If you are venturing in the seas of automation and DevOps practices, Stackstorm is a tool you definitely should try, it is Open Source and provides integrations for many known tools like Terraform, Ansible, Chef, and many others, speaking in terms of Infra as Code and configuration management.
Stackstorm lets you automate the process by listening to events (Sensors) or even commands from some Chat Bot on its core its basically like IFTTT (IF This Then That).
https://stackstorm.com |
I said basically but the things you can do with this kind of tool are in the scope of your imagination.
So what you can do with StackStorm?....
Pretty much everything, using the right plugin you can deploy Ansible playbooks, get logs from Splunk, read Twits, trigger pipelines, send alerts, and if that is not enough you can build your custom actions using python.
But before you can do all of that you need to run it somewhere, in this tutorial ill teach you how to deploy Stackstorm on an Azure Virtual Machine.
1. Sign in or Create an account on Azure Cloud Portal
To get started you need to Sign in to your Microsoft Azure Account or create a new one. Azure will give you $200 credits if you haven't created an account before, so you can start using it for whatever you want eg, this tutorial.
2. Create a Virtual Machine
In the Azure Portal go to Virtual Machines and click on Add > New Virtual Machine.
If you look at the System Requirements for Stackstorm you will see this table.
For the purpose of this tutorial and also saving some cost, we are going to create a VM with the resources specified for Testing.
On the Basics tabs we are going to fill the following fields
Subscription -> Your Subscription
Resource Group -> Create a new one “rg-eus2-demos"
Virtual Machine Name -> “vm-eus2-stackstorm"
Region -> East US 2 (you can choose the region closer to you)
Image -> Ubuntu Server 18.04 LTS
Size -> Standard_B2s (2 vcpus, 4Gib Ram) its hourly cost if $0.04/hour.
For authentication, you can choose SSH or Password but I recommend you to work with SSH public key for security reasons.
Username -> stackstormuser
Key pair name -> ssh-key-eus2-stackstorm
We need to allow communication on ports 22(SSH), 443(HTTPS) and 80 (HTTP)
Go to Disks and select the standard HDD.
On Network, you can leave parameters by default, but, because I like to use some standard conventions on the resources I have changed some of the names.
It is useful to set some tags to your resources, that way you can identify them easily on your billing report or on Azure monitor.
Click “Review + Create", If all the data supplied is correct you should see “Validation passed”
Click “Create”.
If
you chose SSH as your authentication method you will see a prompt
window for download the ssh key, click on “Download private key and
create resource".
After a minute or two, you should end up with something like this on your resource group.
Now let's connect to the VM.
Linux:
Copy your private key to ~/.ssh folder, then assign read-only permission to it, and then connect to the VM using the ssh command, the public IP of your VM, and username.
cd ~/.ssh
chmod 400 ssh-key-eus2-stackstorm.pem
ssh -i ~/.ssh/ssh-key-eus2-stackstorm.pem stackstormuser@you-vm-ip
Windows:
Download putty https://www.putty.org/
Select SSH and on Host name type stackstormuser@your-vm-ip, leave the default port.
Next go to SSH>Auth and browse for your primary key
Clic Open and Then yes to add the fingerprint to the registry.
As you can see on the console you are now connected to the VM instance
3. Install StackStorm
Instaling Stackstorm is pretty straightforward, on the console, you just open using SSH run the following commands.
sudo apt-get install -y curl
import mongodb public key
wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
Create the /etc/apt/sources.list.d/mongodb-org-4.4.list file for Ubuntu 18.04 (Bionic):
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
update the package list and install the stackstorm dependencies.
sudo apt-get install -y crudini
sudo apt-get install -y mongodb-org
sudo apt-get install -y rabbitmq-server
next you must enable mongod service and start it.
sudo systemctl enable mongod
sudo systemctl start mongod
If you run sudo systemctl status mongod you should see something like this, look at the active (runnning).
Use the following script provided by Stackstorm to identify the package that suits you.
curl -s https://packagecloud.io/install/repositories/StackStorm/stable/script.deb.sh | sudo bash
Finally run the following commando to install stackstorm
sudo apt-get install -y st2
4. Configure SSH and SUDO for StackStorm
Stanley
is the default and special system user that stackstorm uses to run
commands, we need to give him some special permissions so he can run
commands local and remote on behalf of StackStorm.
create a folder to store his authentication key.
Authorize the key-based access.
passwordless sudo for stanley.
Make sure `Defaults requiretty` is disabled in `/etc/sudoers`
sudo sed -i -r "s/^Defaults\s+\+?requiretty/# Defaults +requiretty/g" /etc/sudoers
Configure ssh access
cat /etc/st2/st2.conf
Verify that system user stanley is added
[system_user]
user = stanley
ssh_key_file = /home/stanley/.ssh/stanley_rsa
start the service and verify
sudo st2ctl start
sudo st2ctl reload
st2 --version
5. Configure Authentication
To set up a password for st2admin we need will follow the file based authentication provided by Stackstorm by default.
echo 'Ch@ngeMe' | sudo htpasswd -i /etc/st2/htpasswd st2admin
Enable the authentication by setting auth > enables=True on /etc/st2/st2.conf
sudo nano /etc/st2/st2.conf
[auth]
# ...
enable = True
# …
Restart the st2api service and then check if the authentication works using the password you have set.
sudo st2ctl restart-component st2api
st2 login st2admin
st2 action list
6. Install the WebUI
The Web Ui si served using NGINX but it is not enabled by default so in order to use it follow this steps.
sudo apt-get install -y st2web nginx
remove the default nginx site
sudo rm /stc/nginx/sites-enabled/default
Generate a ssl certificate for https connection, if you already have one you must store it under /etc/ssl/st2 and configure the site on st2.conf file, for this tutorial we are going to generate a self signed cert.
sudo mkdir -p /etc/ssl/st2
sudo
openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/st2/st2.key -out
/etc/ssl/st2/st2.crt -days 365 -nodes -subj "/C=US/ST=California/L=Palo
Alto/O=StackStorm/OU=Information Technology/CN=exampledomain.net"
sudo service nginx restart
Access to https://${YOUR_VM_IP} and login with st2admin and the password you have created on step 3.
Optional
you can create a free domain name using No-Ip service (note that the IP we have created for the virtual machine is public but a dynamic one).
To make it simple and free go to No-Ip and create an account.
Next, create a hostname and put the IP of your virtual machine.
install DCU client
cd /usr/local/src/
Sudo wget http://www.noip.com/client/linux/noip-duc-linux.tar.gz
sudo tar xf noip-duc-linux.tar.gz cd noip-2.1.9-1/
sudo make install
you must provide your email and password of your account in No-Ip
Next create you certificate
sudo openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/st2/st2.key -out /etc/ssl/st2/st2.crt -days 365 -nodes -subj "/C=US/ST=California/L=Palo Alto/O=StackStorm/OU=Information Technology/CN=stackstorm-test.ddns.net"
ProTip:
Configure Auto-shutdown so you can save some money!
OK you are all set, now you are ready to follow the next steps, create actions, workflows and interact with a ChatBot.
0 comments :
Post a Comment