Problem scenario
You want to use a Declarative pipeline in Jenkins (via a Jenkinsfile). What do you do?
Solution
Follow the directions of this posting. Use step 4.c instead of 4.b. (4.b. is just a "Hello World" example)
How Do You Troubleshoot “groovy.lang.MissingPropertyException: No such property” when running a Groovy Program?
Problem scenario
You are running a Groovy program.
Here is your code:
def input = System.console().readLine 'Please provide some input: '
def x = input
def boardArray = new String[2]
boardArray[0] = ""
boardArray[1] = ""
boardArray[1] = $x //this is the incorrect version
println boardArray[1]When you run it (i.e., with groovy foobar.groovy), you get this error:
Caught: groovy.lang.MissingPropertyException: No such property: $x for class:
groovy.lang.MissingPropertyException: No such property
What should you do?
Solution
To assign an element of an array, should have quotes around the variable and the $ symbol and the syntax " as String" should follow the closing quote mark.
def input = System.console().readLine 'Please provide some input: '
def x = input
def boardArray = new String[2]
boardArray[0] = ""
boardArray[1] = ""
boardArray[1] = "$x" as String //This is the correct version
println boardArray[1] How Do You Troubleshoot the Amazon EKS Web Console Error “AccessDeniedException not authorized to perform: iam:PassRole on resource”?
Problem scenario
You are logged into the AWS web console. You try to perform an operation but you get this error:
"AccessDeniedException
User: arn:aws:iam::12345678910:user/jdoe is not authorized to perform: iam:PassRole on resource: arn:aws:iam::12345678910:role/rolename"
What should you do?
Solution
1. Create a role with "EKS" (to create Kubernetes clusters). If you don't know how, see this posting.
2. Follow steps 1, 2, and 8 through 20 of this set of directions. (Go to that link but skip steps 3 through 7.)
How Do You Troubleshoot the “kubectl” Error ‘the server doesn’t have a resource type “svc”‘?
Problem scenario
You are trying to use Kubernetes in AWS. You have installed kubectl and you run this command:
kubectl get svc
You receive this: 'error: the server doesn't have a resource type "svc"'
You try again with a more verbose output. You run this command:
kubectl get svc -v=8
In the output you see messages like this: "Response Status: 401 Unauthorized in 73 milliseconds"
What should you do to use kubectl with AWS?
Possible Solution #1
Go to the the .kube directory (e.g., cd ~; cd .kube) and modify the config file. Change the stanza "name: kubernetes" to be "name: NameOfYourCluster" (where "NameOfYourCluster" is the name of your cluster).
Alternatively you could run a command like this: kubectl config set-cluster NameOfYourCluster # where "NameOfYourCluster" is the name of your cluster
If you want more detail, try this posting.
Possible Solution #2
1. Log into the AWS console: https://console.aws.amazon.com/eks/home?
2. Click on the kubernetes cluster you want to obtain more information about (that which you want the kubectl command on the back-end to apply to).
3. Find the "Role ARN".
4. Go to the Linux server that you run your "kubectl" commands from. Go to the .kube directory. Find the config-NameOfCluster file (where "NameOfCluster" is the name of the cluster for which you want to run a kubectl command on).
5. In this file make sure your have an "args" section with stanzas such as these (where "arn:aws:iam::123456789:role/nameofcluster" is the value of the 'Role ARN' obtained in step #3):
- "-r"
- "arn:aws:iam::123456789:role/nameofcluster"
The two stanzas above are commented out in this thorough explanation of the kubeconfig file: https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
Possible Solution #3
Install and configure the AWS CLI again; if you need assistance with this, see this posting. Then create a .kube directory and recreate a kubeconfig file inside this .kube directory by following the directions here:
https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
Possible Solution #4
Was your Kubernetes cluster created with one user yet your AWS CLI has been configured with a user? One user can have more than one AWS Access Key. The problem you are having may be consistent with a different user that created the cluster from the one that is trying to interact with it. If you can create an access key based on the user that created the cluster, then reconfigure the AWS CLI to use that key, the problem may subside. Alternatively if you could use the user that you are using to run the "kubectl get svc" command to create a new cluster, that may eliminate the problem too.
How Do You Determine the URL for the AWS Web Console for a Non-root User?
Problem scenario
You created an AWS Console user (e.g., an IAM user). You want to log into the web UI with the user. You have the username and password. What is the URL for the AWS web console for a non-root user?
Solution
1. Log into the web UI.
2. Go here: https://console.aws.amazon.com/iam/home?
3. Go to Users on the left.
4. Click on the user you are interested in.
5. Click on the "Security Credentials" tab near the top.
6. Near the top the URL should appear.
Is Jenkins job-dsl Different from Jenkinsfile Pipelines’ Scripted Syntax?
Question
You have heard of Jenkins job-dsl. You are not sure if it is the same DSL found in scripted syntax Jenkinsfile pipelines. Is Jenkins job-dsl different from Jenkinsfile pipelines' scripted syntax?
Answer
Yes. Jenkins job-dsl is different from the DSL used in Jenkinsfile pipelines' scripted syntax. This thread confirms this fact. This link helps explain the differences.
How Do Quotes Affect Python if Conditional Tests of Equality for a Variable?
Problem scenario
You are programming in Python, and you want to use conditional logic. You want to know how variables are evaluated and tested. You want to use the keyword "if" to evaluate a variable assignment.
Solution
This program below shows how the evaluation of a variable in Python behaves when quotes are involved. Errors are not thrown or displayed to the programmer. Therefore in some instances the programmer must know how quotes affect logical evaluations with variables.
Notice how "testfunc" and "specialfunc" test the variable named "digit" with and without quote marks respectively:
def testfunc(digit):
if (digit == 0):
print( "The digit was zero when you called this function")
else:
print ("The digit was NOT 0.")
h = testfunc('0')
print ("h with quotes around the zero is above. i with no quotes around the zero is below")
i = testfunc(0)
print( " ")
print( " **************** ")
print( " ")
def specialfunc(digit):
if (digit == '0'):
print( "The digit was zero when you called this function")
else:
print( "The digit was NOT 0.")
j = specialfunc('0')
print( "j is above with quotes around the zero. k is below with no quotes around the zero.")
k = specialfunc(0)###Python 3 version above
###Python 2 version below
def testfunc(digit):
if (digit == 0):
print "The digit was zero when you called this function"
else:
print "The digit was NOT 0."
h = testfunc('0')
print "h with quotes around the zero is above. i with no quotes around the zero is below"
i = testfunc(0)
print " "
print " **************** "
print " "
def specialfunc(digit):
if (digit == '0'):
print "The digit was zero when you called this function"
else:
print "The digit was NOT 0."
j = specialfunc('0')
print "j is above with quotes around the zero. k is below with no quotes around the zero."
k = specialfunc(0)
The above program prints this:
The digit was NOT 0.
h with quotes around the zero is above. i with no quotes around the zero is below
The digit was zero when you called this function
****************
The digit was zero when you called this function
j is above with quotes around the zero. k is below with no quotes around the zero.
The digit was NOT 0.
Given that the only difference between testfunc and specialfunc is the quotes around the 0 in the if clause, you may think that Python is weakly-typed. There are no errors thrown. However, Python is strongly typed and dynamically typed. For more information see this article.
How Do You Iterate through Data Members (the Individual Components) of a Groovy Object?
Problem scenario
You have an object that you want to sequentially pass through. That is, you want to print either the value or the key/name and value pair of every member data item of the object. How do you print every individual data member of a given object in Groovy?
Solution
Invoke the ".properties.each" keyword. This built-in feature will allow you to do just this. There is one "if" condition you will use to avoid printing the "class=class ..." feature.
Here is an example (the code starts with "@groovy..." and ends with "}"):
@groovy.transform.Canonical
class Program {
String mem1 = ""
String mem2 = ""
String mem3 = ""
String mem4 = ""
String mem5 = ""
String mem6 = ""
String mem7 = ""
String mem8 = ""
String mem9 = ""
}
programsv1 = new Program( "1", "2", "3", "4", "5", "6", "7", "8", "9")
programsv1.properties.each { name, value ->
if (name != 'class') {
println "${name}, ${value}" }
}
If you want it sorted, use the slightly more verbose option of ".sort{ it.key }" in between the "properties" and ".each". Here is an example:
@groovy.transform.Canonical
class Program {
String mem1 = ""
String mem2 = ""
String mem3 = ""
String mem4 = ""
String mem5 = ""
String mem6 = ""
String mem7 = ""
String mem8 = ""
String mem9 = ""
}
programsv1 = new Program( "1", "2", "3", "4", "5", "6", "7", "8", "9")
programsv1.properties.sort{ it.key }.each { name, value ->
if (name != 'class') {
println "${name}, ${value}" }
}
How Do You SSH to a GCP server?
Problem scenario
You cannot SSH into a Linux Google Cloud Platform server. How do you create new GCP servers that you can SSH into?
Solution
Summary
Use the "Startup script" in Google Cloud Platform. This script comes with precautions. Be careful when pasting it. The lines can potentially not wrap properly. Carriage returns could be introduced to make this script fail. Be very careful because this script creates a user with sudoer privileges. It also has a plaintext password in it for this user! This script is for informational purposes.
If you use Puppet for example, the facter tool will be able to retrieve the entire script below after the script below runs. This is a potential security concern!
This will create two "ChallengeResponseAuthentication yes" stanzas in most Red Hat family servers. You can manually comment one out. It will not prevent you from logging on.
Procedures
1. This solution only works for servers that have not yet been created. When you create the server, place this script in the "Startup Script" but replace "cooluser" and "coolpassword" with the credentials you want a sudo user to have:
#!/bin/bash
# Written by www.continualintegration.com. We recommend you modify it in Notepad++.
usr="cooluser" # change cooluser to the username you want to add
pswd="coolpassword" # change coolpassword to the password of your choice.
#mkdir /home/$usr # probably can remove this stanza
distro=$(cat /etc/*-release | grep NAME)
debflag=$(echo $distro | grep -i "ubuntu")
if [ -z "$debflag" ]
then # If it is not Ubuntu, test if it is Debian.
debflag=$(echo $distro | grep -i "debian")
echo "determining Linux distribution..."
else
echo "You have Ubuntu Linux!"
fi
rhflag=$(echo $distro | grep -i "red*hat")
if [ -z "$rhflag" ]
then #If it is not RedHat, see if it is CentOS or Fedora.
rhflag=$(echo $distro | grep -i "centos")
if [ -z "$rhflag" ]
then #If it is neither RedHat nor CentOS, see if it is Fedora.
echo "It does not appear to be CentOS or RHEL..."
rhflag=$(echo $distro | grep -i "fedora")
fi
fi
if [ -z "$rhflag" ]
then
echo "...still determining Linux distribution..."
else
echo "You have a RedHat distribution (e.g., CentOS, RHEL, or Fedora)"
useradd -m $usr -g wheel
chown $usr:$usr /home/$usr
#usermod -aG wheel $usr
fi
if [ -z "$debflag" ]
then
echo "...still determining Linux distribution..."
else
echo "You are using either Ubuntu Linux or Debian Linux."
apt-get -y upgrade gawk
useradd -m $usr -g sudo
chown $usr:$usr /home/$usr
#usermod -aG sudo $usr # this won't work on a Red Hat family server
fi
suseflag=$(echo $distro | grep -i "suse")
if [ -z "$suseflag" ]
then
if [ -z "$debflag" ]
then
if [ -z "$rhflag" ]
then
echo "*******************************************"
echo "Could not determine the Linux distribution!"
echo "Installation aborted. Nothing was done."
echo "******************************************"
exit
fi
fi
else # This else clause evaluates if you have Linux SUSE.
echo "Processing steps for Linux SUSE"
sudo useradd $usr -m -g google-sudoers
chown $usr:users /home/$usr
fi
echo $usr:$pswd | chpasswd
# obtain line numbers f the sshd_config file that need to be changed
pa=$(cat /etc/ssh/sshd_config | grep -n "PasswordAuthentication no" | awk --field-separator=":" '{print $1}')
if [ -z "$pa" ]
then
pa=$(cat /etc/ssh/sshd_config | grep -n "PasswordAuthentication yes" | grep "\#" | awk --field-separator=":" '{print $1}')
fi
cra=$(cat /etc/ssh/sshd_config | grep -n "ChallengeResponseAuthentication no" | awk --field-separator=":" '{print $1}')
if [ -z "$cra" ]
then
cra=$(cat /etc/ssh/sshd_config | grep -n "ChallengeResponseAuthentication yes" | grep "\#" | awk --field-separator=":" '{print $1}')
fi
pa=$(echo $pa | awk '{print $1}') # get the top line number of the one that matched
cra=$(echo $cra | awk '{print $1}') # get the top line number of the one that matched
bv=$(date)
bva=${bv//[[:blank:]]/}
bvar=$bva.bak
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$bvar #back up the file
part1="sed -i \""$pa"s/PasswordAuthentication no/PasswordAuthentication yes/\" /etc/ssh/sshd_config"
echo $part1 >> /tmp/cool.sh
part2="sed -i \""$pa"s/# PasswordAuthentication no/PasswordAuthentication yes/\" /etc/ssh/sshd_config"
echo $part2 >> /tmp/cool.sh
part3="sed -i \""$pa"s/#PasswordAuthentication no/PasswordAuthentication yes/\" /etc/ssh/sshd_config"
echo $part3 >> /tmp/cool.sh
part4="sed -i \""$pa"s/#PasswordAuthentication yes/PasswordAuthentication yes/\" /etc/ssh/sshd_config"
echo $part4 >> /tmp/cool.sh
part5="sed -i \""$pa"s/# PasswordAuthentication yes/PasswordAuthentication yes/\" /etc/ssh/sshd_config"
echo $part5 >> /tmp/cool.sh
part6="sed -i \""$cra"s/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/\" /etc/ssh/sshd_config"
echo $part6 >> /tmp/cool.sh
part7="sed -i \""$cra"s/#ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/\" /etc/ssh/sshd_config"
echo $part7 >> /tmp/cool.sh
part8="sed -i \""$cra"s/# ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/\" /etc/ssh/sshd_config"
echo $part8 >> /tmp/cool.sh
part9="sed -i \""$cra"s/#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication yes/\" /etc/ssh/sshd_config"
echo $part9 >> /tmp/cool.sh
part10="sed -i \""$cra"s/# ChallengeResponseAuthentication yes/ChallengeResponseAuthentication yes/\" /etc/ssh/sshd_config"
echo $part10 >> /tmp/cool.sh
# Modify the /etc/passwd so the new user can use the up arrow to see history of commands entered
thefile="/etc/passwd"
bv=$(date)
bva=${bv//[[:blank:]]/}
bvar=$bva.bak
cp /etc/passwd /etc/bak.passwd.$bvar.bak
ln=$(cat $thefile | grep -n $usr | awk --field-separator=":" '{print $1}')
var2=$var1"/bin/bash/"
ifexists=$usr":/"
flag=$(cat $thefile | grep -n $ifexists)
if [ -z "$flag" ]
then
sethome="sed -i \""$ln"s/home\/$usr:/home\/$usr:\/bin\/bash/\" $thefile"
echo $sethome
echo $sethome >> /tmp/cool.sh
fi
bash /tmp/cool.sh
rm /tmp/cool.sh
echo '
usr="cooluser"
oldfile=$(cat /etc/passwd)
echo "${oldfile//\/home\/$usr:\/bin\/sh/\/home\/$usr:\/bin\/bash}" > /etc/passwd
' >> /home/result.sh
/bin/bash /home/result.sh
rm /home/result.sh
# For reference only.
#perl -i -pe 's/.*/PasswordAuthentication yes/ if $.==$pa' /etc/ssh/sshd_config file
#perl -i -pe 's/.*/ChallengeResponseAuthentication yes/ if $.==$cra' /etc/ssh/sshd_config file
echo ":set mouse=" >> /home/$usr/.vimrc
echo ":set mouse=" >> /root/.vimrc
systemctl restart sshd # for Red Hat derivatives b/c the command below will do nothing.
/etc/init.d/ssh restart2. After the server is up, in the GCP web console click on the server's name. This way you can view the details. Scroll down to the "Custom Metadata" and click on the "X" to eliminate the script as this picture shows:
Scroll down and click "Save".
3. You are done.
How Do You Troubleshoot “Redirecting to /bin/systemctl start docker.service ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units”?
Problem Scenario
You try to configure Docker such that you can run "docker" commands without sudo. You run these three commands:
sudo groupadd docker
sudo gpasswd -a $USER docker
newgrp dockerYou then installed Docker and rebooted the server. You then run this:
docker run hello-world
But you received this:
/usr/bin/docker-current: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See '/usr/bin/docker-current run --help'.
You ran this: sudo service docker status
The results confirmed the Docker was not running.
You ran this: service docker start
But you received this:
Redirecting to /bin/systemctl start docker.service
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to manage system services or units.
Authenticating as: Cloud User (ec2-user)
Password:
How do you start the docker service without sudo?
Solution
Use this set of directions to configure Docker to work without the sudo command.