Ansible – Continue nicely when shell exits with error

Sometimes a command gives an exit code which isn’t considered an error in your playbook. You could use “ignore_errors” but it will stand out when you run your playbook, and it’s the first thing new colleagues point out when we run a play together.

This example shows you how to use the exit code in a when clause without ansible throwing (and catching) the exception.

- name: Check if md5sum of the current  is the same
  shell: 'md5sum --check /install/md5sum_of_installer'
  register: installer_md5sum_check
  failed_when: ( installer_md5sum_check.rc not in [ 0, 1 ] )

- name: Run Installer if md5sum is different or missing
  include_role:
    name: my_install_role
  when: installer_md5sum_check.rc == 1
  ## rc 0: the md5sum output was "OK", thus was already installed
  ## rc 1: it was not the same (or the file was missing)

- name: Create md5sum for the installer
  shell: 'md5sum /install/my_installer.zip > /install/md5sum_of_installer'
  when: installer_md5sum_check.rc == 1
  ## We can only arrive here when the installer role was successfully finished

Use Skype with microphone in your Citrix Receiver session on Linux

Today I wanted to join a meeting but I was unable to be heard.
I’m connected to a Windows desktop via Citrix Receiver, I’m connecting from an Ubuntu Linux host.
Looking at the sound settings in my windows desktop, I saw that there was no recording device. So not being able to send sound makes sense then.
To enable input sound, add the following line to the WFClient section in your personal ICA settings file:
 
~/.ICAClient/wfclient.ini

[...]
[WFClient]
AllowAudioInput=True
[...]

Next, log off and log back into to your windows desktop and check the recording tab on the Sound settings, there a recording device now.
2018-08-31 08:20:43 screenshot
That should do the trick.

Weblogic LDAP backup (daily, and also very very simple)

My new colleague pointed me in the right way while I was scripting waaaaay too much to create a backup of the Weblogic users and groups.
The easiest way is to use the daily backup which is created by weblogic itself.
 
The backup is located on de adminserver, in this location:
$base_domain/servers/AdminServer/data/ldap/backup/EmbeddedLDAPBackup.zip
 
If there’s an issue with your embedded ldap, you can stop the adminserver, restore these files to this location:
$base_domain/servers/AdminServer/data/ldap/ldapfiles
Continue reading “Weblogic LDAP backup (daily, and also very very simple)”

FATAL Fatal error during KafkaServer startup, NumberFormatException

This might have taken me a long time to figure out, but fortunately my super awesome colleague (nicknamed Mr.T, he also pities fools) showed me the solution.
We ran into a Kafka Broker which was not starting, and gave the exception that is pasted in the bottom of this post.

FATAL Fatal error during KafkaServer startup. [..] java.lang.NumberFormatException

The solution is that the string (in this example “hs_err_pid19313”) is actually an error log which exists in a topic partition directory. (Re)move this file and Kafka will start without a problem.
(Tip: use find and grep to quickly find the file, go to your Kafka storage directory and run the following command;

find . |grep hs_err_pid19313

Continue reading “FATAL Fatal error during KafkaServer startup, NumberFormatException”

Citrix Receiver on Linux: SSL Error 61 ("You have not chosen to trust")

Important:
If you don’t know or understand certificates / root and intermediate certificate authorities, get someone who understands to follow below instructions.

I tried connecting to the company’s citrix server, but kept hitting the same error when I tried to open the connection:

Contact your help desk with the following information:
You have not chosen to trust "INSERT YOUR CA HERE",
the issuer of the server's security certificate (SSL Error 61)

It seems that Citrix has an alternate directory where it stores it’s trusted cert’s / certificate authorities. Even though you can see that the server’s certificate is trusted (by root CA’s) via a web browser, we need to copy those to the correct directory.
In short: Copy the root and intermediate CA’s to this directory: /opt/Citrix/ICAClient/keystore/cacerts
Continue reading “Citrix Receiver on Linux: SSL Error 61 ("You have not chosen to trust")”

Although GNOME Shell integration extension is running, native host connector is not detected

This is a bit of a nuisance, after a fresh install of Ubuntu Gnome, I was not able to install extensions from extensions.gnome.org.
Firefox asked me if I’d like to install the extension but after a Firefox restart I still wasn’t able to install any plugins.
To be precise; this message was shown:
Although GNOME Shell integration extension is running, native host connector is not detected. Refer documentation for instructions about installing connector.
The solution was to install the chrome-gnome-shell package;

sudo apt-get install chrome-gnome-shell

This fixes the message from both chrome and firefox.

This ZooKeeper instance is not currently serving requests

When one of your zookeeper nodes is sending you this message, that means that your Zookeeper cluster hasn’t started in the right order.
 
Solution: Restart your cluster (node per node), starting from node 1 (as stated in zoo.conf)
 
This problem is easy to diagnose. When the order was wrong you will get this output:

[myserver:myuser] ~: echo stat | nc localhost 2181
This ZooKeeper instance is not currently serving requests

 
After you’ve restarted all nodes (in the correct order), you will get this output:

[myserver:myuser] ~: echo stat | nc localhost 2181 |grep Mode
Mode: follower
[myserver:myuser] ~: echo stat | nc localhost 2181 |grep Mode
Mode: leader

 
 
Hope this will help you out!

Calibre will not open, Gdk-Warning, drawable is not a native X11 window

It’s been a while since I’ve used Calibre to manage my Kindle, but today I wanted to transfer some PDF’s.
Unfortunately Calibre stopped working as soon as I tried to open a dialog window.
As it seems, Fedora has adopted a new display server, called Wayland. Since Calibre has dependencies in the previous adoption X-Server, Calibre won’t start.
In my case, the solution was to set a different GDK backend, before starting Calibre.

Solution:

Open a terminal and enter the following command:

GDK_BACKEND=x11 calibre

Why no SSL!? Port is open!

Okay, this has taken me too long to not post.. So here it is..:
When your firewall is blocking SSL traffic but allowing HTTP traffic, openssl s_client will show this:

my_host:joris [/etc/stores] openssl s_client -host external_host -port 12345
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 247 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

Continue reading “Why no SSL!? Port is open!”