I can never remember the mapping of Ubuntu release numbers to names. This snippet helps in situations where I can’t use Puppet’s Facter.

export UBUNTU_RELEASE=''
case $(lsb_release -a) in
    *10.04*)
        UBUNTU_RELEASE='lucid';;
    *10.10*)
        UBUNTU_RELEASE='maverick';;
    *11.04*)
        UBUNTU_RELEASE='natty';;
    *11.10*)
        UBUNTU_RELEASE='oneiric';;
    *12.04*)
        UBUNTU_RELEASE='precise';;
    *12.10*)
        UBUNTU_RELEASE='quantal';;
    *13.04*)
        UBUNTU_RELEASE='raring';;
    *13.10*)
        UBUNTU_RELEASE='saucy';;
    *14.04*)
        UBUNTU_RELEASE='trusty';;
    *)
        echo 'Could not work out Ubuntu release name!' >&2
        exit 1
esac

echo $UBUNTU_RELEASE

Ubuntu’s silly release names

Tagged

AWS elastic IP subscription

I’m still not entirely convinced that AWS shouldn’t do this for us automatically, but here you go:

Manual method

Configure the desired Elastic IP by editing a script on the host

  1. Set up an IAM user
  2. Install the EC2 API tools
    • On Ubuntu, enable multiverse and install ec2-api-tools
  3. The command to associate an Elastic IP to a running EC2 instance is:
    • ec2-associate-address -i i-b2e019da –region eu-west-1 25.21.142.191

Automated method

This script reads the desired Elastic IP from a Tag called “elastic-ip” that you’ve set in the EC2 interface

#!/bin/bash
# This script assigns an Elastic IP to Instance on Reboot or Restart
# It gets the desired Elastic IP from the user tag "elastic-ip" set within the AWS interface
#
# Because it gets its only setting from the user tags it is autonomous and needs no on-machine configuration
#
set -e

export EC2_PRIVATE_KEY='/etc/ec2/user.private.key.pem'
export EC2_CERT='/etc/ec2/user-cert.pem'

if [ ! -e $EC2_PRIVATE_KEY ]; then
  echo "EC2 private key $EC2_PRIVATE_KEY missing!" >&2
  exit 1
fi
if [ ! -e $EC2_CERT ]; then
  echo "EC2 cert $EC2_CERT missing!" >&2
  exit 1
fi

EC2_AVAILABILITY_ZONE=`ec2metadata --availability-zone`
EC2_REGION_ID=${EC2_AVAILABILITY_ZONE:0:${#EC2_AVAILABILITY_ZONE} - 1}  # lop the last character off the availability zone
EC2_INSTANCE_ID=`ec2metadata --instance-id`
EC2_PUBLIC_IP=`ec2metadata --public-ipv4`

echo "Looking up tag:elastic-ip for $EC2_INSTANCE_ID in $EC2_REGION_ID"
# see: http://stackoverflow.com/questions/3883315/query-ec2-tags-from-within-instance
ELASTIC_IP=$(ec2-describe-tags \
  --region $EC2_REGION_ID \
  --filter "resource-type=instance" \
  --filter "resource-id=$EC2_INSTANCE_ID" \
  --filter "key=elastic-ip" | cut -f5)

if [ ! "$ELASTIC_IP" ]; then
  echo "Could not find elastic-ip tag in EC2 settings for this instance!" >&2
  exit 1
fi
echo "elastic-ip tag: $ELASTIC_IP"

if [ "$ELASTIC_IP" == "$EC2_PUBLIC_IP" ]; then
  echo "Public IP of this server already matches"
  exit 0
fi

echo "Assigning Elastic IP"
ec2-associate-address -i $EC2_INSTANCE_ID --region $EC2_REGION_ID $EC2_ELASTIC_IP
  • Install the script in /usr/local/bin
  • mark it executable
  • call it when your eth0 interface goes up
    • in ubuntu, add this line to /etc/network/interfaces:
      post-up /etc/network/if-up.d/myscript.sh

Generating an x.509 certificate for Amazon AWS IAM users

These keys let a user access AWS with the EC2 tools, which specifically require an x.509 certificate.

This fixes the ec2 tools “Required option ‘-K, –private-key KEY’ missing (-h for usage)” error

Create the Certificate

mkdir /etc/ec2 && chmod 700 /etc/ec2
openssl req -out /etc/ec2/CSR.csr -new -newkey rsa:2048 -nodes -keyout /etc/ec2/user.private.key.pem
openssl x509 -req -days 3650 -in /etc/ec2/CSR.csr -signkey /etc/ec2/user.private.key.pem -out /etc/ec2/user-cert.pem

Enable in IAM

  1. Go to IAM > User ID > Security Credentials
  2. Click “Manage Signing Certificates”
  3. Upload a certificate by pasting in the user-cert.pem

Verify

  • export EC2_CERT=/etc/ec2/user-cert.pem
  • export EC2_PRIVATE_KEY=/etc/ec2/user.private.key.pem
  • Run ec2-describe-regions – if everything is working OK you should (after a while) get a list back of regions.

Troubleshooting

  • Make sure you assigned your user to a group in IAM!
  • Does your user have all the necessary permissions for the EC2 operation you are trying to do?
  • Your commands might not be looking at the correct region. For example, ec2-describe-instances –region us-west-1

Thanks:

http://www.supertom.com/code/aws_iam_x509_signing_certificate.html

Tagged , ,

XPath, CSS, DOM and Selenium: The Rosetta Stone

This is really useful for translating between CSS, XPath and Selenium: XPath, CSS, DOM and Selenium: The Rosetta Stone.

 

 

Tagged , ,

Apache: No space left on device: Couldn’t create accept lock | Racker Hacker

This one’s been a gotcha on a few support calls in the past: Apache complaining of no space left, but the filesystem is lovely and open? Apache has leaked and used all its semaphores!

Apache: No space left on device: Couldn’t create accept lock | Racker Hacker.

Tagged ,

Writing selenium tests in Python

I’d prefer to write Selenium tests in Perl – well, no, actually i’d prefer to have the support team submit their own bug reports with SeleniumUI tests attached, but both SeleniumUI and the Perl selenium bindings are looking very neglected nowadays.

Here’s some great user-contributed documentation to writing Selenium tests in Python: http://selenium-python.readthedocs.org/en/latest/index.html

Tagged ,
Follow

Get every new post delivered to your Inbox.