Skip to content

Instantly share code, notes, and snippets.

View xorpaul's full-sized avatar

Andreas Paul xorpaul

13 followers · 0 following
View GitHub Profile
@xorpaul
xorpaul / ArbiterObjectDefinition
Last active August 29, 2015 13:56
Arbiter Object Definition
===== Arbiter Definition ======
===== Description =====
The Arbiter object is a way to define Arbiter daemons that will manage the configuration and all different architecture components of shinken (like distributed monitoring and high availability). It reads the configuration, cuts it into parts (N schedulers = N parts), and then sends them to all others elements. It manages the high availability part : if an element dies, it re-routes the configuration managed by this falling element to a spare one. Its other role is to receive input from users (like external commands of shinken.cmd) and send them to other elements. There can be only one active arbiter in the architecture.
The Arbiter definition is optional. If no arbiter is defined, Shinken will "create" one for the user. There will be no high availability for the Arbiter (no spare), and it will use the default port on the server where the daemon is launched.
===== Definition Format =====
@xorpaul
xorpaul / puppetdb_insert_catalog_resources.md
Last active January 4, 2016 03:29

8000 nodes

1,835,447 resources in the population

90% resource duplication

2014-01-22 17:27:39,878 WARN  [command-proc-60] [jdbc.internal] Query slower than 10s threshold:  actual execution time: 239.6458 seconds; Query: INSERT INTO catalog_resources (catalog,resource,type,
title,tags,exported,file,line) VALUES (?,?,?,?,?,?,?,?)INSERT INTO catalog_resources (catalog,resource,type,title,tags,exported,file,line) VALUES (?,?,?,?,?,?,?,?)INSERT INTO catalo
@xorpaul
xorpaul / puppetmaster_puppet.conf.md
Last active January 3, 2016 21:09 
...
[master]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
filetimeout = 30

ca = false

masterlog = $logdir/master.log
@xorpaul
xorpaul / ForemanTrendSlow.md
Last active January 3, 2016 11:29
More than 1 minute to show a trend graph. 
Started GET "/" for 172.20.11.5 at 2014-01-16 15:55:59 +0100
Processing by DashboardController#index as HTML
Redirected to http://foreman.domain.tld/users/login
Filter chain halted as :require_login rendered or redirected
Completed 302 Found in 2.5ms (ActiveRecord: 0.0ms)
Started GET "/trends/282-operating-system-by-codename" for 172.17.26.137 at 2014-01-16 15:56:08 +0100
Processing by TrendsController#show as HTML
  Parameters: {"id"=>"282-operating-system-by-codename"}
  User Load (0.9ms)  SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1  [["id", 1]]
@xorpaul
xorpaul / logstashSyslog.md
Created January 15, 2014 16:09
Logstash Syslog Severity 
input {
 syslog {
  charset => "ISO-8859-1"
  port => 5544
  type => "syslog"
 }
}
@xorpaul
xorpaul / augeas_sshd.md
Last active December 31, 2015 00:39
Augeas /etc/ssh/sshd_config AllowUser

Is there a better way to do this?

augeas { 'add_allow_users':
  context  => '/files/etc/ssh/sshd_config',
  changes  => [ 
    'set AllowUsers/1 alice',
    'set AllowUsers/2 bob',
    'set AllowUsers/3 charlie',
    ...
 ],
@xorpaul
xorpaul / AugeasPuppetSetm.md
Created November 27, 2013 15:27
Augeas Puppet Provider setm method debug

This works, when calling it directly:

augtool> print /files/etc/ssh/sshd_config/PermitRootLogin
/files/etc/ssh/sshd_config/PermitRootLogin[1] = "yes"
/files/etc/ssh/sshd_config/PermitRootLogin[2] = "yes"
/files/etc/ssh/sshd_config/PermitRootLogin[3] = "yes"
augtool> setm /files/etc/ssh/sshd_config/ PermitRootLogin no
augtool> print /files/etc/ssh/sshd_config/PermitRootLogin
/files/etc/ssh/sshd_config/PermitRootLogin[1] = "no"
@xorpaul
xorpaul / foreman_facts_tab.md
Created October 30, 2013 13:00
foreman facts tab 
Cache read: http://foreman/fact_values?
Started GET "/fact_values" for 1.2.3.4 at 2013-10-30 13:58:39 +0100
Cache read: _session_id:e28f9d66d14e0dac7a4bd3978087a14c
Processing by FactValuesController#index as HTML
  User Load (1.0ms)  SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1  [["id", 1]]
Setting current user thread-local variable to admin
  FactValue Load (0.9ms)  SELECT "fact_values".* FROM "fact_values" LIMIT 1
Cache read: entries_per_page
  SQL (3455.2ms)  SELECT "fact_values"."id" AS t0_r0, "fact_values"."value" AS t0_r1, "fact_values"."fact_name_id" AS t0_r2, "fact_values"."host_id" AS t0_r3, "fact_values"."updated_at" AS t0_r4, "fact_values"."created_at" AS t0_r5, "fact_names"."id" AS t1_r0, "fact_names"."name" AS t1_r1, "fact_names"."updated_at" AS t1_r2, "fact_names"."created_at" AS t1_r3, "hosts"."id" AS t2_r0, "hosts"."name" AS t2_r1, "hosts"."ip" AS t2_r2, "hosts"."last_compile" AS t2_r3, "hosts"."last_freshcheck" AS t2_r4, "hosts"."last_report" AS t2_r5, "hosts"."updated_a
@xorpaul
xorpaul / external_node_v2.rb.erb.md
Created October 15, 2013 14:20
Add stat_file so that it is possible to not needlesly push fats for host #{certname}, because time of last fact push >= host fact yaml mtime! 
def upload_facts(certname, filename)
  # Temp file keeping the last run time
  stat = stat_file(certname)
  puts "stat = #{stat}" if $debug
  print "stat_file #{stat} exists!" if File.exists?(stat)
  last_run = File.exists?(stat) ? File.stat(stat).mtime.utc : Time.now - 365*24*60*60
  last_fact = File.stat(filename).mtime.utc
  if last_fact > last_run
    begin
@xorpaul
xorpaul / logstashConfigLogsourceConditions.md
Created October 10, 2013 14:09 
filter {
  if [logsource] =~ /^foo(fe|mw)/ {
    grok {
      match => [ "message", "%{SYSLOGBASE} %{WORD:logcategory} - %{GREEDYDATA:message}" ]
      overwrite => [ "message" ]
    }
  }
}