Archive for the ‘Linux’ Category

In one of previous posts we created JIRA subtasks using REST API, in this example we’ll see how to create new JIRA task with Epic link,label, assignee and reporter

Bash:

curl -D- -u user:pass -X POST --data "{\"fields\":{\"labels\":[\"SERVICES\"],\"assignee\":{\"name\":\"emergencyadmin\"},\"reporter\":{\"name\":\"user\"},\"project\":{\"key\":\"AA\"},\"summary\":\"Create user account in Local AD.\",\"description\":\"Create user account in Local AD.\",\"issuetype\":{\"name\":\"Managed Service\"},\"customfield_10107\":{\"id\":\"10505\"},\"customfield_10006\":{\"CP-3289\"}}}" -H "Content-Type:application/json" https://jira.company.com/rest/api/latest/issue/

customfield_10006-epic link
customfield_10107-client account

Python:

 

#!/usr/bin/python

import sys
import json
import re
import requests
import subprocess
import os
import urllib2
import argparse

import datetime
from dateutil.relativedelta import *

one_month_ago = datetime.datetime.now() – relativedelta(months=1)

previous_month = one_month_ago.strftime(“%B”)

currentYear = datetime.datetime.now().year

password = str(sys.argv[1])

headers = {“Content-Type”: “application/json”}
data = {“fields”:{“labels”:[“SERVICES”],”reporter”:{“name”:”user”},”assignee”:{“name”:”emergencyadmin”},”project”:{“key”:”AA”},”summary”:”SPLA usage report for {previous_month} {currentYear}”.format(**locals()),”description”:”Review SPLA usage report”,”issuetype”:{“name”:”Managed Service”},”customfield_10107″:{“id”:”10505″},”customfield_10006″:”CP-3289″}}
response = requests.post(“https://jira.company.com/rest/api/latest/issue/”,
headers=headers, data=json.dumps(data), auth=(‘user’, password))

Advertisements
  • Register to Bitbucket (it’s free).
  • Create Repository

1

2

  • Copy code after registration,it will be used to connect to GIT

5

Download GIT client

Choose default editor

3

4

Start Git CMD, browse to folder where you want to store files for GIT

9

Clone  repository:

git clone https://draganvucanovic@bitbucket.org/draganvucanovic/terraform-git.git

You’ll be prompted for Bitbucket username/password

new folder (repository name) will be created, to that folder copy files you want to push to Git

6.PNG

In Git CMD, browse to that folder

Set username/email address, add files for pushing and commit it

cd terraform-git/
git config --global user.name "some@email"
git config --global user.email "some@email"
git add .
$ git commit -m "test"
git push

 

8

 

 

 

Amazon EC2-Changing instance type

Posted: April 24, 2018 in AWS, Linux

If we face hardware limitations of our EC2 instance, we can’t just increase Memory/CPU cores as in VMWare, instead we must change instance type.It’s set of predefined images with different hardware specifications.(More info here)

First,stop EC2 instance:

 

1

 

Then, from Action menu,select Instance Settings-Change Instance Type

 

2

 

Select instance type and click Apply

 

3

Now start instance. (Note that new public IP is assigned.The instance retains its private IPv4 addresses

In order to change subnet of EC2 instance stop it firs

 

1.png

 

Then create AMI image from that instance

 

2.png

 

 

3.PNG

Click on new AMI then launch it

 

4.png

 

Select desired subnet

 

5.png

 

 

6.PNG

 

New instance is in different subnet and data are preserved

 

7.PNG

Install sasld

yum install cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5
systemctl start saslauthd

in /etc/postfix folder create file sasl_passwd and put username and password of mailbox which will be used as relay

[smtp.office365.com]:587 user@domain.com:Pass

To set default “from” to be this email open file /etc/postfix/generic

Add this at bottom (this is amazon AWS instance)

root@ip-1-18-23-1.company.com user@domain.com

All emails will be rewritten with in from field with one we just specified

postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/generic

now add following lines in /etc/postfix/main.cf

relayhost = [smtp.office365.com]:587
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_auth_enable = yes
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_security_level = may
smtp_sasl_security_options = noanonymous

Restart postfix service and you should be able to send emails through Office 365

If you get “Office 365 unreachable” error, in /etc/postfix/main.cf
change inet_protocols line from all to ipv4

Certificate authentication

If we want to secure our connection we can secure it with certificate:

openssl s_client -showcerts -starttls smtp -crlf -connect smtp.office365.com:587

In my case i got 2 certificates, i copied it in cacert.pem file

Capture.PNG

then add following lines to /etc/postfix/main.cf

smtp_send_dummy_mail_auth = yes
smtp_always_send_ehlo = yes
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem

Restart postfix service and your traffic is now encrypted

Monitor Rundeck Jobs with Zabbix

Posted: April 4, 2018 in Linux, RunDeck

It’s presumed that Rundeck server is monitored by Zabbix

Disable the token expiration time for rundeck API (so we can authenticate on Rundeck server when running API calls)

Edit the /etc/rundeck/rundeck-config.properties file and add the following line and restart Rundeck service

rundeck.api.tokens.duration.max = 0
service rundeckd restart

Authenticate with an admin account and click on the “profile” button at the top right of the page:Administrator-Profile-add API token-save it

Capture.PNG

I modified this script  (to include job name in output)

Change URL,Rundeck token, project name and jobname (this query runs in project scope)

#!/bin/bash
curl -s -H "Accept: application/json" -X GET "http://172.30.61.88:4440/api/20/project/demo/executions?authtoken=ZP9znayUp3Ktp26uQjSQGnEfTzDvqPDA" | python -m json.tool > /tmp/1.json

jq -r '.|[.executions[] | select(.job.name != null) | select(.job.name|contains("test")) ] | sort_by(.id) | reverse | .[0] | [.status, .job.name, ."date-started".date, ."date-ended".date, .job.project] | @csv' /tmp/1.json > /tmp/1.csv
sed 's/,/ /g' /tmp/1.csv>/tmp/st.txt

while read -r status name startdate enddate project; do

startdate=${startdate//\"/}
stime=$(date -d "${startdate/T/ }" +%s)
enddate=${enddate//\"/}
etime=$(date -d "${enddate/T/ }" +%s)
let elapsed=etime-stime

if [ "$status" == "\"aborted\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name-"Long-Run"
elif [ "$status" == "\"aborted\"" ] && [ "$elapsed" -lt 300 ]; then echo $project"-"$name " Aborted"
elif [ "$status" == "\"failed\"" ]; then echo $project"-"$name "failed-Demo"
#elif [ "$status" == "\"succeeded\"" ]; then echo $project"-"$name "success"
elif [ "$status" == "\"succeeded\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name" Takes too long"
fi

done</tmp/st.txt

Second version (without storing output to JSON file):

#!/bin/bash

curl -s -H "Accept: application/json" -X GET "http://192.168.253.21:4440/api/20/project/demo/executions?authtoken=kH44NoX35bp1zxohgkMtsOIC9H9tw6UI" | jq -r '.|[.executions[] | select(.job.name != null) | select(.job.name|contains("test")) ] | sort_by(.id) | reverse | .[0] | [.status, .job.name, ."date-started".date, ."date-ended".date, .job.project] | @csv'  | sed 's/,/ /g' > /tmp/st.tx


while read -r status name startdate enddate project; do

startdate=${startdate//\"/}
stime=$(date -d "${startdate/T/ }" +%s)
enddate=${enddate//\"/}
etime=$(date -d "${enddate/T/ }" +%s)
let elapsed=etime-stime

if [ "$status" == "\"aborted\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name-"Long-Run"
elif [ "$status" == "\"aborted\"" ] && [ "$elapsed" -lt 300 ]; then echo $project"-"$name " Aborted"
elif [ "$status" == "\"failed\"" ]; then echo $project"-"$name "failed-Demo"
#elif [ "$status" == "\"succeeded\"" ]; then echo $project"-"$name "success"
elif [ "$status" == "\"succeeded\"" ] && [ "$elapsed" -gt 300 ]; then echo $project"-"$name" Takes too long"
fi

done</tmp/st.txt

Zabix agent configuration (Creating key)

Rundeck server is monitored by Zabbix, we’ll now tell Zabbix to run this script:

In my Centos box config file is in /etc/zabbix/zabbix_agentd.conf Uncomment

EnableRemoteCommands=1

Uncomment

UserParameter=rundeck,/home/a.sh

In above example i created a key named rundeck and specified a path for script

give zabbix user ownership over script:

chown zabbix:zabbix /home/a.sh

check zabbix user bash version

zabbix:x:997:995:Zabbix Monitoring System:/var/lib/zabbix:/bin/sh
su - zabbix
./a.sh

Now test if key works:restart zabbix agent and run test:

systemctl stop zabbix-agent.service && systemctl start zabbix-agent.service && zabbix_agentd -t rundeck
[root@localhost home]# zabbix_agentd -t rundeck
rundeck                                       [t|Job  "aa" success]

Now perform test on Zabbix server

zabbix_get -s 172.30.61.88 -p 10050 -k rundeck
Job  "aa" success

 

If get “permission denied” try following (on Rundeck server)

systemctl stop zabbix-agent.service
chown -R zabbix:zabbix /var/log/zabbix
chown -R zabbix:zabbix /var/run/zabbix
chmod -R 775 /var/log/zabbix/
chmod -R 775 /var/run/zabbix/
/usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
systemctl start zabbix-agent.service

If get “unsupported key” error, try to set in Zabbix agent file as follows)

Mandatory: no
# Default:
Include=/etc/zabbix/zabbix_agentd.d
#Include=/etc/zabbix/zabbix_agentd.d/*.conf/

then restart zabbix agent

Creating item

Configuration-Host-click on host-items

Capture.PNG

Specify name-select key and specify Text as type of informtion

Capture.PNG

Creating trigger

In this example i created trigger for “failed” script output, if we need alerts for other outputs (“aborted”) we need to create another trigger

{rundeck:rundeck.str(“failed”)}=1

{hostname:itemname.str(script output)}=1

Capture.PNG

If we have some failed job, it will be detected on dashboard

Capture.PNG

In previous post we created only one subtask for one issue. What in situations when need to create subtasks for issues without subtasks ?.Unfortunately, there is no native  JQL function that can verify if an issue has or hasn’t a subtask.JIRA has third party add-ons that extend Jira’s functionality.
This python script will return JIRA key’s for tasks without subtasks and create subtask for it:

#!/usr/bin/python
import sys
import json
import re
import requests
import os
import urllib2
import argparse
from json_tricks import dump,dumps

password = str(sys.argv[1])

headers = {
'Content-Type': 'application/json',
}

params = (
('jql', 'project="Technology" AND summary~"New User*" AND issuetype="Task" AND status!="DONE"'),
)

response = requests.get('https://jira.corp.company.com/rest/api/2/search', headers=headers, params=params, auth=('user', password))

 
datapath = '/var/lib/rundeck/1.json'
data = json.load(open(datapath))

for issue in data['issues']:
if len(issue['fields']['subtasks']) == 0:
        line = issue['key']
        headers = {"Content-Type": "application/json"}
        data = {"fields": {"project": {"key": "TECH"},"parent": {"key": line.rstrip()},"summary": "Create user account in Local AD. ","description": "Create user account in Local AD.",
       "issuetype": {"name": "Sub-task"},"customfield_10107": {"id": "10400"}}}
        response = requests.post("https://jira.corp.company.com/rest/api/latest/issue/",
        headers=headers,data=json.dumps(data),auth=('user', password))