|
*** Introduction –
All you know about the haproxy, that its the one of the good opensource load balancing software and to check the fun stats of haproxy here we using ‘socat’ – Multipurpose relay (SOcket CAT)
* What is socat?
Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Because the streams can be constructed from a large set of different types of data sinks and sources (see address types), and because lots of address options may be applied to the streams, socat can be used for many different purposes. (see more info at ‘man socat’ 
or at http://www.dest-unreach.org/socat/)
* How to use ‘socat’ with haproxy stat
Step 1) Download ‘socat’ from http://www.dest-unreach.org/socat/download/ latest version ~ “socat-2.0.0-b3.tar.gz”
ravi@arun:~$ wget http://www.dest-unreach.org/socat/download/socat-1.7.1.2.tar.gz
ravi@arun:~$ tar xvzf socat-1.7.1.2.tar.gz
ravi@arun:~$ cd socat-1.7.1.2
NOTE ~ No need to install the ‘fipsld’ package if you got the below msg after running the ‘make’ just following steps for
compiling socat….
FIPSLD_CC=gcc fipsld -O -D_GNU_SOURCE -Wall -Wno-parentheses -DHAVE_CONFIG_H -I. -I. -c -o socat.o socat.c
/bin/sh: fipsld: command not found
make: *** [socat.o] Error 127
ravi@arun:~$ ./configure –disable-fips
ravi@arun:~$ make
To install it login as root
ravi@arun:~$ su -
ravi@arun:~# make install
Step 2) Now you need to add stats socket PATH in Haproxy configuration and restart haproxy as per shown in following example,
where I have added it under in ‘global’ setting -
ravi@arun:~# more /etc/haproxy/myhaproxy.cfg
#———–Start of haproxy Config file————–
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 25000
#debug
#quiet
user ravi
group ravi
stats socket /tmp/haproxy
defaults
option contstats
timeout connect 5s
timeout client 25s
timeout server 25s
maxconn 100
listen ravitestbed 0.0.0.0:80 ##ravi.com IP
mode tcp
balance roundrobin
server web1 192.168.19.117
server web2 192.168.19.122
listen stats
bind 0.0.0.0:8081
mode http
#stats uri /stat #Comment this if you need to specify diff stat path for viewing stat page
stats enable
stats auth admin:admin ##Auth user pass
#———–End of haproxy Config file————–
Step 3) Used /tmp/haproxy. Now you can send the commands to get stats from HAProxy -
Now time to use socat
ravi@arun:~# echo “” | socat unix-connect:/tmp/haproxy stdio
Unknown command. Please enter one of the following commands only :
show info : report information about the running process
show stat : report counters for each proxy and server
show errors : report last request and response errors for each proxy
show sess : report the list of current sessions
This will dump (possibly huge) info about all know sessions.
ravi@arun:~$ echo “show sess” | socat unix-connect:/tmp/haproxy stdio
0x9ee3520: proto=tcpv4 src=192.168.19.117:4721 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=1,ex=] s1=[7,8h,fd=2,ex=] exp=20s
0x9eeb8e8: proto=tcpv4 src=192.168.19.117:4723 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009000h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=8,ex=] s1=[7,8h,fd=9,ex=] exp=20s
0x9ef3d08: proto=tcpv4 src=192.168.19.117:4725 fe=ravitestbed be=ravitestbed srv=arun as=0 ts=08 age=4s calls=3
rq[f=009000h,l=0,an=00h,rx=20s,wx=,ax=] rp[f=009202h,l=0,an=00h,rx=20s,wx=,ax=] s0=[7,8h,fd=12,ex=] s1=[7,8h,fd=13,ex=]
exp=20s
0x9f04548: proto=unix_stream as=2 ts=09 age=0s calls=2 rq[f=00e042h,l=10,an=20h,rx=10s,wx=,ax=]
rp[f=048060h,l=716,an=00h,rx=,wx=10s,ax=] s0=[7,0h,fd=3,ex=] s1=[0,0h,fd=-1,ex=] exp=9s
This will give you information about the running HAProxy process such as pid, uptime and etc.
ravi@arun:~$ echo “show info” | socat unix-connect:/tmp/haproxy stdio
Name: HAProxy
Version: 1.3.23
Release_date: 2010/01/28
Nbproc: 1
Process_num: 1
Pid: 11829
Uptime: 0d 0h42m53s
Uptime_sec: 2573
Memmax_MB: 0
Ulimit-n: 50013
Maxsock: 50013
Maxconn: 25000
Maxpipes: 0
CurrConns: 1
PipesUsed: 0
PipesFree: 0
Tasks: 1
Run_queue: 1
node: ravi.world
description:
This will give you stats on all of your backends and frontends, some of the same stuff you see on the stats page enabled by the stats uri configuration. As an added bonus it’s all in CSV.
ravi@arun:~$ echo “show stat” | socat unix-connect:/tmp/haproxy stdio
#
pxname,svname,qcur,qmax,scur,smax,slim,stot,bin,bout,dreq,dresp,ereq,econ,eresp,wretr,wredis,status,weight,act,bck,chkfail,ch
kdown,lastchg,downtime,qlimit,pid,iid,sid,throttle,lbtot,tracked,type,rate,rate_lim,rate_max,
ravitestbed,FRONTEND,,,0,5,100,30,32582,50616,0,0,0,,,,,OPEN,,,,,,,,,1,1,0,,,,0,0,0,5,
ravitestbed,trupti,0,0,0,2,,15,7020,22722,,0,,0,0,0,0,no check,1,1,0,,,,,,1,1,1,,15,,2,0,,2,
ravitestbed,arun,0,0,0,5,,15,25562,27894,,0,,0,0,0,0,no check,1,1,0,,,,,,1,1,2,,15,,2,0,,3,
ravitestbed,BACKEND,0,0,0,5,100,30,32582,50616,0,0,,0,0,0,0,UP,2,2,0,,0,2710,0,,1,1,0,,30,,1,0,,5,
stats,FRONTEND,,,0,1,100,21,9605,152357,0,0,0,,,,,OPEN,,,,,,,,,1,2,0,,,,0,0,0,9,
stats,BACKEND,0,0,0,1,100,5,9605,152357,0,0,,5,0,0,0,UP,0,0,0,,0,2710,0,,1,2,0,,0,,1,0,,4,
show errors will give you a capture of last error on each backend/frontend.
ravi@arun:~$ echo “show errors” | socat unix-connect:/tmp/haproxy stdio
Reffer:
http://www.dest-unreach.org/socat/
http://haproxy.1wt.eu/download/1.3/doc/configuration.txt
Thanks to Joe (http://www.joeandmotorboat.com)
Thank you,
Ravi
Introduction:-
Access control to services compiled with TCP wrappers support is implemented by the /etc/hosts.allow and /etc/hosts.deny files. When a connection attempt is made, the hosts.allow file is checked. If a line is matched, the connection is allowed. Then the hosts.deny file is consulted, if a line is matched, the connection is denied. If no matches have occurred in either file, the connection is allowed.
Create Authorized Use Only Banners-
If configured as described below, TCP wrappers will display a warning banner to any user attempting to connect to a service it monitors. The following set of commands generate the directory /etc/banners, and the files therein contain warning banner text for each service. In this example, the banner text is “Use of this system is restricted to authorized users.” Note that exact wording of a warning banner is site specific; however, it should at least emphasize that the use of the system is restricted to authorized persons and that consent to monitor activities is implied by logging in to the system.
[root@localhost]# /bin/mkdir -p /etc/banners
[root@localhost]# /bin/echo “Use of this system is restricted to authorized users” > /etc/banners/
prototype
[root@localhost]# cd /etc/banners ; /usr/bin/make -f /usr/share/doc/tcp_wrappers-7.6/Banners.Makefile
Deny Everything Except What is Explicitly Allowed-
In order to implement the security best practice stance of deny everything except what is explicitly allowed, issue the following command.
[root@localhost]# echo ‘ALL: ALL: spawn (/bin/echo -e ‘/bin/date’”\n%c attempted connection to %s
and was denied” \
> | /bin/mail -s “Connection attempt to %s” root) &’ > /etc/hosts.deny
Any connection attempt not listed in the hosts.allow file will be denied, a message will be logged to the syslog auth facility, and an email will be sent to root.
Allow Access to Those Who Require It
Edit the hosts.allow file and add a line for each service to which access should be allowed. A few examples are shown below (See the man pages for hosts.allow for more detail).
ALL: LOCAL : banners /etc/banners # All services from local clients (hostnames with no “.”)
sshd: 10.1.1.0/255.255.254.0 : banners /etc/banners # SSH connections from host IP addresses between 10.1.1.0 and 10.1.2.0
Thanks
Manoj Chauhan
Many times haproxy and apache does not reliable to serve the connections without tune or we say we need to set system as well some kernel parameters to work it better.
Here haproxy gives an errors to connect to apache, at that time it logs the errors into ‘dmesg | tail’ or in ‘/var/log/messages’ “kernel: ip_conntrack: table full, dropping packet” that is related to ip_conntrack kernel module.
Conntrack table is hash table (hash map) of fixed size (8192 entries by default), which is used for primary lookup. When the slot in the table is found it points to list of conntrack structures, so secondary lookup is done using list traversal. 65536/8192 gives 8 – the average list length. You may want to experiment with this value on heavily loaded systems.
If this error founds into /var/log/messages or dmesg you have to apply following steps to resolve.
Here I have done this to changes and added few settings in kernel also we will do it to set apache MPM and Haproxy tunning with sysctl.conf
Note: I have tried all this workaround and apply on CentOS-5.2, but don’t worry ip_conntrack module is default in kernel 2.6 +
1) To check ip_contrack is compiled with your kernel
[root@ravi.com ~]# modinfo ip_conntrack
filename: /lib/modules/2.6.18-128.el5/kernel/net/ipv4/netfilter/ip_conntrack.ko
license: GPL
srcversion: F1390E605BBFB05078B78E8
depends: nfnetlink
vermagic: 2.6.18-128.el5 SMP mod_unload gcc-4.1
module_sig: 883f350497747c575ed35fe9471dce112565509f4b58f4f3e440c6bcc05c2fba9bbdd224bdeb8209e293da385133a876e44a7b449ba59a882a8282b
2) Probe ip_conntrack kernel module or add it in /etc/modprobe.conf
[root@ravi.com ~]# modprobe ip_conntrack hashsize=131072
or
open /etc/modprobe.conf and add below lines at the end of file
options ip_conntrack hashsize=131072
3) before go to apply the 4th step, just check the ip_conntrack setting is into /etc/sysctl.conf
grep “ip_conntrack” /etc/sysctl.conf
if its found then apply 4th step or edit the /etc/sysctl.conf and add the given two lines at the end of file and save it then go for 4th step
(the value is compare to your RAM and set it to below)
net.ipv4.ip_conntrack_max = 16777216
net.ipv4.netfilter.ip_conntrack_max = 16777216
4) To apply the sysctl parameters run ‘sysctl -p’
[root@ravi.com ~]# sysctl -p
5) Now check the ip_conntrack is logging the connections and check not dropping any more
[root@ravi.com ~]# cat /proc/slabinfo | grep conn
ip_conntrack_expect 0 0 136 28 1 : tunables 120 60 8 : slabdata 0 0 0
ip_conntrack 216053 231335 304 13 1 : tunables 54 27 8 : slabdata 17795 17795 216
6) Also you can check how much memory utilized by ip_conntrack module per connection.
[root@ravi.com ~]# grep ip_conntrack /var/log/messages
/var/log/messages.2:Jan 14 21:46:04 ravi kernel: ip_conntrack version 2.4 (8192 buckets, 65536 max) – 304 bytes per conntrack
1M connections would require 304MB of kernel memory.
Thanks
Ravi
How to install VNCSERVER on CentOS
yum groupinstall “GNOME Desktop Environment”
yum install xterm vnc-server vnc
remove the existing file & edit with ‘/etc/sysconfig/vncservers‘ and put the following lines in it
VNCSERVERS=”2:root”
VNCSERVERARGS[2]=”-geometry 800×600 -nolisten tcp -nohttpd -localhost”
set the vnc password to open the vnc for user root (you have to login as a root)
vncpasswd
set the vnc password to open the vnc for user (you have to login as a normal user that way it will create the file xstartup in $home/.vnc)
vncpasswd
Now start the vncserver as root user
/etc/init.d/vncserver start
Now kill the vncserver proocesses using ‘ps aux | grep vnc | xargs kill -9′
and start vnc server by following command
vncserver
check the given path to open the vnc display as given in example
New ‘appserver.ravi.com:3 (root)’ desktop is appserver.ravi.com:3
before open the vncviewer remove the file ‘/tmp/.X1-lock’
Now open the vnc display you will get the default ‘xterm’ open on it.
Introduction -
“Attansic Technology Corp. L1 Gigabit Ethernet Adapte” network (NIC) card or Adapter was not detected by RHEL4 (redhat) system. I tried running kudzu and other commands to detect device, but no use. So finally I have to install drivers for my network card…
Step 1] Device status (network card) –
* See below device status from hardware conf file ~ “/etc/sysconfig/hwconf”
* Attansic Technology Corp. L1 Gigabit Ethernet Adapter not detected – Unknown device 8226
03:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)
Subsystem: ASUSTeK Computer Inc.: Unknown device 8226
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B-
Status: Cap+ 66Mhz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR+ <PERR-
Latency: 0, Cache Line Size 10
Interrupt: pin A routed to IRQ 201
…
…..
[root@desktop ~]# lspci
03:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)
…
…..
[root@desktop ~]# lspci -n
03:00.0 Class 0200: 1969:1048 (rev b0)
…
…..
[root@desktop ~]#
* Make sure to download drivers for above venderID & deviceId “1969:1048″….
Step 2] download and extract the source –
First, download vendor* driver from here
ftp://ftp.hogchain.net/pub/linux/attansic/vendor_driver/l1-linux-v1.2.40.3.tar.gz
OR
open-source (http://atl1.sourceforge.net/)
[root@desktop ~]# tar xvfz l1-linux-v1.2.40.3.tar.gz
[root@desktop ~]# cd l1-linux-v1.2.40.3
[root@desktop src]# ls
at_ethtool.c at.h at_hw.c at_hw.h at_main.c at_osdep.h at_param.c kcompat.c kcompat_ethtool.c kcompat.h Makefile
[root@desktop src]#
* Now compile and install the drivers
[root@desktop src]# make
make -C /lib/modules/2.6.9-78.ELsmp/build SUBDIRS=/root/l1-linux-v1.2.40.3/src modules
make[1]: Entering directory `/usr/src/kernels/2.6.9-78.EL-smp-i686′
…
…..
make[1]: Leaving directory `/usr/src/kernels/2.6.9-78.EL-smp-i686′
[root@desktop src]# echo $?
0
[root@desktop src]# make install
make -C /lib/modules/2.6.9-78.ELsmp/build SUBDIRS=/root/l1-linux-v1.2.40.3/src modules
…
…..
man -c -P’cat > /dev/null’ atl1 || true
[root@desktop src]# echo $?
0
* Now load the kernel module….
[root@desktop src]# modprobe atl1
Step 3] Now verify whether kernel driver is working or not –
[root@desktop src]# modinfo atl1
filename: /lib/modules/2.6.9-78.ELsmp/kernel/drivers/net/atl1/atl1.ko
author: Atheros Corporation, <xiong.huang@atheros.com>
description: Atheros 1000M Ethernet Network Driver
license: GPL
version: 1.2.40.3 1FC4E58EBDF31F49BFD33E8
parm: TxDescriptors:Number of transmit descriptors
parm: RxDescriptors:Number of receive descriptors
parm: MediaType:MediaType Select
parm: IntModTimer:Interrupt Moderator Timer
parm: FlashVendor:SPI Flash Vendor
vermagic: 2.6.9-78.ELsmp SMP 686 REGPARM 4KSTACKS gcc-3.4
depends:
alias: pci:v00001969d00001048sv*sd*bc*sc*i*
[root@desktop src]#
[root@desktop src]# netconfig
[root@desktop src]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:AD:54:0A:XX:WW
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::223:54ff:fe0a:616b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:498 (498.0 b)
Memory:feac0000-feb00000
…
…..
[root@desktop src]#
[root@desktop ~]# vi /etc/sysconfig/hwconf
class: NETWORK
bus: PCI
detached: 0
device: eth0
driver: atl1
desc: “Attansic Technology Corp. L1 Gigabit Ethernet Adapter”
network.hwaddr: 00:AD:54:0A:XX:WW
vendorId: 1969
deviceId: 1048
subVendorId: 1043
subDeviceId: 8226
pciType: 1
pcidom: 0
pcibus: 3
pcidev: 0
pcifn: 0
[root@desktop ~]#
Enjoy,
Arun Bagul
Introduction ~
This article is about how to configure TATA Indicom,BSNL and Reliance Broadband+ Netconnect ( EDVO usb modem ) on Ubuntu Linux.
To configure Reliance,BSNL and Tataindicom epi valley usb modem please refer the following article ~
http://www.indiangnu.org/2008/tata-indicom-usb-modem-epi-valley-on-ubuntu-linux/
To configure Tataindicom,Reliance Huawei datacard refer the following article ~
http://www.indiangnu.org/2008/tata-indicom-datacard-huawei-cdma-on-linuxubuntu/
** EVDO ?
EVolution-Data Optimized (EVDO) is a telecommunications standard for the wireless transmission of data through radio signals, typically for broadband Internet access. It uses multiplexing techniques including code division multiple access (CDMA) as well as time division multiple access (TDMA)
to maximize both individual user’s throughput and the overall system throughput. It is standardized by (3G) 3rd Generation Partnership Project 2 (3GPP2) as part of the CDMA2000 family of standards and has been adopted by many mobile phone service providers around the world – particularly those previously employing CDMA networks.
How to configure Reliance Broadband+ Netconnect -
Step 1] Mount USB file system to “/proc/bus/usb” –
root@laptop:~# ls /proc/bus/usb/
root@laptop:~#
* It shows that usbfs is not mounted on “/proc/bus/usb”. To mount run following command….
root@laptop:/var/src/usb_modeswitch-1.0.5# mount -t usbfs none /proc/bus/usb
root@laptop:/var/src/usb_modeswitch-1.0.5# ls /proc/bus/usb/
001 002 003 004 005 006 007 devices
root@laptop:/var/src/usb_modeswitch-1.0.5#
Step 2] Get the status of Reliance Broadband+ USB device ~
* lsusb list USB devices connected to PC as well as information about USB buses in the system and the devices connected to them.
* Output before connecting Reliance Broadband+ Netconnect usb modem -
root@laptop:~# lsusb
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
…..
root@laptop:~#
* Let’s connect Reliance Broadband+ Netconnect! usb modem -
root@laptop:~# lsusb
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 005 Device 004: ID 19d2:fff5
Bus 005 Device 003: ID 08ff:2580 AuthenTec, Inc. AES2501 Fingerprint Sensor
…..
root@laptop:~#
* Bus 005 Device 004: ID 19d2:fff5 – This shows that the Reliance (EVDO) usb device is detected with Vendor_id 19d2 and product_id fff5
root@laptop:~# cat /proc/bus/usb/devices
T: Bus=07 Lev=01 Prnt=01 Port=01 Cnt=01 Dev#= 23 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1
P: Vendor=19d2 ProdID=fff5 Rev= 0.00
S: Manufacturer=ZTE, Incorporated
S: Product=USB Storage
S: SerialNumber=000000000002
C:* #Ifs= 1 Cfg#= 1 Atr=c0 MxPwr=100mA
I:* If#= 0 Alt= 0 #EPs= 2 Cls=08(stor.) Sub=06 Prot=50 Driver=usbserial_generic
E: Ad=89(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms
E: Ad=0a(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms
root@laptop:~# dmesg | tail
[15035.656075] usb 7-2: new full speed USB device using uhci_hcd and address 24
[15035.814188] usb 7-2: configuration #1 chosen from 1 choice
[15035.827708] scsi10 : SCSI emulation for USB Mass Storage devices
[15035.828851] usb-storage: device found at 24
[15035.828856] usb-storage: waiting for device to settle before scanning
[15040.831095] usb-storage: device scan complete
[15040.834105] scsi 10:0:0:0: Direct-Access ZTE USB Storage FFF1 2.31 PQ: 0 ANSI: 2
[15040.839233] sd 10:0:0:0: [sdb] Attached SCSI removable disk
[15040.839378] sd 10:0:0:0: Attached scsi generic sg2 type 0
root@laptop:~#
*** Reliance Broadband+ EVDO USB is detected as “USB storage device” as shown above…
Step 3] How to use Reliance Broadband+ Netconnect as USB Modem -
To use Reliance Broadband+ usb as USB Modem. We need to switch the usb mode of this device with the help of “usb_modeswitch” tool.
Download ~ http://www.draisberghof.de/usb_modeswitch/usb_modeswitch-1.0.5.tar.bz2
Help – http://www.draisberghof.de/usb_modeswitch/
* Download and extract the “usb_modeswitch” –
root@laptop:/var/src# wget -c http://www.draisberghof.de/usb_modeswitch/usb_modeswitch-1.0.5.tar.bz2
root@laptop:/var/src# tar xvfj usb_modeswitch-1.0.5.tar.bz2
* Now compile and install –
root@laptop:/var/src/usb_modeswitch-1.0.5# gcc -l usb -o usb_modeswitch usb_modeswitch.c
root@laptop:/var/src/usb_modeswitch-1.0.5# make install
mkdir -p /usr/sbin
install ./usb_modeswitch /usr/sbin
mkdir -p /etc
install –mode=644 ./usb_modeswitch.conf /etc
root@laptop:/var/src/usb_modeswitch-1.0.5#
**** Now configure USB mode switching -
a) Edit configuration file “/etc/usb_modeswitch.conf” -
Just search for vendor and product id eg (19d2 and fff5) in config “/etc/usb_modeswitch.conf” file….
This file contains most of the details. I choose following setting and that work’s for me
root@laptop:~# cat /etc/usb_modeswitch.conf
###################
# ZTE AC8710
#
DefaultVendor= 0x19d2
DefaultProduct= 0xfff5
TargetVendor= 0x19d2
TargetProduct= 0xfff1
MessageContent=”5553424312345678c00000008000069f030000000000000000000000000000″
root@laptop:~#
b) Now run “usb_modeswitch” command to switch the mode of USB device -
root@laptop:~# usb_modeswitch -c /etc/usb_modeswitch.conf
Step 4] Load “usbserial” module
* Remember in Ubuntu 09.04 the “usbserial” is buildin kernel. To load that module we need to modify “grub.conf” or “menu.lst” GRUB config file
root@laptop:~# cat /boot/grub/menu.lst
title Ubuntu 9.04, kernel 2.6.28-11-generic
uuid c98db8a7-0a2e-4cea-b9d5-43a30c892fb0
kernel /vmlinuz-2.6.28-11-generic root=/dev/sda5 ro quiet splash usbserial.vendor=0x19d2 usbserial.product=0xfff1
initrd /initrd.img-2.6.28-11-generic
quiet
….
……
root@laptop:~#
**** Reboot the machine and run the following command
* Output before switch….
root@laptop:~# lsusb
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 007 Device 023: ID 19d2:fff5
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
…..
root@laptop:~#
root@laptop:~# usb_modeswitch -c /etc/usb_modeswitch.conf
* Output after switch….
root@laptop:~# lsusb
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 007 Device 024: ID 19d2:fff1
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
…..
root@laptop:~#
root@laptop:~# usb_modeswitch -v 19d2 -p fff1
Looking for default devices …
Found default devices (1)
Accessing device 004 on bus 005 …
Using endpoints 0×02 (out) and 0×82 (in)
Not a storage device, skipping SCSI inquiry
Device description data (identification)
————————-
Manufacturer: ZTE, Incorporated
Product: ZTE CDMA Tech
Serial No.: not provided
————————-
Warning: no switching method given.
-> Run lsusb to note any changes. Bye.
root@laptop:~#
root@laptop:~# cat /proc/bus/usb/devices
T: Bus=07 Lev=01 Prnt=01 Port=01 Cnt=01 Dev#= 24 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1
P: Vendor=19d2 ProdID=fff1 Rev= 0.00
S: Manufacturer=ZTE, Incorporated
S: Product=ZTE CDMA Tech
C:* #Ifs= 6 Cfg#= 1 Atr=a0 MxPwr=500mA
I:* If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=ff Driver=(none)
E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=128ms
root@laptop:~# dmesg | tail
[ 70.985075] usbserial_generic 5-1:1.1: generic converter detected
[ 70.985109] usb 5-1: generic converter now attached to ttyUSB1
[ 70.987028] usbserial_generic 5-1:1.2: generic converter detected
[ 70.987064] usb 5-1: generic converter now attached to ttyUSB2
[ 70.989589] usbserial_generic 5-1:1.3: generic converter detected
[ 70.989623] usb 5-1: generic converter now attached to ttyUSB3
[ 70.991023] usbserial_generic 5-1:1.4: generic converter detected
[ 70.991061] usb 5-1: generic converter now attached to ttyUSB4
[ 70.993066] usbserial_generic 5-1:1.5: generic converter detected
[ 70.993109] usb 5-1: generic converter now attached to ttyUSB5
root@laptop:~#
*** It shows that Reliance Broadband+ EVDO usb is detected as CDMA modem
Step 5] Configure wvdail –
* Run “wvdialconf” to detect and edit “/etc/wvdial.conf” confile
root@laptop:~# wvdialconf
Editing `/etc/wvdial.conf’.
Scanning your serial ports for a modem.
Modem Port Scan<*1>: S0 S1
root@laptop:~# cat /etc/wvdial.conf
[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Password = your_mobile_no
Username = your_mobile_no
Phone = #777
PPPP Path = /usr/sbin/pppd
Modem Type = Analog Modem
Stupid Mode = 1
Tonline = 0
Baud = 9600
New PPPD = 1
Modem = /dev/ttyUSB0
ISDN = 0
root@laptop:~#
* Now it’s time to start surfing…..
root@laptop:~# wvdial &
[1] 21710
root@laptop:~#
root@laptop:~# ifconfig
ppp0 Link encap:Point-to-Point Protocol
inet addr:115.184.XX.BB P-t-P:220.224.CC.DD Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4310 errors:0 dropped:0 overruns:0 frame:0
TX packets:4347 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2268618 (2.2 MB) TX bytes:445276 (445.2 KB)
Enjoy,
Arun Bagul
IT infra going day to day very critical and costly, So for that we need simple IP based load balancing solution that handles ssl traffic. Basically it’s very easy and secure way to manage your server load balancing.
This example will shows you how we use this with easy steps
The Configuration =
* Load Balancer: <10.0.0.77> // will be our haproxy server # This will listen on many ports that we will bind as per requirement
* Web Server 1: <10.0.1.209> // web application server 1 #This will listen on tcp mode
* Web Server 2: <10.0.1.210> // web application server 2 #This will listen on tcp mode
* Web Server 3: <10.0.1.227> // web application server 3 #This will listen on http mode
* Admin Panel Port 8088: <10.0.0.77> // Statistics Panel on port 8080 #This will listen on http mode
Get and Install haproxy
We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/
wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.19.tar.gz
tar xvzf haproxy-1.3.19.tar.gz
cd haproxy-1.3.19
make TARGET=linux26 ARCH=x86_64
make install
Now add user haproxy or what ever need to run config
[root@ravi.com ~]# useradd haproxy
cp /path/to/haproxy-1.3.19/examples/haproxy.init /etc/init.d/haproxy
chmod +x /etc/init.d/haproxy
create the /etc/haproxy folder and create haproxy.cfg config file in it.
mkdir /etc/haproxy
Now Please add your config file haproxy.cfg in /etc/haproxy
Configure /etc/haproxy/haproxy.cfg
#[root@app71 haproxy]# more haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 25000 # count about 1 GB per 25000 connections
#debug
#quiet
user ravi
group ravi
defaults
log global
mode tcp
option dontlognull
retries 3
option redispatch
maxconn 20000
contimeout 5000
clitimeout 50000
srvtimeout 50000
#Configuration for www.ravi.com
listen VIP:www.ravi.com:10.0.0.77:80
bind 10.0.0.77:80 # or any other IP:port combination we listen to.
bind 10.0.0.77:443 # or any other IP:port combination we listen to.
mode tcp
option ssl-hello-chk
option forwardfor # set the client’s IP in X-Forwarded-For.
balance roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server app139:10.0.1.209:80 10.0.1.209 weight 1 maxconn 5000 check
server app140:10.0.1.210:80 10.0.1.210 weight 1 maxconn 5000 check
listen VIP:www.ravi.com:10.0.0.77:8080
bind 10.0.0.77:8080 # or any other IP:port combination we listen to.
mode http
option forwardfor # set the client’s IP in X-Forwarded-For.
balance roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server app127:10.0.1.227:8080 10.0.1.227 weight 1 maxconn 5000 check
# Enable the stats page on a dedicated port (8088). Monitoring request errors
# on the frontend will tell us how many potential attacks were blocked.
listen ha_stats 10.0.0.77:8088
mode http
stats enable
stats auth user:password ##Auth user pass
edit the /etc/sysctl.conf and add the end of file then run sysctl -p to load the setting
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65023
net.ipv4.tcp_max_syn_backlog = 10240
net.ipv4.tcp_max_tw_buckets = 400000
net.core.somaxconn = 10000
start haproxy using (/etc/init.d/haproxy start or /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid)
Configuring logging
Edit /etc/sysconfig/syslog
1.SYSLOGD_OPTIONS=”-m 0 -r”
Edit /etc/syslog.conf. Add the following:
1.local0.* /var/log/haproxy/haproxy.log
2.local1.* /var/log/haproxy/haproxy-1.log
Restart Syslog
service syslog restart
Now check with
ps auxwww | grep haproxy
Thanks
Ravi
This has been tested under RHEL 4/5, CentOS 4.4/5 and fedora 8 (kernel version 2.6.15+)
I found and stored few required rpm packages from various places that you will download from given.
http://www.4shared.com/file/113579629/ee5e0aed/libglade-017-11i386.html
http://www.4shared.com/file/113579642/2fd674e3/libglade-devel-017-11i386.html
http://www.4shared.com/file/113579654/dfaee097/libxml-1817-8i386.html
http://www.4shared.com/file/113579677/7491d3af/libxml-devel-1817-8i386.html
http://www.4shared.com/file/113579714/ba004fa4/php4-pcntl-449-1fc5i386.html
http://www.4shared.com/file/113579747/5e7eea5b/php4-pcntl-gtk-102-4fc5i386.html
http://www.4shared.com/file/113579758/d7dac68b/pptp-172-3fc5i386.html
http://www.4shared.com/file/113579764/f541d963/pptpconfig-20060821-1fc5noarch.html
After downloading these first you will have to install lib packages and then pptp packages
rpm -ivh –nodeps libglade-0.17-11.i386.rpm libglade-devel-0.17-11.i386.rpm libxml-1.8.17-8.i386.rpm libxml-devel-1.8.17-8.i386.rpm
rpm -ivh pptp-1.7.2-3.fc5.i386.rpm pptpconfig-20060821-1.fc5.noarch.rpm php4-pcntl-gtk-1.0.2-4.fc5.i386.rpm php4-pcntl-4.4.9-1.fc5.i386.rpm
now go to the given image that I would like to show how I added vpn connection
1) open vpnclient configuration launchpad with “pptpconfig”
2) Now create your profile with all the details and add
Now you have to set you external route or tunnel IP range into it for that click on “Routing” and set “All to Tunnel” and update your profile.
Now start your vpn client.
–Ravi
Introduction - Two days back I brought TATA Indicom datacard! As I am Ubuntu user. I wanted to use this datacard on Ubuntu Linux! PPP is the Point to Point protocol used for establishing internet links over dial-up modems, DSL connections, and many other types of point-to-point links. The pppd daemon works together with the kernel PPP driver to establish and maintain a PPP link with another system (called the peer) and to negotiate Internet Protocol (IP) addresses for each end of the link. pppd daemon can also authenticate the peer and/or supply authentication information to the peer.
What you need to use Tataindicom datacard on Ubuntu Linux ?
make sure that two kernel module ie ‘usbserial‘ and ‘usbcore‘ are loaded!
root@arun:~# modinfo usbserial
filename: /lib/modules/2.6.24-16-generic/kernel/drivers/usb/serial/usbserial.ko
license: GPL
description: USB Serial Driver core
author: Greg Kroah-Hartman, greg@kroah.com, http://www.kroah.com/linux/
srcversion: FE4A4FC2C18B17DDD77E8C6
depends: usbcore
vermagic: 2.6.24-16-generic SMP mod_unload 586
parm: vendor:User specified USB idVendor (ushort)
parm: product:User specified USB idProduct (ushort)
parm: debug:Debug enabled or not (bool)
root@arun:~#
root@arun:~# modinfo usbcore
filename: /lib/modules/2.6.24-16-generic/kernel/drivers/usb/core/usbcore.ko
license: GPL
srcversion: E8DACA0029626C336D1A513
alias: usb:v*p*d*dc*dsc*dp*ic09isc*ip*
alias: usb:v*p*d*dc09dsc*dp*ic*isc*ip*
depends:
vermagic: 2.6.24-16-generic SMP mod_unload 586
parm: usbfs_snoop:true to log all usbfs traffic (bool)
parm: blinkenlights:true to cycle leds on hubs (bool)
parm: old_scheme_first:start with the old device initialization scheme (bool)
parm: use_both_schemes:try the other device initialization scheme if the first one fails (bool)
parm: autosuspend:default autosuspend delay (int)
root@arun:~#
* To use datacard (which is ppp link) you need to install two packages ie ppp daemon and wvdial as dialer!
root@arun:~# dpkg -l | grep wvdial
ii wvdial 1.60.1 PPP dialer with built-in intelligence
root@arun:~# dpkg -l | grep ppp
ii ppp 2.4.4rel-9ubuntu2 Point-to-Point Protocol (PPP) daemon
ii pppconfig 2.3.17ubuntu1 A text menu based utility for configuring pp
ii pppoeconf 1.17ubuntu1 configures PPPoE/ADSL connections
root@arun:~#
on Ubuntu you need to install above packages
How to configure ? –
” wvdialconf ” command is available on Ubuntu, which will detect you modem and it’s related stuff and this command will generate or updates the configuration file “/etc/wvdial.conf”
root@arun:~# wvdialconf
root@arun:~#
* After running above command just update user name and password in “/etc/wvdial.conf” configuration file
root@arun:~# cat /etc/wvdial.conf
[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Modem Type = Analog Modem
Phone = Phone_number like (#xxx)
ISDN = 0
Username = USERNAME
Password = PASSWORD
New PPPD = yes
Modem = /dev/ttyUSB0
Baud = 9600
root@arun:~#
** you can also edit this file manually just refer the man pages for more details!
root@arun:~# man wvdialconf
root@arun:~# man wvdial.conf
arun@arun:~$ man wvdial
root@arun:~# cat /etc/wvdial.conf
[Dialer TataIndicom]
Stupid Mode = 1
Inherits = Modem0
New PPPD = yes
Phone = Phone_number like (#xxx)
Username = USERNAME
Password = PASSWORD
[Modem0]
Init1 = ATZ
SetVolume = 0
Modem Type = Analog Modem
Modem = /dev/ttyUSB0
Dial Command = ATDT
Baud = 115200 or 9600 (depends on support)
FlowControl = Hardware (CRTSCTS)
root@arun:~#
** How to use it or dial!!
1) Now it’s time to check your luck! If you are using default conf file created by ” wvdialconf ” command just use below command…
root@arun:~# wvdial > /var/log/tataindicom.log 2>&1 &
OR
root@arun:~# wvdial
…..
root@arun:~#
root@arun:~# tail -f /var/log/tataindicom.log
OK
–> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
–> Modem initialized.
–> Sending: ATDT#***
–> Waiting for carrier.
ATDT#777
CONNECT 230400
–> Carrier detected. Waiting for prompt.
–> Don’t know what to do! Starting pppd and hoping for the best.
–> Starting pppd at Sat Jun 20 21:56:51 2008
–> Pid of pppd: 7152
–> Using interface ppp0
–> pppd: X�[06][08]��[06][08]
–> local IP address 219.80.X.X
–> pppd: X�[06][08]��[06][08]
–> remote IP address 173.B.C.D
….
…..
root@arun:~#
2) If you have manually edited your conf file as shown above then use below command
root@arun:~# wvdial TataIndicom
..
….
root@arun:~#
** Now check ppp0 interface is available
root@arun:~# ifconfig
eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:256 (256.0 B) TX bytes:492 (492.0 B)
Base address:0×4020 Memory:e4600000-e4620000
ppp0 Link encap:Point-to-Point Protocol
inet addr:219.80.X.X P-t-P:173.B.C.D Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:1574 errors:1 dropped:0 overruns:0 frame:0
TX packets:1644 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:556116 (543.0 KB) TX bytes:179325 (175.1 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
…
…..
root@arun:~#
root@arun:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
173.B.C.D * 255.255.255.255 UH 0 0 0 ppp0
default * 0.0.0.0 U 0 0 0 ppp0
root@arun:~#
** Check pppd daemon and how to start/stop/status the connection ?
root@arun:~# /etc/init.d/tataindicom
Usage: /etc/init.d/tataindicom {start|stop|status}
root@arun:~#
root@arun:~# /etc/init.d/tataindicom start
Starting the TATA Indicom datacard service..
log file is /var/log/tataindicom.log
…
Done.
root@arun:~#
root@arun:~# /etc/init.d/tataindicom status
TATA Indicom datacard -
Dailer :: 7144 /usr/bin/wvdial
pppd daemon :: 7152 /usr/sbin/pppd 9600 modem crtscts defaultroute usehostname -detach user internet noipdefault call wvdial usepeerdns idle 0 logfd 6
root@arun:~#
root@arun:~# /etc/init.d/tataindicom stop
killing pppd daemon and dailer…
…
Done.
root@arun:~#
command(1) pppd – point to point daemon
Frequently used options -
ttyname
Use the serial port called ttyname to communicate with the peer. If ttyname does not begin with a slash (/), the string “/dev/” is
prepended to ttyname to form the name of the device to open. If no device name is given, or if the name of the terminal connected to the
standard input is given, pppd will use that terminal, and will not fork to put itself in the background.
speed An option that is a decimal number is taken as the desired baud rate for the serial device.
crtscts
Specifies that pppd should set the serial port to use hardware flow control using the RTS and CTS signals in the RS-232 interface. If nei‐
ther the crtscts, the nocrtscts, the cdtrcts nor the nocdtrcts option is given, the hardware flow control setting for the serial port is
left unchanged. Some serial ports (such as Macintosh serial ports) lack a true RTS output. Such serial ports use this mode to implement
unidirectional flow control. The serial port will suspend transmission when requested by the modem (via CTS) but will be unable to request
the modem to stop sending to the computer. This mode retains the ability to use DTR as a modem control line.
defaultroute
Add a default route to the system routing tables, using the peer as the gateway, when IPCP negotiation is successfully completed. This
entry is removed when the PPP connection is broken. This option is privileged if the nodefaultroute option has been specified.
usehostname
Enforce the use of the hostname (with domain name appended, if given) as the name of the local system for authentication purposes (over‐
rides the name option).
call name
Read additional options from the file /etc/ppp/peers/name. This file may contain privileged options, such as noauth, even if pppd is not
being run by root. The name string may not begin with / or include .. as a pathname component
noipdefault
Disables the default behaviour when no local IP address is specified, which is to determine (if possible) the local IP address from the
hostname. With this option, the peer will have to supply the local IP address during IPCP negotiation (unless it specified explicitly on
the command line or in an options file).
nodetach
Don’t detach from the controlling terminal. Without this option, if a serial device other than the terminal on the standard input is spec‐
ified, pppd will fork to become a background process.
usepeerdns
Ask the peer for up to 2 DNS server addresses. The addresses supplied by the peer (if any) are passed to the /etc/ppp/ip-up script in the
environment variables DNS1 and DNS2, and the environment variable USEPEERDNS will be set to 1. In addition, pppd will create an
/etc/ppp/resolv.conf file containing one or two nameserver lines with the address(es) supplied by the peer.
user USERNAME
Sets the name used for authenticating the local system to the peer to name.
idle N Specifies that pppd should disconnect if the link is idle for N seconds. The link is idle when no data packets (i.e. IP packets) are being
sent or received. Note: it is not advisable to use this option with the persist option without the demand option.
logfd N
Send log messages to file descriptor N. Pppd will send log messages to at most one file or file descriptor (as well as sending the log
messages to syslog), so this option and the logfile option are mutually exclusive. The default is for pppd to send log messages to stdout
(file descriptor 1), unless the serial port is already open on stdout.
root@arun:~# cat /etc/ppp/peers/wvdial
noauth
name wvdial
usepeerdns
root@arun:~#
** Want to see the code of “/etc/init.d/tataindicom” ?
root@arun:~# cat /etc/init.d/tataindicom
#!/bin/bash
case “$1″ in
start)
echo “Starting the TATA Indicom datacard service..”
/usr/bin/wvdial > /var/log/tataindicom.log 2>&1 &
echo “log file is /var/log/tataindicom.log”
echo “…”
echo “Done.”
;;
stop)
echo “killing pppd daemon and dailer…”
kill -9 $(ps auxwww | grep “$(which wvdial)” | grep -v grep | awk ‘{print $2}’)
kill -9 $(ps auxwww | grep “$(which pppd)” | grep -v grep | awk ‘{print $2}’)
echo “…”
echo “Done.”
;;
status)
echo “TATA Indicom datacard -”
pid_of_dailer=$( ps auxwww | grep “$(which wvdial)” | grep -v grep | awk ‘{print $2}’)
pid_of_pppd=$(ps auxwww | grep “$(which pppd)” | grep -v grep | awk ‘{print $2}’)
pppd_details=”$(ps auxwww | grep “$(which pppd)” | grep -v grep | awk -F’pppd’ ‘{print $2}’)”
echo -e “Dailer :: $pid_of_dailer $(which wvdial)”
echo -e “pppd daemon :: $pid_of_pppd $(which pppd) $pppd_details”
;;
*)
echo “Usage: /etc/init.d/tataindicom {start|stop|status}”
exit 1
esac
exit 0
root@arun:~#
Thank you,
Arun Bagul
Introduction - Zabbix is a solution for monitoring applications, networks, and servers. With Zabbix you can monitor multiple servers at a time, using a Zabbix server that comes with a web interface (that is used to configure Zabbix and holds the graphs of your systems) and Zabbix agents that are installed on the systems to be monitored. The Zabbix agents deliver the desired data to the Zabbix server. This tutorial shows how you can install the Zabbix server and agent on a Ubuntu Gusty 7.10.
I will use the system SFPAZABBIX with the IP address 192.168.3.180 as the Zabbix server, and I’ll install a Zabbix agent on the same system -
The Zabbix server can store its information in a MySQL or PostgreSQL database. We use MySQL here, so we install the MySQL server and client first using apt-get -
root@ravi:~# apt-get install mysql-server mysql-client
Create a password for the MySQL user root (replace yourrootsqlpassword with the password you want to use) -
root@ravi:~# mysqladmin -u root password yourrootsqlpassword
Installing apache2 php5 for web interface -
root@ravi:~# apt-get install apache2 php5 php5-gd
Afterwards, we can install the Zabbix server, Zabbix agent, and the Zabbix web interface with a single command -
root@ravi:~# apt-get install zabbix-server-mysql zabbix-frontend-php zabbix-agent
Apt installation will be asked a few questions-
Like mysql root user password and Zabbix database password, give mysql root password there that we created already.
This should create a MySQL database called Zabbix.
Next we must edit the Zabbix agent configuration in /etc/zabbix/zabbix_agentd.conf.
Replace Server=localhost with Server=127.0.0.1 (to avoid lookup problems of localhost) and specify the hostname of the current system in the Hostname line.
root@ravi:~# vi /etc/zabbix/zabbix_agentd.conf
[...]
Server=127.0.0.1
[...]
Hostname=SFPAZABBIX
[...]
root@ravi:~#
Then we restart the Zabbix agent -
root@ravi:~# /etc/init.d/zabbix-agent restart
Finally, we must specify the password of our zabbix MySQL user in the Zabbix web interface configuration -
root@ravi:~# vi /etc/zabbix/dbconfig.php
<?php
$DB_TYPE=’MYSQL’;
$DB_SERVER=’localhost’;
$DB_DATABASE=’zabbix’;
$DB_USER=’root’;
$DB_PASSWORD=’mysqlrootpassword’;
?>
root@ravi:~#
Restart services for zabbix server & agent -
/etc/init.d/zabbix-server restart
/etc/init.d/zabbix-agent restart
That’s it. you can access Zabbix webbased admin panel check URL http://SFPAZABBIX/zabbix or http://192.168.3.180/zabbix
>
Afterwards, go to Configuration TAB and configure Zabbix!
If you have problems with Zabbix, please check the Zabbix logs – * /var/log/zabbix-agent/zabbix_agentd.log
* /var/log/zabbix-server/zabbix_server.logThe Zabbix configuration files for the server, agent, and web interface are as follows -
* /etc/zabbix/apache.conf
* /etc/zabbix/dbconfig.php
* /etc/zabbix/zabbix_agentd.conf
* /etc/zabbix/zabbix_server.conf
Taking backup of Zabbix server database using below script -
#!/bin/bash
# script for dumping the contents of a zabbix MySQL database
# this script will create a compressed mysqldump of the specified database
savePath=/zabbix/
fileName=”ZabbixDBbackup” # filename for the backup note the
dateVar=$(date +%Y-%m-%d) # date variable to append to filename
mysqldump -u root -p(mysqlpassword) zabbix | gzip > $savePath$fileName-$dateVar.gz
Schedule cronjob for Zabbix is as follows -
@daily /bin/sh /zabbix/backupforzabbix.sh #zabbix db backup daily midnight
Append existing zabbix db backup on zabbix db -
Go to where is the zabbix db backup path ( i.e. /zabbix), check date & go for newer date when zabbix was running in good condition.
(ls -l commands output give you the newer date)
Unzip the compressed file and rename it to dbfilename.sql (with sql extension)
Now go to mysql CLI prompt -
root@ravi:~# mysql -u root -p
mysql> use zabbix;
mysql> \. filename.sql
above command append the tables of zabbix database.
Thanks
Ravi Bhure
