I have been working with DigitalOcean for several months, on average DigitalOcean deploys your VPS server in 55 seconds. After the server is deployed, all the manual/prone to errors/boring configuration process is needed.
As I am using puppet to configure all my servers I have create provisioningDO rakefile script (based on John Arundel’s book Puppet 3 Cookbook) to deploy and configure my servers in 4 min 15 sec. It means After 4 min 15 secs, my servers are ready for production.
provisioningDO uses Jack Pearkes’ tugboat CLI tool so, a fully installed and configured tugboat CLI is necessary. It shouldn’t take you more than 5-10 minutes to have a working and ready to go tugboat installation
Today I have released to the public my first puppet module:
It installs and configures knockd (a port knocking software).
Llevaba ya tiempo dandole vueltas a la idea de montar un grupo de usuarios de puppet en Alicante, que no se si habra muchos…
La semana pasada mande un correo a la lista de usuarios de puppet por si habia alguien interesado y hoy he recibido un correo de puppetlabs.com indicandome que si tenia un grupo de meetup, que ellos me pondrian un link en su web. por lo que me he decidido a crear un group en meetup.com.
Por lo que oficialemente hoy ha sido creado el Alicante Puppet Users Group
Asi que si estas interesado en Puppet, DevOps, Data Center and Operations Automation y basicamente hacer las cosas una sola vez y que los ordenadores hagan el resto. Este es tu grupo.
Espero que os apunteis y cuando seamos unos cuantos hagamos la primera quedada.
Salu2 puppeteros Alicantinos
Several months ago I finally got the (WOL) Wake On Lan feature of my RTL8111/8168B NIC card working. The problem was that a new driver (other than the provided by Debian) and a special PCI configuration was needed.
The other problem I had to deal with was the ADSL Router (Comtrend HG532c, The one provided by the Spanish ISP Jazztel) configuration:
- Open the required port: This was an easy one just opening the 7 a 9 port and forwarding them to the server we want to WOL from the internet
- Make the router remember the server’s tuple MAC/IP address. That was easy too, but some manual work was needed as when router is restarted the ARP table is flushed.
In my current job I had to change recently some configuration and restart more than 600 IP phones. To perform such titanic task I created a quick and dirty script using expect. It worked like a charm and made me think about automatize the way I set the ARP table in my Comtrend HG532c ADSL router.
1 year ago I couldn’t get connected to my office’s network using my VPN client. The reason was that my p12 certificate was expired. AFAIK IPsec cannot renew certificates automatically as windows VPN client does. To make it work I needed to renew it using the windows client and then migrate a p12 certificate to a Linux/IPsec friendly format. As I was in a little hurry I tried installing the Linux Citrix client
Today I have assisted to the Ubuntu Cloud Webcast, Presented by: Mark Shuttleworth (Canonical Founder) and Stephen O’Grady from Redmonk.
Yesterday I received a message in the debian-user-spanish mailing list with subject: Conectarse por VPN a un Firewall-1
In that email the user was referring to very useful tutorial: Check Point Firewall-1 NG(X). I remembered that link as I used it to configure my first road warrior VPN client. But this document is outdated as the procedure to obtain the private key is not valid anymore. There is a new procedure that I documented in my personal wiki. In this post I am gonna copy & paste the right procedure from it.
Since 2005 I have hosted this web page in the Cpanel based Bluehost company. First with Joomla and recently migrated to WordPress.
Bluehost allows to download a daily, weekly and monthly backup from your Cpanel control panel, but manual intervention is needed:
- Logon in the control panel
- Navigate to the backup page
- Perform the backup
- Download it to your local computer.
This is a manually/time consuming task and of course you should not forget it!!
In this post I gonna show my automatic method to backup files and databases using:
- Crontab for automatic backups.
- Public/private keys for passwordless ssh connections.
- Rsync command for synchronizing directories between remote and local servers. This way bandwidth is reduced as if a file has already been copied to the local server no data transfer is needed.
- Mysqldump for dumping the MySQL databases to a local file.
- SpiderOak for data deduplication and remote backup.
Some previous knowledge is needed to understand how it works, anyway there are some useful links to understand it.
A long time ago, in a galaxy far far away when I started with openvz I followed this tutorial for Debian template creation. Now I am adapting it (using my own experience and this template-squeeze tutorial too) to Qemu/KVM disk images than later can be used directly or via libvirt.
This procedure tries to generalize the template. While working with disk cloned images many elements need to be “generalized” before capturing and deploying a disk image to multiple computers. Some of these elements include:
- ssh keys
The more “generalized” is a template, the less manual work is needed after deploying it.
This method must work in others virtualization systems: vmware, virtualbox, etc. As it is “virtualizator/hypervisor/emulator independent” as it is focused only in the disk image.