Friday, May 3, 2019

Deploying an addressbook application through kubernetes

not set, default to updating the existing annotation value only if one already exists. -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. --save-config=false: If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. --selector='': A label selector to use for this service. Only equality-based selector requirements are supported. If empty (the default) infer the selector from the replication controller or replica set.) --session-affinity='': If non-empty, set the session affinity for the service to this; legal values: 'None', 'ClientIP' --target-port='': Name or number for the port on the container that the service should direct traffic to. Optional. --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. --type='': Type for this service: ClusterIP, NodePort, LoadBalancer, or ExternalName. Default is 'ClusterIP'.Usage: kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]Use "kubectl options" for a list of global command-line options (applies to all commands).unknown flag: --type:Nodeportroot@kubemaster:/home/kafleashok1/pod# kubectl expose pod poddemo --port=8080 --type=NodeportThe Service "poddemo" is invalid: spec.type: Unsupported value: "Nodeport": supported values: "ClusterIP", "ExternalName", "LoadBalancer", "NodePort"root@kubemaster:/home/kafleashok1/pod# kubectl expose pod poddemo --port=8080 --type=NodePortservice/poddemo exposedroot@kubemaster:/home/kafleashok1/pod# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19hpoddemo NodePort 10.104.117.13 <none> 8080:31655/TCP 12sroot@kubemaster:/home/kafleashok1/pod# kubectl get svc -o wideNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTORkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19h <none>poddemo NodePort 10.104.117.13 <none> 8080:31655/TCP 23s app=addressapproot@kubemaster:/home/kafleashok1/pod# kubectl get pod -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESnginxpod 1/1 Running 2 21h 192.168.2.4 kubeworker2 <none> <none>poddemo 1/1 Running 0 5m51s 192.168.1.2 kubeworker1 <none> <none>root@kubemaster:/home/kafleashok1/pod# kubectl exec -it poddemo /bin/bashroot@poddemo:/usr/local/tomcat# cd webappsroot@poddemo:/usr/local/tomcat/webapps# lsROOT addressbook addressbook.war docs examples host-manager managerroot@poddemo:/usr/local/tomcat/webapps# history 1 cd webapps 2 ls 3 historyroot@poddemo:/usr/local/tomcat/webapps#
Posted by at No comments:

Sunday, March 17, 2019

New York The city looks so ceremonious although she has homed countless grievances for years. She is rigid and southern storm hasn't shaken her either. Many scorchingly hot Marchs came and gone by, so did the freezing Decembers.But there she is, tall and strong like a mother overseeing her numerous children. Her children, they are so close yet so far to her. She has been both loved and hated, seen both opulence and poverty; kindness and misanthropy, witnessed both unseparable friendship and fierce enmity, she has seen it all. Sadly, nobody saw or even tried to see her until today.Today, when i gazed this magnificent city for one last time before i depart back to DC, the city which i call home at least for now, I saw the darkness in her. She figured out i caught her unarmed; she could no longer equivocate her melancholy. Then she lowered and slowly whispered "Help Me Please". I was both astounded and shaken at the same time. It felt like Dumbledore asking me to help him protect Hogwarts from Lord Voldemort. I replied "I dont even belong here, how can i help you?" and then she said, "You can at least write about me" .
Posted by at No comments:

Friday, March 15, 2019

Ansible

Ansible installation

go to the root and check:

sudo yum repolist
sudo yum install -y ansible

https://docs.ansible.com/ansible/latest/user_guide/vault.html

noble ALL=(ALL) NOPASSWD:ALL

ssh copy-id noble@10.142.0.6


permission for
ssh folder - 700
authorized_keys-- 600
sudoers --- 755



ansible node -m copy -a 'src=/etc/ansible/noble6ansi.txt dest=/home/noble1'

ansible node -m file -a  'dest=/home/noble1/noble6ansi.txt mode=777'



After anisble is installed

under root go to /etc/ansible
and change the ownership from root to the noble(user):
chown noble:noble /etc/ansible


After, putting server and nodes in etc/hosts file, check if ansible reaches out the server and hosts

ansible server -m ping
ansible node -m ping




This is the default ansible 'hosts' file.Connected, host fingerprint: ssh-rsa 0 4C:7C:0B:94:DD:30:37:3D:CE:E9:EB:D4:21:D4:FA:AE:75:27:AA:22:D1:F1:95:4B:C1:56:9C:49:59:F1:F5:4ELast login: Fri Mar 15 05:35:17 2019 from 173.194.102.16[kafleashok1@devopstrial ~]$ su noble[noble@devopstrial kafleashok1]$ cdHello this is a test for ansible[noble@devopstrial ~]$ ssh noble@devopstrialLast login: Fri Mar 15 15:28:44 2019[noble@devopstrial ~]$ cd /etc/ansible[noble@devopstrial ansible]$ Connected, host fingerprint: ssh-rsa 0 4C:7C:0B:94:DD:30:37:3D:CE:E9:EB:D4:21:D4:FA:AE:75:27:AA:22:D1:F1:95:4B:C1:56:9C:49:59:F1:F5:4ELast login: Fri Mar 15 15:28:06 2019 from 173.194.102.9[kafleashok1@devopstrial ~]$ su noble[noble@devopstrial kafleashok1]$ ls -ltrls: cannot open directory .: Permission denied[noble@devopstrial kafleashok1]$ cd[noble@devopstrial ~]$ ls -ltrtotal 0-rw-rw-r--. 1 noble noble 0 Mar 15 02:12 authorized_keys[noble@devopstrial ~]$ vi authorized_keys [noble@devopstrial ~]$ rm authorized_keys [noble@devopstrial ~]$ ls -ltrtotal 0[noble@devopstrial ~]$ cd /etc/hostsbash: cd: /etc/hosts: Not a directory[noble@devopstrial ~]$ cd /etc/ansible[noble@devopstrial ansible]$ ls -ltrtotal 24drwxr-xr-x. 2 noble noble 6 Feb 21 23:04 roles-rw-r--r--. 1 noble noble 1016 Feb 21 23:04 hosts-rw-r--r--. 1 noble noble 20277 Feb 21 23:04 ansible.cfg[noble@devopstrial ansible]$ vi hosts[noble@devopstrial ansible]$ ansible server -m ping10.142.0.6 | SUCCESS => { "changed": false, "ping": "pong"}[noble@devopstrial ansible]$ ansible -m server pingHello this is a test for ansible [WARNING]: Could not match supplied host pattern, ignoring: ping [WARNING]: No hosts matched, nothing to do


noble@devopstrial ansible]$ ansible node -m ping10.142.0.2 | SUCCESS => { "changed": false, "ping": "pong"}[noble@devopstrial ansible]$ touch noble1.txt[noble@devopstrial ansible]$ vi noble1.txt [noble@devopstrial ansible]$ ansible node -m copy -a 'src=/etc/ansible/noble1.txt dest =/home/noble'ERROR! this task 'copy' has extra params, which is only allowed in the following modules: shell, win_shell, include_vars, add_host, raw, include_role, meta, set_fact, include, import_tasks, script, import_role, include_tasks, group_by, command, win_command[noble@devopstrial ansible]$ ansible node -m copy -a 'src=/etc/ansible/noble1.txt dest=/home/noble'10.142.0.2 | CHANGED => { "changed": true, "checksum": "73b0c1ba7659a1f6a366d3bc6a29f027c429136c", "dest": "/home/noble/noble1.txt", "gid": 1003, "group": "noble", "md5sum": "5d756118278361c3aa9d2aa1396631cc", "mode": "0664", "owner": "noble", "secontext": "unconfined_u:object_r:user_home_t:s0", "size": 34, "src": "/home/noble/.ansible/tmp/ansible-tmp-1552666208.98-214978604854310/source", "state": "file", "uid": 1002}[noble@devopstrial ansible]$ ssh noble@instance_1ssh: Could not resolve hostname instance_1: Name or service not known[noble@devopstrial ansible]$ ssh noble@10.142.0.2Last login: Fri Mar 15 16:10:10 2019 from devopstrial.c.adept-tangent-207418.internal[noble@instance-1 ~]$ ls -ltrtotal 4-rw-rw-r--. 1 noble noble 34 Mar 15 16:10 noble1.txt[noble@instance-1 ~]$ vi noble1.txt[noble@instance-1 ~]$ exit


logoutConnection to 10.142.0.2 closed.[noble@devopstrial ansible]$ ansible -m copy -a 'src=/etc/ansible/noble1.txt mode=777'Usage: ansible <host-pattern> [options]Define and run a single task 'playbook' against a set of hostsOptions: -a MODULE_ARGS, --args=MODULE_ARGS module arguments --ask-vault-pass ask for vault password -B SECONDS, --background=SECONDS run asynchronously, failing after X seconds (default=N/A) -C, --check don't make any changes; instead, try to predict some of the changes that may occur -D, --diff when changing (small) files and templates, show the differences in those files; works great with --check -e EXTRA_VARS, --extra-vars=EXTRA_VARS set additional variables as key=value or YAML/JSON, if filename prepend with @ -f FORKS, --forks=FORKS specify number of parallel processes to use (default=5) -h, --help show this help message and exit -i INVENTORY, --inventory=INVENTORY, --inventory-file=INVENTORY specify inventory host path or comma separated host list. --inventory-file is deprecated -l SUBSET, --limit=SUBSET further limit selected hosts to an additional pattern --list-hosts outputs a list of matching hosts; does not execute anything else -m MODULE_NAME, --module-name=MODULE_NAME module name to execute (default=command) -M MODULE_PATH, --module-path=MODULE_PATH prepend colon-separated path(s) to module library (default=[u'/home/noble/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) -o, --one-line condense output --playbook-dir=BASEDIR
-P POLL_INTERVAL, --poll=POLL_INTERVAL set the poll interval if using -B (default=15) --syntax-check perform a syntax check on the playbook, but do not execute it -t TREE, --tree=TREE log output to this directory --vault-id=VAULT_IDS the vault identity to use --vault-password-file=VAULT_PASSWORD_FILES vault password file -v, --verbose verbose mode (-vvv for more, -vvvv to enable connection debugging) --version show program's version number and exit Connection Options: control as whom and how to connect to hosts -k, --ask-pass ask for connection password --private-key=PRIVATE_KEY_FILE, --key-file=PRIVATE_KEY_FILE use this file to authenticate the connection -u REMOTE_USER, --user=REMOTE_USER connect as this user (default=None) -c CONNECTION, --connection=CONNECTION connection type to use (default=smart) -T TIMEOUT, --timeout=TIMEOUT override the connection timeout in seconds (default=10) --ssh-common-args=SSH_COMMON_ARGS specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) --sftp-extra-args=SFTP_EXTRA_ARGS specify extra arguments to pass to sftp only (e.g. -f, -l) --scp-extra-args=SCP_EXTRA_ARGS specify extra arguments to pass to scp only (e.g. -l) --ssh-extra-args=SSH_EXTRA_ARGS specify extra arguments to pass to ssh only (e.g. -R) Privilege Escalation Options:
control how and which user you become as on target hosts -s, --sudo run operations with sudo (nopasswd) (deprecated, use become) -U SUDO_USER, --sudo-user=SUDO_USER desired sudo user (default=root) (deprecated, use become) -S, --su run operations with su (deprecated, use become) -R SU_USER, --su-user=SU_USER run operations with su as this user (default=None) (deprecated, use become) -b, --become run operations with become (does not imply password prompting) --become-method=BECOME_METHOD privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | pmrun | enable | machinectl ] --become-user=BECOME_USER run operations as this user (default=root) --ask-sudo-pass ask for sudo password (deprecated, use become) --ask-su-pass ask for su password (deprecated, use become) -K, --ask-become-pass ask for privilege escalation passwordSome modules do not make sense in Ad-Hoc (include, meta, etc)ERROR! Missing target hosts[noble@devopstrial ansible]$ ansible -m file -a 'dest=/home/noble1.txt mode=777' Usage: ansible <host-pattern> [options]Define and run a single task 'playbook' against a set of hostsOptions: -a MODULE_ARGS, --args=MODULE_ARGS module arguments --ask-vault-pass ask for vault password -B SECONDS, --background=SECONDS run asynchronously, failing after X seconds (default=N/A) -C, --check don't make any changes; instead, try to predict some of the changes that may occur
-D, --diff when changing (small) files and templates, show the differences in those files; works great with --check -e EXTRA_VARS, --extra-vars=EXTRA_VARS set additional variables as key=value or YAML/JSON, if filename prepend with @ -f FORKS, --forks=FORKS specify number of parallel processes to use (default=5) -h, --help show this help message and exit -i INVENTORY, --inventory=INVENTORY, --inventory-file=INVENTORY specify inventory host path or comma separated host list. --inventory-file is deprecated -l SUBSET, --limit=SUBSET further limit selected hosts to an additional pattern --list-hosts outputs a list of matching hosts; does not execute anything else -m MODULE_NAME, --module-name=MODULE_NAME module name to execute (default=command) -M MODULE_PATH, --module-path=MODULE_PATH prepend colon-separated path(s) to module library (default=[u'/home/noble/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) -o, --one-line condense output --playbook-dir=BASEDIR Since this tool does not use playbooks, use this as a subsitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc.

-P POLL_INTERVAL, --poll=POLL_INTERVAL set the poll interval if using -B (default=15) --syntax-check perform a syntax check on the playbook, but do not execute it -t TREE, --tree=TREE log output to this directory --vault-id=VAULT_IDS the vault identity to use --vault-password-file=VAULT_PASSWORD_FILES vault password file -v, --verbose verbose mode (-vvv for more, -vvvv to enable connection debugging) --version show program's version number and exit Connection Options: control as whom and how to connect to hosts -k, --ask-pass ask for connection password --private-key=PRIVATE_KEY_FILE, --key-file=PRIVATE_KEY_FILE use this file to authenticate the connection -u REMOTE_USER, --user=REMOTE_USER connect as this user (default=None) -c CONNECTION, --connection=CONNECTION connection type to use (default=smart) -T TIMEOUT, --timeout=TIMEOUT override the connection timeout in seconds (default=10) --ssh-common-args=SSH_COMMON_ARGS specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) --sftp-extra-args=SFTP_EXTRA_ARGS specify extra arguments to pass to sftp only (e.g. -f, -l) --scp-extra-args=SCP_EXTRA_ARGS specify extra arguments to pass to scp only (e.g. -l) --ssh-extra-args=SSH_EXTRA_ARGS specify extra arguments to pass to ssh only (e.g. -R) Privilege Escalation Options: control how and which user you become as on target hosts -s, --sudo run operations with sudo (nopasswd) (deprecated, use become)



-U SUDO_USER, --sudo-user=SUDO_USER desired sudo user (default=root) (deprecated, use become) -S, --su run operations with su (deprecated, use become) -R SU_USER, --su-user=SU_USER run operations with su as this user (default=None) (deprecated, use become) -b, --become run operations with become (does not imply password prompting) --become-method=BECOME_METHOD privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | pmrun | enable | machinectl ] --become-user=BECOME_USER run operations as this user (default=root) --ask-sudo-pass ask for sudo password (deprecated, use become) --ask-su-pass ask for su password (deprecated, use become) -K, --ask-become-pass ask for privilege escalation passwordSome modules do not make sense in Ad-Hoc (include, meta, etc)ERROR! Missing target hosts[noble@devopstrial ansible]$ ansible node -m file -a 'dest=/home/noble1.txt mode=777'10.142.0.2 | FAILED! => { "changed": false, "msg": "file (/home/noble1.txt) is absent, cannot continue", "path": "/home/noble1.txt", "state": "absent"}[noble@devopstrial ansible]$ ansible node -m file -a 'dest=/home/noble/noble1.txt mode=777'10.142.0.2 | CHANGED => { "changed": true, "gid": 1003, "group": "noble", "mode": "0777", "owner": "noble", "path": "/home/noble/noble1.txt", "secontext": "unconfined_u:object_r:user_home_t:s0", "size": 34,
"state": "file", "uid": 1002}[noble@devopstrial ansible]$ ssh noble@10.142.0.2Last login: Fri Mar 15 16:13:33 2019 from devopstrial.c.adept-tangent-207418.internal[noble@instance-1 ~]$ ls -ltrtotal 4-rwxrwxrwx. 1 noble noble 34 Mar 15 16:11 noble1.txt[noble@instance-1 ~]$




Posted by at No comments:
Subscribe to: Posts (Atom)