The following script is intended to be placed on your clients.  It allows you to search for a software policy to install, as well as for the host you wish to install it on.  If you don’t specify a host, it’ll just install locally.  It should work on HP SA 7.86 and up.

Here’s the usage:

install_policy.py -u USER [ -p PASSWORD ] -s POLICY [ --host HOSTNAME ]

And the script:

I've taken down the script for a day or so while I rewrite it! The host I develop on uses a python 2.4 binary for the agent and the script isn't compatible with the much more common 1.5.2 binary that comes with SA

#!/opt/opsware/agent/bin/python

import sys
sys.path.append("/opt/opsware/pylibs")
sys.path.append("/opt/opsware/agent/pylibs")

from pytwist import *
from pytwist.com.opsware.device import DeviceGroupRef

ts = twistserver.TwistServer()
ds = ts.device.DeviceGroupService
ss = ts.server.ServerService

# Enter your username and password here
ts.authenticate("username","password")

# Enter the device group object ID for the group you want to iterate over
# You can get this object ID from the GUI
dgref = DeviceGroupRef(#######)
srefs = ds.getDevices(dgref)
for sref in srefs:
    svo = ss.getServerVO(sref)
    print "Updating %s" % svo.name
    # Set the stage.  This has to be a valid option - these are always in caps.
    svo.stage = "PRODUCTION"
    ss.update(sref, svo, 0, 0)

There are a few ways you can go around doing this. You can use filters and the search capability, you can manually create your ref, or you can find the refs via other objects, like device groups. The last one I mentioned is actually a very good way to loop through a set of systems to perform a task.

I’ll display the first method in this article and write up the other two later.

The first thing we need to do is get our script reference. Every object you work with in SA generally has a reference object and what I call the ‘virtual object’ ( or whatever VO really stands for ). The VO contains all the important attributes where as the reference only contains the id of the object in SA and the name. There are some methods contained in the VO, but the pytwist API makes common use of a ‘Service’ interface for specific types of objects, like the ServerService, the ServerScriptService, the SearchService, JobService, DeviceGroupService and so on that contain the methods that really make use of the VOs.

This first script enables us to run a known SA script on a known host thru SA from a command line. Note that the command line can be any host that has an agent – this doesn’t need to be run from the core.

I’ll show the script first, then explain it. This script is a version that can be run from an agent that has the Python 2 API Access for Server module installed.

import sys
from optparse import OptionParser
from getpass import getpass
sys.path.append('/opt/opsware/smopylibs2')
sys.path.append('/opt/opsware/agent_tools/') 

import agenttools_common
from pytwist import *
from pytwist.com.opsware.server import ServerRef
from pytwist.com.opsware.script import ServerScriptRef
from pytwist.com.opsware.custattr import NoSuchFieldException

ts = twistserver.TwistServer()

ss = ts.server.ServerService
scs = ts.script.ServerScriptService

# This is the same basic authentication scheme used in most of
# my scripts.  You can tear this out and just use the
# ts.authenticate method with the values already filled in.
parser = OptionParser()
parser.add_option("-u","--user",dest="sauser",
                  help="SA login id")
parser.add_option("-p","--pass",dest="sapasswd",
                  help="SA login password")
parser.add_option("-r","--prompt",action="store_true",dest="readstdin",
                  help="Prompt for passwords instead of using arguments")

(options, args) = parser.parse_args()

if not options.sapasswd and not options.readstdin:
        print "You must specify a password to login to SA."
        sys.exit(1)

if not options.sauser:
        print "You must specify a username to login to SA."
        sys.exit(1)

if options.readstdin:
    options.sapasswd = getpass("Enter Opsware Password: ")

ts.authenticate(options.sauser, options.sapasswd)

# Now the real work starts

# Create a reference to a script we know the ID of
# The ID can be obtained from the SA Gui
scriptRef = ServerScriptRef(22530102)

# Create a reference to a server we know about
serverRef = ServerRef(730102)

# In order to run the script, we'll use the startServerScript method
# from the ServerScriptService.  It requires the script ref, an arugments
# object.  We can optionally give it a tag that it will put under
# the ticket ID.  There are also optional arguments for a job notification
# and job schedule that I won't cover here.
#
# We have the reference already, so we need to create the job argument
# object.  We only need to set the list of targets, although there are
# options for setting the username and password of the script

# Creates the object
scriptArgs = com.opsware.script.ServerScriptJobArgs()

# Requires a list of scriptableRefs, which can be ServerRefs,
# DeviceGroupRefs or HypervisorRefs.  In our case, ServerRefs
scriptArgs.targets = [serverRef]

# Now we can run the job
runScript = scs.startServerScript(scriptRef, scriptArgs, 'Ticket ID #001', None, None)
print "Job started as id %d" % runScript.id

So, besides the basic authentication and argument parsing, there isn’t too much to this script. We have to create the references needed and we do that by importing the references in from pytwist and then using them as constructors like so:

from pytwist.com.opsware.server import ServerRef
from pytwist.com.opsware.script import ServerScriptRef
...
scriptRef = ServerScriptRef(22530102)
serverRef = ServerRef(730102)

In order to run the script, we need to call the startServerScript, which is part of the ServerScriptService interface. But, in order to call it, we need to create one more object, the ServerScriptJobArgs object. We create the object by calling the constructor directly:

scriptArgs = com.opsware.script.ServerScriptJobArgs()

You should note that we could have done the same things with the ServerRef and ScriptRef constructors. Instead of importing them and then calling them, we could have simply done this:

scriptRef = com.opsware.script.ScriptRef(22530102)
serverRef = com.opsware.server.ServerRef(730102)

Generally I’m using alot of server refs, so I like to import to save on typing. Either way, we now have a blank ServerScriptJobArgs object that we need to fill. In our case, we only need to fill out the targets attribute, which is actually a list of any Scriptable Ref. This tells our script which targets it’s going to run on. As mentioned in the comments, a scriptable reference is either a DeviceGroupRef, a ServerRef or a HypervisorRef. Since we have a ServerRef, we just need to contain it in a list and assign it to the targets attribute:

scriptArgs.targets = [serverRef]

Everything is setup now, so I can just call the startServerScript method. The method takes 5 arguments, 3 of which are optional. The 3 optional requires are a ticket id tag, a job notification object and a job schedule object. The ticket id tag is just a string, so it’s easy to create but I’m not going to bother with the other two, so our call looks like this:

runScript = scs.startServerScript(scriptRef, scriptArgs, 'Ticket ID #001'
, None, None)

Remember that the ‘scs’ is just a shortcut to the ServerScriptService. We could have called this method another way:

runScript = scs.startServerScript(scriptRef, scriptArgs, 'Ticket ID #001', None, None)

Again, I prefer the former just to save on typing if I plan on using the service multiple times. The method returns a Run Server Script instance, which we can do other things with, but that’ll have to wait for another article. In the example, I print out the job ID so that I can find and verify the job in the GUI easily.

That’s it for now – in the next article I’ll show how you can use the filter to give the user a way to specify the name of the script they want to run and on which servers.

For our solution, we wrote up the following simple python script to do the job for us.

import sys
import time
import smtplib
from email.MIMEText import MIMEText
from optparse import OptionParser
from getpass import getpass
sys.path.append('/opt/opsware/smopylibs2')
sys.path.append('/opt/opsware/agent_tools/') 

import agenttools_common
from pytwist import *
from pytwist.com.opsware.search import Filter
from pytwist.com.opsware.server import ServerRef

ts = twistserver.TwistServer()
ses = ts.search.SearchService
ss = ts.server.ServerService
DAY = 86400

parser = OptionParser()
parser.add_option("-u","--user",dest="sauser",
                  help="SA login id")
parser.add_option("-p","--pass",dest="sapasswd",
                  help="SA login password")
parser.add_option("-r","--prompt",action="store_true",dest="readstdin",
                  help="Prompt for passwords instead of using arguments")
parser.add_option("-c","--customer",dest="customer",
                  help="Customer name to search for")
parser.add_option("-d","--days",dest="days",
                  help="Expiration limit in days")

(options, args) = parser.parse_args()

if not options.customer:
        print "You must specify a customer to search for."
        sys.exit(1)

if not options.sapasswd and not options.readstdin:
        print "You must specify a password to login to SA."
        sys.exit(1)

if not options.sauser:
        print "You must specify a username to login to SA."
        sys.exit(1)

if options.readstdin:
    options.sapasswd = getpass("Enter Opsware Password: ")

ts.authenticate(options.sauser, options.sapasswd)

filt = Filter()
filt.objectType = 'device'
filt.expression = "(ServerVO.state = UNREACHABLE) & " \
                  "(ServerVO.opswLifecycle != DEACTIVATED)  " \
                  "(device_customer_name = %s)" % options.customer

offline_servers = ses.findObjRefs(filt)
expired_servers = []

if len(offline_servers) == 0:
    print 'There are no unreachable servers'
    sys.exit(0)
else:
    print "Processing %d servers" % len(offline_servers)

now = int(time.time())
for sref in offline_servers:
    shvo = ss.getServerHardwareVO(sref)
    beginDate = shvo.beginDate
    if (now - int(beginDate)) >= (DAY * int(options.days)):
        server_data = [sref.id, sref.name, beginDate]

        # this sorts the list.  if you don't care about
        # sorting, remove this section.

        # sort while create - could have sorted
        # after create, which would probably been
        # faster, but this was an educational exercise

        # if the list is blank, just append
        if len(expired_servers) == 0:
            expired_servers.append(server_data)
            continue

        # place it in the correct spot
        inserted = None
        for i in range(0,len(expired_servers)):
            if beginDate < expired_servers[i][2]:
                expired_servers.insert(i,server_data)
                inserted = 1
                break

        if not inserted:
            expired_servers.append(server_data)
        # end of sorting

        # if you don't sort, then just uncomment this line
        # expired_servers.append(server_data)

if len(offline_servers) == 0:
    print "All unreachable servers have not been offline for more than %s" \
          "days" % options.days
    sys.exit(0)

report = "\r\n\r\nThe following servers have not registered for more than %s " \
         "days.\r\n\r\n" % options.days

for server in expired_servers:
    datestr = "%s/%s/%s %s:%s:%s" % time.gmtime(float(server[2]))[0:6]
    report += "%s : %s has not registered since %s.  \r\n" % \
            (server[0],server[1],datestr)

# If you want output to the screen
print report

# Create a text/plain message
msg = MIMEText(report)

sender = "root@example.com"
rcptto = ["user1@example.com", "user2@example.com"]
msg['Subject'] = "[opsware] Offline Servers for %s" % options.customer
msg['From'] = sender
msg['To'] = ",".join(rcptto)

# Send the message via our own SMTP server, but don't include the
# envelope header.
s = smtplib.SMTP('localhost')
s.sendmail(sender, rcptto, msg.as_string())
s.quit()

A couple of notes are probably in order. First, this was written for our environment, so it may require some massaging to get it to work in your own. The multiple ‘/r/n’ tags are so that it shows up in Outlook correctly and not as a huge, one line mess. By default, the script will sort by date. There are some comments in there if you’d like to remove that functionality.

We wanted to be able to run this from any agent, rather than from the cores, so that our internal groups that use SA could run this if they chose to. It only requires that the agent tools and the Python 2 API for Server Modules packages be installed.

To run, use something like the following:

/opt/opsware/smopython2/python ./offline.py -u username -p password -d 30 -c customername

Make sure to change the bottom of the script to have the email addresses you’d like to use and then just cron the script.

Comments welcome.

( Thanks to Trey Ratcliffe for the use of the photo used on the header of this post. )

Yeah, I thought so.

So I figured I’d write an article on one of the great things I love about Opsware – Custom Attributes! Combined with Dynamic Groups, these puppies provide the ability to create scripts that I don’t have to duplicate for different hosts.

First, however, I should explain what Dynamic Groups are. Dynamic Groups allow the user to group systems based on certain criteria. For instance, you want all the systems in a certain network to be grouped together. Whenever you add a system from that network into Opsware, it automatically becomes a member of that group. Neat by itself but nothing extraordinary.

However, you can assign Custom Attributes ( further known as CAs ) to the Dynamic Group. So for my new dynamic group that I created ( for example, a group that pulls in all hosts in the 192.168.0.0/24 network ), I can assign some CAs to the group and the CAs get assigned to each host within the group.

You may ask yourself, ‘Why is this useful?’. It’s not yet. There’s one more piece that’s missing from the puzzle. The piece that is missing is a software package that Opsware comes with – Agent Tools. When you install the Agent Tools, it comes with a set of python Opsware APIs and small scripts that use the API to make calls back to the master Opsware system and get information – including those CAs!

Armed with these 3 pieces, it becomes easy to create a script that uses the CAs that are dynamically assigned to your host to do all sorts of things. For example, let’s say you want to create a script that checks your /etc/resolv.conf on any system in that 192.168.0.0/24 network. First, we’ll create the dynamic group and assign it the correct device membership.

Next, edit the group and add a CA named something like ‘DNS_SERVERS‘. For the value, put in a DNS server on separate lines and then save your group. Make sure you’ve got the agent tools package installed and we can run a simple test.

[root@frenzy1a.star.dev:~]# /opt/opsware/agent_tools/get_cust_attr.sh DNS_SERVERS
192.168.0.20
192.168.0.21

With that information, we can create a pretty simple shell or python script ( pick your poison ) to make sure that our /etc/resolv.conf has those servers defined. For kicks, here’s an example script that checks to make sure the IPs in the DNS_SERVERS CA are set in /etc/resolv.conf. You could easily modify this so that it actually inserts the values.

#!/opt/opsware/agent/bin/python

import sys
sys.path.append('/opt/opsware/agent_tools/')
import agenttools_common
import re
from string import split
from pytwist.com.opsware.custattr import NoSuchFieldException

def searchFile(file,pattern):
    found = 0
    search = re.compile(pattern)
    try:
        f = open(file, "r")
    except IOError:
        sys.stderr.write("Could not open file %s.n" % (file))
        sys.exit(3)

    for line in f.readlines():
        if search.match(line):
            found = 1
        break

    return found

def main(args):
    ts = agenttools_common.ts
    servers = {}
    result = 0
    hostref = agenttools_common.getServerRef()

    try:
        custattr = ts.server.ServerService.getCustAttr(hostref,
        "DNS_SERVERS", 1)
    except NoSuchFieldException:
        sys.stderr.write("Could not find custom attribute DNS_SERVERS.n")
        sys.exit(3)

    servers = split(custattr)
    for s in servers:
        found = searchFile("/etc/resolv.conf","^nameservers+" + s)
        if not found:
            sys.stderr.write("The server %s was not configured in"
            " /etc/resolv.conf" % (s))
        result = 1

    return result

if __name__ == '__main__':
    sys.exit(main(sys.argv[1:]))

Now if I have another network, say, 192.168.120.0/24, I can do the same thing. Make the group, assign the membership, create the DNS_SERVERS CA and assign the script and presto – it’s done! No duplication of work involved here and I can control the contents of the file from the Opsware console.

One last thing about CAs – they do support overrides. For instance, I can override the CA by creating the same named CA on the host itself. This will override the CA at the group level. One thing you need to be careful, however, is that you don’t assign a host into two groups that define the same CA – there’s no priority between the groups and they don’t combine the contents of the CA to make one CA, so you’ll get random results.

Error 51: Unable to communicate with the VPN subsystem

Thankfully, the solution is rather simple. Open up your favorite terminal client and simply type:

sudo /System/Library/StartupItems/CiscoVPN/CiscoVPN restart

Enter your password and it’ll restart the subsystem. Then just re-open the Cisco VPN client and you’re golden.

I try to prevent myself from posting any spoilers, although it makes it hard to really explain the areas I didn’t like about the book. It kept up the pace rather well and there was always action to be had; unfortunately this is also a flaw as well as about the last third of the book seems rather rushed and sloppy. Also, I’m not sure if the speech patterns are supposed to be so laden with incorrect grammar or whether she just had a bad editor but there were dozens of tiny errors that grated on me while reading.

I’m starting to lose my interest in these books as Temeraire never seems to be maturing from his child-like state. Then again, many of the dragons seem to exhibit child behaviors so I shouldn’t be too surprised at that. I just wish in some sections he wasn’t such a brat and at least displayed a bit of maturity.

All in all, it’s not a bad novel but I’m definitely glad that I waited until it was out in paperback before picking it up. The hardcover would have been a waste of cash.

ruby: symbol lookup error: /usr/lib64/ruby/gems/1.8/gems/rdiscount-1.3.1.1/lib/rdiscount.so: undefined symbol: RSTRING_LEN

The solution ended up being the following – In the file /usr/lib64/ruby/1.8/x86_64-linux/ruby.h ( note I’m running on 64bit, on 32bit it’d be /usr/lib/ruby/1.8/i386-linux/ ), add these lines somewhere near the top:

#define RSTRING_LEN(s) (RSTRING(s)->len)
#define RSTRING_PTR(s) (RSTRING(s)->ptr)

After that, uninstall and reinstall rdiscount

gem uninstall rdiscount
gem install rdiscount -v 1.3.1.1

And you should be good to go.

This leads me into my topic; how does one measure productivity?

For some this may simply be defined as staying busy. Of course, then you’d have to define busy because I believe most people would be in agreement that watching television is not what one could call ‘busy’ or productive. Then again, you could just define busy as not being bored but that still doesn’t grasp the concept. Another train of thought would suggest that productivity is measured by the result of what you produce through your efforts. But then how does one actually measure certain insubstantial things such as keeping relationships running smoothly? Because that is most certainly what I would call being productive. Hard to measure tho, no?

Still others may argue that productivity is simply measured by a feeling of self – after all, being productive is certainly a feeling that one may experience and this would be the argument I would have to be the most inclined to agree with. Sort of a ‘Beauty is in the eye of beholder’ mantra.

Why then, after a full day of work, an hour of studying guitar, reading my fiction, playing a video game, spending time with my girlfriend and taking care of my dogs do I still feel unproductive?

Is it because I did not produce anything from my efforts? Because I hold myself to higher standards? Because I feel, when I browse the internet and see the works that others have produced, I feel insignificant in the grand scheme?

Again, it’s the last statement that I feel is the most important to me. I usually pop open my laptop while I’m watching TV or a movie and take the time to browse, catch up with my social networking, blog here, studying some design and brainstorm for new ideas. It’s while I’m browsing the web that I start to feel less unproductive, page by page, as I view the works of artists, designers, programmers, writers and the like. It’s when I’m seeing the fruit of their labor that I feel that I have not taken full advantage of the six or so hours I have when I get home to better myself and to produce my own world on the internet for others to share and contribute to.

That is the scariest part of this whole monologue – the fear of not being able to balance my life ( dogs, work, girlfriend, friends ) versus the feeling of productiveness. It gives a glossy coat of evil and seduction to the idea of being more productive, as if it were something that I shouldn’t be doing, that is wrong if I spend my time working towards as it takes me away from the more narcissistic goal of improving me. I think it’s something I’m going to have to struggle with for a very long time.

So I ask – how do you measure your productiveness by? What measures and balances do use to make sure that your goals, albeit selfish in nature, balance with those goals that concern the lives that you are intermingled with?

Generally, you’ll find messages like “Could not connect to Twitter, check your firewall” or “Verification Failed”.

You check your browser, it works fine.  You change your password and retry – nope, still not working.

Well, here’s the answer, found in a random comment on some random blog -

sudo apt-get install lib32nss-mdns

That’s it! Install that one library and you’ll be all set. AIR is still funky on 64bit but at least you don’t have to run Twitux now.