IT – Page 6 – R71 || Blog over fietsen en IT

By:Roderick Derks
05/20/2011
0

Centreon: install centreon-engine on Centos 5.6 http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 05/20/2011 05/20/2011

Centreon: install centreon-engine on Centos 5.6

CMAKE
———-

yum install gcc-c++ libX11-devel libXext-devel libXtst-devel libXinerama-devel wget http://www.cmake.org/files/v2.8/cmake-2.8.4.tar.gz tar xfvz cmake-2.8.4.tar.gz ./configure gmake gmake install

Centreon Engine —————

yum install gcc-c++ qt4-devel cmake make

useradd -m centreon groupadd centreon usermod -a -G centreon centreon

cd /tmp wget http://www.centreon.com/downloads/centreon-engine.tar.gz tar xzf centreon-engine.tar.gz cd centreon-engine cd build

cmake -DWITH_USER=centreon -DWITH_PREFIX=/usr/local/centengine -DWITH_TEMP_DIR=/usr/local/centengine/tmp -DWITH_GROUP=centreon -DWITH_CHECK_RESULT_DIR=/usr/local/centengine/var gmake gmake install

– Installeer nu de plugins

-service installeren

	chkconfig --add centengine  	chkconfig centengine 345 on

	service centengine start

By:Roderick Derks
05/04/2011
0

Centos install on USB device using kickstart http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 05/04/2011 05/04/2011

Centos install on USB device using kickstart

# Kickstart file generated by Roderick Derks.
# Centos 5.6

#version=DEVEL
install
url –url http://freenas02.r71.nl:8080/Centos_5.6/cd1/
lang en_US.UTF-8
keyboard us
timezone –utc Europe/Amsterdam
rootpw –iscrypted $6$AFQ9hKwPBKDUZwXd$E9nM0G2GBa4h2wDoG3D4mbK/fhpg.ER0RovPd4c5zKLHXjv7APZ7/rDAcDSvpFa2CBqq9rEdyZHYw/eY13EON.
selinux –disabled
authconfig –enableshadow –passalgo=sha512 –enablefingerprint
firewall –enabled –ssh –http

#ask for network config during installation
#network –device=eth0 –bootproto=query

reboot

bootloader –location=mbr –driveorder=sda –append="acpi=off"
clearpart –linux –drives=sda
part /boot –fstype ext3 –size=100 –ondisk=sda
part pv.6 –size=0 –grow –ondisk=sda
volgroup VolGroup00 –pesize=32768 pv.6
logvol swap –fstype swap –name=LogVol01 –vgname=VolGroup00 –size=500 –grow –maxsize=2016
logvol / –fstype ext3 –name=LogVol00 –vgname=VolGroup00 –size=1500 –grow

#%packages
#@core
%packages –nobase
kernel-PAE
bzip2
crontabs
dhclient
logrotate
openssh
openssh-clients
openssh-server
pam_passwdqc
sudo
tcpdump
telnet
wget
which
yum
– -audit-libs-python
– -checkpolicy
– -dhcpv6-client
– -ecryptfs-utils
– -ed
– -file
– -gnu-efi
– -gpm
– -hdparm
– -kbd
– -libhugetlbfs
– -libselinux-python
– -libsemanage
– -nspr
– -nss
– -policycoreutils
– -prelink
– -selinux-policy
– -selinux-policy-targeted
– -setools
– -setserial
– -sysfsutils
– -tcl
– -udftools
– -vim-enhanced

#PRE
#%pre
#sleep 1

# POST
%post –log=/root/kickstart-post-log

rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
yum -y remove kernel iptables slang usermode wireless-tools
yum -y remove cryptsetup-luks dbus dmidecode hwdata libgpg-error libusb
yum -y remove libvolume_id libxml2-python pciutils
#yum -y remove cyrus-sasl-lib logrotate

cat >> /root/rict_install01.sh <<_POST01

# rpm-forge
cd /tmp
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -i /tmp/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

# update Centos
yum -y check-update
yum -y update

# install apache
yum -y install httpd
service httpd start

_POST01

# backup originele rc.local maken
cp /etc/rc.d/rc.local /etc/rc.d/rc.local.backup
# test:
cp /etc/rc.d/rc.local /etc/rc.d/rc.local.backup2

# executable rechten geven aan het script
chmod +x /root/rict_install01.sh

#info toevoegen aan rc.local
cat >> /etc/rc.d/rc.local <<_POST03
    # eenmalig uitvoeren scripts
    echo —- UITVOEREN SCRIPT /root/rict_install01.sh
    /root/rict_install01.sh
    # Terugplaatsen rc.local.backup naar rc.local (restoren van origineel)
    # waardoor eenmalige uitvoer script is gegarandeerd
    cp /etc/rc.d/rc.local /root/rc.local
    mv -f /etc/rc.d/rc.local.backup /etc/rc.d/rc.local

_POST03

By:Roderick Derks
04/23/2011
0

Centos Fedora: PXE boot server setup http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 04/23/2011 04/23/2011

Centos Fedora: PXE boot server setup

* yum install tftp-server

* vi /etc/xinetd.d/tftp and change disable to 'no' and check root path for tftp server

disable = no server_args = -s /tftpboot

* restart xinetd

service xinetd restart

* Install syslinux

yum install syslinux

* Copy needed files from syslinux to the tftpboot directory

cp /usr/share/syslinux/pxelinux.0 /tftpboot cp /usr/share/syslinux/menu.c32 /tftpboot cp /usr/share/syslinux/memdisk /tftpboot cp /usr/share/syslinux/mboot.c32 /tftpboot cp /usr/share/syslinux/chain.c32 /tftpboot

* Create the directory for your PXE menus

mkdir /tftpboot/pxelinux.cfg

* Create a base directory for images. Create directories for each CentOS release you are supporting.

mkdir -p /tftpboot/images/centos/x86_64/5.0 mkdir -p /tftpboot/images/centos/x86_64/5.1 mkdir -p /tftpboot/images/vsphere/esxi5

* For each "Release" and "ARCH" Copy vmlinuz and initrd.img from /images/pxeboot/ directory on "disc 1" of that $Release/$ARCH to /tftpboot/images/centos/$ARCH/$RELEASE

* Add this to your existing or new /etc/dhcpd.conf.

Note: xxx.xxx.xxx.xxx is the IP address of your PXE server

allow booting; allow bootp; option option-128 code 128 = string; option option-129 code 129 = text; next-server xxx.xxx.xxx.xxx; filename "/pxelinux.0";

* Restart DHCP server

service dhcpd restart

* vi /tftpboot/pxelinux.cfg/default

default menu.c32 #default CentOS 5.6 x86 prompt 0 timeout 100 ONTIMEOUT local MENU TITLE RICT Consultancy PXE Menu LABEL CentOS 5.6 x86 MENU LABEL CentOS 5.6 x86 KickStart KERNEL images/centos/i386/5.6/vmlinuz APPEND initrd=images/centos/i386/5.6/initrd.img ramdisk_size=300000 ks=http://10.0.2.14:8080/Centos_5.6/cd1/ks.cfg ksdevice=eth0 LABEL CentOS 5.6 x86 Manual eth0 MENU LABEL CentOS 5.6 x86 Manual eth0 KERNEL images/centos/i386/5.6/vmlinuz APPEND initrd=images/centos/i386/5.6/initrd.img ramdisk_size=300000 napic acpi=off ksdevice=eth0 LABEL ESXi 4.1 KickStart menu label ESXi 4.1 KickStart kernel mboot.c32 append images/vmware/esxi/4.1/vmkboot.gz ks=http://10.0.2.14:8080/vSphere/ESXi_4.1/ks.cfg --- images/vmware/esxi/4.1/vmkernel.gz --- images/vmware/esxi/4.1/sys.vgz --- images/vmware/esxi/4.1/cim.vgz --- images/vmware/esxi/4.1/ienviron.vgz --- images/vmware/esxi/4.1/install.vgz label ESXi 4.0u1 KickStart menu label ESXi 4.0u1 KickStart kernel mboot.c32 append images/vmware/esxi/4.0u1/vmkboot.gz ks=http://10.0.2.14:8080/vSphere/ESXi_4.0u1/ks.cfg --- images/vmware/esxi/4.0u1/vmkernel.gz --- images/vmware/esxi/4.0u1/sys.vgz --- images/vmware/esxi/4.0u1/cim.vgz --- images/vmware/esxi/4.0u1/ienviron.tgz --- images/vmware/esxi/4.0u1/install.tgz

* Copy files from the first linux CD and the ESX 4.1 ISO to a webserver

* For ESXi copy the following files to your TFTP directory, in this case for 4.1 /tftproot/images/vmware/esxi/4.1 :
cim.vgz ienviron.vgz install.vgz sys.vgz vmkboot.gz vmkernel.gz

By:Roderick Derks
04/06/2011
0

VMware ESX and Hyper-Threading http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 04/06/2011 04/06/2011

VMware ESX and Hyper-Threading

This article is based on my own performance measurements using the passmark tool.

Hyper-Threading gives you a 15% to 20% performance gain on "common" VM's. Some CPU intensive applications which are not multi-threaded build can suffer badly from Hyper-Threading functionality. I think this is because a physical CPU core is split and delivers 50% of the perfomance of the physical core on a vCPU (1 CPU with 4 cores and Hyper-Threading enabled gives you 8 vCPU's).

Because the application is not multi-threaded it will not make full use of multi-threading. Disabling Hyper-Threading on the VM gives a slight improvement. Disabling Hyper-Threading in the BIOS of the ESX host makes the performance go up to around 170%.

By:Roderick Derks
03/11/2011
0

Zimbra: Certificate Expiration and Renewal http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 03/11/2011 03/11/2011

Zimbra: Certificate Expiration and Renewal

This article is mainly to prepare myself for possible upcoming certification renewals.

Zimbra ZCS 7.0.x requires a valid self-signed or commercial SSL certificate for communication between some components. The self-signed certificates that are automatically created by the ZCS install have a default expiration of 365 days.
If you have an ZCS installation that is over one year old and are using self-signed certificates, your certificates will need to be updated either prior to the upgrade or immediately following the upgrade.
After you upgrade, the following commands run as the zimbra user will regenerate the self-signed SSL certificates:

# sudo zmcertmgr createca -new # sudo zmcertmgr deployca # sudo zmcertmgr deploycrt self

If you get an error like:

# zmcertmgr createca -new [sudo] password for zimbra:

Then make sure you type the commands using the full path (because that is the way sudo probably is configured):

# sudo /opt/zimbra/bin/zmcertmgr createca -new # sudo /opt/zimbra/bin/zmcertmgr deployca # sudo /opt/zimbra/bin/zmcertmgr deploycrt self

By:Roderick Derks
03/04/2011
0

Install Centreon Syslog server http://www.r71.nl/wp-content/uploads/2008/08/360_viewpoint_491x250_add02.png 491 250 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 03/04/2011 03/04/2011

Install Centreon Syslog server

Starting point: Centreon 2.1.12 Centos 5.5

1. U will need ssh2 library to work in php and apache

# yum install php-pecl-ssh2.x86_64 # service httpd restart

Centos 6.2 get the package from http://pkgs.org/centos-6-rhel-6/remi-x86_64/php-pecl-ssh2-0.11.2-1.el6.remi.x86_64.rpm.html:

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

or

wget http://www.libssh2.org/download/libssh2-1.4.2.tar.gz tar xvzf libssh2-1.4.2.tar.gz cd libssh2-1.4.2 ./configure make make install

Check if ssh2 library is correctly installed:

# php -i |grep ssh /etc/php.d/ssh2.ini, Registered PHP Streams => php, file, http, ftp, compress.bzip2, compress.zlib, https, ftps, ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp ssh2 libssh2 version => 1.2.6 banner => SSH-2.0-libssh2_1.2.6

2. Download and install the centreon-syslog-server
Log into http://forge.centreon.com and download the latest release.
# tar -zxvf centreon-syslog-server-1.3.3.tar.gz # cd centreon-syslog-server-1.3.3.tar.gz # ./install.sh -i NOTE:
go thru the interactive setup, u will need the mysql root pass.
Make note of the new syslog user created

3. Download and install centreon-syslog-frontend
Log into http://forge.centreon.com and download the latest release.
# cd centreon-syslog-frontend-1.2.1.tar.gz # ./install.sh -i
NOTE:
the folder of “instCentWeb.conf” should be /etc/centreon

4. Go on Centreon web interface
Go on menu ‘Administration > Modules > Setup’.
Syslog module must be present on modules list but not installed.
Click on right icon to start installation

5. Go on menu ‘Administration > Modules > Syslog configuration’.
Fill the fields

6. Go on menu ‘Monitoring > Syslog > Monitoring’

7. Install rsyslog

# yum install rsyslog.x86_64 rsyslog-mysql # vi /etc/rsyslog.conf

Insert at the beginig of the file these parameter to enable UDP and TCP input

$ModLoad MySQL $AllowedSender UDP, 127.0.0.1, 192.168.1.0/24 $AllowedSender TCP, 127.0.0.1, 192.168.1.0/24

Change network 192.168.1.0/24 to your network.
And then paste these lines (there are two lines) at the end of the file:

# Configuration changes for Windows/Snare/Centreon-E2S logs $EscapeControlCharactersOnReceive off

$template sysMysql,"INSERT INTO logs (host,facility, priority,level,tag,datetime,program,msg) VALUES ('%HOSTNAME%','%syslogfacility%','%syslogpriority%','%syslogseverity%','%syslogtag%','%timereported:::date-mysql%','%programname%', '%msg:::space-cc%')", SQL

*.* >IP_SERVEUR_DB,DB_NAME,BD_USER,DB_PASSWORD;sysMysql

*.=notice;mail.*;\ *.=crit;*.=err;\ *.=warning >IP_SERVEUR_DB,DB_NAME,BD_USER,DB_PASSWORD;sysMysql

Change IP_SERVEUR_DB, DB_NAME, BD_USER et DB_PASSWORD to your information.

Edit the file "rsyslog" to receive syslog events, also listen on UDP TCP on port 514 :
# vi /etc/sysconfig/rsyslog

Replace the line:
SYSLOGD_OPTIONS="-m 0"

By this line:
SYSLOGD_OPTIONS="-r514 -t514 -m 0"

Restart the syslog daemon :
# /etc/init.d/rsyslog start

Make sure the centreon server rsyslog is listening in port UDP 514

7. Windows logs to Syslog server:

Install DotNET framework 2 or higher
Install Centreon E2S and edit the xml file (add ip address syslog server)

On windows machine install the Centreon E2S, wich will forward
the events you filter to the syslog centreon server.
download from here:

http://forge.centreon.com/attachments/download/545/Centreon_E2S.1.1.zip

Change in the config.ini file the IP address of the server

9. Linux Fedora/RedHat/Centos logs to Syslog server

# vi /etc/rsyslog.conf

and add:

# RRD to syslog server *.emerg;cron;*.info;authpriv.* @192.168.1.0:514

then restart rsyslog

# /etc/init.d/rsyslog restart

10. ESXi

Go to the VI clinet and open the ESXi server config pages. Go to "Advanced Settings" and find the Syslog entry. Add the ip address of the syslog server. But wait.. ESXi messages messed up my Centreon Syslog server, so I created a thread on the centreon forum to ask for advice.

By:Roderick Derks
02/28/2011
0

Find available WMI classes on Windows server http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 02/28/2011 02/28/2011

Find available WMI classes on Windows server

To do that, on the server :

run "wbemtest"
click on "connection" and type "root\cimv2"
click on "enumerate classes" and type "Win32_PerfRawData". Press "ok"

You should see a list of all Win32_PerfRawData WMI classes on the server.

If you wan to find MSSQL WMI information make sure that you see a bunch of "Win32_PerfRawData_MSSQL{Instance}_MSSQL{Instance}" lines. If you don't, you have a problem with the MSSQL Installation.

Double click on Win32_PerfRawData_MSSQL{Instance}_MSSQL{Instance}GeneralStatistics
Select the Propertie "_CLASS _CIM_STRING Win32_PerfRawData…." and click on "Instances".
On the new window, you should at least 1 line. If you don't, it means that WMI cannot find any data for your MSSQL Instance. Normaly, wmiadap /f fixes it…
If you see an instance line, double click on it and it will load the performance counters

By:Roderick Derks
02/24/2011
0

Nagios: check vCenter MSSQL databases http://www.r71.nl/wp-content/uploads/2008/08/360_viewpoint_491x250_add02.png 491 250 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 02/24/2011 02/24/2011

Nagios: check vCenter MSSQL databases

There are more ways to check a MSSQL database from a Linux machine. This is my method for a Centos 5.5 server with Nagios 3.2.3.

# wget http://labs.consol.de/wp-content/uploads/2011/01/check_mssql_health-1.5.8.2.tar.gz or a newer version # wget http://labs.consol.de/download/shinken-nagios-plugins/check_mssql_health-1.5.9.3.tar.gz # tar xvzf check_mssql_health-1.5.8.2.tar.gz # cd check_mssql_health-1.5.8.2 # ./configure # make # make install # yum install perl-DBD-Sybase.x86_64

# vi /etc/freetds.conf [vcenter] host = vcenter.r71.nl port = 49209 tds version = 8.0

The vCenter MSSQL installation listens to port 49209, not the standard 1433 port.

Now add a Windows user without any special rights, I named it "Nagios".

# ./check_mssql_health --server rainier --username=vcenter\\nagios --password=******** --mode=connection-time OK - 0.03 seconds to connect as VCENTER\nagios | connection_time=0.03;1;5

By:Roderick Derks
02/23/2011
0

MySQL: allow remote conections http://www.r71.nl/wp-content/uploads/2008/08/360_viewpoint_491x250_add02.png 491 250 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 02/23/2011 02/23/2011

MySQL: allow remote conections

Very simple guide to allow remote connectios to your MySQL database. I use this for monitoring MySQL databases from 360°Viewpoint (a great preconfigured Nagios and Centreon Virtual App).

# vi /etc/my.cnf

bind-address = ip_address_of_local_server # skip-networking

Allow access to all databases for one user:

mysql> GRANT ALL PRIVILEGES ON *.* TO user@ip_address_remote_server IDENTIFIED BY "password";

Allow access to one databases for one user:

mysql> update db set Host='ip_address_remote_server' where Db='database_name'; mysql> update user set Host='ip_address_remote_server' where user='username';

Continue configuration of the Nagios check_mysql_health plugin:

download the plugin and compile it
run the plugin using the following the commandline:
./check_mysql_health –hostname server_name –username user –password password –mode connection-time
OK – 0.03 seconds to connect as user | connection_time=0.0333s;1;5

Zimbra (uses port 7306 for MySQL, not the standard port 3306):

as root:vi /opt/zimbra/conf/my.cnf #bind-address = localhost

/opt/zimbra/mysql/bin/mysql -u root -p -S /opt/zimbra/db/mysql.sock mysql> GRANT ALL PRIVILEGES ON *.* TO user@ip_address_remote_serverIDENTIFIED BY "password"; mysql> GRANT ALL ON *.* TO 'zimbra'@'ip_address_of_zimbraserver' WITH GRANT OPTION;

To get the password for user root execute the following commands:
su - zimbra zmlocalconfig -s | grep mysql | grep password

su - zimbra zmcontrol restart

By:Roderick Derks
02/14/2011
0

Zimbra: upgrade 6.0.10 to 7.0.0 http://www.r71.nl/wp-content/uploads/2011/02/zimbra7.0.0_cpu_monthly_tn.png 291 126 Roderick Derks Roderick Derks http://0.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 02/14/2011 02/14/2011

Zimbra: upgrade 6.0.10 to 7.0.0

Finally something has been done about the performance issues in the Zimbra collaberation suite. Now you don't have to have to disable scripts and adjust parameters to get a normal CPU performance. Take a look at the performance graphs of my zimbra virtual machine. The upgrade took place on the 7th of Februari 2011 (the releasedate) and no additional configuration changes concerning the performance have been made.

Graphs supplied by 360° Viewpoint (Nagios and Centreon).

MySQL table upgrades are not automatically run during the upgrade to 7.0. After the upgrade I executed the script /opt/zimbra/libexec/scripts/migrate20100913-Mysql51. It says so in the release notes, only I forgot to read it. So I did this becasue I received an automated e-mail from Zimbra after a scheduled database integrity check which failed:

Database errors found.
/opt/zimbra/mysql/bin/mysqlcheck –defaults-file=/opt/zimbra/conf/my.cnf -S /opt/zimbra/db/mysql.sock -A -C -s -u root –password=********************
mboxgroup1.appointment
error : Table upgrade required. Please do "REPAIR TABLE `appointment`" or dump/reload to fix it!
mboxgroup1.data_source_item
error : Table upgrade required. Please do "REPAIR TABLE `data_source_item`" or dump/reload to fix it!
mboxgroup1.imap_folder
….. and so on.

After running this script there are still some errors that are not solved yet:

Database errors found.
mysql.general_log
Error : You can't use locks with log tables.
mysql.slow_log
Error : You can't use locks with log tables.

The new features come in many. Three examples:

social networks like twitter and facebook are completely integrated
the agenda offers more features like checking the availability of others when planning an appointment
users can restore items that are deleted from the trashcan themselves

Everything runs smoothly in my FC11 64bit VM. Conclusion: do the upgrade!

Update 22 March 2011:
Memory usage is higher than with 6.x and as a result to prevent swapping I restart my zimbra server every day via the crontab. This saves me the costs of expanding the 2GB memory I committed to the Virtual Server.

Update 11 March 2011:
I upgraded to 7.0.1 and the process went smoothly.