Puppet: sslv3 alert certificate revoked

Have you ever had one of those days where you see on your dashboard one of your long lost boxen is no longer successfully reporting into your beloved puppet master? I’ve had a problem child as of late and I’m not sure if it was a security patch for openssl or if it was when the box moved from one virtual environment into a vCloud environment. But whatever the reason, I was suddenly seeing red when I would manually run my puppet agent command on the box. Here is the error I was seeing:

Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked

OK…the revoked I get. At one point this machine started giving me a different name so I revoked the old certificate as it moved from the FQDN to the hostname and I could not get it to set back to the old way. I’m assuming this is a bug in how vCloud attempts to set certain VM properties when you update it.

So, time to regenerate a certificate.

The Fix

First…cleanup the master of the hostname in question.

puppet cert clean <hostname>

On the client, remove any old remnants and generate a new cert:

cd /var/lib/puppet
rm -rf ssl
puppet agent -t --noop

At this point, you should have a new certificate on the client and depending if your master auto signs them or not, you should be good to go. In my case, I needed to do a quick signing on the master with:

puppet cert sign <hostname>

And that’s it. You should be back up and running again. This is rather annoying that it happened and I’m still not sure why the fqdn and hostname started reporting differently to the master server. That is one that I’m digging into for another blog post.

Oh, The Places You’ll Go!

ohtheplacesyoullgo

Time flies when you’re having fun right?

Back in 2006 when I joined LightEdge, I wasn’t sure what the future was going to hold for me. The company had employed my wife for a year already and they seemed to be moving in the right direction. Just over 7 years later, things are going strong and if anything, its hard to keep up with the customer demand. A great problem to have. (FYI…LightEdge is hiring)

Unfortunately, this message isn’t going to help that situation.

Today is my last day at LightEdge.

Holy Sh*t!

In the late summer months, I was approached by Facebook for an engineering (Programming) position out in California. I declined as I wasn’t interested in moving. Soon there after, they snagged a co-worker as the site lead for a new data center that they are putting in Altoona, IA. This new DC is about a stone’s throw from the LightEdge Altoona facility and its going to be a huge data center.

Then, Facebook came knocking again. This time for a position in the Altoona facility. Its hard to pass up getting in on the bottom floor of a data center of that size. So a few interviews later I was offered a position as a Data Center Operations Technician. My first day will be after the new year.

This is a big change for me and I couldn’t be more excited about joining the Facebook team. My former co-worker at LightEdge and now boss has put together a great team and I’m really happy to be a part of it.

Time to start building!

-Matt

7 Issues (and fixes) for installing Puppetlabs Razor on CentOS 6

I’m very fortunate to have a nice lab at work where I have a UCS chassis, fabrics, a few blades and a VNX to play with. Recently I’ve been working on getting our Razor implementation hammered out so messing around with all the good automation bits.

Now, because its a lab, it doesn’t tend to fall into the same patching cycles as our production servers do. My Razor server in particular is an example of this only getting updated when I have the chance to turn a wrench.

So, dusting off the old project, I dusted off yum and did my usual update of puppet, razor and the various bits involved. Now because various things have changed in the 6 months that I’ve had this installed, I had a variety of issues getting everything up to date.

Issue #1 – undefined method `exists?’

Kicking off the puppet agent -t to make sure everything was still working right I was greeted with the following error:

Jul 30 10:34:05 razor puppet-master[5650]: Could not create resources for managing Puppet's files and directories in sections [:main, :master, :ssl, :metrics]: undefined method `exists?' for #<Puppet::Type::Group:0x7ff03987f790>

Google to the rescue!!!

A quick google search and I found this bug, which basically states, update your gems dumbass.

[root@razor log]# gem update puppet
Updating installed gems
Updating puppet
Fetching: rgen-0.6.5.gem (100%)
Fetching: puppet-3.2.3.gem (100%)
Fetching: json_pure-1.8.0.gem (100%)
Successfully installed rgen-0.6.5
Successfully installed puppet-3.2.3
Successfully installed json_pure-1.8.0
Gems updated: rgen, puppet, json_pure
Installing ri documentation for rgen-0.6.5...
Installing ri documentation for puppet-3.2.3...
Installing ri documentation for json_pure-1.8.0...
Installing RDoc documentation for rgen-0.6.5...
Installing RDoc documentation for puppet-3.2.3...
Could not find main page README.md
Could not find main page README.md
Could not find main page README.md
Could not find main page README.md
Installing RDoc documentation for json_pure-1.8.0...

Issue #2 – Out of date Razor

Razor has been pretty fast moving and one of the issues that I had had in my first go around was the the update would recognize the blade, start the install but hang on tools.00. The issue has been documented here.

Ok, no worries, this is a lab right. let’s blow everything away and start fresh with a new install of razor. Unforunately, there are several items that have been fixed within the git repository for razor that have yet to make it into the puppet forge. Seeing as I was attempting to be a lazy bastard and installed from the forge, I welcome you to issues 3, 4, and 5.

Issue #3 – Razor::Nodejs fails to execute ‘/usr/bin/npm install –global express’

Error: Execution of '/usr/bin/npm install --global express' returned 1: npm http GET https://registry.npmjs.org/express
npm http 200 https://registry.npmjs.org/express
npm http GET https://registry.npmjs.org/express/-/express-3.2.3.tgz
npm http GET https://registry.npmjs.org/connect/2.7.9
npm http GET https://registry.npmjs.org/commander/0.6.1
npm http GET https://registry.npmjs.org/range-parser/0.0.4
npm http GET https://registry.npmjs.org/mkdirp/0.3.4
npm http GET https://registry.npmjs.org/cookie/0.0.5
npm http GET https://registry.npmjs.org/buffer-crc32/0.2.1
npm http GET https://registry.npmjs.org/fresh/0.1.0
npm http GET https://registry.npmjs.org/methods/0.0.1
npm http GET https://registry.npmjs.org/send/0.1.0
npm http GET https://registry.npmjs.org/cookie-signature/1.0.1
npm http GET https://registry.npmjs.org/debug
npm http GET https://registry.npmjs.org/qs/0.6.4
npm http 200 https://registry.npmjs.org/cookie/0.0.5
npm http 200 https://registry.npmjs.org/mkdirp/0.3.4
npm http 200 https://registry.npmjs.org/range-parser/0.0.4
npm http 200 https://registry.npmjs.org/commander/0.6.1
npm http 200 https://registry.npmjs.org/connect/2.7.9
npm http GET https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.4.tgz
npm http GET https://registry.npmjs.org/cookie/-/cookie-0.0.5.tgz
npm http GET https://registry.npmjs.org/range-parser/-/range-parser-0.0.4.tgz
npm http GET https://registry.npmjs.org/connect/-/connect-2.7.9.tgz
npm http GET https://registry.npmjs.org/commander/-/commander-0.6.1.tgz
npm http 200 https://registry.npmjs.org/fresh/0.1.0
npm http GET https://registry.npmjs.org/fresh/-/fresh-0.1.0.tgz
npm http 200 https://registry.npmjs.org/methods/0.0.1
npm http GET https://registry.npmjs.org/methods/-/methods-0.0.1.tgz
npm http 200 https://registry.npmjs.org/buffer-crc32/0.2.1
npm http GET https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.1.tgz
npm http 200 https://registry.npmjs.org/cookie-signature/1.0.1
npm http 200 https://registry.npmjs.org/send/0.1.0
npm http GET https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.1.tgz
npm http GET https://registry.npmjs.org/send/-/send-0.1.0.tgz
npm http 200 https://registry.npmjs.org/debug
npm http GET https://registry.npmjs.org/debug/-/debug-0.7.2.tgz
npm http 200 https://registry.npmjs.org/qs/0.6.4
npm http GET https://registry.npmjs.org/qs/-/qs-0.6.4.tgz
npm ERR! error rolling back express@3.2.3 Error: ENOTEMPTY, rmdir '/usr/lib/node_modules/express/node_modules/cookie'

npm ERR! Unsupported
npm ERR! Not compatible with your version of node/npm: connect@2.7.9
npm ERR! Required: {"node":">= 0.8.0"}
npm ERR! Actual:   {"npm":"1.1.19","node":"0.6.18"}
npm ERR!
npm ERR! System Linux 2.6.32-279.el6.x86_64
npm ERR! command "nodejs" "/usr/bin/npm" "install" "--global" "express"
npm ERR! cwd /root/foo
npm ERR! node -v v0.6.18
npm ERR! npm -v 1.1.19
npm ERR! code ENOTSUP
npm ERR! message Unsupported
npm ERR! errno {}

npm ERR! Error: ENOENT, open '/usr/lib/node_modules/express/node_modules/fresh/package.json'
npm ERR! You may report this log at:
npm ERR!     <http://github.com/isaacs/npm/issues>
npm ERR! or email it to:
npm ERR!     <npm-@googlegroups.com>
npm ERR!
npm ERR! System Linux 2.6.32-279.el6.x86_64
npm ERR! command "nodejs" "/usr/bin/npm" "install" "--global" "express"
npm ERR! cwd /root/foo
npm ERR! node -v v0.6.18
npm ERR! npm -v 1.1.19
npm ERR! path /usr/lib/node_modules/express/node_modules/fresh/package.json
npm ERR! code ENOENT
npm ERR! message ENOENT, open '/usr/lib/node_modules/express/node_modules/fresh/package.json'
npm ERR! errno {}
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR!     /root/foo/npm-debug.log
npm not ok

Oh goody, nodejs install issues. Nodejs is pretty important for what we’re doing here. I, like many, have found that running the EPEL repositories on my CentOS boxes are a good thing to have in place. It apparently causes some butt hurt in this instance but luckily the change is pretty minor.

When I installed razor, it by default installed several other dependencies. The one we want in this instance is the nodejs module and editing the /etc/puppet/modules/nodejs/manifests/params.pp file fixes the glitch.

Change this:

    'RedHat', 'CentOS', 'OEL', 'OracleLinux': {
      $majdistrelease = $::lsbmajdistrelease ? {
        ''      => regsubst($::operatingsystemrelease,'^(\d+)\.(\d+)','\1'),
        default => $::lsbmajdistrelease,
      }
      $node_pkg = 'node-compat-symlinks'
      $npm_pkg  = 'npm'
      $baseurl  = 'http://patches.fedorapeople.org/oldnode/stable/el$releasever/$basearch/'
      $gpgcheck = $majdistrelease ? {
        '5'     => 0,
        default => 1,
      }
    }

To this:

    'RedHat', 'CentOS', 'OEL', 'OracleLinux': {
      $majdistrelease = $::lsbmajdistrelease ? {
        ''      => regsubst($::operatingsystemrelease,'^(\d+)\.(\d+)','\1'),
        default => $::lsbmajdistrelease,
      }
      $node_pkg = 'nodejs'
      $npm_pkg  = 'npm'
      $baseurl  = 'http://patches.fedorapeople.org/oldnode/stable/el$releasever/$basearch/'
      $gpgcheck = $majdistrelease ? {
        '5'     => 0,
        default => 1,
      }
    }

This change is outlined here.

Issue #4 – Unable to download latest razor microkernel.iso

Error: Could not start Service[razor]: Execution of '/opt/razor/bin/razor_daemon.rb start' returned 1:
Error: /Stage[main]/Razor/Service[razor]/ensure: change from stopped to running failed: Could not start Service[razor]: Execution of '/opt/razor/bin/razor_daemon.rb start' returned 1:
Notice: /Stage[main]/Razor/Rz_image[razor-microkernel-latest.iso]: Dependency Service[razor] has failures: true
Warning: /Stage[main]/Razor/Rz_image[razor-microkernel-latest.iso]: Skipping because of failed dependencies

The fix is apparently we’re missing a gem that needs to be installed.

# gem install net-scp
Fetching: net-scp-1.1.2.gem (100%)
Successfully installed net-scp-1.1.2
1 gem installed
Installing ri documentation for net-scp-1.1.2...
Installing RDoc documentation for net-scp-1.1.2...

After that, smooth sailing.

Notice: Downloading rz_image from https://downloads.puppetlabs.com/razor/iso/prod/razor-microkernel-latest.iso to /opt/razor/razor-microkernel-latest.iso ...
Notice: /Stage[main]/Razor/Rz_image[razor-microkernel-latest.iso]/ensure: created

Issue #5 – xinetd Warning messages

Warnings warnings warnings!!!

I think this is probably another one that needs some TLC from forge.

Warning: Variable access via 'name' is deprecated. Use '@name' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:4
   (at /etc/puppet/modules/xinetd/templates/service.erb:4:in `result')
Warning: Variable access via 'port' is deprecated. Use '@port' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:6
   (at /etc/puppet/modules/xinetd/templates/service.erb:6:in `result')
Warning: Variable access via 'disable' is deprecated. Use '@disable' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:7
   (at /etc/puppet/modules/xinetd/templates/service.erb:7:in `result')
Warning: Variable access via 'socket_type' is deprecated. Use '@socket_type' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:8
   (at /etc/puppet/modules/xinetd/templates/service.erb:8:in `result')
Warning: Variable access via 'protocol' is deprecated. Use '@protocol' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:9
   (at /etc/puppet/modules/xinetd/templates/service.erb:9:in `result')
Warning: Variable access via 'mywait' is deprecated. Use '@mywait' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:10
   (at /etc/puppet/modules/xinetd/templates/service.erb:10:in `result')
Warning: Variable access via 'user' is deprecated. Use '@user' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:11
   (at /etc/puppet/modules/xinetd/templates/service.erb:11:in `result')
Warning: Variable access via 'group' is deprecated. Use '@group' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:12
   (at /etc/puppet/modules/xinetd/templates/service.erb:12:in `result')
Warning: Variable access via 'server' is deprecated. Use '@server' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:13
   (at /etc/puppet/modules/xinetd/templates/service.erb:13:in `result')
Warning: Variable access via 'bind' is deprecated. Use '@bind' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:14
   (at /etc/puppet/modules/xinetd/templates/service.erb:14:in `result')
Warning: Variable access via 'server_args' is deprecated. Use '@server_args' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:15
   (at /etc/puppet/modules/xinetd/templates/service.erb:15:in `result')
Warning: Variable access via 'per_source' is deprecated. Use '@per_source' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:16
   (at /etc/puppet/modules/xinetd/templates/service.erb:16:in `result')
Warning: Variable access via 'log_on_failure' is deprecated. Use '@log_on_failure' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:17
   (at /etc/puppet/modules/xinetd/templates/service.erb:17:in `result')
Warning: Variable access via 'cps' is deprecated. Use '@cps' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:18
   (at /etc/puppet/modules/xinetd/templates/service.erb:18:in `result')
Warning: Variable access via 'flags' is deprecated. Use '@flags' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:19
   (at /etc/puppet/modules/xinetd/templates/service.erb:19:in `result')
Warning: Variable access via 'service_type' is deprecated. Use '@service_type' instead. template[/etc/puppet/modules/xinetd/templates/service.erb]:20
   (at /etc/puppet/modules/xinetd/templates/service.erb:20:in `result')

The fix is to change this:

# This file is being maintained by Puppet.
# DO NOT EDIT

service <%= name %>
{
        port            = <%= port %>
        disable         = <%= disable %>
        socket_type     = <%= socket_type %>
        protocol        = <%= protocol %>
        wait            = <%= mywait %>
        user            = <%= user %>
        group           = <%= group %>
        server          = <%= server %>
        bind            = <%= bind %>
<% if server_args != :undef %>        server_args     = <%= server_args %><% end %>
<% if per_source != :undef %>        per_source      = <%= per_source %><% end %>
<% if log_on_failure != :undef %>       log_on_failure      += <%= log_on_failure %><% end %>
<% if cps != :undef %>        cps             = <%= cps %><% end %>
<% if flags != :undef %>        flags           = <%= flags %><% end %>
<% if service_type != :undef %>        type     = <%= service_type %><% end %>
}

to this

# This file is being maintained by Puppet.
# DO NOT EDIT

service <%= @name %>
{
        port            = <%= @port %>
        disable         = <%= @disable %>
        socket_type     = <%= @socket_type %>
        protocol        = <%= @protocol %>
        wait            = <%= @mywait %>
        user            = <%= @user %>
        group           = <%= @group %>
        server          = <%= @server %>
        bind            = <%= @bind %>
<% if @server_args != :undef %>        server_args     = <%= @server_args %><% end %>
<% if @per_source != :undef %>        per_source      = <%= @per_source %><% end %>
<% if @log_on_failure != :undef %>       log_on_failure      += <%= @log_on_failure %><% end %>
<% if @cps != :undef %>        cps             = <%= @cps %><% end %>
<% if @flags != :undef %>        flags           = <%= @flags %><% end %>
<% if @service_type != :undef %>        type     = <%= @service_type %><% end %>
}

Issue #6 – Warning messages in the Mongo.conf

Very similiar to the xinetd issues. This time in Mongo.

Warning: Variable access via 'logpath' is deprecated. Use '@logpath' instead. template[/etc/puppet/modules/mongodb/templates/mongod.conf.erb]:4
   (at /etc/puppet/modules/mongodb/templates/mongod.conf.erb:4:in `result')
Warning: Variable access via 'logappend' is deprecated. Use '@logappend' instead. template[/etc/puppet/modules/mongodb/templates/mongod.conf.erb]:5
   (at /etc/puppet/modules/mongodb/templates/mongod.conf.erb:5:in `result')
Warning: Variable access via 'mongofork' is deprecated. Use '@mongofork' instead. template[/etc/puppet/modules/mongodb/templates/mongod.conf.erb]:8
   (at /etc/puppet/modules/mongodb/templates/mongod.conf.erb:8:in `result')
Warning: Variable access via 'port' is deprecated. Use '@port' instead. template[/etc/puppet/modules/mongodb/templates/mongod.conf.erb]:9
   (at /etc/puppet/modules/mongodb/templates/mongod.conf.erb:9:in `result')
Warning: Variable access via 'dbpath' is deprecated. Use '@dbpath' instead. template[/etc/puppet/modules/mongodb/templates/mongod.conf.erb]:10
   (at /etc/puppet/modules/mongodb/templates/mongod.conf.erb:10:in `result')

Again, easy fix. Change this:

# mongo.conf - generated from Puppet

#where to log
logpath=<%= logpath %>
logappend=<%= logappend %>

# fork and run in background
fork = <%= mongofork %>
port = <%= port %>
dbpath= <%= dbpath %>

<% if @nojournal %>
# Disables write-ahead journaling
nojournal = <%= nojournal %>
<% end %>
<% if @cpu %>
# Enables periodic logging of CPU utilization and I/O wait
cpu = <%= cpu %>

<% end %>
<% if @noauth %>
# Turn on/off security.  Off is currently the default
noauth = <%= noauth %>
<% end %>
<% if @auth %>
auth = <%= auth %>
<% end %>
<% if @verbose %>
# Verbose logging output.
verbose = <%= verbose %>
<% end %>
<% if @objcheck %>
# Inspect all client data for validity on receipt (useful for
# developing drivers)
objcheck = <%= objcheck %>
<% end %>
<% if @quota %>
# Enable db quota management
quota = <%= quota %>
<% end %>
<% if @oplog %>
# Set oplogging level where n is
#   0=off (default)
#   1=W
#   2=R
#   3=both
#   7=W+some reads
oplog = <%= oplog %>
<% end %>
<% if @nohints %>
# Ignore query hints
nohints = <%= nohints %>
<% end %>
<% if @nohttpinterface %>
# Disable the HTTP interface (Defaults to localhost:27018).
nohttpinterface = <%= nohttpinterface %>
<% end %>
<% if @noscripting %>
# Turns off server-side scripting.  This will result in greatly limited
# functionality
noscripting = <%= noscripting %>
<% end %>
<% if @notablescan %>
# Turns off table scans.  Any query that would do a table scan fails.
notablescan = <%= notablescan %>
<% end %>
<% if @noprealloc %>
# Disable data file preallocation.
noprealloc = <%= noprealloc %>
<% end %>
<% if @nssize %>
# Specify .ns file size for new databases.
 nssize = <%= nssize %>
<% end %>
<% if @mms_token %>
# Accout token for Mongo monitoring server.
mms-token = <%= mms_token %>
<% end %>
<% if @mms_name %>
# Server name for Mongo monitoring server.
mms-name = <%= mms_name %>
<% end %>
<% if @mms_interval %>
# Ping interval for Mongo monitoring server.
mms-interval = <%= mms_interval %>
<% end %>
<% if @slave %>
slave = <%= slave %>
<% end %>
<% if @mongosource %>
source = <%= mongosource %>
<% end %>
<% if @only %>
# Slave only: specify a single database to replicate
only = <%= only %>
<% end %>
<% if @master %>
master = <%= master %>
<% end %>

to this:

# mongo.conf - generated from Puppet

#where to log
logpath=<%= @logpath %>
logappend=<%= @logappend %>

# fork and run in background
fork = <%= @mongofork %>
port = <%= @port %>
dbpath= <%= @dbpath %>

<% if @nojournal %>
# Disables write-ahead journaling
nojournal = <%= @nojournal %>
<% end %>
<% if @cpu %>
# Enables periodic logging of CPU utilization and I/O wait
cpu = <%= @cpu %>

<% end %>
<% if @noauth %>
# Turn on/off security.  Off is currently the default
noauth = <%= @noauth %>
<% end %>
<% if @auth %>
auth = <%= @auth %>
<% end %>
<% if @verbose %>
# Verbose logging output.
verbose = <%= @verbose %>
<% end %>
<% if @objcheck %>
# Inspect all client data for validity on receipt (useful for
# developing drivers)
objcheck = <%= @objcheck %>
<% end %>
<% if @quota %>
# Enable db quota management
quota = <%= @quota %>
<% end %>
<% if @oplog %>
# Set oplogging level where n is
#   0=off (default)
#   1=W
#   2=R
#   3=both
#   7=W+some reads
oplog = <%= @oplog %>
<% end %>
<% if @nohints %>
# Ignore query hints
nohints = <%= @nohints %>
<% end %>
<% if @nohttpinterface %>
# Disable the HTTP interface (Defaults to localhost:27018).
nohttpinterface = <%= @nohttpinterface %>
<% end %>
<% if @noscripting %>
# Turns off server-side scripting.  This will result in greatly limited
# functionality
noscripting = <%= @noscripting %>
<% end %>
<% if @notablescan %>
# Turns off table scans.  Any query that would do a table scan fails.
notablescan = <%= @notablescan %>
<% end %>
<% if @noprealloc %>
# Disable data file preallocation.
noprealloc = <%= @noprealloc %>
<% end %>
<% if @nssize %>
# Specify .ns file size for new databases.
 nssize = <%= @nssize %>
<% end %>
<% if @mms_token %>
# Accout token for Mongo monitoring server.
mms-token = <%= @mms_token %>
<% end %>
<% if @mms_name %>
# Server name for Mongo monitoring server.
mms-name = <%= @mms_name %>
<% end %>
<% if @mms_interval %>
# Ping interval for Mongo monitoring server.
mms-interval = <%= @mms_interval %>
<% end %>
<% if @slave %>
slave = <%= @slave %>
<% end %>
<% if @mongosource %>
source = <%= @mongosource %>
<% end %>
<% if @only %>
# Slave only: specify a single database to replicate
only = <%= @only %>
<% end %>
<% if @master %>
master = <%= @master %>
<% end %>

Issue #7 – Missing nodejs when starting razor

# /opt/razor/bin/razor_daemon.rb start
which: no nodejs in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/usr/lib)

Really? REALLY!!!

Ok, its installed. But its specifically looking for nodejs inestead of node. This fix seemed to do the trick.

# which node
/usr/bin/node

# cd /usr/bin

# ln -s node nodejs

# which nodejs
/usr/bin/nodejs

Conclusion

Razor is a fast moving project and with it comes all the various bugs for the various flavors of linux. The original code base was written for Ubuntu I believe but other flavors have quickly been picked up. Now they have issues because of the growth issues. But, I’m willing to bet a beer on the fact that all the issues appear to be fixed in the git repository, they just haven’t made it into the forge yet.

The issues are fairly easy to fix if you google and dig a little. Hopefully this post will make it easier for people in the future to find the issues.

Happy Automation Folks!

VMworld 2013 Predictions – Follow Up!

That VMworld went by way too darn quick. So fast that I didn’t get to put up a day 3 and day 4 follow up. There is a lot of cool stuff going on with VMware that many of us will be talking about for years to come. Mainly, NSX, vSAN and vCHS.

But what are we here for, we’re here to see how dead wrong I was with my annual predictions. Here we go.

  1. One Pane of Glass to rule them all Wrong! vSphere won’t be controlling others any time soon. But I did see the vCAC was able to provision to other services such as AWS, Azure, vCHS and OpenStack. Not quite what I was thinking, but its a start.

    Now, I did see OpenStack being the front end web UI for vSphere / ESX compute. So that was a nice twist and something I’ll be digging into further.

  2. vSphere Fat Client Dies I’m giving myself partial credit here. They did release a new version of it, but its limited and will definitely be the last one. One of the big limitations is, if you have a VM with hardware version 10, you can no longer manage it with the fat client. All in all, its dead, start using the web client.
  3. HTML5 web console Yes-ish. I think the VMRC plugin now works on mac and they have enabled support for Chrome. So all in all, I think we’re in a better spot here. Not sure if it is true HTML5, but good enough for now.
  4. The year of the desktop…according to VMware Wrong! I’m kind of shocked that this wasn’t the presentation on Tuesday.
  5. PuppetLabs is features in the keynote. Wrong! They got a mention, but so did opscode’s Chef. More of, you could automation X with Puppet or Chef.

1.5 right out of 5. I think that clearly shows my skills with the old crystal ball. Maybe I’ll have better luck next year.

VMworld Day 2 Recap

Day 2 flew by for me and I have to say, I’m still reeling a bit.

The day was kicked off with the general session keynote which is usually when we see Herrod take the stage, but since his departure, we got another C level (COO Carl Eschenbach). This one was probably my favorite of all of them that I’ve seen as we didn’t have to suffer through a VMware View / Horizon demo. I’m not a fan of desktop support so this has never appealed to me.

What we got instead was a real life demo of the latest and greatest tools with vSphere, NSX, vSAN, and vCAC. A lot of this just seems like the evolution of the products. The impression I got was vCloud is fading into the background and vCAC will be what VMware would like to push forward. Looks great for the Enterprise and should be multi-tenant for the xSPs of the world. They even showed on the big screen the ability for vCAC to provision on other providers. Of coarse their own vCloud Hybrid Service (vCHS), but also AWS and Azure with price breakdowns readily available for you to make the informed decision. And even they admitted, sometimes another service is cheaper in certain situations. Might not perform as well, but is cheaper. For the cost conscious folks of the audience, this is a nice feature.

NSX

The rest of the day was spent getting my head around NSX. I’m not sure the small 2-3 host customer will truly benefit from this technology. But the service providers and enterprises should really see some provisioning benefits. I could try and hash out NSX is, but I think its more appropriate to just send you to the official blog post on it. It takes a bit to get your head around and I’m still surprised that VMware is recommending physical boxes for certain roles (controllers), but that soon will change as they get more performance out of the software. Read up on this one folks, its gonna be big.