue is because of wrong Java version . Use JDK 7 ( jdk1.7.X) . 

Netcat ( NC ) for checking the network connectivity

Netcat is a goof network debugging tool . It can read and write the data through network.Both TCP and UDP supported. We mostly face issues with firewalls while we hosting our application in servers. In AWS also there are security settings for restricting the network access. But we need to check whether a port is accessible from public internet. netcat will be very useful to check this.

Suppose we are hosting a web server with port 80. We installed server properly and accessible from same system but not from the network. So we need to test whether request is coming till the server and any web server configuration causing the issue.To test this first stop the webserver then run the command "nc -l 80"

This will open 80 port ( TCP) in current system's IP. Then try to telnet from remote host to webservers 80 port. If it succeeds then you will get connection accpetd message in terminal where we ran "nc -l 80 " command.

Jenkins: FAILED: svn: E175002: OPTIONS

Today I faced some issues in Jenkins ver 1.602, Here I am telling how I resolved this issue

Jenkins: Jenkins ver. 1.602

Exception: Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version

Solution

1. First upgrade subversion installed in O.S

   for this I added yum repo 

      vi /etc/yum.repos.d/wandisco-svn.repo

 [WandiscoSVN]
name=Wandisco SVN Repo
baseurl=http://opensource.wandisco.com/centos/6/svn-1.8/RPMS/$basearch/
enabled=1
gpgcheck=0
Reference: http://tecadmin.net/install-subversion-1-8-on-centos-rhel/

2.  Do an svn checkout with non interactive mode.

mkdir test
cd test
svn co --non-interactive --username your_name https://svn.server.com/repository/trunk


You can see the below four files getting created under .subversion/auth folder in home directory
svn.simple
svn.ssl.client-passphrase
svn.ssl.server
svn.username


3. Downgrade the subversion plugin in jenkins

4. start tomcat with following parameter in CATALINA_OPTS in catalina.sh

JK Mount and JK Unmount

Mod_JK

This is the one of the common module which most of the Java application server administrators had worked. I think it is the one which is mostly used with  tomcat and jboss.

Here is a good tutorial for mod_jk

http://www.ramkitech.com/2012/03/virtual-host-apache-httpd-server-tomcat.html

I am adding to the above.

There are some scenario that some of the path we need to exclude from jkmount




JkMount  /*  abc
JkUnMount  /static abc


Here in first line all the request for / is passing to abc worker but a context /static is removing from abc that should be serve from local apache.

LDAP server configuration - Part-1

Directory Service

It is a software which stores the information of network entities like users, servers etc. It can store any kind of information in the form of attribute and its value.

LDAP

Mostly we are using this term something like addressing a database which stores information. But it is a protocol to communicate with directory services or information directory. It supports TCP/IP so we can use this in network. Mostly we will call this LDAP information directory service as LDAP server, which supports ldap queries to store and retrieve data.

Is LDAP server is just like a database? . It acts as a database for storing information but it is more optimized for read operation because modification to LDAP entities will be very less but read operation will be very high.


LDAP server is mostly using for authentication purpose.

What is the advantage of using LDAP server for authentivation

1. LDAP is a protocol . Since it is a standard most of the platform support it.
2. Most of the applications are LDAP ready because they don't need to worry in handling user database in their application
3. Security, There are Access Control List  (ACL) to restrict the entity access .
4. There are lot of LDAP server vendors both in commercial and open-source.Installation of these are very easy.
5. Replication option is there to store the data in remote location for security purpose.


You want cross platform support?, Change of data less frequent? More read operation?   if answer is yes then LDAP server will be the best place to store the information.

Structure of  LDAP Directory Tree.

 Its structure is just like an inverted rooted tree similar to DNS or linux directory structure.Each entry in LDAP tree is uniquely identified by Distinguished Name or will call DN. Mostly we are reading this DN from leaf node to root. I will explain how it is in later portion.


Suppose I am creating ldap server for company example.com

In the above picture the first box ( dc=example,dc=com) is the Base DN for this ldap.
There are multiple format for defining the base DN. But here I used the DNS name format. So Base DN is the top level of the ldap tree.

Suppose we have number of employees in our company . So in LDAP , as we discussed earlier it will be stored in another category or as a node named OU. OU stands for organizational unit. Mostly OU is using for defining a broad categories like ou=users, ou=computers,ou=groups, etc. OU can be further be divided . Suppose we have users in US and UK the the structure will be go like this

 So DN which identifies the users in US will be like .

ou=US,ou=users,dc=example,dc=com
 
See how it is, from individual entry back to words the root of tree.

For "ou=gourps" what will be the DN?  it will be ou=groups,dc=example,dc=com.


An entry in the ldap contains set of attributes which is uniquely identified by DN. There is one term called RDN ( Relative Distinguished Name) . It is nothing but a relative path to an entity based on another DN.

consider the case ou=UK,ou=users,dc=example,dc=com. This a DN and ou=UK, ou=users  is a RDN based on the base DN dc=example,dc=com. Simply like absolute path and relative path in file system.


In LDAP we can store almost data in a format of attribute and value. For example for a user named "John Smith" there will be multiple details related to him like Name, Address, Email etc. all these can be stored in LDAP.

 Here is a sample ldap entry for a user John Smith.

dn: uid=jsmith,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
cn: John Smith
givenName: John
sn: Smith
mail: jsmith@example.com
telephoneNumber: +999999999
title: Test Engineer
uid: jsmith
uidNumber: 10000
gidNumber: 100
homeDirectory: /home/jsmith
loginShell: /bin/bash

in this example these are the attribute we need store in the  LDAP.
So look at the first line it defines the DN for user John Smith, But here uid is taken to build DN . This uid just like a user name ( not the uid , gid in linux ).


Here we can see objectClass: inetOrgPerson,  objectClass: posixAccount. The object class defines these atrributes.Which means to use an attribute in LDAP we need to include corresponding object class in the LDAP entry.

 
Configuring LDAP server will be explained in next part