NFS datastore on ESXI 5.*

In the blog before this one. I explained how you could create a (software) RAID1 with LVM. This storage is meant to be shared as NFS. One of it’s purposes is NFS datastore on ESXi 5.*. Underneath i will explain how to mount the NFS on the ESXi commandline, but also I will give you a tip how to store your snapshots and vswap files on another datastore than the datastore the VM’s is stored on.

Pre-requisites:
– I assume you have created your own share.
– You have created the proper firewall rules (or disabled it)
– Have esxcli and ssh enabled on the ESXi host.

Step 1: Mounting NFS on ESXi
First ssh into the ESXi host.
The command for mounting the NFS share is relatively easy:

*Note: If you want to remove the nfs share use this command:

* host, can also be the hostname or FQDN as long as your dns is setup correct 😉
* share, is the remote folder
* volume-name, here you can choose the name you want to specify for the mounted NFS share.

If you want to check wether it succeeded or not:

As you can see, the nfsstore was added. I can also see it in my vsphere (web) client:

Step 2: Changing the snapshot and vswap location:
My virtual machines run on a hp server. Which has a raid5 with 10k SAS disks. So for speed and fail security purposes I’d like to have the vm files on there. However snapshots could be stored on the nfs store. I found this addition that makes the above possible.

First go to your vsphere client and download the .vmx file of your VM (make sure it is down!)
Next open the .vmx with a tool like notepad++. Add the rules beneath and enter the correct collection of your storage folder. (Please don’t forget to upload the .vmx file to the datastore). I’d like to recommend you create folders per vm, else all snashots will be in the same folder.

IMPORTANT: Please make sure you create the folders manual on forehand. Else the VM will NOT start!

Now start the VM and create a snapshot to test if it’s working!

As you can see the snapshot was created and written to the nfs share! This will save me alot of space on the standard datastore.

Installation of Centos 6.5 on ESXi 5.1 with RDM in RAID1 + LVM

Like probably everybody you have important files, backups etc etc you want to store so you cannot lose them. I have been thinking some time to think about my solution.
On this VM i will set up RAID1 softwareRAID and put NFS shares on it. I’ll be able to write backups and use rsync for important files between my 2 locations (10km distance). This way I have a semi professional solution on keeping my files safe.

**Note: This is an advanced installation. I will not cover all (basic) aspects of the centos 6.5 installation. I will assume you know certain things already. My scope lies on the RDM disks and creating the softwareRAID 1 + LVM.

I decided the following things:

OS: Centos 6.5
Memory: 1024MB
Diskspace OS: 10GB
Diskspace storage: 1TB
However: Software RAID 1 (so that will be 2 disks in mirror)

Step 1: Create RDM disks
I am running ESXi 5.5 on the HP server. And I need to create 2 RDM disks, because I didnt want to spend another 300 euro’s on a proper raid controller.

Let me give you an advice up front. Please be very carefull on the command line in ESXi. It is slighty different from regular linux!

The steps to creat the two disks are fairly easy:
Ssh into the machine as root!

Now we can see two disks underneath. Those two will be the RDM disks. Please double check within vsphere if you are selecting the correct disks!
Copy the two RAW Id’s we will be needing them later to create the RDM.
We now go to the default datastore to see where we need to create the RDM files.

As you can see my datastore is called datastore1. Let’s create a folder called RDM here. So we can store the .vmdk files

Next we will actually create the RDM disks:
*tip: if you want to use spaces (which I tend to discourage). You have to use quotes on the location of your vmdk.

In total four files will be created in your RDMdisks:

Step 2: Mount the RDM files in ESXI
In vsphere go to the settings of the VM you want the RDM disks on.

Now let’s follow the steps on the pictures to add the two disks:

click add

Now add the RDM disk

Repeat the steps above for the second disk.

After you’ve added them, press okay and vsphere will state it is reconfiguring the virtual machine.

If you’ve done everything correctly it will show similar to this

**note: Don’t forget to attach the centos iso to the cdrom!

Step 3: Configuring software RAID1 and LVM
Oke lets power up the VM and get into the Partitioning tool.
Be sure to choose custom layout!

So first is my OS disk setup:

/boot is a standard partition:

Next we’re creating the LVM physical volume:

After that the LVM volume group:

And the logical volumes:
I’ll give one example. You can use the best case sizing below.

/ 2500MB – vg_pandora – ext4
/var 2000MB vg_pandora – ext4
/opt 2000MB vg_pandora – ext4
/tmp 1000MB vg_pandora – ext4
swap 2000MB vg_pandora – ext4

After you’ve set the base disk up. It will look like this:

Now we are going to setup the software raid + LVM.
This basically goes like this.
First you make RAID partitions of sdb and sdc.
After that you creat a RAID device with both partitions in them, in addition we will set up the LVM.




Setting up LV on the RAID configuration:

After all these actions. You should have an overview like this:

Now press NEXT. You will get a screen asking if you want to format. In my case the disks are empty so i want to format them. Also we choose ext4 and xfs filesystems. So the partitions should be formatted with them.

Step 4: Continue installation and reboot.
This basically is just waiting until installation and you can reboot.

Install spacewalk 2.0 on Centos 6.5 with external psql db.

After installing all kinds of servers. I decided it was time for a tool to manager them from a central location. I choose for Spacewalk 2.0 on the Centos 6.5 OS. Because i already had a webserver with postgresql 9.2.7 i decided to use a db on that server rather than a embedded / local.

Pre-requiesites
Make sure your hostname and/or DNS records are set correctly!

Step 1: Go to the database server:
This package is needed to communicate with older versions of postgresql.

Creating database + user:

Tuning db:

In addition also change the default values to the lines underneath:

Restart postgres

Step 2: Go to your spacewalk machine

Set selinux to permissive just to rule bugs out:

Perform a yum update to get the system up to date.

Install epel and the spacewalk repo:

Now we can start the installation of spacewalk with the postgresql backend.

Step 3: Firewall:

Add the rules below to your firewall on the spacewalk server.

If you want to reinstall spacewalk on a clear db use this command:

Step 4: Registering the client machines!
WORK IN PROGRESS!

Howto mount Samba share on the CLI

Appearantly it can be handy for various reasons to have samba shares mount via the command line. I’m not going to explain the case why I figured this out. But it can be a little hassle. If you follow this guide it should be really easy.

There are 2 methods which i will explain. First one is just mounting it on the command line. The other one is permanent mounting via /etc/fstab

This works in Centos 6.5

Pre-requisites:
– Samba server with samba shares + proper firewall rules
– second linux machine to mount on

First method: Mount on CLI

Second method: Automatically mount via fstab
Creating a credentials file. The reason is that every user is able to check /etc/fstab. So they would be able to see your username and password. This is never a good idea.

After we have created the file we’re going to give it the appropriate rights

To see if our entry in fstab works perform the following command:

To list all the mounts:

There you have it, your samba mount will be mount automatically on boot.

Please refer to man mount.cifs and man mount for more information on this subject.

Example Samba setup

On one of my machines I have applications running like torrent and usenet. For testing purposes ofcourse! The folder with extracted / unrarred files aswell as the “read” folder for nzb files are share with SAMBA as it is easily approachable from Windows. Besides that I thought it would be a nice gesture to share my smb.conf and firewall rules as I have tweaked them quite a bit.

I’m not going to explain how to setup SAMBA as there are thousands of guides on that topic.

So first my smb.conf:
Note: Please be aware that i removed some stuff. Only the most important changes are shown here. If you use this file on your own machine you will miss vital settings! So please check and review.

This is the smb.conf on my ZFSGURU (Freebsd 10) machine:
Note: Please be aware that ZFSGURU has alot of automation and that alot of options maybe specifiekd elsehwere. Please use this file as an example / inspiration.

Second my iptables rules:
Note: These will make sure that all proper protocols are used. Furthermore only the local networks I specified will have access to the shared folders. There are also options to specify this in the global section of smb.conf:

Centos 7 + Apache 2.4.6 ssl redirect

So I guess I was not the only one who noticed some stuff regarding vhosts and especially SSL have changed with the 2.4.* release of apache 2. I’ve been searching for quite some time to find a solution to redirect vhost 80 to https (443) and I finally got it working. I’d like to share this solution with you all.

Pre-requisites:
* Centos 7
* Apache 2.4.6 or higher (You can check this with httpd -v)
* Have at least one working DNS server (BIND)

Step 1: Configuring standard conf files

Now we will alter the ssl.conf

Step 2: Creating a test folder and file + logging folder

Logging folder:

Step 3: Creating a vhost container file file

First we make a http entry for sysinfo2, after that we create an ssl vhost container. We’re going to forward 80 –> 443

If you want to redirect to another machine or hostname use the following rules:

Check if the vhost.conf is correct:

Step 5: Configuring the firewall:
Use the following commands

Step 6: Installing ssl and generating ssl certificate:

Generating the certificate:

!!! Important, if you want a wildcard ssl certificate, please use these settings !!!
When asked for you FQDN type in www.domain.com (www in front of your own domain).
At common name type: *.domain.com (the * will allow you to use it for every subdomain on your domain!)

Set to the correct rights:

Run the script:

Now you can enter the details as asked by the script
* FQDN means fully qualifid domain name. For example www.domain.com or sysinfo2.domain.com.

The script will place your certifates in /etc/httpd/ssl
In the vhosts.conf file replace the .key and .cert files with the ones you just generated.

Do not forget to check and restart the httpd service:

Step 7: Configuring the DNS server:
I’m just showing you what you should apply here.
In your forward zone:

In your reversed zone:

Restart your named server just to be sure.

Step 8: Check if it works
Now we can test if it works (Don’t forget to change it to your own ip / hostname)

If everything works out you will get a message that your connection is not secure.
Do not worry. This is because we use a self signed certificate rather than one from a certificate authority.

Click advanced and proceed to continue.

The webbrowser will now show a php overview site and in the address bar you will https:// in front of your url with a red cross in front of it.

Howto install roundcube mysql > postgresql on Centos 6.5

Recently I installed a basic webserver with mysql and phpmyadmin and roundcube. However I changed my mind and wanted to use postgresql (9.3).

For the basic installation of Postgresql 9.3 on Centos 6.5, please refer to my other guide.
This guide will show you how to backup your old roundcube database and import it back to roundcube.

Basic installation of Postgresql 9.3:
http://tech.vuurvoske.nl/linux/install-postgresql-9-3-on-centos-6-5/>
*currently my hyperlink tag does not work :/

Pre-requisites:
* Work as root
* Have postgresql 9.3 installed
* Have enough space to backup existing database(s)
* Have Apache 2, PHP(5) + Mysql installed

—>Make sure you have file with usernames and passwords of the users from the specific databases <---

Step 1: Backing up the old database from mysql:

If you want to run the process in the background with an output to a textlog use the following command:

Step 2: Import the postgresql roundcube sql file into postgresql 9.3:

Step 3: Restoring the roundcube sql dump to postgresql:

I got some errors:

I continued since mysql works a little different then postgresql.

Step 4: Changing the database connection in roundcube config:

Step 5: Check if it works!
Navigate to your webserver / webmail. Typically something like www.domain.com/roundcube or www.domain.com/webmail

Check if you can log in and if everything is working correctly

If you get the following error:

DB Error in /usr/share/roundcubemail/program/lib/Roundcube/rcube_db.php (158): could not find driver
Warning: session_start(): Cannot send session cookie – headers already sent in /usr/share/roundcubemail/program/lib/Roundcube/rcube_session.php on line 108 Warning: session_start(): Cannot send session cache limiter – headers already sent in /usr/share/roundcubemail/program/lib/Roundcube/rcube_session.php on line 108 DB Error: could not find driver

With underneath:

DATABASE ERROR: CONNECTION FAILED!

Unable to connect to the database!
Please contact your server-administrator.

You are missing the pgsql driver for php. This is easily solved!
Simply perform the following command:

Refresh your browser and you should be good to go!

Zabbix agent 2.2.* on Centos 6.*

Step by step guide on howto install the zabbix-agent for version 2.2.*.

Step 1: Add correct repository:

Step 2: Install the agent

Step 3: Edit the agent config file:

Step 4: add iptables rule:

Step 5: (auto)start the zabbix-agent server