Setting up a Server for Ansible

Ansible is a great tool for automation and configuration management. Maybe you heard already about Chef and Puppet. Ansible is in the same field, but with a much simpler approach. The big advantage of Ansible is that you don’t need a central master server for it and you don’t need to install an “Ansible” client on the servers at all. Ansible only needs to be installed on your local machine and it works completely via SSH. AnsibleLogo_transparent_web Although you don’t need to install a client on the server, Ansible makes a couple assumptions about the server. Ansible assumes that the server is accessible via SSH. That’s the only real requirement. In the Playbooks you can configure username and password to access the server.

However life becomes much easier if we can assume that you:

  • have a user on the system with username “ubuntu”.
  • have the ssh daemon up and running on the server.
  • be able to login as user “ubuntu” to the server via ssh without password.
  • be able to run sudo su without password popup.

All this assumptions are default on AWS EC2 instances. If you setup a new server somewhere else you should take care of this. This blog post describes how to ensure this assumptions on Ubuntu 14.04.

User ubuntu

If you create a new virtual machine make sure that the default user is ubuntu. If you have already a linux instance up and running you can add a new user like this:

sudo adduser ubuntu

SSH Daemon

This command will return the status of the SSH daemon:

sudo service ssh status

If the feedback is that the service ssh is unknown you can install the SSH Server with this command:

sudo apt-get install openssh-server

Now try again the first command. It should response with status running.

Login without password

Assuming you have already a public/private key pair and the public key on your development machine is under .ssh/id_rsa.pub you can achieve login to the server without password with this 2 commands:

ssh ubuntu@IP_ADDRESS mkdir -p .ssh
cat .ssh/id_rsa.pub | ssh ubuntu@IP_ADDRESS 'cat >> .ssh/authorized_keys'

Replace “IP_ADDRESS” with the IP address of your server! The commands above will still require that you type in your password, but after that you should be able to login to the server without password. Try:

ssh ubuntu@IP_ADDRESS

The full instructions can be found here.

sudo su without password

Simply run this command on the server:

sudo visudo

And add this line to the bottom of the file:

ubuntu ALL=(ALL) NOPASSWD: ALL

Now logout and login again as user ubuntu to the server. Try:

sudo su

Now you should be root on the server. For more questions check out this page.

Done

If you executed the steps above your server is ready for Ansible. Now you can point Ansible Playbooks to your server and use it for provisioning. I’m using Ansible since 2 years together with Docker for the VersionEye Project and so far I really like it!

vagrant push => “error starting upload: upload: resource not found”

I’m just playing around with Vagrant and as soon I tried:

vagrant push

I got this error message:

error starting upload: upload: resource not found

Luckily there is already a ticket to that on GitHub. And the workaround is this export:

export ATLAS_TOKEN=`cat ~/.vagrant.d/data/vagrant_login_token`

After executing the export above the command worked for me.

Ubuntu enforce memory freedom

Sometimes it occurs that a device runs full with memory. Simply deleting the files on the device doesn’t help. Ubuntu stills shows that the device is 100% full, even if there are no files on it anymore. This command usually helps to give free the memory.

sudo tune2fs -m 0 /dev/sda5

If it doesn’t help you need to execute this command as well. It quits all processes which are using the device.

sudo fuser -km /mnt/share

Docker Introduction

Docker is one of the most promising technologies these days. It is a container technology based on Linux. A very lightweight form of virtualization. Docker containers can be as small as 50 MB. Much smaller than traditional VMs.

The Docker project was started in March 2013 by dotCloud. In the mean while the makers of dotCloud sold dotCloud to CloudControl and raised $55 Million to focus only on the Docker development.

Check out my slides to “Docker Introduction”. I did this talk at the Webmontag in Mannheim. Feedback was very good.

I’m using Docker since beginning of 2014 in production and I love it. It’s a great technology!

Java HTTP Request with Basic Auth

This is how you do a simple HTTP request with Java. These code performs the actual HTTP request and saves the response in a String variable.

URL url = new URL(address);
URLConnection conn = url.openConnection();
conn.setConnectTimeout(30000); // 30 seconds time out
String line = "";
StringBuffer sb = new StringBuffer();
BufferedReader input = new BufferedReader(new InputStreamReader(conn.getInputStream()) );
while((line = input.readLine())!=null)
  sb.append(line);
input.close();
String response = sb.toString();

If the HTTP server requires Baisc Auth this code will fail. To make it work for Basic Auth these 3 additional lines are required.

String user_pass = username + ":" + password;
String encoded = Base64.encodeBase64String( user_pass.getBytes() );
conn.setRequestProperty("Authorization", "Basic " + encoded);

The whole method looks like that:

public String getHttpResponse(String address, String username, String password) throws Exception {
  URL url = new URL(address);
  URLConnection conn = url.openConnection();
  conn.setConnectTimeout(30000); // 30 seconds time out

  if (username != null && password != null){
    String user_pass = username + ":" + password;
    String encoded = Base64.encodeBase64String( user_pass.getBytes() );
    conn.setRequestProperty("Authorization", "Basic " + encoded);
  }

  String line = "";
  StringBuffer sb = new StringBuffer();
  BufferedReader input = new BufferedReader(new InputStreamReader(conn.getInputStream()) );
  while((line = input.readLine()) != null)
    sb.append(line);
  input.close();
  return sb.toString();
}