Automation of salt minion installation from salt master

Install Salt Master : 

sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el7.noarch.rpm

sudo yum clean expire-cache
sudo yum install salt-master
sudo yum install salt-minion
sudo yum install salt-cloud

For Automatic Minion configuration we need to use saltify provider from salt.

Reference :

https://docs.saltstack.com/en/latest/topics/cloud/saltify.html

Lets start with the creation of saltify provider file :

vi /etc/salt/cloud.providers.d/saltify.conf

************
my-saltify-config:
  minion:
    master: ip_of_salt_master
  driver: saltify
************

now let us create a map file, it basically creates a map between salt profile and minion, The profile name 'setup-minion' will have to defined in the profile section.

you can list down all the minions that you need to configure in this file, I am just adding one minion as an example : 

vi /etc/salt/saltify-map 

************
setup_minion:
  - minion-name:
      ssh_host: ip_of_minion
      ssh_username: root
      key_filename: /root/.ssh/id_rsa
************

I am usin key_filename here, because i have ssh keys setup between the master and minion, if you do not have that you can use username and password.

as mentioned above, now let us create the profile : 

vi /etc/salt/cloud.profiles.d/saltify.conf

************
setup_minion:

  provider: my-saltify-config
************

now that we have all the configuration files ready, let us run a below command which will setup a minion for us :

salt-cloud -m /etc/salt/saltify-map -l debug

this will ask you for a confirmation about minion being setup, once you hit proceed you are all set.

I have added debug just in case it fails the output will help you to understand the error.

Creating Swap partition in RedHat 7

How To create a Swap Space on Linux :


this articles helps to create a swap space using fdisk command, it is very much straight forward to create a swap space during the Linux installation itself, however at times we miss creating that, and need for doing below arises.

first just find out what is our disk :

in this case it is /dev/sda

1. Start fdisk command :

2. Create a new Partion :

press n to create a new parition, and select the default partition number (5 in my case), default First Sector and for Last Sector provide the size of the swap you wanted to create (+ 5G in my case)

and this will create a new partition.

3. Change the type of Partition :

now we need to change the type of partition to swap otherwise the default type (ext4) formatted partition will be created.

type t , and then select the partition number which type needs to be changed (5 in this case), and select type (14), you can list all the types by using command L

once this is done, save and write the configuration with "w" command

post saving the configuration, you might see a message like :

"Re-reading the partition Table failed with error 16 : device busy"

so you have to reboot the server so that new partition table can be used.

Command : shutdown -r now

4. make swap

post the reboot, run the command mkswap on the newly created partion

5. swapon :

run swapon /dev/sda5

and verify with free -g command that swap space is created :

6. make the swap space permanent :

to make this permanent, you will have to add the entry in the /etc/fstab file :

PL/SQL : Securely Connect to HTTPS URL using oracle wallet

Assumption :

You can execute the PL/SQL with the http connection successfully.


Step1 :

Get the Site Certificate :

Open the site in the browser, click on the Lock icon and then certificate information, under the certification path click on the root certificate, and do a copy to file with Base-64 encoded format

name this as root.cer

Do the same thing for intermediate certificate and name it as intermediate.cer


Step 2 :

Create a directory for wallet :

 mkdir -p /u01/app/oracle/admin/DBNAME/wallet  

Step 3:

create new wallet

 $ orapki wallet create -wallet /u01/app/oracle/admin/11gr2/wallet -pwd WalletPasswd123 -auto_login   

The password should follow the password policy, else you might get an error saying wallet creation failed

Now import the root and intermediate certificate that we have copied

 $ orapki wallet add -wallet /u01/app/oracle/admin/11gr2/wallet -trusted_cert -cert "/location_of_the_cert/root.cer" -pwd WalletPasswd123  
 $ orapki wallet add -wallet /u01/app/oracle/admin/11gr2/wallet -trusted_cert -cert "/location_of_the_cert/intermediate.cer" -pwd WalletPasswd123  

Step 4:

execute the SQL :

 EXEC utl_http.set_wallet ( 'file:/u01/app/oracle/admin/11gr2/wallet', 'WalletPasswd123');  
 EXEC show_html_from_url(https://www.google.com)  
 ..............  
 ..............  
 PL/SQL procedure successfully completed  
 SQL>  

CentOS Directory Server (LDAP) : Useful commands.

How to add a new ldap user?

create a ldif (newuser.ldif) file with the content :

dn: uid=first.last,ou=People,dc=example,dc=com          uid: first.last          cn: First Last          sn: Last          objectClass: account          objectClass: posixAccount          objectClass: person          objectClass: top          userPassword: XXXXXXXX          loginShell: /bin/bash          uidNumber: XXXX          gidNumber: XXX          homeDirectory: /home/first.last          gecos: first last

Add the ldif to LDAP

ldapadd -Wxc -D "cn=Directory Manager" -H ldap://localhost:389 -f newuser.ldif

This will prompt you for the Directory Manager's password.

How does an Administrator change a password from the command-line?

ldappasswd -Z -h hostname -p 389 -D "cn=Directory Manager" -w admin_password -s new_password "uid=first.last,ou=People,dc=example,dc=com"

How to Remove a User from an Existing group ?

ldapmodify -x -h hostname -p 389 -D "cn=Directory Manager" -w password dn: cn=group_name,ou=Group,dc=example,dc=com changetype: modify delete: memberUid memberUid: first.last ^d Response : modifying entry "cn=group_name,ou=Group,dc=example,dc=com

How to Add a User to a Existing group ?

ldapmodify -x -h hostname -p 389 -D "cn=Directory Manager" -w password dn: cn=group_name,ou=Group,dc=example,dc=com changetype:modify add: memberUid memberUid: first.last ^d Response: modifying entry "cn=group_name,ou=Group,dc=example,dc=com"