Why companies should embrace OSS and the DevOps movement

It’s not a secret that the best and most competitive technologies today exist in the world are based on some Open Source component, maybe the Linux kernel, GNU/Linux operating system, a version of BSD, modules, drivers, or the programming language is completely free or have a free compiler or interpreter.

On the other hand, we have a complex and extensive range of solutions that are born almost with every blink, we need options to integrate these solutions into existing technologies, we have to interconnect new software with hardware and almost all possible combinations can generate with these, so basically, no matter what kind of hardware or software want or have to work, if we want to survive in the era of cloud solutions, build an interface to interconnect them will always be the fastest solution, we will always have to be interconnected and this is a main principle that in cloud architectures is required to satisfy, where the hardware is defined by software and everything is “as a Service” (XaaS), everything has to be able to be interconnected with something else, in short, this is the Application Programming Interfaces (API) age.

Nowadays technologies are needed with API (REST, SOAP), communities (Reddit, IRC, …) accessible information (Blogs, Wikis), otherwise we have to be able to build there, the faster way possible, we need tools, and languages, plugins, everything that we can use to build these interconnections and better solutions, the only platform we can use to accomplish this with the speed needed is the Open Source, it’s not a mystery that Open Source technologies based move much faster than any other kind of proprietary technologies, so if we don’t want to be a technological dinosaur from one day to another we have to know about agile development languages (python, ruby, groovy, …), collaborative work applications (gitlab, github, trac, bugzilla, …), source code management and revision control (git, svn, …), tools that move and help us with the speed required to build new products, today knowing about Open Source, licenses, programming languages, communities is no longer an option.

Speed is not the only thing that Open Source gives, for any professional, having software freedom without limits, whether that solves the problem 100% or having a piece of software that delivers a solid foundation in order to modify and make what is required, POCs without asking for a copy of the software to a company is priceless, which also has an impact on the number of users downloading the same software, which can modify, test, add new characteristics.

I don’t want to expose a vision where nothing else exists besides the Open Source Software but to compete technologically we have to know the ecosystem or even better to innovate must know the tools and work with the right people for the job, people who can integrate all kinds of solutions, but who are this guys? These guys are like super-sysadmins + developers + Open Source gurus, all this and more, equals DevOps engineers (like me), better check this post by the puppetlabs people maybe in the future I’ll write my own.

But you don’t need to believe me, I can challenge you to find a job offer in a company that wants to innovate (any real IT company), regardless of the language or the country you are not looking for DevOps guys or Open Source knowledge.

Let’s cut to the chase, any company that wants to innovate technologically needs DevOps in its payroll, and any DevOps who wants to have a decent job requires Open Source knowledge.

Hope you enjoyed the reading, see you soon!!!

$ commit

Free EL YUM Repositories

If you are using some flavor of Enterprise Linux, eventually will get tired of downloading rpm packages from Here BTW, this is a really great page when you don't have access to FTP services (damn telecom/security guys). And eventually, you will need to have repositories on your server to solve the dependencies. Here are some free repositories provided by Oracle for FREE, but of course, with NO SUPPORT.

OEL 4/RHEL 4, Update 6 or Newer

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-el4.repo

 

OEL 5/RHEL 5

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-el5.repo

 

OEL 6/RHEL 6

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-ol6.repo

 

Oracle VM 2

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-ovm2.repo

 

After downloading the repo file, you should set the correct version of your Linux, enabling the "enabled" variable.

[root@openstack yum.repos.d]# cat /etc/yum.repos.d/public-yum-ol6.repo
[ol6_latest]
name=Oracle Linux $releasever Latest ($basearch)
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/latest/$basearch/
gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=1

And of course, the EPEL repositories. Surf looking for your correct version here EPEL Repository and install the rpm, like this one:

[root@openstack yum.repos.d]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.2 (Santiago)
[root@openstack ~]# rpm -Uvh http://fedora.mirror.nexicom.net/epel/6/x86_64/epel-release-6-7.noarch.rpm
Retrieving http://fedora.mirror.nexicom.net/epel//6/x86_64/epel-release-6-7.noarch.rpm
warning: /var/tmp/rpm-tmp.h0G5aN: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]
[root@openstack ~]# ll /etc/yum.repos.d/
total 8
-rw-r--r--. 1 root root  957 May  9 10:55 epel.repo
-rw-r--r--. 1 root root 1056 May  9 10:55 epel-testing.repo

SSH login without password

Suppose you want to use Linux and OpenSSH to automize your tasks or you just don't want to type the password every time you connect to a server.

You can solve this issue by doing this.

Scenario:
skyline wants to connect to veyron using ssh without a password.

By default, the ssh command has the order to check for authentication: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password

[0] skyline ~ $ ssh alvaro@veyron -v 
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to veyron[10.10.1.194] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /Users/alvaro/.ssh/identity type -1
debug1: identity file /Users/alvaro/.ssh/id_rsa type 1
debug1: identity file /Users/alvaro/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Next authentication method: publickey
debug1: Trying private key: /Users/alvaro/.ssh/identity
debug1: Offering public key: /Users/alvaro/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /Users/alvaro/.ssh/id_dsa
debug1: Next authentication method: password
alvaro@veyron's password:

Checking the ssh server authorized_keys configuration:

root # grep -e Authorized -e Pubkey /etc/ssh/sshd_config | grep -v '#'
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys

Generating public/private rsa key pair:

[0] skyline ~ $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/alvaro/.ssh/id_rsa): 
Created directory '/Users/alvaro/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/alvaro/.ssh/id_rsa.
Your public key has been saved in /Users/alvaro/.ssh/id_rsa.pub.
The key fingerprint is:
53:1d:8a:f8:93:a8:1e:e2:9d:db:f8:ca:3d:73:5a:60 alvaro@skyline
The key's randomart image is:
+--[ RSA 2048]----+
|            .    |
|       . . o .   |
|      . . o .    |
|       o o       |
|      E S        |
|     o . o       |
|  . o   .        |
| . = *o..        |
|  . O+==         |
+-----------------+

[0] skyline ~ $ ssh alvaro@veyron mkdir -p .ssh 
Password: 
[0] skyline ~ $ cat .ssh/id_rsa.pub | ssh alvaro@veyron 'cat >> .ssh/authorized_keys'
Password: 

[0] skyline ~ $ cat .ssh/config 
Host veyron
    User alvaro
    Hostname 10.10.1.194

Verbose connection:

[0] skyline ~ $ ssh alvaro@veyron -v 
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /Users/alvaro/.ssh/identity type -1
debug1: identity file /Users/alvaro/.ssh/id_rsa type 1
debug1: identity file /Users/alvaro/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Next authentication method: publickey
debug1: Trying private key: /Users/alvaro/.ssh/identity
debug1: Offering public key: /Users/alvaro/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Tue Apr 24 14:50:42 CDT 2012 from skyline.headup.ws on ssh
alvaro@veyron ~ $

Clean ssh execution:

[0] skyline ~ $ ssh veyron
Last login: Tue Apr 24 14:50:42 CDT 2012 from skyline.headup.ws on ssh
alvaro@veyron ~ $ 

Headup Portage Tree

This portage tree is for apps that are not inside the official portage repository and some other packages with some hacks.
If you would like to contribute, report some bugs or send me suggestions, you can send me an email: alvaro[at]headup[dot]ws

Starting Points

•  Gentoo webpage
•  Layman howto page

How to configure Headup ebuilds

• Complete howto

EBuilds

• app-fuzz/dotdotpwn: The Directory Traversal Fuzzer (v2.1,v3.0),  http://dotdotpwn.blogspot.com
• dev-libs/Ice: ICE middleware C++ bindings (v3.2.1),  http://www.zeroc.com
• dev-php/IcePHP: PHP bindings for the ICE middleware (v3.2.1),  http://www.zeroc.com
• dev-ruby/rack: A modular Ruby webserver interface (v1.0.1),  http://rubyforge.org/projects/rack

[Solved] su: /bin/bash: Permission denied

New user created as:

groupadd mygroup
useradd -s /bin/bash -g myuser -m -k /dev/null myuser

When trying to log in:

[root@vserver~]# su - myuser
su: /bin/bash: Permission denied

Solution:

[root@vserver~]# chmod 755 /bin
[root@vserver~]# su - myuser
[myuser@vserver~]$

Easy password generator command

 As a sysadmin, I need to generate lots of passwords and sometimes if you do so without a script the generated password becomes really easy to guess, and also is hard to build a safe password.

Because of this I use this script to generate pseudo-random passwords, is not an un-crackable method but solves the main problem.
You can put this code at the end of your .bashrc file, in order to make it like a system command, please do not remove the other lines in the file.

skyline ~ $ cd
skyline ~ $ vi .bashrc

##
##      By: Alvaro Soto - alvaro@headup.ws
##      http://headup.ws/node/18
##
##      genpasswd: Generate a pseudo random password
##                  using a given length (default = 20).
##

genpasswd() {
    local l=$1
        [ "$l" == "" ] && l=20
        tr -dc A-Z0-9_[%#?]a-z < /dev/urandom | head -c ${l} | xargs
}

##
##
##

skyline ~ $ . .bashrc
skyline ~ $ genpasswd 
vie8e4d5naTCH70XvDyT
skyline ~ $ genpasswd 10
ts0QtdPe_x
skyline ~ $ genpasswd 5
5nw5Q

Is a less secure option to pwgen but it doesn't need a compiler.

skyline ~ $ emerge pwgen -s
Searching...    
[ Results for search key : pwgen ]
[ Applications found : 1 ]

*  app-admin/pwgen
      Latest version available: 2.06-r1
      Latest version installed: 2.06-r1
      Size of files: 30 kB
      Homepage:      http://sourceforge.net/projects/pwgen/
      Description:   Password Generator
      License:       GPL-2

In action:

skyline ~ $ pwgen 20 --capitalize --symbols --numerals --secure  1
H2]}K/JGVs<523Xuv?"Y 
skyline ~ $ pwgen 10 --capitalize --symbols --numerals --secure 1
JZ7a*&|:RP 
skyline ~ $ pwgen 5 --capitalize --symbols --numerals --secure 1
`Aw8D 

Recursively delete .svn directories

Subversion is a software versioning and revision control system.
Every copy of source code received from the subversion repository has .svn folders, which store metadata.

This is a simple example of a Unix command, which recursively deletes subversion .svn folders, these folders are often not necessary if you want to distribute the source code.
You can put this code at the end of your .bashrc file, in order to make it like a system command, please do not remove the other lines in the file.

skyline ~ $ cd
skyline ~ $ vi .bashrc

##
##      By: Alvaro Soto - alvaro@headup.ws
##
##      csvn: Removes recursively all the .svn dirs 
##                  starting from a given path or from the cwd
##

csvn(){
    local dir=$1
        [ "$dir" == "" ] && dir=$(pwd)
        while true; do
            read -p "Do you wish to delete .svn dirs on [ $dir ]? " yn
            case $yn in
                [Yy]* ) find $dir -name .svn -print0 | xargs -0 rm -rf ; break;;
                [Nn]* ) break;;
                * ) echo "Please answer yes or no.";;
            esac
        done
}

##
##
##

Source and use

skyline ~ $ . .bashrc
skyline ~ $ csvn 
Do you wish to delete .svn dirs on [ /Users/alvaro ]? n
skyline ~ $