Groesbeek, view of the 'National Liberation Museum 1944-1945' in Groesbeek. © Ton Kersten
Fork me on GitHub

LPI Certification

2013-08-15 (137) by Ton Kersten, tagged as lpi

It’s been a while since the last post, but I’ve been very, very busy.

And in the meantime I also found some time to take the LPI-102 exam. This resulted in a Pass and now I’m officially LPI1 certified.

Well, let’s see what’s next. Puppet exam, Ansible training, LPI2, Python ………

So much to learn, so little time.

Puppet Facter Fact

2013-07-08 (135) by Ton Kersten, tagged as puppet

Look at me, I made a Puppet Facter Fact!!!

With a lot of thanks to Andrew Beresford who started the initial code. I just tweaked it.

What it does is rather simple, it finds the expiration date of the SSL certificate of this host and returns the expiration date and time when there are less than 30 days left. Otherwise it just returns a --sign. In the Puppet manifest I check if it’s this --sign and if not I generate a warning.

This is it:

# Set the Facter-Fact "certificate_expiry" to the SSL certificate
# expiration date and time.
# Usage example:
# --------
#   if "${::certificate_expiry}" != "-" {
#       notify { 'CertExp' :
#           message  => "Certificate expire date for ${::fqdn}: ${::certificate_expiry}",
#           withpath => false,
#       }
#   }

# $Id$%
# $URL$
Facter.add("certificate_expiry") do
    setcode do
        warndays = 30
        time = Puppet::SSL::Host.localhost.certificate.expiration
        warn = time - ( warndays * 60 * 24 )

        if ( warn - ) < 0
            time = time.strftime("%Y-%m-%d %H:%M:%S")
            time = "-"

Me proud, I am smiley

Ansible Day in Antwerp

2013-06-29 (136) by Ton Kersten, tagged as ansible

Today I’m attending the first full day Ansible configuration meeting. This meeting is in Antwerp, Belgium, a drive of almost 2 hours. Thanks to Multi Mho (Maurice Verheesen) I didn’t need to drive, he wanted to try out his nice, new car. It drives perfectly and we arrived about 30 minutes early.

For a first meeting of a new tool there where a lot of attendants, amongst others (and I don’t want to forget anybody, so I won’t even try to give a complete list), but below are the people I think that where there.

  • Ton Kersten
  • Maurice Verheesen
  • Christopher Ranschaert
  • Colin Petrie
  • Dag Wieers
  • Inigo Ortiz de Urbina Cazenave
  • Jan Piet Mens
  • Jeroen Hoekx
  • Jochen Moes
  • Joost Ringoot
  • Kevin Clymans
  • Kristof Wevers
  • Lee Van Steerthem
  • Mattias Gees
  • Nic De Muyer
  • Serge van Ginderachter
  • Toshaan Bharvani
  • Vincent Van der Kussen

All very knowledgeable people and nice company to be around.

After Jan Piet talked about Ansible Fest in Boston he supplied us with all the goodies he brought home. We all got…. drum-roll…. 1 sticker each. The T-shirts didn’t show up at the Ansible Fest. Not that bad, because I already have one. Thanks to Jan Piet for the time and effort to get some goodies, even though he couldn’t get them.

After this we started discussing and talking about things to improve Ansible. We all agreed things are great and will be greater by time.

All in all a good day to be at and I would like to thank everybody who attended and who helped organize this day. And last but not least Michael deHaan for creating Ansible.

PS: Also thanks to the guys that brought the beer. The Vicaris Triple is a fantastic one.

Puppet User Group

2013-04-07 (134) by Ton Kersten, tagged as puppet

Yesterday I attended the first meet up of the Dutch Puppet User Group and I gave a talk about how to start with Puppet.

It was called: “Puppet deployment, an introduction” and the PDF slideshow can be viewed or downloaded from speakerdeck.

If you have any comment, please send me an email.

We-Blog with clouds

2013-04-06 (133) by Ton Kersten, tagged as blog

Today I received an email from Chris Hackenschmidt with a patch for a category cloud for my We-Blog program.

Of course I have implemented that and you can see it in action on the right.

So, a new version of We-Blog is out, currently still 0.9, with a big Thank You to Chris.

Download it and enjoy.

Installing Pandoc

2013-01-26 (132) by Ton Kersten, tagged as linux, pandoc

John Macfarlane released a new version of Pandoc that has a lot of new enhancements. A lot of things have changed in the Markdown input types and it’s now compatible with PHP Markdown. This is very nice, because a lot of implementations use the extensions defined by PHP Markdown.

I downloaded the dmg file to install it on my MacBook Pro and it works like a charm.

So, I decided to install it on my new CentOS 6 server to build documents there. Well, I was in for a nice surprise.

After cloning the source from github I started as documented in the INSTALL file

make prep

and now I get

Resolving dependencies...
cabal: cannot configure directory- It requires old-time ==1.0.*
For the dependency on old-time ==1.0.* there are these packages:
old-time-, old-time-, old-time-, old-time-,
old-time-, old-time- and old-time-
However none of them are available.
old-time- was excluded because pandoc- requires old-time ==1.1.*
old-time- was excluded because pandoc- requires old-time ==1.1.*


I kept tweaking the makefile and tried almost everything possible, but I was caught in a cyclic dependency loop. So, time to rethink and use Google.

I had already figured out it had to do with a cabal and ghc version that are to old, so it’s time to update.

I found newer Cabal versions at JustHub.

I started removing every RPM with haskel or ghc in the name and removed ~/.cabal and ~/.ghc directories to start of fresh. Then:

sudo rpm -Uhv
export PATH=/usr/hs/bin:~/.cabal/bin:$PATH
cabal install cabal-dev
cd ~/pandoc
make prep

Now it compiles but it breaks with:

make install
cabal-0.14.0: Error: some packages failed to install:
pandoc- failed during the tests phase. The exception was:
ExitFailure 1
cabal --config-file=/home/tonk/qq/pandoc/cabal-dev/cabal.config:
/usr/hs/tools/cabal-0.14.0 failure (return code=1)
make: *** [install] Error 1

Some tests fail, but I just removed --enable-tests from the Makefile and I got a working executable. Simply copy it to the ~/.cabal/bin directory, install the man-page and everything is fine.

I think it should be simpler, but for now I’m a happy camper.

rsync on a not standard port

2013-01-21 (131) by Ton Kersten, tagged as linux, sysadm

Today a colleague asked me to sync some files to a server that is not listening on SSH port 22.

I normally create a configuration entry in my ~/.ssh/config file, like

Host tosync
    Port 1234
    User syncuser

and then command

rsync -va --progress --inplace . tosync:

But this time I didn't want to create the entry in my SSH configuration, because I need this trick in a script. So I started to read the rsync manpage and after some experimenting I found

rsync -va --progress --inplace --rsh='ssh -p1234' .

This syncs the current directory to host on port 1234 as user syncuser.

Ansible issue playbook

2012-11-23 (130) by Ton Kersten, tagged as ansible

Playing with Ansible I did get the idea to make a nice welcome message when you log in to a server. This message needs to be placed in a file, which is configured in /etc/ssh/sshd_config with the banner option. I call this file /etc/issue.

Of course I want to deploy this file with Ansible, so I first defined an entry in the hosts file. This looks like this:

# Settings for master

# Variables for master
location=cow shed
issueremarks=This is the master Ansible server. Please be carefull!!

and this is parsed through a Jinja2 template which looks like

{{ figlethost.stdout }}

                               -- W A R N I N G --
           System Name : {{ "%-25s"|format(ansible_hostname) }} Location : {{ location }}
           Managed by  : {{ "%-25s"|format(name)             }} Room     : {{ room }}
{% if issueremarks is defined %}
{{ }}
{% endif %}

When combining this all into a playbook this results in

- hosts: all
      - name: install figlet
        yum: pkg=figlet state=latest
      - name: figlet name
        command: /usr/bin/figlet -c -w 80 ${ansible_hostname}
        register: figlethost
      - name: deploy issue file
        template: dest=/etc/issue owner=root mode=0444

As you can see there is a registered variable, called figlethost which contains the hostname parsed through figlet. And putting it all together this gives

                        _ __ ___   __ _ ___| |_ ___ _ __
                       | '_ ` _ \ / _` / __| __/ _ \ '__|
                       | | | | | | (_| \__ \ ||  __/ |
                       |_| |_| |_|\__,_|___/\__\___|_|

                               -- W A R N I N G --
           System Name : master                    Location : cow shed
           Managed by  : Ton Kersten               Room     : ESX5i
            This is the master Ansible server. Please be carefull!!

Ode to the Haggis

2012-10-26 (129) by Ton Kersten, tagged as humor

Hendrik Jan Thomassen not only sent me the tail of Haggis hunting but also a nice ancient poem as an ode to Haggis.

Here it is:

The haggis season has begun
and all over Scotland every gun
Is taken down with loving care
Though some prefer the haggis snare
The haggis are a wiley lot
That's why they are so seldom shot

Then hidden in the highland heather
Great hairy Clansmen crouch together
And having laid the haggis bait,
a life-like haggis on a plate,
One cries out loudly: ''There's the noo''
Which means the haggis are in view

It's flying upside down and low
The guns all fore but they're too slow
For thought it's rather old and fat
They're awful hard to hit like that

And as it flies off into the mist
Great hairy clansmen shake their fists
Scream their curseds to the crags
Stamp on empty haggis bags
And so the haggis get away
to live until next Christmas day
''Come back haggis''

And that's the reason it is so rare
This strange traditional Scottish fare

We're that haggis hi hooray
It's hog'manay not Christmas day

How to hunt the Haggis

2012-10-22 (128) by Ton Kersten, tagged as humor

Most people are familiar with my love of Scotland, single malt and (of course) haggis. But most people do not have a clue what haggis is and when you tell them, they walk out in disgust.

But a colleague of mine found out that haggis is just an animal that can be hunted in the Scottish Highlands.

This is how it's done:

.....asked me how the haggis were hunted so I explained that there were two types of haggis, who, because they lived on the steep slopes of the Scottish Highlands, developed legs of different lengths on their left and right sides depending upon which way they travelled round the mountain to graze. With the knowledge of which type of haggis one was hunting, the procedure was quite simple.

A large 'catch fence' was erected around the base of the mountain and a piper was sent up the mountain to play his bagpipes while walking contrary to the normal direction of rotation of the haggis. This put the fear of G*d in to the wee creatures who tried to run away, but of course their short legs were now down-hill so they soon overbalanced and rolled down the mountain into the catch fence at the base where they were then easily caught and euthanized.

Thanks to Hendrik Jan Thomassen.