Merge dba2281 into 9017e29

nre-learning · Dec 13, 2020 · 280094f · 280094f
2 parents 9017e29 + dba2281
commit 280094f
Show file tree

Hide file tree

Showing 7 changed files with 80 additions and 14 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## In development
 
+- Fixing Salt and St2 images/lessons [#350](https://github.com/nre-learning/nrelabs-curriculum/pull/350)
 - Revert tshoot lesson back to vQFX [#347](https://github.com/nre-learning/nrelabs-curriculum/pull/347)
 - Fix troubleshooting lesson scripts to be py3 compatible [#345](https://github.com/nre-learning/nrelabs-curriculum/pull/345)
 - Migrating from travis to github actions [#344](https://github.com/nre-learning/nrelabs-curriculum/pull/344)

diff --git a/images/salt/Dockerfile b/images/salt/Dockerfile
@@ -1,14 +1,68 @@
-FROM antidotelabs/utility
+FROM ubuntu:focal
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y openssh-server python3 python3-pip curl dnsutils iputils-ping git vim  util-linux sshpass nano jq libxml2-utils
+
+RUN mkdir /var/run/sshd
+
+# Antidote user
+RUN mkdir -p /home/antidote
+RUN useradd antidote -p antidotepassword
+RUN chown antidote:antidote /home/antidote
+RUN chsh antidote --shell=/bin/bash
+RUN echo 'antidote:antidotepassword' | chpasswd
+RUN echo 'root:$(uuidgen)' | chpasswd
+
+# Adjust MOTD
+RUN rm -f /etc/update-motd.d/*
+RUN rm -f /etc/legal
+ADD motd.sh /etc/update-motd.d/00-antidote-motd
+
+# Disable root Login
+RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config
+RUN sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
+
+# SSH login fix. Otherwise user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+# Disable su for everyone not in the wheel group (no one is in the wheel group)
+RUN echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su
+
+# https://stackoverflow.com/questions/36292317/why-set-visible-now-in-etc-profile
+ENV NOTVISIBLE "in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+# ADD requirements.txt /requirements.txt
+# RUN pip3 install -r /requirements.txt
+
+# COPY bash_profile /home/antidote/.bash_profile
+# RUN chown antidote:antidote /home/antidote/.bash_profile
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]
+
+
+# ------------------
 
 # Because tzdata comes with an interactive installer wizard to configure
 # your timezone
 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata
 
-RUN wget -O - https://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - && \
-    echo "deb http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic main" >> /etc/apt/sources.list && \
-    apt-get update && apt-get upgrade -y
+# RUN wget -O - https://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - && \
+#     echo "deb http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic main" >> /etc/apt/sources.list && \
+#     apt-get update
+    #&& apt-get upgrade -y
+
+# RUN wget -O - https://repo.saltstack.com/apt/ubuntu/18.04/amd64/archive/2019.2.4/SALTSTACK-GPG-KEY.pub | apt-key add - && \
+#     echo "deb https://repo.saltstack.com/apt/ubuntu/18.04/amd64/archive/2019.2.4 bionic main" >> /etc/apt/sources.list && \
+#     apt-get update
+
+RUN curl -L https://bootstrap.saltstack.com -o install_salt.sh \
+  && sh install_salt.sh -P -M -x python3
+
 RUN apt-get --auto-remove --yes remove python-openssl
-RUN pip3 install -r requirements.txt
+
+ADD requirements.txt /requirements.txt
+RUN pip3 install -r /requirements.txt
 
 RUN apt-get install -y salt-master salt-minion
 
@@ -17,8 +71,8 @@ COPY ./salt_configs/master /etc/salt
 COPY ./salt_configs/minion /etc/salt
 COPY ./salt_configs/proxy /etc/salt
 
-RUN service salt-minion restart
-RUN service salt-master restart
+# RUN service salt-minion restart
+# RUN service salt-master restart
 
 # Add pillar file for vqfx1
 RUN mkdir /srv/pillar
@@ -43,7 +97,8 @@ RUN chown -R antidote:antidote /var/cache/salt
 RUN chown -R antidote:antidote /srv
 RUN chown -R antidote:antidote /var/log/salt
 RUN chown -R antidote:antidote /var/run/salt
-# RUN chown -R antidote:antidote /var/run/salt-master.pid
-# RUN chmod -R 777 /var/run/salt-master.pid
+RUN chown -R antidote:antidote /var/run/salt-master.pid
+RUN chown -R antidote:antidote /var/run/process_responsibility_salt-minion.pid
+RUN chmod -R 777 /var/run/salt-master.pid
 RUN chown antidote:antidote /var/run
 RUN chmod 777 /var/run
diff --git a/images/salt/motd.sh b/images/salt/motd.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+printf "Welcome to \u001b[1;38;5;36mNRE Labs\033[1m%s\033[0m! \n"
+printf " * Docs - https://docs.nrelabs.io/\n"
diff --git a/images/salt/requirements.txt b/images/salt/requirements.txt
@@ -1,2 +1,3 @@
 pyOpenSSL
 jxmlease
+junos-eznc
diff --git a/images/salt/salt_configs/provision_infrastructure.sls b/images/salt/salt_configs/provision_infrastructure.sls
@@ -3,3 +3,5 @@ Install the infrastructure services config:
    - name: salt:///infrastructure_config.conf
    - replace: True
    - timeout: 100
+   - template_vars:
+       foo: bar
diff --git a/images/stackstorm/Dockerfile b/images/stackstorm/Dockerfile
@@ -36,14 +36,17 @@ RUN apt-get update -y && apt-get install -y crudini  rabbitmq-server
 # Mongo started adding a dependency on systemd in their packages, so we're installing from tarball now
 # https://www.mongodb.com/try/download/community
 # https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu-tarball/
+#
+# Careful not to use 4.4 - https://stackoverflow.com/questions/64059795/mongodb-get-error-message-mongoerror-path-collision-at-activity
+#
 #####################################################################################################
 
-RUN wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.4.2.tgz \
-  && tar -zxvf mongodb-linux-x86_64-ubuntu1804-4.4.2.tgz \
-  && cp mongodb-linux-x86_64-ubuntu1804-4.4.2/bin/* /usr/local/bin/ \
+RUN wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.0.21.tgz \
+  && tar -zxvf mongodb-linux-x86_64-ubuntu1804-4.0.21.tgz \
+  && cp mongodb-linux-x86_64-ubuntu1804-4.0.21/bin/* /usr/local/bin/ \
   && mkdir -p /var/lib/mongo \
   && mkdir -p /var/log/mongo \
-  && rm -rf mongodb-linux-x86_64-ubuntu1804-4.4.2/
+  && rm -rf mongodb-linux-x86_64-ubuntu1804-4.0.21/
 
 #####################################################################################################
 ## Install StackStorm                 

diff --git a/lessons/salt-network-automation/stage0/guide.md b/lessons/salt-network-automation/stage0/guide.md
@@ -38,6 +38,6 @@ salt '*' test.ping
 We can use the cmd.run execution module to run a remote command on the Salt Minion. In this case, we're checking what version of python is running on the Salt Minion.
 
 ```
-salt minion* cmd.run 'python -V'
+salt minion* cmd.run 'python3 -V'
 ```
 <button type="button" class="btn btn-primary btn-sm" onclick="runSnippetInTab('salt1', this)">Run this snippet</button>