Friday, May 22, 2015

Turn off smbclient mget prompt

Ran into this one today - When you attempt to mget (get multiple files) using the smbclient it asks you to confirm each file. Which is a little annoying when you want to script the process. The work around is to issue the smbclient command "prompt" prior to the mget. To script it, would look like this:

# smbclient //server/share -A smb_authentication_file -c "prompt; mget *.csv"

Thursday, May 7, 2015

Takes a long time to SSH to a server

You SSH to a server and notice it takes 30 seconds or more before you're prompted for the password. If you add the -v option, you can see it hangs at service accept message. Eg:

# ssh -v myserver
....
debug1: SSH2_MSG_SERVICE_ACCEPT received
(hangs for 30+ seconds at this point)

The fix for me, was correcting DNS resolution on the target server.

Monday, April 27, 2015

Oracle Linux 6.5 on Hyper-V - kernel: end_request: I/O error, dev fd0, sector 0

I was receiving the following error sporadically on freshly built Oracle Linux 6.5 64-bit (UEK) running atop a Hyper-V cluster:

kernel: end_request: I/O error, dev fd0, sector 0

Removing the floppy drive from Hyper-V isn't an option, and these systems are provisioned largely via automation, so I needed a way to disable the floppy driver via a boot option or similar.

I bit of searching uncovered a few ways to blacklist the module but nothing seemed to work. Eventually, adding the following to the grub boot options worked a treat!


floppy.allowed_drive_mask=0

iostat reports no fd0 device anymore, and the pesky I/O errors are finally gone.


Thursday, April 23, 2015

Installing Puppet (open-source) and Puppet Dashboard on Oracle Linux 6.5 (UEK) 64-bit

Well, I had to provision a replacement Ops Management server recently, which meant configuring a new instance of Puppet, Puppet Dashboard, and getting the Puppet Clients to check in to the new server. I thought it would be a good time to document the process. The following is performed on an Oracle Linux 6.5 64-bit machine running the Unbreakable kernel.


Installing Puppet Master


Ensure we can get out over a corporate proxy:
# export http_proxy=http://DOMAIN\\USERNAME:PASSWORD@DOMAIN_PROXY_ADDRESS:PORT
# export https_proxy=http://DOMAIN\\USERNAME:PASSWORD@DOMAIN_PROXY_ADDRESS:PORT

 

Install Puppet Master:
# rpm -ivh https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-11.noarch.rpm
# yum install puppet-server


Turn the service on and ensure it turns on the next time the system boots:
# chkconfig puppetmaster on
# service puppetmaster start



Installing Puppet Dashboard


Install packages required:
# yum install mysql mysql-server puppet-dashboard

Configure MYSQl and turn on:
# vi /etc/my.cnf (add the following)
max_allowed_packet = 32M

# chkconfig mysqld on; service mysqld start

# vi /usr/share/puppet-dashboard/config/settings.yml
(change the following)
time_zone: 'YOUR_TIME_ZONE'

 

Note: run ‘cd /usr/share/puppet-dashboard; sudo -u puppet-dashboard RAILS_ENV=production rake time:zones:local' to find your timezones

Create and configure the dashboard DB, user and permissions:
# mysql
mysql> CREATE DATABASE dashboard CHARACTER SET utf8;
mysql> CREATE USER 'dashboard'@'localhost' IDENTIFIED BY 'my_password';
mysql> GRANT ALL PRIVILEGES ON dashboard.* TO 'dashboard'@'localhost';
mysql> quit


# cd ~puppet-dashboard; rake gems:refresh_specs
# vi /usr/share/puppet-dashboard/config/database.yml

(change production database from dashboard_production to database. Also add the password of my_password)

# cd ~puppet-dashboard && rake RAILS_ENV=production db:migrate

Configure Puppet Master:
# cp /etc/puppet/puppet.conf /etc/puppet/puppet.conf.orig
# service puppetmaster stop


# vi /etc/puppet/puppet.conf

(it should look like this..)

-------------------------------
[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl

    # Puppet Module Path
    modulepath = /etc/puppet/modules:/usr/share/puppet/modules

    # Import Custom Facts
    pluginsync = true


[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig

[master]
    # puppet certificate name
    certname=puppet.YOUR_DOMAIN

    # Set autosign on
    autosign = true

    reports = puppet_dashboard
    reportdir = /var/lib/puppet/reports
    reporturl = http://puppet.YOUR_DOMAIN:3000/reports/upload

    node_terminus  = exec
    external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000 /usr/share/puppet-dashboard/bin/external_node

-------------------------------

File configuration and permission changes:
# cp /usr/share/puppet-dashboard/ext/puppet/puppet_dashboard.rb /usr/lib/ruby/site_ruby/1.8/puppet/reports/
# mkdir /var/lib/puppet/reports
# chown puppet-dashboard:puppet-dashboard reports; chmod 766 reports
# touch /usr/share/puppet-dashboard/log/production.log
# chmod 666 /usr/share/puppet-dashboard/log/production.log

 

Turn it all on and ensure it starts on boot:
# chkconfig puppet-dashboard on; service puppet-dashboard start
# chkconfig puppet-dashboard-workers on ; service puppet-dashboard-workers start


Check it worked:
Browse to http://puppet:3000


Friday, April 10, 2015

Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running

Who doesn't love Java, right?

To fix this, you need to add the URL of the site you're trying to access to the trusted list of sites within Java (assuming you trust the source as safe of course

To do this, perform the following:

Open the "Configure Java" window clicking Start and typing Configure java, or execute the following binary - "C:\Program Files (x86)\Java\jre7\bin\javacpl.exe"

Click the Security Tab, and then the Edit Site List button towards the bottom. Important things to remember, the URL format doesn't support wildcards (boo), and you must include the port if it's not default (80).

Example: I'm trying to access https://10.10.0.1:8082/SubMenu/console/index.html. I would add https://10.10.0.1:8082 to the access list and refresh the browser.

More info on URL syntax:
http://java.com/en/download/faq/exception_sitelist.xml


Thursday, April 2, 2015

Oracle Linux Operational Plan fails immediatly in Ops Center

If you launch an Operational Plan from Ops Center, against an Oracle Linux server and it fails immediately with very limited information in the job log...you are not alone, nor are you doing anything wrong. It's a bug in Ops Center, specifically with the 12.2 agent.

If you plan on moving to Ops Center 12.2.2, it will fix the issue (i can confirm). Otherwise, log an SR with Oracle and they can spin you up an IDR to replace your agent.

If you need to reference a bug ID to make things happen a little quicker, try the following...

------------
Bug 18958118 : OPERATIONAL PROFILE FAILS ON LZ IF BOTH LZ AND GZ ARE AGENT MANAGED
Fixed in 12.2.2.

Excerpts from cacao :
Caused by: java.lang.ClassNotFoundException: Cannot find class com.sun.scn.jobmanager.common.api.Target in module public_com.sun.scn.agentfacadenonvc


##### Bug says :
This issue has been introduced in Diamond. The packing of agent packages has changed which is causing this issue.
This bug can be seen on Linux boxes as well. Operational profiles seem to work flawlessly in 12.1.4. This issue has been introduced in 12.2 somehow. 

------------ 

Monday, February 16, 2015

How to check if you're using unbreakable kernel or redhat kernel in Oracle Linux

The easiest way to figure out if you're using the Unbreakable kernel (UEK) or the Redhat Kernel on an Oracle Linux system is a simple uname -r

[root@oelpoc ~]# uname -r
3.8.13-55.1.5.el7uek.x86_64

Now If i reboot and select redhat kernel mode:
[root@oelpoc ~]# uname -r
3.10.0-123.20.e.el7.x86_64

Sunday, February 1, 2015

your pc needs to reboot 0x0000005D

When trying to run up an instance of Windows 10 in VirtualBox I received the eror 0x0000005D. It turns out you need to specify Windows 8.1 64-bit, not Windows Other!!

This may help someone else....