Install ansible on Centos 7 / RHEL 7

Install ansible on Centos 7 / RHEL 7

1. Install epel-release package

yum install https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm

2. Installation

2.1 Update the OS
             yum update

2.2 Install the ansible
             yum install ansible

2.3 check ansible version
            ansible –version

 

Puppet – Installing modules

1. Search for puppet modules

1.i from cli
$ puppet module search accounts

1.ii OR from https://forge.puppet.com/

2. Install puppet module from puppet forge repository

$ puppet module install puppetlabs/accounts
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules …
Notice: Downloading from https://forgeapi.puppet.com …
Notice: Installing — do not interrupt …
/etc/puppetlabs/code/environments/production/modules
└─┬ puppetlabs-accounts (v1.3.0)
└── puppetlabs-stdlib (v4.25.1)

3. Install puppet module from different repository

$ puppet module install –module_repository http://dev-forge.example.com puppetlabs-apache

4. Install puppet module from release tar ball

$ puppet module install ~/puppetlabs-apache-0.10.0.tar.gz –ignore-dependencies

5. Show installed puppet modules

$ puppet module list
/etc/puppetlabs/code/environments/production/modules
├── puppetlabs-accounts (v1.3.0)
├── puppetlabs-stdlib (v4.25.1)
├── ssh (???)
└── usermanagement (???)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules
├── puppetlabs-facter_task (v0.3.0)
├── puppetlabs-package (v0.2.0)
├── puppetlabs-pe_accounts (v2016.5.0)
├── puppetlabs-pe_concat (v1.1.1)
├── puppetlabs-pe_hocon (v2016.2.0)
├── puppetlabs-pe_infrastructure (v2018.1.0)
├── puppetlabs-pe_inifile (v1.1.3)
├── puppetlabs-pe_install (v2018.1.0)
├── puppetlabs-pe_java_ks (v2016.4.0)
├── puppetlabs-pe_nginx (v2017.1.0)
├── puppetlabs-pe_postgresql (v2016.5.0)
├── puppetlabs-pe_puppet_authorization (v2016.2.0)
├── puppetlabs-pe_r10k (v2016.2.0)
├── puppetlabs-pe_razor (v0.2.1)
├── puppetlabs-pe_repo (v2018.1.0)
├── puppetlabs-pe_staging (v0.3.3)
├── puppetlabs-pe_support_script (v2.7.0)
├── puppetlabs-puppet_conf (v0.2.0)
├── puppetlabs-puppet_enterprise (v2018.1.0)
└── puppetlabs-service (v0.3.1)

6. Upgrade puppet module

$ puppet module upgrade module-name
$ puppet module upgrade puppetlabs-accounts
$ puppet module upgrade puppetlabs-accounts –version=v1.3.0

7. Uninstall puppet module

$ puppet module uninstall module-name
$ puppet module uninstall puppetlabs-accounts

reference:
https://puppet.com/docs/puppet/5.3/modules_installing.html#installing-modules-from-the-command-line

Cloudflare API- bash script to block IP address in firewall (check if IP exists)

Cloudflare API- bash script to block IP address in firewall 
[ check if IP exists in the firewall before blocking ]

Note: The details of organization,zone etc can be found in respective cloudflare login

Requirement: Install jq, https://stedolan.github.io/jq/

 

#!/bin/bash
organization=””
zones=””
email=””
authkey=””
id=””
org_name=””
notes=””

> ipsblocked.txt

for i in `cat ips.txt`; do
RESULT_JSON=`curl -sSX GET “https://api.cloudflare.com/client/v4/organizations/$organization/firewall/access_rules/rules?mode=block&configuration_target=ip&configuration_value=$i” -H “X-Auth-Email: $email” -H “X-Auth-Key: $authkey” -H “Content-Type: application/json”;`
echo “\n”
#echo “$RESULT_JSON”
#echo ” result with jq”
STATUS_IPBLOCKED=`echo “$RESULT_JSON” | jq ‘.mode’`

if [ $STATUS_IPBLOCKED != block ]
then
curl -sSX POST “https://api.cloudflare.com/client/v4/organizations/$organization/firewall/access_rules/rules” -H “X-Auth-Email: $email” -H “X-Auth-Key: $authkey” -H “Content-Type: application/json” –data “{\”mode\”:\”block\”,\”scope\”:{\”id\”:\”$id\”,\”name\”:\”$org_name\”,\”type\”:\”organization\”},\”configuration\”:{\”target\”:\”ip\”,\”value\”:\”$i\”},\”notes\”:\”$notes\”}” ;
echo “\n”
echo “IP $i blocked in Cloudflare”
echo “IP $i blocked in Cloudflare” >> ipsblocked.txt
echo “\n”
else
echo “IP $i already blocked in Cloudflare, skip”
echo “IP $i already blocked in Cloudflare, skip” >> ips_blocked.txt
fi

echo “\n”
done

Cloudflare API- bash script to block IP address in firewall

 

Cloudflare API bash script to block IP address in firewall

#!/bin/bash
zones =
email =
authkey =
id =
org_name =
notes =

for i in `cat ips.txt`; do
curl -sSX POST “https://api.cloudflare.com/client/v4/zones/$zones/firewall/access_rules/rules” -H “X-Auth-Email: $email” -H “X-Auth-Key: $authkey” -H “Content-Type: application/json” –data “{\”mode\”:\”block\”,\”scope\”:{\”id\”:\”$id\”,\”name\”:\”$org_name\”,\”type\”:\”organization\”},\”configuration\”:{\”target\”:\”ip\”,\”value\”:\”$i\”},\”notes\”:\”$notes\”}” ;
echo “\n”
echo “IP $i blocked in Cloudflare”
echo “\n”
done

PHP unit test using Jenkins and Ansible script

 

1.1 Create the Jenkins Job

Jenkins -> New Item -> Freestype project – >

Enter the project name

 

1.2 At the Build section,  “Add build step” ->  Execute shell , enter the ansible-playbook details to be executed

1.3 In the “Post-build Actions” ->  “Add post-build actions” -> “Publish JUnit test result report” -> and set “Test reports XMLs” to the php unit test output xml file

2. Ansible playbook

– hosts: host1
vars:
base_dir: /projectdir/
tasks:
– name: run testrunner
shell: php vendor/bin/phpunit –log-junit results/phpunit/phpunit.xml
args:
chdir: “{{ base_dir }}/api”
register: phpunit_output
ignore_errors: yes

– name: rsync results/phpunit/phpunit.xml file to jenkins
command: rsync -vr root@host1:/project/results /var/lib/jenkins/jobs/Php-test/workspace/
delegate_to: localhost

 

eg: host1 , host where the php project is located

Install docker compose on ubuntu 16.04 / centos 7

  1. Download docker compose
sudo curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

The latest version of docker compose can be found at https://github.com/docker/compose/releases

2. Set execute permission to the docker-compose

sudo chmod +x /usr/local/bin/docker-compose

3.   Test installation

$ docker-compose --version
docker-compose version 1.18.0, build 8dd22a9

 

4. Create docker-compose.yml file and add entries

eg:-

nginx:
 image: nginx
 ports:
 - "80:80"

5. To run the whole system

docker-compose up -d

 

 

 

Jenkins backup and Restore

To backup Jenkins, backup the JENKINS_HOME folder.

To restore Jenkins, sync back the JENKINS_HOME folder and restart jenkins.

JENKINS_HOME  directory structure  looks like the following:

JENKINS_HOME
 +- config.xml     (jenkins root configuration)
 +- *.xml          (other site-wide configuration files)
 +- userContent    (files in this directory will be served under your http://server/userContent/)
 +- fingerprints   (stores fingerprint records)
 +- plugins        (stores plugins)
 +- workspace (working directory for the version control system)
     +- [JOBNAME] (sub directory for each job)
 +- jobs
     +- [JOBNAME]      (sub directory for each job)
         +- config.xml     (job configuration file)
         +- latest         (symbolic link to the last successful build)
         +- builds
             +- [BUILD_ID]     (for each build)
                 +- build.xml      (build result summary)
                 +- log            (log file)
                 +- changelog.xml  (change log)

 

Script to Backup Jenkins:

Backup Jobs configuration file :

 rsync -av --include='config.xml' --exclude='**/**/**' /var/lib/jenkins/jobs/ root@192.168.1.2:/var/lib/jenkins/jobs/

Backup main configuration files:

 rsync -av --include='config.xml' --exclude='**/**/**' /var/lib/jenkins/plugins/ root@192.168.1.2:/var/lib/jenkins/plugins/

Backup main configuration files:

 rsync -av --include='*.xml' --exclude='**/**/**' /var/lib/jenkins/ root@192.168.1.2:/var/lib/jenkins/

Backup users configuration :

 rsync -av /var/lib/jenkins/user* root@192.168.1.2:/var/lib/jenkins/

Script to restore Jenkins:

Copy back the /var/lib/jenkins/ folder in 192.168.1.2 to the Jenkins main server and restart the jenkins service.

rsync -av /var/lib/jenkins/ roo@192.168.1.1:/var/lib/jenkins/
systemctl restart jenkins

 

 

 

Install Jenkins in Centos 6.8

1. Install Java

$ yum install java

2.  Installing the Jenkins repo

$ wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo

3.  Import the verification key

$ rpm –import https://jenkins-ci.org/redhat/jenkins-ci.org.key

4. Install Jenkins

$ yum install jenkins

Note: Download and install RHEL repo if needed,

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 11.0px Menlo; color: #000000; background-color: #ffffff}
span.s1 {font-variant-ligatures: no-common-ligatures}

 

wget http://ftp.riken.jp/Linux/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 11.0px Menlo; color: #000000; background-color: #ffffff}
span.s1 {font-variant-ligatures: no-common-ligatures}

rpm -ivh epel-release-6-8.noarch.rpm

5. Start Jenkins

$ service jenkins start

6. Access the Jenkins using the url http://<ip-address>:8080
Then copy and paste the key  Administrator password from the file /var/lib/jenkins/secrets/initialAdminPassword

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 11.0px Menlo; color: #000000; background-color: #ffffff}
span.s1 {font-variant-ligatures: no-common-ligatures}

 

7.  Select and install the required plugins

 

8. Create user first Admin User

 

Puppet module install on puppetmaster

Puppet module install on puppet master from puppetforge online repository.If your Puppet master server is behind a proxy server, set the following, replacing <PROXY IP> and <PROXY PORT> with the proxy’s IP address and port:

export http_proxy=http://<PROXY IP>:<PROXY PORT>
export https_proxy=http://<PROXY IP>:<PROXY PORT>

  1. To search for a puppet module , run the following command from the puppet master server.
puppet module search < module_name >
eg:
puppet module search apache

2. To  install the puppet module from the search result

puppet module install puppetlabs-apache

 

3.  The installed modules file can be found in the location /etc/puppetlabs/code/environments/production/modules/ [for puppet enterprise edition]