Author Archives: Ian Macdonald

Centos/RHEL stops looking for a dhcp ip

I managed to mess up my vm network a few times and the centos machines lost there DHCP address, what surprised me was that they stopped requesting an IP address, so once I fixed my KVM test machine I would have to connect to the console restart the network

I found a website https://www.cyberciti.biz/faq/rhel-centos-configure-persistent-dhcp-client/ that mentions a setting

PERSISTENT_DHCLIENT=1

That you can set in the /etc/sysconfig/network-scripts/ifcfg-eth0

So
Edit the file

sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0

Append line PERSISTENT_DHCLIENT=1, at the end configuration should look as follows:

DEVICE=eth0
ONBOOT=yes
BOOTPROTO=dhcp
PERSISTENT_DHCLIENT=1

Save and close the file. Restart networking service or reboot laptop / desktop to test the changes:

# /etc/init.d/networking restart

Running a batch file with administrator Privileges

I need an easy way to let the QA people run chef, they alreay have accounts that are local admins so I wanted a batch file that they can click on that will run chef with admin privileges

the chef documentations suggests using runas

runas /user:Administrator "cmd /C chef-client"

But I don’t want to give the administrator password to the users.

I found this stack overflow posting that worked like a charm

https://stackoverflow.com/questions/7044985/how-can-i-auto-elevate-my-batch-file-so-that-it-requests-from-uac-admin-rights

Speficially

:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
@echo off
CLS 
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================

:checkPrivileges 
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges ) 

:getPrivileges 
if '%1'=='ELEV' (shift & goto gotPrivileges)  
ECHO. 
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation 
ECHO **************************************

setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs" 
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs" 
"%temp%\OEgetPrivileges.vbs" 
exit /B 

:gotPrivileges 
::::::::::::::::::::::::::::
:START
::::::::::::::::::::::::::::
setlocal & pushd .

REM Run shell as admin (example) - put here code as you like
cmd /k

Just replace cmd /k with your code.

Wiping riak

I have a need in our QA Environment to wipe some of the keys from Riak but not all of them before deploying a new build.

I started with using the ruby riak client, and had the following working

require 'riak'

#https://github.com/basho/riak-ruby-client/blob/master/README.markdown
#https://docs.basho.com/riak/latest/dev/taste-of-riak/ruby/

client=Riak::Client.new(:protocol => "pbc")

client = Riak::Client.new(:nodes => [
  {:host => '10.10.10.1', :pb_port => 8098}
])

client.buckets.each do |bucket|
  if bucket.name.start_with?('test')
    puts(bucket.name)
    bucket.keys.each do |key|
      bucket.delete(key)
    end
  end
end

Which gave a little error, but worked till I tired to run it on a windows machines, seem riak uses the ruby expect class which isn’t available on windows.

So then I took a different approach

require 'rest-client'
require 'json'
require 'uri'

host = "https://10.10.10.1:8098"

buckets_url = host + '/riak?buckets=true'
e_buckets_url = URI.escape(buckets_url)

json_object = JSON.parse(RestClient.get(e_buckets_url))
p json_object

json_object["buckets"].each do |bucket|
  if bucket.start_with?('test')
    p bucket 
    keys_url = 'https://10.10.10.1:8098' + '/riak/' + bucket + '?keys=true'
    e_keys_url = URI.escape(keys_url)
    p e_keys_url
    json_object2 = JSON.parse(RestClient.get(e_keys_url))
    p json_object2["keys"]
    json_object2["keys"].each do |key|
      delete_url = 'https://10.10.10.1:8098/riak' + '/' + bucket + '/' + key
      e_delete_url = URI.escape(delete_url)
      p e_delete_url
      response2 = RestClient.delete(e_delete_url)      
    end
  end

Then I wrapped it in ruby block for chef

ruby_block  "wipe riak" do
  block do
    host = "https://#{node['test']['avenger']['riakhostAddress']}:8098"

    buckets_url = host + '/riak?buckets=true'
    e_buckets_url = URI.escape(buckets_url)

    json_object = JSON.parse(RestClient.get(e_buckets_url))
    p json_object

    json_object["buckets"].each do |bucket|
      if bucket.start_with?('test')
        p bucket
        keys_url = host + '/riak/' + bucket + '?keys=true'
        e_keys_url = URI.escape(keys_url)
        p e_keys_url
        json_object2 = JSON.parse(RestClient.get(e_keys_url))
        p json_object2["keys"]
        json_object2["keys"].each do |key|
          delete_url = host + '/riak/' + bucket + '/' + key
          e_delete_url = URI.escape(delete_url)
          p e_delete_url
          response2 = RestClient.delete(e_delete_url)
        end
      end
    end
  end
end

Drac’s and ILOs

One of the challenges of working with servers remotely is getting the dam DRAC or ILO to work.

I have reverted to using Internet Explorer in a windows VM as my machine of choice for accessing Dell DRACs or HP ILOs. I recently had the pleasure of touching an HP C7000 blade enclosure that adds a new wrinkle to the mix, they have a web interface called the the OA or Onboard Administrator.

One common issue I have, assuming that I can even get the remote console to work is getting keyboard input to work. On the ILO 2 I tried installing Redhat and I could get Tabs to work. My solution on Dell DRACs was to switch from the activeX control to the java control, but on the a ProLiant BL460c G6, I couldn’t get the java version to start. I might have been able to make it work if i installed java 1.4, which is listed as the supported version, but I had challenges finding the correct binary to install, and my security alter ego was shouting in my head “NO” due to all the security issues with an ancient version of java.

The solution actually turned out to be easier.

https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02435928&lang=en&cc=us&taskId=120&prodSeriesId=4012659&prodTypeId=3709945

Make sure you turn off protected mode. I normally do this by telling Internet Explorer that the DRAC or ILO is part of the trusted sites. An easy way to do this is go to internet options, click on security, then trusted sites, then sites. Add an entry for https://10.99.99.* or what ever the subnet is that  contains your ILOs or your DRACs. The option for Protected Mode is at the bottom of the “Security Tab”

 

 

 

 

Sysprep still needed but not because of duplicate SID

I was told a long time ago that you needed to run sysprep because of issues with joining two machines to the domain with the same machine Security Identifier (SID). While researching what you need to do with cloned AMI images on EC2 I found this.

https://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx

I can attest to wsus getting messed up if you don’t run sysprep, but interesting to find out that duplicate SIDs is not an issue.

Oops Java thinks the clock is an hour out.

I have been experimenting with home automation and have been testing out openHAB. I wanted to have a set of lights turn on at sunset and turn off early in the morning. One of the issues I found was with the time in openHAB being an hour out. After some head scratching and research everything looked normal.

$ date
Sun Mar 16 00:37:35 EDT 2014

Looks good the time is correct, the timezone is correct.

$ date --utc
Sun Mar 16 04:40:11 UTC 2014

Looks good as well.

$ md5sum /etc/localtime 
e4ca381035a34b7a852184cc0dd89baa  /etc/localtime

$ md5sum /usr/share/zoneinfo/America/New_York
e4ca381035a34b7a852184cc0dd89baa  /usr/share/zoneinfo/America/New_York

The timezone is set correctly to New_York.

I am using openjdk 1.7 so I need to install the dev tools,

$ sudo yum install java-1.7.0-openjdk-devel

then run a little sample code,

more DateDemo.java 
import java.util.Date;
import java.util.*;

public class DateDemo {
   public static void main(String args[]) {
       // Instantiate a Date object
       Date date = new Date();

       // display time and date using toString()
       System.out.println(date.toString());

       System.out.println(new Date());
       System.out.println(TimeZone.getDefault());
   }
}

$ javac DateDemo.java

$ java DateDemo
Sat Mar 15 23:45:40 GMT-05:00 2014
Sat Mar 15 23:45:40 GMT-05:00 2014
sun.util.calendar.ZoneInfo[id="GMT-05:00",offset=-18000000,dstSavings=0,useDaylight=false,transitions=0,lastRule=null]

Ok thats interesting, the time is an hour out from the system clock, and when I ran it on another centos 6 box I got,

$ java DateDemo
Sun Mar 16 00:47:46 EDT 2014
Sun Mar 16 00:47:47 EDT 2014
sun.util.calendar.ZoneInfo[id="America/New_York",offset=-18000000,dstSavings=3600000,useDaylight=true,transitions=235,lastRule=java.util.SimpleTimeZone[id=America/New_York,offset=-18000000,dstSavings=3600000,useDaylight=true,startYear=0,startMode=3,startMonth=2,startDay=8,startDayOfWeek=1,startTime=7200000,startTimeMode=0,endMode=3,endMonth=10,endDay=1,endDayOfWeek=1,endTime=7200000,endTimeMode=0]]

Both hosts were set to the same New York time zone, and the md5 on /etc/localtime matched, so both appeared to be configured the same way.

A little more digging on how java gets it timezone and i found,

https://bugzilla.redhat.com/show_bug.cgi?id=489586

Turns out Java looks at /etc/sysconfig/clock.

The working host had,

$ more /etc/sysconfig/clock 
ZONE="America/New_York"

and the other one with the issue had

$ more /etc/sysconfig/clock
# The time zone of the system is defined by the contents of /etc/localtime.
# This file is only for evaluation by system-config-date, do not rely on its
# contents elsewhere.
ZONE="America/New York"

Well look at that, one has New York and the other has New_York.

After adding the _ to New_York Java now reports the correct time on both hosts, and my issue with openHAB is fixed.