1/17/11
8/25/10
Preformance data via submit check result NSCA
Trick to having pref data send via nsca is to include a | delimiter right after $SERVICEOUTPUT$.
define command{
command_name submit_check_result
command_line /opt/nagios/plugins/eventhandlers/distributed-monitoring/submit_check_result_via_nsca $HOSTNAME$ '$SERVICEDESC$' $SERVICESTATE$ '$SERVICEOUTPUT$|$SERVICEPERFDATA$'
}
This is of course assuming you already have preformance data.
define command{
command_name submit_check_result
command_line /opt/nagios/plugins/eventhandlers/distributed-monitoring/submit_check_result_via_nsca $HOSTNAME$ '$SERVICEDESC$' $SERVICESTATE$ '$SERVICEOUTPUT$|$SERVICEPERFDATA$'
}
This is of course assuming you already have preformance data.
7/30/10
Enable Nagios Serivce Acknowledgement Comments in Emails
If you would like to see acknowledgment comments in the Nagios email alerts that get sent so other admins do not need to login to view the comment.
edit your notification command cfg file and find this line: notify-service-by-email
Right after $SERVICEOUTPUT$\n\n append
"Notes: $SERVICEACKCOMMENT$"
Thats it, reload nagios and your done.
http://nagios.sourceforge.net/docs/2_0/macros.html
edit your notification command cfg file and find this line: notify-service-by-email
Right after $SERVICEOUTPUT$\n\n append
"Notes: $SERVICEACKCOMMENT$"
Thats it, reload nagios and your done.
http://nagios.sourceforge.net/docs/2_0/macros.html
11/23/09
Upgrading CentOS to 5.4 breaks vmware
http://communities.vmware.com/thread/229957
5.4 upgrades glibc to 2.5-42.i686, this causes problems with vmware-hostd and it crashes shortly after being started (I can get it to crash just by logging in and clicking on a vm)
fix ...
Get a copy of 5.3 glibc, you can get it from a install dvd, google, another box. Just make sure if you have a 32bit machine you get the 32 bit, and 64 for 64bit.
mkdir /usr/lib/vmware/lib/libc.so.6
cp libc-2.5.so /usr/lib/vmware/lib/libc.so.6/
chown root:root /usr/lib/vmware/lib/libc.so.6/libc-2.5.so
mv /usr/lib/vmware/lib/libc.so.6/libc-2.5.so /usr/lib/vmware/lib/libc.so.6/libc.so.6
vi /usr/sbin/vmware-hostd
added an "export LD_LIBRARY_PATH=/usr/lib/vmware/lib/libc.so.6:$LD_LIBRARY_PATH" before the last line.
restart /etc/init.d/vmware
5.4 upgrades glibc to 2.5-42.i686, this causes problems with vmware-hostd and it crashes shortly after being started (I can get it to crash just by logging in and clicking on a vm)
fix ...
Get a copy of 5.3 glibc, you can get it from a install dvd, google, another box. Just make sure if you have a 32bit machine you get the 32 bit, and 64 for 64bit.
mkdir /usr/lib/vmware/lib/libc.so.6
cp libc-2.5.so /usr/lib/vmware/lib/libc.so.6/
chown root:root /usr/lib/vmware/lib/libc.so.6/libc-2.5.so
mv /usr/lib/vmware/lib/libc.so.6/libc-2.5.so /usr/lib/vmware/lib/libc.so.6/libc.so.6
vi /usr/sbin/vmware-hostd
added an "export LD_LIBRARY_PATH=/usr/lib/vmware/lib/libc.so.6:$LD_LIBRARY_PATH" before the last line.
restart /etc/init.d/vmware
10/28/09
Forwarding Samba over SSH - Plus! an easy to use script
Here is a simple example for connecting to a samba server:
ssh -L 22330:SAMBA_SERVER:139 USER_NAME@SSH_SERVER
smbmount //SAMBA_SERVER/SHARE_NAME /PATH/TO/SHARE_MOUNT --verbose -o ip=127.0.0.1,port=22330,credentials=/PATH/TO/CREDS/FILE
Now my problem was I need to make an easy to use way for dev's to access samba without installing a VPN. They also needed to make two hops from an access server to another ssh server then finally the samba server.
Here is the two hop method on one line:
ssh -t -t -L 22330:localhost:22330 USER_NAME@SSH_SERVER "ssh -t -t -L 22330:SAMBA_SERVER:139 INTERNAL_SSH_SERVER_IP"
-t Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.
Now for the script, Its written in two parts, one script for creating the tunnel, the other for mounting the smb share.
createsshtunnel.sh
----------------------------------------------------------
#!/bin/bash
#This script will forward a randomly generated port for tunneling samba connections
username=user_name
PORT=$[ ( $RANDOM % ( $[ 22999 - 22000 ] + 1 ) ) + 22000 ]
echo " "
echo Port Number is: $PORT
echo " "
echo " "
echo "Creating Samba Tunnel"
ssh -t -t -L $PORT:localhost:$PORT $username@ssh_server "ssh -t -t -L $PORT:SAMBA_SERVER:139 INTERNAL_SSH_SERVER"
-------------------------------------------------------------------------
mountsamba.sh
------------------------------------------------------------------------
#!/bin/bash
#This will mount samba shares in combination with the sambassh.sh script
#Enter in the port number returned from sambassh.sh
#Location of a credentials file (chmod 600 file)
#Format:
#username=
#password=
credentials=/PATH/TO/creds
echo " "
echo "Enter Port Number:"
read portnumber
echo "$portnumber is "
echo "Which Share?"
read sharename
if [ -d "~/$sharename" ]
then
echo "Mount Point Exists, trying to unmount if its mounted"
sudo umount "~/$sharename"
echo " "
else
echo "Directory "~/$sharename" does not exist, creating for you."
echo " "
mkdir "~/$sharename"
fi
smbmount //SMB_SERVER/$sharename ~/$sharename --verbose -o ip=127.0.0.1,port=$portnumber,credentials=$credentials
----------------------------------------------------------------------
ssh -L 22330:SAMBA_SERVER:139 USER_NAME@SSH_SERVER
smbmount //SAMBA_SERVER/SHARE_NAME /PATH/TO/SHARE_MOUNT --verbose -o ip=127.0.0.1,port=22330,credentials=/PATH/TO/CREDS/FILE
Now my problem was I need to make an easy to use way for dev's to access samba without installing a VPN. They also needed to make two hops from an access server to another ssh server then finally the samba server.
Here is the two hop method on one line:
ssh -t -t -L 22330:localhost:22330 USER_NAME@SSH_SERVER "ssh -t -t -L 22330:SAMBA_SERVER:139 INTERNAL_SSH_SERVER_IP"
-t Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.
Now for the script, Its written in two parts, one script for creating the tunnel, the other for mounting the smb share.
createsshtunnel.sh
----------------------------------------------------------
#!/bin/bash
#This script will forward a randomly generated port for tunneling samba connections
username=user_name
PORT=$[ ( $RANDOM % ( $[ 22999 - 22000 ] + 1 ) ) + 22000 ]
echo " "
echo Port Number is: $PORT
echo " "
echo " "
echo "Creating Samba Tunnel"
ssh -t -t -L $PORT:localhost:$PORT $username@ssh_server "ssh -t -t -L $PORT:SAMBA_SERVER:139 INTERNAL_SSH_SERVER"
-------------------------------------------------------------------------
mountsamba.sh
------------------------------------------------------------------------
#!/bin/bash
#This will mount samba shares in combination with the sambassh.sh script
#Enter in the port number returned from sambassh.sh
#Location of a credentials file (chmod 600 file)
#Format:
#username=
#password=
credentials=/PATH/TO/creds
echo " "
echo "Enter Port Number:"
read portnumber
echo "$portnumber is "
echo "Which Share?"
read sharename
if [ -d "~/$sharename" ]
then
echo "Mount Point Exists, trying to unmount if its mounted"
sudo umount "~/$sharename"
echo " "
else
echo "Directory "~/$sharename" does not exist, creating for you."
echo " "
mkdir "~/$sharename"
fi
smbmount //SMB_SERVER/$sharename ~/$sharename --verbose -o ip=127.0.0.1,port=$portnumber,credentials=$credentials
----------------------------------------------------------------------
10/12/09
HOWTO Install LVS on Centos 5.3
#HOWTO Install LVS on Centos 5.3
#10/12/09
#Install Packages
sudo yum install -y Cluster_Administration-en-US.noarch piranha.i386 / piranha.x86_64
#Set to start on boot
sudo chkconfig pulse on
sudo chkconfig piranha-gui on (primary node only)
#Start Piranah WebUI and set passwd
sudo /usr/sbin/piranha-passwd
sudo /sbin/service piranha-gui start #(listens on port 3636)
#Set Access restrictions to web interface (localhost only)
sudo vi /etc/sysconfig/ha/web/secure/.htaccess
----
Order deny,allow
Deny from all
Allow from 127.0.0.1
----
#Turn on Packet Forwarding
sudo vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -w net.ipv4.ip_forward=1 #(manually set)
#Apply Firewall Changes
iptables -A RH-Firewall-1-INPUT -p udp -m udp --dport 539 -j ACCEPT #port for pulse
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 3636 -j ACCEPT #port for piranah webUI
iptables -A RH-Firewall-1-INPUT -m pkttype --pkt-type multicast -j ACCEPT #allow multicast packets for arp failover
#Layout
#Interfaces
Master Backup
----------------------------------
Public: 172.16.1.133 Public: 172.16.1.134
Private: 10.0.1.2 Private: 10.0.1.3
Public floating VIP 172.16.1.136, 172.16.1.137, 172.16.1.138 etc...
Private VIP 10.0.1.254 (gateway for real servers)
#/etc/sysconfig/ha/lvs.cf
serial_no = 91
primary = 172.16.1.133
primary_private = 10.0.1.2
service = lvs
backup_active = 1
backup = 172.16.1.134
backup_private = 10.0.1.3
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 10.0.1.254 eth1:1
nat_nmask = 255.255.255.255
debug_level = 1
monitor_links = 1
syncdaemon = 0
virtual webservers {
active = 1
address = 172.16.1.136 eth0:1
vip_nmask = 255.255.255.0
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server A {
address = 10.0.1.5
active = 1
weight = 1
}
}
#10/12/09
#Install Packages
sudo yum install -y Cluster_Administration-en-US.noarch piranha.i386 / piranha.x86_64
#Set to start on boot
sudo chkconfig pulse on
sudo chkconfig piranha-gui on (primary node only)
#Start Piranah WebUI and set passwd
sudo /usr/sbin/piranha-passwd
sudo /sbin/service piranha-gui start #(listens on port 3636)
#Set Access restrictions to web interface (localhost only)
sudo vi /etc/sysconfig/ha/web/secure/.htaccess
----
Order deny,allow
Deny from all
Allow from 127.0.0.1
----
#Turn on Packet Forwarding
sudo vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -w net.ipv4.ip_forward=1 #(manually set)
#Apply Firewall Changes
iptables -A RH-Firewall-1-INPUT -p udp -m udp --dport 539 -j ACCEPT #port for pulse
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 3636 -j ACCEPT #port for piranah webUI
iptables -A RH-Firewall-1-INPUT -m pkttype --pkt-type multicast -j ACCEPT #allow multicast packets for arp failover
#Layout
#Interfaces
Master Backup
----------------------------------
Public: 172.16.1.133 Public: 172.16.1.134
Private: 10.0.1.2 Private: 10.0.1.3
Public floating VIP 172.16.1.136, 172.16.1.137, 172.16.1.138 etc...
Private VIP 10.0.1.254 (gateway for real servers)
#/etc/sysconfig/ha/lvs.cf
serial_no = 91
primary = 172.16.1.133
primary_private = 10.0.1.2
service = lvs
backup_active = 1
backup = 172.16.1.134
backup_private = 10.0.1.3
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 10.0.1.254 eth1:1
nat_nmask = 255.255.255.255
debug_level = 1
monitor_links = 1
syncdaemon = 0
virtual webservers {
active = 1
address = 172.16.1.136 eth0:1
vip_nmask = 255.255.255.0
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server A {
address = 10.0.1.5
active = 1
weight = 1
}
}
9/28/09
MySQL Master/Master Config
This is a HOWTO for setting up a Master/Master MySQL configuration. This can provide a level of fault tolerance with a hot standby, load balancing, or even high availability fault tolerance can be achived with the addition of keepalive or something similar.
#Master 1/Slave 2 ip: 192.168.1.2 (ServerA)
#Master 2/Slave 1 ip : 192.168.1.3 (ServerB)
#Step 1
#On Master 1 (ServerA), make changes in my.cnf:
-----------------
[mysqld]
datadir=/d2/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
bind-address = 192.168.1.2 #enable tcp access
server-id=1 #server id
log-bin=/d2/mysql/db1-bin-log #Where to store the bin logs for replication TO ServerB
log-bin-index=/d2/mysql/db1-bin-log.index
binlog-do-db=redmine1 #DB to replicate
binlog-ignore-db=mysql #DB's not to replicate
binlog-ignore-db=test
master-host = 192.168.1.3 #Set Master info for ServerA
master-user = replication
master-password = *****************
master-port = 3306
relay-log=/d2/mysql/db1-relay-log #where to store the relay logs for replication FROM ServerB
relay-log-index=/d2/mysql/db1-relay-log.index
#[mysqld_safe]
#log-error=/var/log/mysqld.log
#pid-file=/var/run/mysqld/mysqld.pid
------------------
#Step 2 (granting access to replcation users on both boxes)
#On master 1 (ServerA), create a replication slave account on master1 for master2:
mysql -u root -p
mysql> grant replication slave on *.* to 'replication'@'192.168.1.3' identified by '**************';
#Create a replication slave account on master2(ServerB) for master1:
mysql -u root -p
mysql> grant replication slave on *.* to 'replication'@192.168.1.2 identified by '****************';
#Step 3
#Now edit my.cnf on Slave1 or Master2 (ServerB):
--------------------
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
bind-address = 192.168.1.3
server-id=2
log-bin=/var/lib/mysql/db2-bin-log
log-bin-index=/var/lib/mysql/db2-bin-log.index
binlog-do-db=redmine1
binlog-ignore-db=mysql
binlog-ignore-db=test
master-host = 192.168.1.2
master-user = replication
master-password = *****************
master-port = 3306
relay-log=/var/lib/mysql/db2-relay-log
relay-log-index=/var/lib/mysql/db2-relay-log.index
#[mysqld_safe]
#log-error=/var/log/mysqld.log
#pid-file=/var/run/mysqld/mysqld.pid
--------------------
#Step 4
#Restart mysqld on both servers.
sudo /etc/init.d/mysqld restart
#Step 5
#Start slave 1 and slave 2 (both servers)
mysql -u root -p
mysql> start slave;
mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event #Make sure this isn't blank
Master_Host: 192.168.1.2
Master_User: replication
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: db1-bin-log.000014
Read_Master_Log_Pos: 404
Relay_Log_File: db2-relay-log.000029
Relay_Log_Pos: 543
Relay_Master_Log_File: db1-bin-log.000014
Slave_IO_Running: Yes #Make sure this is yes
Slave_SQL_Running: Yes #Make sure this is yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 404
Relay_Log_Space: 543
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
1 row in set (0.00 sec)
ERROR:
No query specified
#Step 6
#Check on master status (both boxes):
mysql> show master status;
+--------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+--------------+------------------+
| db2-bin-log.000001 | 1214 | redmine1 | mysql,test |
+--------------------+----------+--------------+------------------+
1 row in set (0.00 sec)
#Master 1/Slave 2 ip: 192.168.1.2 (ServerA)
#Master 2/Slave 1 ip : 192.168.1.3 (ServerB)
#Step 1
#On Master 1 (ServerA), make changes in my.cnf:
-----------------
[mysqld]
datadir=/d2/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
bind-address = 192.168.1.2 #enable tcp access
server-id=1 #server id
log-bin=/d2/mysql/db1-bin-log #Where to store the bin logs for replication TO ServerB
log-bin-index=/d2/mysql/db1-bin-log.index
binlog-do-db=redmine1 #DB to replicate
binlog-ignore-db=mysql #DB's not to replicate
binlog-ignore-db=test
master-host = 192.168.1.3 #Set Master info for ServerA
master-user = replication
master-password = *****************
master-port = 3306
relay-log=/d2/mysql/db1-relay-log #where to store the relay logs for replication FROM ServerB
relay-log-index=/d2/mysql/db1-relay-log.index
#[mysqld_safe]
#log-error=/var/log/mysqld.log
#pid-file=/var/run/mysqld/mysqld.pid
------------------
#Step 2 (granting access to replcation users on both boxes)
#On master 1 (ServerA), create a replication slave account on master1 for master2:
mysql -u root -p
mysql> grant replication slave on *.* to 'replication'@'192.168.1.3' identified by '**************';
#Create a replication slave account on master2(ServerB) for master1:
mysql -u root -p
mysql> grant replication slave on *.* to 'replication'@192.168.1.2 identified by '****************';
#Step 3
#Now edit my.cnf on Slave1 or Master2 (ServerB):
--------------------
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
bind-address = 192.168.1.3
server-id=2
log-bin=/var/lib/mysql/db2-bin-log
log-bin-index=/var/lib/mysql/db2-bin-log.index
binlog-do-db=redmine1
binlog-ignore-db=mysql
binlog-ignore-db=test
master-host = 192.168.1.2
master-user = replication
master-password = *****************
master-port = 3306
relay-log=/var/lib/mysql/db2-relay-log
relay-log-index=/var/lib/mysql/db2-relay-log.index
#[mysqld_safe]
#log-error=/var/log/mysqld.log
#pid-file=/var/run/mysqld/mysqld.pid
--------------------
#Step 4
#Restart mysqld on both servers.
sudo /etc/init.d/mysqld restart
#Step 5
#Start slave 1 and slave 2 (both servers)
mysql -u root -p
mysql> start slave;
mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event #Make sure this isn't blank
Master_Host: 192.168.1.2
Master_User: replication
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: db1-bin-log.000014
Read_Master_Log_Pos: 404
Relay_Log_File: db2-relay-log.000029
Relay_Log_Pos: 543
Relay_Master_Log_File: db1-bin-log.000014
Slave_IO_Running: Yes #Make sure this is yes
Slave_SQL_Running: Yes #Make sure this is yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 404
Relay_Log_Space: 543
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
1 row in set (0.00 sec)
ERROR:
No query specified
#Step 6
#Check on master status (both boxes):
mysql> show master status;
+--------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+--------------+------------------+
| db2-bin-log.000001 | 1214 | redmine1 | mysql,test |
+--------------------+----------+--------------+------------------+
1 row in set (0.00 sec)
Subscribe to:
Posts (Atom)