| [root@dmcm-base-omnibus-build-lab etc]# yum groupinstall Development | |
| Loaded plugins: fastestmirror | |
| Loading mirror speeds from cached hostfile | |
| * base: linux.mirrors.es.net | |
| * epel: linux.mirrors.es.net | |
| * extras: mirror.supremebytes.com | |
| * updates: linux.mirrors.es.net | |
| Setting up Group Process | |
| Checking for new repos for mirrors | |
| Package flex-2.5.35-8.el6.x86_64 already installed and latest version |
brevity isn't my strongest skill but I'm seriously going to try here
| $ModLoad omrelp | |
| $RepeatedMsgReduction off | |
| $template ls_json,"{\"@version\":1,\"@timestamp\":\"%timestamp:1:19:date-rfc3339%.%timestamp:1:3:date-subseconds%+00:00\",%HOSTNAME:::jsonf:source_host%,\"message\":\"%timestamp% %app-name%:%msg:::json%\",%syslogfacility-text:::jsonf:facility%,%syslogseverity-text:::jsonf:severity%,%app-name:::jsonf:program%,%procid:::jsonf:processid%}" | |
| *.* :omrelp:127.0.0.1:20514;ls_json |
Basic port of my old rabbitmq+ruby global log tailer to redis+golang.
Still a go newb but it works. Probably lots of edge cases. Managed to port the bits to publish to a websocket instead of stdout. Plan on cleaning all that up and publishing it as two bits - the service and the client.
This is just a basic client. Totally insecure.
Note you would need to customize this. We have our own keys in our logstash events that are pointless to you.
This tool is primarily for our developers to be able to work with our production logs. They have access to our Kibana install but sometimes being able to just hit the command-line and use natural tools makes more sense. There's also an option to display stacktraces as well which is handy to be able to turn on or off.
A modifed version of the IRC adapter for Hubot that responds via Slack webhook api
Not at all. This was the first time I ever touched coffeescript.
HUBOT_SLACK_WEBHOOK_URL env var to that url
| slack "iptables-rules-changed-#{node.name}" do | |
| message "iptables.sav was updated on #{node.name}! This should be investigated" | |
| icon_url node['chef_client']['handler']['slack']['icon_url'] | |
| channel node['chef_client']['handler']['slack']['channel'] | |
| username "Chef iptables notifier" | |
| action :nothing | |
| end | |
| template "/etc/iptables.sav" do | |
| owner "root" |
In rebuilding and testing our omnibus "megapackage" on centos7, we discovered a weirdness where our post install scripts kept bombing out.
Note that this same script in our omnibus package worked on 14.04 ubuntu with no modification as well as the previous centos6 and ubuntu 12.04 setups.
It's possible the centos image we were using to test for centos6 already had selinux disabled (I haven't gone back and retested).
The really WEIRD part is that this work when I run these cookbooks manually logging in as root (the solo run we do in the post-install)
Something about the context of running chef-solo inside the context of a post-install script on centos7 feels like the issue but it could just be an old-fashioned bug.
Folks know I'm pretty gung-ho about slack as a communication tool and several people have brought up the following ValleyWag article:
http://valleywag.gawker.com/slack-is-letting-anyone-peek-at-their-competitors-1643790919/+barrett
Obviously we're concerned about it as well but as with most security issues, things aren't so clear cut. In many cases, I've gotten comments from people who don't use slack so there's understandable confusion. Note that I don't work for slack (obviously) and I don't speak for them (I didn't think this would ever need to be said but...there you go)
To be clear, this is an issue and we've already reported it to slack as well that it's unacceptable for us