Archive for the ‘Linux’ Category

In one of previous posts we created JIRA subtasks using REST API, in this example we’ll see how to create new JIRA task with Epic link,label, assignee and reporter


curl -D- -u user:pass -X POST --data "{\"fields\":{\"labels\":[\"SERVICES\"],\"assignee\":{\"name\":\"emergencyadmin\"},\"reporter\":{\"name\":\"user\"},\"project\":{\"key\":\"AA\"},\"summary\":\"Create user account in Local AD.\",\"description\":\"Create user account in Local AD.\",\"issuetype\":{\"name\":\"Managed Service\"},\"customfield_10107\":{\"id\":\"10505\"},\"customfield_10006\":{\"CP-3289\"}}}" -H "Content-Type:application/json"

customfield_10006-epic link
customfield_10107-client account




import sys
import json
import re
import requests
import subprocess
import os
import urllib2
import argparse

import datetime
from dateutil.relativedelta import *

one_month_ago = – relativedelta(months=1)

previous_month = one_month_ago.strftime(“%B”)

currentYear =

password = str(sys.argv[1])

headers = {“Content-Type”: “application/json”}
data = {“fields”:{“labels”:[“SERVICES”],”reporter”:{“name”:”user”},”assignee”:{“name”:”emergencyadmin”},”project”:{“key”:”AA”},”summary”:”SPLA usage report for {previous_month} {currentYear}”.format(**locals()),”description”:”Review SPLA usage report”,”issuetype”:{“name”:”Managed Service”},”customfield_10107″:{“id”:”10505″},”customfield_10006″:”CP-3289″}}
response =“”,
headers=headers, data=json.dumps(data), auth=(‘user’, password))

  • Register to Bitbucket (it’s free).
  • Create Repository



  • Copy code after registration,it will be used to connect to GIT


Download GIT client

Choose default editor



Start Git CMD, browse to folder where you want to store files for GIT


Clone  repository:

git clone

You’ll be prompted for Bitbucket username/password

new folder (repository name) will be created, to that folder copy files you want to push to Git


In Git CMD, browse to that folder

Set username/email address, add files for pushing and commit it

cd terraform-git/
git config --global "some@email"
git config --global "some@email"
git add .
$ git commit -m "test"
git push






Amazon EC2-Changing instance type

Posted: April 24, 2018 in AWS, Linux

If we face hardware limitations of our EC2 instance, we can’t just increase Memory/CPU cores as in VMWare, instead we must change instance type.It’s set of predefined images with different hardware specifications.(More info here)

First,stop EC2 instance:




Then, from Action menu,select Instance Settings-Change Instance Type




Select instance type and click Apply



Now start instance. (Note that new public IP is assigned.The instance retains its private IPv4 addresses

In order to change subnet of EC2 instance stop it firs




Then create AMI image from that instance






Click on new AMI then launch it




Select desired subnet







New instance is in different subnet and data are preserved



Install sasld

yum install cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5
systemctl start saslauthd

in /etc/postfix folder create file sasl_passwd and put username and password of mailbox which will be used as relay


To set default “from” to be this email open file /etc/postfix/generic

Add this at bottom (this is amazon AWS instance)

All emails will be rewritten with in from field with one we just specified

postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/generic

now add following lines in /etc/postfix/

relayhost = []:587
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_auth_enable = yes
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_security_level = may
smtp_sasl_security_options = noanonymous

Restart postfix service and you should be able to send emails through Office 365

If you get “Office 365 unreachable” error, in /etc/postfix/
change inet_protocols line from all to ipv4

Certificate authentication

If we want to secure our connection we can secure it with certificate:

openssl s_client -showcerts -starttls smtp -crlf -connect

In my case i got 2 certificates, i copied it in cacert.pem file


then add following lines to /etc/postfix/

smtp_send_dummy_mail_auth = yes
smtp_always_send_ehlo = yes
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem

Restart postfix service and your traffic is now encrypted

Monitor Rundeck Jobs with Zabbix

Posted: April 4, 2018 in Linux, RunDeck

It’s presumed that Rundeck server is monitored by Zabbix

Disable the token expiration time for rundeck API (so we can authenticate on Rundeck server when running API calls)

Edit the /etc/rundeck/ file and add the following line and restart Rundeck service

rundeck.api.tokens.duration.max = 0
service rundeckd restart

Authenticate with an admin account and click on the “profile” button at the top right of the page:Administrator-Profile-add API token-save it


I modified this script  (to include job name in output)

Change URL,Rundeck token, project name and jobname (this query runs in project scope)

curl -s -H "Accept: application/json" -X GET "" | python -m json.tool > /tmp/1.json

jq -r '.|[.executions[] | select( != null) | select(|contains("test")) ] | sort_by(.id) | reverse | .[0] | [.status,, ."date-started".date, ."date-ended".date, .job.project] | @csv' /tmp/1.json > /tmp/1.csv
sed 's/,/ /g' /tmp/1.csv>/tmp/st.txt

while read -r status name startdate enddate project; do

stime=$(date -d "${startdate/T/ }" +%s)
etime=$(date -d "${enddate/T/ }" +%s)
let elapsed=etime-stime

if [ "$status" == "\"aborted\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name-"Long-Run"
elif [ "$status" == "\"aborted\"" ] && [ "$elapsed" -lt 300 ]; then echo $project"-"$name " Aborted"
elif [ "$status" == "\"failed\"" ]; then echo $project"-"$name "failed-Demo"
#elif [ "$status" == "\"succeeded\"" ]; then echo $project"-"$name "success"
elif [ "$status" == "\"succeeded\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name" Takes too long"


Second version (without storing output to JSON file):


curl -s -H "Accept: application/json" -X GET "" | jq -r '.|[.executions[] | select( != null) | select(|contains("test")) ] | sort_by(.id) | reverse | .[0] | [.status,, ."date-started".date, ."date-ended".date, .job.project] | @csv'  | sed 's/,/ /g' > /tmp/st.tx

while read -r status name startdate enddate project; do

stime=$(date -d "${startdate/T/ }" +%s)
etime=$(date -d "${enddate/T/ }" +%s)
let elapsed=etime-stime

if [ "$status" == "\"aborted\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name-"Long-Run"
elif [ "$status" == "\"aborted\"" ] && [ "$elapsed" -lt 300 ]; then echo $project"-"$name " Aborted"
elif [ "$status" == "\"failed\"" ]; then echo $project"-"$name "failed-Demo"
#elif [ "$status" == "\"succeeded\"" ]; then echo $project"-"$name "success"
elif [ "$status" == "\"succeeded\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name" Takes too long"


Zabix agent configuration (Creating key)

Rundeck server is monitored by Zabbix, we’ll now tell Zabbix to run this script:

In my Centos box config file is in /etc/zabbix/zabbix_agentd.conf Uncomment




In above example i created a key named rundeck and specified a path for script

give zabbix user ownership over script:

chown zabbix:zabbix /home/

check zabbix user bash version

zabbix:x:997:995:Zabbix Monitoring System:/var/lib/zabbix:/bin/sh
su - zabbix

Now test if key works:restart zabbix agent and run test:

systemctl stop zabbix-agent.service && systemctl start zabbix-agent.service && zabbix_agentd -t rundeck
[root@localhost home]# zabbix_agentd -t rundeck
rundeck                                       [t|Job  "aa" success]

Now perform test on Zabbix server

zabbix_get -s -p 10050 -k rundeck
Job  "aa" success


If get “permission denied” try following (on Rundeck server)

systemctl stop zabbix-agent.service
chown -R zabbix:zabbix /var/log/zabbix
chown -R zabbix:zabbix /var/run/zabbix
chmod -R 775 /var/log/zabbix/
chmod -R 775 /var/run/zabbix/
/usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
systemctl start zabbix-agent.service

If get “unsupported key” error, try to set in Zabbix agent file as follows)

Mandatory: no
# Default:

then restart zabbix agent

Creating item

Configuration-Host-click on host-items


Specify name-select key and specify Text as type of informtion


Creating trigger

In this example i created trigger for “failed” script output, if we need alerts for other outputs (“aborted”) we need to create another trigger


{hostname:itemname.str(script output)}=1


If we have some failed job, it will be detected on dashboard


In previous post we created only one subtask for one issue. What in situations when need to create subtasks for issues without subtasks ?.Unfortunately, there is no native  JQL function that can verify if an issue has or hasn’t a subtask.JIRA has third party add-ons that extend Jira’s functionality.
This python script will return JIRA key’s for tasks without subtasks and create subtask for it:

import sys
import json
import re
import requests
import os
import urllib2
import argparse
from json_tricks import dump,dumps

password = str(sys.argv[1])

headers = {
'Content-Type': 'application/json',

params = (
('jql', 'project="Technology" AND summary~"New User*" AND issuetype="Task" AND status!="DONE"'),

response = requests.get('', headers=headers, params=params, auth=('user', password))

datapath = '/var/lib/rundeck/1.json'
data = json.load(open(datapath))

for issue in data['issues']:
if len(issue['fields']['subtasks']) == 0:
        line = issue['key']
        headers = {"Content-Type": "application/json"}
        data = {"fields": {"project": {"key": "TECH"},"parent": {"key": line.rstrip()},"summary": "Create user account in Local AD. ","description": "Create user account in Local AD.",
       "issuetype": {"name": "Sub-task"},"customfield_10107": {"id": "10400"}}}
        response ="",
        headers=headers,data=json.dumps(data),auth=('user', password))