Wednesday, June 7, 2017

Enable direct ssh access to EC2 instance without .pem key

Enable password authentication by editing /etc/ssh/sshd_config: change PasswordAuthentication no to PasswordAuthentication yes

Restart ssh:

sudo /etc/init.d/ssh restart

systemctl  restart sshd (for RHEL7)

Tuesday, February 14, 2017

Create EC2 instances using Ansible Playbook

Log into your AWS account to get your “AWS_ACCESS_KEY_ID” and “AWS_SECRET_ACCESS_KEY”. Go to “Identity and Access Management”. Create a new user or select an exiting one. Go to “Security Credentials” and click “Create Access Key”. Here’s an example of what you’ll end up with:
Access Key ID: NUHKOIJFOJF9GFJDO
Secret Access Key: LSDJKFODSJF9SDJF8UH3U3HFKW
Keep those safe – download when asked. Use the above values to create environment variables. Copy and paste the following (with your values replacing mine) into your shell:
export AWS_ACCESS_KEY_ID="NUHKOIJFOJF9GFJDO" 
export AWS_SECRET_ACCESS_KEY="LSDJKFODSJF9SDJF8UH3U3HFKW"
Create the “~/hosts” file with the following contents:
[local]
localhost

[webserver]
Now we build our YML file for Ansible to run through. Here’s a sample that will create a basic EC2 with a public IP address and your public SSH key. Put the following into the file “~/ec2-basic.yml”
---
  - name: Provision an EC2 Instance
    hosts: local
    connection: local
    gather_facts: False
    tags: provisioning
    # Necessary Variables for creating/provisioning the EC2 Instance
    vars:
      instance_type: t2.micro
      security_group: ansible-webserver # Change the security group name here
      image: ami-719fb712 # This is an AMI i created myself
      keypair: agix-key # This is one of my keys that i already have in AWS
      region: ap-southeast-2 # Change the Region
      count: 1

    # Task that will be used to Launch/Create an EC2 Instance
    tasks:

      - name: Create a security group
        local_action: 
          module: ec2_group
          name: "{{ security_group }}"
          description: Security Group for webserver Servers
          region: "{{ region }}"
          rules:
            - proto: tcp
              from_port: 22
              to_port: 22
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 80
              to_port: 80
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 443
              to_port: 443
              cidr_ip: 0.0.0.0/0
          rules_egress:
            - proto: all
              cidr_ip: 0.0.0.0/0
        register: basic_firewall

      - name: Launch the new EC2 Instance
        local_action: ec2 
                      group={{ security_group }} 
                      instance_type={{ instance_type}} 
                      image={{ image }} 
                      wait=true 
                      region={{ region }} 
                      keypair={{ keypair }}
                      count={{count}}
        register: ec2

      - name: Add the newly created EC2 instance(s) to the local host group (located inside the directory)
        local_action: lineinfile 
                      dest="./hosts" 
                      regexp={{ item.public_ip }} 
                      insertafter="[webserver]" line={{ item.public_ip }}
        with_items: ec2.instances


      - name: Wait for SSH to come up
        local_action: wait_for 
                      host={{ item.public_ip }} 
                      port=22 
                      state=started
        with_items: ec2.instances

      - name: Add tag to Instance(s)
        local_action: ec2_tag resource={{ item.id }} region={{ region }} state=present
        with_items: ec2.instances
        args:
          tags:
            Name: webserver
Being the provisioning (spin it up):
ansible-playbook -i ./hosts ec2-basic.yml
And finally log into your new ec2 instance:

https://github.com/docker/machine/issues/287
Keypair->EC2>NETWORK & SECURITY, choose Key Pairs

Wednesday, January 18, 2017

Installing GUI in AWS EC2 - RHEL7

There are three sections involved in the whole setup. Follow all the three sections explained below to successfully configure the GUI.

sudo yum -y update
Install the gnome GUI components using the following command.
sudo yum groupinstall -y "Server with GUI"
Issue the following commands to start the GUI during boot.
sudo systemctl set-default graphical.target

sudo systemctl default

Now we have all the essential GUI components installed on the server. In the next section, we will install the xrdp components to enable remote desktop connections.


Setting Up XRDP

Add the xrdp repository to your instance using the following command.
Install xrdp and tiger VNC server.
sudo yum install -y xrdp tigervnc-server
Setup SELINUX security using the following commands.
chcon --type=bin_t /usr/sbin/xrdp
chcon --type=bin_t /usr/sbin/xrdp-sesman
Start and enable the xrdp service.
Enable RDP port on the instance using the following firewall commands.
sudo firewall-cmd --permanent --add-port=3389/tcp
sudo firewall-cmd --reload
Set a password for ec2-user . This password will be used to connect to the RDP session.
Set password for root as you will be prompted for cloud user password for network proxy and color. Login as root and set the password.
Now we have the xdrp components and all instance level settings in the right place. Now let’s test out the RDP connection from an RDP client. In this tutorial, i am using windows RDP client.

Connecting The Instance Using RDP

Note: Make sure you have opened RDP port in your instance security group.
1. Open RDP client and type in the public IP of your instance and click connect.
2. If you get a warning message about remote identity, just click yes.
3. Now you will get a xrdp authentication window, enter the credentials and click ok.
Note: The username is “ec2-user” and the password is the password you set for ec2-user in step 6.
4. You will be prompted to enter the password again. Provide the password and proceed to the steps to configure the initial desktop.
5. If it prompts for “cloud user password” provide the root user password you set in step 7.
6. That it, you will get a GUI session as shown below. If you face any errors do let me know in the comment session.
Source : https://devopscube.com/how-to-setup-gui-for-amazon-ec2-rhel-7-instance/

Friday, November 18, 2016

What is the use of enumerate function in python

enumerate() is one of the built-in Python functions. It returns an enumerate object. In our case that object is a list of tuples (immutable lists), each containing a pair of count/index and value. 

>>> choices = ['pizza', 'pasta', 'salad', 'nachos']
>>> list(enumerate(choices))
=> [(0, 'pizza'), (1, 'pasta'), (2, 'salad'), (3, 'nachos')]
So, in the for index, item in enumerate(choices): expressionindex, item is the pair of count, value of each tuple: (0, 'pizza'), (1, 'pasta'), ...
We may easily change the start count/index with help ofenumerate(sequence, start=0)
for index, item in enumerate(choices, start = 1):
    print index, item
or simply with a number as the second parameter
for index, item in enumerate(choices, 1):
    print index, item
Try the following code:

>>>with open ('/etc/passwd') as f1:
...    ab = f1.readlines()
...     for i,v in enumerate(ab, 1):        
...      print i,v

Thursday, November 17, 2016

File handling in Python Cheatsheet: All modes

  • r

    Opens a file for reading only. The file pointer is placed at the beginning of the file. This is the default mode.
  • rb

    Opens a file for reading only in binary format. The file pointer is placed at the beginning of the file. This is the default mode.
  • r+

    Opens a file for both reading and writing. The file pointer will be at the beginning of the file. 
    (cannot truncate a file)
  • rb+

    Opens a file for both reading and writing in binary format. The file pointer will be at the beginning of the file.
  • w

    Opens a file for writing only. Overwrites the file if the file exists. If the file does not exist, creates a new file for writing.
  • wb

    Opens a file for writing only in binary format. Overwrites the file if the file exists. If the file does not exist, creates a new file for writing.
  • w+

    Opens a file for both writing and reading. Overwrites the existing file if the file exists. If the file does not exist, creates a new file for reading and writing.
    (can truncate a file)
  • wb+

    Opens a file for both writing and reading in binary format. Overwrites the existing file if the file exists. If the file does not exist, creates a new file for reading and writing.
  • a

    Opens a file for appending. The file pointer is at the end of the file if the file exists. That is, the file is in the append mode. If the file does not exist, it creates a new file for writing.
  • ab 

    Opens a file for appending in binary format. The file pointer is at the end of the file if the file exists. That is, the file is in the append mode. If the file does not exist, it creates a new file for writing.
  • a+

    Opens a file for both appending and reading. The file pointer is at the end of the file if the file exists. The file opens in the append mode. If the file does not exist, it creates a new file for reading and writing.
  • ab+

    Opens a file for both appending and reading in binary format. The file pointer is at the end of the file if the file exists. The file opens in the append mode. If the file does not exist, it creates a new file for reading and writing.


Important


Always make sure you explicitly close each open file, once its job is done and you have no reason to keep it open. Because - There is an upper limit to the number of files a program can open. If you exceed that limit, there is no reliable way of recovery, so the program could crash. - Each open file consumes some main-memory for the data-structures associated with it, like file descriptor/handle or file locks etc. So you could essentially end-up wasting lots of memory if you have more files open that are not useful or usable. - Open files always stand a chance of corruption and data loss.




Tuesday, November 15, 2016

Unable to connect to RHN network - ping works but nslookup fails

You should have proper entries in /etc/hosts and /etc/nsswitch.conf

Usually, you'll want its hosts line to look like(in /etc/nsswitch.conf):

hosts:      files dns
Antoher file to check is /etc/resolv.conf
check the permissions of all these files.

Read: http://superuser.com/questions/704785/ping-cant-resolve-hostname-but-nslookup-can

Monday, November 7, 2016

Installing Python modules using pip

pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index (PyPI). Python 2.7.9 and later (on the python2 series), and Python 3.4 and later include pip (pip3 forPython 3) by default.

Install steps: https://pip.pypa.io/en/stable/installing/

Wget https://bootstrap.pypa.io/get-pip.py

Then run the following:

python get-pip.py

Install paramiko using pip


For reference, paramiko which we install has a hard dependency on cryptography which states:
For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:
$ sudo apt-get install build-essential libssl-dev libffi-dev python-dev
For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:
$ sudo yum install gcc libffi-devel python-devel openssl-devel
#pip install paramiko