cyverse / atmosphere-ansible Goto Github PK
View Code? Open in Web Editor NEWAnsible instance deployment code for Atmosphere
License: Other
Ansible instance deployment code for Atmosphere
License: Other
As per our hangouts discussion on PR #25 - This is a 'nice to have' that we should address in the near future.
Ubuntu 14.04.2 XFCE Base instance contains both:
Port 1657
Port 22
Should add either lineinfile to remove all entries and add just the desired port for SSH using regex to remove, then add again. Only then SSH can be restarted
Atmosphere-ansible: After initial SSH login, check the total disk usage. if >90% include+run additional playbooks/roles
|---> Examples include:
rm /opt/.tar
rm /opt/.tar.gz
... more to come
If SSH_KEYS_TO_REMOVE
is undefined, the task fails. When need to edit the when clause to have task run if the variable is defined.
We no longer need to use iRODS' insecure FTP server: https://files.renci.org/pub/irods/
Roles that should be updated:
Once logged in, perform some basic tests
Is Ansible still running? If so, check the ELK server for Ansible deployment logs and check for any deployment errors in the final report.
Need clarification for what to do when ELK is not up and running. @nfaction
I helped triage the following ticket where a user had a desktop, but applications failed to launch. In fact I could not launch applications from the terminal.
I tried the following:
export DISPLAY=<can be :2 for vnc or :5 for guacamole>
export AUTHORITY=<path to Xauthority usually in ~/.Xauthority>
$ firefox
No protocol specified
Failed to connect to Mir: Failed to connect to server socket: No such file or directory
Unable to init server: Could not connect: Connection refused
Error: cannot open display: :5
When I ran xauth list
there were no cookies for the current vm's new ip/hostname. This was the issue. The cookies must match the current hostname. All I had to do was add new cookies. See this well written stackoverflow answer:
https://stackoverflow.com/questions/20611783/after-changing-hostname-gedit-and-other-x-clients-dont-open/20612084#20612084
Some systems have their time set in the future, which causes all sorts of issues. It appears that some suspended instances do not correct. We are reading from hwclock
to bring time closer, which appeared to work, but it may instead be necessary to get time from outside, say with curl
then set the hwclock using hwclock --systohc
. A fix for this was made with issue #30 but without seeing output from ELK is difficult to determine if the curl is working.
One can read the current time like this: hwclock -r
Steps to fix this:
ntpd
, and be sure to handle errors if ntpd
is not already installeddate -s "$(curl -s --head http://google.com | grep ^Date: | sed 's/Date: //g')"
hwclock --systohc
-bash-3.2# hwclock -s
-bash-3.2# date
Tue Jun 14 22:48:59 MST 2016
-bash-3.2# date -s "14 JUN 2016 15:48:00"
Tue Jun 14 15:48:00 MST 2016
OR
date -s "$(curl -s --head http://google.com | grep ^Date: | sed 's/Date: //g')"
The time update MUST OCCUR BEFORE ntp package install for CentOS systems
AFAIK there is always a symlink for the "proper name" of a timezone that redirects back to the more basic result. Here is an example:
(troposphere) root@r01c3b08:/opt/dev/troposphere# ll /usr/share/zoneinfo/America/Chicago
lrwxrwxrwx 1 root root 13 Oct 20 2015 /usr/share/zoneinfo/America/Chicago -> ../US/Central
(troposphere) root@r01c3b08:/opt/dev/troposphere# ll /usr/share/zoneinfo/US/Central
-rw-r--r-- 1 root root 3559 Oct 20 2015 /usr/share/zoneinfo/US/Central
(troposphere) root@r01c3b08:/opt/dev/troposphere# md5sum /usr/share/zoneinfo/US/Central
d0f076c9f390e7d8a933cc7cc1ad2e90 /usr/share/zoneinfo/US/Central
(troposphere) root@r01c3b08:/opt/dev/troposphere# md5sum /usr/share/zoneinfo/America/Chicago
d0f076c9f390e7d8a933cc7cc1ad2e90 /usr/share/zoneinfo/America/Chicago
Atmosphere-ansible should remove the ZONE_INFO variable and concatenate the TIME_ZONE variable to (A default variable for) ZONE_INFO_DIR.
The sections about playbooks is wrong. The playbooks have been moved into sub directories.
The following section detects python 3 installs python 2:
https://github.com/cyverse/attmosphere-ansible/blob/0a352c14769e382dd8eb7928bb3294fdf97186a1/ansible/roles/atmo-ssh-setup/tasks/main.yml#L57-L68
However it doesn't detect python 3 correctly. Testing whether a user has ssh is not sufficient. @c-mart found that an Ubuntu 16.04 instance had ssh access as root, which resulted in no python2 install.
A simple fix (and what seems more correct) is to ensure that python 2 independent even of the distro.
/etc/sudoers
my_username ALL = (ALL) NOPASSWD: ALL
%users ALL=(ALL) NOPASSWD: ALL
my_username ALL=(ALL) NOPASSWD:ALL
my_username ALL=(ALL) ALL
This probably could be solved with a blockinfile.
The script that is deployed and available for backup/restore is using /bin/basename
instead of locating the basename
executable. This means that a change for basename
to /usr/bin/basename
breaks the script.
For an Ubuntu 16.04 instance ...
lenards@vm000-00:~$ ls -lha /bin/ | grep basename
lenards@vm000-100:~$ ls -lha /usr/bin/ | grep basename
-rwxr-xr-x 1 root root 31K Mar 2 2017 basename
lenards@vm000-100:~$ ls -lha /sbin/ | grep basename
One approach might be to capture the location in a variable, BASENAME=$(which basename)
, and then use that in determined the remote location.
Will need to stop service and possible HUP the process.
denypid=$(pgrep -f "python /usr/sbin/denyhosts" | xargs)
echo "Found running pids: $denypid"
echo "Killing those processes now..."
for i in $denypid;do
kill -HUP $i
done
Otherwise network filesystems mounted in home directory will cause instance resume to fail catastrophically. Not even mentioning breaking file permissions on remote network file systems.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.