Docker for sample applications

Sample docker file:

FROM ubuntu:14.04

USER root
RUN apt-get update && apt-get install -y \
    python3 \
    curl && \
    rm -rf /var/lib/apt/lists/*
RUN groupadd -r nonroot && \
    useradd -r -g nonroot -d /home/nonroot -s /sbin/nologin -c "Nonroot User" nonroot && \
    mkdir /home/nonroot && \
    chown -R nonroot:nonroot /home/nonroot

USER nonroot
WORKDIR /home/nonroot/
RUN curl -o index.html http://info.cern.ch/hypertext/WWW/TheProject.html

USER nonroot
EXPOSE 3000
WORKDIR /home/nonroot/
CMD ["python3", "-m", "http.server", "3000"]


sudo docker build -t=docker-example .
sudo docker run -p 3000:3000 -i -t docker-example
 http://localhost:3000/

yum install -y gcc-c++ make
curl -sL https://rpm.nodesource.com/setup_6.x | sudo -E bash -
yum install nodejs
npm install http-server

----------------------------

# DOCKER-VERSION 1.2.0
FROM centos:centos6
#Install WGET
RUN yum install -y wget
#Install tar
RUN yum install -y tar
# Download JDK
RUN cd /opt;
RUN yum -y install java-1.7.0-openjdk-devel
#gunzip JDK
#RUN cd /opt;gunzip jdk-7u67-linux-x64.tar.gz
#RUN cd /opt;tar xvf jdk-7u67-linux-x64.tar
#RUN alternatives –install /usr/bin/java java /opt/jdk1.7.0_67/bin/java 2
# Download Apache Tomcat 7
RUN cd /tmp;wget http://redrockdigimark.com/apachemirror/tomcat/tomcat-8/v8.0.36/bin/apache-tomcat-8.0.36.tar.gz
# untar and move to proper location
RUN cd /tmp;gunzip apache-tomcat-8.0.36.tar.gz
RUN cd /tmp;tar xvf apache-tomcat-8.0.36.tar
RUN cd /tmp;mv apache-tomcat-8.0.36 /opt/tomcat8
RUN chmod -R 755 /opt/tomcat8
ENV JAVA_HOME /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101.x86_64/
EXPOSE 8080
CMD /opt/tomcat8/bin/catalina.sh run


to run the docker:
docker run -it --rm -p 8080:8080 tel/tom1
http://ipaddress:8080

---------------------------

JIRA installation and setup

Steps:

1) Check whether java installed or not?
Java -version

2) cd /opt

3) wget https://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-6.4.7-x64.bin

4) chmod +x atlassian-jira-6.4.7-x64.bin
5) ./atlassian-jira-6.4.7-x64.bin
6)  http://serverip:8080 or http://hostname:8080 cd /opt

Ansible installation_and_its_setup

How to install ansible on our machines:

-----------------------------------------

1) Yum install epel-release

2) yum install ansible

To write commands in Ansible"

ansible 127.0.0.1 -m yum -a "name=software state=present" 

Then the software will be installed on your machine.

eg:
installing postgresql using ansible

ansible 127.0.0.1 -m yum -a "name=postgresql state=present"


---
- hosts: [target hosts]
  remote_user: [yourname]
  tasks:
    - [task 1]
    - [task 2]

Sample service check playbook


---
- hosts: [marketingservers]
  remote_user: webadmin
  tasks:
    - name: Ensure the Apache daemon has started
      service: name=httpd state=started
      become: yes
      become_method: sudo


Playbook task
tasks:
    - name: Ensure the Apache daemon has started
      service: name=httpd state=started
      become: yes

      become_method: sudo

Runtime_issues and resolutions

error :/bin/sh^M: bad interpreter: No such file or directory

This can be resolved by using these steps:

To fix this, open your script with vi or vim and enter in vi command mode (key ESC), then type this:

:set fileformat=unix

Finally save it

:x! or :wq!

DevOps_automation_scripts

DevOps_Automation_Scripts
---------------------------
Jenkins installation script:
jenkins.sh 
#!/bin/sh
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins
service jenkins start

chmod 755 jenkins.sh
./jenkins.sh
It will jenkins latest version.
Scripts

cp jenkins /etc/init.d/
update rc.d jenkins defaults
Now this will considered within in the init.d service and restart the service automatically whenever reboot machine.

DevOps interview questions

DevOps interview questsions:
--------------------------------

1) What are the build tools you are using and how you can create artifacts and where are you keeping the artifacts?

In our project we are using Maven build tool which has project management and build capability.
our build team generates the artifacts(war or jar or ear) then we will store it in the Nexus Repository and from there deployment team will take the war file and deploy it on tomcat, jboss, weblogic or WAS based on their requirement.

2) What are the various continuous integration tools are available in the market? which one you are using?

Jenkins
Cruise Control
Bamboo
Travis
Team City

we are using Jenkins for continuous integration which is helping us for continuous build as well as continuous integration purpose.

3) What is DevOps all about ?

DevOps is the combination of development and Operations team which will help the project team to stream line their process or optimize their process with respect to communication, collaboration, Integration and automation.

4) How can you make sure that developer machine is equal to your stg, qa and production machines?

Using docker container tool we will create all the environments and test our application on all these environments.

5) What is the puppet?
Puppet is one of the popular confiugration management tools, which will help us to automate the server software installation and its configuration.

6) What are the puppet manifests?
Puppet manifests contain the resources,are basic building blocks of system/server.

7) Where can you find the puppet ssl certificates?
Puppet ssl certificates are stored in /var/lib/puppet/ssl , this path is available in puppet.conf and path can be changed.

8) What is default port for puppet?
default port is 8140

9) what is puppet modules?
Puppet module is collection of puppet manifests files, static files, templates, libraries, facter etc.

10) What is facter?
Facter is information about the server/machine that we are going to configure.

11) What are the monitoring tools are available in the market?
Nagios, Zebbix, Zeboss, Sensu, UCD, New Relic.

12) How can you setup puppet master and puppet agent architecture?
In Puppet master: we have to install yum install puppetmaster
In Agent: Puppet client should be installed and it should be certified by the puppet master.
All puppet certificates are available in the /var/lib/puppet/ssl

13) What are Docker usecases?
Docker use cases are plenty, it is mainly focuses on the developer productivity, and improve the developer testing capability to test the applications on different environment without changing the system because docker works within the operating system.
It allows the developer to deploy the code faster comapared to any other tools.
Becuase of containerization you can start easily stop,start and restart easily.

14) What is continuous Delivery and why it is imporant?
Continous delivery involves continuous build and continous deployment in all the environments without any manual intervention.
Each and every developer update immediately will go to the delivery without any manual intervention.

15) what is the version control tool you are using in your project?
In our project we are using Git open source software version control system for all our source code.

16) What is main difference between hypervisor and container?
Hypervisor is hardware level virtualization and where as container operating system level virtualization.

17) What are the installation types in Puppet?
Puppet Enterprise
Pupperforge
Masterless puppet

18) What are the docker advantages?
Easy to create and share the images
Images run the same way in all the environments, which has great benefit to replicate same code in all the environments.
Easily run the entire stack in dev
Minimal overhead
Better resource utilization
Disadvantage:
to manage persistent data is somewhat difficult.

19) What is Terraform?
Terraform is a tool to provision the infrastructure

20) What is git stash command?
Git stash command will help you to save the data currently you are working on.
eg: if you edit one file and updating file and immediately some reason you git checkout otherbranch.
whatever updates you have done in this current location will go away if you do not stash it.

Nagios installation and its setup without Docker

How To Install Nagios On CentOS 6

Step 1 - Install Packages on Monitoring Server

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
yum -y install nagios nagios-plugins-all nagios-plugins-nrpe nrpe php httpd
chkconfig httpd on && chkconfig nagios on
service httpd start && service nagios start

We should also enable SWAP memory on this droplet, at least 2GB:

dd if=/dev/zero of=/swap bs=1024 count=2097152
mkswap /swap && chown root. /swap && chmod 0600 /swap && swapon /swap
echo /swap swap swap defaults 0 0 >> /etc/fstab
echo vm.swappiness = 0 >> /etc/sysctl.conf && sysctl -p

Step 2 - Set Password Protection

Set Nagios Admin Panel Password:

htpasswd -c /etc/nagios/passwd nagiosadmin

Make sure to keep this username as "nagiosadmin" - otherwise you would have to change /etc/nagios/cgi.cfg and redefine authorized admin.

Now you can navigate over to your droplet's IP address http://IP/nagios and login.

You will be prompted for password you set in Step 2:

This is what the Nagios admin panel looks like:

Since this is a fresh installation, we don't have any hosts currently being monitored.

Now we should add our hosts that will be monitored by Nagios. For example, we will use cloudmail.tk (198.211.107.218) and emailocean.tk (198.211.112.99).

From public ports, we can monitor ping, any open ports such as webserver, e-mail server, etc.

For internal services that are listening on localhost, such as MySQL, memcached, system services, we will need to use NRPE.

Step 4 - Install NRPE on Clients

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
yum -y install nagios nagios-plugins-all nrpe
chkconfig nrpe on

This next step is where you get to specify any manual commands that Monitoring server can send via NRPE to these client hosts.

Make sure to change allowed_hosts to your own values.

Edit /etc/nagios/nrpe.cfg

log_facility=daemon
pid_file=/var/run/nrpe/nrpe.pid
server_port=5666
nrpe_user=nrpe
nrpe_group=nrpe
allowed_hosts=198.211.117.251
dont_blame_nrpe=1
debug=0
command_timeout=60
connection_timeout=300
include_dir=/etc/nrpe.d/
command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/vda
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$

Note:

In check_disk above, the partition being checked is /dev/vda - make sure your droplet has the same partition by running df -h / You can also modify when to trigger warnings or critical alerts - above configuration sets Warning at 20% free disk space remaining, and Critical alert at 10% free space remaining.

We should also setup firewall rules to allow connections from our Monitoring server to those clients and drop everyone else:

iptables -N NRPE
iptables -I INPUT -s 0/0 -p tcp --dport 5666 -j NRPE
iptables -I NRPE -s 198.211.117.251 -j ACCEPT
iptables -A NRPE -s 0/0 -j DROP
/etc/init.d/iptables save

Now you can start NRPE on all of your client hosts:

service nrpe start

Step 5 - Add Server Configurations on Monitoring Server

Back on our Monitoring server, we will have to create config files for each of our client servers:

echo "cfg_dir=/etc/nagios/servers" >> /etc/nagios/nagios.cfg
cd /etc/nagios/servers
touch cloudmail.tk.cfg
touch emailocean.tk.cfg

Edit each client's configuration file and define which services you would like monitored.

nano /etc/nagios/servers/cloudmail.tk.cfg

Add the following lines:

define host {
        use                     linux-server
        host_name               cloudmail.tk
        alias                   cloudmail.tk
        address                 198.211.107.218
        }

define service {
        use                             generic-service
        host_name                       cloudmail.tk
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
        }

define service {
        use                             generic-service
        host_name                       cloudmail.tk
        service_description             SSH
        check_command                   check_ssh
        notifications_enabled           0
        }

define service {
        use                             generic-service
        host_name                       cloudmail.tk
        service_description             Current Load
        check_command                   check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
        }

You can add more services to be monitored as desired. Same configuration should be added for second client, emailocean.tk, with different IP address and host_name:

This is a snippet of /etc/nagios/servers/emailocean.tk.cfg:

define host {
        use                     linux-server
        host_name               emailocean.tk
        alias                   emailocean.tk
        address                 198.211.112.99
        }

...

You can add additional clients to be monitored as /etc/nagios/servers/AnotherHostName.cfg

Finally, after you are done adding all the client configurations, you should set folder permissions correctly and restart Nagios on your Monitoring Server:

chown -R nagios. /etc/nagios
service nagios restart

Step 6 - Monitor Hosts in Nagios

Navigate over to your Monitoring Server's IP address http://IP/nagios and enter password set in Step 2.

Now you should be able to see all the hosts and services:

And you are all done!

nagios.sh

---

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
yum -y install nagios
yum -y install nagios-plugins-all 
yum -y install nagios-plugins-nrpe 
yum -y install nrpe 
yum -y install php 
yum -y install httpd
chkconfig httpd on && chkconfig nagios on
service httpd start && service nagios start

creating password for nagios admin:

htpasswd -c /etc/nagios/passwd nagiosadmin

nrpe.sh
---
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
yum -y install nagios
yum -y install nagios-plugins-all
yum -y install nrpe
chkconfig nrpe on
-----------
serverconfig.sh
---------------------
echo "cfg_dir=/etc/nagios/servers" >> /etc/nagios/nagios.cfg
cd /etc/nagios/servers
touch cloudmail.tk.cfg

touch emailocean.tk.cfg

nano /etc/nagios/servers/cloudmail.tk.cfg

Vagrant and its setup

Getting started with Vagrant

Let’s take a quick tour of Vagrant and show you how to install and get your first box configured using Puppet. First, we need to install Oracle’s Virtual Box virtualization platform. Download and install an appropriate package for your host. There are packages for Linux, OSX, Windows and Solaris. Here we’ll install the package for Red Hat Enterprise Linux 6.

$ wgethttp://download.virtualbox.org/virtualbox/4.0.4/VirtualBox-4.0-4.0.4_70112_rhel6-1.i686.rpm

$ sudo rpm -Uvh VirtualBox-4.0-4.0.4_70112_rhel6-1.i686.rpm

(Note: If you cannot install VirtualBox 4.x then note that VirtualBox 3.x versions only work with Vagrant 0.6.9 and earlier)

You will also need Ruby and RubyGems which you can easily install from your platform’s package manager (if they are not already installed), for example on RHEL 6 again:

$ sudo yum install ruby rubygems

Then using RubyGems you can install Vagrant itself:

$  sudo gem install vagrant

Vagrant relies on the concept of base boxes that you can download and then work with. To download one or more of them, refer to this list of the available boxes.

We’re going to download a base Ubuntu box as a start using the vagrant box command. First, create a directory:

$ mkdir /home/james/vagrant && cd /home/james/vagrant

Then add our Vagrant box:

$ vagrant box add lucid32http://files.vagrantup.com/lucid32.box

This will download a Lucid 32-bit (Ubuntu version 10.04 LTS) base box called lucid32. We can then initialize this box using the init command:

$ vagrant init

This will add the box to Vagrant and prepare it for start-up. We can then start it with the following command:

$ vagrant up

This will configure the Vagrant box and bring it up and make it available for use. Once it’s configured we can connect to it using the ssh command.

$ vagrant ssh

This will SSH into the vagrant box and you can interact and manage it like any other virtual machine. If you want to shut down your Vagrant box you have two options. The first suspends it:

$ vagrant suspend

This pauses the virtual machines and you can naturally resume it like so:

$ vagrant resume

But important you can also have a complete do-over and destroy your box:

$ destroy vagrant

This will reset the box back to its original configuration.  Any changes you made to the box or data you placed on it will be lost.  But similarly anything you broke developing or testing on it will also be magically returned to a pristine state ready to start again.  You can quickly see how this can become a powerful tool for testing and prototyping.

But often there will be more unique boxes to configure, or you may want a fast way to build a Vagrant box up to an appropriate state to do some testing. We can do this using some simple Puppet code. Vagrant supports using Puppet either in its solo mode (without a server) or in client-server mode. We’re going to use it in solo mode for this case. 

To get started create a directory called manifests in the vagrant home directory (/home/james/vagrant):

$ mkdir /home/james/vagrant/manifests

Then create a Puppet manifest in this directory, naming the manifest file with the name of the box we’re going to configure, in our case lucid32.pp. This is configurable in Vagrant but this is the common default. You could also use existing Puppet manifests if you have those -- a fast way of replicating a production host as a Vagrant virtual machine.

$ touch /home/james/vagrant/manifests/lucid32.pp

And add a simple manifest inside the file:

class lucid32 {
  package { "apache2":
    ensure => present,
  }

  service { "apache2":
    ensure => running,
    require => Package["apache2"],
  }
}

include lucid32

This manifest will install the Apache package and start the Apache service.

We now need to enable Puppet inside Vagrant’s configuration file, called Vagrantfile. This file will be in our /home/james/vagrant directory and we need to open it and edit the content to add the following lines:

Vagrant::Config.run do |config|
...
  # Enable the Puppet provisioner
  config.vm.provision :puppet
end

The key line being config.vm.provision :puppet. This tells Vagrant to use Puppet. It also installs Puppet on the base box you just downloaded - in this case it and many of the other base boxes available also have Puppet installed (you can create your own boxes).

Now we can bring our Vagrant box back up:

$ vagrant up

Or if the Vagrant box is already running then you can initiate provisioning like so:

$ vagrant reload

This will load and execute Puppet and the manifest file you have specified, and configure the box by installing Apache and starting the Apache service. Vagrant uses VirtualBox port forwarding to forward port 80 (HTTP) by default so you should be able to browse to that port on the local host and see the default Apache page. You can also configure additional ports to forward.

Now you have a fast, easy virtual environment to conduct whatever testing or prototyping required. There is more information on how to use Vagrant on the software's website.

In windowds Install the vagrant from http://www.vagrantup.com/downloads

After Vagrant installation, you have to install the virtual box, which is provider for vagrant box.

Now you can go to vagrant boxes from vagrantup.com and execute below command

vagrant init box_name 

vagrant box add newname box_name or URL

After executing the above command you will see the Vagrant file on the directory wherever you executed.

Now you have to say : vagrant up ( box will be up).

Docker container for Nagios

Docker container for Nagios

Full Description

docker-nagios

Docker container for Nagios 4.1.1

"Nagios Is The Industry Standard In IT Infrastructure Monitoring. Achieve instant awareness of IT infrastructure problems, so downtime doesn't adversely affect your business.Nagios offers complete monitoring and alerting for servers, switches, applications, and services."

Install dependencies

• Docker

To install docker in Ubuntu 15.04 use the commands:

$ sudo apt-get update
$ wget -qO- https://get.docker.com/ | sh

To install docker in other operating systems check docker online documentation

Usage

To run container use the command below:

$ docker run -d -p 25 -p 80 quantumobject/docker-nagios

login : nagiosadmin password: admin please replace it after install.

to access the container please use :

$ docker exec -it container_id  /bin/bash

to replace password :

$ htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Update (2015/03/19) Added NRPE checks support.

note: to access site is http://server_ip:external_container_port/nagios/

More Info

About Nagios www.nagios.org

To help improve this container quantumobject/docker-nagios

For additional info about us and our projects check our site www.quantumobject.org

SSHKey Generation

SSH Key generation:
-------------------------

Manually generating your SSH key in Windows

Modified: 06 Nov 2015 18:02 UTC

You can use PuTTY to generate your SmartMachine SSH key. PuTTY is a free open-source terminal emulator that functions much like the Terminal application in Mac OS X in a Windows environment. If you prefer a command line approach to SSH, you can use Cygwin to emulate a Linux-like environment on your Windows machine.

This topic shows you how to manually generate and upload an SSH key when working with PuTTY in the Windows environment.

About PuTTY

PuTTY is an SSH client for Windows that you will use to generate your SSH keys. You can download PuTTY fromwww.chiark.greenend.org.uk.

When you install the PuTTY client, you also install the PuTTYgen utility. PuTTYgen is what you will use to generate your SSH key for a Windows VM.

	This page gives you basic information about using PuTTY and PuTTYgen to log in to your provisioned machine. For more information on PuTTY, see the PuTTY documentation

Generating an SSH key

To generate an SSH key with PuTTYgen, follow these steps:

1. Open the PuTTYgen program.
2. For Type of key to generate, select SSH-2 RSA.
3. Click the Generate button.
4. Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair.
5. Type a passphrase in the Key passphrase field. Type the same passphrase in the Confirm passphrase field. You can use a key without a passphrase, but this is not recommended.
6. Click the Save private key button to save the private key.  You must save the private key. You will need it to connect to your machine.
7. Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and chooseSelect All.
8. Right-click again in the same text field and choose Copy.

Uploading an SSH key

Now you need to upload the copied SSH key to your Cloud Management portal.

1. After you copy the SSH key to the clipboard, return to the Cloud Management portal.
2. In the SSH Key field, paste your SSH key.
3. In the Name field, provide a name for the key.  Providing a key name is optional but is a good practice for ease of management.
4. Click the Add this key button. See below.

 PuTTY and OpenSSH use different formats of public SSH keys. If the text you pasted in the SSH Key starts with —— BEGIN SSH2 PUBLIC KEY, it is in the wrong format. Be sure to follow the instructions carefully. Your key should start with ssh-rsa AAAA….

Once you upload your SSH key to the portal, you can connect to your virtual machine from Windows through a PuTTY session.

Working with Git on Windows

Table of ContentsToggle

• Choosing a Git distribution
• Installing Git
• Installing SSH keys on Windows
• Setting up Git profile
• Summary

Setting up Git can be tricky on Windows compared to Linux or Mac, but if you follow the steps in this guide, you should have no problems using Git on Windows. We’ve done the hard work and chosen between the multiple options at key steps to help make things easier for you. This guide will take you through the steps to install and configure Git and connect it to remote repositories to clone, push, and pull. If you don’t have one already, create a Beanstalk account.

Choosing a Git distribution

There are two competing Git packages for Windows: a Cygwin-based Git and a version called msysGit. We will describe how to install the msysGit package. We recommend installing msysGit because we’ve found it’s easier to work with than the Cygwin based installation.

Installing Git

Once you have downloaded the msysGit executable, double click on it to start the installation wizard. Leave the default directory options. When you get to the “Adjusting your Path environment” setting, select the “Run Git from the Windows Command Prompt” option. Choosing this option will make it easy for you to run Git commands from the Windows Command Prompt (command line) if you choose. Command Prompt is a simple tool, where you can run commands, switch through folders, manage files and it can be ran by selecting RUN… in START menu, and executing cmd command.

You will notice that for the rest of this article we will use Git Bash for running Git commands. The Git Bash tool works in the same way as the default Windows’ Command Prompt, but has some special features. With Git Bash you’ll be able to use a number of UNIX command line tools along with access to Git, and we recommend it since it’s often simpler to use than the Windows Command Prompt.

You can run it by right clicking your mouse on the desktop, and selecting Git Bash from pop up window.

When you reach the step “Configuring the line ending conversions”, make sure to leave the option “Checkout Windows-style, commit Unix-style line endings” selected. This option makes sure that Git converts LF to CRLFwhen checking out text files. When committing text files, CRLF will also be converted to LF. This is a compatibility measure to protect newlines in text files, allowing you to easily work with text files on Windows and on Unix-style platforms.

Important note: The most common problems when setting up Git on Windows are related to SSH keys. Git uses SSH keys to securely access your repositories, and in Windows SSH keys are often searched on the wrong path when you try to use Git.

If you use an older version of msysGit, you may encounter a step called “Choosing the SSH executables”. If you encounter that dialog, we recommend that you choose the “Use OpenSSH” option.

After you have successfully installed Git on Windows, you’ll need to provide secure communication with your Git repositories by creating and installing SSH keys.

Installing SSH keys on Windows

To access your Git repositories you will need to create and install SSH keys. You can do this in two ways:

• by using OpenSSH (generating SSH keys with ssh-keygen which comes with Git)
• by using PuTTY (free Telnet and SSH client)

OpenSSH and PuTTY are free implementations of Telnet and SSH for Windows. They encrypt all traffic and provide secure communication with your remote Git repositories by using SSH keys.

We recommend OpenSSH over PuTTY, and it’s installed with your Git copy. PuTTY is recommended only for advanced users who are already familiar with how Git with SSH keys work.

Using OpenSSH and generating SSH keys with ssh-keygen

To communicate with the remote Git repository in your Beanstalk account from your Windows computer, you will need to generate an SSH key pair for that computer. This process requires only a few steps, but you do first need to install msysGit using the full installer as described above.

Generating a key pair

To do this you need to run Git Bash, which can be found in your START menu. Run the command:

ssh-keygen -t rsa

It will ask for location and pass phrase. Accept the default location (usually C:\Documents and Settings\username\.ssh\ or C:\Users\username\.ssh) by pressing ENTER. After that, make sure to set a strong pass phrase for the key.

Now that the keys are generated, open the file id_rsa.pub (found in the default location from the previous step) with a text editor. The contents of this file is your new public key. If you copy it to your clipboard, you can add it to your Beanstalk profile (under the PROFILE AND SETTINGS → KEYS= section).

Your SSH public key should look something like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyyA8wePstPC69PeuHFtOwyTecByonsHFAjHbVnZ+h0dpomvLZxUtbknNj3+
c7MPYKqKBOx9gUKV/diR/mIDqsb405MlrI1kmNR9zbFGYAAwIH/Gxt0Lv5ffwaqsz7cECHBbMojQGEz3IH3twEvDfF6cu5p
00QfP0MSmEi/eB+W+h30NGdqLJCziLDlp409jAfXbQm/4Yx7apLvEmkaYSrb5f/pfvYv1FEV1tS8/J7DgdHUAWo6gyGUUSZ
JgsyHcuJT7v9Tf0xwiFWOWL9WsWXa9fCKqTeYnYJhHlqfinZRnT/+jkz0OZ7YmXo6j4Hyms3RCOqenIX1W6gnIn+eQIkw==
Mac Pro

In your Beanstalk account, SSH key would look like this:

After you have setup the SSH key on Beanstalk, you should be able to check a connection and then push or pull with your remote Git repository. In case you have trouble with SSH keys check $HOME path in your Windows operating system. Some other software can change HOME or HOME_PATH environment variable to point to different location, instead of your real home (Documents and Settings) directory.

Checking your connection

Before trying to access your Beanstalk repository, check if the connection to your remote repository works. In order to do that, run Git Bash, and enter this command, replacing accountname with your account name:

ssh git@accountname.beanstalkapp.com

In this case, this is the URL to access Git on your Beanstalk account. If you are using another version control hosting service, the URL would be provided by them.

When authenticating or later when trying to connect to Git repository most likely you will encounter a message that looks like this:

The authenticity of host 'accountname.beanstalkapp.com (204.232.132.2)' can't be established.
RSA key fingerprint is 30:9a:97:f3:19:4f:d1:6e:28:76:9e:e7:d1:df:2c:31.
Are you sure you want to continue connecting (yes/no)?

You can type yes and press ENTER, which will add your account’s hostnameaccountname.beanstalkapp.com to a known_hosts file. This step won’t need to be repeated later, unless your public key or your account names changes.

If you were authenticated correctly, you will see a message similar to this one:

You were successfully authenticated as [emailaddress] in accountname.beanstalkapp.com.

You can now continue to configure your local Git profile.

In case you have installed TortoiseGIT

If you have ever installed TortoiseGit on the computer you’re setting up your keys on, you may encounter problems. TortiseGit creates an environment variable that configures Plink as your SSH keystore, which may conflict when you try to use Git and SSH. No matter how you change your config or uninstall TortoiseGit, that environment variable persists and until you delete it, Git will not look to your regular .ssh directory to find the proper key.

In our case environment variable looked like this:GIT_SSH=c:\Program Files\Putty\plink.exe. Environment variables can be found here:

• Windows XP: CONTROL PANEL → SYSTEM PROPERTIES → ADVANCED → ENVIRONMENT VARIABLES
• Windows 7: CONTROL PANEL → SYSTEM → ADVANCED SYSTEM SETTINGS → ENVIRONMENT VARIABLES

Having problems connecting to your Git repository on Windows 7?

Our users have reported problems when generating SSH keys on Windows 7 systems. If that happens for you, try generating your SSH keys on Windows XP if possible. After generating the private and public keys (following the steps to generate keys are provided above in the Generating a key pair chapter), copy the files to default SSH keys location in Windows 7 (usually C:\Documents and Settings\username\.ssh\ orC:\Users\username\.ssh).

Alternative to OpenSSH — using PuTTY to access your Git repository

Installing Git and using PuTTY to connect to your Git repository can be troublesome, so we recommend that you use the OpenSSH method which we described in the steps above. Using OpenSSH is simple and straightforward, but if OpenSSH is not an option, or for some other reason you prefer to use PuTTY to connect to your repositories, here is a step by step guide on how to do so.

Like OpenSSH, you will generate SSH keys and use them to communicate with your remote Git repositories, only now you will use PuTTY’s tools for generating, storing, and using the keys.

Installing PuTTY

You can download the PuTTY installation package and run it. The latest installation package at the moment of writing this article is putty-0.60-installer.exe which can be found under “A Windows installer for everything except PuTTYtel” heading.

Install PuTTY to the default recommended location, typically c:\Program Files\PuTTY\. Once installed, navigate to the installation folder where you will find:

• plink – a command-line interface to the PuTTY back ends
• puttygen – an RSA and DSA key generation utility
• pageant – an SSH authentication agent for PuTTY, PSCP and Plink, in which we will store keys
• putty – the Telnet and SSH client

You will also find some other files, but for this guide you only need to know about plink, puttygen, pageant and putty.

Adding GIT_SSH variable to environment

After you have installed PuTTY package, you’ll need to add a GIT_SSH variable to your environment variables which should point to the plink.exe file (including its entire path). Accepting our defaults from above, this will likely be: GIT_SSH=c:\Program Files\Putty\plink.exe

Environment variables can be found and created/edited here, depending on your version of Windows:

• Windows XP: CONTROL PANEL → SYSTEM PROPERTIES → ADVANCED → ENVIRONMENT VARIABLES
• Windows 7: CONTROL PANEL → SYSTEM → ADVANCED SYSTEM SETTINGS → ENVIRONMENT VARIABLES

Generating SSH key with puttygen

After setting up the environment variable, you need to generate and save SSH keys with puttygen. Run puttygen.exe, which will allow you to generate a SSH-2 RSA public/private keypair. Once generated, save the public and private keys to a folder of your preference, just make sure to note the folder where the keys are shared. Easiest way to remember which is the private/public key is to name them private and public so you can distinguish them later.

Before leaving puttygen, copy the public key to your clipboard and paste it into your version control hosting account (in Beanstalk, under the PROFILE AND SETTINGS →KEYS section).

Please note that when you generate a key with puttygen, the public key that you copy from puttygen and the public key you save to a file for later use are not in the same format. You can see on the picture below that the public key was saved with new lines and without the “ssh-rsa” keyword. In order to copy and paste the public key to Beanstalk, you need to copy it in the same format as it was when it was generated by puttygen. That format should be: “ssh-rsa keycodegenerated”. All you need to do is modify your key in an editor like Notepad, and then add it to Beanstalk.

Adding your private key to pageant

After you have generated the SSH keypair, you need to add the SSH private key to pageant, PuTTY’s key management tool. First, run pageant, which can be found in the directory where you have installed PuTTY package (remember, by default: c:\Program Files\PuTTY\). You will see a small icon in your system tray (see the screenshot to the right), which indicates pageant is started. Click on the icon and in pageant window click “Add Keys”. Add the private key that was generated by puttygen in the previous step. The private key has extension .ppk, that is the easiest way to distinguish it from the public key you have created.

After you add the SSH key, you should see it in pageant key list.

Checking your connection

Once you have finished setting up PuTTY, all you need to do is check if the connection to your remote hosted Git repository works if you installed Git.

If you still haven’t installed Git download the msysGit executable, double click on it and the installation wizard should start. Leave the default directory options. When you get to the “Adjusting your Path environment” setting, select the “Use Git Bash only” option. Choosing this option will help you avoid path conflicts.

After you have installed Git run Git Bash and go to the directory where you have installed PuTTY and try to access your repository by typing this:

set Git
putty git@accountname.beanstalkapp.com:/gittreponame.git

If you are not authenticated correctly, a message like the following screenshot will pop up:

If you are authenticated correctly, a new window will pop up with message like this:

Using username "git"
Authenticating with public key "rsa-key-20110518" from agent

Pop up window will close shortly after authentication is finished, which means authentication was successful and you should be able to manage your Git repositories from now on.

Setting up Git profile

After you have authenticated correctly by installing Git and setting up SSH keys, before you start using your Git repositories, you should setup your Git profile by typing following after you run Git bash in command line:

git config --global user.name "Firstname Lastname"
git config --global user.email "your_email@youremail.com"

In case you are using Beanstalk for version control, it would be best if your first name, last name and email address match to the ones you use in your account to avoid any conflicts.

Summary

In order to be able to use your repository you need to:

• Install Git
• Generate SSH keys with PuTTY or ssh-keygen
• Put keys in correct place (in pageant for PuTTY, in correct .ssh folder for OpenSSH)
• Check if connection to the Git repository is working
• Setup your Git profile

While setting up Git the most common mistakes include mismatched private and public SSH keys or the user doesn’t have permission to access the repository. If you run into any issues connecting to Beanstalk, don't hesitate to contact us using the links below.

Now what?

Now that you have Git properly installed and configured, you can use a client of your choice. Whether youchoose a terminal or a GUI, it is a good idea to learn the basic concepts and commands for versioning your files before. Here’s some recommended reading to get you started:

• Git Immersion Tutorial – an excellent step-by-step tutorial to using Git
• Pro Git E-book & Printed Edition
• The Git Parable – understand the concepts behind Git with a simple story by Tom Preston-Werner