Archive for fevereiro \18\UTC 2013

Ver quanto de swap todos os processos estão rodando.

fevereiro 18, 2013 Deixe um comentário

# Get current swap usage for all running processes
# Erik Ljungstrom 27/05/2011
for DIR in `find /proc/ -maxdepth 1 -type d | egrep “^/proc/[0-9]”` ; do
PID=`echo $DIR | cut -d / -f 3`
PROGNAME=`ps -p $PID -o comm –no-headers`
for SWAP in `grep Swap $DIR/smaps 2>/dev/null| awk ‘{ print $2 }’`
echo “PID=$PID – Swap used: $SUM – ($PROGNAME )”

echo “Overall swap used: $OVERALL”


alterando o channel do red hat para instalar outros pacotes.

fevereiro 5, 2013 Deixe um comentário

puppet parte 2

fevereiro 5, 2013 Deixe um comentário

Last time we got our Puppet server embedded in a WEBrick server. Today I’ll show how to go one step further by installing Passenger (mod_rails). By enabling Apache to serve our Puppet clients we will benefit from performance gains like being able to handle concurrent connections.

Getting Passenger working

Add the following into your puppet.conf:

ssl_client_header = SSL_CLIENT_S_D
ssl_client_verify_header = SSL_CLIENT_VERIFY

Install the following on our Puppet server:

[root@puppet]# yum install gcc-c++ httpd-devel apr-devel ruby-devel ruby-rdoc

Install some gems:

[root@puppet]# gem install -v=1.0.1 rack

[root@puppet]# gem install -v=2.3.5 activerecord

And Passenger:

[root@puppet]# gem install -v=2.2.11 passenger


[root@puppet]# passenger-install-apache2-module

If this final install of Passenger fails it will tell you where it went wrong so fix as and if needed.

Install mod_ssl:

[root@puppet]# yum install mod_ssl

Create the document root:

[root@puppet]# mkdir -p /usr/share/puppet/rack/puppetmasterd/public

Now we need to create the Apache configuration in /etc/httpd/conf.d/puppet.conf:

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-2.2.11/ext/apache2/
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-2.2.11
PassengerRuby /usr/bin/ruby

Listen 8140

SSLEngine on
SSLCertificateFile /var/lib/puppet/ssl/certs/
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled; if you have problems withApache complaining about the CRL, disable the next line
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars

# The following client headers allow the same configuration to work with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

RackAutoDetect On
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/

Options None
AllowOverride None
Order allow,deny
allow from all

Check the Apache configuration with an apachectl configtest and again fix any errors you encounter.

Now, copy the Rack config:

[root@puppet]# cp /usr/share/puppet/ext/rack/files/ /usr/share/puppet/rack/puppetmasterd/

Give Puppet correct permission to access the Rack config:

[root@puppet]# chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/

Stop the Puppet server with a service puppetmaster stop so it won’t interfere with Passenger. Remember to deactivate the puppetmaster service via chkconfig too. Then start Apache and you should have Passenger working.

To check from our Puppet client:

[root@pclient]# puppetd –noop –test –server –port 8140


instalando o puppet e dicas de erro.

fevereiro 5, 2013 Deixe um comentário

This is part one on how to install a Puppet 2.76 Server using Passenger (mod_passenger) with MySQL (for stored configurations) on Centos 6 or Red Hat Enterprise 6. In this first part we will get a Puppet/WEBrick server serving a single Puppet client.

Firstly, ensure the FQDN (i.e. is set up properly on the server otherwise your Puppet clients will not be able to connect.

In this example, we’re going to have the following setup: = Puppet server = Puppet client

Next, add a puppet.repo to /etc/yum.repos.d/ on both server and client:

name=Puppet Labs Packages
name=Puppet Labs Packages Deps

Also, add the EPEL repository.

Now, install Puppet server on the server:

[root@puppet]# yum install puppet-server

And install the Puppet client on the client:

[root@pclient]# yum install puppet

Start the Puppet server to generate the SSL certificates:

[root@puppet]# service puppetmaster start

Check the SSL certificates have been generated by verifying their existence in /var/lib/puppet/ssl.

Let’s see if the Puppet server and client can communicate with each other. Note, you may need to open up your firewall for this to work, so open port 8140 on the Puppet server to allow the Puppet client access. For iptables:

[root@puppet]# iptables -I INPUT -s -m tcp -p tcp –dport 8140 -j ACCEPT

Save the iptables and restart the service.

Next, on the client, generate a SSL certificate request:

[root@pclient]# puppetd –waitforcert 30 –server -v

On the server check whether it has received the request:

[root@puppet]# puppetca -l

If it has worked, the output should be similar to: xxxxxxxxxxxxxxxx

Then sign the request:

[root@puppet]# puppetca -s

If you run into any problems with generating or signing the certificates, check in the /var/lib/puppet/ssl directory and remove them if necessary. You can also run puppetca -c which revokes the certificate.

Check if everything is working by running this on the client:

[root@pclient]# puppetd –debug –server

This will output any errors if there are any.

Now you should have a working Puppet server communicating with a Puppet client, in part two we will get Passenger installed.