Bash Shell Script To Create A Rich, Colorful Server Health Report(in HTML)


As you know,  my previous shell script produces an HTML Server Health Report displaying all vital stats in a plain format & I thought its magical to have a shell script create an HTML report even though it was a rather simple looking report 😉 Then I wrote a web-app that helps you track how much money you have saved & came up with the idea to enhance my script to output a rich, vibrant, vividly colored HTML report that has interactive 3D charts & other colorful visual elements 🙂 Sneak a peek below!

You can grab the script from my GitHub gist page.

Server-Health-Report-Shashank_Srivastava.png

So, I modified my script & made it fetch more server data and display that data in different tables & panels. These tables & panels include : –

Directories that eat up most of your disk space.

Server-Health-Report-Shashank_Srivastava.png

Dynamic table showing the directories that take up most of your disk-space.

Top Memory consuming processes.

Server-Health-Report-Shashank_Srivastava.png

Dynamic table displaying Top Memory consuming processes.

Top CPU consuming processes.

Server-Health-Report-Shashank_Srivastava.png

Dynamic table displaying Top CPU consuming processes.

2 Speedometers displaying # of processes running & # of logged in users.

Server-Health-Report-Shashank_Srivastava.png

Speedometer 🙂

A bars system that displays the resources utilisation (RAM/CPU/Filesystem/INodes) & these bars change their color to red if threshold is crossed 🙂

Server-Health-Report-Shashank_Srivastava.png

Bars displaying vital system stats.

3D interactive pie-chart showing the break-up of filesystem utilisation.

Server-Health-Report-Shashank_Srivastava.png

3D chart with break-up of filesystem usage.

Advertisements

Setup Ansible Nodes on Linux (Ubuntu 14.04)


In my last post, you learnt about Ansible & how to install it. Now, lets take one step forward and setup the nodes that Ansible will manage. As we know, Ansible is agent-less hence it doesn’t need any client package to be installed on the nodes it will manage. So, we only need to define the nodes in its inventory file on Ansible server itself located at /etc/ansible/hosts

Backup this file & edit it with below contents.

[web-servers]
192.168.0.51
192.168.0.61

You can see I have defined a group called web-servers that contains IP address of 2 nodes. You can also use FQDN if you have DNS setup or entries in /etc/hosts file

Save this file & issue below command to test if Ansible server is able to ping the nodes or not.

shashank@shashank-server:~$ ansible -m ping web --ask-pass
SSH password:
192.168.0.61 | FAILED! => {
"failed": true,
"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."
}
192.168.0.51 | SUCCESS => {
"changed": false,
"ping": "pong"
}

You can see, it results in an error for one node. Because Ansible server’s fingerprint was not in known_hosts file of that node. For this, you need to add that manually or by first trying to SSH into node. That way it will ask to save the fingerprint & above command will work.

shashank@shashank-server:~$ ansible -m ping web --ask-pass
SSH password:
192.168.0.51 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.0.61 | SUCCESS => {
"changed": false,
"ping": "pong"
}

So, you can see now that Ansbile is able to ping its nodes & hence it can manage these 🙂

One thing to note is that Ansible will SSH into the nodes using the user with which it was run. I ran Ansible using shashank user which is a user with root access. So, make sure you have enough privileges to run Ansible. You can get away with using --ask-pass if you use keys instead of password. You can follow this link to know how to setup password-less SSH

shashank@shashank-server:~$ ansible -m ping web
192.168.0.61 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.0.51 | SUCCESS => {
"changed": false,
"ping": "pong"
}

You can see above that, since I have password-less SSH setup, I don’t need to use --ask-pass option.

Install Ansible on Linux (Ubuntu 14.04)


Ansible is a really (radically, as they say) simple server orchestration/configuration manager/provisioning solution just like Chef, Puppet or Salt. While Chef, Puppet or Salt are extremely powerful & efficient, they are quite difficult to learn or manage and that’s what makes admin afraid of them 😀

Ansible, on the other hand, is pretty simple to use. Its commands are executed via CLI or terminal & it uses SSH connection (Ansible is agent-less) as compared to Chef, Puppet or Salt that are agent-based. In this tutorial we will see how to install Ansible on an Ubuntu 14.04 server 🙂

Issue below commands to add Ansible repository & install it.

root@shashank-server:/home/shashank#  apt-add-repository -y ppa:ansible/ansible
root@shashank-server:/home/shashank#  apt-get update
root@shashank-server:/home/shashank#  apt-get install -y ansible

This will install Ansible on your machine. Now, in my next post(s) I will demonstrate how we can define the hosts for it. Stay tuned till then 😉

Bootstrapping Chef Node To Manage Under Chef Server


So, the last post discussed about setting up Chef clients. Now its time to finish the overall setup by bootstrapping the Chef nodes from Chef Workstation.

Bootstrapping means we are syncing the Chef clients with the Chef workstation so that we can create & execute cookbooks from the workstation. Remember that 192.168.0.61 is the IP of Chef client/node. Replace the IP for all the nodes you want to manage & repeat this step. --node-name is the name you want to give to your node. Its NOT necessarily the actual hostname. I used sudo because it didn’t connect without it. Replace shashank with your username.

root@chef-workstation:/home/shashank/chef-repo# knife bootstrap 192.168.0.61 -x shashank --sudo --node-name node1
Doing old-style registration with the validation key at /home/shashank/chef-repo/.chef/chef-validator.pem...
Delete your validation key in order to use your user credentials instead

Connecting to 192.168.0.61
shashank@192.168.0.61's password:
192.168.0.61 knife sudo password:
Enter your password:
192.168.0.61
192.168.0.61 -----> Existing Chef installation detected
192.168.0.61 Starting the first Chef Client run...
192.168.0.61 Starting Chef Client, version 12.6.0
192.168.0.61 Creating a new client identity for node1 using the validator key.
192.168.0.61 resolving cookbooks for run list: []
192.168.0.61 Synchronizing Cookbooks:
192.168.0.61 Compiling Cookbooks...
192.168.0.61 [2016-05-21T09:28:51+05:30] WARN: Node node1 has an empty run list.
192.168.0.61 Converging 0 resources
192.168.0.61
192.168.0.61 Running handlers:
192.168.0.61 Running handlers complete
192.168.0.61 Chef Client finished, 0/0 resources updated in 01 seconds

You can see the list of all managed/bootstrapped nodes by issuing below command.

root@chef-workstation:/home/shashank/chef-repo# knife node list
node1

Below is the screenshot from my setup 🙂

Chef Nodes Bootstrapped

In future posts, I will explain how we can manage Chef nodes & how to create cookbooks. Till then, bye 🙂

Setup Chef Node(s) on Linux (Ubuntu)


In my last 2 posts, I had explained how to install Chef Server & how to setup Chef Workstation. Hope that was easy & informative for you 🙂

In this post, we will learn how to setup the nodes that we want to be managed by Chef. Read on!

There are only 2 steps here. Downloading the client package & installing it. Repeat these steps on all the nodes that you want Chef to manage.

Download Chef Client package from https://downloads.chef.io/chef-client/

Install it as below.

root@node1:/home/shashank# dpkg -i /media/sf_Chef_Downloads/chef_12.6.0-1_amd64.deb
Selecting previously unselected package chef.
(Reading database ... 166222 files and directories currently installed.)
Preparing to unpack .../chef_12.6.0-1_amd64.deb ...
Unpacking chef (12.6.0-1) ...
Setting up chef (12.6.0-1) ...
Thank you for installing Chef!

This will setup your Chef client. To manage it using Chef, it has to be bootstrapped. How to do it? I will leave it for the next post 😉 Stay tuned 🙂

Setup Chef Workstation on Linux Server (Ubuntu)


In my last post I had explained you how we can install Chef Server on an Ubuntu server. In this post I will show you how to setup Chef Workstation on another Ubuntu server. Chef Workstation is a machine that you will prepare your recipes & cookbooks on. These recipes are then sent to Chef Server which are then used to manage nodes. Lets begin with this tutorial 🙂 Please put entries of all Chef machines in your /etc/hosts file.

Chef Server Details : –

  • Hostname – chef-server
  • IP Address – 192.168.0.63

Chef Workstation Details : –

  • Hostname – chef-workstation
  • IP Address – 192.168.0.51

1. Install Chef Development Kit. Go to https://downloads.chef.io/chef-dk & download the package for your OS. I have chosen Ubuntu for this tutorial.

root@chef-workstation:/home/shashank# dpkg -i ~shashank/chefdk_0.13.21-1_amd64.deb

2. Generate Chef Repository. Issue below command to generate Chef Repository. This will create a new directory called chef-repo

root@chef-workstation:/home/shashank# chef generate repo chef-repo
root@chef-workstation:/home/shashank# cd chef-repo

3. Create a directory to keep authentication keys. We will need authentication keys to communicate with Chef Server. If you remember, I had created 2 keys while setting up Chef Server. These keys will have to be copied to this directory.

root@chef-workstation:/home/shashank# scp *.pem shashank@192.168.0.51:~shashank/
root@chef-workstation:/home/shashank# mkdir .chef
root@chef-workstation:/home/shashank# mv ~shashank/*pem .chef/

4. Create a knife file. Create a new file knife.rb with below contents. Make changes accordingly(explained below).

root@chef-workstation:/home/shashank# vim knife.rb
log_level                :info
log_location             STDOUT
node_name                'chef-admin'
client_key               '/home/shashank/chef-repo/.chef/chef-admin.pem'
validation_client_name   'shashank-validator'
validation_key           '/home/shashank/chef-repo/.chef/chef-validator.pem'
chef_server_url          'https://chef-server/organizations/shashank'
syntax_check_cache_path  '/home/shashank/chef-repo/.chef/syntax_check_cache'
cookbook_path [ '/home/shashank/chef-repo/cookbooks' ]

A little explanation to this file. Refer to my last post for more clarity.
node_name is your chef username that you created while setting up Chef Server.
client_key is the key that you generated for chef user.
validation_client_name is organization shortname followed by hyphen validator. In my case it was “shashank”.
validation_key is organization key.
chef_server_url is URL to Chef Server’s organization. You will need to put entries in /etc/hosts on all Chef machines so as to avoid errors while executing this file.

5. Authenticate Workstation with Server. Issue below commands to fetch the SSL certificate. We need to go one directory back.

root@chef-workstation:/home/shashank# cd ..
root@chef-workstation:/home/shashank# knife ssl fetch
WARNING: Certificates from 192.168.0.63 will be fetched and placed in your trusted_cert
directory (/home/shashank/chef-repo/.chef/trusted_certs).

Knife has no means to verify these are the correct certificates. You should
verify the authenticity of these certificates after downloading.

Adding certificate for chef-server in /home/shashank/chef-repo/.chef/trusted_certs/chef-server.crt

6. Check the connectivity. Issue below command to verify the connectivity between Chef Server & Workstation.

root@chef-workstation:/home/shashank# knife client list

If there are errors like below, make sure you are putting correct entries in /etc/hosts file.

ERROR: SSL Validation failure connecting to host: 192.168.0.63 - hostname "192.168.0.63" does not match the server certificate
ERROR: SSL Error connecting to https://192.168.0.63/organizations/shashank/clients, retry 1/5
ERROR: SSL Validation failure connecting to host: 192.168.0.63 - hostname "192.168.0.63" does not match the server certificate
ERROR: SSL Error connecting to https://192.168.0.63/organizations/shashank/clients, retry 2/5
ERROR: SSL Validation failure connecting to host: 192.168.0.63 - hostname "192.168.0.63" does not match the server certificate
ERROR: SSL Error connecting to https://192.168.0.63/organizations/shashank/clients, retry 3/5

This happens because the SSL certificate was generated for hostname & not IP address. I corrected the /etc/hosts file & it fixed that. See it below 🙂

root@chef-workstation:/home/shashank# knife client list
shashank-validator

That’s all for this post 🙂 We now have a working Chef Server & a working Chef Workstation. I will explain how to setup a Chef node in my next post. Stay tuned 🙂

Setup Chef Server on Ubuntu


Hi There! After a long time 😉 In this post I will explain how you can setup your Chef Server on an Ubuntu machine. Chef, as we know, is an Infrastructure Automation platform that helps manage, maintain & housekeep a number of servers by keeping them in desired state. Sounds complicated? Ok, let me put this in an easy way 😉

Suppose you have 25 servers in your infrastructure. 10 are Apache web-servers, 5 are Database servers, 2 are monitoring servers, 2 are LDAP servers & rest are Tomcat servers. You are given the responsibility to setup all of them 😀 You will have to install packages, create users & groups & do tons of modifications like editing /etc/hosts or /etc/resolv.conf files. All this leads to a lot of wastage in terms of time & resources. That’s where Chef or similar software helps. Chef will allow you to do all these tasks in much simple & efficient manner. You define what packages are to be installed on what servers & Chef will do it. Add users to passwd file & Chef will populate this file to all required servers. This is known as Chef recipes. Seems fun, right? 😉

Chef has 3 components.

  • Workstation : – A server on which you define all your modifications like contents of passwd file, packages to be installed etc. In other words, here you create Chef recipes & cookbooks.
  • Server : – Where you manage all your nodes & where all the recipes are sent to. Server then adjust the nodes according to the recipes. It also has a web UI where you can see & manage your nodes. Chef Server can only be installed on Unix/Linux machines.
  • Nodes : – The individual servers that are to be managed by Chef. Like your Apache or DB servers. Could be any OS.

Now that you know the basic terminologies, lets setup our Chef Server 🙂

Lab Description : –

  • OS – Ubuntu 14.04
  • RAM – 4 GB
  • IP Address – 192.168.0.XX
  • Chef Server version – 12.4.0
  • Chef Manage version – 2.3.0

Steps : – 

1. Download & Install Chef Server package. Go to https://downloads.chef.io/chef-server and download the package for your OS. In this tutorial, I have chosen Ubuntu. Install it by using below command.

root@chef-server:/home/shashank# dpkg -i chef-server-core_12.4.0-1_amd64.deb
Selecting previously unselected package chef-server-core.
(Reading database ... 166216 files and directories currently installed.)
Preparing to unpack chef-server-core_12.4.0-1_amd64.deb ...
Unpacking chef-server-core (12.4.0-1) ...

2. Configure Chef Server. Next step will be to configure it. So run this command. It will dump output similar to it. Please note that this step will take around 2-3 minutes or more.

root@chef-server:/home/shashank# chef-server-ctl reconfigure
Starting Chef Client, version 12.6.0
resolving cookbooks for run list: ["private-chef::default"]
Synchronizing Cookbooks:

Deprecated features used!
Cannot specify both default and name_property together on property path of resource yum_globalconfig. Only one (name_property) will be obeyed. In Chef 13, this will become an error. Please remove one or the other from the property. at 1 location:
- /opt/opscode/embedded/cookbooks/cache/cookbooks/yum/resources/globalconfig.rb:76:in `class_from_file'

Chef Client finished, 323/451 resources updated in 03 minutes 10 seconds
Chef Server Reconfigured!

3. Create Chef user & its organisation. Issue below command to create a user & its organisation for Chef. This user will be used to log-in to its web UI & perform other admin tasks. These .pem keys will be used to authenticate & validate the certificates. Choose any desired location.

root@chef-server:/home/shashank# chef-server-ctl user-create chef-admin Chef Admin root@chef-server 'chefadmin' --filename /home/shashank/chef-admin.pem
root@chef-server:/home/shashank# chef-server-ctl org-create shashank 'Shashank Chef Server' --association_user chef-admin --filename /home/shashank/chef-validator.pem

4. Install Chef Manage(web UI). Default step is to install it using Chef itself by issuing chef-server-ctl install chef-manage command But it threw error on my machine that apt-get update was unable to retrieve this package. So, I downloaded the package from Chef’s site & installed it using dpkg.

root@chef-server:/home/shashank# dpkg -i Downloads/chef-manage_2.3.0-1_amd64.deb

It will ask you to accept the license agreement.

To use this software, you must agree to the terms of the software license agreement.
Press any key to continue.
Type 'yes' to accept the software license agreement, or anything else to cancel.
yes
Starting Chef Client, version 12.4.1

When its done installing it, it will prompt you to issue another command.

Chef Client finished, 323/451 resources updated in 03 minutes 10 seconds
Chef Server Reconfigured!
Thank you for installing the Chef Management Console add-on!

The next step in the process is to run:

chef-manage-ctl reconfigure

5. Configure Chef Manage. Issue above command to configure it. It will take some time. Wait for it to finish.

6. Configure Chef Server again. Run chef-server-ctl reconfigure again to configure it.

If everything goes well, you will have your Chef Server ready.

7. Login to Web console (UI). Point your browser to https://localhost:443/login. You may also use IP address. Enter the credentials that you used in step 3 above. You are done 🙂

Chef Manage

Logging into Chef Server UI

Chef Manage UI

Chef Server UI

Watch out for other Chef posts on my blog! Coming soon 😉