I wanted to define the uid and gid for the
mqm user and mqm group in a pure application pattern. On deploy, if the mqm user
doesn’t already exist the IBM MQ Advanced component will create the user for
you with a set uid and gid.
In PureApp you can deploy scripts but these are only initiated
after the components have been primarily installed which automatically sets the uid and gid.
To set your own uid and gid you need to modify the user and groups id’s
after the component is installed with the following commands in a script;
if [[ ${user} == "mqm" ]]; then
echo "making directory /var/mqm
owned by mqm"
chown
-R mqm:mqm /var/mqm ;
find /var/mqm -gid
1414 -exec chgrp
mqm {} \;
find /opt/mqm
-gid 1414 -exec
chgrp mqm
{} \;
fi
However, this would not be considered good practise. Instead you should use an add
on which is implemented on initiation of the operating system node. There
is an included add on called “default add user”
As you can see from the picture this
allows you to define a user and a password. The problem is that the uid and the
gid are set randomly by the operating system and for the user mqm the home
directory would be /home/mqm but should be /var/mqm for the installation of MQ.
Instead I decided to make a custom add on
by going to “catalog -> Add-ons” in pure and finding the current “Default
add on” and downloading it from the parameter “add on package file”. This unpackaged
zip has three files; an executable file which holds the commands to create the user,
the cbscript json file which holds the properties that can be seen on the PureApp interface and a file called extended attributes which just has some extended attributes, you do not need to touch this file.
I altered the file names in the cbscript.json
so that the PureApp system sees the new add on as a different add on and doesn’t try to
rewrite the old, the important part here is to change "name": and/or "version":. See the image below for an example.
I then added parameters for the user to
input; mqm_uid, mqm_gid, mqm_userhome, mqm_group and altered username to
mqm_username. These parameter names must not collide with environmental
pre-existing parameters, for example the parameter “uid” would cause a failure
because the parameter “uid” is already on the operating system environment.
Then I edited the adduser executable file (and renamed it addmqmuser) so that it created a user based on the parameters given.
After saving the changes that had been
made, I compressed the three files into a singular zip and called it addmqmuser.zip
which can then be imported directly into the pure app system. Go to “catalog
-> Add-ons” and select “create new” which asks for a zip file. Select import
and voila the add on is ready to be used. You should be able to see it and use
it on your pattern.
You can see if this has deployed on “pattern -> virtual system instances” finding the correct deploy and using the “+” next to the node name in the virtual machine perspective. It will be included in the “script packages” section and can be verified with a green tick.
You can see if this has deployed on “pattern -> virtual system instances” finding the correct deploy and using the “+” next to the node name in the virtual machine perspective. It will be included in the “script packages” section and can be verified with a green tick.
CAUTION: These custom add ons should
be made with care and are difficult to troubleshoot when they fail. You will
want to test them on a “safe” environment (non-impact) before using them
anywhere live.
By following these simple instructions you can now create an add on of your own which can set users and groups on the pattern interface with the parameters you need.
No comments:
Post a Comment