INSTALLING THE LATEST STABLE RELEASE FOR DOCKER COMPOSE ON LINUX X86-64

Following the last post on how to install the latest stable binary for Docker Machine, If you want to install the Docker Machine client on your 64 bits Linux machine you only have to follow the official instructions and download it from GitHub.

However, if you want to download the file tagged as the latest stable release right away without checking on GitHub what is the new release, this is the one line command I’m using thanks to the tag added by the Docker team:


curl -L https://github.com/docker/compose/releases/download/`curl -s -L https://github.com/docker/compose/releases/latest| grep Linux-x86_64 | grep href | cut -f 6 -d '/'`/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose && chmod +x /usr/local/bin/docker-compose

Then you can check that docker-machine is ready if you have /usr/local/bin in your PATH, e.g I’m running the 1.7.1 version:

docker-compose version
docker-compose version 1.7.1, build 0a9ab35

Cheers!

Installing the latest stable release for Docker Machine on Linux x86-64

I’ve been playing with Docker for a while and I just love it so I’m starting to share some notes that may be useful to you. If you want to install the Docker Machine client on your 64 bits Linux machine you only have to follow the official instructions and download it from GitHub.

However, I’m lazy so if you want to download the file tagged as the latest stable release right away without checking on GitHub what is the new release, this is the one line command I’m using thanks to the tag added by the Docker team:


curl -L https://github.com/docker/machine/releases/download/`curl -s -L https://github.com/docker/machine/releases/latest| grep Linux-x86_64 | grep href | cut -f 6 -d '/'`/docker-machine-`uname -s`-`uname -m` > /usr/local/bin/docker-machine && chmod +x /usr/local/bin/docker-machine

Then you can check that docker-machine is ready if you have /usr/local/bin in your PATH, e.g I’m running the 0.7.0 version:

docker-machine version
docker-machine version 0.7.0, build a650a40

Cheers!

Installing NGINX on CentOS 7

This a quick note on how to install the latest NGINX server on my CentOS 7, using the pakages provided by the NGINX team.  I share this post as it may help any visitor.

The official info about the official NGINX packages is in NGINX’s site

As root you can add the repository file for mainline version:

cat << EOT > /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/\$basearch/
gpgcheck=0
enabled=1
EOT

If you want to use the stable version you’d execute:

cat << EOT > /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/\$basearch/
gpgcheck=0
enabled=1
EOT

Then just use yum:

yum install -y nginx

And manage the service as usual (start the service, enable it at boot time and check the status):

service start nginx

service enable nginx

service status nginx

If you want to check the version you’ve just installed (e.g I’m using the latest mainline version July/2016):

# nginx -v
nginx version: nginx/1.11.2

And that’s all, just a note for my reference for the future, hope it helps you too 🙂

 

OpenShift – Deploying a Node app using a custom version

Hi,
these days I’m developing a NodeJS app. Thanks to OpenShift you can upload your NodeJS code and start playing with it on Internet for free. You also have Heroku, but OpenShift gives you three cartridges (containers like?) for free while Heroku gives you one dyno.

Unfortunately the OpenShift NodeJS cartridge is a little outdated (version 0.10) and I wanted to use the 4 LTS version.

Out there, you have several resources to run your custom Node version, they are all awesome and helpful.

The READMEs on those github repos will guide you on how to install a simple web app using an updated Node version.

Anyway, I wanted to deploy my own code directly in OpenShift so these are the steps I follow just in case it may help you somehow. I’m using the Ramr repo, so a big thank you to him for the impressive work.

I assume that you already have an OpenShift account and that you’ve added your SSH public key.

Ok, I begin creating a nodejs 0.10 app using OpenShift’s web console. Once the app is created, I copy the repo URL which will be a string like ssh://XXXXXXXXXXXXXXX@app-name-domain-name.rhcloud.com/~/git/appname.git/

openshift_web_creation

Now I clone Ramr repo inside the /tmp directory:

cd /tmp
git clone git://github.com/ramr/nodejs-custom-version-openshift.git

Then, from the directory where my code lives (which uses git, of course), I copy the .openshift folder:

cp -rf /tmp/nodejs-custom-version-openshift/.openshift/ .

I add the following line to the package.json file, change it with the name of the file launching your Node service like server, app or in my case ./bin/www:

“main”: “./bin/www”

Now I edit the .openshift/markers/NODEJS_VERSION file and add the exact version of NodeJS which I want to use e.g 4.4.2 (the icflorescu for instance creates a cartridge which updates to the latest Node version available, which is great! so have a look as well).

I add and commit the changes on my repo:

git add .
git commit -a -m “Openshift with custom node integration”

I create the remote repo for OpenShift using the URL I copied earlier, use your own git repo URL from OpenShift!

git remote add openshift ssh://blahblahblah.git/

Ok, now I’ll force the code upload to the OpenShift repo. I’ll do this the first time only, later pushes can be used without forcing it:

git push openshift master -f

If everything is good when uploading the code to OpenShift you’ll see some lines like the following, which means that your desired Node.js version is being installed.

remote: Activating deployment
remote: – Checking to see if Node.js version 4.4.2 is installed …

Hopefully you’ll finally see:

remote: Deployment completed with status: success

This ends my first ever Node.js blog post,  I hope you find it useful.

Cheers!

 

Openvswitch LTS in CentOS 7

The new long-term support version for Openvswitch has been published. As openvswitch RPMs seems to be available for EPEL 6 and Fedora EPEL and other precompiled binaries can be found at rpm.bone.com, I’m sure we’ll soon have openvwitch in the EPEL 7 repository, but in the meantime I hope this post it’s still useful to get the LTS RPM.

Current stable version: 2.5.0 – Openvswitch NEWS

Notes:

  • In order to help you to create a RPM package and install it for the latest LTS release, I’ve created this post which I’ll update as soon as a new version is ready so, for your reference, from now on this is going to be the only post on Openvswitch LTS installation.
  • I’ll be using the Openvswitch’s kernel module that comes with CentOS kernel so no kernel module is compiled.
  • I’m skipping the rpmbuild tests included with openvswitch so building the RPM is faster. However if you have time run the tests to check that everything will work fine.
  • LTS 2.3.X versions will be supported by Openvswitch team until August 2016.
  • From now on I’m using the fedora.spec file as it seems that it manages to build RPMs for CentOS 7 as well.
  • New packages are found like: openvswitch-selinux-policy, python-openvswitch,
    openvswitch-test, openvswitch-ovn, openvswitch-devel and openvswitch-debuginfo. So if you need any of them you’ll have them under /home/ovs/rpmbuild/RPMS (noarch and x86_64).
  • I’ve updated the post with corrections kindly suggested by Riki Cook.

Instructions:

  • As the root user let’s install some packages:
yum -y install wget openssl-devel gcc make python-devel openssl-devel kernel-devel graphviz kernel-debug-devel autoconf automake rpm-build redhat-rpm-config libtool python-twisted-core python-zope-interface PyQt4 desktop-file-utils libcap-ng-devel groff checkpolicy selinux-policy-devel
  • Add a new user and switch to that user:
adduser ovs

su - ovs
  • Download source code and prepare the build environment.
mkdir -p ~/rpmbuild/SOURCES

wget http://openvswitch.org/releases/openvswitch-2.5.0.tar.gz

cp openvswitch-2.5.0.tar.gz ~/rpmbuild/SOURCES/

tar xfz openvswitch-2.5.0.tar.gz
  • Build the RPM package (no testing) and exit.
rpmbuild -bb --nocheck openvswitch-2.5.0/rhel/openvswitch-fedora.spec

exit
  • As root, we’ll install the RPM package.
yum localinstall /home/ovs/rpmbuild/RPMS/x86_64/openvswitch-2.5.0-1.el7.centos.x86_64.rpm -y

Finally start the openvswitch service and check that it’s running

systemctl start openvswitch.service

systemctl is-active openvswitch
active --> Ok, it's running fine.

If you want the openvswitch service to start at boot time:

systemctl enable openvswitch

Let’s check that the command-line tools are ready:

ovs-vsctl -V
ovs-vsctl (Open vSwitch) 2.5.0
Compiled Mar 2 2016 11:51:35
DB Schema 7.12.1

Troubleshooting:

This post changes the way I create the RPM so, if you find any error, please let me know and in the meantime use the old method.

If you run the ovs-vsctl show command and you receive the following error, please check that your Openvswitch service has been started (systemctl start openvswitch.service)

  • ovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection failed (No such file or directory)

 

Thanks to Nicira and the Openvswitch team!

Installing Cobbler in CentOS 7

I’m evaluating Cobbler as my Linux installation and inventory server for my Configuration Management Database. I’ve heard good things about Cobbler and for now I’d like to share my installation steps with you. In this post I’m covering installation for cobbler and cobbler’s web interface.

Note: I’ll be updating this article if I found anything is missing, so please contact me with your feedback so I can add corrections.

Cobbler is available at the EPEL repository:

yum install epel-release -y

We’ll need some packages:

yum install cobbler cobbler-web pykickstart fence-agents xinetd setroubleshoot-server firewalld wget perl-LockFile-Simple perl-IO-Compress perl-Compress-Raw-Zlib perl-Digest-MD5 perl-Digest-SHA perl-Net-INET6Glue perl-LWP-Protocol-https -y

If you want to manage Debian/Ubuntu repositories, the debmirror script must be installed. It’s a perl script which can be downloaded from the Debian repository (look for the most recent version that fits you):

cd /tmp
wget http://ftp.es.debian.org/debian/pool/main/d/debmirror/debmirror_2.20.tar.xz
tar xf debmirror_2.20.tar.xz
cp debmirror/debmirror /usr/bin/

Cobbler uses Apache, and a TFTP server will be run using the xinetd server so we’ll enable and start some systemd services:

systemctl enable cobblerd
systemctl enable httpd
systemctl enable xinetd

systemctl start firewalld

I’ll add a firewall rule so my http and https services are open:

firewall-cmd –zone=public –add-service http –permanent
firewall-cmd –zone=public –add-service https –permanent
firewall-cmd –reload

SELinux –> If you follow my blog, you know I like to have SELinux running, so you can skip any block starting with SELinux in bolded letters. We’ll need the following booleans:

setsebool -P httpd_can_network_connect_cobbler 1
setsebool -P httpd_serve_cobbler_files 1

Time to start both Apache and Cobblerd:

systemctl start httpd
systemctl start cobblerd

We can check if cobbler is working:

cobbler –version (two dashes)

Cobbler 2.6.11
source: ?, ?
build time: Sun Jan 24 14:40:17 2016

We’ll need to configure a few things now. Set the IP address, your server will listen on. In my lab, the IP address is 192.168.2.1 so change it accordingly.

sed -i.bak ‘s/server: 127\.0\.0\.1/server: 192\.168\.2\.1/g’ /etc/cobbler/settings

The TFTP server will be started thanks to the Xinetd server:

sed -i.bak ‘/disable/c\\tdisable\t\t\t= no’ /etc/xinetd.d/tftp

systemctl start xinetd

We can download several network boot-loaders:

cobbler get-loaders (to download several network boot-loaders)

We can generate a new default password, choose a passprase and the password you prefer!

openssl passwd -1 -salt ‘A random passphrase, choose yours’ ‘your-password-here’ > /tmp/random_pass

sed -i.bak “/default_password_crypted:/c\default_password_crypted: \”$(cat /tmp/random_pass)\”” /etc/cobbler/settings

Once all the changes have been saved, restart the cobblerd daemon:

systemctl restart cobblerd

Now we can run a check to test if our configuration is good and ready. As I’m using SELinux I don’t care about the warning on “SELinux is enabled”.

cobbler check

The following are potential configuration items that you may want to fix:

1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux

SELinux –> We have to add a new policy to avoid some SELinux issues.

yum install -y selinux-policy-devel

mkdir /root/policy
cd /root/policy
cat <<EOT > /root/policy/cobbler-web.te
policy_module(cobbler-web, 1.0)

gen_require(\`
type cobblerd_t;
type systemd_unit_file_t;
‘)

allow cobblerd_t systemd_unit_file_t:file getattr;
EOT

make -f /usr/share/selinux/devel/Makefile cobbler-web.pp

semodule -i cobbler-web.pp

Finally open the following URL, in my example my server is called cobbler.artemit.local. Please change your server name or IP address to one that fits your environment:

https://cobbler.artemit.local/cobbler_web

A certificate has been generated for SomeOrganization and it’s valid for 1 year, so deal with your browser’s SSL warning.

cobbler_screenshot

The default user is cobbler and the default password is cobbler.

That’s all for now, I’ll write some lines about configuration later, but don’t forget to read the official documentation.