Potato Bites

Posted on November 24, 2025 by Freejack

Ingredients:

  • 4-6 potatoes
  • Cajun butter (melted butter + Cajun seasoning)
  • Grated Parmesan
  • Chopped parsley

Instructions:

  • Preheat oven to 400°F
  • Slice potatoes long-ways into half-inch slices
  • Use metal skewers to cut about 1/4 inch apart
  • Turn potato 90° and cut the same (crosshatch)
  • Cut that into quarters and square off
  • Drop in ice water to draw off the starch. This can take a while (hours to overnight).
  • Slather in butter and roast for about 30 mins

While they roast, make the ranch. For the last few minutes, set oven to broil until the potatoes have a nice char. Garnish with parsley and Parmesan!

Chipotle Ranch:

  • ½ cup sour cream
  • ¼ cup mayonnaise
  • 1 diced chipotle pepper from a can of chipotles in adobo sauce
  • 1/2 tsp garlic powder
  • 1/2 tsp onion powder
  • 1 tsp fresh dill
  • 1/4 tsp sea salt

Posted in Cooking | Tagged , , , | Leave a comment

Best Pancakes

Posted on November 23, 2025 by Freejack

Preparation is simple enough. Use a griddle if possible as you get more pancakes cooked at once. Get maple syrup, which ever strikes your fancy; real or flavored sugar. Serves 4-6.

In a bowl, whisk the following ingredients:

  • 360g/3 cups of All purpose flour
  • 50g/1/4 cup of sugar
  • 10g/2 teaspoons of salt
  • 11g/2 teaspoons of baking powder
  • 5-6g/1 teaspoon of baking soda

In a bowl, mix the following ingredients:

  • 460ml/2 cups of milk
  • 55ml//1/4 cup of vegetable oil
  • 10g/2 teaspoons of vanilla
  • 55ml/1/4 cup of apple cider vinegar
  • 3 eggs

Once mixed, pour the liquid into the dry and using a spatula, fold the ingredients. Don’t finely stir it, there should be some small lumps when done. Around 20 times with the spatula.

Put a large pat of butter on the griddle. Using a scoop such as an ice cream scoop or soup spoon, carefully, and without stirring the mixture, scoop up an egg sized amount of batter and place it on the griddle.

As always, while it cooks, watch it for bubbles. As bubbles appear on the surface of the pancake, watch for a few popping. At about that point, using a plastic spatula, flip the pancakes. To test, softly push on the surface. As it’s cooked, it should be soft and fluffy and should bounce back from the push.

Posted in Cooking | Tagged , , , , | Leave a comment

Setting Up Proxmox

Posted on November 7, 2025 by Freejack

Background

Since my VMware experience has ended, and I do want to get more experience with other tools, I’ve copied my important files off of the VMware servers to my KVM host (the R710). Once I verified I had everything, I’ve installed Proxmox on the three R720XDs.

I’ve done this in the past on my KVM system and couldn’t easily figure out how to get things set up. A couple of jobs back, I was finally able to do some automation and converted the system to KVM only (libvirt and qemu) and used the terraform provider for libvirt to actually build systems. Worked just peachy.

But I have access to a set up environment now at work so I have some data I can lean on. It works there. I can and have created VMs. So I can lean into it a little, do some searching, and come up with the proper way to set it up. As it’s a Home Lab, I can make mistakes. I do want to see if I can use terraform with Proxmox. I saw a couple of notes saying it wasn’t a great provider so we’ll see.

Proxmox Setup

I downloaded proxmox-ve_9.0-1.iso, used Rufus to format one of the 16G mini thumb drives, and booted each of the three servers to the drive (select F11 to go into the Boot Menu, then select the Cruzer USB drive).

The process was pretty simple. Select country and timezone, set up root’s password and email, then configure the hostname, ip, and gateway. It installs a configured Debian 13 (trixie) system. I will note that at the start, sudo isn’t installed. Not sure what else is missing 🙂

The two things I need to better understand with Proxmox is networking and storage.


Posted in Virtualization | Tagged | Leave a comment

Cygwin, KVM, and X Window

Posted on November 3, 2025 by Freejack

With the conversion of systems from VMware over to KVM, and of course just managing the KVM servers, I need to document the process for accessing the servers and viewing consoles.

I’ve been using cygwin for many years. I’ve even used the X Window system to access X applications on servers. For the purpose of accessing KVM VMs, we’ll bring up a terminal and start X:

startx

This brings up a full screen window. Generally not bad but I have a 43″ monitor so it’s pretty large. Resize it down to a more manageable size and in the term window, ssh over to the KVM server. Mine is my Nikodemus system at 192.168.5.10. Pass the -Y option to tell ssh this is to be used as a tunnel with the X Window system.

ssh -Y 192.168.5.10

To make sure it worked, verify your DISPLAY environment variable. It should show something like this:

printenv | grep -i display
DISPLAY=localhost:10.0

Since it’s a tunnel, it’ll show localhost.

Now you can start the virt-manager for viewing all the VMs, regardless of status, or virt-viewer which shows only the running VMs. Note that resizing is done by clicking on the double box in the upper right corner of the window.

Posted in KVM | Tagged , , , , , | Leave a comment

VMware to KVM

Posted on November 2, 2025 by Freejack

I’ve been a member of VMUG and user of VMware on my Dell R710 and then Dell R720XDs for almost 10 years now. It’s been interesting and valuable in helping me understand VMware.

A couple of jobs back, I was reintroduced to KVM. I’d tried it before getting into VMware and couldn’t get the hang of it but with it being my job, and my new skills with virtual machines, I had a better grasp and was even able to build terraform scripts to build sites. Cool stuff.

With Broadcom restricting access to VMUG members, and my license having expired, plus moving, had left my existing VMs out in the cold. While I have terraform scripts and documentation (and backups) for most of my systems, I do need to get some data off of some where I either failed to retrieve the data or backed up the operations but not my home directories or just verify the backups I have are complete enough.

Some of the files aren’t a big deal. Jenkins and Gitlab, I’d just reinstall and reimport or rebuild the processes. I’m not in a production or developer environment where I need to bring in all the changes over the past 10 years. Just recreate the setup, git push the files, and move forward. Heck, I’ll even have clean installations. When I first installed Jenkins, I installed everything that was suggested. With experience now, I’ll just install what I need.

The first step is to pull them off the VMware systems. I can bring them up, I just can’t start any VMs. I enabled SSH access to the systems and on my R710 KVM box, simply scp’d the ones I wanted to review over to a /opt/vms directory. I reviewed the system specs in order to properly start them and off we go.

The first step is to convert the images to the qcow2 format. Install the qemu-img package and run the following command:

qemu-img convert -f vmdk -O qcow2 /opt/vms/monkey/bldr0cuomaws1/bldr0cuomaws1.vmdk bldr0cuomaws1.qcow2

Next up is to install it into Qemu. This makes it visible to KVM in order to run the system. I used the settings I retrieved in order to properly configure the domain.

virt-install --name bldr0cuomaws1 --ram 4096 --vcpus 2 --disk bldr0cuomaws1.qcow2,format=qcow2 --import

Here’s the tricky part. For most of the systems, I just wanted to retrieve the data. Once the domain has been configured, you can try to start the new server but I wasn’t having much success. I did find I could actually just use a command called guestmount and simply mount the image to /mnt and copy the data from the system.

guestmount -d bldr0cuomaws1 --ro -i /mnt

Once done, I changed over to /mnt and simply copied the data from my home directory to a central location. After that, I didn’t really need this image any more so I deactivated it and removed it.

virsh pool-destroy bldr0cuomaws_pool
virsh pool-delete bldr0cuomaws_pool

Next up, I need to see how this will work with multiple disks.

Oh, one thing. You can make sure the image was copied and converted properly before you delete the VM from VMware.

# qemu-img info bldr0cuomrepo1.qcow2
image: bldr0cuomrepo1.qcow2
file format: qcow2
virtual size: 100 GiB (107374182400 bytes)
disk size: 16.8 GiB
cluster_size: 65536
Format specific information:
    compat: 1.1
    lazy refcounts: false
    refcount bits: 16
    corrupt: false

For a multi-disk image setup, we’ll need to convert the disks and then attach them to the primary image. They are all LVM though so you can’t really mount the entire system using guestmount. You’d only mount individual mount points.

For LVM systems, when you add the disk, you’ll need to add them as the appropriate sd. They’re added sequentially so a drive with 4 extra drives, you’d add sdb, sdc, sdd, and sde.

Once that’s done, you’ll need to look at the mount points and then mount them individually as guestmount won’t actually mount everything.

We’ll walk this through from conversion to mounting.

First off, here’s the original directory and files for this server. It basically held a bunch of linux images used when kickstarting servers. Kind of an automatic build process from the past. Do I need everything? Probably not. In this case, I’m just seeing what’s there, maybe in the home directory, and copying it off:

# ls -al
total 1656836168
drwxr-xr-x 2 root root         4096 Oct 30 23:02 .
drwxr-xr-x 6 root root         4096 Oct 31 23:30 ..
-rw-r--r-- 1 root root         1298 Oct 30 16:49 lnmt1cuomjs1-52466e53.hlog
-rw------- 1 root root  85899345920 Oct 30 17:08 lnmt1cuomjs1-flat.vmdk
-rw------- 1 root root         8684 Oct 30 23:02 lnmt1cuomjs1.nvram
-rw------- 1 root root          508 Oct 30 17:08 lnmt1cuomjs1.vmdk
-rw-r--r-- 1 root root            0 Oct 30 23:02 lnmt1cuomjs1.vmsd
-rwxr-xr-x 1 root root         4084 Oct 30 23:02 lnmt1cuomjs1.vmx
-rw------- 1 root root 536870912000 Oct 30 19:06 lnmt1cuomjs1_1-flat.vmdk
-rw------- 1 root root          511 Oct 30 19:06 lnmt1cuomjs1_1.vmdk
-rw------- 1 root root 536870912000 Oct 30 21:04 lnmt1cuomjs1_2-flat.vmdk
-rw------- 1 root root          511 Oct 30 21:04 lnmt1cuomjs1_2.vmdk
-rw------- 1 root root 536870912000 Oct 30 23:02 lnmt1cuomjs1_3-flat.vmdk
-rw------- 1 root root          457 Oct 30 23:02 lnmt1cuomjs1_3.vmdk
-rw------- 1 root root       186501 Oct 30 23:02 vmware-89.log
-rw------- 1 root root       413874 Oct 30 23:02 vmware-90.log
-rw-r--r-- 1 root root       309911 Oct 30 23:02 vmware-91.log
-rw-r--r-- 1 root root       226039 Oct 30 23:02 vmware-92.log
-rw-r--r-- 1 root root       281301 Oct 30 23:02 vmware-93.log
-rw-r--r-- 1 root root       334962 Oct 30 23:02 vmware-94.log
-rw-r--r-- 1 root root       191944 Oct 30 23:02 vmware.log
-rw------- 1 root root     85983232 Oct 30 23:02 vmx-lnmt1cuomjs1-24cae1aa722f12da9b70e188df14347036fca212-2.vswp

The files we’re interested in are just the vmdk files. These have a description of each disk, like so:

# cat lnmt1cuomjs1.vmdk
# Disk DescriptorFile
version=1
encoding="UTF-8"
CID=bbd23a17
parentCID=ffffffff
createType="vmfs"

# Extent description
RW 167772160 VMFS "lnmt1cuomjs1-flat.vmdk"

# The Disk Data Base
#DDB

ddb.adapterType = "lsilogic"
ddb.geometry.cylinders = "10443"
ddb.geometry.heads = "255"
ddb.geometry.sectors = "63"
ddb.longContentID = "876a84261b8e8ba71481a111bbd23a17"
ddb.toolsInstallType = "4"
ddb.toolsVersion = "11269"
ddb.uuid = "60 00 C2 9c 1b 27 9b c2-8a a4 da a6 3e ae eb 89"
ddb.virtualHWVersion = "11"

Honestly, to me, these don’t mean a whole lot. Once I have a list of the vmdk files (initial, 1, 2, and 3), I can convert them. First I created a directory for the files in /opt/libvirt_images which is where I have all the pool files. Then ran the qemu-img commands to convert all the disk images.

qemu-img convert -f vmdk -O qcow2 /opt/vms/morgan/lnmt1cuomjs1/lnmt1cuomjs1.vmdk lnmt1cuomjs1.qcow2
qemu-img convert -f vmdk -O qcow2 /opt/vms/morgan/lnmt1cuomjs1/lnmt1cuomjs1_1.vmdk lnmt1cuomjs1_disk1.qcow2
 qemu-img convert -f vmdk -O qcow2 /opt/vms/morgan/lnmt1cuomjs1/lnmt1cuomjs1_2.vmdk lnmt1cuomjs1_disk2.qcow2
 qemu-img convert -f vmdk -O qcow2 /opt/vms/morgan/lnmt1cuomjs1/lnmt1cuomjs1_3.vmdk lnmt1cuomjs1_disk3.qcow2

Once everything is converted, you’ll need to install the main qcow2 file, then add the VMs.

You’ll have to get the domain created before you can attach the disks. To do that, you use virt-install.

virt-install --name lnmt1cuomjs1 --ram 4096 --vcpus 2 --disk lnmt1cuomjs1.qcow2,format=qcow2 --import

You can run a virsh list to see the domain once it’s created. Now attach the three disks to the domain.

virsh attach-disk lnmt1cuomjs1 /opt/libvirt_images/lnmt1cuomjs1_pool/lnmt1cuomjs1_disk1.qcow2 sdb --type disk --config
virsh attach-disk lnmt1cuomjs1 /opt/libvirt_images/lnmt1cuomjs1_pool/lnmt1cuomjs1_disk2.qcow2 sdc --type disk --config
virsh attach-disk lnmt1cuomjs1 /opt/libvirt_images/lnmt1cuomjs1_pool/lnmt1cuomjs1_disk3.qcow2 sdd --type disk --config

Run the qemu-img info command to verify the integrity of the new VM.

virt-filesystems -a /opt/libvirt_images/lnmt1cuomjs1_pool/lnmt1cuomjs1.qcow2
/dev/sda1
/dev/vg00/home
/dev/vg00/opt
/dev/vg00/root
/dev/vg00/tmp
/dev/vg00/usr
/dev/vg00/var

Update: This was interesting. After attaching the disks via the command line, I’d start a system and it’d fail, sitting at the maintenance prompt. I started virt-manager after starting the X Window system and a few of the systems I’d transferred, still weren’t done so I added the converted drive in the GUI vs using the virsh attach-disk command and low and behold, the system came up. I started going through the systems one at a time. The single drive systems, I was able to start without problem other than the Solaris one (I’ll just rebuild that one). Then I used virsh edit domain and removed the CLI added disk. Then in the GUI, added the disk back in. I was finding some of the SCSI drives were still failing so I changed them to IDE and the system came up. So no all the transferred systems have come up with no problem and I can either transfer them into the Proxmox cluster or for some, just copy the data over to a fresh installation. I do want to make all the systems current as most are running CentOS 7. Plus I want to use different Linux distros for different network zones.

Posted in Qemu, Virtualization | Leave a comment

Prostate Cancer

Posted on November 2, 2025 by Freejack

Alrighty Friends and Neighbors. I’m going to detail my journey here from start to current. I’m a big information sharing junkie. Stay tuned for the finish as even I don’t know what that will be.

First off of course, FUCK CANCER!!!

There, with that out of the way, let’s dive right in 🙂

Primary Care Physician

Over the past three years, since I started Medicare Advantage with United Healthcare, I’ve actually had a regular Primary Care Physician. This is unusual as with healthcare provided through business health plans, doctors would change, sometimes often. At times I’ve even not gone until the doctor I trust is back on the plan. Anyway, now I’ve gone in for yearly checkups and been admonished about my bloodwork and general health. Overall I’m better than most but I could be better.

This year, I asked to see a dermatologist as I’d last gone years back and lost a small bit of skin off my shoulder. I wanted to get a checkup, which turned out to be just fine.

My doctor also recommended I see a Urologist as my PSA over the past 3 years was 5.9, 5.9, 6.0 where the range is 1 to 4. So high of course, but consistent.

Urologist Exams

I made the appointment and went to see the doctor, here in Longmont. We had a discussion about overall health, he did a digital exam; which is about what you’d expect (if you’re a guy anyway 🙂 ). We all have to do it, it’s for our benefit. But of course it’s not comfortable. My prostate appeared, at least from touch, to be in good shape. No nodules or abnormalities. He also said I had to donate to a urine test and return for the results.

When following up, the doctor said he wanted to do a more in-depth prostate exam. Mainly a slight massage of the prostate to have fluids appear in my urine and do a second urine test.

The results of that were serious enough that the doctor wanted me to get an MRI of the region around my prostate. A more targeted view. I headed over to Boulder Community Health and got the MRI. When I went in for a followup, I was told a lesion was found. This is a shadow on the MRI that isn’t there for the rest of the prostate, and there was a good chance (like 95%) that I had cancer in my prostate. Next up though, a biopsy taken of the prostate to be 100% sure.

Biopsy Doctor

This is a different doctor over in Superior. The procedure is I get a couple of antibiotics; one taken 2 hours before the procedure, then one 24 hours after, and a third 48 hours after.

See, the doctor is going through the rectum to get the samples for the biopsy. Joy! He was an older gentleman and we had a discussion about the procedure. He also said that generally he sees men where the PSA is increasing quite a bit so the fact that mine is fairly steady, is a good sign.

The day of the biopsy, the doctor had me lay on my left side, knees up, and injected several shots in the area to reduce the pain levels. Then inserted a cucumber sized laser to make sure he was getting samples from the right place, which was followed up with the tool that retrieves the samples. He retrieve 17 samples from various places in the prostate. This gave him samples of the cancer but also samples to compare healthy tissue with the cancerous tissue. Sound-wise, the “grab” was a bit of a loud pop. The actual extraction was kind of an internal itch feeling with one of them being a bit of an ouchie.

Urologist Discussion

Back to the Urologist. We had a discussion about the results of the biopsy. The range is generally 6 to 10 where 6 is the lowest severity. But there were two questions in the results where the two of us concluded it was more of a 6.5, but officially a 6.

The doctor wanted my permission to do a gene test against the samples. Basically they would look for cancer markers in the samples and compare them against men going through the same situation. He’d provide the information to the Oncologist, who was the next person I was to see.

Oncologist

This is the moment of truth. Yes, I have prostate cancer. Now then, what’s the level and what’s the path forward.

We had a good discussion as to what the results meant. Stage 1 Prostate Cancer. Stage 1 is very low as to the level of risk. Slow growing. But with the gene comparison test, I was .7 on a scale of .5 to .9 so middle of the road.

The doctor was very patient with Jeanne and me, with our questions and how to make an informed decision on what to do.

There are four options.

  1. Do nothing. The current situation is early and low risk, so I could wait and deal with it later. If there were other health issues, this might be optimum as that might claim me before Prostate Cancer. Also the problem is it may get worse and have to be dealt with with more urgency and a lower chance of survival.
  2. Hormones. The doctor said this was probably a bad idea. Hormones didn’t seem to make a difference and since the idea is to reduce the testosterone level as cancer is fed by testosterone, it would fog the brain, make you sleepy, and depressed.
  3. Radiation. The procedure is relatively short, 28 sessions over 5 weeks and had good results.
  4. Removal of the Prostate. This would be the most invasive and could result is urinary tract issues and if a nerve is nicked, loss of the ability to get an erection.

The option that seemed to be best would be radiation treatment.

After the initial discussion, the doctor took me to an exam room and checked my lymph nodes to see if they were involved. No pain in any of them so no issue there. He then did a digital exam of the prostate and again, no nodules or abnormalities. Ready now for the preparation.

Radiation Preparation

There are three preparation tasks that need to be done before starting radiation treatment.

Stabilizing Platform

I need to head down to Greenwood Village to get fitted for a platform that keeps me secure when getting treatment. This is basically a mold around my ass and thighs which will keep me in place during the procedure. There will be three tiny tattoos on the belt line. One front and center and two on the hips at the rear.

Registration Markers

Next is a visit for the markers for the radiation gun. This is an insertion of three gold chips, about the size of a grain of rice, into the prostate. These will be used by the radiation gun to ensure a precise location where radiation will be focused. In addition, a small, 2″x2″ or so gel pad will be injected between the prostate and the wall of the large intestine.

Physicist Planning

The information will then be submitted to a Physicist to create a program for the radiation gun so it will precisely target the cancerous cells and destroy them.

Radiation Treatment

This is the final result of all this. I’ll go to the Oncologist’s office every workday for 5 weeks. It’s about 10 minutes to prepare, 15 minutes under the gun, and probably 5 minutes to prepare to head out. As it’ll be in the January time frame, we may have issues with snow. The doc said no problem, we can skip days without issue and will just add them to the end.

The gun itself is a high radiation gun. It’s fairly far away from me so I can’t get in the way. The table itself moves in order for the registration markings to line up so the gun can target the areas exactly. The gun rotates 360 degrees around my hip area. This reduces the amount of radiation around the body. It’s still strong but the cancerous tissue will feel the full effect.

Side Effects

Per the Oncologist, side effects are minimal. An increase in the frequency of urination including a couple more times each night. This can last for a few months.

Final For Now

That’s it for now. The assistant will provide times I’m to do the prep work. I’ll head in either before work or at night on the way home. And crossing fingers, it’ll be clear. This will likely begin in January of 2026 so stay tuned.

Posted in Health | Tagged , , , , | Leave a comment

AWX And Requirements

Posted on October 3, 2024 by Freejack

Overview

This article provides information and instructions in the use of the requirements.y[a]ml and requirements.txt file when running playbooks from AWX or Ansible Automation Platform (AAP).

Galaxy Collections and Roles

When running ansible on the command line interface (CLI), you may need to install a Galaxy Collection or Role for a task that the default ansible collections and roles don’t provide. It’s a positive feature of Ansible that it’s extendable.

You can view which collections and roles are installed by using the ansible-galaxy commands. For more information, pass the -h flag.

ansible-galaxy collection list
ansible-galaxy role list

Use the -p flag to indicate the installation is in a non-standard location. For example, in the automation container in AWX, ansible collections are located in the /runner/requirements_collections directory and not in the .ansible directory.

You’ll run the ansible-galaxy command to install the needed collection. For example, for vmware, you’d run the following command.

ansible-galaxy collection install vmware.vmware

For a role, you’d run the following command.

ansible-galaxy role install geerlingguy.docker

If you need to make sure another maintainer of your playbooks has the proper collections and roles installed before running the playbooks, you can list them in a README.md file and have them manually install them, or simply create a requirements.yaml (or .yml; both work) file.

For the CLI, there are three places where the requirements.yaml file can be located.

[project]/requirements.yaml
[project]/collections/requirements.yaml
[project]/roles/requirements.yaml

When I ran the playbook using a galaxy collection and the requirements.yaml file was in the roles directory, it failed to locate the collection.

The requirements.yaml file has several available parameters. See the documentation for all the details. This is a basic requirements.yaml file.

---
collections:
  - vmware.vmware
roles:
  - geerlingguy.docker

Python Libraries

In some cases, you’ll also have python library dependencies. These can be imported using the ansible pip module. Put the requirements.txt file into your repository. Since the pip module calls out the path, it can be anywhere however putting it where the requirements.yaml file is located, makes it easier to find and manage.

The file itself is just a list of modules you need in order for your playbooks to run. There are several available options, see the documentation to explore the capabilities.

Example requirements.txt file located in the project root.

certifi

When you want to load the modules, use the ansible pip module. In AWX, the project is located in /runner/project. It’s best to use the tilde though as other automation containers might have a different home directory.

---
- name: Install dependencies
  pip:
    requirements: "~/project/requirements.txt"

When this runs, it is located in the /runner/.local/lib/python3.9/site-packages directory.

Final

I write these articles in large part because I can’t find all the information I personally am looking for in one place. This is my view, my project, and of course my documentation. 🙂

References

Posted in ansible, Computers | Tagged , , , , , , , | Leave a comment

Ansible Automation Platform Workflows

Posted on July 24, 2024 by Freejack

Overview

AWX Workflows let you chain tasks together and act on the outcome. This article provides instructions in how to create an AWX Workflow.

Templates

An AWX Workflow is a series of playbooks that are created in Templates to run a task. In this case, I have a pair of HAProxy servers configured as load balancers for my Kubernetes cluster. The servers use keepalived to ensure the VIP is always available.

keepalived monitors the live server and if it goes off line, it configures the idle server to take over the VIP until the live server comes back on line.

In addition I install monit, a tool that monitors the configured service and restarts it should it fail. It has a notification process and a web server so we’ll know if the service was restarted and can investigate.

This gives us the ideal chain of Templates to try out AWX Workflows.

Workflows

The expectation before you create the AWX Workflow is that you’ve run each task individually and they all run successfully.

Under Templates, click the Add drop down but select Add workflow template.

Fill out the information in the form.

  • Name – I added HAProxy Workflow
  • Description – Installs and configures HAProxy, keepalived, and monit
  • Organization – Since this is Development, I selected my Dev organization
  • Inventory – I only have the Development Inventory.

The remainder I left for another time. I clicked Save and it brought me into the Workflow Details page. I clicked Launch and the workflow started with the Visualizer.

Visualizer

In the Visualizer, you begin with a Start block. Click it to begin creating your workflow

You are now presented with an Add Node dialog box with all of your Templates.

The Node Type lets you do pre-run actions such as synchronizing your Project or Inventory before the run, identifying someone that needs to Approve the next task before proceeding, and even merging in another Workflow. In this case, we’ll simply use the default Job Template and build a simple Workflow.

For this example, select the HAProxy Install Template and click Save.

Now we’re presented with the Virtualizer that shows the Start box plus the first Node we created, the HAProxy Install node. When hovering over the node, multiple options become available.

  • Plus – Add a new node
  • i – See details about this node
  • Pencil – Edit this node
  • Link – Link in a node
  • Trashcan – Delete this node

Click the Plus and you’ll be presented with a Add Node dialog box. This one first lets you select how to proceed. On Success, On Failure, Always. In this case we want to simply continue so select On Success.

Click Next and the second task is available. Like the first time, you can select Approve, sync Project or Inventory, link in a Workflow, or simply add a new Job Template. Select the HAProxy Config Job Template and click Save.

Continue until you have a Workflow that consists of HAProxy, keepalived, and Monit. There doesn’t seem to be a way to move the Workflow tasks so it’s a straight line. You can move the Workflow to see the rightmost task and continue to add Nodes.

When done, click the Save button at the top right and you’re ready to rock!

Run Workflow

When you’re ready to run the new Workflow, simply go to the Templates task and click the Launch icon next to the Workflow.

Sibling Nodes

In the example, we created a long chain of events. Basically running each task after the prior task completed. But do these really need to be run in such a way? AWX Workflows lets you create Sibling Nodes. These Nodes are in the same column so are run simultaneously. For our example, we create Sibling Nodes for the three binary installations and then Child Nodes to configure the software.

Errors

Of course errors can occur. When they do, the Node will indicate an error status and if you selected On Success, the next Node will not start.

In case of error, simply click on the Node tile and it’ll take you to the job so you can troubleshoot.

My issue in this case the error is that the image couldn’t be pulled from quay.io. This is a problem where I live in that I’m on High Speed WiFi which isn’t always sufficient to pull the necessary image in time before it times out. I do want these containers (awx-ee:latest) to be local so the image is pulled locally vs pulled from quay.io every time I run a job. But I’ve been unable to identify where this is defined in the AWX manifest files.

Kubernetes

Just for some background, the AWX process creates multiple containers in the AWX namespace in Kubernetes. When you execute a Template, be it a Job Template or Workflow Template, an automation-job-[job id]-[unique id] container is created. This lets the orchestration environment start containers where they have sufficient resources to run.

References

In the Visualizer Editor, there’s a link to the Visualizer documentation that provides more detail on the process of creating and running AWX Workflows. I’ve added the link here as well.

Posted in ansible, Computers | Tagged , , , | 1 Comment

Banana Nut Bread

Posted on July 22, 2024 by Freejack

I’ve made Banana Nut Bread multiple times over the years. I thought I’d post up the recipe so I can make sure I have the ingredients when I’m out shopping. Of course I scraped it off of the ‘net so it’s a different one most times. This time though, again I thought I’d just throw the latest one up so I have it handy.

Preparation

You’ll want to have a stick (half a cup) of butter sitting on the counter warming up plus about 3 “normal” sized bananas that have been sitting out for a week or two. The skins should be just about black all the way around. Watch out for skins that have split as the banana under that spot will have dried out. And warm up the oven to 350 degrees. Heck, by the time I got it all mixed up, the oven had just hit 350.

Ingredients

  • 1/2 cup of butter
  • 1 1/4 cups of sugar
  • 1 teaspoon of vanilla
  • 2 eggs
  • 3 ripe bananas, about a cup more or less
  • 1/4 cup of milk
  • 2 cups of flour
  • 1/2 teaspoon of salt
  • 1/2 teaspoon of baking soda
  • 3/4 cup of pecans or walnuts. I basically just dumped a bunch in without measuring but you do you 🙂

Directions

You want to start with the wet ingredients first, then blend in the bananas, then the flour which turns the fairly liquid mixture a bit more firm.

In a bread pan or two, depending on how big you want it, wipe it down with some shortening or butter. This gives the sides and bottom some crispiness and makes it a little easier to remove.

You can also make muffins, same process other than use a 1/2 sized cup to fill in the tin. Fill it to just below the edge of the cup and it shouldn’t overflow.

Pour in the mixture and you’re ready to bake. Slide it into the oven and set the timer for 60 minutes (30 minutes for muffins). Check with a toothpick for doneness. Add 15 minutes to the bread and 5 minutes for the muffins if not quite done yet. It took mine 1 hour and 15 minutes for a full bread pan.

Posted in Cooking | Tagged , | Leave a comment

Ansible Web Executable Logging In

Posted on May 23, 2024 by Freejack

Overview

This article will describe the methodology used to manage user and team access in Ansible Web Executable (AWX).

Terminology

Ansible Web Executable (AWX) is the upstream open source software that is used in Ansible Automation Platform (AAP). Prior versions were also called Ansible Tower. I may use AWX, AAP or even Tower in this and following related articles.

Environment Methodology

The AWX Quickstart documentation describes the process in configuring AWX by creating an Organization, Users and Teams, Inventory, Credentials, Projects, and a Job Template.

The problem with this approach is objects created by Users are only visible to Users until they are added as a Role to a Team. This task would be done by the AWX automation admin, someone on the automation team. For smaller organizations, this could be acceptable, however as the organization grows, it’s going to require more members of the automation team in order to process tickets.

One of the problems with Roles is they can only be assigned for existing objects. Under the various tasks such as Credentials, there is no overall admin Role. This means you can’t give an admin privileges to just manage Credentials within the Roles.

However there is a way around this in AWX which is how my environments have been configured. I did follow the process to create an Organization, Users, and two Teams; an Admin team and a User team. This is all described below.

For permissions though, I decided to work at the Organization level and gave the Admin Team full access to the Organization via Roles and the Users Team the ability to view objects and run Job Templates. This takes the task of an automation admin having to work tickets for any team and gives it to the admins for the group that use AWX.

I was reading an article on User access and the proposal was that Users and Teams would be part of the Default Organization. This would give anyone who’s in the Default Organization the ability to view objects in any Organization. And the Organization itself would only be used to manage objects. This keeps things tidy but also permits troubleshooting without having to be a member of 1 or more Organizations.

AWX Logins

There are three instances of AWX here on my homelab.

Organizations

Within each instance, there is a Default Organization and an instance specific Organization for the Unix Admins.

  • HCS-AWX-DEV-EXUX
  • HCS-AWX-QA-EXUX
  • HCS-AWX-PROD-EXUX

Teams

There are two Teams in each Organization. One for users who administer the objects in the Organization and one for users to are tasked with running jobs.

  • HCS-AWX-DEV-EXUX-ADMINS
  • HCS-AWX-DEV-EXUX-USERS
  • HCS-AWX-QA-EXUX-ADMINS
  • HCS-AWX-QA-EXUX-USERS
  • HCS-AWX-PROD-EXUX-ADMINS
  • HCS-AWX-PROD-EXUX-USERS

References

Posted in ansible, Computers | Tagged , , , | 1 Comment