Tail Vault auth logs

Problem

You would like to tail the Vault auth log files, but if you use the vault tag for auditing and your server is also named vault, you cannot filter out the vault auth logs only.

Solution

Use the client_login as the filter in grep:

Check haproxy configuration file for errors

Problem

You would like to check your haproxy.cfg file for errors when making changes.

Solution

Use the following command to validate/check your HAProxy configuration file:

Decode access secret key from Terraform IAM user creation

Problem

You want to use the pgp encryption when using Terraform to create an AWS IAM user, and you have the secret access token returned as an output but encoded.

Solution

Use the following to get the actual secret key decoded (after copying your encoded key to a file encrypted_key.txt:

Terraform Cloud – ‘operations’ attribute is deprecate, and cannot be used in conjuction with ‘execution’. Use the latter only

Problem

You are trying to add a new workspace in your organization in Terraform Cloud, using the same connected VCS (Gitlab) as the one you already have setup, but you get the above error when trying to add it in Firefox (Linux – Ubuntu – 79).

Solution

Use Chromi(um) to create the workspace as it works there. You can then use it in Firefox as normal.

Error initializing storage of type raft: failed to create fsm: failed to open bolt file: open /home/vault/data/vault.db: permission denied

Problem

Trying to start the vault server following the guides that specify creating the data directory in /home/vault/data results in the above error and service cannot be started.

Solution

According to the guide here: https://learn.hashicorp.com/tutorials/vault/raft-deployment-guide?in=vault/day-one-raft, changing the data directory to /opt/raft and the hcl file to reflect that the server can be started without any errors.

Failed to initialize build ‘qemu’: post-processor type not found: exoscale-import

Problem

Trying to follow along the example in the Exoscale article about creating custom templates, you get the error about exoscale-import not found, when you are trying to validate the packer template.

Solution

Make sure that you use a current packer installation as the exoscale-import was not supported in the older versions.

So after installing the latest version the above error goes away

qemu: Error launching VM: Qemu failed to start. Please run with PACKER_LOG=1 to get more info.

Problem

You are trying to build a QEMU image with Packer, but you are getting the error suggesting to use the PACKER_LOG=1 option. But there is no indication where to place it in the command line.

Solution

Put it at the begging of the command line as folows:

sudo kubeadmin init returns with: [ERROR Swap]: running with swap on is not supported. Please disable swap

Problem

You are trying to set up kubernetes on your local machine but trying to use initialize it with kubeadmin init, returns the following error:

Solution

Switch the swap to off (Ubuntu command below) and try again.

Setting up worldPing with Grafana running in docker

You would like to test worldPing (https://worldping.raintank.io/worldping/) in your local environment for evaluation purposes.

  • Install Grafana with docker as described here (https://grafana.com/docs/grafana/latest/installation/docker/) and give it a name (ie grafana)
  • Login to the grafana container and install the worldPing plugin:
  • Exit from the container and stop and start it
  • Login to your grafana installation on the browser (localhost:3000) and go to the section for the plugins to find worldPing
  • To be able to enable it you will need an API key from Grafana Cloud, so create a free account (https://grafana.com/signup/starter/connect-account)
  • Create an API key (Security – API Keys – Add API Key)
  • Go back to Grafana web UI and add the API key so you can enable the worldPing. Add an endpoint to check and select the services to check (DNS, Ping, HTTP, HTTPS)
  • Leave it running for a few minutes and check the dashboards afterwards.
  • Remember to Disable if you want to go back to it again in the near future, or Destroy the endpoint if you do not need it anymore.

ssh-add, Gitlab CI/CD with alpine image

Problem

Trying to use the usual way of adding Gitlab’s key to the ssh agent, is not working in alpine image (but it works in debian/ubuntu), and you get the following error message:

 - ssh-add <(echo "$GITLABCICD_PRIVATE_KEY")
/bin/sh: syntax error: unexpected "("

Solution

Try to use the following instead:

  - echo "$GITLABCICD_PRIVATE_KEY" | ssh-add -