Sunday, 7 February 2016
Thursday, 7 January 2016
MY YOUTUBE CHENNEL
Hello Guys
For Videos Of this Dcos Vist my You tube chennel
For Videos Of this Dcos Vist my You tube chennel
www.youtube.com/playlist?list=PLjW4KTPaakKLwPlvTIkAjpYvRgLnZ2kXI
Create SSL certificate
Step 1: Generate a Private Key
The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.
# openssl genrsa -des3 -out server.key 1024
Step 2: Generate a CSR (Certificate Signing Request)
# openssl req -new -key server.key -out server.csr
It will ask below detailsCountry Name (2 letter code) [GB]:CH
State or Province Name (full name) [Berkshire]:Bern
Locality Name (eg, city) [Newbury]:Oberdiessbach
Organization Name (eg, company) [My Company Ltd]:Akadia AG
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:public.akadia.com
Email Address []:martin dot zahn at akadia dot ch
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
State or Province Name (full name) [Berkshire]:Bern
Locality Name (eg, city) [Newbury]:Oberdiessbach
Organization Name (eg, company) [My Company Ltd]:Akadia AG
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:public.akadia.com
Email Address []:martin dot zahn at akadia dot ch
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Step 3: Remove Passphrase from Key
# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key
# openssl rsa -in server.key.org -out server.key
The newly created server.key file has no more passphrase in it.
Step 4: Generating a Self-Signed Certificate
To generate a temporary certificate which is good for 365 days, issue the following command:
#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
output:
Signature ok
subject=/C=CH/ST=Bern/L=Oberdiessbach/O=Akadia AG/OU=Information
Technology/CN=public.akadia.com/Email=martin dot zahn at akadia dot ch
Getting Private key
subject=/C=CH/ST=Bern/L=Oberdiessbach/O=Akadia AG/OU=Information
Technology/CN=public.akadia.com/Email=martin dot zahn at akadia dot ch
Getting Private key
Docker installation in Linux(ubuntu)
1 Installation Instructions for Ubuntu:
The simplest way to get docker, other than using the pre-built application image, is to go with a 64-bit Ubuntu 14.04
2.Update your Ubuntu
$ sudo apt-get update
$ sudo apt-get -y upgrade
3.Make sure aufs support is available:
$ sudo apt-get install linux-image-extra-`uname -r`
4.Add docker repository key to apt-key for package verification:
$ sudo apt-key adv --keyserver hkp://pgp.mit.edu:80 –recv-keys 58118E89F3A912897C070ADBF76221572C52609D
5.Add the docker repository to Apt sources:
$ echo "deb https://apt.dockerproject.org/repo ubuntu-trusty main" | sudo tee /etc/apt/sources.list.d/docker.list
6.Update the repository with the new addition:
$ sudo apt-get update
7. Finally, download and install docker:
$ sudo apt-get install docker-engine
8 Ubuntu's default firewall (UFW: Uncomplicated Firewall) denies all forwarding traffic by default, which is needed by docker.
Enable forwarding with UFW:
Edit UFW configuration using the nano text editor.
$ sudo nano /etc/default/ufw
Scroll down and find the line beginning with DEFAULTFORWARDPOLICY.
Replace:
DEFAULT_FORWARD_POLICY="DROP"
With:
DEFAULT_FORWARD_POLICY="ACCEPT"
save and close the editor.
9.Start the Docker service.
$ sudo service docker start
Nagios Server Installation and NRPE
1: Install Required Packages and Dependencies.
We assume that you have fresh installed CentOS, Red hat or Fedora systems, So our first requirement is to install Apache and PHP first. Use the following commands to complete it. You can find detailed LAMP setup instruction here.
Install Packages:
# yum install httpd php php-cli gcc glibc glibc-common gd gd-devel net-snmp openssl-devel make
yum install -y gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel
2: Setup User Accounts,
Now create a new nagios user account and setup a password to this account.
# useradd nagios
# passwd nagios
Now create a groud for nagios setup “nagcmd” and add nagios user to this group. Also add nagios user in apache group.
# groupadd nagcmd
# usermod -a -G nagcmd nagios
# usermod -a -G nagcmd apache
3: Install Nagios Core Service.
After installing required dependencies and adding user accounts. Lets start with Nagios core installation. Download latest nagios core service from official site.
# cd /opt/
# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.8.tar.gz
# tar -xf xxxx.tar.gz
# cd xxx
# ./configure --with-command-group=nagcmd
# make all
# make install
# make install-init
# make install-config
# make install-commandmode
Now use below command to setup apache configuration for Nagios installation.
# make install-webconf
4: Configure Apache Authentication.
We need to setup apache authentication for user nagiosadmin. Do not change this username. else you would required more changes in configuration.
# htpasswd -c /usr/local/nagios/etc/htpasswd.users <usernmae>
Now restart Apache service to make the new settings take effect.
# service httpd restart
5: Install Nagios Plugins.
After installing and configuring Nagios core service, Download latest nagios-plugins source and install using following commands.
# cd /opt
# wget http://nagios-plugins.org/download/nagios-plugins-2.0.3.tar.gz
# tar xzf nagios-plugins-2.0.3.tar.gz
# cd nagios-plugins-2.0.3
Now compile and install nagios plugins
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
# make
# make install
6: Verify and Start Nagios
Use the following commands to verify nagios install and start nagios core service.
# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# service nagios start
Also configure nagios service to start on system start.
# chkconfig --add nagios
# chkconfig nagios on
7: Access Nagios in Web Browser.
Nagios creates its own apache configuration file /etc/httpd/conf.d/nagios.conf. There are no need to make any changes to it. Simply open below url in browser.
[change domain name with your domain or ip]
http://<ip address>/nagios/
NRPE Installation in nagios-server
1. Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest version of NRPE
# wget wget http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
2.Extract the NRPE source code what your downloaded.
# tar -xf nrpe-2.8.tar.gz
Move in to directory
# cd nrpe-2.8
3.Compile the NRPE addon.
# ./configure
# make all
5.Install the NRPE plugin.
# make install-plugin
6. Test communication with the NRPE daemon.
Make sure the check_nrpe plugin can talk to the NRPE daemon on the remote host. Replace "192.168.0.1" in the
command below with the IP address of the remote host that has NRPE installed.
# /usr/local/nagios/libexec/check_nrpe -H 192.168.0.1
7.write command in commands.cfg file
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$}
Nagios Client installation in linux server
NAGIOS Client Installation
1. Login with root user.
$ sudo -i
2. Create user account with nagiso and setup password for user.
# useradd nagios
# passwd nagios
3. Download and Install the Nagios Plugins.
yum install gcc glibc glibc-common gd gd-devel net-snmp openssl-devel make
4 .Extract the Nagios plugins source code.
# tar -xf nagios-plugins-2.1.1.tar.gz
Move in to the directory.
Compile and install the plugins.
# ./configure
# make
# make install
The permissions on the plugin directory and the plugins will need to be fixed at this point, so run the following commands.
# chown nagios.nagios /usr/local/nagios
# chown -R nagios.nagios /usr/local/nagios/libexec
5.Install xinetd service.
# yum install xinetd
6.Now Install the NRPE daemon.
Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest versions).
# wget http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
7.Extract the NRPE source code.
# tar -xf xxx.tar.gz
Now Move in to extracted directory.
# cd xxx
8.Compile the NRPE addon.
# ./configure
# make all
Install the NRPE plugin (for testing), daemon, and sample daemon config file.
# make install-plugin
# make install-daemon
# make install-daemon-config
Install the NRPE daemon as a service under xinetd.
# make install-xinetd
9. Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the only_from directive.
# only_from= 127.0.0.1 <nagios_ip_address>
10. Add the following entry for the NRPE daemon to the /etc/services file.
nrpe 5666/tcp # NRPE
11. Restart the xinetd service.
# service xinetd restart
12.Test the NRPE daemon locally
Its time to see if things are working properly... Make sure the nrpe daemon is running under xinetd.
# netstat -at | grep nrpe
The output out this command should show something like this:
tcp 0 0 *:nrpe *:* LISTEN
If it does, great!
13. Next, check to make sure the NRPE daemon is functioning properly. To do this, run the check_nrpe plugin that was installed for testing purposes.
You should get a string back that tells you what version of NRPE is installed, like this:
NRPE v2.8x
Subscribe to:
Comments (Atom)