Wednesday, December 10, 2014

Fix "ValueError: unknown locale: UTF-8" when running AWS CLI

I was getting following error when running AWS CLI.

MacBook-Pro:python sgoswami$ aws ec2 describe-instances
Traceback (most recent call last):
  File "/usr/local/bin/aws", line 15, in <module>
    import awscli.clidriver
  File "/Library/Python/2.7/site-packages/awscli/clidriver.py", line 31, in <module>
    from awscli.help import ProviderHelpCommand
  File "/Library/Python/2.7/site-packages/awscli/help.py", line 20, in <module>
    from docutils.core import publish_string
  File "/Library/Python/2.7/site-packages/docutils/core.py", line 20, in <module>
    from docutils import frontend, io, utils, readers, writers
  File "/Library/Python/2.7/site-packages/docutils/frontend.py", line 41, in <module>
    import docutils.utils
  File "/Library/Python/2.7/site-packages/docutils/utils/__init__.py", line 20, in <module>
    import docutils.io
  File "/Library/Python/2.7/site-packages/docutils/io.py", line 18, in <module>
    from docutils.utils.error_reporting import locale_encoding, ErrorString, ErrorOutput
  File "/Library/Python/2.7/site-packages/docutils/utils/error_reporting.py", line 47, in <module>
    locale_encoding = locale.getlocale()[1] or locale.getdefaultlocale()[1]
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/locale.py", line 496, in getdefaultlocale
    return _parse_localename(localename)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/locale.py", line 428, in _parse_localename
    raise ValueError, 'unknown locale: %s' % localename
ValueError: unknown locale: UTF-8


All that I did to fix it was: 

export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8


Sunday, May 11, 2014

What are manifest and site.pp files?



Manifest is puppet’s term for files containing configuration information. Manifest files have a suffix of .pp. the puppet language is written into these files.

The site.pp file tells Puppet where and what configuration to load for our clients. These are stored in a directory called manifests under the /etc/puppet directory. 

You can easily change the name and location of manifest directory and site.pp file by defining/changing the "manifestdir" and "manifest" configuration item in puppet.conf file. These can be found in the [main] are of puppet.conf file. 


How to generate puppet.conf file?



$ cd /etc/puppet/
$ puppet master --genconfig > puppet.conf

The above command will generate the puppet.conf file automatically. 

The puppet.conf file is like an INI-style file and divided into various sections namely, [agent], [master], [main]. 

Tuesday, April 29, 2014

How to upgrade from JDK 1.6 to 1.7 on ubuntu?


Its simple... Use the command 

sudo apt-get install openjdk-7-jre

This will install JDK 1.7 on your ubuntu box. But there is a catch.. if you still run java -version, it will tell you that it is still using JDK 1.6. 

So your system has actually been updated with JDK 1.7 but it is still not in use. There is a special script in ubuntu which allows you to check different versions present on the system and let's you choose the correct one you want to activate. 

Here is how you can update that: 

sudo update-alternatives --config java

This command will give you an output similar to below.. and asking you to choose which one you want to use.. 

There are 2 choices for the alternative java (providing /usr/bin/java).

  Selection    Path                                            Priority   Status
------------------------------------------------------------
* 0            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      auto mode
  1            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      manual mode
  2            /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java   1051      manual mode


Press enter to keep the current choice[*], or type selection number:

Simple.. Isn't it? 

Monday, April 7, 2014

Puppet server hostname does not match certificate - can't authenticate.


err: Could not retrieve catalog from remote server: Server hostname 'puppet' did not match server certificate; expected master


The agent configuration file seems to be communicating with a different server (master) name than that for which the puppet master has the certificate for. The only way to solve this is by re-generating the puppetmaster server certificate with the correct hostname as that defined in the agent configuration file.

To quickly test, another way is to change /etc/hosts file of agent and map the hostname and IP of the puppetmaster server.

Exiting; no certificate found and waitforcert is disabled

When running command:

sudo puppet agent --test

Exiting; no certificate found and waitforcert is disabled

To solve this follow below instructions: 

1.  Login to the puppetmaster. 
2.  Run command "sudo puppet cert --list". It will list down your agent machine who have requested a certificate.
3.  Sign the requests using command "sudo puppet cert --sign "ip-10-134-174-211.ap-southeast-1.compute.internal"" Where the IP-10.... is the hostname of you agent machine. 

This should all be needed to resolve the issue. 

err: Could not request certificate: Connection timed out - connect(2)

When running below command on the agent machine:

sudo puppet agent --test

err: Could not request certificate: Connection timed out - connect(2)

Points to the problem that the Ports used for communication between the agent and master are not Open. Please open port 8140 TCP and check it again. 

Sunday, April 6, 2014

Recovering a Locked forgot administrator password for Windows EC2 Instance


Its simple... 
  1. Create a new scratch EC2 instance running 2003 server, and log into it.
  2. Get a note of volume attached to it and Shut down your lost instance (the one you can't log into) from the AWS console.
  3. On the EC2 console, go to Elastic Block Store/Volumes and find the volume you find in step 2 and Detach it.
  4. On that same volume, attach it to your new 2k3 EC2 instance. You can see it appear in Disk Manager and you'll get a new  drive letter.
  5. Go to NewDriveLetter:\Program Files\Amazon\Ec2ConfigService\Settings\ and edit config.xml with notepad
  6. The first setting in the file is for the Ec2SetPassword plugin; change the State field from Disabledto Enabled. Save & close.
  7. On the AWS console, Detach the volume from the new instance
  8. Attach the volume to your original lost instance, as /dev/sda1 (Root volume)
  9. Start the instance. After a few minutes, run the Get Windows Password function which will have the newly generated password.

Now if you have mapped that instance to C-name remember to change the corresponding URL because the ec2-url will change after the restart.

An interesting thing about AWS ELB's


In last couple of days I discovered that ELB's are not designed to handle sudden spikes in traffic. What was most disturbing was that: 

1.  When there is a sudden spike, the ELB breaks down. An returns HTTP 404 messages. 
2.  The ELB gets into a bad state and remains like that for about 90 minutes. 
3.  The solution to this suggested by AWS Support team was to simply move out of ELB and have your own load balancer. 
4.  If it is just a testing spike, AWS can prewarm the ELB to handle that load but just for few weeks. 

HAproxy or Nginx seems to be my obvious choice now if I have to move away from ELB. Doing High availability with HAProxy or even Nginx seems to be a little tricky but that's Okay if we have to move away from ELB.