In the last 6 months I’ve been diving into Ansible as a part of my daily work. I have to support RedHat (and CentOS) along with Ubuntu in a variety of versions. Coming from a puppet background I was surprised that there was no package management abstraction in Ansible, but after coming across various roles on GitHub and Ansible Galaxy I quickly realised that it’s not necessary.

Here I will describe a multi-os Ansible pattern. It’s all about including the right set of variables.

In this example I’ll be creating a ‘ntp’ role to simply install and configure ntp.

Read the rest of this entry »

I’ve found many tutorials on how to accomplish this on Debian/Ubuntu systems, but not RHEL.

You have to have at least a minimal installation with the EPEL repository enabled.

Install packages

yum install -y git{,web,-daemon,olite} httpd xinetd

Setup Gitolite
Copy your public ssh-key to /tmp and allow gitolite to read it

cp ~/.ssh/ /tmp/$ && chmod 644 /tmp/$

Change to the gitolite user and run gl-setup

sudo -u gitolite -i
gl-setup /tmp/$

Alter the base permissons of the repos and fix what we already have. In /var/lib/gitolite/.gitolite.rc change:
$GL_WILDREPOS to 1; and
$REPO_UMASK to 0027

chmod g+r /var/lib/gitolite/projects.list
chmod g+rx /var/lib/gitolite/repositories

Change the group of the apache user to allow it access to the gitolite repositories

usermod -a -G gitolite apache

Configure git-daemon to only export repositories with a git-daemon-export-ok file inside (created by added R permissions to daemon)

# default: off
# description: The git dæmon allows git repositories to be exported using \
# the git:// protocol.
service git {
disable = no
socket_type = stream
wait = no
user = nobody
group = gitolite
server = /usr/libexec/git-core/git-daemon
server_args = --base-path=/var/lib/gitolite/repositories --syslog --inetd --verbose
log_on_failure += USERID }

Configure /etc/gitweb.conf to point to the right projectroot and project_list (the only 2 lines you actually need are here)

our $projectroot = "/var/lib/gitolite/repositories";
our $projects_list = "/var/lib/gitolite/projects.list";

Make the services persistant (survive a reboot):

chkconfig httpd on
chkconfig xinetd on
service httpd start
service xinetd start

To allow access to gitweb or gitdaemon in the config file, do something like this in your gitolite.conf:

repo    webtest
        R       =   daemon gitweb
        RW+     =   admin

If you need to add these perms to a wildcard repo, you can use the setperm admin command:

echo "READERS gitweb daemon" | ssh gitolite@host setperms path/to/wildrepo

Check it with:

ssh gitolite@host getperms path/to/wildrepo

Posted: February 7, 2013 in Devops, Featured, How To, How To - Linux
Tags: , , ,


Posted: March 30, 2012 in Devops

Towards the end of January 2012, Tobi Oetiker released rrdtool 1.4.6. This release contained a community submitted patch to allow export of rrd in json.

Here’s an example (based on a collectd rrd file):

$ /opt/rrdtool-1.4.7/bin/rrdtool xport --json -s $(date -d "10 mins ago" +%s) -e $(date +%s) \
    --step 10 DEF:load_1min_avg=/var/lib/collectd/$(hostname -f)/load/load.rrd:shortterm:AVERAGE \
{ about: 'RRDtool xport JSON output',
  meta: {
    start: 1333111500,
    step: 10,
    end: 1333111500,
    legend: [
  data: [
    [ 8.7720000000e+00 ],
    [ 9.0620000000e+00 ],
    [ 9.0540000000e+00 ],
    [ 8.9620000000e+00 ],
    [ 8.8840000000e+00 ],
    [ 9.0520000000e+00 ],
    [ 8.9760000000e+00 ],
    [ 8.0920000000e+00 ],
    [ 7.8240000000e+00 ],
    [ 7.8620000000e+00 ],
    [ 8.0440000000e+00 ],
    [ 8.4500000000e+00 ],
    [ 8.5720000000e+00 ],
    [ 8.6540000000e+00 ],
    [ 8.9960000000e+00 ],
    [ 9.2200000000e+00 ],
    [ 9.3700000000e+00 ],
    [ null ],
    [ null  ]

Now all you need to do is get this data into jqplot or flot and you can make beautiful dashboards.

Why is it better to use list comprehension instead of map + lambda?

Read the rest of this entry »

Posted: February 21, 2012 in Devops, Featured, Python
Tags: ,

I’ve started using the string formatting dictionaries and never looked back.

As the ‘%’ operator is deprecated in python 3, I’ve added the future version too.

Python 3.2 (r32:88445, Feb 21 2011, 21:11:06) 
[GCC 4.6.0 20110212 (Red Hat 4.6.0-0.7)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> fdict = {'name': 'AJ'}
>>> print('%(name)s is my friend' % fdict)
AJ is my friend
>>> '{name} is my friend'.format(**fdict)
AJ is my friend

Posted: January 2, 2012 in Devops, Python