Running Stackstorm on smartos

StackStorm is a powerful automation tool that wires together all of your apps, services and workflows.

Running Stackstorm on Smartos in a branded zone was a bit more work than I expected but in the end its working like a charm :)

Basic installation

Import ubuntu 14.04, I couldn't get the debian 8 to work (had problems with postgresql) :(

# imgadm import 5cdc6dde-d6ad-11e5-8b11-8337e6f86725

And create a nice lx branded zone:

{
  "brand": "lx",
  "image_uuid": "5cdc6dde-d6ad-11e5-8b11-8337e6f86725",
  "kernel_version": "3.13.0",
  "autoboot": true,
  "alias": "lxstackstorm",
  "hostname": "lxstackstorm",
  "dns_domain": "mindtravel.nl",
 "nics": [
  {
    "nic_tag": "admin",
    "ip": "192.168.1.84",
    "netmask": "255.255.255.0",
    "gateway": "192.168.1.1"
  }
 ],
  "resolvers": [
    "192.168.1.5"
  ],
 "max_physical_memory": 4096,
 "quota": 20
}

install dependencies (and grab a coffee):

# apt-get update
# apt-get install -y apt-transport-https mongodb-server rabbitmq-server postgresql

setup the repositories:

# wget -qO - https://bintray.com/user/downloadSubjectPublicKey?username=bintray | sudo apt-key add -
# echo "deb https://dl.bintray.com/stackstorm/trusty_staging stable main" | sudo tee /etc/apt/sources.list.d/st2-staging-stable.list
# apt-get update

time to install the main package (and grab more coffee):

# apt-get install -y st2 st2mistral

config the database:

## Create Mistral DB in PostgreSQL
# cat << EHD | sudo -u postgres psql
CREATE ROLE mistral WITH CREATEDB LOGIN ENCRYPTED PASSWORD 'StackStorm';  
CREATE DATABASE mistral OWNER mistral;  
EHD  
you can ignore the following errors:

shell-init: error retrieving current directory: getcwd: cannot access parent directories: Permission denied  
job-working-directory: error retrieving current directory: getcwd: cannot access parent directories: Permission denied  
job-working-directory: error retrieving current directory: getcwd: cannot access parent directories: Permission denied  
could not identify current directory: Permission denied  
could not identify current directory: Permission denied  
## Setup Mistral DB tables, etc.
# /opt/stackstorm/mistral/bin/mistral-db-manage --config-file /etc/mistral/mistral.conf upgrade head
## Register mistral actions
# /opt/stackstorm/mistral/bin/mistral-db-manage --config-file /etc/mistral/mistral.conf populate

Again ignoring the warnings.

Stackstorm uses a user called stanley to do cmd stuff. So we will need to add it to sudo:

# useradd stanley
# mkdir -p /home/stanley/.ssh
# chmod 0700 /home/stanley/.ssh
# ssh-keygen -f /home/stanley/.ssh/stanley_rsa -P ""
# cat /home/stanley/.ssh/stanley_rsa.pub >> /home/stanley/.ssh/authorized_keys
# chmod 0600 /home/stanley/.ssh/authorized_keys
# chown -R stanley:stanley /home/stanley
# echo "stanley    ALL=(ALL)       NOPASSWD: SETENV: ALL" >> /etc/sudoers.d/st2

Time to start the stackstorm service and afterwards restart and register all the packs

# st2ctl start
# st2ctl reload --register-all

Setup a user

Time to create a user with a password

# apt-get install -y apache2-utils
# echo "Ch@ngeMe" | htpasswd -i /etc/st2/htpasswd test

edit the /etc/st2/st2.conf:

[auth]
# ...
enabled = True  

Frontend installation

By default the nginx frontend is not installed.
So we install nginx and remove the default server and replace it with the default that comes with the stackstorm package

# apt-get install -y st2web nginx
# mkdir -p /etc/ssl/st2
# openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/st2/st2.key -out /etc/ssl/st2/st2.crt \
-days XXX -nodes -subj "/C=US/ST=California/L=Palo Alto/O=StackStorm/OU=Information \
Technology/CN=$(hostname)"

# rm /etc/nginx/sites-enabled/default
# cp /usr/share/doc/st2/conf/nginx/st2.conf /etc/nginx/sites-available/
# ln -s /etc/nginx/sites-available/st2.conf /etc/nginx/sites-enabled/st2.conf
# service nginx restart

Installing and getting the Bot running

The documentation of Stackstorm describes that it runs the hubot in a docker container. Unfortunately the lxbrand doesnt support Docker, but the bot is a nice nodejs project so we will run it native.

Lets make sure that stackstorm can handle hubot:

# st2 run packs.install packs=hubot
# st2ctl reload --register-rules

The nodejs part:

# apt-get install build-essential redis-server
# curl -sL https://deb.nodesource.com/setup_0.12 | sudo bash -
# apt-get install nodejs
# npm install -g hubot coffee-script yo generator-hubot

Time to create the bot itself:

# mkdir -p /opt/hubot
# chown stanley:stanley /opt/hubot
# sudo -H -u stanley bash -c 'cd /opt/hubot && echo "n" | yo hubot --name=stanley --description="Stanley StackStorm bot" --defaults'
# sudo -H -u stanley bash -c 'cd /opt/hubot && npm install hubot-slack hubot-stackstorm --save'
# sudo -H -u stanley sed -i 's/.*\[.*/&\n  "hubot-stackstorm",/' /opt/hubot/external-scripts.json

Create a service to start the bot like this:

cat /etc/init/hubot.conf

# hubot - HUBOT
#

description "It's a Hubot!"

start on filesystem or runlevel [2345]  
stop on runlevel [!2345]  
respawn  
respawn limit 5 60

script  

# Start Hubot
exec /opt/hubot/start.sh  
end script  

and the start file (dont forget to chmod 755)

cat /opt/hubot/start.sh
#!/bin/bash

cd /opt/hubot  
ST2_AUTH_USERNAME=testu ST2_AUTH_PASSWORD=Ch@ngeMe ST2_AUTH_URL=http://localhost:9100 HUBOT_SLACK_TOKEN="xoxb-16090510417-aslacktoken" PORT=8181 bin/hubot --name "stanley" --adapter slack --alias !  

start with a simple service hubot start

In the future I will explain how to create a pack to use with the bot.

date: 24 February 2016