How to spin up a local version of Spinnaker? This has been answered and addressed in detail here.
https://github.com/spinnaker/spinnaker/issues/1729
Ok, so I got it to work, but not without you valuable help! #lwander
So I'll leave the steps here for posterity.
Each line is a separate command in the command line, I've installed this on a virtual machine with a freshly installed Ubuntu 14.04 copy with nothing else than SSH. Then SSH as root, You will need to configure sshd on your console to allow root access.
https://askubuntu.com/questions/469143/how-to-enable-ssh-root-access-on-ubuntu-14-04
> curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
created a user account member of the adm and sudo groups (is this necessary???)
then Install Halyard:
bash InstallHalyard.sh
Verify that HAL is installed and validate its version.
hal -v
Tell Hal that the deployment type will be as a local instance (this will publish all services in localhost which will be tricky later in order to access them, but I have a turnaround so keep reading)
hal config deploy edit --type localdebian
Hal will complain that a version has not been selected, just tell HAL which version:
hal config version edit --version 1.0.0
The tell HAL which storage you are going to use, in my case and since it is local I want to use redis.
hal config storage edit --type redis
So now we need to add a cloud provider to HAL, we use AWS so we add it like this:
hal config provider aws edit --access-key-idXXXXXXXXXXXXXXXXXXXX--secret-access-key
I created a user on AWS and added access keys to the user inside IAM on the user security credentials tab. Obviously my access-key-idis not XXXXXXXXXXXXXXXXXXXX, I edited it. You do not need to enter the secret-access-key because the command will prompt for it.
Then you need to create a username relative or that will only concern you spinnaker installation however this will get related to you AWS Account-ID, so in MY spinnaker local installation I chose the username spinnakermaster you should choose yours!. And my AWS Account ID is not YYYYYYYYYYYY, I've edited too.
All the configurations and steps that you'll need to do inside AWS for this to work are really well documented here:
[https://www.spinnaker.io/setup/providers/aws/](https://www.spinnaker.io/setup/providers/aws/
)
And to tell HAL of of the above here's the command:
hal config provider aws account add spinnakermaster --account-id YYYYYYYYYYYY --assume-role role/spinnakerManaged
And after all that and if everything went according to plan we can ask HAL to deploy our brand new spinnaker installation.
hal deploy apply
It will begin a long installation downloading and configuring all the services.
Once it has finished you may do whatever you like but in my case I created a monitoring script like the one described here:
https://github.com/spinnaker/spinnaker/issues/854
Which can be launched on a recursive manner as this:
watch -n1 spinnaker-status.shor until toctrl+Cit!.
then to be able to access your local VM spinnaker copy you can either setup a reverse proxy with the proxy server of your choice to forward all the requests to localhost or you can simply ssh the SH** out of this redirecting the ports;
ssh root#ZZZ.ZZZ.ZZZ.ZZZ -L 9000:127.0.0.1:9000 -L 8084:127.0.0.1:8084 -L 8083:127.0.0.1:8083 -L 7002:127.0.0.1:7002 -L 8087:127.0.0.1:8087 -L 8080:127.0.0.1:8080 -L 8088:127.0.0.1:8088 -L 8089:127.0.0.1:8089
Where obviously theZZZ.ZZZ.ZZZ.ZZZ is not an actual IP Address.
And finally to begin having fun with this cutie you have to go to your browser of choice and type into the address bar:
http://127.0.0.0:9000
Hope this helps and saves some time to everybody!.
Cheers.
EN
Related
I had a kiwi instance running as docker containers under RHEL8 with kiwitcms/kiwi:latest-image as kiwi_web container and centos/postgresql-12-centos7-image as kiwi_db container. Provided via reverse proxy in an existing apache.
I was able to login as the created superuser.
Then I've installed multi-tenant support via pip install kiwitcms-tenants.
I've set the KIWI_TENANTS_DOMAIN variable.
I did podman exec -it kiwi_web /Kiwi/manage.py migrate and podman exec -it kiwi_web /Kiwi/manage.py refresh_permissions.
Then I've created a tenant via podman exec -u 0 -it kiwi_web /Kiwi/manage.py create_tenant.
Now, if I am still logged in (from the session before installing multi-tenant support), I can now see the new Mandant plugin and the tenant configurations in the admin area.
But, if I logout, I can't login anymore. It does not say "wrong credentials" or something like that, like it appears if I put in wrong credentials. The fields are just emptied and I am simply not forwarded. What am I missing here?
What am I missing here?
I think you are missing the fact that tenant routing is done on a domain basis. The domain which you configure with the create_tenant command is the one you should be using to access the multi-tenant Kiwi TCMS instance.
If KIWI_TENANTS_DOMAIN=example.com then you should use either example.com in create_tenant or something like public.example.com. Every other tenant will be <tenant name>.example.com.
If that doesn't work you need to provide more information starting with your reverse proxy logs.
My client had installed AWS Marketplace Bitnami WordPress and he do not have any .pem file & credentials associated with that EC2 instance. We need to change something in wp-config.php & .htaccess file. Now we are not able to do this.
I googled but not found anything fruitful.
Hey not sure if this helps because you need to have the .pem file to be able to use this technique and it is not best practice but, you can set a password for root/user to ssh into that server. This is an example of how to ssh into root user:
1) Login into your instance with the .pem file
2) Update
3) sudo su
4) cd / (just incase)
5) Edit, vim /etc/ssh/sshd_config and edit or do the equivilent of uncommenting these lines:
Port 22
PasswordAuthentication yes
PermitRootLogin yes
6) Restart sshd service, service sshd restart or systemctl restart sshd or equivilent
7) Set password, passwd
8) Log out and log back in without .pem file ssh root#12.345.67.890
run sudo vi /etc/ssh/sshd_config look for "PasswordAuthentication No" and change it to "PasswordAuthentication Yes" then save the file and exit :wq
restart ssh with "sudo service sshd restart", logout & then connect to test if all is well.
Sorry, I am posting an answer to my own question. As after 1-week discussion with AWS support they share an option to me where I can use my client's EC2 instance (that is not associated with any keypair/.pem file). They reset my setting and shared lines of code that I need to add in textarea under "View/Change User Data".
And this lines of code had user:password string. With those credentials, I connected to SSH and completed my job... :)
Sorry for security reason I can not share the lines of code. But I answered my because I am sure this answer will help someone in future. Actually needy will get a hint from my answer (i.e. "View/Change User Data") and he/she can directly contact AWS Support.
In looking at Get Started with Bitnami Applications in the AWS Marketplace, it appears that a keypair needs to be selected when launching the instance.
The article No Keypair for Bitnami Wordpress Instance - WordPress - Bitnami Community suggests that you could use a plugin file manager to get a key onto the instance, but it is probably easier to launch a new instance and migrate the WordPress configuration across.
I am trying follow the steps of Composer Playground tutorial for local version of the playground and using local fabric peer.
I have done prescribed sequence of steps: downloadFabric.sh, startFabric.sh, createPeerAdminCard.sh. Once I bring up the playground, I can see network card PeerAdmin#hlfv1 showing no business network attached to it.
Then I click on Deploy a New Business Network, and select "vehicles-lifecycle-network" example. The dialog looks similar to the one in tutorial, but it has additional fields asking for credentials for network administrator, and I am not sure what to put there.
I tried copying in key and certificate that were generated by createPeerAdminCard script, and I also tried using ID and Secret option putting in PeerAdmin or PeerAdmin#hlfv1. I found this answer which indicates that it does not matter what secret you specify as the user is already imported into the keystore -- not sure if it is relevant. It certainly did not make any difference.
When I click deploy, the new network seems to appear in the composer dashboard. However, if I click on "Connect Now", a popup shows "Error trying to login and get user context" and [[{"code":400,"message":"Authorization Failure"}]].
It seems I am missing something very basic, but cannot really figure it out on my own.
Edit:
Simple steps to reproduce (assuming basic-sample-network.bna is available locally):
> composer runtime install -c PeerAdmin#hlfv1 -n basic-sample-network
> composer network start -a <path to basic-sample-network.bna> -A admin -c PeerAdmin#hlfv1 -C <path to PeerAdmin certificate> -f admin.card
> composer card import -f admin.card
> composer network ping -c admin#basic-sample-network
Last command produces the same error as above in the console.
Edit 2:
If I open up ~/.composer/cards/PeerAdmin#hlfv1/metadata.json and add "businessNetwork":"basic-sample-network" parameter, I am able to do composer network ping -c PeerAdmin#hlfv1 successfully, and also can connect to the network from the Playground -- this will do as a workaround for now. However, I must be doing something wrong with the way I create new network and its admin card.
The Playground Tutorial assumes that you are connecting to an Online Hosted Playground hosted on IBM Cloud (Bluemix). For the Online Playground the underlying Fabric is 'Web' - i.e. the Fabric is stored only in the local browser. This document may help explain the different Fabric Runtimes: Typical Solution Architecture
The Local Playground gives you the additional option of deploying a Business Network to an hlfv1 Fabric, using the PeerAdmin card that you created with the createPeerAdmin.sh script.
After creating the PeerAdmin card you should be able to start Playground locally with the composer-playground command and you should be able to deploy a Business Network. In this development scenario the Credentials for the Network Administrator should be Id and Secret specifying admin / adminpw. There is no need to run CLI commands prior to starting local playground. (createPeerAdminCard.sh is not a CLI command but is a Dev environment setup script - and it should be run.)
If you want to go down the CLI route please see the Developer Tutorial
I have to do some quick benchmarking.
I am unable to my vms since neutron is not setup properly.
I can create centos vm.. but i can not log into it.
I tried adding keypair, i tried could init change root password
#cloud-config
chpasswd:
list: |
root:stackops
centos:stackops
expire: False
it does not work. I mean it did not give any errors on log console but i am not abel to login with the credentials i set.
So my question is ..where can i find a openstack centos 7 image whose password is already set ( i guess it would be a custom one)
If Neutron isn't set up correctly, you're not going to be able to do much with your OpenStack environment. However, even with broken networking, you can pass your user-data script to the instance using the --config-drive option, e.g:
nova boot --user-data /path/to/config.yaml --config-drive=true ...
There is a checkbox in the Horizon gui to use this feature as well. This attaches your configuration as a virtual CD-ROM device, which cloud-init will use rather than the network metadata service.
If I put your cloud-config into a file called user-data.yaml, and then run:
nova boot --image centos-7-cloud --user-data user-data.yaml centos
Then I can log in as the centos user using the password stackops.
Installed Webmin successfully on a Debian system.
Created a virtual server, added some users and a domain.
Installed ProFTPD via Webmin's unused modules.
Added a new user with same named group via System -> Users and Groups.
Tried to connect via ftp using my server's external ip and my new user's credentials.
This should work according to most tutorials but it doesn't.
I'm suspecting some other service handles FTP requests before ProFTPD.
Is there a way to monitor protocol handlers? Could it be something else?
Thanks in advance.
because webmin try start it as deamon, but maybe (like me on archlinux) you need to start it as system service... on root:
systemctl start proftpd.service
If you want to look at the logs error (if there is errors, but if server is not start, it should ne have error...) then use:
journalctl -xe command (as root), or
systemctl --failed , or
systemctl status proftpd.service (all of these commands under root user or sudoers users).
So first of all, check that service is running:
systemctl status
then check the config file of webmin service for proftpd use the correct protocol for call service (systemd for example), and then use correct sentence code for start/stop it. Check also it goes to look at the correct config file of proftpd current install place (depend of your distribution or the way you install it).
proftpd is not installed by webmin, proftpd is installed, then from webmin, you install a module who has to communicate with allready installed application proftpd. If this module is well configured for point on actual proftpd installation and correct call of service, then all will have to works.
(please, if this answer help you, do up vote for my answer, without notation when i help, i can not help more because i'm locked by the system, hope you understand)
Have a look at the server's log, check le ProFTP daemon status, check the firewall