The water wedding (VII)

– Aren’t you tired of driving, my dear? – Yes I am. But he doesn’t let me answer. – How about stopping over there? – I look where he’s pointing. It’s a a hill, with a solitary dark and naked tree over it. Definitely a good one to climb and mount some kind of watch, from there, we will see what’s coming. Convinced, I turn the wheel, slow the pressure over the pedal until we have almost walking speed and drive in its direction. Hakim jumps from the car when we’re around 50 meters away, and run beyond the hill, around the tree, grabbing it, caressing it.

– I know this place.  – He shouts.- I did my training here. We called it “the Dead Tree Hill” back at the time of my training. So if you go here – he dances once more around the tree, until reaching the back of the trunk – there should be some…- I hear a loud crack, like the sound of broken wood, and then the flat side of the Hill, almost a wall, just in front… somehow… opens right under the tree – …e voila! 

– Fantastic!  – I look at the new cave that now opens. The hole is oddly square. A faint light is coming from the frame of the hole itself. I press the pedal, tentatively trying to go ahead. – Shall I come in?

– Wait for me, wait for me. – I press the pedal that I know is stopping the indjin. Hakim comes from behind, and leads walking the way in. – Sorry Kris, I’m afraid this place is too military for your taste, but how about you imagine you’re a general…and I will say we have the right to be treated like generals thanks to this baby! – He makes the invitation appears in front of the entrance, in front of us, showing it to an invisible bystander. Hell, maybe there are invisible guards. I don’t care, if they ignore me, I will ignore them.

– I think we’re OK now. You can come in with the auto, I will close the door when we’re in. – I do as asked. The room is oddly regular also. The car fits in, and there’s still space for people around. There are shinny buttons on the corner of the wall to my left. Hakim’s side. I can’t see what they are. But he presses one of them, and the hill closes. He presses another, and the whole room seems to move down. An elevator. I try to hear its sound, but it’s silent. A ghost indjin, probably. How much are we going down? I have the feeling we go fast, but I can’t tell. Then after like 30 breathes (does it matter?) we stop.

We are standing on a silver square a little bit bigger than the elevator itself. There are pillars on each square, but no walls anymore. The pillar to my left is still having the buttons embedded. Beyond the square there’s a big space, poorly illuminated but illuminated, by some kind of lilight. The lilight as far as I know can shine forever, provided you don’t break it on purpose, so this cave may be illuminated since the beginning. We had some lilighs on our caves, but nothing like these ones. In the Army, they had also, but nothing so extense, nothing so gorgeous.

I jump out of the car to follow my friend into the gloom ahead. We leave it to our right and take a corridor that opens up like 20 meters away from the square the car stands. The tunnel lights seems to get brighter as we walk ahead, and diminish them on our backs. I’m familiar with underground facilities (we manage one) but this one is specially preserved. After a hundred steps, more or less (I was not counting) we reach another room, that looks, as a first impression, like some kind of living quarters, half a living room, half a kitchen. Again, like nothing I have ever seen before. To my left there are four beds, equally separated, ready to be used. In front of me, a set of silver drawers of different sizes. To my right, the kitchen and a shinny white table with four equally white chairs. The whole space is illuminated by lilight.

– What is this place? How do you know about it?

– I told you. This is the Dead Tree Hill. It’s some kind of  laboratory… it’s not clear what they were doing here. As far as I know, it was heavily scanned for a hundred years in search of information, unsuccessfully. But the place has everything we need, I’m sure.  Look! – he opens a drawer close to the kitchen to pick up a green glass bottle. It has a funny shape and written letters. – Wine! Can you believe it? From before! And here – he opens another drawer – you have lembas and biyerki. – He throws me a shinny package. Yes I saw these ones. Military food. – So, are you hungry yet?

Advertisements

The water wedding (VI)

They never refer to me and I never think about it as a strange behaviour. Yes I’m white, like most of the System people, but it’s not my fault. I was dragged to the Empire against my will. Don’t misunderstand me, I’m very grateful to them, as far as I know, I could be dead now, eaten by the beast of the Borderlands, or even worse, eaten slowly alive by the barbarian tribes. I heard they do that. How could I not be grateful?

I look at Hakim. Despite of not being Han, he’s quite an influencer. Thanks to him we got the best cave of our neighbourhood, with quite an extense set of rooms that we are in charge of administering in case of bombing. I think people consider him a local Wángzǐ, a local prince.

– It’s getting dark already. Do you think we will manage to reach the Forest before night? Otherwise we need to look for a shelter as soon as we can. – He says without looking at me. Then he turns his gaze to me. – Any preference on that sense?

– I don’t know…something not military, please. If possible, with a good kitchen. – He laughs out loud. His guffaw seems to surround us like a bubble. His voice will definitely scare out of hell any possible gang of bandits or renegades chasing us. I let him finish.

– Oh… Kris. Sometimes I love you so much…Let me see what I can find.

My hate against the System is clear. I don’t know how I ended up alone out there, in the middle of nowhere, knowing only my name, but there’s only one logical explanation for that. Me, or more precisely, my parents, were kicked out of the System. Exiled from the Motherland. Vanished. Outcasted. Then they have no option but to fly away, probably by foot, and they died on the process of reaching the Empire. I don’t have any memories of my progenitors so I need to imagine why they did that, why they embarked themselves with me on a dangerous travel that is deadly for most of the people. But imagination I have a lot. In my mind I even built up fake memories of them, two red-haired (I’m red-haired) deep-in-love scientist that want to change the System so that its benefits reach everyone in the world. How they wanted to change it, I can also speculate. Maybe they wanted to tell us the truth, why the world is the way it is now.

My truth is, I know nothing else than what they told me about the System. And that is that we’re at war with them, and we need to win this war or it will be the end of it all. Forever.

A simple ftp server on CentOS 7

I need an ftp for my foreman installation. I’ve been looking for a container solution to do it but I didn’t find the good one. Let’s go ahead. I will install it on myftp, with IP: 1.2.3.4. Yes, I used that IP before 😀

myftp ~ ## > yum install ftp vsftpd -y
myftp ~ ## > systemctl start vsftpd

If you point your browser to ftp://1.2.3.4/ there you have it. As simple as that. The pub folder you see is “physically” on /var/ftp/pub/.

Now if you copy some file there and try to check it (download it, see it, etc) you will get a 550 like this one below.

How do you get your files? Just give them 777 (rwx for all) or configure an ftp user and password  as described in this unixmen post.

BONUS: The yantis filezilla docker is a file exchange solution that can become very handy…if what you need is not a file server but a file exchange.

Add a puppet node to a foreman docker

There should be no difference between adding a node on a foreman server and on a foreman docker. But the world is not ideal, and things don’t work out of the box, therefore, here’s my HOWTO. The original source is here.

First step is to install a puppet module  on my foreman docker dfore. That I do as written, just to get an error:

dfore # puppet module install -i 
/etc/puppet/environments/production/modules saz/ntp
Notice: Preparing to install into 
/etc/puppet/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Error: No suitable tar implementation found
Error: Try 'puppet help module install' for usage

I need to have tar installed in my docker, that’s it. After it I manage to install it. Next error I experience is with the import of the class.

More or less here. My puppet server was not able to realize the new class. What I did is simply install foreman again inside the docker:

dfore # foreman-installer 
Installing Done [100%] [.........................................]
 Success!
 * Foreman is running at XXXX
 Initial credentials are admin / changeme
 * Foreman Proxy is running at https://XXXX:8443
 * Puppetmaster is running at port 8140
 The full log is at /var/log/foreman-installer/
foreman-installer.log

I understand we can’t go and install foreman each time we import a puppet module. But let’s say you are starting as I am, that this docker is a playground, and we will not see this issue on a real server. Before testing the puppet agents, I add one node (a real computer) over the foreman web interface. But before adding it, we need to have

• Its Host Group defined (for example, mydomain.edu)
• An OS defined (for example, CentOS 7.4)

If we don’t define these two, we will not manage to fill all the requested information to add the node. As I said, I add my node pclient that runs CentOS 7.4 and on it, install, configure and start puppet. My /etc/puppet/puppet.conf is looking like this:

pclient ~ ## > more /etc/puppet/puppet.conf 
[main]
 logdir = /var/log/puppet
 rundir = /var/run/puppet
 ssldir = $vardir/ssl

[agent]
 #pluginsync = true
 report = true
 #certname = `hostname`
 #environment = production
 server = foremandocker.mydomain.edu

NOTE: I don’t give a certname, so pclient is used. At the very beginning I had troubles with this. For example in this howto add an existing VM to foreman, the line is like that: hostname. I understood it as code, so I left it. Wrong. Anyway, it doesn’t look like the best idea to give a specific name to a client, different to the host name itself.

With the naming issue sorted out, we start them the puppet service on the client.

pclient ~ ## > systemctl start puppet

We check the certificate of pclient on our foreman docker, the CA authority:

dfore # puppet cert list
 "pclient.mydomain.edu" (SHA256) 
SO:ME:LI:ST:OF:LE:TT:ER:AN:DN:UM:BE:RS
dfore # puppet cert sign pclient.mydomain.edu
Notice: Signed certificate request for pclient.mydomain.edu 
Notice: Removing file Puppet::SSL::CertificateRequest 
pclient.mydomain.edu at 
'/var/lib/puppet/ssl/ca/requests/pclient.mydomain.edu'

Your output, of course, will be different. Now we run the agent test.

pclient ~ ## > puppet agent -t
 Warning: Unable to fetch my node definition, 
but the agent run will continue:
 Warning: Error 400 on SERVER: Failed to find 
pclient.mydomain.edu via exec: 
Execution of '/etc/puppet/node.rb pclient.mydomain.edu' 
returned 1:
 Info: Retrieving pluginfacts
 Info: Retrieving plugin
 Info: Caching catalog for pclient.mydomain.edu
 Info: Applying configuration version 'XXXX'
 Info: Creating state file /var/lib/puppet/state/state.yaml
 Notice: Finished catalog run in 0.05 seconds

We wait a little and check the web interface. Alleluia! pclient is there, together with the cert authority itself. I’m done. Next step: PXE booting test.

The water wedding (V)

They were scary. I did do my military service, but despite I was looking forward to do it only to see the Imperial tech, I never met one of these armours. I did see the diagrams, though. Any valid citizen that can be really be called that way is supposed to be able to, in case of emergency, operate one. With a wish sound, the two guards showed up inside their gadgetry. I could appreciate the tattoos on both of them, matching some of the ones of Hakim.

– Nihao. We are going to the wedding. – Hakim said, before even being asked, waving the golden pass up in the air. With a smooth and acrobatic jump, he left the car, and landed himself on a point that I could say was equidistant from both warriors, but clearly on the fire lines of both.

– Nihao, citizen. – The one of the left said. For a moment, he paused, apparently focusing his eyes on him, probably scanning him somehow.  – Are you wŭ?

– No, no, no. You are speaking about this? – Hakim waved with both hands over some of his skin draws, in a gesture that was more looking like a dance than a violent or natural move. –  I got them thanks to my services to the Empire. – The soldiers didn’t seem to relax the scan. – I mean, as you know, the war is going on in a thousand different battlefields… let’s say I got these cool marks on one of them.

– Let me see that. – The invitation was gone from the hands of Hakim, and I felt a passing wave of heat. I forgot it. They are three, they always are. And the third one was behind. – Right. The golden card appeared again in the hands of my copilot. – Who’s him? The water guard clearly looked at me. I felt a wave of heat running inside me, going up, from my legs to my neck, though my body. Highly disgusting, I was tempted to throw up when it reached my stomach. But I decided to freeze…I know they don’t care about civilians, and I’m happy they asked instead of simply disintegrate me, or something worse.

– He’s my pilot. It’s clear, right? You two are both smart men, and probably already found out that. Ah, you mean, his colour is funny? I give full credit of his loyalty to the Empire. I vouch for his life with mine, my friends. – The water guards seemed to relax. If they do such a thing. There was, suddenly, an odd long silent. Maybe they were radiating to the Capital to check our files? They will not find anything, of course, but this is not meaning I was not scared.

– He is clear. You are both clear. – Yes.- I notified the next post of your route, so don’t be surprised if they don’t stop you. – Nice. – Have a nice travel, gōngmín. – They were referring to Hakim, not to me. They never refer to me.

The water wedding (IV)

Everybody on New Jaipur knows how to reach the Fountain. Not that you really meet someone that ever was there, but everybody knows. First you leave the city, then you cross the Wastelands, then the Forest of the Tree Men and after them, just follow the Golden Towers until you reach the Cave. We were entering now the Wastelands, after around half an hour of driving though more or less populated territory. People were no more looking at us, fact that I don’t know if it’s a good sign or a bad omen.

You may not know but driving is like a drug. I feel it through my veins, I feel the speed. Soon I lost sight of New Jaipur on the rearview mirror. I quickly learned how to control this machine, and I started to make the car an extension of my body. I know what to do go faster. I feel what to do to go slower. The landscape at this speed is incredible but I learned that I need to focus only on what is in front of me. If I don’t do that, I loose control.

– And I know it’s an empire what you need to rule – I’m happy I have this ability to split my attention, so I can focus on something else at the time I’m hearing him – but this is not a reason to kill thousands. I mean, if I’m an emperor, or if I’m in control, I could have done something else, I mean, use some old magic or something. But to close an area and bomb it regularly? That’s crazy maaaan ! – He passes me the bottle of wine. He started drinking right after leaving our hill, I rejected the drink so many times as I accepted it.

– Hakim – I say – you’re a good man. You know better than me that there are hundreds of secrets, I mean, thousands of them, that are way beyond our league. Like how this thing moves, for example.

– I know how this thing moves. It has an indjin inside. We need to feed it regularly through the hole on my side or he will get angry and will not move the car anymore.

– Right. But from where is this indjin coming really from? How is the Empire trapping them in autos? Why are so many corpses of dead cars outside New Jaipur? Look, there you have another hill of them. – I point to it. The mountain of dead cars was partially covered with earth. I don’t know if they were buried with their indjins there or it has a weirder origin, but since I was a street boy I know how to spot such artificial hills. And I learnt to avoid them, also. I pass the bottle back to Hakim.

– The Emperor can conjure indjins. We are using them to fight the System. You did the military service, right?

– I did. But I didn’t work with any èmó.  My days at the quarter were based on going up and down carrying ammo, packages and food… and running up and down. I don’t really see the point of it. I was forced to go through it but I didn’t learn anything, beside some extra kanjis.  I do know some people of my troop did learn really much more than me, for example, they learned the Hanzi. – Hakim laughs. – Did you see one? I mean, an èmó…

– I did. Indeed. They are very impressive. The one in my unit smashed a Dragon on a blink of my eyes – He blinks, an after that he reinforce the expression with the revolving gesture of the hands that his tribe does to represent surprise, or speed, I’m not sure. – I wanted to get closer to it, but a different Dragon smashed it before I was able look closer… after the attack, the èmó was just another pile of dead metal…a hot and shinny one, but completely inert.

– But how do they look like?

– I can’t tell you… when they’re on, they’re blurry… and I heard even the pilots are not allowed to look at them when they are off.

– Somebody, somewhere, must have seen them! – I shout.

– The Water Guard. – Of course, the Water Guard. – I mean, they’re there. Between these two hills. – I see them. Blurry shapes, but human ones. – Kris, can you stop please? Maybe it’s the moment to show out our invitation…

Install ruby on CentOS 7

EDIT: this post is saved, canned, and I publish it now because I want to close the chapter and do something completely different 😛

I want to have dockers on foreman. Yes, again dockers. But I like them, what can I say. Anyway, to google foreman docker brings you here. Unfortunately to build the instance we need a specific version of ruby.

> yum install ruby193-rubygem-foreman_docker
No package ruby193-rubygem-foreman_docker available.
 Error: Nothing to do
> gem install bundle
 Fetching: bundler-1.16.2.gem (100%)
 Successfully installed bundler-1.16.2
 ...some stuff here...
 2 gems installed
> bundle install
 Don't run Bundler as root. Bundler can ask for sudo 
if it is needed, and installing your bundle as root 
will break this application for all non-root users 
on this machine.
 Fetching gem metadata from https://rubygems.org/.........
 activesupport-5.2.0 requires ruby version >= 2.2.2, 
which is incompatible with the current version, ruby 2.0.0p648

So I need to upgrade ruby. I do partially this to upgrade ruby.

> yum remove ruby ruby-devel
> yum groupinstall "Development Tools"
> yum install openssl-devel

After that I differ, since I want a version more modern than the one in the post.

> yum install ruby
> gem update --system
 Updating rubygems-update
 Fetching: rubygems-update-2.7.7.gem (100%)
...some stuff here...
 Installing ri documentation for rubygems-2.7.7
=== 2.7.7 / 2018-05-08

Unfortunately, if we check the versions after this, it’s not OK yet.

> ruby --version
ruby 2.0.0p648 (2015-12-16) [x86_64-linux]
> gem --version
2.0.14.1

What now? We can download the ruby packages and install them locally. Thinking about the big picture (to install foreman) I will do as suggested here.  An interesting output (not in the page) are, for the Step 2, after the install…

 > curl -L get.rvm.io | bash -s stable
...some stuff here...
Creating group 'rvm'

Installing RVM to /usr/local/rvm/
Installation of RVM in /usr/local/rvm/ is almost complete:

* First you need to add all users that will 
be using rvm to 'rvm' group,
and logout - login again, anyone using rvm will be 
operating with `umask u=rwx,g=rwx,o=rx`.

* To start using RVM you need to run 
`source /etc/profile.d/rvm.sh`
 in all your open shell windows, in rare cases you need 
to reopen all shell windows.

I keep in mind that now I can install whatever ruby version I need. Change the version, install a new one, etc, is a simple as:

root@dm ~ ## > rvm install 2.4.2
Searching for binary rubies, this might take some time.
Found remote file 
https://.../binaries/centos/7/x86_64/ruby-2.4.2.tar.bz2
Checking requirements for centos.
Requirements installation successful.
ruby-2.4.2 - #configure
ruby-2.4.2 - #download
 % Total % Received % Xferd Average Speed Time Time Time Current
 Dload Upload Total Spent Left Speed
100 14.1M 100 14.1M 0 0 1465k 0 0:00:09 0:00:09 --:--:-- 1483k
No checksum for downloaded archive, 
recording checksum in user configuration.
ruby-2.4.2 - #validate archive
ruby-2.4.2 - #extract
ruby-2.4.2 - #validate binary
ruby-2.4.2 - #setup
ruby-2.4.2 - #gemset created
ruby-2.4.2 - #importing gemset 
/usr/local/rvm/gemsets/global.gems.......................
ruby-2.4.2 - #generating global wrappers........
ruby-2.4.2 - #gemset created /usr/local/rvm/gems/ruby-2.4.2
ruby-2.4.2 - #importing gemsetfile 
/usr/local/rvm/gemsets/default.gems evaluated to empty gem list
ruby-2.4.2 - #generating default wrappers........
root@dm ~ ## > rvm use 2.4.2 --default
Using /usr/local/rvm/gems/ruby-2.4.2
root@dm ~ ## > rvm list

rvm rubies

=* ruby-2.4.2 [ x86_64 ]

# => - current
# =* - current && default
# * - default

I consider a nice touch that ruby messages are in red 🙂 I check now the ruby & gem versions…

root@dm ~ ## > ruby --version
ruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-linux]
root@dm ~ ## > gems --version
bash: gems: command not found...
root@dm ~ ## > gem --version
2.6.14

That seems to be enough. Let’s try to install our docker now.

root@dm ~/Dockers/foreman_docker ## > bundle install
...something going on here...
Using foreman_docker 4.1.0 from source at `.`
...something more here...
Bundle complete! 2 Gemfile dependencies, 56 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem 
is installed.

We check that the bundle is available…

bundle info foreman_docker
 * foreman_docker (4.1.0)
 Summary: Provision and manage Docker containers 
 and images from Foreman
 Homepage: http://github.com/theforeman/foreman-docker
 Path: /root/Dockers/foreman_docker

So we’re done. Now for the foreman itself.