Linux Server Management Assignment 3 – Salt & Jinja

H3 Salt Stack and Jinja

Assignment given by Tero Karvinen

a) Opiskele yllä aikataulussa olevat artikkelit. Noissa artikkeleissa opetetaan ne asiat, joilla läksyt saa tehtyä. Tätä lukutehtävää ei tarvitse raportoida. Luettava materiaali on kunkin tapaamiskerran kohdalla.

b) Tiedosto muotista: tee yksinkertainen SLS-tilatiedosto, joka laittaa muuttujan tiedostoon. Käytä jinjan kontekstimuuttujaa (template: jinja, context: …).

c) SLS tilaa Jinjalla: tee yksinkertainen SLS-tilatiedosto, joka käyttää for-in -silmukaa. Voit esimerkiksi tehdä kolme tiedostoa silmukalla. (Tässä tehtävässä siis käytetään jinjaa vain SLS-tiedoston sisällä, älä sotke samaan esimerkkiin tekstitiedostojen sisällön muuttamista.)

d) SSH-demonin portti: tee tila, joka asentaa SSH-demonin valittuun porttiin. Käytä portin valintaan Jinjaa, siten että sshd_config:issa “Port:”-kohdan arvo tulee Jinjan muuttujasta.

e) Kokeile jonkun toisen opiskelijan tekemää Salt-tilaa. Kokeiltava tila voi olla mistä vain harjoituksesta. Opiskelijoiden raportteja ja koodeja löydät tämän sivun perästä kommenteista.


Testing Environment

For this assignment I used Laptop Asus model RS17S and live-usb with Ubuntu 18.04. When I am using live-usb so to download some programs I have to go Software & Updates and check the Community-maintained free and open-source software (niverse)

Selection_001.png


a) First assignment was a reading assignment: SaltStack Get Started [official tutorial]: SaltStack Configuration Management: Jinja. Manage files.   Make a Million of Those – Jinja Templating Salt States.  Karvinen 2018: Name Based Virtual Hosts on Apache – Multiple Websites to Single IP Address.


b) For this assignment I had to make a simple that would put a name or my chosen word to a variable.

I started this assignment firstly by installing salt-minion (I am using salt-master on my server which I rented on Digital Ocean)

On minion

$ sudo apt-get -y install salt-minion

And the tell my minion who is his master

$ echo -e ‘master: (master’s ip)\nid: minion1’|sudo tee /etc/salt/minion

And then I restarted (This usually makes my minion to be seeing by my master. Not sure that is this nececcary)

$ sudo systemctl restart salt-minion.service

And then I accepted the they minion

$ sudo salt-key -A

Creating Jinja template

First I stared by making a simple ‘Hello world’ test to test that everything is working.

$ head -100 /srv/salt/multi/*
==> /srv/salt/multi/hello.txt <==
Hello world

==> /srv/salt/multi/init.sls <==
/tmp/hello.txt:
file.managed:
– source: salt://multi/hello.txt

And tested it:

$ sudo salt ‘minion1’ state.apply multi

Selection_002.png

We can see that it created a new file. So I needed to check that file on minion1:

$ cat /tmp/hello.txt
Hello world

Simple Jinja file

Now the simple ‘Hello world’ works, so I modified file so that I would use a simple Jinja template.

$ head -100 /srv/salt/multi/*
==> /srv/salt/multi/hello.txt <==
Hello! {{ person }}

 

==> /srv/salt/multi/init.sls <==
/tmp/hello.txt:
file.managed:
– source: salt://multi/hello.txt
– template: jinja
– context:
person: ‘Am I a smart people’

After this I tested the template that it works.

Selection_004.png

It created a new file on my minion1, so now I went to see that it appeared on my minion1:

$ cat /tmp/hello.txt
Hello! Am I a smart people

It created a new file and my text that I wanted it to write! So my simple Jinja template worked!


c) Jinja for-each-loop

On this assignment I had to do a Jinja for-each-loop.

Help for this I used my teacher’s article!

$ sudoedit hello.txt

Hello! {{ person }}

$ sudoedit init.sls

{% for file in [‘first’, ‘second’, ‘third’] %}
/tmp/jinjafile/{{ file }}:
file.managed:
– source: salt://multi/hello.txt
– makedirs: True
– template: jinja
– context:
person: ‘Am I a smart people’

{% endfor %}

After I modified hello.txt and init.sls files I had to test that they work.

$ sudo salt ‘minion1’ state.apply multi

Selection_003.png

As we can see that it created 3 files, so I went to check that it worked.

$ head -100 /tmp/jinjafile/*
==> /tmp/jinjafile/first <==
Hello! Am I a smart people

 

==> /tmp/jinjafile/second <==
Hello! Am I a smart people

 

==> /tmp/jinjafile/third <==
Hello! Am I a smart people

So it created a folder named jinjafile and three files! So my jinja for-eache-loop worked nicely!


d) SSH daemon port

On this task I had to change a SSH daemon port with Jinja template but first lets do it by hand.

Firstly I tried to connect to my localhost without modifying any files. (Because I am using a live ubuntu I first had to assign a password with passwd command)

$ ssh ubuntu@localhost
ubuntu@localhost’s password:

Welcome to Ubuntu Bionic Beaver

Now I changed the port. I changed the port to 8888 and the restarted sshd.service

$ sudoedit /etc/ssh/sshd_config

$ sudo systemctl restart sshd.service

And then I tried to log into localhost

$ ssh ubuntu@localhost
ssh: connect to host localhost port 22: Connection refused

So it failed to log in to port 22.

But if I try to connect via port 888.

ssh -p 8888 ubuntu@localhost
ubuntu@localhost’s password:
Welcome to Ubuntu Bionic Beaver

Changing port work so now I had to automate it.

Automated ssh port

I previously have made a salt-state for sshd installation so I decided to use that but I had to modify it a bit. I used a bit different sshd_config file which my teacher made. It is just all commended lines were taken away so it looks cleaner.

$ sudoedit sshd_config

Selection_002.png

So this is what the file looks like.

Then I went to make the init.sls file

$ sudoedit init.sls

Selection_003.png

So I made the necessary files. Now I had to test that everything works.

But before testing this I uninstalled ssh on the minion and tested that it didn’t work.

$ sudo apt-get purge openssh-server

$ ssh -p 8888 ubuntu@localhost
ssh: connect to host localhost port 8888: Connection refused

$ ssh ubuntu@localhost
ssh: connect to host localhost port 22: Connection refused

SSH didn’t work so now I had to apply the init.sls file on my master to minion.

$ sudo salt ‘minion1’ state.apply sshd

After a short time it installed everything and made the port to be 1234 as I wanted, but now I had to test it on my minion.

$ ssh -p 1234 ubuntu@localhost
ubuntu@localhost’s password:

Welcome to Ubuntu Bionic Beaver

So it worked with port 1234. For fun i tested just with the normal port 22.

$ ssh ubuntu@localhost
ssh: connect to host localhost port 22: Connection refused

My Jinja template worked!


e) Other student’s Salt state

On this assignment I had to recreate someone else Salt state (Someone who is on the same course). As we all return our assignments links to our teacher’s site so I picked one from there.

I like to do apache so I picked one where is made a salt state for apache. I used one of Mattson Joni assignment for doing my task.

So first I read his article and then started to recreate it.

Mattson Joni Apache Salt state

First I checked I wanted to check that could I make this by my own hands! Firstly I checked that Apache isn’t installed on my minion.

Problem loading page - Mozilla Firefox_005.png

$ sudo apt-get install apache2

$ sudoedit /var/www/html/index.html

Apache installation worked, next to create users homepage.

Mozilla Firefox_006.png

$ sudo a2enmod userdir

$ sudo systemctl restart apache2.service

$ cd

$ mkdir public_html

$ cd public_html/

$ nano index.html

$ whoami
ubuntu

Mozilla Firefox_007.png

Installation worked by hand! Next I have to automate this. Instruction I followed at one of my teacher’s article. But now I am going to follow only this student’s work!

Lets create necessary folders and files: ( I created a new file for this task because I wanted to keep everything organized on my server!

master$ cd /srv/salt

master$ sudo mkdir studentsapache

master$ cd studentsapache/

master$ sudoedit default-index.html

master$ cat default-index.html
Testest

Lets create a state:

master$ sudoedit init.sls

robert@512mb: -srv-salt-studentsapache_008.png

Lets test this:

master$ sudo salt ‘minion1’ state.apply apache

Selection_009.png

I had one error and it is because I had a wrong location for my default-index.html file. So lets change it and run again!

robert@512mb: -srv-salt-studentsapache_011.png

Everything went okay. Now lets uninstall Apache on my minion and try to install Apache again with the state!.

minion1:~$ sudo apt-get purge apache2 ← tabtab

apache2 apache2-bin apache2-data apache2-utils

minion1:~$ sudo apt-get purge apache2 apache2-bin apache2-data apache2-utils

Problem loading page - Mozilla Firefox_012.png

Again on master I had to apply it and it should install Apache.

$ sudo salt ‘minion1’ state.apply studentsapache

Installation worked and users homepage started to work!

Mozilla Firefox_013.png

I successfully recreated some ones Salt state!


Advertisements

One thought on “Linux Server Management Assignment 3 – Salt & Jinja

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s