The Misadventures of Penoi

Find and replace string recursively

find /home/penoycentral/whichfolder -type f -print0| xargs -0 sed -i 's/oldstring/newstring/g'

If you want to make sure that you are changing which, use the old grep first

find /home/penoycentral/whichfolder -type f -print0| xargs -0 grep -i oldstring

Example Problem: Change /etc/bind to /var/named/master in named.conf

Just print what will be changed

 sed -n 's/\/etc\/bind/\/var\/named\/master/p' named.conf 

to change:

 sed -i 's/\/etc\/bind/\/var\/named\/masterr/g' named.conf 

Change double qoute to single qoute

sed -i "s/[\"]/\'/g" some-file.pp

Referrence:
http://stackoverflow.com/questions/1583219/awk-sed-how-to-do-a-recursive-find-replace-of-a-string

DNS change progation is one of sysads problem. After a dns record change, nslookup result will differ depending on which region you are in.

Check your DNS global progation

 http://www.whatsmydns.net/

Note this setup is unsecured and just for the purpose of having my own lab svn repo.

Install mercurial on your server

yum install mercurial

Setup the mercurial site on apache

mkdir /var/www/cgi-hg
cp /usr/share/doc/mercurial-1.4/hgwebdir.cgi /var/www/cgi-hg/
chmod +x /var/www/cgi-hg/hgwebdir.cgi

Create the hgweb.config

 /var/www/cgi-hg/hgweb.config
[paths]
#VIRTUAL_PATH = /REAL/PATH
#myproject = myproject
lab = /srv/hg

Reload apache

service httpd reload

Make sure everything has the right permission on selinux or you can temporarily disable selinux

Your site now is accessible thru http://servername/hg

To test push functionality,you might try to disable ssl and allow push to all

/srv/hg/.hg/hgrc

[web]
allow_push = *
push_ssl = false

Ref:
http://mercurial.selenic.com/wiki/RHEL4HgWebDirSetup
http://mercurial.selenic.com/wiki/PublishingRepositories

Devops Singapore Meetup Puppet in production session

eth0 - with internet connection as they say
eth2 - local network

echo 1 > /proc/sys/net/ipv4/ip_forward 
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth2 -j ACCEPT

penoy@fedora:~$ mail -s "test sending mail from nix server" penoy@example.com < /dev/null

sysctl net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 3129 -j DNAT --to-destination ip-address:3128
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -L
iptables -t nat -L -n -v
iptables-save

Here's an example of a simple manifest file that will install a package (ex. apache) and will ensure that that the service was started after install

package {'httpd':
   ensure => installed,
    source => '/var/tmp/httpd-2.2.3-53.el5.centos.i386.rpm',
}

service {'httpd':
   ensure     => running,
   enable     => true,
   hasstatus  => true,
   hasrestart => true,
}

Seems legit. Let's apply the manifest

[root@learn tmp]# puppet apply httpd.install.pp
err: /Stage[main]//Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1:  at /var/tmp/httpd.install.pp:11
notice: /Stage[main]//Package[httpd]/ensure: created
notice: Finished catalog run in 31.04 seconds

hmmm.. it seems that puppet was starting the service before the install. Let's modify the file

package { 'httpd':
ensure => installed,
source => '/var/tmp/httpd-2.2.3-53.el5.centos.i386.rpm',
}

service { 'httpd':
require => Package['httpd'],
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,
}

Now let's apply the new manifest file

[root@learn tmp]# puppet apply httpd.install.pp
notice: /Stage[main]//Package[httpd]/ensure: created
notice: /Stage[main]//Service[httpd]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 34.10 seconds

[root@learn tmp]# chkconfig --list |grep httpd
httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off
pe-httpd        0:off   1:off   2:on    3:on    4:on    5:on    6:off

[root@learn tmp]# rpm -qa |grep httpd
pe-httpd-2.2.3-17.pe.el5
pe-httpd-passenger-2.2.11-11.pe.el5
httpd-2.2.3-63.el5.centos.1
[root@learn tmp]# service httpd status
httpd (pid  15355) is running...

Disclaimer: im still a puppetlabs newbie. :)