Re: tar error with remote deployment universal for...

neiko · ‎03-23-2013

Hi guys, Im using rroberts' bash script to remotely deploy universal forwarders using Amazons EC2 servers (thanks Mr Roberts!), the script throws up and error when it gets to the tar section, it looks like permissions issue but im not sure what permissions to look at, can anyone help me fix this please?

Im using the ec2-user for both source and destination machines and just to point out that i cant create a file on the destination machine without using sudo. Below is my script:

#!/bin/sh

# This EXAMPLE script shows how to deploy the Splunk universal forwarder
# to many remote hosts via ssh and common Unix commands.
# For "real" use, this script needs ERROR DETECTION AND LOGGING!!

# --Variables that you must set -----

# Populate this file with a list of hosts that this script should install to,
# with one host per line. This must be specified in the form that should
# be used for the ssh login, ie. username@host
#
# Example file contents:
# splunkuser@50.xx.xx.xx
# splunkker@50.xx.xx.xx
# HOSTS_FILE="$HOME/whereToInstallUF"
HOSTS_FILE="/opt/splunk/bin/scripts/whereToInstallUF"

# This should be a WGET command that was *carefully* copied from splunk.com!!
# Sign into splunk.com and go to the download page, then look for the wget
# link near the top of the page (once you have selected your platform)
# copy and paste your wget command between the ""
WGET_CMD="wget -O splunkforwarder-5.0.2-149561-Linux-x86_64.tgz 'http://www.splunk.com/page/download_track?file=5.0.2/universalforwarder/linux/splunkforwarder-5.0.2-149561-Linux-x86_64.tgz&ac=&wget=true&name=wget&typed=releases&elq=e98b13cf-ab8a-442e-913e-536c44576084'"

# Set the install file name to the name of the file that wget downloads
# (the second argument to wget)
INSTALL_FILE="splunkforwarder-5.0.2-149561-Linux-x86_64.tgz"

# After installation, the forwarder will become a deployment client of this
# host.  Specify the host and management (not web) port of the deployment server
# that will be managing these forwarder instances.
DEPLOY_SERVER="10.xx.xx.xx:8089"

# Set the new Splunk admin password
PASSWORD="newpass"

# ----------- End of user settings -----------

# create script to run remotely. Watch out for line wraps, esp. in the "set deploy-poll" line below.
REMOTE_SCRIPT="
cd /opt
$WGET_CMD
tar -xzf $INSTALL_FILE
# /opt/splunkforwarder/bin/splunk enable boot-start -user splunkusername
/opt/splunkforwarder/bin/splunk start --accept-license --answer-yes --auto-ports --no-prompt
/opt/splunkforwarder/bin/splunk set deploy-poll \"$DEPLOY_SERVER\" --accept-license --answer-yes --auto-ports --no-prompt  -auth admin:changeme
/opt/splunkforwarder/bin/splunk edit user admin -password $PASSWORD -auth admin:changeme
/opt/splunkforwarder/bin/splunk restart
"
echo "In 5 seconds, will run the following script on each remote host:"
echo
echo "===================="
echo "$REMOTE_SCRIPT"
echo "===================="
echo
sleep 5
echo "Reading host logins from $HOSTS_FILE"
echo
echo "Starting."

for DST in `cat "$HOSTS_FILE"`; do
  if [ -z "$DST" ]; then
    continue;
  fi
  echo "---------------------------"
  echo "Installing to $DST"

  # run script on remote host - you will be prompted for the password
  ssh -i /home/ec2-user/ec2keypair.pem "$DST" "$REMOTE_SCRIPT"

done
echo "---------------------------"
echo "Done"

====================

Below is the ERROR:

 Reading host logins from /opt/splunk/bin/scripts/whereToInstallUF

Starting.
---------------------------
Installing to ec2-user@10.204.xx.xx
The authenticity of host '10.204.xx.xx (10.204.xx.xx)' can't be established.
RSA key fingerprint is xx:5f:xx:07:xx:d1:xx:e1:5f:xx:b4:xx:d2:xx:3a:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.204.xx.xx' (RSA) to the list of known hosts.
**tar (child): splunkforwarder-5.0.2-149561-Linux-x86_64.tgz: Cannot open: No such file or directory**
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
bash: line 6: /opt/splunkforwarder/bin/splunk: No such file or directory
bash: line 7: /opt/splunkforwarder/bin/splunk: No such file or directory
bash: line 8: /opt/splunkforwarder/bin/splunk: No such file or directory
bash: line 9: /opt/splunkforwarder/bin/splunk: No such file or directory
---------------------------
Done

eashwar · ‎03-26-2013

hi friend, try this in your script.

tar -xvzf /home/ec2-user/$INSTALL_FILE

i am not so sure about this, i think the problem is you the location of the tar.gz file.
if the above does not work. just try to find the wget location and replace it before the install file variable.

yours,

eashwar raghunathan

neiko · ‎03-26-2013

Hi Eashwar, thanks for you help once again, I "think" I did something similar which was to comment out the "cd /opt" command which effectively does the same thing (i.e. install to the /home/ec2-user folder. My issue is clearly a permissions issue preventing me to write to the /opt directory on the target device. As you probably know Its not necessary to install the forwarder to the /opt directory but it would be cool to know how to write to the /opt directory if I ever needed to. Thanks again mate!

neiko · ‎03-25-2013

Update, if I rem out the cd /opt and let the install default to my home directly for ec2-user the script works!

I would like to know how to resolve this if anyone is a linux permissions guru?

Thanks

tar error with remote deployment universal forwarder script

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life