1,760
edits
Changes
→LAB 8 SIGN-OFF (SHOW INSTRUCTOR)
== Prerequisites ==
:# Has the user account named "stduentstudent" and password for your VM with access port on myvmlab.senecacollege.ca
:# Regular account on Matrix.senecacollege.ca
== PART 2: running privileged commands on remote machines ==
: <font color='red'><b>**WARNING** Run privileged commands incorrectly with sudo may cause irreparable damage to your remote machine.</b></font>
: We say that running an ad-hoc fab command is very similar to the SSH command with shell commands attached at the end. Let's try both with privileged commands, like the "yum" command.
[student@centos7 ~]$
</source>
: Please note that when you run the "sudo" command the first time, it asks you for the user's password (i.e. user student's password). Let's now remote remove the "tree" package:<source lang='bash'>
[student@centos7 ~]$ yum remove tree -y
Loaded plugins: fastestmirror
[student@centos7 ~]$
</source>
: The above tests confirm confirmed that the student user is allowed to execute the sudo command to run the yum command to install and remove rpm packagepackages. Now let's logout from the VM and go back to matrix. On matrix, try to run the sudo command using SSH:<source lang='bash'>
[student@centos7 ~]$ exit
logout
fab --host=myvmlab.senecacollege.ca --port=7200 --user=student -- 'sudo yum install tree -y'
</source>
: Type in your user student's password when prompted for "sudo password", the '''yum install ''' command to should be executed successfully and install the '''tree ''' rpm package should be executed successfully. If the tree rpm package is already installed, you can remove it with the following ad-hoc fab command: <source lang='bash'>
fab --host=myvmlab.senecacollege.ca --port=7200 --user=student -- 'sudo yum remove tree -y'
</source>
= INVESTIGATION 3: Running the fab command in script mode =
: Notice that there is no need to specify the user name at the '''fab''' command line since we defined it in the fabric script file (env.user = 'student'). Also notice that we can capture the host name returned from the "hostname" command and print it out together with an descriptive text in a line.
:In the above executed '''fab''' command, the fab program imports the fabric script named "fabfile.py" and execute the getHostname function on the VM connect at port 7200 on myvmlab.senecacollege.ca. Note that the port number for your first VM will likely be of has a different value.
: If you did all the setup right and you got a password prompt when execute the above command, read the prompt carefully and see who's password it was prompting you for. If it is not for the user student, verify that you have the following line in your fabfile.py and you can ssh to your VM as the user student without password:
:* Output generated on the controller workstation from your fab file (the print statement)
:You should get used to the above messages from the '''fab''' command. It's a lot of output but it's important to understand where every part each piece of information is coming from, so you are able to debug problems when they happen.
== PART 2: Privileged Tasks Examples ==
</source>
= Optional Lab Exercise: Create a Fabric task called makeUser() =: Study the Fabric API run(), sudo(), local(), and put() and utilize them to create a new Fabric task called makeUser()
: The makeUser() task should perform the following on a remote machine to:
:* create a new user called "ops435p" with home directory "/home/ops435p".
:* add the new user to the sudo group called "wheel".
:* from your instructor, get the ssh public key which is posted on the internet to your controller workstation.:* add the ssh public key obtained from your instructor to the file named "authorized_keys" in the ~ops435p/.ssh directoryon the remote machine. (Note: Make sure that you set the proper ownership and permissions on both the directory ~ops435p/.ssh and the file "~ops435p/.ssh/authorized_keys.)
:Add the makeUser() to your final version of fabfile.py.
:Run the new task makeUser() on your VM.
= LAB 8 SIGN-OFF (SHOW INSTRUCTOR) =
: Complete all the parts each part of the lab and upload the version of your fabfile.py to Blackboard by the due date.
[[Category:OPS435-Python]][[Category:rchan]]
